diff --git a/.generated_files b/.generated_files index e35011d94d6..c1d610bb55f 100644 --- a/.generated_files +++ b/.generated_files @@ -25,5 +25,3 @@ file-name types_swagger_doc_generated.go path-prefix Godeps/ path-prefix vendor/ path-prefix pkg/generated/ - -paths-from-repo docs/.generated_docs diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md index 999c3a6628b..1b455f65c6e 100644 --- a/.github/ISSUE_TEMPLATE/bug-report.md +++ b/.github/ISSUE_TEMPLATE/bug-report.md @@ -5,7 +5,10 @@ labels: kind/bug --- - + **What happened**: @@ -19,7 +22,7 @@ labels: kind/bug **Environment**: - Kubernetes version (use `kubectl version`): - Cloud provider or hardware configuration: -- OS (e.g. from /etc/os-release): +- OS (e.g: `cat /etc/os-release`): - Kernel (e.g. `uname -a`): - Install tools: - Others: diff --git a/.github/OWNERS b/.github/OWNERS index 5390e83a824..8443da33fc7 100644 --- a/.github/OWNERS +++ b/.github/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - castrojo - cblecker diff --git a/CHANGELOG-1.10.md b/CHANGELOG-1.10.md index 50390ae2023..2eeed529f22 100644 --- a/CHANGELOG-1.10.md +++ b/CHANGELOG-1.10.md @@ -1,96 +1,103 @@ -- [v1.10.12](#v11012) - - [Downloads for v1.10.12](#downloads-for-v11012) +- [v1.10.13](#v11013) + - [Downloads for v1.10.13](#downloads-for-v11013) - [Client Binaries](#client-binaries) - [Server Binaries](#server-binaries) - [Node Binaries](#node-binaries) - - [Changelog since v1.10.11](#changelog-since-v11011) + - [Changelog since v1.10.12](#changelog-since-v11012) - [Other notable changes](#other-notable-changes) -- [v1.10.11](#v11011) - - [Downloads for v1.10.11](#downloads-for-v11011) +- [v1.10.12](#v11012) + - [Downloads for v1.10.12](#downloads-for-v11012) - [Client Binaries](#client-binaries-1) - [Server Binaries](#server-binaries-1) - [Node Binaries](#node-binaries-1) - - [Changelog since v1.10.10](#changelog-since-v11010) + - [Changelog since v1.10.11](#changelog-since-v11011) - [Other notable changes](#other-notable-changes-1) -- [v1.10.10](#v11010) - - [Downloads for v1.10.10](#downloads-for-v11010) +- [v1.10.11](#v11011) + - [Downloads for v1.10.11](#downloads-for-v11011) - [Client Binaries](#client-binaries-2) - [Server Binaries](#server-binaries-2) - [Node Binaries](#node-binaries-2) - - [Changelog since v1.10.9](#changelog-since-v1109) + - [Changelog since v1.10.10](#changelog-since-v11010) - [Other notable changes](#other-notable-changes-2) -- [v1.10.9](#v1109) - - [Downloads for v1.10.9](#downloads-for-v1109) +- [v1.10.10](#v11010) + - [Downloads for v1.10.10](#downloads-for-v11010) - [Client Binaries](#client-binaries-3) - [Server Binaries](#server-binaries-3) - [Node Binaries](#node-binaries-3) - - [Changelog since v1.10.8](#changelog-since-v1108) + - [Changelog since v1.10.9](#changelog-since-v1109) - [Other notable changes](#other-notable-changes-3) -- [v1.10.8](#v1108) - - [Downloads for v1.10.8](#downloads-for-v1108) +- [v1.10.9](#v1109) + - [Downloads for v1.10.9](#downloads-for-v1109) - [Client Binaries](#client-binaries-4) - [Server Binaries](#server-binaries-4) - [Node Binaries](#node-binaries-4) - - [Changelog since v1.10.7](#changelog-since-v1107) + - [Changelog since v1.10.8](#changelog-since-v1108) - [Other notable changes](#other-notable-changes-4) -- [v1.10.7](#v1107) - - [Downloads for v1.10.7](#downloads-for-v1107) +- [v1.10.8](#v1108) + - [Downloads for v1.10.8](#downloads-for-v1108) - [Client Binaries](#client-binaries-5) - [Server Binaries](#server-binaries-5) - [Node Binaries](#node-binaries-5) - - [Changelog since v1.10.6](#changelog-since-v1106) - - [Action Required](#action-required) + - [Changelog since v1.10.7](#changelog-since-v1107) - [Other notable changes](#other-notable-changes-5) -- [v1.10.6](#v1106) - - [Downloads for v1.10.6](#downloads-for-v1106) +- [v1.10.7](#v1107) + - [Downloads for v1.10.7](#downloads-for-v1107) - [Client Binaries](#client-binaries-6) - [Server Binaries](#server-binaries-6) - [Node Binaries](#node-binaries-6) - - [Changelog since v1.10.5](#changelog-since-v1105) - - [Action Required](#action-required-1) + - [Changelog since v1.10.6](#changelog-since-v1106) + - [Action Required](#action-required) - [Other notable changes](#other-notable-changes-6) -- [v1.10.5](#v1105) - - [Downloads for v1.10.5](#downloads-for-v1105) +- [v1.10.6](#v1106) + - [Downloads for v1.10.6](#downloads-for-v1106) - [Client Binaries](#client-binaries-7) - [Server Binaries](#server-binaries-7) - [Node Binaries](#node-binaries-7) - - [Changelog since v1.10.4](#changelog-since-v1104) - - [Action Required](#action-required-2) + - [Changelog since v1.10.5](#changelog-since-v1105) + - [Action Required](#action-required-1) - [Other notable changes](#other-notable-changes-7) -- [v1.10.4](#v1104) - - [Downloads for v1.10.4](#downloads-for-v1104) +- [v1.10.5](#v1105) + - [Downloads for v1.10.5](#downloads-for-v1105) - [Client Binaries](#client-binaries-8) - [Server Binaries](#server-binaries-8) - [Node Binaries](#node-binaries-8) - - [Changelog since v1.10.3](#changelog-since-v1103) + - [Changelog since v1.10.4](#changelog-since-v1104) + - [Action Required](#action-required-2) - [Other notable changes](#other-notable-changes-8) -- [v1.10.3](#v1103) - - [Downloads for v1.10.3](#downloads-for-v1103) +- [v1.10.4](#v1104) + - [Downloads for v1.10.4](#downloads-for-v1104) - [Client Binaries](#client-binaries-9) - [Server Binaries](#server-binaries-9) - [Node Binaries](#node-binaries-9) - - [Changelog since v1.10.2](#changelog-since-v1102) + - [Changelog since v1.10.3](#changelog-since-v1103) - [Other notable changes](#other-notable-changes-9) -- [v1.10.2](#v1102) - - [Downloads for v1.10.2](#downloads-for-v1102) +- [v1.10.3](#v1103) + - [Downloads for v1.10.3](#downloads-for-v1103) - [Client Binaries](#client-binaries-10) - [Server Binaries](#server-binaries-10) - [Node Binaries](#node-binaries-10) - - [Changelog since v1.10.1](#changelog-since-v1101) + - [Changelog since v1.10.2](#changelog-since-v1102) - [Other notable changes](#other-notable-changes-10) -- [v1.10.1](#v1101) - - [Downloads for v1.10.1](#downloads-for-v1101) +- [v1.10.2](#v1102) + - [Downloads for v1.10.2](#downloads-for-v1102) - [Client Binaries](#client-binaries-11) - [Server Binaries](#server-binaries-11) - [Node Binaries](#node-binaries-11) - - [Changelog since v1.10.0](#changelog-since-v1100) + - [Changelog since v1.10.1](#changelog-since-v1101) - [Other notable changes](#other-notable-changes-11) -- [v1.10.0](#v1100) - - [Downloads for v1.10.0](#downloads-for-v1100) +- [v1.10.1](#v1101) + - [Downloads for v1.10.1](#downloads-for-v1101) - [Client Binaries](#client-binaries-12) - [Server Binaries](#server-binaries-12) - [Node Binaries](#node-binaries-12) + - [Changelog since v1.10.0](#changelog-since-v1100) + - [Other notable changes](#other-notable-changes-12) +- [v1.10.0](#v1100) + - [Downloads for v1.10.0](#downloads-for-v1100) + - [Client Binaries](#client-binaries-13) + - [Server Binaries](#server-binaries-13) + - [Node Binaries](#node-binaries-13) - [Major Themes](#major-themes) - [Node](#node) - [Storage](#storage) @@ -104,7 +111,7 @@ - [Before Upgrading](#before-upgrading) - [Known Issues](#known-issues) - [Deprecations](#deprecations) - - [Other Notable Changes](#other-notable-changes-12) + - [Other Notable Changes](#other-notable-changes-13) - [Apps](#apps) - [AWS](#aws) - [Auth](#auth-1) @@ -127,69 +134,125 @@ - [External Dependencies](#external-dependencies) - [v1.10.0-rc.1](#v1100-rc1) - [Downloads for v1.10.0-rc.1](#downloads-for-v1100-rc1) - - [Client Binaries](#client-binaries-13) - - [Server Binaries](#server-binaries-13) - - [Node Binaries](#node-binaries-13) - - [Changelog since v1.10.0-beta.4](#changelog-since-v1100-beta4) - - [Other notable changes](#other-notable-changes-13) -- [v1.10.0-beta.4](#v1100-beta4) - - [Downloads for v1.10.0-beta.4](#downloads-for-v1100-beta4) - [Client Binaries](#client-binaries-14) - [Server Binaries](#server-binaries-14) - [Node Binaries](#node-binaries-14) - - [Changelog since v1.10.0-beta.3](#changelog-since-v1100-beta3) + - [Changelog since v1.10.0-beta.4](#changelog-since-v1100-beta4) - [Other notable changes](#other-notable-changes-14) -- [v1.10.0-beta.3](#v1100-beta3) - - [Downloads for v1.10.0-beta.3](#downloads-for-v1100-beta3) +- [v1.10.0-beta.4](#v1100-beta4) + - [Downloads for v1.10.0-beta.4](#downloads-for-v1100-beta4) - [Client Binaries](#client-binaries-15) - [Server Binaries](#server-binaries-15) - [Node Binaries](#node-binaries-15) - - [Changelog since v1.10.0-beta.2](#changelog-since-v1100-beta2) + - [Changelog since v1.10.0-beta.3](#changelog-since-v1100-beta3) - [Other notable changes](#other-notable-changes-15) -- [v1.10.0-beta.2](#v1100-beta2) - - [Downloads for v1.10.0-beta.2](#downloads-for-v1100-beta2) +- [v1.10.0-beta.3](#v1100-beta3) + - [Downloads for v1.10.0-beta.3](#downloads-for-v1100-beta3) - [Client Binaries](#client-binaries-16) - [Server Binaries](#server-binaries-16) - [Node Binaries](#node-binaries-16) - - [Changelog since v1.10.0-beta.1](#changelog-since-v1100-beta1) - - [Action Required](#action-required-3) + - [Changelog since v1.10.0-beta.2](#changelog-since-v1100-beta2) - [Other notable changes](#other-notable-changes-16) -- [v1.10.0-beta.1](#v1100-beta1) - - [Downloads for v1.10.0-beta.1](#downloads-for-v1100-beta1) +- [v1.10.0-beta.2](#v1100-beta2) + - [Downloads for v1.10.0-beta.2](#downloads-for-v1100-beta2) - [Client Binaries](#client-binaries-17) - [Server Binaries](#server-binaries-17) - [Node Binaries](#node-binaries-17) - - [Changelog since v1.10.0-alpha.3](#changelog-since-v1100-alpha3) - - [Action Required](#action-required-4) + - [Changelog since v1.10.0-beta.1](#changelog-since-v1100-beta1) + - [Action Required](#action-required-3) - [Other notable changes](#other-notable-changes-17) -- [v1.10.0-alpha.3](#v1100-alpha3) - - [Downloads for v1.10.0-alpha.3](#downloads-for-v1100-alpha3) +- [v1.10.0-beta.1](#v1100-beta1) + - [Downloads for v1.10.0-beta.1](#downloads-for-v1100-beta1) - [Client Binaries](#client-binaries-18) - [Server Binaries](#server-binaries-18) - [Node Binaries](#node-binaries-18) - - [Changelog since v1.10.0-alpha.2](#changelog-since-v1100-alpha2) + - [Changelog since v1.10.0-alpha.3](#changelog-since-v1100-alpha3) + - [Action Required](#action-required-4) - [Other notable changes](#other-notable-changes-18) -- [v1.10.0-alpha.2](#v1100-alpha2) - - [Downloads for v1.10.0-alpha.2](#downloads-for-v1100-alpha2) +- [v1.10.0-alpha.3](#v1100-alpha3) + - [Downloads for v1.10.0-alpha.3](#downloads-for-v1100-alpha3) - [Client Binaries](#client-binaries-19) - [Server Binaries](#server-binaries-19) - [Node Binaries](#node-binaries-19) - - [Changelog since v1.10.0-alpha.1](#changelog-since-v1100-alpha1) - - [Action Required](#action-required-5) + - [Changelog since v1.10.0-alpha.2](#changelog-since-v1100-alpha2) - [Other notable changes](#other-notable-changes-19) -- [v1.10.0-alpha.1](#v1100-alpha1) - - [Downloads for v1.10.0-alpha.1](#downloads-for-v1100-alpha1) +- [v1.10.0-alpha.2](#v1100-alpha2) + - [Downloads for v1.10.0-alpha.2](#downloads-for-v1100-alpha2) - [Client Binaries](#client-binaries-20) - [Server Binaries](#server-binaries-20) - [Node Binaries](#node-binaries-20) + - [Changelog since v1.10.0-alpha.1](#changelog-since-v1100-alpha1) + - [Action Required](#action-required-5) + - [Other notable changes](#other-notable-changes-20) +- [v1.10.0-alpha.1](#v1100-alpha1) + - [Downloads for v1.10.0-alpha.1](#downloads-for-v1100-alpha1) + - [Client Binaries](#client-binaries-21) + - [Server Binaries](#server-binaries-21) + - [Node Binaries](#node-binaries-21) - [Changelog since v1.9.0](#changelog-since-v190) - [Action Required](#action-required-6) - - [Other notable changes](#other-notable-changes-20) + - [Other notable changes](#other-notable-changes-21) +# v1.10.13 + +[Documentation](https://docs.k8s.io) + +## Downloads for v1.10.13 + + +filename | sha512 hash +-------- | ----------- +[kubernetes.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes.tar.gz) | `8add1e0bb21e5d3be1a91301d522782c3b867d55a48ce865331db23d35cca0ad4289279332dbf74a4c45ccc4ea9dc160cef98e44b7b6bcd072196f099059b913` +[kubernetes-src.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-src.tar.gz) | `65b37053be2b323e21ddec4d2d7abb1614f20fd467d1d420fb880b6e61734eadbe8aaf55f30e5ae5b02e03de746924a64a85459352190848be102f62a768cb21` + +### Client Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-client-darwin-386.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-darwin-386.tar.gz) | `05be88ada7db616a3ccdc50d47136ab1a9213879b65c81db81bbd06c7c97db6dbeb3d05ed1b6fc06d7e399f26428718792b133706b7b274ac7f6981193403647` +[kubernetes-client-darwin-amd64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-darwin-amd64.tar.gz) | `351769fa9caf9d285d47fb21bd25f8876b00d0d079d14e407b342467e824c61e936049a6adb6f42a7323129f37e8218448a790daa9835db540f0016d71e81139` +[kubernetes-client-linux-386.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-linux-386.tar.gz) | `c7668ec89f32ad524dcaa6f87e9c6646a0d97165daa436a8915e72b2b7f3f6f55231041e44c91e22adbb62e9b7bd9e60360611c5ccd801c3b74fe4e98238995b` +[kubernetes-client-linux-amd64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-linux-amd64.tar.gz) | `2355ab1e140ea9a117fd5ea04bbf3795e14880bafc8c177c9797d40244c523d5b8ef6f2c72be252e7e0439eb659258ef9ace3bab9a72213e494ee0bef9c2e0c0` +[kubernetes-client-linux-arm.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-linux-arm.tar.gz) | `3aa45783210b465af7a8217ff167ef5a6d2e0318231b451a3eafe9f09799c8f10531dcbc352cef04fdaa7a024205f635ccf3a61b2eb7c1d2d303f002b61250ae` +[kubernetes-client-linux-arm64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-linux-arm64.tar.gz) | `e02b43419b8b6d19c18bc03c751df1a29489d8cd0e247c6ac430f83a5f1227671cbf56407cf266fb113dddb3e9353f18f8ce9bcfe83f52a45af3b667898d6ef5` +[kubernetes-client-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-linux-ppc64le.tar.gz) | `339fccf4a82898d087d5c48e0c13a4652e8f37b6a5423e7aad4262bbda137d5e5ebd7de96b30bd2c9ef4d0f84d610359a48b4b67591576e298355185d63d0d46` +[kubernetes-client-linux-s390x.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-linux-s390x.tar.gz) | `b7dd449defcd1b47db78472c8740f99ad96bb921d64db37b57cb9392a055afba4380a012186b28a52518377f96048d47799370497a829f1b474aea0cbac9971f` +[kubernetes-client-windows-386.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-windows-386.tar.gz) | `64657c29c4b90029c9a0739e67566c1a0e781e7ad3a133833f2a7cd4d88a7f16db4c0ed28a5473aecd96dfa4cf8d2cd2fe6f7d72633a2538739497196d704521` +[kubernetes-client-windows-amd64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-client-windows-amd64.tar.gz) | `71bfcea7ff941320b225b5b896c8e2dd6fe1165b05b95d512cefa31950e972b5db95788c2bb031097d5d17408e537af60c0b5b3edca707c472fad80f04fc35d4` + +### Server Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-server-linux-amd64.tar.gz) | `6ece286535569786579233809fee92307a103c30947e1350fa009fab29b9f45e82c065f6d3576025ea1499c9a58ee97d2386f540aee3e789aa0b2aaf2b388aca` +[kubernetes-server-linux-arm.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-server-linux-arm.tar.gz) | `35aaaffdf478b6044146d620bd867b1d09e290537ec4200ab29b06fddb3425a339ebadaa5463cd10f0797df00d696a2bfab1a48db9b4a682b1b5d7ba2b7f3fb1` +[kubernetes-server-linux-arm64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-server-linux-arm64.tar.gz) | `dfd7edc27cef7b2750790f3d6b71c4a2beb8b3e4716a3f8a2033708cfed93bb351f60b1af424520e5ce89b159f797a56094a327ce62c08dd2a72fbac69a06b9e` +[kubernetes-server-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-server-linux-ppc64le.tar.gz) | `7f877383ea353510b6e27d6485bac09b71aacae028dc2e9ddf1bbdaca129283aac2cbdb9c0c3bd3542513d268c37eb5efdec2a0711e613337631df3ed4e21992` +[kubernetes-server-linux-s390x.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-server-linux-s390x.tar.gz) | `c2e5eb5bf18a127c25ac6a9f182bc8bc36b5d3962f996ce24ebb85dd25704a7da34f1c7eeed1710757b1cbb788a5b20c2e72caefba3d76b9580ac05a39469843` + +### Node Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-node-linux-amd64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-node-linux-amd64.tar.gz) | `28bed15d3e9b3bfb1d70c6dcd5c0c0f7b6f1c096c796d778f548856f4a446437377d5a4b5b939dc577ebfe8c3e6dbf2d594da77c9fdb8b514fc75c9e0a7b7471` +[kubernetes-node-linux-arm.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-node-linux-arm.tar.gz) | `48b04f7bbe3604429270ad2a1516b3898748153d184213cbb1e7f05571f3cfb4d4588ec2f5fb6f03ac5a666022d7df27e6c60236852fb38bd3240565a96e76c0` +[kubernetes-node-linux-arm64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-node-linux-arm64.tar.gz) | `506299ddf40d53ecf3fe377db6ef9ab8459f47210490108c1af2d5135c53279b8de3dcc0a16bb6014bdd1aae8aaf52cefc123b317b97eaba23d2c5fcaf0c7bd2` +[kubernetes-node-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-node-linux-ppc64le.tar.gz) | `1887d3f85448c35cc1debe4dadde3ccbca6b5c384726c047dff948e17b3df854e78626b4b8c2c2fb4174899e39cbc2b8cd799459d92e4c29f7962150060e9ed5` +[kubernetes-node-linux-s390x.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-node-linux-s390x.tar.gz) | `6c2323040b763dbd4b42fd1f1f6154f061f26909fb26b0c663668d9df4673dcaf35be28a35738b97fc00dfa195eefe28982a8bab4aae1bb95d5a21df7a59e33e` +[kubernetes-node-windows-amd64.tar.gz](https://dl.k8s.io/v1.10.13/kubernetes-node-windows-amd64.tar.gz) | `002a3d1aab5b928943c6a4378f0af5a3c0844c6fa65a21c1bc0e66ef198bc47a04659fedc00c32d973747d15e92f7dd90c8fca042b0a0ed591baffc51727a703` + +## Changelog since v1.10.12 + +### Other notable changes + +* Fixes spurious 0-length API responses. ([#72856](https://github.com/kubernetes/kubernetes/pull/72856), [@liggitt](https://github.com/liggitt)) + + + # v1.10.12 [Documentation](https://docs.k8s.io) diff --git a/CHANGELOG-1.14.md b/CHANGELOG-1.14.md index fdf69f14f0b..fc6489ff4fd 100644 --- a/CHANGELOG-1.14.md +++ b/CHANGELOG-1.14.md @@ -1,25 +1,156 @@ -- [v1.14.0-alpha.2](#v1140-alpha2) - - [Downloads for v1.14.0-alpha.2](#downloads-for-v1140-alpha2) +- [v1.14.0-alpha.3](#v1140-alpha3) + - [Downloads for v1.14.0-alpha.3](#downloads-for-v1140-alpha3) - [Client Binaries](#client-binaries) - [Server Binaries](#server-binaries) - [Node Binaries](#node-binaries) - - [Changelog since v1.14.0-alpha.1](#changelog-since-v1140-alpha1) + - [Changelog since v1.14.0-alpha.2](#changelog-since-v1140-alpha2) - [Action Required](#action-required) - [Other notable changes](#other-notable-changes) -- [v1.14.0-alpha.1](#v1140-alpha1) - - [Downloads for v1.14.0-alpha.1](#downloads-for-v1140-alpha1) +- [v1.14.0-alpha.2](#v1140-alpha2) + - [Downloads for v1.14.0-alpha.2](#downloads-for-v1140-alpha2) - [Client Binaries](#client-binaries-1) - [Server Binaries](#server-binaries-1) - [Node Binaries](#node-binaries-1) - - [Changelog since v1.13.0](#changelog-since-v1130) + - [Changelog since v1.14.0-alpha.1](#changelog-since-v1140-alpha1) - [Action Required](#action-required-1) - [Other notable changes](#other-notable-changes-1) +- [v1.14.0-alpha.1](#v1140-alpha1) + - [Downloads for v1.14.0-alpha.1](#downloads-for-v1140-alpha1) + - [Client Binaries](#client-binaries-2) + - [Server Binaries](#server-binaries-2) + - [Node Binaries](#node-binaries-2) + - [Changelog since v1.13.0](#changelog-since-v1130) + - [Action Required](#action-required-2) + - [Other notable changes](#other-notable-changes-2) +# v1.14.0-alpha.3 + +[Documentation](https://docs.k8s.io) + +## Downloads for v1.14.0-alpha.3 + + +filename | sha512 hash +-------- | ----------- +[kubernetes.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes.tar.gz) | `5060dcf689dad4e19da5029eb8fc3060a4b2bad988fddff438d0703a45c02481bcfbc15f45d2855f4fd5e9eb43847400ebb25dce19e24f0e0e194a7f57176ce5` +[kubernetes-src.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-src.tar.gz) | `754c948b5d25b01f211866d473257be5fb576b4b97703eb6fc08679d6525e1f53195a450f3f47b77fabb92bf058583b66230959197b5bcf72528e54ccb349c07` + +### Client Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-client-darwin-386.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-darwin-386.tar.gz) | `5bd74dfc86bacf89d6b05d541e13bf390216039a42cc90fef2b248820acd84f56a445ec66d52497ff77e1af47455f285c993cd1d44cc3050996189bd328ea2be` +[kubernetes-client-darwin-amd64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-darwin-amd64.tar.gz) | `34e16661d66d337083583dfb478756ec8cc664d7cfc2dd1817bf1da03cdc380668be9df9f178b5fd5ccab5014e6686f83b9fee6192fbf77d2298d397e872a893` +[kubernetes-client-linux-386.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-linux-386.tar.gz) | `15f99e85bcc95f7b8e1b4c6ecc23de36e89a54108003db926e97ec2e7253f363f6ed85e39a47305dbccf596f72e88edd7bcda6d528919da9c0b81541f58506d4` +[kubernetes-client-linux-amd64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-linux-amd64.tar.gz) | `2e61cf9b776150c4f1830d068ffee9701cb04979152ed6b62fc1bf53163e6194029a4f75536e7fda71c3dfce1de285f425bde342a4efdd1f7bf973f105750ac4` +[kubernetes-client-linux-arm.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-linux-arm.tar.gz) | `67fb3805bb1b4a77f6603fbde9bd1d26e179de1a594c85618aa7b17be6abc510a9a0cd499ef4fe974574cf73b364da641121f21864c8472d713eec76e4c52bca` +[kubernetes-client-linux-arm64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-linux-arm64.tar.gz) | `28930dc384b51051081a52874bc4d6dafa3c992dfa214b977ef711de2c2bc3f90bdaa6243bded1e750997fec04b8ffb910db21c266e47e09426c4dbaf916a64d` +[kubernetes-client-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-linux-ppc64le.tar.gz) | `f59eda797a57961d52fe67ba8b25a3a10267f9ce46029ed2140ef4b02615ba9944bd83d7a6e7874c7268a09a3422858b9b0c31f861941ef8be126c594fc3a7cc` +[kubernetes-client-linux-s390x.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-linux-s390x.tar.gz) | `c56bfb64e55cf95251157a8229a3e94310b2c46bb1c1250050893873e3112578978c1f8e29fa56fac63e2aa8a6382523ac34baf6dd523fe0919f8d702521a564` +[kubernetes-client-windows-386.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-windows-386.tar.gz) | `e49a00fbe600892dc5eed0bc21bac64806da65280c818ca79b5e8adbed7fd5ecebb6b647cb9b89ac862257995145b2397996122eefb3c8d127d857c89c29c9ae` +[kubernetes-client-windows-amd64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-client-windows-amd64.tar.gz) | `797e20969ed4935adcbc80ccbcd72ec5aa697e70b0d071eceefc6dbacea69aff9f6660e7eefad6661ace0afb66067c4ffaa4f6bc82e8b081b57811ab0abde218` + +### Server Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-server-linux-amd64.tar.gz) | `eddfc9afd7337475c3865443170d1425dcf4a87d981555871a69bcf132e73d99b1ffa08a00490b30c60232f47bbeca4ad6253cf7e1dad44797b4af044dbdbef4` +[kubernetes-server-linux-arm.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-server-linux-arm.tar.gz) | `dc85cd3a039cc0516beb19018c8378f3b7b88fa2edb8fa1476305e89eb7c64fef2d938bd48fd257ea8e690f7d84a69e9784a42aabed35e83ea7362c60773ba67` +[kubernetes-server-linux-arm64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-server-linux-arm64.tar.gz) | `d7c3a72abaa4c3e3243f8b4b3a8adb8be2758e0f883423ea62d2c61b2081464a8976ad43ea0640a7e453aa4d389e3ea2d6d1baedf3b50e1171eca6e49cd087fe` +[kubernetes-server-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-server-linux-ppc64le.tar.gz) | `b268a94eb056eea8bdf4d5739dec430f75a6a6b3c18e30df68d970c3566b3e4a638b3577f6219596ae54eac740628a7ebfecb0772645e6d960f790235e1d62c7` +[kubernetes-server-linux-s390x.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-server-linux-s390x.tar.gz) | `f4cfd8d2faacdd1f0065f9e0f4f8d0db7bd8f438f812f70a07f4cb5272ae9bed3ec876b3cbaf2f2a71e65e4de725e1dc0829b43f60f43c9e43656ac928657d5e` + +### Node Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-node-linux-amd64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-node-linux-amd64.tar.gz) | `7040ee3c032ec4fe14530c3e47ee53d731acb947b06e2d560cbcd0e7e513142c0f300302059aaef03e24311946a9c59b576948eec9b520e2367f28fc4f80226c` +[kubernetes-node-linux-arm.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-node-linux-arm.tar.gz) | `3d32e5243d1c65bce573cfb0f60d643ef3fc684a15551dbc8c3d5435e6854ff104c46c77b0b8708d9c661d52f7865a197ea758f0c17e1ed991993674929ea75e` +[kubernetes-node-linux-arm64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-node-linux-arm64.tar.gz) | `d3a17027fa1c057528422b35e32260f5b7c7246400df595f0ebda5d150456d4388129b1ead4229f98f2b461ff9e85382a7da0d682541844a3c06f0aebe0469b6` +[kubernetes-node-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-node-linux-ppc64le.tar.gz) | `89ed1f5093b49ab9d58d7a70089e881bf388f3316cb2607fa18e3bf072aff3d27aabe99124334774e63decb67349eb82f33ea509b56a72a51e1443c3352b4558` +[kubernetes-node-linux-s390x.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-node-linux-s390x.tar.gz) | `755a60824a9b8c4090a791d332e410692708ecece90e37388f58eb2c7ddddea6b859fefcc5a53ec3d275fee0a355086f4446ae8e85482a668d248cca9f5e503c` +[kubernetes-node-windows-amd64.tar.gz](https://dl.k8s.io/v1.14.0-alpha.3/kubernetes-node-windows-amd64.tar.gz) | `c71d8055d89e535771f345e0f673da021915a7a82c75951855ba2574a4250c8a57d0636b4ec9bba209edde8edef30098c6dec2f80403cd46139bb88d814c3751` + +## Changelog since v1.14.0-alpha.2 + +### Action Required + +* The --storage-versions flag of kube-apiserver is removed. The storage versions will always be the default value built-in the kube-apiserver binary. ([#67678](https://github.com/kubernetes/kubernetes/pull/67678), [@caesarxuchao](https://github.com/caesarxuchao)) + +### Other notable changes + +* fix [#73264](https://github.com/kubernetes/kubernetes/pull/73264) cpuPeriod was not reset, but used as set via flag, although it was disabled via alpha gate ([#73342](https://github.com/kubernetes/kubernetes/pull/73342), [@szuecs](https://github.com/szuecs)) +* Update kubelet CLI summary documentation and generated Webpage ([#73256](https://github.com/kubernetes/kubernetes/pull/73256), [@deitch](https://github.com/deitch)) +* Considerably reduced the CPU load in kube-apiserver while aggregating OpenAPI specifications from aggregated API servers. ([#71223](https://github.com/kubernetes/kubernetes/pull/71223), [@sttts](https://github.com/sttts)) +* kubeadm: add a preflight check that throws a warning if the cgroup driver for Docker on Linux is not "systemd" as per the k8s.io CRI installation guide. ([#73837](https://github.com/kubernetes/kubernetes/pull/73837), [@neolit123](https://github.com/neolit123)) +* Kubelet: add usageNanoCores from CRI stats provider ([#73659](https://github.com/kubernetes/kubernetes/pull/73659), [@feiskyer](https://github.com/feiskyer)) +* Fix watch to not send the same set of events multiple times causing watcher to go back in time ([#73845](https://github.com/kubernetes/kubernetes/pull/73845), [@wojtek-t](https://github.com/wojtek-t)) +* `system:kube-controller-manager` and `system:kube-scheduler` users are now permitted to perform delegated authentication/authorization checks by default RBAC policy ([#72491](https://github.com/kubernetes/kubernetes/pull/72491), [@liggitt](https://github.com/liggitt)) +* Prevent AWS Network Load Balancer security groups ingress rules to be deleted by ensuring target groups are tagged. ([#73594](https://github.com/kubernetes/kubernetes/pull/73594), [@masterzen](https://github.com/masterzen)) +* Set a low oom_score_adj for containers in pods with system-critical priorities ([#73758](https://github.com/kubernetes/kubernetes/pull/73758), [@sjenning](https://github.com/sjenning)) +* Ensure directories on volumes are group-executable when using fsGroup ([#73533](https://github.com/kubernetes/kubernetes/pull/73533), [@mxey](https://github.com/mxey)) +* kube-apiserver now only aggregates openapi schemas from `/openapi/v2` endpoints of aggregated API servers. The fallback to aggregate from `/swagger.json` has been removed. Ensure aggregated API servers provide schema information via `/openapi/v2` (available since v1.10). ([#73441](https://github.com/kubernetes/kubernetes/pull/73441), [@roycaihw](https://github.com/roycaihw)) +* Change docker metrics to conform metrics guidelines and using histogram for better aggregation. ([#72323](https://github.com/kubernetes/kubernetes/pull/72323), [@danielqsj](https://github.com/danielqsj)) + * The following metrics are deprecated, and will be removed in a future release: + * `docker_operations` + * `docker_operations_latency_microseconds` + * `docker_operations_errors` + * `docker_operations_timeout` + * `network_plugin_operations_latency_microseconds` + * Please convert to the following metrics: + * `docker_operations_total` + * `docker_operations_latency_seconds` + * `docker_operations_errors_total` + * `docker_operations_timeout_total` + * `network_plugin_operations_latency_seconds` +* `kubectl delete --all-namespaces` is a recognized flag. ([#73716](https://github.com/kubernetes/kubernetes/pull/73716), [@deads2k](https://github.com/deads2k)) +* MAC Address filter has been fixed in vSphere Cloud Provider, it no longer ignores `00:1c:14` and `00:05:69` prefixes ([#73721](https://github.com/kubernetes/kubernetes/pull/73721), [@frapposelli](https://github.com/frapposelli)) +* Add kubelet_node_name metrics. ([#72910](https://github.com/kubernetes/kubernetes/pull/72910), [@danielqsj](https://github.com/danielqsj)) +* The HugePages feature gate has graduated to GA, and can no longer be disabled. The feature gate will be removed in v1.16 ([#72785](https://github.com/kubernetes/kubernetes/pull/72785), [@derekwaynecarr](https://github.com/derekwaynecarr)) +* Fix a bug that aggregated openapi spec may override swagger securityDefinitions and swagger info in kube-apiserver ([#73484](https://github.com/kubernetes/kubernetes/pull/73484), [@roycaihw](https://github.com/roycaihw)) +* Fixes a bug that prevented deletion of dynamically provisioned volumes in Quobyte backends. ([#68925](https://github.com/kubernetes/kubernetes/pull/68925), [@casusbelli](https://github.com/casusbelli)) +* error messages returned in authentication webhook status responses are now correctly included in the apiserver log ([#73595](https://github.com/kubernetes/kubernetes/pull/73595), [@liggitt](https://github.com/liggitt)) +* kubeadm: `kubeadm alpha preflight` and `kubeadm alpha preflight node` are removed; you can now use `kubeadm join phase preflight` ([#73718](https://github.com/kubernetes/kubernetes/pull/73718), [@fabriziopandini](https://github.com/fabriziopandini)) +* kube-apiserver: the deprecated `repair-malformed-updates` has been removed ([#73663](https://github.com/kubernetes/kubernetes/pull/73663), [@danielqsj](https://github.com/danielqsj)) +* e2e.test now rejects unknown --provider values instead of merely warning about them. An empty provider name is not accepted anymore and was replaced by "skeleton" (= a provider with no special behavior). ([#73402](https://github.com/kubernetes/kubernetes/pull/73402), [@pohly](https://github.com/pohly)) +* Updated AWS SDK to v1.16.26 for ECR PrivateLink support ([#73435](https://github.com/kubernetes/kubernetes/pull/73435), [@micahhausler](https://github.com/micahhausler)) +* Expand kubectl wait to work with more types of selectors. ([#71746](https://github.com/kubernetes/kubernetes/pull/71746), [@rctl](https://github.com/rctl)) +* The CustomPodDNS feature gate has graduated to GA, and can no longer be disabled. The feature gate will be removed in v1.16 ([#72832](https://github.com/kubernetes/kubernetes/pull/72832), [@MrHohn](https://github.com/MrHohn)) +* The `rules` field in RBAC Role and ClusterRole objects is now correctly reported as optional in the openapi schema. ([#73250](https://github.com/kubernetes/kubernetes/pull/73250), [@liggitt](https://github.com/liggitt)) +* AWS ELB health checks will now use HTTPS/SSL protocol for HTTPS/SSL backends. ([#70309](https://github.com/kubernetes/kubernetes/pull/70309), [@2rs2ts](https://github.com/2rs2ts)) +* kubeadm reset: fixed crash caused by absence of a configuration file ([#73636](https://github.com/kubernetes/kubernetes/pull/73636), [@bart0sh](https://github.com/bart0sh)) +* CoreDNS is now version 1.3.1 ([#73610](https://github.com/kubernetes/kubernetes/pull/73610), [@rajansandeep](https://github.com/rajansandeep)) + * - A new `k8s_external` plugin that allows external zones to point to Kubernetes in-cluster services. + * - CoreDNS now checks if a zone transfer is allowed. Also allow a TTL of 0 to avoid caching in the cache plugin. + * - TTL is also applied to negative responses (NXDOMAIN, etc). + +* Missing directories listed in a user's PATH are no longer considered errors and are instead logged by the "kubectl plugin list" command when listing available plugins. ([#73542](https://github.com/kubernetes/kubernetes/pull/73542), [@juanvallejo](https://github.com/juanvallejo)) +* remove kubelet flag '--experimental-fail-swap-on' (deprecated in v1.8) ([#69552](https://github.com/kubernetes/kubernetes/pull/69552), [@Pingan2017](https://github.com/Pingan2017)) +* Introduced support for Windows nodes into the cluster bringup scripts for GCE. ([#73442](https://github.com/kubernetes/kubernetes/pull/73442), [@pjh](https://github.com/pjh)) +* Now users could get object info like: ([#73063](https://github.com/kubernetes/kubernetes/pull/73063), [@WanLinghao](https://github.com/WanLinghao)) + * a. kubectl get pod test-pod -o custom-columns=CONTAINER:.spec.containers[0:3].name + * b. kubectl get pod test-pod -o custom-columns=CONTAINER:.spec.containers[-2:].name +* scheduler: use incremental scheduling cycle in PriorityQueue to put all in-flight unschedulable pods back to active queue if we received move request ([#73309](https://github.com/kubernetes/kubernetes/pull/73309), [@cofyc](https://github.com/cofyc)) +* fixes an error processing watch events when running skewed apiservers ([#73482](https://github.com/kubernetes/kubernetes/pull/73482), [@liggitt](https://github.com/liggitt)) +* Prometheus metrics for crd_autoregister, crd_finalizer and crd_naming_condition_controller are exported. ([#71767](https://github.com/kubernetes/kubernetes/pull/71767), [@roycaihw](https://github.com/roycaihw)) +* Adds deleting pods created by DaemonSet assigned to not existing nodes. ([#73401](https://github.com/kubernetes/kubernetes/pull/73401), [@krzysztof-jastrzebski](https://github.com/krzysztof-jastrzebski)) +* Graduate Pod Priority and Preemption to GA. ([#73498](https://github.com/kubernetes/kubernetes/pull/73498), [@bsalamat](https://github.com/bsalamat)) +* Adds configuration for AWS endpoint fine control: ([#72245](https://github.com/kubernetes/kubernetes/pull/72245), [@ampsingram](https://github.com/ampsingram)) + * OverrideEndpoints bool Set to true to allow custom endpoints + * ServiceDelimiter string Delimiter to use to separate overridden services (multiple services) Defaults to "&" + * ServicenameDelimiter string Delimiter to use to separate servicename from its configuration parameters Defaults "|" + * OverrideSeparator string Delimiter to use to separate region of occurrence, url and signing region for each override Defaults to "," + * ServiceOverrides string example: s3|region1, https://s3.foo.bar, some signing_region & ec2|region2, https://ec2.foo.bar, signing_region +* The CoreDNS configuration now has the forward plugin for proxy in the default configuration instead of the proxy plugin. ([#73267](https://github.com/kubernetes/kubernetes/pull/73267), [@rajansandeep](https://github.com/rajansandeep)) +* Fixed a bug that caused PV allocation on non-English vSphere installations to fail ([#73115](https://github.com/kubernetes/kubernetes/pull/73115), [@alvaroaleman](https://github.com/alvaroaleman)) + + + # v1.14.0-alpha.2 [Documentation](https://docs.k8s.io) diff --git a/CHANGELOG-1.8.md b/CHANGELOG-1.8.md index 42848a7d8a2..1e00bc588a6 100644 --- a/CHANGELOG-1.8.md +++ b/CHANGELOG-1.8.md @@ -2390,7 +2390,7 @@ filename | sha256 hash * add fieldSelector spec.schedulerName ([#50582](https://github.com/kubernetes/kubernetes/pull/50582), [@dixudx](https://github.com/dixudx)) * Change eviction manager to manage one single local ephemeral storage resource ([#50889](https://github.com/kubernetes/kubernetes/pull/50889), [@NickrenREN](https://github.com/NickrenREN)) * Cloud Controller Manager now sets Node.Spec.ProviderID ([#50730](https://github.com/kubernetes/kubernetes/pull/50730), [@andrewsykim](https://github.com/andrewsykim)) -* Paramaterize session affinity timeout seconds in service API for Client IP based session affinity. ([#49850](https://github.com/kubernetes/kubernetes/pull/49850), [@m1093782566](https://github.com/m1093782566)) +* Parameterize session affinity timeout seconds in service API for Client IP based session affinity. ([#49850](https://github.com/kubernetes/kubernetes/pull/49850), [@m1093782566](https://github.com/m1093782566)) * Changing scheduling part of the alpha feature 'LocalStorageCapacityIsolation' to manage one single local ephemeral storage resource ([#50819](https://github.com/kubernetes/kubernetes/pull/50819), [@NickrenREN](https://github.com/NickrenREN)) * set --audit-log-format default to json ([#50971](https://github.com/kubernetes/kubernetes/pull/50971), [@CaoShuFeng](https://github.com/CaoShuFeng)) * kubeadm: Implement a `--dry-run` mode and flag for `kubeadm` ([#51122](https://github.com/kubernetes/kubernetes/pull/51122), [@luxas](https://github.com/luxas)) diff --git a/CHANGELOG-1.9.md b/CHANGELOG-1.9.md index 54225248b01..cd1c8162cb4 100644 --- a/CHANGELOG-1.9.md +++ b/CHANGELOG-1.9.md @@ -2613,7 +2613,7 @@ filename | sha256 hash * add fieldSelector spec.schedulerName ([#50582](https://github.com/kubernetes/kubernetes/pull/50582), [@dixudx](https://github.com/dixudx)) * Change eviction manager to manage one single local ephemeral storage resource ([#50889](https://github.com/kubernetes/kubernetes/pull/50889), [@NickrenREN](https://github.com/NickrenREN)) * Cloud Controller Manager now sets Node.Spec.ProviderID ([#50730](https://github.com/kubernetes/kubernetes/pull/50730), [@andrewsykim](https://github.com/andrewsykim)) -* Paramaterize session affinity timeout seconds in service API for Client IP based session affinity. ([#49850](https://github.com/kubernetes/kubernetes/pull/49850), [@m1093782566](https://github.com/m1093782566)) +* Parameterize session affinity timeout seconds in service API for Client IP based session affinity. ([#49850](https://github.com/kubernetes/kubernetes/pull/49850), [@m1093782566](https://github.com/m1093782566)) * Changing scheduling part of the alpha feature 'LocalStorageCapacityIsolation' to manage one single local ephemeral storage resource ([#50819](https://github.com/kubernetes/kubernetes/pull/50819), [@NickrenREN](https://github.com/NickrenREN)) * set --audit-log-format default to json ([#50971](https://github.com/kubernetes/kubernetes/pull/50971), [@CaoShuFeng](https://github.com/CaoShuFeng)) * kubeadm: Implement a `--dry-run` mode and flag for `kubeadm` ([#51122](https://github.com/kubernetes/kubernetes/pull/51122), [@luxas](https://github.com/luxas)) diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index f6f46673838..6f2446ffb71 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -4,6 +4,7 @@ "GodepVersion": "v80-k8s-r1", "Packages": [ "github.com/bazelbuild/bazel-gazelle/cmd/gazelle", + "github.com/bazelbuild/buildtools/buildozer", "github.com/cespare/prettybench", "github.com/client9/misspell/cmd/misspell", "github.com/cloudflare/cfssl/cmd/cfssl", @@ -147,13 +148,103 @@ }, { "ImportPath": "github.com/Microsoft/go-winio", - "Comment": "v0.4.5", - "Rev": "78439966b38d69bf38227fbf57ac8a6fee70f69a" + "Comment": "v0.4.11", + "Rev": "97e4973ce50b2ff5f09635a57e2b88a037aae829" }, { "ImportPath": "github.com/Microsoft/hcsshim", - "Comment": "v0.6.11", - "Rev": "800683ae704ac360b2f3f47fa88f3a6c8c9091b5" + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/hcn", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/cni", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/guestrequest", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/guid", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/hcs", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/hcserror", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/hns", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/interop", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/logfields", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/longpath", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/mergemaps", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/regstate", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/runhcs", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/safefile", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/schema1", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/schema2", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/timeout", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" + }, + { + "ImportPath": "github.com/Microsoft/hcsshim/internal/wclayer", + "Comment": "v0.8.3-65-g69ac8d3f7fc10a", + "Rev": "69ac8d3f7fc10a0623f3a2655958a1a5bb71f58f" }, { "ImportPath": "github.com/NYTimes/gziphandler", @@ -471,16 +562,51 @@ "Comment": "0.15.0", "Rev": "c728ce9f663e2bff26361ba5978ec5c9e6816a3c" }, + { + "ImportPath": "github.com/bazelbuild/buildtools/api_proto", + "Comment": "0.6.0-60-g1a9c38e0df9397", + "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" + }, { "ImportPath": "github.com/bazelbuild/buildtools/build", "Comment": "0.6.0-60-g1a9c38e0df9397", "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" }, + { + "ImportPath": "github.com/bazelbuild/buildtools/build_proto", + "Comment": "0.6.0-60-g1a9c38e0df9397", + "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" + }, + { + "ImportPath": "github.com/bazelbuild/buildtools/buildozer", + "Comment": "0.6.0-60-g1a9c38e0df9397", + "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" + }, + { + "ImportPath": "github.com/bazelbuild/buildtools/edit", + "Comment": "0.6.0-60-g1a9c38e0df9397", + "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" + }, + { + "ImportPath": "github.com/bazelbuild/buildtools/file", + "Comment": "0.6.0-60-g1a9c38e0df9397", + "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" + }, + { + "ImportPath": "github.com/bazelbuild/buildtools/lang", + "Comment": "0.6.0-60-g1a9c38e0df9397", + "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" + }, { "ImportPath": "github.com/bazelbuild/buildtools/tables", "Comment": "0.6.0-60-g1a9c38e0df9397", "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" }, + { + "ImportPath": "github.com/bazelbuild/buildtools/wspace", + "Comment": "0.6.0-60-g1a9c38e0df9397", + "Rev": "1a9c38e0df9397d033a1ca535596de5a7c1cf18f" + }, { "ImportPath": "github.com/beorn7/perks/quantile", "Rev": "3ac7bf7a47d159a033b107610db8a1b6575507a4" @@ -1576,8 +1702,8 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Comment": "v4.1.0-11-gd4020504c68b6b", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Comment": "v4.1.0-19-g5858425f75500d", + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/exponent-io/jsonpath", @@ -2284,11 +2410,13 @@ }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Comment": "v0.5.0", + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Comment": "v0.5.0", + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/hcl", @@ -2966,7 +3094,8 @@ }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Comment": "v1.0.0-4-g5d4384ee4fb252", + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/pquerna/cachecontrol", @@ -3121,23 +3250,23 @@ }, { "ImportPath": "github.com/storageos/go-api", - "Comment": "0.3.4", - "Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707" + "Comment": "1.0.0-rc1-2-g343b3eff91fcc8", + "Rev": "343b3eff91fcc84b0165e252eb843f5fd720fa4e" }, { "ImportPath": "github.com/storageos/go-api/netutil", - "Comment": "0.3.4", - "Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707" + "Comment": "1.0.0-rc1-2-g343b3eff91fcc8", + "Rev": "343b3eff91fcc84b0165e252eb843f5fd720fa4e" }, { "ImportPath": "github.com/storageos/go-api/serror", - "Comment": "0.3.4", - "Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707" + "Comment": "1.0.0-rc1-2-g343b3eff91fcc8", + "Rev": "343b3eff91fcc84b0165e252eb843f5fd720fa4e" }, { "ImportPath": "github.com/storageos/go-api/types", - "Comment": "0.3.4", - "Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707" + "Comment": "1.0.0-rc1-2-g343b3eff91fcc8", + "Rev": "343b3eff91fcc84b0165e252eb843f5fd720fa4e" }, { "ImportPath": "github.com/stretchr/objx", @@ -4099,59 +4228,59 @@ }, { "ImportPath": "k8s.io/kube-openapi/cmd/openapi-gen", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/cmd/openapi-gen/args", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/aggregator", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/builder", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/common", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/generators", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/generators/rules", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/handler", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/schemaconv", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto/testing", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto/validation", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/sets", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/repo-infra/kazel", @@ -4209,6 +4338,116 @@ "ImportPath": "k8s.io/utils/trace", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/commands/build", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/constants", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/expansion", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/factory", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/fs", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/git", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/gvk", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/ifc", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/ifc/transformer", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/image", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/internal/error", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/loader", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/patch", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/patch/transformer", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/resid", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/resmap", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/resource", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/target", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/transformers", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/transformers/config", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/types", + "Comment": "v2.0.1", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, { "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" diff --git a/Godeps/LICENSES b/Godeps/LICENSES index a44c1afe3f6..c313e63961f 100644 --- a/Godeps/LICENSES +++ b/Godeps/LICENSES @@ -14961,6 +14961,27 @@ THE SOFTWARE. ================================================================================ +================================================================================ += vendor/github.com/bazelbuild/buildtools/api_proto licensed under: = + +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + += vendor/github.com/bazelbuild/buildtools/LICENSE adb52eb384caedba181cd51fbcdf4b99 +================================================================================ + + ================================================================================ = vendor/github.com/bazelbuild/buildtools/build licensed under: = @@ -14982,6 +15003,111 @@ limitations under the License. ================================================================================ +================================================================================ += vendor/github.com/bazelbuild/buildtools/buildozer licensed under: = + +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + += vendor/github.com/bazelbuild/buildtools/LICENSE adb52eb384caedba181cd51fbcdf4b99 +================================================================================ + + +================================================================================ += vendor/github.com/bazelbuild/buildtools/build_proto licensed under: = + +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + += vendor/github.com/bazelbuild/buildtools/LICENSE adb52eb384caedba181cd51fbcdf4b99 +================================================================================ + + +================================================================================ += vendor/github.com/bazelbuild/buildtools/edit licensed under: = + +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + += vendor/github.com/bazelbuild/buildtools/LICENSE adb52eb384caedba181cd51fbcdf4b99 +================================================================================ + + +================================================================================ += vendor/github.com/bazelbuild/buildtools/file licensed under: = + +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + += vendor/github.com/bazelbuild/buildtools/LICENSE adb52eb384caedba181cd51fbcdf4b99 +================================================================================ + + +================================================================================ += vendor/github.com/bazelbuild/buildtools/lang licensed under: = + +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + += vendor/github.com/bazelbuild/buildtools/LICENSE adb52eb384caedba181cd51fbcdf4b99 +================================================================================ + + ================================================================================ = vendor/github.com/bazelbuild/buildtools/tables licensed under: = @@ -15003,6 +15129,27 @@ limitations under the License. ================================================================================ +================================================================================ += vendor/github.com/bazelbuild/buildtools/wspace licensed under: = + +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + += vendor/github.com/bazelbuild/buildtools/LICENSE adb52eb384caedba181cd51fbcdf4b99 +================================================================================ + + ================================================================================ = vendor/github.com/beorn7/perks/quantile licensed under: = @@ -79197,6 +79344,510 @@ SOFTWARE. ================================================================================ +================================================================================ += vendor/github.com/Microsoft/hcsshim/hcn licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/cni licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/guestrequest licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/guid licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/hcs licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/hcserror licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/hns licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/interop licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/logfields licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/longpath licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/mergemaps licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/regstate licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/runhcs licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/safefile licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/schema1 licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/schema2 licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/timeout licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + +================================================================================ += vendor/github.com/Microsoft/hcsshim/internal/wclayer licensed under: = + +The MIT License (MIT) + +Copyright (c) 2015 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. += vendor/github.com/Microsoft/hcsshim/LICENSE d4c2cbbea5ee1e7c86dff68a7073718e +================================================================================ + + ================================================================================ = vendor/github.com/miekg/dns licensed under: = @@ -91029,7 +91680,7 @@ SOFTWARE. MIT License -Copyright (c) 2015-2017 StorageOS +Copyright (c) 2015-2018 StorageOS Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -91073,7 +91724,7 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -= vendor/github.com/storageos/go-api/LICENCE d8f852a0f38554263e64363f57b07fc4 += vendor/github.com/storageos/go-api/LICENCE 10d8703157b5fd9422b1813bae555905 ================================================================================ @@ -91082,7 +91733,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. MIT License -Copyright (c) 2015-2017 StorageOS +Copyright (c) 2015-2018 StorageOS Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -91126,7 +91777,7 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -= vendor/github.com/storageos/go-api/LICENCE d8f852a0f38554263e64363f57b07fc4 += vendor/github.com/storageos/go-api/LICENCE 10d8703157b5fd9422b1813bae555905 ================================================================================ @@ -91135,7 +91786,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. MIT License -Copyright (c) 2015-2017 StorageOS +Copyright (c) 2015-2018 StorageOS Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -91179,7 +91830,7 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -= vendor/github.com/storageos/go-api/LICENCE d8f852a0f38554263e64363f57b07fc4 += vendor/github.com/storageos/go-api/LICENCE 10d8703157b5fd9422b1813bae555905 ================================================================================ @@ -91188,7 +91839,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. MIT License -Copyright (c) 2015-2017 StorageOS +Copyright (c) 2015-2018 StorageOS Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -91232,7 +91883,7 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -= vendor/github.com/storageos/go-api/LICENCE d8f852a0f38554263e64363f57b07fc4 += vendor/github.com/storageos/go-api/LICENCE 10d8703157b5fd9422b1813bae555905 ================================================================================ @@ -119081,6 +119732,4604 @@ third-party archives. ================================================================================ +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/commands/build licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/constants licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/expansion licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/factory licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/fs licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/git licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/gvk licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/ifc licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/image licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/internal/error licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/loader licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/patch licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/patch/transformer licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/resid licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/resmap licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/resource licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/target licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/transformers licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/transformers/config licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + +================================================================================ += vendor/sigs.k8s.io/kustomize/pkg/types licensed under: = + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/sigs.k8s.io/kustomize/LICENSE e3fc50a88d0a364313df4b21ef20c29e +================================================================================ + + ================================================================================ = vendor/sigs.k8s.io/structured-merge-diff/fieldpath licensed under: = diff --git a/Godeps/OWNERS b/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/Godeps/OWNERS +++ b/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/OWNERS b/OWNERS index f5aeed776f2..7c029442e8c 100644 --- a/OWNERS +++ b/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + filters: ".*": reviewers: diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES index 1e4f2354239..a22072b79db 100644 --- a/OWNERS_ALIASES +++ b/OWNERS_ALIASES @@ -102,7 +102,7 @@ aliases: - tallclair sig-auth-policy-reviewers: - deads2k - - hongchaodeng + - hongchaodeng - jianhuiz - liggitt - mbohlool @@ -288,11 +288,13 @@ aliases: - jsafrane - jbeda dep-approvers: + - apelisse + - BenTheElder - cblecker - thockin - sttts + - soltysh feature-approvers: - - AdoHe # CLI - bgrant0607 # Architecture - brancz # Instrumentation - bsalamat # Scheduling @@ -323,6 +325,7 @@ aliases: - quinton-hoole # Multicluster - roberthbailey # Cluster Lifecycle - saad-ali # Storage + - seans3 # CLI - soltysh # CLI - tallclair # Auth - thockin # Network diff --git a/SUPPORT.md b/SUPPORT.md index 2f977e2c398..ef4558cfff0 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -8,9 +8,9 @@ resources are available below, thanks for understanding. The Kubernetes Community is active on Stack Overflow, you can post your questions there: -* [Kubernetes on Stack Overflow](http://stackoverflow.com/questions/tagged/kubernetes) +* [Kubernetes on Stack Overflow](https://stackoverflow.com/questions/tagged/kubernetes) - * Here are some tips for [about how to ask good questions](http://stackoverflow.com/help/how-to-ask). + * Here are some tips for [about how to ask good questions](https://stackoverflow.com/help/how-to-ask). * Don't forget to check to see [what's on topic](http://stackoverflow.com/help/on-topic). ### Documentation diff --git a/api/OWNERS b/api/OWNERS index 6abee65c2f9..b185715fca8 100644 --- a/api/OWNERS +++ b/api/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/api/openapi-spec/README.md b/api/openapi-spec/README.md index 68bcc106368..8dae8681354 100644 --- a/api/openapi-spec/README.md +++ b/api/openapi-spec/README.md @@ -10,7 +10,7 @@ extensions has been added. ### `x-kubernetes-group-version-kind` Operations and Definitions may have `x-kubernetes-group-version-kind` if they -are associated with a [kubernetes resource](https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#resources). +are associated with a [kubernetes resource](https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources). For example: @@ -35,7 +35,7 @@ For example: ### `x-kubernetes-action` Operations and Definitions may have `x-kubernetes-action` if they -are associated with a [kubernetes resource](https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#resources). +are associated with a [kubernetes resource](https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources). Action can be one of `get`, `list`, `put`, `patch`, `post`, `delete`, `deletecollection`, `watch`, `watchlist`, `proxy`, or `connect`. @@ -57,4 +57,4 @@ For example: ### `x-kubernetes-patch-strategy` and `x-kubernetes-patch-merge-key` Some of the definitions may have these extensions. For more information about PatchStrategy and PatchMergeKey see -[strategic-merge-patch](https://git.k8s.io/community/contributors/devel/strategic-merge-patch.md). +[strategic-merge-patch](https://git.k8s.io/community/contributors/devel/sig-api-machinery/strategic-merge-patch.md). diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index 587fe8ccded..a0f7e39da18 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -1,95391 +1,96748 @@ { - "swagger": "2.0", + "definitions": { + "io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration": { + "description": "MutatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and may change the object.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata." + }, + "webhooks": { + "description": "Webhooks is a list of webhooks and the affected resources and operations.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.Webhook" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfigurationList": { + "description": "MutatingWebhookConfigurationList is a list of MutatingWebhookConfiguration.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of MutatingWebhookConfiguration.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfigurationList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.admissionregistration.v1beta1.RuleWithOperations": { + "description": "RuleWithOperations is a tuple of Operations and Resources. It is recommended to make sure that all the tuple expansions are valid.", + "properties": { + "apiGroups": { + "description": "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required.", + "items": { + "type": "string" + }, + "type": "array" + }, + "apiVersions": { + "description": "APIVersions is the API versions the resources belong to. '*' is all versions. If '*' is present, the length of the slice must be one. Required.", + "items": { + "type": "string" + }, + "type": "array" + }, + "operations": { + "description": "Operations is the operations the admission hook cares about - CREATE, UPDATE, or * for all operations. If '*' is present, the length of the slice must be one. Required.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resources": { + "description": "Resources is a list of resources this rule applies to.\n\nFor example: 'pods' means pods. 'pods/log' means the log subresource of pods. '*' means all resources, but not subresources. 'pods/*' means all subresources of pods. '*/scale' means all scale subresources. '*/*' means all resources and their subresources.\n\nIf wildcard is present, the validation rule will ensure resources do not overlap with each other.\n\nDepending on the enclosing object, subresources might not be allowed. Required.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.admissionregistration.v1beta1.ServiceReference": { + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "properties": { + "name": { + "description": "`name` is the name of the service. Required", + "type": "string" + }, + "namespace": { + "description": "`namespace` is the namespace of the service. Required", + "type": "string" + }, + "path": { + "description": "`path` is an optional URL path which will be sent in any request to this service.", + "type": "string" + } + }, + "required": [ + "namespace", + "name" + ], + "type": "object" + }, + "io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration": { + "description": "ValidatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and object without changing it.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata." + }, + "webhooks": { + "description": "Webhooks is a list of webhooks and the affected resources and operations.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.Webhook" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfigurationList": { + "description": "ValidatingWebhookConfigurationList is a list of ValidatingWebhookConfiguration.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of ValidatingWebhookConfiguration.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfigurationList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.admissionregistration.v1beta1.Webhook": { + "description": "Webhook describes an admission webhook and the resources and operations it applies to.", + "properties": { + "clientConfig": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.WebhookClientConfig", + "description": "ClientConfig defines how to communicate with the hook. Required" + }, + "failurePolicy": { + "description": "FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Ignore.", + "type": "string" + }, + "name": { + "description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.", + "type": "string" + }, + "namespaceSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.\n\nFor example, to run the webhook on any objects whose namespace is not associated with \"runlevel\" of \"0\" or \"1\"; you will set the selector as follows: \"namespaceSelector\": {\n \"matchExpressions\": [\n {\n \"key\": \"runlevel\",\n \"operator\": \"NotIn\",\n \"values\": [\n \"0\",\n \"1\"\n ]\n }\n ]\n}\n\nIf instead you want to only run the webhook on any objects whose namespace is associated with the \"environment\" of \"prod\" or \"staging\"; you will set the selector as follows: \"namespaceSelector\": {\n \"matchExpressions\": [\n {\n \"key\": \"environment\",\n \"operator\": \"In\",\n \"values\": [\n \"prod\",\n \"staging\"\n ]\n }\n ]\n}\n\nSee https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.\n\nDefault to the empty LabelSelector, which matches everything." + }, + "rules": { + "description": "Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.RuleWithOperations" + }, + "type": "array" + }, + "sideEffects": { + "description": "SideEffects states whether this webhookk has side effects. Acceptable values are: Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission change and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some. Defaults to Unknown.", + "type": "string" + } + }, + "required": [ + "name", + "clientConfig" + ], + "type": "object" + }, + "io.k8s.api.admissionregistration.v1beta1.WebhookClientConfig": { + "description": "WebhookClientConfig contains the information to make a TLS connection with the webhook", + "properties": { + "caBundle": { + "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.", + "format": "byte", + "type": "string" + }, + "service": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ServiceReference", + "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error." + }, + "url": { + "description": "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1.ControllerRevision": { + "description": "ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "data": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension", + "description": "Data is the serialized representation of the state." + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "revision": { + "description": "Revision indicates the revision of the state represented by Data.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "revision" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.ControllerRevisionList": { + "description": "ControllerRevisionList is a resource containing a list of ControllerRevision objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of ControllerRevisions", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ControllerRevisionList", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.DaemonSet": { + "description": "DaemonSet represents the configuration of a daemon set.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetSpec", + "description": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetStatus", + "description": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.DaemonSetCondition": { + "description": "DaemonSetCondition describes the state of a DaemonSet at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of DaemonSet condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.DaemonSetList": { + "description": "DaemonSetList is a collection of daemon sets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "A list of daemon sets.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DaemonSetList", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.DaemonSetSpec": { + "description": "DaemonSetSpec is the specification of a daemon set.", + "properties": { + "minReadySeconds": { + "description": "The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "A label query over pods that are managed by the daemon set. Must match in order to be controlled. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + }, + "updateStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetUpdateStrategy", + "description": "An update strategy to replace existing DaemonSet pods with new pods." + } + }, + "required": [ + "selector", + "template" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.DaemonSetStatus": { + "description": "DaemonSetStatus represents the current status of a daemon set.", + "properties": { + "collisionCount": { + "description": "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a DaemonSet's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "currentNumberScheduled": { + "description": "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "desiredNumberScheduled": { + "description": "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "numberAvailable": { + "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)", + "format": "int32", + "type": "integer" + }, + "numberMisscheduled": { + "description": "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "numberReady": { + "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.", + "format": "int32", + "type": "integer" + }, + "numberUnavailable": { + "description": "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "The most recent generation observed by the daemon set controller.", + "format": "int64", + "type": "integer" + }, + "updatedNumberScheduled": { + "description": "The total number of nodes that are running updated daemon pod", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "currentNumberScheduled", + "numberMisscheduled", + "desiredNumberScheduled", + "numberReady" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.DaemonSetUpdateStrategy": { + "description": "DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1.RollingUpdateDaemonSet", + "description": "Rolling update config params. Present only if type = \"RollingUpdate\"." + }, + "type": { + "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1.Deployment": { + "description": "Deployment enables declarative updates for Pods and ReplicaSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentSpec", + "description": "Specification of the desired behavior of the Deployment." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentStatus", + "description": "Most recently observed status of the Deployment." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.DeploymentCondition": { + "description": "DeploymentCondition describes the state of a deployment at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "lastUpdateTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time this condition was updated." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of deployment condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.DeploymentList": { + "description": "DeploymentList is a list of Deployments.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of Deployments.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DeploymentList", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.DeploymentSpec": { + "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "paused": { + "description": "Indicates that the deployment is paused.", + "type": "boolean" + }, + "progressDeadlineSeconds": { + "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. It must match the pod template's labels." + }, + "strategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentStrategy", + "description": "The deployment strategy to use to replace existing pods with new ones.", + "x-kubernetes-patch-strategy": "retainKeys" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template describes the pods that will be created." + } + }, + "required": [ + "selector", + "template" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.DeploymentStatus": { + "description": "DeploymentStatus is the most recently observed status of the Deployment.", + "properties": { + "availableReplicas": { + "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "collisionCount": { + "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a deployment's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "observedGeneration": { + "description": "The generation observed by the deployment controller.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "Total number of ready pods targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", + "format": "int32", + "type": "integer" + }, + "unavailableReplicas": { + "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", + "format": "int32", + "type": "integer" + }, + "updatedReplicas": { + "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1.DeploymentStrategy": { + "description": "DeploymentStrategy describes how to replace existing pods with new ones.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1.RollingUpdateDeployment", + "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate." + }, + "type": { + "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1.ReplicaSet": { + "description": "ReplicaSet ensures that a specified number of pod replicas are running at any given time.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetSpec", + "description": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetStatus", + "description": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.ReplicaSetCondition": { + "description": "ReplicaSetCondition describes the state of a replica set at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of replica set condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.ReplicaSetList": { + "description": "ReplicaSetList is a collection of ReplicaSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ReplicaSetList", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.ReplicaSetSpec": { + "description": "ReplicaSetSpec is the specification of a ReplicaSet.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + } + }, + "required": [ + "selector" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.ReplicaSetStatus": { + "description": "ReplicaSetStatus represents the current status of a ReplicaSet.", + "properties": { + "availableReplicas": { + "description": "The number of available replicas (ready for at least minReadySeconds) for this replica set.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a replica set's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "fullyLabeledReplicas": { + "description": "The number of pods that have labels matching the labels of the pod template of the replicaset.", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "The number of ready replicas for this replica set.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.RollingUpdateDaemonSet": { + "description": "Spec to control the desired behavior of daemon set rolling update.", + "properties": { + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update." + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1.RollingUpdateDeployment": { + "description": "Spec to control the desired behavior of rolling update.", + "properties": { + "maxSurge": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods." + }, + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods." + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1.RollingUpdateStatefulSetStrategy": { + "description": "RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.", + "properties": { + "partition": { + "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned. Default value is 0.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1.StatefulSet": { + "description": "StatefulSet represents a set of pods with consistent identities. Identities are defined as:\n - Network: A single stable DNS and hostname.\n - Storage: As many VolumeClaims as requested.\nThe StatefulSet guarantees that a given network identity will always map to the same storage identity.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetSpec", + "description": "Spec defines the desired identities of pods in this set." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetStatus", + "description": "Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.StatefulSetCondition": { + "description": "StatefulSetCondition describes the state of a statefulset at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of statefulset condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.StatefulSetList": { + "description": "StatefulSetList is a collection of StatefulSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "StatefulSetList", + "version": "v1" + } + ] + }, + "io.k8s.api.apps.v1.StatefulSetSpec": { + "description": "A StatefulSetSpec is the specification of a StatefulSet.", + "properties": { + "podManagementPolicy": { + "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.", + "type": "string" + }, + "replicas": { + "description": "replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is a label query over pods that should match the replica count. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "serviceName": { + "description": "serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where \"pod-specific-string\" is managed by the StatefulSet controller.", + "type": "string" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet." + }, + "updateStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetUpdateStrategy", + "description": "updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template." + }, + "volumeClaimTemplates": { + "description": "volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + }, + "type": "array" + } + }, + "required": [ + "selector", + "template", + "serviceName" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.StatefulSetStatus": { + "description": "StatefulSetStatus represents the current state of a StatefulSet.", + "properties": { + "collisionCount": { + "description": "collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a statefulset's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "currentReplicas": { + "description": "currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.", + "format": "int32", + "type": "integer" + }, + "currentRevision": { + "description": "currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).", + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet's generation, which is updated on mutation by the API Server.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "replicas is the number of Pods created by the StatefulSet controller.", + "format": "int32", + "type": "integer" + }, + "updateRevision": { + "description": "updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)", + "type": "string" + }, + "updatedReplicas": { + "description": "updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.apps.v1.StatefulSetUpdateStrategy": { + "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1.RollingUpdateStatefulSetStrategy", + "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." + }, + "type": { + "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta1.ControllerRevision": { + "description": "DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1beta2/ControllerRevision. See the release notes for more information. ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "data": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension", + "description": "Data is the serialized representation of the state." + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "revision": { + "description": "Revision indicates the revision of the state represented by Data.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "revision" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.ControllerRevisionList": { + "description": "ControllerRevisionList is a resource containing a list of ControllerRevision objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of ControllerRevisions", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ControllerRevisionList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.Deployment": { + "description": "DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentSpec", + "description": "Specification of the desired behavior of the Deployment." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStatus", + "description": "Most recently observed status of the Deployment." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.DeploymentCondition": { + "description": "DeploymentCondition describes the state of a deployment at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "lastUpdateTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time this condition was updated." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of deployment condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta1.DeploymentList": { + "description": "DeploymentList is a list of Deployments.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of Deployments.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DeploymentList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.DeploymentRollback": { + "description": "DEPRECATED. DeploymentRollback stores the information required to rollback a deployment.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Required: This must match the Name of a deployment.", + "type": "string" + }, + "rollbackTo": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollbackConfig", + "description": "The config of this deployment rollback." + }, + "updatedAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "The annotations to be updated to a deployment", + "type": "object" + } + }, + "required": [ + "name", + "rollbackTo" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DeploymentRollback", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.DeploymentSpec": { + "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "paused": { + "description": "Indicates that the deployment is paused.", + "type": "boolean" + }, + "progressDeadlineSeconds": { + "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 2.", + "format": "int32", + "type": "integer" + }, + "rollbackTo": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollbackConfig", + "description": "DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done." + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment." + }, + "strategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStrategy", + "description": "The deployment strategy to use to replace existing pods with new ones.", + "x-kubernetes-patch-strategy": "retainKeys" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template describes the pods that will be created." + } + }, + "required": [ + "template" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta1.DeploymentStatus": { + "description": "DeploymentStatus is the most recently observed status of the Deployment.", + "properties": { + "availableReplicas": { + "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "collisionCount": { + "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a deployment's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "observedGeneration": { + "description": "The generation observed by the deployment controller.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "Total number of ready pods targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", + "format": "int32", + "type": "integer" + }, + "unavailableReplicas": { + "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", + "format": "int32", + "type": "integer" + }, + "updatedReplicas": { + "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta1.DeploymentStrategy": { + "description": "DeploymentStrategy describes how to replace existing pods with new ones.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateDeployment", + "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate." + }, + "type": { + "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta1.RollbackConfig": { + "description": "DEPRECATED.", + "properties": { + "revision": { + "description": "The revision to rollback to. If set to 0, rollback to the last revision.", + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta1.RollingUpdateDeployment": { + "description": "Spec to control the desired behavior of rolling update.", + "properties": { + "maxSurge": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods." + }, + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods." + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy": { + "description": "RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.", + "properties": { + "partition": { + "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta1.Scale": { + "description": "Scale represents a scaling request for a resource.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleSpec", + "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleStatus", + "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "Scale", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.ScaleSpec": { + "description": "ScaleSpec describes the attributes of a scale subresource", + "properties": { + "replicas": { + "description": "desired number of instances for the scaled object.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta1.ScaleStatus": { + "description": "ScaleStatus represents the current status of a scale subresource.", + "properties": { + "replicas": { + "description": "actual number of observed instances of the scaled object.", + "format": "int32", + "type": "integer" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors", + "type": "object" + }, + "targetSelector": { + "description": "label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", + "type": "string" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta1.StatefulSet": { + "description": "DEPRECATED - This group version of StatefulSet is deprecated by apps/v1beta2/StatefulSet. See the release notes for more information. StatefulSet represents a set of pods with consistent identities. Identities are defined as:\n - Network: A single stable DNS and hostname.\n - Storage: As many VolumeClaims as requested.\nThe StatefulSet guarantees that a given network identity will always map to the same storage identity.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetSpec", + "description": "Spec defines the desired identities of pods in this set." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetStatus", + "description": "Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.StatefulSetCondition": { + "description": "StatefulSetCondition describes the state of a statefulset at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of statefulset condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta1.StatefulSetList": { + "description": "StatefulSetList is a collection of StatefulSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "StatefulSetList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.apps.v1beta1.StatefulSetSpec": { + "description": "A StatefulSetSpec is the specification of a StatefulSet.", + "properties": { + "podManagementPolicy": { + "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.", + "type": "string" + }, + "replicas": { + "description": "replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is a label query over pods that should match the replica count. If empty, defaulted to labels on the pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "serviceName": { + "description": "serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where \"pod-specific-string\" is managed by the StatefulSet controller.", + "type": "string" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet." + }, + "updateStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy", + "description": "updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template." + }, + "volumeClaimTemplates": { + "description": "volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + }, + "type": "array" + } + }, + "required": [ + "template", + "serviceName" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta1.StatefulSetStatus": { + "description": "StatefulSetStatus represents the current state of a StatefulSet.", + "properties": { + "collisionCount": { + "description": "collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a statefulset's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "currentReplicas": { + "description": "currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.", + "format": "int32", + "type": "integer" + }, + "currentRevision": { + "description": "currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).", + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet's generation, which is updated on mutation by the API Server.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "replicas is the number of Pods created by the StatefulSet controller.", + "format": "int32", + "type": "integer" + }, + "updateRevision": { + "description": "updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)", + "type": "string" + }, + "updatedReplicas": { + "description": "updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy": { + "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy", + "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." + }, + "type": { + "description": "Type indicates the type of the StatefulSetUpdateStrategy.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.ControllerRevision": { + "description": "DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1/ControllerRevision. See the release notes for more information. ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "data": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension", + "description": "Data is the serialized representation of the state." + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "revision": { + "description": "Revision indicates the revision of the state represented by Data.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "revision" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.ControllerRevisionList": { + "description": "ControllerRevisionList is a resource containing a list of ControllerRevision objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of ControllerRevisions", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ControllerRevisionList", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.DaemonSet": { + "description": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetSpec", + "description": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetStatus", + "description": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.DaemonSetCondition": { + "description": "DaemonSetCondition describes the state of a DaemonSet at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of DaemonSet condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.DaemonSetList": { + "description": "DaemonSetList is a collection of daemon sets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "A list of daemon sets.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DaemonSetList", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.DaemonSetSpec": { + "description": "DaemonSetSpec is the specification of a daemon set.", + "properties": { + "minReadySeconds": { + "description": "The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "A label query over pods that are managed by the daemon set. Must match in order to be controlled. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + }, + "updateStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetUpdateStrategy", + "description": "An update strategy to replace existing DaemonSet pods with new pods." + } + }, + "required": [ + "selector", + "template" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.DaemonSetStatus": { + "description": "DaemonSetStatus represents the current status of a daemon set.", + "properties": { + "collisionCount": { + "description": "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a DaemonSet's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "currentNumberScheduled": { + "description": "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "desiredNumberScheduled": { + "description": "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "numberAvailable": { + "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)", + "format": "int32", + "type": "integer" + }, + "numberMisscheduled": { + "description": "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "numberReady": { + "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.", + "format": "int32", + "type": "integer" + }, + "numberUnavailable": { + "description": "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "The most recent generation observed by the daemon set controller.", + "format": "int64", + "type": "integer" + }, + "updatedNumberScheduled": { + "description": "The total number of nodes that are running updated daemon pod", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "currentNumberScheduled", + "numberMisscheduled", + "desiredNumberScheduled", + "numberReady" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.DaemonSetUpdateStrategy": { + "description": "DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.RollingUpdateDaemonSet", + "description": "Rolling update config params. Present only if type = \"RollingUpdate\"." + }, + "type": { + "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.Deployment": { + "description": "DEPRECATED - This group version of Deployment is deprecated by apps/v1/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentSpec", + "description": "Specification of the desired behavior of the Deployment." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentStatus", + "description": "Most recently observed status of the Deployment." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.DeploymentCondition": { + "description": "DeploymentCondition describes the state of a deployment at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "lastUpdateTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time this condition was updated." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of deployment condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.DeploymentList": { + "description": "DeploymentList is a list of Deployments.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of Deployments.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "DeploymentList", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.DeploymentSpec": { + "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "paused": { + "description": "Indicates that the deployment is paused.", + "type": "boolean" + }, + "progressDeadlineSeconds": { + "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. It must match the pod template's labels." + }, + "strategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentStrategy", + "description": "The deployment strategy to use to replace existing pods with new ones.", + "x-kubernetes-patch-strategy": "retainKeys" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template describes the pods that will be created." + } + }, + "required": [ + "selector", + "template" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.DeploymentStatus": { + "description": "DeploymentStatus is the most recently observed status of the Deployment.", + "properties": { + "availableReplicas": { + "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "collisionCount": { + "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a deployment's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "observedGeneration": { + "description": "The generation observed by the deployment controller.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "Total number of ready pods targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", + "format": "int32", + "type": "integer" + }, + "unavailableReplicas": { + "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", + "format": "int32", + "type": "integer" + }, + "updatedReplicas": { + "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.DeploymentStrategy": { + "description": "DeploymentStrategy describes how to replace existing pods with new ones.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.RollingUpdateDeployment", + "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate." + }, + "type": { + "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.ReplicaSet": { + "description": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetSpec", + "description": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetStatus", + "description": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.ReplicaSetCondition": { + "description": "ReplicaSetCondition describes the state of a replica set at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of replica set condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.ReplicaSetList": { + "description": "ReplicaSetList is a collection of ReplicaSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "ReplicaSetList", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.ReplicaSetSpec": { + "description": "ReplicaSetSpec is the specification of a ReplicaSet.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + } + }, + "required": [ + "selector" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.ReplicaSetStatus": { + "description": "ReplicaSetStatus represents the current status of a ReplicaSet.", + "properties": { + "availableReplicas": { + "description": "The number of available replicas (ready for at least minReadySeconds) for this replica set.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a replica set's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "fullyLabeledReplicas": { + "description": "The number of pods that have labels matching the labels of the pod template of the replicaset.", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "The number of ready replicas for this replica set.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.RollingUpdateDaemonSet": { + "description": "Spec to control the desired behavior of daemon set rolling update.", + "properties": { + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update." + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.RollingUpdateDeployment": { + "description": "Spec to control the desired behavior of rolling update.", + "properties": { + "maxSurge": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods." + }, + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods." + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.RollingUpdateStatefulSetStrategy": { + "description": "RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.", + "properties": { + "partition": { + "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned. Default value is 0.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.Scale": { + "description": "Scale represents a scaling request for a resource.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ScaleSpec", + "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ScaleStatus", + "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.ScaleSpec": { + "description": "ScaleSpec describes the attributes of a scale subresource", + "properties": { + "replicas": { + "description": "desired number of instances for the scaled object.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.apps.v1beta2.ScaleStatus": { + "description": "ScaleStatus represents the current status of a scale subresource.", + "properties": { + "replicas": { + "description": "actual number of observed instances of the scaled object.", + "format": "int32", + "type": "integer" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors", + "type": "object" + }, + "targetSelector": { + "description": "label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", + "type": "string" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.StatefulSet": { + "description": "DEPRECATED - This group version of StatefulSet is deprecated by apps/v1/StatefulSet. See the release notes for more information. StatefulSet represents a set of pods with consistent identities. Identities are defined as:\n - Network: A single stable DNS and hostname.\n - Storage: As many VolumeClaims as requested.\nThe StatefulSet guarantees that a given network identity will always map to the same storage identity.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetSpec", + "description": "Spec defines the desired identities of pods in this set." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetStatus", + "description": "Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.StatefulSetCondition": { + "description": "StatefulSetCondition describes the state of a statefulset at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of statefulset condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.StatefulSetList": { + "description": "StatefulSetList is a collection of StatefulSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apps", + "kind": "StatefulSetList", + "version": "v1beta2" + } + ] + }, + "io.k8s.api.apps.v1beta2.StatefulSetSpec": { + "description": "A StatefulSetSpec is the specification of a StatefulSet.", + "properties": { + "podManagementPolicy": { + "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.", + "type": "string" + }, + "replicas": { + "description": "replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is a label query over pods that should match the replica count. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "serviceName": { + "description": "serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where \"pod-specific-string\" is managed by the StatefulSet controller.", + "type": "string" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet." + }, + "updateStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetUpdateStrategy", + "description": "updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template." + }, + "volumeClaimTemplates": { + "description": "volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + }, + "type": "array" + } + }, + "required": [ + "selector", + "template", + "serviceName" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.StatefulSetStatus": { + "description": "StatefulSetStatus represents the current state of a StatefulSet.", + "properties": { + "collisionCount": { + "description": "collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a statefulset's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "currentReplicas": { + "description": "currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.", + "format": "int32", + "type": "integer" + }, + "currentRevision": { + "description": "currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).", + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet's generation, which is updated on mutation by the API Server.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "replicas is the number of Pods created by the StatefulSet controller.", + "format": "int32", + "type": "integer" + }, + "updateRevision": { + "description": "updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)", + "type": "string" + }, + "updatedReplicas": { + "description": "updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.apps.v1beta2.StatefulSetUpdateStrategy": { + "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.RollingUpdateStatefulSetStrategy", + "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." + }, + "type": { + "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.auditregistration.v1alpha1.AuditSink": { + "description": "AuditSink represents a cluster level audit sink", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec", + "description": "Spec defines the audit configuration spec" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.auditregistration.v1alpha1.AuditSinkList": { + "description": "AuditSinkList is a list of AuditSink items.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of audit configurations.", + "items": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "auditregistration.k8s.io", + "kind": "AuditSinkList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec": { + "description": "AuditSinkSpec holds the spec for the audit sink", + "properties": { + "policy": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Policy", + "description": "Policy defines the policy for selecting which events should be sent to the webhook required" + }, + "webhook": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Webhook", + "description": "Webhook to send events required" + } + }, + "required": [ + "policy", + "webhook" + ], + "type": "object" + }, + "io.k8s.api.auditregistration.v1alpha1.Policy": { + "description": "Policy defines the configuration of how audit events are logged", + "properties": { + "level": { + "description": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required", + "type": "string" + }, + "stages": { + "description": "Stages is a list of stages for which events are created.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "level" + ], + "type": "object" + }, + "io.k8s.api.auditregistration.v1alpha1.ServiceReference": { + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "properties": { + "name": { + "description": "`name` is the name of the service. Required", + "type": "string" + }, + "namespace": { + "description": "`namespace` is the namespace of the service. Required", + "type": "string" + }, + "path": { + "description": "`path` is an optional URL path which will be sent in any request to this service.", + "type": "string" + } + }, + "required": [ + "namespace", + "name" + ], + "type": "object" + }, + "io.k8s.api.auditregistration.v1alpha1.Webhook": { + "description": "Webhook holds the configuration of the webhook", + "properties": { + "clientConfig": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig", + "description": "ClientConfig holds the connection parameters for the webhook required" + }, + "throttle": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig", + "description": "Throttle holds the options for throttling the webhook" + } + }, + "required": [ + "clientConfig" + ], + "type": "object" + }, + "io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig": { + "description": "WebhookClientConfig contains the information to make a connection with the webhook", + "properties": { + "caBundle": { + "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.", + "format": "byte", + "type": "string" + }, + "service": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.ServiceReference", + "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error." + }, + "url": { + "description": "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig": { + "description": "WebhookThrottleConfig holds the configuration for throttling events", + "properties": { + "burst": { + "description": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS", + "format": "int64", + "type": "integer" + }, + "qps": { + "description": "ThrottleQPS maximum number of batches per second default 10 QPS", + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.authentication.v1.TokenReview": { + "description": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewSpec", + "description": "Spec holds information about the request being evaluated" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewStatus", + "description": "Status is filled in by the server and indicates whether the request can be authenticated." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authentication.k8s.io", + "kind": "TokenReview", + "version": "v1" + } + ] + }, + "io.k8s.api.authentication.v1.TokenReviewSpec": { + "description": "TokenReviewSpec is a description of the token authentication request.", + "properties": { + "audiences": { + "description": "Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.", + "items": { + "type": "string" + }, + "type": "array" + }, + "token": { + "description": "Token is the opaque bearer token.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authentication.v1.TokenReviewStatus": { + "description": "TokenReviewStatus is the result of the token authentication request.", + "properties": { + "audiences": { + "description": "Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token's audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is \"true\", the token is valid against the audience of the Kubernetes API server.", + "items": { + "type": "string" + }, + "type": "array" + }, + "authenticated": { + "description": "Authenticated indicates that the token was associated with a known user.", + "type": "boolean" + }, + "error": { + "description": "Error indicates that the token couldn't be checked", + "type": "string" + }, + "user": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.UserInfo", + "description": "User is the UserInfo associated with the provided token." + } + }, + "type": "object" + }, + "io.k8s.api.authentication.v1.UserInfo": { + "description": "UserInfo holds the information about the user needed to implement the user.Info interface.", + "properties": { + "extra": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "Any additional information provided by the authenticator.", + "type": "object" + }, + "groups": { + "description": "The names of groups this user is a part of.", + "items": { + "type": "string" + }, + "type": "array" + }, + "uid": { + "description": "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", + "type": "string" + }, + "username": { + "description": "The name that uniquely identifies this user among all active users.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authentication.v1beta1.TokenReview": { + "description": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewSpec", + "description": "Spec holds information about the request being evaluated" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewStatus", + "description": "Status is filled in by the server and indicates whether the request can be authenticated." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authentication.k8s.io", + "kind": "TokenReview", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.authentication.v1beta1.TokenReviewSpec": { + "description": "TokenReviewSpec is a description of the token authentication request.", + "properties": { + "audiences": { + "description": "Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.", + "items": { + "type": "string" + }, + "type": "array" + }, + "token": { + "description": "Token is the opaque bearer token.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authentication.v1beta1.TokenReviewStatus": { + "description": "TokenReviewStatus is the result of the token authentication request.", + "properties": { + "audiences": { + "description": "Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token's audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is \"true\", the token is valid against the audience of the Kubernetes API server.", + "items": { + "type": "string" + }, + "type": "array" + }, + "authenticated": { + "description": "Authenticated indicates that the token was associated with a known user.", + "type": "boolean" + }, + "error": { + "description": "Error indicates that the token couldn't be checked", + "type": "string" + }, + "user": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.UserInfo", + "description": "User is the UserInfo associated with the provided token." + } + }, + "type": "object" + }, + "io.k8s.api.authentication.v1beta1.UserInfo": { + "description": "UserInfo holds the information about the user needed to implement the user.Info interface.", + "properties": { + "extra": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "Any additional information provided by the authenticator.", + "type": "object" + }, + "groups": { + "description": "The names of groups this user is a part of.", + "items": { + "type": "string" + }, + "type": "array" + }, + "uid": { + "description": "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", + "type": "string" + }, + "username": { + "description": "The name that uniquely identifies this user among all active users.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1.LocalSubjectAccessReview": { + "description": "LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus", + "description": "Status is filled in by the server and indicates whether the request is allowed or not" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "LocalSubjectAccessReview", + "version": "v1" + } + ] + }, + "io.k8s.api.authorization.v1.NonResourceAttributes": { + "description": "NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface", + "properties": { + "path": { + "description": "Path is the URL path of the request", + "type": "string" + }, + "verb": { + "description": "Verb is the standard HTTP verb", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1.NonResourceRule": { + "description": "NonResourceRule holds information that describes a rule for the non-resource", + "properties": { + "nonResourceURLs": { + "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + }, + "verbs": { + "description": "Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "verbs" + ], + "type": "object" + }, + "io.k8s.api.authorization.v1.ResourceAttributes": { + "description": "ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface", + "properties": { + "group": { + "description": "Group is the API Group of the Resource. \"*\" means all.", + "type": "string" + }, + "name": { + "description": "Name is the name of the resource being requested for a \"get\" or deleted for a \"delete\". \"\" (empty) means all.", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces \"\" (empty) is defaulted for LocalSubjectAccessReviews \"\" (empty) is empty for cluster-scoped resources \"\" (empty) means \"all\" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview", + "type": "string" + }, + "resource": { + "description": "Resource is one of the existing resource types. \"*\" means all.", + "type": "string" + }, + "subresource": { + "description": "Subresource is one of the existing resource types. \"\" means none.", + "type": "string" + }, + "verb": { + "description": "Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", + "type": "string" + }, + "version": { + "description": "Version is the API Version of the Resource. \"*\" means all.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1.ResourceRule": { + "description": "ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", + "properties": { + "apiGroups": { + "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resourceNames": { + "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resources": { + "description": "Resources is a list of resources this rule applies to. \"*\" means all in the specified apiGroups.\n \"*/foo\" represents the subresource 'foo' for all resources in the specified apiGroups.", + "items": { + "type": "string" + }, + "type": "array" + }, + "verbs": { + "description": "Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "verbs" + ], + "type": "object" + }, + "io.k8s.api.authorization.v1.SelfSubjectAccessReview": { + "description": "SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means \"in all namespaces\". Self is a special case, because users should always be able to check whether they can perform an action", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated. user and groups must be empty" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus", + "description": "Status is filled in by the server and indicates whether the request is allowed or not" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "SelfSubjectAccessReview", + "version": "v1" + } + ] + }, + "io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec": { + "description": "SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", + "properties": { + "nonResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceAttributes", + "description": "NonResourceAttributes describes information for a non-resource access request" + }, + "resourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes", + "description": "ResourceAuthorizationAttributes describes information for a resource access request" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1.SelfSubjectRulesReview": { + "description": "SelfSubjectRulesReview enumerates the set of actions the current user can perform within a namespace. The returned list of actions may be incomplete depending on the server's authorization mode, and any errors experienced during the evaluation. SelfSubjectRulesReview should be used by UIs to show/hide actions, or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns. SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReviewSpec", + "description": "Spec holds information about the request being evaluated." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectRulesReviewStatus", + "description": "Status is filled in by the server and indicates the set of actions a user can perform." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "SelfSubjectRulesReview", + "version": "v1" + } + ] + }, + "io.k8s.api.authorization.v1.SelfSubjectRulesReviewSpec": { + "properties": { + "namespace": { + "description": "Namespace to evaluate rules for. Required.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1.SubjectAccessReview": { + "description": "SubjectAccessReview checks whether or not a user or group can perform an action.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus", + "description": "Status is filled in by the server and indicates whether the request is allowed or not" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "SubjectAccessReview", + "version": "v1" + } + ] + }, + "io.k8s.api.authorization.v1.SubjectAccessReviewSpec": { + "description": "SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", + "properties": { + "extra": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.", + "type": "object" + }, + "groups": { + "description": "Groups is the groups you're testing for.", + "items": { + "type": "string" + }, + "type": "array" + }, + "nonResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceAttributes", + "description": "NonResourceAttributes describes information for a non-resource access request" + }, + "resourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes", + "description": "ResourceAuthorizationAttributes describes information for a resource access request" + }, + "uid": { + "description": "UID information about the requesting user.", + "type": "string" + }, + "user": { + "description": "User is the user you're testing for. If you specify \"User\" but not \"Groups\", then is it interpreted as \"What if User were not a member of any groups", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1.SubjectAccessReviewStatus": { + "description": "SubjectAccessReviewStatus", + "properties": { + "allowed": { + "description": "Allowed is required. True if the action would be allowed, false otherwise.", + "type": "boolean" + }, + "denied": { + "description": "Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.", + "type": "boolean" + }, + "evaluationError": { + "description": "EvaluationError is an indication that some error occurred during the authorization check. It is entirely possible to get an error and be able to continue determine authorization status in spite of it. For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.", + "type": "string" + }, + "reason": { + "description": "Reason is optional. It indicates why a request was allowed or denied.", + "type": "string" + } + }, + "required": [ + "allowed" + ], + "type": "object" + }, + "io.k8s.api.authorization.v1.SubjectRulesReviewStatus": { + "description": "SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission, even if that list is incomplete.", + "properties": { + "evaluationError": { + "description": "EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn't support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.", + "type": "string" + }, + "incomplete": { + "description": "Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.", + "type": "boolean" + }, + "nonResourceRules": { + "description": "NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", + "items": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceRule" + }, + "type": "array" + }, + "resourceRules": { + "description": "ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", + "items": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceRule" + }, + "type": "array" + } + }, + "required": [ + "resourceRules", + "nonResourceRules", + "incomplete" + ], + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview": { + "description": "LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus", + "description": "Status is filled in by the server and indicates whether the request is allowed or not" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "LocalSubjectAccessReview", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.authorization.v1beta1.NonResourceAttributes": { + "description": "NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface", + "properties": { + "path": { + "description": "Path is the URL path of the request", + "type": "string" + }, + "verb": { + "description": "Verb is the standard HTTP verb", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.NonResourceRule": { + "description": "NonResourceRule holds information that describes a rule for the non-resource", + "properties": { + "nonResourceURLs": { + "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + }, + "verbs": { + "description": "Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "verbs" + ], + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.ResourceAttributes": { + "description": "ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface", + "properties": { + "group": { + "description": "Group is the API Group of the Resource. \"*\" means all.", + "type": "string" + }, + "name": { + "description": "Name is the name of the resource being requested for a \"get\" or deleted for a \"delete\". \"\" (empty) means all.", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces \"\" (empty) is defaulted for LocalSubjectAccessReviews \"\" (empty) is empty for cluster-scoped resources \"\" (empty) means \"all\" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview", + "type": "string" + }, + "resource": { + "description": "Resource is one of the existing resource types. \"*\" means all.", + "type": "string" + }, + "subresource": { + "description": "Subresource is one of the existing resource types. \"\" means none.", + "type": "string" + }, + "verb": { + "description": "Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", + "type": "string" + }, + "version": { + "description": "Version is the API Version of the Resource. \"*\" means all.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.ResourceRule": { + "description": "ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", + "properties": { + "apiGroups": { + "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resourceNames": { + "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resources": { + "description": "Resources is a list of resources this rule applies to. \"*\" means all in the specified apiGroups.\n \"*/foo\" represents the subresource 'foo' for all resources in the specified apiGroups.", + "items": { + "type": "string" + }, + "type": "array" + }, + "verbs": { + "description": "Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "verbs" + ], + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview": { + "description": "SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means \"in all namespaces\". Self is a special case, because users should always be able to check whether they can perform an action", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated. user and groups must be empty" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus", + "description": "Status is filled in by the server and indicates whether the request is allowed or not" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "SelfSubjectAccessReview", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec": { + "description": "SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", + "properties": { + "nonResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceAttributes", + "description": "NonResourceAttributes describes information for a non-resource access request" + }, + "resourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes", + "description": "ResourceAuthorizationAttributes describes information for a resource access request" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview": { + "description": "SelfSubjectRulesReview enumerates the set of actions the current user can perform within a namespace. The returned list of actions may be incomplete depending on the server's authorization mode, and any errors experienced during the evaluation. SelfSubjectRulesReview should be used by UIs to show/hide actions, or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns. SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReviewSpec", + "description": "Spec holds information about the request being evaluated." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectRulesReviewStatus", + "description": "Status is filled in by the server and indicates the set of actions a user can perform." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "SelfSubjectRulesReview", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.authorization.v1beta1.SelfSubjectRulesReviewSpec": { + "properties": { + "namespace": { + "description": "Namespace to evaluate rules for. Required.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.SubjectAccessReview": { + "description": "SubjectAccessReview checks whether or not a user or group can perform an action.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus", + "description": "Status is filled in by the server and indicates whether the request is allowed or not" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authorization.k8s.io", + "kind": "SubjectAccessReview", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec": { + "description": "SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", + "properties": { + "extra": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.", + "type": "object" + }, + "group": { + "description": "Groups is the groups you're testing for.", + "items": { + "type": "string" + }, + "type": "array" + }, + "nonResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceAttributes", + "description": "NonResourceAttributes describes information for a non-resource access request" + }, + "resourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes", + "description": "ResourceAuthorizationAttributes describes information for a resource access request" + }, + "uid": { + "description": "UID information about the requesting user.", + "type": "string" + }, + "user": { + "description": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus": { + "description": "SubjectAccessReviewStatus", + "properties": { + "allowed": { + "description": "Allowed is required. True if the action would be allowed, false otherwise.", + "type": "boolean" + }, + "denied": { + "description": "Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.", + "type": "boolean" + }, + "evaluationError": { + "description": "EvaluationError is an indication that some error occurred during the authorization check. It is entirely possible to get an error and be able to continue determine authorization status in spite of it. For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.", + "type": "string" + }, + "reason": { + "description": "Reason is optional. It indicates why a request was allowed or denied.", + "type": "string" + } + }, + "required": [ + "allowed" + ], + "type": "object" + }, + "io.k8s.api.authorization.v1beta1.SubjectRulesReviewStatus": { + "description": "SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission, even if that list is incomplete.", + "properties": { + "evaluationError": { + "description": "EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn't support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.", + "type": "string" + }, + "incomplete": { + "description": "Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.", + "type": "boolean" + }, + "nonResourceRules": { + "description": "NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", + "items": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceRule" + }, + "type": "array" + }, + "resourceRules": { + "description": "ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", + "items": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceRule" + }, + "type": "array" + } + }, + "required": [ + "resourceRules", + "nonResourceRules", + "incomplete" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v1.CrossVersionObjectReference": { + "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", + "properties": { + "apiVersion": { + "description": "API version of the referent", + "type": "string" + }, + "kind": { + "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds\"", + "type": "string" + }, + "name": { + "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler": { + "description": "configuration of a horizontal pod autoscaler.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec", + "description": "behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus", + "description": "current information about the autoscaler." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + ] + }, + "io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList": { + "description": "list of horizontal pod autoscaler objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "list of horizontal pod autoscaler objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "autoscaling", + "kind": "HorizontalPodAutoscalerList", + "version": "v1" + } + ] + }, + "io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec": { + "description": "specification of a horizontal pod autoscaler.", + "properties": { + "maxReplicas": { + "description": "upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.", + "format": "int32", + "type": "integer" + }, + "minReplicas": { + "description": "lower limit for the number of pods that can be set by the autoscaler, default 1.", + "format": "int32", + "type": "integer" + }, + "scaleTargetRef": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.CrossVersionObjectReference", + "description": "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource." + }, + "targetCPUUtilizationPercentage": { + "description": "target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "scaleTargetRef", + "maxReplicas" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus": { + "description": "current status of a horizontal pod autoscaler", + "properties": { + "currentCPUUtilizationPercentage": { + "description": "current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU.", + "format": "int32", + "type": "integer" + }, + "currentReplicas": { + "description": "current number of replicas of pods managed by this autoscaler.", + "format": "int32", + "type": "integer" + }, + "desiredReplicas": { + "description": "desired number of replicas of pods managed by this autoscaler.", + "format": "int32", + "type": "integer" + }, + "lastScaleTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed." + }, + "observedGeneration": { + "description": "most recent generation observed by this autoscaler.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "currentReplicas", + "desiredReplicas" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v1.Scale": { + "description": "Scale represents a scaling request for a resource.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleSpec", + "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleStatus", + "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + ] + }, + "io.k8s.api.autoscaling.v1.ScaleSpec": { + "description": "ScaleSpec describes the attributes of a scale subresource.", + "properties": { + "replicas": { + "description": "desired number of instances for the scaled object.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.autoscaling.v1.ScaleStatus": { + "description": "ScaleStatus represents the current status of a scale subresource.", + "properties": { + "replicas": { + "description": "actual number of observed instances of the scaled object.", + "format": "int32", + "type": "integer" + }, + "selector": { + "description": "label query over pods that should match the replicas count. This is same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors", + "type": "string" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference": { + "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", + "properties": { + "apiVersion": { + "description": "API version of the referent", + "type": "string" + }, + "kind": { + "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds\"", + "type": "string" + }, + "name": { + "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.ExternalMetricSource": { + "description": "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). Exactly one \"target\" type should be set.", + "properties": { + "metricName": { + "description": "metricName is the name of the metric in question.", + "type": "string" + }, + "metricSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "metricSelector is used to identify a specific time series within a given metric." + }, + "targetAverageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "targetAverageValue is the target per-pod value of global metric (as a quantity). Mutually exclusive with TargetValue." + }, + "targetValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "targetValue is the target value of the metric (as a quantity). Mutually exclusive with TargetAverageValue." + } + }, + "required": [ + "metricName" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.ExternalMetricStatus": { + "description": "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.", + "properties": { + "currentAverageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "currentAverageValue is the current value of metric averaged over autoscaled pods." + }, + "currentValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "currentValue is the current value of the metric (as a quantity)" + }, + "metricName": { + "description": "metricName is the name of a metric used for autoscaling in metric system.", + "type": "string" + }, + "metricSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "metricSelector is used to identify a specific time series within a given metric." + } + }, + "required": [ + "metricName", + "currentValue" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler": { + "description": "HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerSpec", + "description": "spec is the specification for the behaviour of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerStatus", + "description": "status is the current information about the autoscaler." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + ] + }, + "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerCondition": { + "description": "HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "lastTransitionTime is the last time the condition transitioned from one status to another" + }, + "message": { + "description": "message is a human-readable explanation containing details about the transition", + "type": "string" + }, + "reason": { + "description": "reason is the reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "status is the status of the condition (True, False, Unknown)", + "type": "string" + }, + "type": { + "description": "type describes the current condition", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerList": { + "description": "HorizontalPodAutoscaler is a list of horizontal pod autoscaler objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of horizontal pod autoscaler objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "metadata is the standard list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "autoscaling", + "kind": "HorizontalPodAutoscalerList", + "version": "v2beta1" + } + ] + }, + "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerSpec": { + "description": "HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.", + "properties": { + "maxReplicas": { + "description": "maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.", + "format": "int32", + "type": "integer" + }, + "metrics": { + "description": "metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.MetricSpec" + }, + "type": "array" + }, + "minReplicas": { + "description": "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod.", + "format": "int32", + "type": "integer" + }, + "scaleTargetRef": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference", + "description": "scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count." + } + }, + "required": [ + "scaleTargetRef", + "maxReplicas" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerStatus": { + "description": "HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.", + "properties": { + "conditions": { + "description": "conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerCondition" + }, + "type": "array" + }, + "currentMetrics": { + "description": "currentMetrics is the last read state of the metrics used by this autoscaler.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.MetricStatus" + }, + "type": "array" + }, + "currentReplicas": { + "description": "currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler.", + "format": "int32", + "type": "integer" + }, + "desiredReplicas": { + "description": "desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler.", + "format": "int32", + "type": "integer" + }, + "lastScaleTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed." + }, + "observedGeneration": { + "description": "observedGeneration is the most recent generation observed by this autoscaler.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "currentReplicas", + "desiredReplicas", + "conditions" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.MetricSpec": { + "description": "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).", + "properties": { + "external": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ExternalMetricSource", + "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster)." + }, + "object": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ObjectMetricSource", + "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object)." + }, + "pods": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.PodsMetricSource", + "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value." + }, + "resource": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ResourceMetricSource", + "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source." + }, + "type": { + "description": "type is the type of metric source. It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.MetricStatus": { + "description": "MetricStatus describes the last-read state of a single metric.", + "properties": { + "external": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ExternalMetricStatus", + "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster)." + }, + "object": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ObjectMetricStatus", + "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object)." + }, + "pods": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.PodsMetricStatus", + "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value." + }, + "resource": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ResourceMetricStatus", + "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source." + }, + "type": { + "description": "type is the type of metric source. It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.ObjectMetricSource": { + "description": "ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", + "properties": { + "averageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + }, + "metricName": { + "description": "metricName is the name of the metric in question.", + "type": "string" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping When unset, just the metricName will be used to gather metrics." + }, + "target": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference", + "description": "target is the described Kubernetes object." + }, + "targetValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "targetValue is the target value of the metric (as a quantity)." + } + }, + "required": [ + "target", + "metricName", + "targetValue" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.ObjectMetricStatus": { + "description": "ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", + "properties": { + "averageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "averageValue is the current value of the average of the metric across all relevant pods (as a quantity)" + }, + "currentValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "currentValue is the current value of the metric (as a quantity)." + }, + "metricName": { + "description": "metricName is the name of the metric in question.", + "type": "string" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set in the ObjectMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics." + }, + "target": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference", + "description": "target is the described Kubernetes object." + } + }, + "required": [ + "target", + "metricName", + "currentValue" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.PodsMetricSource": { + "description": "PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", + "properties": { + "metricName": { + "description": "metricName is the name of the metric in question", + "type": "string" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping When unset, just the metricName will be used to gather metrics." + }, + "targetAverageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "targetAverageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + } + }, + "required": [ + "metricName", + "targetAverageValue" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.PodsMetricStatus": { + "description": "PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second).", + "properties": { + "currentAverageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "currentAverageValue is the current value of the average of the metric across all relevant pods (as a quantity)" + }, + "metricName": { + "description": "metricName is the name of the metric in question", + "type": "string" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set in the PodsMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics." + } + }, + "required": [ + "metricName", + "currentAverageValue" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.ResourceMetricSource": { + "description": "ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source. Only one \"target\" type should be set.", + "properties": { + "name": { + "description": "name is the name of the resource in question.", + "type": "string" + }, + "targetAverageUtilization": { + "description": "targetAverageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods.", + "format": "int32", + "type": "integer" + }, + "targetAverageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "targetAverageValue is the target value of the average of the resource metric across all relevant pods, as a raw value (instead of as a percentage of the request), similar to the \"pods\" metric source type." + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta1.ResourceMetricStatus": { + "description": "ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", + "properties": { + "currentAverageUtilization": { + "description": "currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. It will only be present if `targetAverageValue` was set in the corresponding metric specification.", + "format": "int32", + "type": "integer" + }, + "currentAverageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "currentAverageValue is the current value of the average of the resource metric across all relevant pods, as a raw value (instead of as a percentage of the request), similar to the \"pods\" metric source type. It will always be set, regardless of the corresponding metric specification." + }, + "name": { + "description": "name is the name of the resource in question.", + "type": "string" + } + }, + "required": [ + "name", + "currentAverageValue" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference": { + "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", + "properties": { + "apiVersion": { + "description": "API version of the referent", + "type": "string" + }, + "kind": { + "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds\"", + "type": "string" + }, + "name": { + "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.ExternalMetricSource": { + "description": "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).", + "properties": { + "metric": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier", + "description": "metric identifies the target metric by name and selector" + }, + "target": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget", + "description": "target specifies the target value for the given metric" + } + }, + "required": [ + "metric", + "target" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.ExternalMetricStatus": { + "description": "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.", + "properties": { + "current": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus", + "description": "current contains the current value for the given metric" + }, + "metric": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier", + "description": "metric identifies the target metric by name and selector" + } + }, + "required": [ + "metric", + "current" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler": { + "description": "HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerSpec", + "description": "spec is the specification for the behaviour of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerStatus", + "description": "status is the current information about the autoscaler." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + ] + }, + "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerCondition": { + "description": "HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "lastTransitionTime is the last time the condition transitioned from one status to another" + }, + "message": { + "description": "message is a human-readable explanation containing details about the transition", + "type": "string" + }, + "reason": { + "description": "reason is the reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "status is the status of the condition (True, False, Unknown)", + "type": "string" + }, + "type": { + "description": "type describes the current condition", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerList": { + "description": "HorizontalPodAutoscalerList is a list of horizontal pod autoscaler objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of horizontal pod autoscaler objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "metadata is the standard list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "autoscaling", + "kind": "HorizontalPodAutoscalerList", + "version": "v2beta2" + } + ] + }, + "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerSpec": { + "description": "HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.", + "properties": { + "maxReplicas": { + "description": "maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.", + "format": "int32", + "type": "integer" + }, + "metrics": { + "description": "metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricSpec" + }, + "type": "array" + }, + "minReplicas": { + "description": "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod.", + "format": "int32", + "type": "integer" + }, + "scaleTargetRef": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference", + "description": "scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count." + } + }, + "required": [ + "scaleTargetRef", + "maxReplicas" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerStatus": { + "description": "HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.", + "properties": { + "conditions": { + "description": "conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerCondition" + }, + "type": "array" + }, + "currentMetrics": { + "description": "currentMetrics is the last read state of the metrics used by this autoscaler.", + "items": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricStatus" + }, + "type": "array" + }, + "currentReplicas": { + "description": "currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler.", + "format": "int32", + "type": "integer" + }, + "desiredReplicas": { + "description": "desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler.", + "format": "int32", + "type": "integer" + }, + "lastScaleTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed." + }, + "observedGeneration": { + "description": "observedGeneration is the most recent generation observed by this autoscaler.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "currentReplicas", + "desiredReplicas", + "conditions" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.MetricIdentifier": { + "description": "MetricIdentifier defines the name and optionally selector for a metric", + "properties": { + "name": { + "description": "name is the name of the given metric", + "type": "string" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics." + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.MetricSpec": { + "description": "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).", + "properties": { + "external": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ExternalMetricSource", + "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster)." + }, + "object": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ObjectMetricSource", + "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object)." + }, + "pods": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.PodsMetricSource", + "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value." + }, + "resource": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ResourceMetricSource", + "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source." + }, + "type": { + "description": "type is the type of metric source. It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.MetricStatus": { + "description": "MetricStatus describes the last-read state of a single metric.", + "properties": { + "external": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ExternalMetricStatus", + "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster)." + }, + "object": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ObjectMetricStatus", + "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object)." + }, + "pods": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.PodsMetricStatus", + "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value." + }, + "resource": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ResourceMetricStatus", + "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source." + }, + "type": { + "description": "type is the type of metric source. It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.MetricTarget": { + "description": "MetricTarget defines the target value, average value, or average utilization of a specific metric", + "properties": { + "averageUtilization": { + "description": "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type", + "format": "int32", + "type": "integer" + }, + "averageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + }, + "type": { + "description": "type represents whether the metric type is Utilization, Value, or AverageValue", + "type": "string" + }, + "value": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "value is the target value of the metric (as a quantity)." + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.MetricValueStatus": { + "description": "MetricValueStatus holds the current value for a metric", + "properties": { + "averageUtilization": { + "description": "currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods.", + "format": "int32", + "type": "integer" + }, + "averageValue": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "averageValue is the current value of the average of the metric across all relevant pods (as a quantity)" + }, + "value": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "value is the current value of the metric (as a quantity)." + } + }, + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.ObjectMetricSource": { + "description": "ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", + "properties": { + "describedObject": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference" + }, + "metric": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier", + "description": "metric identifies the target metric by name and selector" + }, + "target": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget", + "description": "target specifies the target value for the given metric" + } + }, + "required": [ + "describedObject", + "target", + "metric" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.ObjectMetricStatus": { + "description": "ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", + "properties": { + "current": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus", + "description": "current contains the current value for the given metric" + }, + "describedObject": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference" + }, + "metric": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier", + "description": "metric identifies the target metric by name and selector" + } + }, + "required": [ + "metric", + "current", + "describedObject" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.PodsMetricSource": { + "description": "PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", + "properties": { + "metric": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier", + "description": "metric identifies the target metric by name and selector" + }, + "target": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget", + "description": "target specifies the target value for the given metric" + } + }, + "required": [ + "metric", + "target" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.PodsMetricStatus": { + "description": "PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second).", + "properties": { + "current": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus", + "description": "current contains the current value for the given metric" + }, + "metric": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier", + "description": "metric identifies the target metric by name and selector" + } + }, + "required": [ + "metric", + "current" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.ResourceMetricSource": { + "description": "ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source. Only one \"target\" type should be set.", + "properties": { + "name": { + "description": "name is the name of the resource in question.", + "type": "string" + }, + "target": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget", + "description": "target specifies the target value for the given metric" + } + }, + "required": [ + "name", + "target" + ], + "type": "object" + }, + "io.k8s.api.autoscaling.v2beta2.ResourceMetricStatus": { + "description": "ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", + "properties": { + "current": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus", + "description": "current contains the current value for the given metric" + }, + "name": { + "description": "Name is the name of the resource in question.", + "type": "string" + } + }, + "required": [ + "name", + "current" + ], + "type": "object" + }, + "io.k8s.api.batch.v1.Job": { + "description": "Job represents the configuration of a single job.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec", + "description": "Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobStatus", + "description": "Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "batch", + "kind": "Job", + "version": "v1" + } + ] + }, + "io.k8s.api.batch.v1.JobCondition": { + "description": "JobCondition describes current state of a job.", + "properties": { + "lastProbeTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition was checked." + }, + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transit from one status to another." + }, + "message": { + "description": "Human readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "(brief) reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of job condition, Complete or Failed.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.batch.v1.JobList": { + "description": "JobList is a collection of jobs.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of Jobs.", + "items": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "batch", + "kind": "JobList", + "version": "v1" + } + ] + }, + "io.k8s.api.batch.v1.JobSpec": { + "description": "JobSpec describes how the job execution will look like.", + "properties": { + "activeDeadlineSeconds": { + "description": "Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it; value must be positive integer", + "format": "int64", + "type": "integer" + }, + "backoffLimit": { + "description": "Specifies the number of retries before marking this job failed. Defaults to 6", + "format": "int32", + "type": "integer" + }, + "completions": { + "description": "Specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", + "format": "int32", + "type": "integer" + }, + "manualSelector": { + "description": "manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` unset unless you are certain what you are doing. When false or unset, the system pick labels unique to this job and appends those labels to the pod template. When true, the user is responsible for picking unique labels and specifying the selector. Failure to pick a unique label may cause this and other jobs to not function correctly. However, You may see `manualSelector=true` in jobs that were created with the old `extensions/v1beta1` API. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector", + "type": "boolean" + }, + "parallelism": { + "description": "Specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "A label query over pods that should match the pod count. Normally, the system sets this field for you. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Describes the pod that will be created when executing a job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + }, + "ttlSecondsAfterFinished": { + "description": "ttlSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. This field is alpha-level and is only honored by servers that enable the TTLAfterFinished feature.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "template" + ], + "type": "object" + }, + "io.k8s.api.batch.v1.JobStatus": { + "description": "JobStatus represents the current state of a Job.", + "properties": { + "active": { + "description": "The number of actively running pods.", + "format": "int32", + "type": "integer" + }, + "completionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Represents time when the job was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC." + }, + "conditions": { + "description": "The latest available observations of an object's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", + "items": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "failed": { + "description": "The number of pods which reached phase Failed.", + "format": "int32", + "type": "integer" + }, + "startTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Represents time when the job was acknowledged by the job controller. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC." + }, + "succeeded": { + "description": "The number of pods which reached phase Succeeded.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.batch.v1beta1.CronJob": { + "description": "CronJob represents the configuration of a single cron job.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobSpec", + "description": "Specification of the desired behavior of a cron job, including the schedule. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobStatus", + "description": "Current status of a cron job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.batch.v1beta1.CronJobList": { + "description": "CronJobList is a collection of cron jobs.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of CronJobs.", + "items": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "batch", + "kind": "CronJobList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.batch.v1beta1.CronJobSpec": { + "description": "CronJobSpec describes how the job execution will look like and when it will actually run.", + "properties": { + "concurrencyPolicy": { + "description": "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\" (default): allows CronJobs to run concurrently; - \"Forbid\": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one", + "type": "string" + }, + "failedJobsHistoryLimit": { + "description": "The number of failed finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", + "format": "int32", + "type": "integer" + }, + "jobTemplate": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.JobTemplateSpec", + "description": "Specifies the job that will be created when executing a CronJob." + }, + "schedule": { + "description": "The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.", + "type": "string" + }, + "startingDeadlineSeconds": { + "description": "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones.", + "format": "int64", + "type": "integer" + }, + "successfulJobsHistoryLimit": { + "description": "The number of successful finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified. Defaults to 3.", + "format": "int32", + "type": "integer" + }, + "suspend": { + "description": "This flag tells the controller to suspend subsequent executions, it does not apply to already started executions. Defaults to false.", + "type": "boolean" + } + }, + "required": [ + "schedule", + "jobTemplate" + ], + "type": "object" + }, + "io.k8s.api.batch.v1beta1.CronJobStatus": { + "description": "CronJobStatus represents the current state of a cron job.", + "properties": { + "active": { + "description": "A list of pointers to currently running jobs.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" + }, + "type": "array" + }, + "lastScheduleTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Information when was the last time the job was successfully scheduled." + } + }, + "type": "object" + }, + "io.k8s.api.batch.v1beta1.JobTemplateSpec": { + "description": "JobTemplateSpec describes the data a Job should have when created from a template", + "properties": { + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata of the jobs created from this template. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec", + "description": "Specification of the desired behavior of the job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object" + }, + "io.k8s.api.batch.v2alpha1.CronJob": { + "description": "CronJob represents the configuration of a single cron job.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobSpec", + "description": "Specification of the desired behavior of a cron job, including the schedule. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobStatus", + "description": "Current status of a cron job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + ] + }, + "io.k8s.api.batch.v2alpha1.CronJobList": { + "description": "CronJobList is a collection of cron jobs.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of CronJobs.", + "items": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "batch", + "kind": "CronJobList", + "version": "v2alpha1" + } + ] + }, + "io.k8s.api.batch.v2alpha1.CronJobSpec": { + "description": "CronJobSpec describes how the job execution will look like and when it will actually run.", + "properties": { + "concurrencyPolicy": { + "description": "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\" (default): allows CronJobs to run concurrently; - \"Forbid\": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one", + "type": "string" + }, + "failedJobsHistoryLimit": { + "description": "The number of failed finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified.", + "format": "int32", + "type": "integer" + }, + "jobTemplate": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.JobTemplateSpec", + "description": "Specifies the job that will be created when executing a CronJob." + }, + "schedule": { + "description": "The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.", + "type": "string" + }, + "startingDeadlineSeconds": { + "description": "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones.", + "format": "int64", + "type": "integer" + }, + "successfulJobsHistoryLimit": { + "description": "The number of successful finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified.", + "format": "int32", + "type": "integer" + }, + "suspend": { + "description": "This flag tells the controller to suspend subsequent executions, it does not apply to already started executions. Defaults to false.", + "type": "boolean" + } + }, + "required": [ + "schedule", + "jobTemplate" + ], + "type": "object" + }, + "io.k8s.api.batch.v2alpha1.CronJobStatus": { + "description": "CronJobStatus represents the current state of a cron job.", + "properties": { + "active": { + "description": "A list of pointers to currently running jobs.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" + }, + "type": "array" + }, + "lastScheduleTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Information when was the last time the job was successfully scheduled." + } + }, + "type": "object" + }, + "io.k8s.api.batch.v2alpha1.JobTemplateSpec": { + "description": "JobTemplateSpec describes the data a Job should have when created from a template", + "properties": { + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata of the jobs created from this template. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec", + "description": "Specification of the desired behavior of the job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object" + }, + "io.k8s.api.certificates.v1beta1.CertificateSigningRequest": { + "description": "Describes a certificate signing request", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec", + "description": "The certificate request itself and any additional information." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus", + "description": "Derived information about the request." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition": { + "properties": { + "lastUpdateTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "timestamp for the last update to this condition" + }, + "message": { + "description": "human readable message with details about the request state", + "type": "string" + }, + "reason": { + "description": "brief reason for the request state", + "type": "string" + }, + "type": { + "description": "request approval state, currently Approved or Denied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "io.k8s.api.certificates.v1beta1.CertificateSigningRequestList": { + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequestList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec": { + "description": "This information is immutable after the request is created. Only the Request and Usages fields can be set on creation, other fields are derived by Kubernetes and cannot be modified by users.", + "properties": { + "extra": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "Extra information about the requesting user. See user.Info interface for details.", + "type": "object" + }, + "groups": { + "description": "Group information about the requesting user. See user.Info interface for details.", + "items": { + "type": "string" + }, + "type": "array" + }, + "request": { + "description": "Base64-encoded PKCS#10 CSR data", + "format": "byte", + "type": "string" + }, + "uid": { + "description": "UID information about the requesting user. See user.Info interface for details.", + "type": "string" + }, + "usages": { + "description": "allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3\n https://tools.ietf.org/html/rfc5280#section-4.2.1.12", + "items": { + "type": "string" + }, + "type": "array" + }, + "username": { + "description": "Information about the requesting user. See user.Info interface for details.", + "type": "string" + } + }, + "required": [ + "request" + ], + "type": "object" + }, + "io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus": { + "properties": { + "certificate": { + "description": "If request was approved, the controller will place the issued certificate here.", + "format": "byte", + "type": "string" + }, + "conditions": { + "description": "Conditions applied to the request, such as approval or denial.", + "items": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.coordination.v1.Lease": { + "description": "Lease defines a lease concept.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.LeaseSpec", + "description": "Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + ] + }, + "io.k8s.api.coordination.v1.LeaseList": { + "description": "LeaseList is a list of Lease objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "coordination.k8s.io", + "kind": "LeaseList", + "version": "v1" + } + ] + }, + "io.k8s.api.coordination.v1.LeaseSpec": { + "description": "LeaseSpec is a specification of a Lease.", + "properties": { + "acquireTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "acquireTime is a time when the current lease was acquired." + }, + "holderIdentity": { + "description": "holderIdentity contains the identity of the holder of a current lease.", + "type": "string" + }, + "leaseDurationSeconds": { + "description": "leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime.", + "format": "int32", + "type": "integer" + }, + "leaseTransitions": { + "description": "leaseTransitions is the number of transitions of a lease between holders.", + "format": "int32", + "type": "integer" + }, + "renewTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "renewTime is a time when the current holder of a lease has last updated the lease." + } + }, + "type": "object" + }, + "io.k8s.api.coordination.v1beta1.Lease": { + "description": "Lease defines a lease concept.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.LeaseSpec", + "description": "Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.coordination.v1beta1.LeaseList": { + "description": "LeaseList is a list of Lease objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "coordination.k8s.io", + "kind": "LeaseList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.coordination.v1beta1.LeaseSpec": { + "description": "LeaseSpec is a specification of a Lease.", + "properties": { + "acquireTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "acquireTime is a time when the current lease was acquired." + }, + "holderIdentity": { + "description": "holderIdentity contains the identity of the holder of a current lease.", + "type": "string" + }, + "leaseDurationSeconds": { + "description": "leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime.", + "format": "int32", + "type": "integer" + }, + "leaseTransitions": { + "description": "leaseTransitions is the number of transitions of a lease between holders.", + "format": "int32", + "type": "integer" + }, + "renewTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "renewTime is a time when the current holder of a lease has last updated the lease." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource": { + "description": "Represents a Persistent Disk resource in AWS.\n\nAn AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.", + "properties": { + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + }, + "partition": { + "description": "The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "Specify \"true\" to force and set the ReadOnly property in VolumeMounts to \"true\". If omitted, the default is \"false\". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "Unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Affinity": { + "description": "Affinity is a group of affinity scheduling rules.", + "properties": { + "nodeAffinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeAffinity", + "description": "Describes node affinity scheduling rules for the pod." + }, + "podAffinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinity", + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + }, + "podAntiAffinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAntiAffinity", + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.AttachedVolume": { + "description": "AttachedVolume describes a volume attached to a node", + "properties": { + "devicePath": { + "description": "DevicePath represents the device path where the volume should be available", + "type": "string" + }, + "name": { + "description": "Name of the attached volume", + "type": "string" + } + }, + "required": [ + "name", + "devicePath" + ], + "type": "object" + }, + "io.k8s.api.core.v1.AzureDiskVolumeSource": { + "description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "The Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "The URI the data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "io.k8s.api.core.v1.AzureFilePersistentVolumeSource": { + "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "secretNamespace": { + "description": "the namespace of the secret that contains Azure Storage Account Name and Key default is the same as the Pod", + "type": "string" + }, + "shareName": { + "description": "Share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "io.k8s.api.core.v1.AzureFileVolumeSource": { + "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "Share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Binding": { + "description": "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "target": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "The target object that you want to bind to the standard object." + } + }, + "required": [ + "target" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Binding", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.CSIPersistentVolumeSource": { + "description": "Represents storage that is managed by an external CSI volume driver (Beta feature)", + "properties": { + "controllerPublishSecretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "ControllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed." + }, + "driver": { + "description": "Driver is the name of the driver to use for this volume. Required.", + "type": "string" + }, + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\".", + "type": "string" + }, + "nodePublishSecretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed." + }, + "nodeStageSecretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "NodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed." + }, + "readOnly": { + "description": "Optional: The value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "Attributes of the volume to publish.", + "type": "object" + }, + "volumeHandle": { + "description": "VolumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.", + "type": "string" + } + }, + "required": [ + "driver", + "volumeHandle" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Capabilities": { + "description": "Adds and removes POSIX capabilities from running containers.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.CephFSPersistentVolumeSource": { + "description": "Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.", + "properties": { + "monitors": { + "description": "Required: Monitors is a collection of Ceph monitors More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it" + }, + "user": { + "description": "Optional: User is the rados user name, default is admin More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "io.k8s.api.core.v1.CephFSVolumeSource": { + "description": "Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.", + "properties": { + "monitors": { + "description": "Required: Monitors is a collection of Ceph monitors More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it" + }, + "user": { + "description": "Optional: User is the rados user name, default is admin More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "io.k8s.api.core.v1.CinderPersistentVolumeSource": { + "description": "Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "Optional: points to a secret object containing parameters used to connect to OpenStack." + }, + "volumeID": { + "description": "volume id used to identify the volume in cinder More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "io.k8s.api.core.v1.CinderVolumeSource": { + "description": "Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "Optional: points to a secret object containing parameters used to connect to OpenStack." + }, + "volumeID": { + "description": "volume id used to identify the volume in cinder More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ClientIPConfig": { + "description": "ClientIPConfig represents the configurations of Client IP based session affinity.", + "properties": { + "timeoutSeconds": { + "description": "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ComponentCondition": { + "description": "Information about the condition of a component.", + "properties": { + "error": { + "description": "Condition error code for a component. For example, a health check error code.", + "type": "string" + }, + "message": { + "description": "Message about the condition for a component. For example, information about a health check.", + "type": "string" + }, + "status": { + "description": "Status of the condition for a component. Valid values for \"Healthy\": \"True\", \"False\", or \"Unknown\".", + "type": "string" + }, + "type": { + "description": "Type of condition for a component. Valid value: \"Healthy\"", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ComponentStatus": { + "description": "ComponentStatus (and ComponentStatusList) holds the cluster validation info.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "conditions": { + "description": "List of component conditions observed", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ComponentCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ComponentStatus", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ComponentStatusList": { + "description": "Status of all the conditions for the component as a list of ComponentStatus objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of ComponentStatus objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatus" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ComponentStatusList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ConfigMap": { + "description": "ConfigMap holds configuration data for pods to consume.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "binaryData": { + "additionalProperties": { + "format": "byte", + "type": "string" + }, + "description": "BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.", + "type": "object" + }, + "data": { + "additionalProperties": { + "type": "string" + }, + "description": "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.", + "type": "object" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ConfigMapEnvSource": { + "description": "ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ConfigMapKeySelector": { + "description": "Selects a key from a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or it's key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ConfigMapList": { + "description": "ConfigMapList is a resource containing a list of ConfigMap objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of ConfigMaps.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ConfigMapList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ConfigMapNodeConfigSource": { + "description": "ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node.", + "properties": { + "kubeletConfigKey": { + "description": "KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure This field is required in all cases.", + "type": "string" + }, + "name": { + "description": "Name is the metadata.name of the referenced ConfigMap. This field is required in all cases.", + "type": "string" + }, + "namespace": { + "description": "Namespace is the metadata.namespace of the referenced ConfigMap. This field is required in all cases.", + "type": "string" + }, + "resourceVersion": { + "description": "ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.", + "type": "string" + }, + "uid": { + "description": "UID is the metadata.UID of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.", + "type": "string" + } + }, + "required": [ + "namespace", + "name", + "kubeletConfigKey" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ConfigMapProjection": { + "description": "Adapts a ConfigMap into a projected volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a projected volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. Note that this is identical to a configmap volume source without the default mode.", + "properties": { + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or it's keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ConfigMapVolumeSource": { + "description": "Adapts a ConfigMap into a volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or it's keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.Container": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvVar" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvFromSource" + }, + "type": "array" + }, + "image": { + "description": "Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "$ref": "#/definitions/io.k8s.api.core.v1.Lifecycle", + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + }, + "livenessProbe": { + "$ref": "#/definitions/io.k8s.api.core.v1.Probe", + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerPort" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "containerPort", + "x-kubernetes-patch-strategy": "merge" + }, + "readinessProbe": { + "$ref": "#/definitions/io.k8s.api.core.v1.Probe", + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + }, + "resources": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements", + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/" + }, + "securityContext": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecurityContext", + "description": "Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container. This is a beta feature.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.VolumeDevice" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "devicePath", + "x-kubernetes-patch-strategy": "merge" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.VolumeMount" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "mountPath", + "x-kubernetes-patch-strategy": "merge" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ContainerImage": { + "description": "Describe a container image", + "properties": { + "names": { + "description": "Names by which this image is known. e.g. [\"k8s.gcr.io/hyperkube:v1.0.7\", \"dockerhub.io/google_containers/hyperkube:v1.0.7\"]", + "items": { + "type": "string" + }, + "type": "array" + }, + "sizeBytes": { + "description": "The size of the image in bytes.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "names" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ContainerPort": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ContainerState": { + "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", + "properties": { + "running": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateRunning", + "description": "Details about a running container" + }, + "terminated": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateTerminated", + "description": "Details about a terminated container" + }, + "waiting": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateWaiting", + "description": "Details about a waiting container" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ContainerStateRunning": { + "description": "ContainerStateRunning is a running state of a container.", + "properties": { + "startedAt": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Time at which the container was last (re-)started" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ContainerStateTerminated": { + "description": "ContainerStateTerminated is a terminated state of a container.", + "properties": { + "containerID": { + "description": "Container's ID in the format 'docker://'", + "type": "string" + }, + "exitCode": { + "description": "Exit status from the last termination of the container", + "format": "int32", + "type": "integer" + }, + "finishedAt": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Time at which the container last terminated" + }, + "message": { + "description": "Message regarding the last termination of the container", + "type": "string" + }, + "reason": { + "description": "(brief) reason from the last termination of the container", + "type": "string" + }, + "signal": { + "description": "Signal from the last termination of the container", + "format": "int32", + "type": "integer" + }, + "startedAt": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Time at which previous execution of the container started" + } + }, + "required": [ + "exitCode" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ContainerStateWaiting": { + "description": "ContainerStateWaiting is a waiting state of a container.", + "properties": { + "message": { + "description": "Message regarding why the container is not yet running.", + "type": "string" + }, + "reason": { + "description": "(brief) reason the container is not yet running.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ContainerStatus": { + "description": "ContainerStatus contains details for the current status of this container.", + "properties": { + "containerID": { + "description": "Container's ID in the format 'docker://'.", + "type": "string" + }, + "image": { + "description": "The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images", + "type": "string" + }, + "imageID": { + "description": "ImageID of the container's image.", + "type": "string" + }, + "lastState": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState", + "description": "Details about the container's last termination condition." + }, + "name": { + "description": "This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated.", + "type": "string" + }, + "ready": { + "description": "Specifies whether the container has passed its readiness probe.", + "type": "boolean" + }, + "restartCount": { + "description": "The number of times the container has been restarted, currently based on the number of dead containers that have not yet been removed. Note that this is calculated from dead containers. But those containers are subject to garbage collection. This value will get capped at 5 by GC.", + "format": "int32", + "type": "integer" + }, + "state": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState", + "description": "Details about the container's current condition." + } + }, + "required": [ + "name", + "ready", + "restartCount", + "image", + "imageID" + ], + "type": "object" + }, + "io.k8s.api.core.v1.DaemonEndpoint": { + "description": "DaemonEndpoint contains information about a single Daemon endpoint.", + "properties": { + "Port": { + "description": "Port number of the given endpoint.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "Port" + ], + "type": "object" + }, + "io.k8s.api.core.v1.DownwardAPIProjection": { + "description": "Represents downward API info for projecting into a projected volume. Note that this is identical to a downwardAPI volume source without the default mode.", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeFile" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.DownwardAPIVolumeFile": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectFieldSelector", + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + }, + "mode": { + "description": "Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceFieldSelector", + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.DownwardAPIVolumeSource": { + "description": "DownwardAPIVolumeSource represents a volume containing downward API info. Downward API volumes support ownership management and SELinux relabeling.", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeFile" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.EmptyDirVolumeSource": { + "description": "Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.", + "properties": { + "medium": { + "description": "What type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.EndpointAddress": { + "description": "EndpointAddress is a tuple that describes single IP address.", + "properties": { + "hostname": { + "description": "The Hostname of this endpoint", + "type": "string" + }, + "ip": { + "description": "The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.", + "type": "string" + }, + "nodeName": { + "description": "Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.", + "type": "string" + }, + "targetRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "Reference to object providing the endpoint." + } + }, + "required": [ + "ip" + ], + "type": "object" + }, + "io.k8s.api.core.v1.EndpointPort": { + "description": "EndpointPort is a tuple that describes a single port.", + "properties": { + "name": { + "description": "The name of this port (corresponds to ServicePort.Name). Must be a DNS_LABEL. Optional only if one port is defined.", + "type": "string" + }, + "port": { + "description": "The port number of the endpoint.", + "format": "int32", + "type": "integer" + }, + "protocol": { + "description": "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "io.k8s.api.core.v1.EndpointSubset": { + "description": "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n {\n Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n }\nThe resulting set of endpoints can be viewed as:\n a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n b: [ 10.10.1.1:309, 10.10.2.2:309 ]", + "properties": { + "addresses": { + "description": "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointAddress" + }, + "type": "array" + }, + "notReadyAddresses": { + "description": "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointAddress" + }, + "type": "array" + }, + "ports": { + "description": "Port numbers available on the related IP addresses.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointPort" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.Endpoints": { + "description": "Endpoints is a collection of endpoints that implement the actual service. Example:\n Name: \"mysvc\",\n Subsets: [\n {\n Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n },\n {\n Addresses: [{\"ip\": \"10.10.3.3\"}],\n Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n },\n ]", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "subsets": { + "description": "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointSubset" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.EndpointsList": { + "description": "EndpointsList is a list of endpoints.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of endpoints.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "EndpointsList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.EnvFromSource": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapEnvSource", + "description": "The ConfigMap to select from" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretEnvSource", + "description": "The Secret to select from" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.EnvVar": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvVarSource", + "description": "Source for the environment variable's value. Cannot be used if value is not empty." + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "io.k8s.api.core.v1.EnvVarSource": { + "description": "EnvVarSource represents a source for the value of an EnvVar.", + "properties": { + "configMapKeyRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapKeySelector", + "description": "Selects a key of a ConfigMap." + }, + "fieldRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectFieldSelector", + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP." + }, + "resourceFieldRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceFieldSelector", + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + }, + "secretKeyRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector", + "description": "Selects a key of a secret in the pod's namespace" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.Event": { + "description": "Event is a report of an event somewhere in the cluster.", + "properties": { + "action": { + "description": "What action was taken/failed regarding to the Regarding object.", + "type": "string" + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "count": { + "description": "The number of times this event has occurred.", + "format": "int32", + "type": "integer" + }, + "eventTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "Time when this Event was first observed." + }, + "firstTimestamp": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)" + }, + "involvedObject": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "The object that this event is about." + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "lastTimestamp": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The time at which the most recent occurrence of this event was recorded." + }, + "message": { + "description": "A human-readable description of the status of this operation.", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "reason": { + "description": "This should be a short, machine understandable string that gives the reason for the transition into the object's current status.", + "type": "string" + }, + "related": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "Optional secondary object for more complex actions." + }, + "reportingComponent": { + "description": "Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.", + "type": "string" + }, + "reportingInstance": { + "description": "ID of the controller instance, e.g. `kubelet-xyzf`.", + "type": "string" + }, + "series": { + "$ref": "#/definitions/io.k8s.api.core.v1.EventSeries", + "description": "Data about the Event series this event represents or nil if it's a singleton Event." + }, + "source": { + "$ref": "#/definitions/io.k8s.api.core.v1.EventSource", + "description": "The component reporting this event. Should be a short machine understandable string." + }, + "type": { + "description": "Type of this event (Normal, Warning), new types could be added in the future", + "type": "string" + } + }, + "required": [ + "metadata", + "involvedObject" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Event", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.EventList": { + "description": "EventList is a list of events.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of events", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "EventList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.EventSeries": { + "description": "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.", + "properties": { + "count": { + "description": "Number of occurrences in this series up to the last heartbeat time", + "format": "int32", + "type": "integer" + }, + "lastObservedTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "Time of the last occurrence observed" + }, + "state": { + "description": "State of this Series: Ongoing or Finished", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.EventSource": { + "description": "EventSource contains information for an event.", + "properties": { + "component": { + "description": "Component from which the event is generated.", + "type": "string" + }, + "host": { + "description": "Node name on which the event is generated.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ExecAction": { + "description": "ExecAction describes a \"run in container\" action.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.FCVolumeSource": { + "description": "Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "lun": { + "description": "Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.FlexPersistentVolumeSource": { + "description": "FlexPersistentVolumeSource represents a generic persistent volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "Driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional: Extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "io.k8s.api.core.v1.FlexVolumeSource": { + "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "Driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional: Extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "io.k8s.api.core.v1.FlockerVolumeSource": { + "description": "Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.", + "properties": { + "datasetName": { + "description": "Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.GCEPersistentDiskVolumeSource": { + "description": "Represents a Persistent Disk resource in Google Compute Engine.\n\nA GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.", + "properties": { + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "partition": { + "description": "The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "Unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "io.k8s.api.core.v1.GitRepoVolumeSource": { + "description": "Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.\n\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "Target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "Repository URL", + "type": "string" + }, + "revision": { + "description": "Commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "io.k8s.api.core.v1.GlusterfsPersistentVolumeSource": { + "description": "Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.", + "properties": { + "endpoints": { + "description": "EndpointsName is the endpoint name that details Glusterfs topology. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "endpointsNamespace": { + "description": "EndpointsNamespace is the namespace that contains Glusterfs endpoint. If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "Path is the Glusterfs volume path. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.GlusterfsVolumeSource": { + "description": "Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.", + "properties": { + "endpoints": { + "description": "EndpointsName is the endpoint name that details Glusterfs topology. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "Path is the Glusterfs volume path. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.HTTPGetAction": { + "description": "HTTPGetAction describes an action based on HTTP Get requests.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.HTTPHeader" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "io.k8s.api.core.v1.HTTPHeader": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Handler": { + "description": "Handler defines a specific action that should be taken", + "properties": { + "exec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ExecAction", + "description": "One and only one of the following should be specified. Exec specifies the action to take." + }, + "httpGet": { + "$ref": "#/definitions/io.k8s.api.core.v1.HTTPGetAction", + "description": "HTTPGet specifies the http request to perform." + }, + "tcpSocket": { + "$ref": "#/definitions/io.k8s.api.core.v1.TCPSocketAction", + "description": "TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.HostAlias": { + "description": "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.", + "properties": { + "hostnames": { + "description": "Hostnames for the above IP address.", + "items": { + "type": "string" + }, + "type": "array" + }, + "ip": { + "description": "IP address of the host file entry.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.HostPathVolumeSource": { + "description": "Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.", + "properties": { + "path": { + "description": "Path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "Type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ISCSIPersistentVolumeSource": { + "description": "ISCSIPersistentVolumeSource represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.", + "properties": { + "chapAuthDiscovery": { + "description": "whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi", + "type": "string" + }, + "initiatorName": { + "description": "Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "Target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "CHAP Secret for iSCSI target and initiator authentication" + }, + "targetPortal": { + "description": "iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "targetPortal", + "iqn", + "lun" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ISCSIVolumeSource": { + "description": "Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.", + "properties": { + "chapAuthDiscovery": { + "description": "whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi", + "type": "string" + }, + "initiatorName": { + "description": "Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "Target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "CHAP Secret for iSCSI target and initiator authentication" + }, + "targetPortal": { + "description": "iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "targetPortal", + "iqn", + "lun" + ], + "type": "object" + }, + "io.k8s.api.core.v1.KeyToPath": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "The key to project.", + "type": "string" + }, + "mode": { + "description": "Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Lifecycle": { + "description": "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.", + "properties": { + "postStart": { + "$ref": "#/definitions/io.k8s.api.core.v1.Handler", + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + }, + "preStop": { + "$ref": "#/definitions/io.k8s.api.core.v1.Handler", + "description": "PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.LimitRange": { + "description": "LimitRange sets resource usage limits for each kind of resource in a Namespace.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeSpec", + "description": "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.LimitRangeItem": { + "description": "LimitRangeItem defines a min/max usage limit for any resource that matches on kind.", + "properties": { + "default": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Default resource requirement limit value by resource name if resource limit is omitted.", + "type": "object" + }, + "defaultRequest": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "DefaultRequest is the default resource requirement request value by resource name if resource request is omitted.", + "type": "object" + }, + "max": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Max usage constraints on this kind by resource name.", + "type": "object" + }, + "maxLimitRequestRatio": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource.", + "type": "object" + }, + "min": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Min usage constraints on this kind by resource name.", + "type": "object" + }, + "type": { + "description": "Type of resource that this limit applies to.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.LimitRangeList": { + "description": "LimitRangeList is a list of LimitRange items.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of LimitRange objects. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "LimitRangeList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.LimitRangeSpec": { + "description": "LimitRangeSpec defines a min/max usage limit for resources that match on kind.", + "properties": { + "limits": { + "description": "Limits is the list of LimitRangeItem objects that are enforced.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeItem" + }, + "type": "array" + } + }, + "required": [ + "limits" + ], + "type": "object" + }, + "io.k8s.api.core.v1.LoadBalancerIngress": { + "description": "LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.", + "properties": { + "hostname": { + "description": "Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)", + "type": "string" + }, + "ip": { + "description": "IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.LoadBalancerStatus": { + "description": "LoadBalancerStatus represents the status of a load-balancer.", + "properties": { + "ingress": { + "description": "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerIngress" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.LocalObjectReference": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.LocalVolumeSource": { + "description": "Local represents directly-attached storage with node affinity (Beta feature)", + "properties": { + "fsType": { + "description": "Filesystem type to mount. It applies only when the Path is a block device. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default value is to auto-select a fileystem if unspecified.", + "type": "string" + }, + "path": { + "description": "The full path to the volume on the node. It can be either a directory or block device (disk, partition, ...).", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.NFSVolumeSource": { + "description": "Represents an NFS mount that lasts the lifetime of a pod. NFS volumes do not support ownership management or SELinux relabeling.", + "properties": { + "path": { + "description": "Path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "Server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "server", + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Namespace": { + "description": "Namespace provides a scope for Names. Use of multiple namespaces is optional.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceSpec", + "description": "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceStatus", + "description": "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Namespace", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.NamespaceList": { + "description": "NamespaceList is a list of Namespaces.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of Namespace objects in the list. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "NamespaceList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.NamespaceSpec": { + "description": "NamespaceSpec describes the attributes on a Namespace.", + "properties": { + "finalizers": { + "description": "Finalizers is an opaque list of values that must be empty to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NamespaceStatus": { + "description": "NamespaceStatus is information about the current status of a Namespace.", + "properties": { + "phase": { + "description": "Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.Node": { + "description": "Node is a worker node in Kubernetes. Each node will have a unique identifier in the cache (i.e. in etcd).", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSpec", + "description": "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeStatus", + "description": "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Node", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.NodeAddress": { + "description": "NodeAddress contains information for the node's address.", + "properties": { + "address": { + "description": "The node address.", + "type": "string" + }, + "type": { + "description": "Node address type, one of Hostname, ExternalIP or InternalIP.", + "type": "string" + } + }, + "required": [ + "type", + "address" + ], + "type": "object" + }, + "io.k8s.api.core.v1.NodeAffinity": { + "description": "Node affinity is a group of node affinity scheduling rules.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PreferredSchedulingTerm" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector", + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NodeCondition": { + "description": "NodeCondition contains condition information for a node.", + "properties": { + "lastHeartbeatTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time we got an update on a given condition." + }, + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transit from one status to another." + }, + "message": { + "description": "Human readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "(brief) reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of node condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.core.v1.NodeConfigSource": { + "description": "NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil.", + "properties": { + "configMap": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapNodeConfigSource", + "description": "ConfigMap is a reference to a Node's ConfigMap" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NodeConfigStatus": { + "description": "NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource.", + "properties": { + "active": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource", + "description": "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error." + }, + "assigned": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource", + "description": "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned." + }, + "error": { + "description": "Error describes any problems reconciling the Spec.ConfigSource to the Active config. Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting to load or validate the Assigned config, etc. Errors may occur at different points while syncing config. Earlier errors (e.g. download or checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error by fixing the config assigned in Spec.ConfigSource. You can find additional information for debugging by searching the error message in the Kubelet log. Error is a human-readable description of the error state; machines can check whether or not Error is empty, but should not rely on the stability of the Error text across Kubelet versions.", + "type": "string" + }, + "lastKnownGood": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource", + "description": "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NodeDaemonEndpoints": { + "description": "NodeDaemonEndpoints lists ports opened by daemons running on the Node.", + "properties": { + "kubeletEndpoint": { + "$ref": "#/definitions/io.k8s.api.core.v1.DaemonEndpoint", + "description": "Endpoint on which Kubelet is listening." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NodeList": { + "description": "NodeList is the whole list of all Nodes which have been registered with master.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of nodes", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "NodeList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.NodeSelector": { + "description": "A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorTerm" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + }, + "io.k8s.api.core.v1.NodeSelectorRequirement": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "io.k8s.api.core.v1.NodeSelectorTerm": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorRequirement" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorRequirement" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NodeSpec": { + "description": "NodeSpec describes the attributes that a node is created with.", + "properties": { + "configSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource", + "description": "If specified, the source to get node configuration from The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field" + }, + "externalID": { + "description": "Deprecated. Not all kubelets will set this field. Remove field after 1.13. see: https://issues.k8s.io/61966", + "type": "string" + }, + "podCIDR": { + "description": "PodCIDR represents the pod IP range assigned to the node.", + "type": "string" + }, + "providerID": { + "description": "ID of the node assigned by the cloud provider in the format: ://", + "type": "string" + }, + "taints": { + "description": "If specified, the node's taints.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Taint" + }, + "type": "array" + }, + "unschedulable": { + "description": "Unschedulable controls node schedulability of new pods. By default, node is schedulable. More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NodeStatus": { + "description": "NodeStatus is information about the current status of a node.", + "properties": { + "addresses": { + "description": "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeAddress" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "allocatable": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Allocatable represents the resources of a node that are available for scheduling. Defaults to Capacity.", + "type": "object" + }, + "capacity": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + "type": "object" + }, + "conditions": { + "description": "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "config": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigStatus", + "description": "Status of the config assigned to the node via the dynamic Kubelet config feature." + }, + "daemonEndpoints": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeDaemonEndpoints", + "description": "Endpoints of daemons running on the Node." + }, + "images": { + "description": "List of container images on this node", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerImage" + }, + "type": "array" + }, + "nodeInfo": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSystemInfo", + "description": "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info" + }, + "phase": { + "description": "NodePhase is the recently observed lifecycle phase of the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never populated, and now is deprecated.", + "type": "string" + }, + "volumesAttached": { + "description": "List of volumes that are attached to the node.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.AttachedVolume" + }, + "type": "array" + }, + "volumesInUse": { + "description": "List of attachable volumes in use (mounted) by the node.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.NodeSystemInfo": { + "description": "NodeSystemInfo is a set of ids/uuids to uniquely identify the node.", + "properties": { + "architecture": { + "description": "The Architecture reported by the node", + "type": "string" + }, + "bootID": { + "description": "Boot ID reported by the node.", + "type": "string" + }, + "containerRuntimeVersion": { + "description": "ContainerRuntime Version reported by the node through runtime remote API (e.g. docker://1.5.0).", + "type": "string" + }, + "kernelVersion": { + "description": "Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64).", + "type": "string" + }, + "kubeProxyVersion": { + "description": "KubeProxy Version reported by the node.", + "type": "string" + }, + "kubeletVersion": { + "description": "Kubelet Version reported by the node.", + "type": "string" + }, + "machineID": { + "description": "MachineID reported by the node. For unique machine identification in the cluster this field is preferred. Learn more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html", + "type": "string" + }, + "operatingSystem": { + "description": "The Operating System reported by the node", + "type": "string" + }, + "osImage": { + "description": "OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)).", + "type": "string" + }, + "systemUUID": { + "description": "SystemUUID reported by the node. For unique machine identification MachineID is preferred. This field is specific to Red Hat hosts https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/getting-system-uuid.html", + "type": "string" + } + }, + "required": [ + "machineID", + "systemUUID", + "bootID", + "kernelVersion", + "osImage", + "containerRuntimeVersion", + "kubeletVersion", + "kubeProxyVersion", + "operatingSystem", + "architecture" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ObjectFieldSelector": { + "description": "ObjectFieldSelector selects an APIVersioned field of an object.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ObjectReference": { + "description": "ObjectReference contains enough information to let you inspect or modify the referred object.", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "fieldPath": { + "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.", + "type": "string" + }, + "kind": { + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "type": "string" + }, + "resourceVersion": { + "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "uid": { + "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PersistentVolume": { + "description": "PersistentVolume (PV) is a storage resource provisioned by an administrator. It is analogous to a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeSpec", + "description": "Spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeStatus", + "description": "Status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PersistentVolumeClaim": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimSpec", + "description": "Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimStatus", + "description": "Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PersistentVolumeClaimCondition": { + "description": "PersistentVolumeClaimCondition contails details about state of pvc", + "properties": { + "lastProbeTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time we probed the condition." + }, + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "Human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.core.v1.PersistentVolumeClaimList": { + "description": "PersistentVolumeClaimList is a list of PersistentVolumeClaim items.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "A list of persistent volume claims. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "PersistentVolumeClaimList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PersistentVolumeClaimSpec": { + "description": "PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes", + "properties": { + "accessModes": { + "description": "AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.TypedLocalObjectReference", + "description": "This field requires the VolumeSnapshotDataSource alpha feature gate to be enabled and currently VolumeSnapshot is the only supported data source. If the provisioner can support VolumeSnapshot data source, it will create a new volume and data will be restored to the volume at the same time. If the provisioner does not support VolumeSnapshot data source, volume will not be created and the failure will be reported as an event. In the future, we plan to support more data source types and the behavior of the provisioner may change." + }, + "resources": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements", + "description": "Resources represents the minimum resources the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "A label query over volumes to consider for binding." + }, + "storageClassName": { + "description": "Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. This is a beta feature.", + "type": "string" + }, + "volumeName": { + "description": "VolumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PersistentVolumeClaimStatus": { + "description": "PersistentVolumeClaimStatus is the current status of a persistent volume claim.", + "properties": { + "accessModes": { + "description": "AccessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "capacity": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Represents the actual resources of the underlying volume.", + "type": "object" + }, + "conditions": { + "description": "Current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "phase": { + "description": "Phase represents the current phase of PersistentVolumeClaim.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource": { + "description": "PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).", + "properties": { + "claimName": { + "description": "ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "io.k8s.api.core.v1.PersistentVolumeList": { + "description": "PersistentVolumeList is a list of PersistentVolume items.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of persistent volumes. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "PersistentVolumeList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PersistentVolumeSpec": { + "description": "PersistentVolumeSpec is the specification of a persistent volume.", + "properties": { + "accessModes": { + "description": "AccessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes", + "items": { + "type": "string" + }, + "type": "array" + }, + "awsElasticBlockStore": { + "$ref": "#/definitions/io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource", + "description": "AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + }, + "azureDisk": { + "$ref": "#/definitions/io.k8s.api.core.v1.AzureDiskVolumeSource", + "description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + }, + "azureFile": { + "$ref": "#/definitions/io.k8s.api.core.v1.AzureFilePersistentVolumeSource", + "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod." + }, + "capacity": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "A description of the persistent volume's resources and capacity. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", + "type": "object" + }, + "cephfs": { + "$ref": "#/definitions/io.k8s.api.core.v1.CephFSPersistentVolumeSource", + "description": "CephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + }, + "cinder": { + "$ref": "#/definitions/io.k8s.api.core.v1.CinderPersistentVolumeSource", + "description": "Cinder represents a cinder volume attached and mounted on kubelets host machine More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md" + }, + "claimRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding" + }, + "csi": { + "$ref": "#/definitions/io.k8s.api.core.v1.CSIPersistentVolumeSource", + "description": "CSI represents storage that handled by an external CSI driver (Beta feature)." + }, + "fc": { + "$ref": "#/definitions/io.k8s.api.core.v1.FCVolumeSource", + "description": "FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." + }, + "flexVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.FlexPersistentVolumeSource", + "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + }, + "flocker": { + "$ref": "#/definitions/io.k8s.api.core.v1.FlockerVolumeSource", + "description": "Flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running" + }, + "gcePersistentDisk": { + "$ref": "#/definitions/io.k8s.api.core.v1.GCEPersistentDiskVolumeSource", + "description": "GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + }, + "glusterfs": { + "$ref": "#/definitions/io.k8s.api.core.v1.GlusterfsPersistentVolumeSource", + "description": "Glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md" + }, + "hostPath": { + "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource", + "description": "HostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + }, + "iscsi": { + "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIPersistentVolumeSource", + "description": "ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin." + }, + "local": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalVolumeSource", + "description": "Local represents directly-attached storage with node affinity" + }, + "mountOptions": { + "description": "A list of mount options, e.g. [\"ro\", \"soft\"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options", + "items": { + "type": "string" + }, + "type": "array" + }, + "nfs": { + "$ref": "#/definitions/io.k8s.api.core.v1.NFSVolumeSource", + "description": "NFS represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + }, + "nodeAffinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.VolumeNodeAffinity", + "description": "NodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume." + }, + "persistentVolumeReclaimPolicy": { + "description": "What happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming", + "type": "string" + }, + "photonPersistentDisk": { + "$ref": "#/definitions/io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource", + "description": "PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + }, + "portworxVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.PortworxVolumeSource", + "description": "PortworxVolume represents a portworx volume attached and mounted on kubelets host machine" + }, + "quobyte": { + "$ref": "#/definitions/io.k8s.api.core.v1.QuobyteVolumeSource", + "description": "Quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + }, + "rbd": { + "$ref": "#/definitions/io.k8s.api.core.v1.RBDPersistentVolumeSource", + "description": "RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md" + }, + "scaleIO": { + "$ref": "#/definitions/io.k8s.api.core.v1.ScaleIOPersistentVolumeSource", + "description": "ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + }, + "storageClassName": { + "description": "Name of StorageClass to which this persistent volume belongs. Empty value means that this volume does not belong to any StorageClass.", + "type": "string" + }, + "storageos": { + "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSPersistentVolumeSource", + "description": "StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://releases.k8s.io/HEAD/examples/volumes/storageos/README.md" + }, + "volumeMode": { + "description": "volumeMode defines if a volume is intended to be used with a formatted filesystem or to remain in raw block state. Value of Filesystem is implied when not included in spec. This is a beta feature.", + "type": "string" + }, + "vsphereVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource", + "description": "VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PersistentVolumeStatus": { + "description": "PersistentVolumeStatus is the current status of a persistent volume.", + "properties": { + "message": { + "description": "A human-readable message indicating details about why the volume is in this state.", + "type": "string" + }, + "phase": { + "description": "Phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase", + "type": "string" + }, + "reason": { + "description": "Reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource": { + "description": "Represents a Photon Controller persistent disk resource.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Pod": { + "description": "Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodSpec", + "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodStatus", + "description": "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Pod", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PodAffinity": { + "description": "Pod affinity is a group of inter pod affinity scheduling rules.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.WeightedPodAffinityTerm" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PodAffinityTerm": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "A label query over a set of resources, in this case pods." + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "io.k8s.api.core.v1.PodAntiAffinity": { + "description": "Pod anti affinity is a group of inter pod anti affinity scheduling rules.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.WeightedPodAffinityTerm" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PodCondition": { + "description": "PodCondition contains details for the current condition of this pod.", + "properties": { + "lastProbeTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time we probed the condition." + }, + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "Human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "Unique, one-word, CamelCase reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", + "type": "string" + }, + "type": { + "description": "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.core.v1.PodDNSConfig": { + "description": "PodDNSConfig defines the DNS parameters of a pod in addition to those generated from DNSPolicy.", + "properties": { + "nameservers": { + "description": "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "description": "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodDNSConfigOption" + }, + "type": "array" + }, + "searches": { + "description": "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PodDNSConfigOption": { + "description": "PodDNSConfigOption defines DNS resolver options of a pod.", + "properties": { + "name": { + "description": "Required.", + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PodList": { + "description": "PodList is a list of Pods.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of pods. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "PodList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PodReadinessGate": { + "description": "PodReadinessGate contains the reference to a pod condition", + "properties": { + "conditionType": { + "description": "ConditionType refers to a condition in the pod's condition list with matching type.", + "type": "string" + } + }, + "required": [ + "conditionType" + ], + "type": "object" + }, + "io.k8s.api.core.v1.PodSecurityContext": { + "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.", + "format": "int64", + "type": "integer" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions", + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container." + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Sysctl" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PodSpec": { + "description": "PodSpec is a description of a pod.", + "properties": { + "activeDeadlineSeconds": { + "description": "Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.", + "format": "int64", + "type": "integer" + }, + "affinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.Affinity", + "description": "If specified, the pod's scheduling constraints" + }, + "automountServiceAccountToken": { + "description": "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.", + "type": "boolean" + }, + "containers": { + "description": "List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Container" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, + "dnsConfig": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodDNSConfig", + "description": "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy." + }, + "dnsPolicy": { + "description": "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.", + "type": "string" + }, + "enableServiceLinks": { + "description": "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.", + "type": "boolean" + }, + "hostAliases": { + "description": "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.HostAlias" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "ip", + "x-kubernetes-patch-strategy": "merge" + }, + "hostIPC": { + "description": "Use the host's ipc namespace. Optional: Default to false.", + "type": "boolean" + }, + "hostNetwork": { + "description": "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + "type": "boolean" + }, + "hostPID": { + "description": "Use the host's pid namespace. Optional: Default to false.", + "type": "boolean" + }, + "hostname": { + "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.", + "type": "string" + }, + "imagePullSecrets": { + "description": "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, + "initContainers": { + "description": "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, or Liveness probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Container" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, + "nodeName": { + "description": "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", + "type": "object" + }, + "priority": { + "description": "The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.", + "format": "int32", + "type": "integer" + }, + "priorityClassName": { + "description": "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.", + "type": "string" + }, + "readinessGates": { + "description": "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodReadinessGate" + }, + "type": "array" + }, + "restartPolicy": { + "description": "Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy", + "type": "string" + }, + "runtimeClassName": { + "description": "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md This is an alpha feature and may change in the future.", + "type": "string" + }, + "schedulerName": { + "description": "If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.", + "type": "string" + }, + "securityContext": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodSecurityContext", + "description": "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field." + }, + "serviceAccount": { + "description": "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", + "type": "string" + }, + "serviceAccountName": { + "description": "ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", + "type": "string" + }, + "shareProcessNamespace": { + "description": "Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. This field is beta-level and may be disabled with the PodShareProcessNamespace feature.", + "type": "boolean" + }, + "subdomain": { + "description": "If specified, the fully qualified Pod hostname will be \"...svc.\". If not specified, the pod will not have a domainname at all.", + "type": "string" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.", + "format": "int64", + "type": "integer" + }, + "tolerations": { + "description": "If specified, the pod's tolerations.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" + }, + "type": "array" + }, + "volumes": { + "description": "List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Volume" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge,retainKeys" + } + }, + "required": [ + "containers" + ], + "type": "object" + }, + "io.k8s.api.core.v1.PodStatus": { + "description": "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", + "properties": { + "conditions": { + "description": "Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "containerStatuses": { + "description": "The list has one entry per container in the manifest. Each entry is currently the output of `docker inspect`. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" + }, + "type": "array" + }, + "hostIP": { + "description": "IP address of the host to which the pod is assigned. Empty if not yet scheduled.", + "type": "string" + }, + "initContainerStatuses": { + "description": "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" + }, + "type": "array" + }, + "message": { + "description": "A human readable message indicating details about why the pod is in this condition.", + "type": "string" + }, + "nominatedNodeName": { + "description": "nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be scheduled right away as preemption victims receive their graceful termination periods. This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to give the resources on this node to a higher priority pod that is created after preemption. As a result, this field may be different than PodSpec.nodeName when the pod is scheduled.", + "type": "string" + }, + "phase": { + "description": "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase", + "type": "string" + }, + "podIP": { + "description": "IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.", + "type": "string" + }, + "qosClass": { + "description": "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md", + "type": "string" + }, + "reason": { + "description": "A brief CamelCase message indicating details about why the pod is in this state. e.g. 'Evicted'", + "type": "string" + }, + "startTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PodTemplate": { + "description": "PodTemplate describes a template for creating copies of a predefined pod.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PodTemplateList": { + "description": "PodTemplateList is a list of PodTemplates.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of pod templates", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "PodTemplateList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.PodTemplateSpec": { + "description": "PodTemplateSpec describes the data a pod should have when created from a template", + "properties": { + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodSpec", + "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.PortworxVolumeSource": { + "description": "PortworxVolumeSource represents a Portworx volume resource.", + "properties": { + "fsType": { + "description": "FSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "VolumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "io.k8s.api.core.v1.PreferredSchedulingTerm": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorTerm", + "description": "A node selector term, associated with the corresponding weight." + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "weight", + "preference" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Probe": { + "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", + "properties": { + "exec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ExecAction", + "description": "One and only one of the following should be specified. Exec specifies the action to take." + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "httpGet": { + "$ref": "#/definitions/io.k8s.api.core.v1.HTTPGetAction", + "description": "HTTPGet specifies the http request to perform." + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "$ref": "#/definitions/io.k8s.api.core.v1.TCPSocketAction", + "description": "TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ProjectedVolumeSource": { + "description": "Represents a projected volume source", + "properties": { + "defaultMode": { + "description": "Mode bits to use on created files by default. Must be a value between 0 and 0777. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "list of volume projections", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.VolumeProjection" + }, + "type": "array" + } + }, + "required": [ + "sources" + ], + "type": "object" + }, + "io.k8s.api.core.v1.QuobyteVolumeSource": { + "description": "Represents a Quobyte mount that lasts the lifetime of a pod. Quobyte volumes do not support ownership management or SELinux relabeling.", + "properties": { + "group": { + "description": "Group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "Registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "Tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "User to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "Volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "io.k8s.api.core.v1.RBDPersistentVolumeSource": { + "description": "Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.", + "properties": { + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd", + "type": "string" + }, + "image": { + "description": "The rados image name. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "A collection of Ceph monitors. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "The rados pool name. Default is rbd. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "SecretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it" + }, + "user": { + "description": "The rados user name. Default is admin. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors", + "image" + ], + "type": "object" + }, + "io.k8s.api.core.v1.RBDVolumeSource": { + "description": "Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.", + "properties": { + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd", + "type": "string" + }, + "image": { + "description": "The rados image name. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "A collection of Ceph monitors. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "The rados pool name. Default is rbd. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "SecretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it" + }, + "user": { + "description": "The rados user name. Default is admin. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors", + "image" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ReplicationController": { + "description": "ReplicationController represents the configuration of a replication controller.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerSpec", + "description": "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerStatus", + "description": "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ReplicationControllerCondition": { + "description": "ReplicationControllerCondition describes the state of a replication controller at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of replication controller condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ReplicationControllerList": { + "description": "ReplicationControllerList is a collection of replication controllers.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of replication controllers. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ReplicationControllerList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ReplicationControllerSpec": { + "description": "ReplicationControllerSpec is the specification of a replication controller.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "Selector is a label query over pods that should match the Replicas count. If Selector is empty, it is defaulted to the labels present on the Pod template. Label keys and values that must match in order to be controlled by this replication controller, if empty defaulted to labels on Pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", + "type": "object" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ReplicationControllerStatus": { + "description": "ReplicationControllerStatus represents the current status of a replication controller.", + "properties": { + "availableReplicas": { + "description": "The number of available replicas (ready for at least minReadySeconds) for this replication controller.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a replication controller's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "fullyLabeledReplicas": { + "description": "The number of pods that have labels matching the labels of the pod template of the replication controller.", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "ObservedGeneration reflects the generation of the most recently observed replication controller.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "The number of ready replicas for this replication controller.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ResourceFieldSelector": { + "description": "ResourceFieldSelector represents container resources (cpu, memory) and their output format", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", + "description": "Specifies the output format of the exposed resources, defaults to \"1\"" + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ResourceQuota": { + "description": "ResourceQuota sets aggregate quota restrictions enforced per namespace", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaSpec", + "description": "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaStatus", + "description": "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ResourceQuotaList": { + "description": "ResourceQuotaList is a list of ResourceQuota items.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of ResourceQuota objects. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ResourceQuotaList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ResourceQuotaSpec": { + "description": "ResourceQuotaSpec defines the desired hard limits to enforce for Quota.", + "properties": { + "hard": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "hard is the set of desired hard limits for each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", + "type": "object" + }, + "scopeSelector": { + "$ref": "#/definitions/io.k8s.api.core.v1.ScopeSelector", + "description": "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched." + }, + "scopes": { + "description": "A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ResourceQuotaStatus": { + "description": "ResourceQuotaStatus defines the enforced hard limits and observed use.", + "properties": { + "hard": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Hard is the set of enforced hard limits for each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", + "type": "object" + }, + "used": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Used is the current observed total usage of the resource in the namespace.", + "type": "object" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ResourceRequirements": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "limits": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", + "type": "object" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.SELinuxOptions": { + "description": "SELinuxOptions are the labels to be applied to the container", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ScaleIOPersistentVolumeSource": { + "description": "ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", + "type": "string" + }, + "gateway": { + "description": "The host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "The name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", + "description": "SecretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + }, + "sslEnabled": { + "description": "Flag to enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "The ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "The name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "The name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "system", + "secretRef" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ScaleIOVolumeSource": { + "description": "ScaleIOVolumeSource represents a persistent ScaleIO volume", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "The host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "The name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "SecretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + }, + "sslEnabled": { + "description": "Flag to enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "The ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "The name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "The name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "system", + "secretRef" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ScopeSelector": { + "description": "A scope selector represents the AND of the selectors represented by the scoped-resource selector requirements.", + "properties": { + "matchExpressions": { + "description": "A list of scope selector requirements by scope of the resources.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ScopedResourceSelectorRequirement" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ScopedResourceSelectorRequirement": { + "description": "A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator that relates the scope name and values.", + "properties": { + "operator": { + "description": "Represents a scope's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist.", + "type": "string" + }, + "scopeName": { + "description": "The name of the scope that the selector applies to.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "scopeName", + "operator" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Secret": { + "description": "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "data": { + "additionalProperties": { + "format": "byte", + "type": "string" + }, + "description": "Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4", + "type": "object" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "stringData": { + "additionalProperties": { + "type": "string" + }, + "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.", + "type": "object" + }, + "type": { + "description": "Used to facilitate programmatic handling of secret data.", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Secret", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.SecretEnvSource": { + "description": "SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.SecretKeySelector": { + "description": "SecretKeySelector selects a key of a Secret.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or it's key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "io.k8s.api.core.v1.SecretList": { + "description": "SecretList is a list of Secret.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of secret objects. More info: https://kubernetes.io/docs/concepts/configuration/secret", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "SecretList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.SecretProjection": { + "description": "Adapts a secret into a projected volume.\n\nThe contents of the target Secret's Data field will be presented in a projected volume as files using the keys in the Data field as the file names. Note that this is identical to a secret volume source without the default mode.", + "properties": { + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.SecretReference": { + "description": "SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace", + "properties": { + "name": { + "description": "Name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "Namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.SecretVolumeSource": { + "description": "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" + }, + "type": "array" + }, + "optional": { + "description": "Specify whether the Secret or it's keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "Name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.SecurityContext": { + "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN", + "type": "boolean" + }, + "capabilities": { + "$ref": "#/definitions/io.k8s.api.core.v1.Capabilities", + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime." + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions", + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.Service": { + "description": "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceSpec", + "description": "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceStatus", + "description": "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Service", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ServiceAccount": { + "description": "ServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "automountServiceAccountToken": { + "description": "AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level.", + "type": "boolean" + }, + "imagePullSecrets": { + "description": "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "secrets": { + "description": "Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount. More info: https://kubernetes.io/docs/concepts/configuration/secret", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ServiceAccountList": { + "description": "ServiceAccountList is a list of ServiceAccount objects", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of ServiceAccounts. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ServiceAccountList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ServiceAccountTokenProjection": { + "description": "ServiceAccountTokenProjection represents a projected service account token volume. This projection can be used to insert a service account token into the pods runtime filesystem for use against APIs (Kubernetes API Server or otherwise).", + "properties": { + "audience": { + "description": "Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "Path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ServiceList": { + "description": "ServiceList holds a list of services.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of services", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "ServiceList", + "version": "v1" + } + ] + }, + "io.k8s.api.core.v1.ServicePort": { + "description": "ServicePort contains information on service's port.", + "properties": { + "name": { + "description": "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the 'Name' field in EndpointPort objects. Optional if only one ServicePort is defined on this service.", + "type": "string" + }, + "nodePort": { + "description": "The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport", + "format": "int32", + "type": "integer" + }, + "port": { + "description": "The port that will be exposed by this service.", + "format": "int32", + "type": "integer" + }, + "protocol": { + "description": "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.", + "type": "string" + }, + "targetPort": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "io.k8s.api.core.v1.ServiceSpec": { + "description": "ServiceSpec describes the attributes that a user creates on a service.", + "properties": { + "clusterIP": { + "description": "clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are \"None\", empty string (\"\"), or a valid IP address. \"None\" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "externalIPs": { + "description": "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", + "items": { + "type": "string" + }, + "type": "array" + }, + "externalName": { + "description": "externalName is the external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires Type to be ExternalName.", + "type": "string" + }, + "externalTrafficPolicy": { + "description": "externalTrafficPolicy denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. \"Local\" preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. \"Cluster\" obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading.", + "type": "string" + }, + "healthCheckNodePort": { + "description": "healthCheckNodePort specifies the healthcheck nodePort for the service. If not specified, HealthCheckNodePort is created by the service api backend with the allocated nodePort. Will use user-specified nodePort value if specified by the client. Only effects when Type is set to LoadBalancer and ExternalTrafficPolicy is set to Local.", + "format": "int32", + "type": "integer" + }, + "loadBalancerIP": { + "description": "Only applies to Service Type: LoadBalancer LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.", + "type": "string" + }, + "loadBalancerSourceRanges": { + "description": "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/", + "items": { + "type": "string" + }, + "type": "array" + }, + "ports": { + "description": "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServicePort" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "port", + "protocol" + ], + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "port", + "x-kubernetes-patch-strategy": "merge" + }, + "publishNotReadyAddresses": { + "description": "publishNotReadyAddresses, when set to true, indicates that DNS implementations must publish the notReadyAddresses of subsets for the Endpoints associated with the Service. The default value is false. The primary use case for setting this field is to use a StatefulSet's Headless Service to propagate SRV records for its Pods without respect to their readiness for purpose of peer discovery.", + "type": "boolean" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/", + "type": "object" + }, + "sessionAffinity": { + "description": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "sessionAffinityConfig": { + "$ref": "#/definitions/io.k8s.api.core.v1.SessionAffinityConfig", + "description": "sessionAffinityConfig contains the configurations of session affinity." + }, + "type": { + "description": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ExternalName\" maps to the specified externalName. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.ServiceStatus": { + "description": "ServiceStatus represents the current status of a service.", + "properties": { + "loadBalancer": { + "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerStatus", + "description": "LoadBalancer contains the current status of the load-balancer, if one is present." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.SessionAffinityConfig": { + "description": "SessionAffinityConfig represents the configurations of session affinity.", + "properties": { + "clientIP": { + "$ref": "#/definitions/io.k8s.api.core.v1.ClientIPConfig", + "description": "clientIP contains the configurations of Client IP based session affinity." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.StorageOSPersistentVolumeSource": { + "description": "Represents a StorageOS persistent volume resource.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "SecretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + }, + "volumeName": { + "description": "VolumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.StorageOSVolumeSource": { + "description": "Represents a StorageOS persistent volume resource.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "SecretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + }, + "volumeName": { + "description": "VolumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.Sysctl": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "io.k8s.api.core.v1.TCPSocketAction": { + "description": "TCPSocketAction describes an action based on opening a socket", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Taint": { + "description": "The node this Taint is attached to has the \"effect\" on any pod that does not tolerate the Taint.", + "properties": { + "effect": { + "description": "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Required. The taint key to be applied to a node.", + "type": "string" + }, + "timeAdded": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints." + }, + "value": { + "description": "Required. The taint value corresponding to the taint key.", + "type": "string" + } + }, + "required": [ + "key", + "effect" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Toleration": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.TopologySelectorLabelRequirement": { + "description": "A topology selector requirement is a selector that matches given label. This is an alpha feature and may change in the future.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "values": { + "description": "An array of string values. One value must match the label to be selected. Each entry in Values is ORed.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "values" + ], + "type": "object" + }, + "io.k8s.api.core.v1.TopologySelectorTerm": { + "description": "A topology selector term represents the result of label queries. A null or empty topology selector term matches no objects. The requirements of them are ANDed. It provides a subset of functionality as NodeSelectorTerm. This is an alpha feature and may change in the future.", + "properties": { + "matchLabelExpressions": { + "description": "A list of topology selector requirements by labels.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.TopologySelectorLabelRequirement" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.TypedLocalObjectReference": { + "description": "TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.core.v1.Volume": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "$ref": "#/definitions/io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource", + "description": "AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + }, + "azureDisk": { + "$ref": "#/definitions/io.k8s.api.core.v1.AzureDiskVolumeSource", + "description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + }, + "azureFile": { + "$ref": "#/definitions/io.k8s.api.core.v1.AzureFileVolumeSource", + "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod." + }, + "cephfs": { + "$ref": "#/definitions/io.k8s.api.core.v1.CephFSVolumeSource", + "description": "CephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + }, + "cinder": { + "$ref": "#/definitions/io.k8s.api.core.v1.CinderVolumeSource", + "description": "Cinder represents a cinder volume attached and mounted on kubelets host machine More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md" + }, + "configMap": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapVolumeSource", + "description": "ConfigMap represents a configMap that should populate this volume" + }, + "downwardAPI": { + "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeSource", + "description": "DownwardAPI represents downward API about the pod that should populate this volume" + }, + "emptyDir": { + "$ref": "#/definitions/io.k8s.api.core.v1.EmptyDirVolumeSource", + "description": "EmptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + }, + "fc": { + "$ref": "#/definitions/io.k8s.api.core.v1.FCVolumeSource", + "description": "FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." + }, + "flexVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.FlexVolumeSource", + "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + }, + "flocker": { + "$ref": "#/definitions/io.k8s.api.core.v1.FlockerVolumeSource", + "description": "Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + }, + "gcePersistentDisk": { + "$ref": "#/definitions/io.k8s.api.core.v1.GCEPersistentDiskVolumeSource", + "description": "GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + }, + "gitRepo": { + "$ref": "#/definitions/io.k8s.api.core.v1.GitRepoVolumeSource", + "description": "GitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + }, + "glusterfs": { + "$ref": "#/definitions/io.k8s.api.core.v1.GlusterfsVolumeSource", + "description": "Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md" + }, + "hostPath": { + "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource", + "description": "HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + }, + "iscsi": { + "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIVolumeSource", + "description": "ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://releases.k8s.io/HEAD/examples/volumes/iscsi/README.md" + }, + "name": { + "description": "Volume's name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "$ref": "#/definitions/io.k8s.api.core.v1.NFSVolumeSource", + "description": "NFS represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + }, + "persistentVolumeClaim": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource", + "description": "PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + }, + "photonPersistentDisk": { + "$ref": "#/definitions/io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource", + "description": "PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + }, + "portworxVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.PortworxVolumeSource", + "description": "PortworxVolume represents a portworx volume attached and mounted on kubelets host machine" + }, + "projected": { + "$ref": "#/definitions/io.k8s.api.core.v1.ProjectedVolumeSource", + "description": "Items for all in one resources secrets, configmaps, and downward API" + }, + "quobyte": { + "$ref": "#/definitions/io.k8s.api.core.v1.QuobyteVolumeSource", + "description": "Quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + }, + "rbd": { + "$ref": "#/definitions/io.k8s.api.core.v1.RBDVolumeSource", + "description": "RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md" + }, + "scaleIO": { + "$ref": "#/definitions/io.k8s.api.core.v1.ScaleIOVolumeSource", + "description": "ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + }, + "secret": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretVolumeSource", + "description": "Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + }, + "storageos": { + "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSVolumeSource", + "description": "StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + }, + "vsphereVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource", + "description": "VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "io.k8s.api.core.v1.VolumeDevice": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "name", + "devicePath" + ], + "type": "object" + }, + "io.k8s.api.core.v1.VolumeMount": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive. This field is alpha in 1.14.", + "type": "string" + } + }, + "required": [ + "name", + "mountPath" + ], + "type": "object" + }, + "io.k8s.api.core.v1.VolumeNodeAffinity": { + "description": "VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.", + "properties": { + "required": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector", + "description": "Required specifies hard node constraints that must be met." + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.VolumeProjection": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapProjection", + "description": "information about the configMap data to project" + }, + "downwardAPI": { + "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIProjection", + "description": "information about the downwardAPI data to project" + }, + "secret": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretProjection", + "description": "information about the secret data to project" + }, + "serviceAccountToken": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountTokenProjection", + "description": "information about the serviceAccountToken data to project" + } + }, + "type": "object" + }, + "io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource": { + "description": "Represents a vSphere volume resource.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "Storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "Path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + }, + "io.k8s.api.core.v1.WeightedPodAffinityTerm": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm", + "description": "Required. A pod affinity term, associated with the corresponding weight." + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "weight", + "podAffinityTerm" + ], + "type": "object" + }, + "io.k8s.api.events.v1beta1.Event": { + "description": "Event is a report of an event somewhere in the cluster. It generally denotes some state change in the system.", + "properties": { + "action": { + "description": "What action was taken/failed regarding to the regarding object.", + "type": "string" + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "deprecatedCount": { + "description": "Deprecated field assuring backward compatibility with core.v1 Event type", + "format": "int32", + "type": "integer" + }, + "deprecatedFirstTimestamp": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Deprecated field assuring backward compatibility with core.v1 Event type" + }, + "deprecatedLastTimestamp": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Deprecated field assuring backward compatibility with core.v1 Event type" + }, + "deprecatedSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.EventSource", + "description": "Deprecated field assuring backward compatibility with core.v1 Event type" + }, + "eventTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "Required. Time when this Event was first observed." + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "note": { + "description": "Optional. A human-readable description of the status of this operation. Maximal length of the note is 1kB, but libraries should be prepared to handle values up to 64kB.", + "type": "string" + }, + "reason": { + "description": "Why the action was taken.", + "type": "string" + }, + "regarding": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "The object this Event is about. In most cases it's an Object reporting controller implements. E.g. ReplicaSetController implements ReplicaSets and this event is emitted because it acts on some changes in a ReplicaSet object." + }, + "related": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "Optional secondary object for more complex actions. E.g. when regarding object triggers a creation or deletion of related object." + }, + "reportingController": { + "description": "Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.", + "type": "string" + }, + "reportingInstance": { + "description": "ID of the controller instance, e.g. `kubelet-xyzf`.", + "type": "string" + }, + "series": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.EventSeries", + "description": "Data about the Event series this event represents or nil if it's a singleton Event." + }, + "type": { + "description": "Type of this event (Normal, Warning), new types could be added in the future.", + "type": "string" + } + }, + "required": [ + "eventTime" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.events.v1beta1.EventList": { + "description": "EventList is a list of Event objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "events.k8s.io", + "kind": "EventList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.events.v1beta1.EventSeries": { + "description": "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.", + "properties": { + "count": { + "description": "Number of occurrences in this series up to the last heartbeat time", + "format": "int32", + "type": "integer" + }, + "lastObservedTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime", + "description": "Time when last Event from the series was seen before last heartbeat." + }, + "state": { + "description": "Information whether this series is ongoing or finished.", + "type": "string" + } + }, + "required": [ + "count", + "lastObservedTime", + "state" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.AllowedFlexVolume": { + "description": "AllowedFlexVolume represents a single Flexvolume that is allowed to be used. Deprecated: use AllowedFlexVolume from policy API Group instead.", + "properties": { + "driver": { + "description": "driver is the name of the Flexvolume driver.", + "type": "string" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.AllowedHostPath": { + "description": "AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined. Deprecated: use AllowedHostPath from policy API Group instead.", + "properties": { + "pathPrefix": { + "description": "pathPrefix is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`", + "type": "string" + }, + "readOnly": { + "description": "when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.DaemonSet": { + "description": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetSpec", + "description": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetStatus", + "description": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.DaemonSetCondition": { + "description": "DaemonSetCondition describes the state of a DaemonSet at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of DaemonSet condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.DaemonSetList": { + "description": "DaemonSetList is a collection of daemon sets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "A list of daemon sets.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "DaemonSetList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.DaemonSetSpec": { + "description": "DaemonSetSpec is the specification of a daemon set.", + "properties": { + "minReadySeconds": { + "description": "The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "A label query over pods that are managed by the daemon set. Must match in order to be controlled. If empty, defaulted to labels on Pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + }, + "templateGeneration": { + "description": "DEPRECATED. A sequence number representing a specific generation of the template. Populated by the system. It can be set only during the creation.", + "format": "int64", + "type": "integer" + }, + "updateStrategy": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy", + "description": "An update strategy to replace existing DaemonSet pods with new pods." + } + }, + "required": [ + "template" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.DaemonSetStatus": { + "description": "DaemonSetStatus represents the current status of a daemon set.", + "properties": { + "collisionCount": { + "description": "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a DaemonSet's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "currentNumberScheduled": { + "description": "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "desiredNumberScheduled": { + "description": "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "numberAvailable": { + "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)", + "format": "int32", + "type": "integer" + }, + "numberMisscheduled": { + "description": "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "format": "int32", + "type": "integer" + }, + "numberReady": { + "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.", + "format": "int32", + "type": "integer" + }, + "numberUnavailable": { + "description": "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "The most recent generation observed by the daemon set controller.", + "format": "int64", + "type": "integer" + }, + "updatedNumberScheduled": { + "description": "The total number of nodes that are running updated daemon pod", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "currentNumberScheduled", + "numberMisscheduled", + "desiredNumberScheduled", + "numberReady" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy": { + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet", + "description": "Rolling update config params. Present only if type = \"RollingUpdate\"." + }, + "type": { + "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is OnDelete.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.Deployment": { + "description": "DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentSpec", + "description": "Specification of the desired behavior of the Deployment." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStatus", + "description": "Most recently observed status of the Deployment." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.DeploymentCondition": { + "description": "DeploymentCondition describes the state of a deployment at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "lastUpdateTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time this condition was updated." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of deployment condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.DeploymentList": { + "description": "DeploymentList is a list of Deployments.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of Deployments.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "DeploymentList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.DeploymentRollback": { + "description": "DEPRECATED. DeploymentRollback stores the information required to rollback a deployment.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Required: This must match the Name of a deployment.", + "type": "string" + }, + "rollbackTo": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollbackConfig", + "description": "The config of this deployment rollback." + }, + "updatedAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "The annotations to be updated to a deployment", + "type": "object" + } + }, + "required": [ + "name", + "rollbackTo" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "DeploymentRollback", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.DeploymentSpec": { + "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "paused": { + "description": "Indicates that the deployment is paused and will not be processed by the deployment controller.", + "type": "boolean" + }, + "progressDeadlineSeconds": { + "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. This is set to the max value of int32 (i.e. 2147483647) by default, which means \"no deadline\".", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. This is set to the max value of int32 (i.e. 2147483647) by default, which means \"retaining all old RelicaSets\".", + "format": "int32", + "type": "integer" + }, + "rollbackTo": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollbackConfig", + "description": "DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done." + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment." + }, + "strategy": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStrategy", + "description": "The deployment strategy to use to replace existing pods with new ones.", + "x-kubernetes-patch-strategy": "retainKeys" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template describes the pods that will be created." + } + }, + "required": [ + "template" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.DeploymentStatus": { + "description": "DeploymentStatus is the most recently observed status of the Deployment.", + "properties": { + "availableReplicas": { + "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "collisionCount": { + "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a deployment's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "observedGeneration": { + "description": "The generation observed by the deployment controller.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "Total number of ready pods targeted by this deployment.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", + "format": "int32", + "type": "integer" + }, + "unavailableReplicas": { + "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", + "format": "int32", + "type": "integer" + }, + "updatedReplicas": { + "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.DeploymentStrategy": { + "description": "DeploymentStrategy describes how to replace existing pods with new ones.", + "properties": { + "rollingUpdate": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDeployment", + "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate." + }, + "type": { + "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions": { + "description": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use FSGroupStrategyOptions from policy API Group instead.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate what FSGroup is used in the SecurityContext.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.HTTPIngressPath": { + "description": "HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.", + "properties": { + "backend": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressBackend", + "description": "Backend defines the referenced service endpoint to which the traffic will be forwarded to." + }, + "path": { + "description": "Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend.", + "type": "string" + } + }, + "required": [ + "backend" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue": { + "description": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", + "properties": { + "paths": { + "description": "A collection of paths that map requests to backends.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressPath" + }, + "type": "array" + } + }, + "required": [ + "paths" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.HostPortRange": { + "description": "HostPortRange defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined. Deprecated: use HostPortRange from policy API Group instead.", + "properties": { + "max": { + "description": "max is the end of the range, inclusive.", + "format": "int32", + "type": "integer" + }, + "min": { + "description": "min is the start of the range, inclusive.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "min", + "max" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.IDRange": { + "description": "IDRange provides a min/max of an allowed range of IDs. Deprecated: use IDRange from policy API Group instead.", + "properties": { + "max": { + "description": "max is the end of the range, inclusive.", + "format": "int64", + "type": "integer" + }, + "min": { + "description": "min is the start of the range, inclusive.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "min", + "max" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.IPBlock": { + "description": "DEPRECATED 1.9 - This group version of IPBlock is deprecated by networking/v1/IPBlock. IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.", + "properties": { + "cidr": { + "description": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"", + "type": "string" + }, + "except": { + "description": "Except is a slice of CIDRs that should not be included within an IP Block Valid examples are \"192.168.1.1/24\" Except values will be rejected if they are outside the CIDR range", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "cidr" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.Ingress": { + "description": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc. DEPRECATED - This group version of Ingress is deprecated by networking.k8s.io/v1beta1 Ingress. See the release notes for more information.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressSpec", + "description": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressStatus", + "description": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.IngressBackend": { + "description": "IngressBackend describes all endpoints for a given service and port.", + "properties": { + "serviceName": { + "description": "Specifies the name of the referenced service.", + "type": "string" + }, + "servicePort": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "Specifies the port of the referenced service." + } + }, + "required": [ + "serviceName", + "servicePort" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.IngressList": { + "description": "IngressList is a collection of Ingress.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of Ingress.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "IngressList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.IngressRule": { + "description": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", + "properties": { + "host": { + "description": "Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the\n\t IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.", + "type": "string" + }, + "http": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.IngressSpec": { + "description": "IngressSpec describes the Ingress the user wishes to exist.", + "properties": { + "backend": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressBackend", + "description": "A default backend capable of servicing requests that don't match any rule. At least one of 'backend' or 'rules' must be specified. This field is optional to allow the loadbalancer controller or defaulting logic to specify a global default." + }, + "rules": { + "description": "A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressRule" + }, + "type": "array" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressTLS" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.IngressStatus": { + "description": "IngressStatus describe the current state of the Ingress.", + "properties": { + "loadBalancer": { + "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerStatus", + "description": "LoadBalancer contains the current status of the load-balancer." + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.IngressTLS": { + "description": "IngressTLS describes the transport layer security associated with an Ingress.", + "properties": { + "hosts": { + "description": "Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array" + }, + "secretName": { + "description": "SecretName is the name of the secret used to terminate SSL traffic on 443. Field is left optional to allow SSL routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.NetworkPolicy": { + "description": "DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy. NetworkPolicy describes what network traffic is allowed for a set of Pods", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicySpec", + "description": "Specification of the desired behavior for this NetworkPolicy." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.NetworkPolicyEgressRule": { + "description": "DEPRECATED 1.9 - This group version of NetworkPolicyEgressRule is deprecated by networking/v1/NetworkPolicyEgressRule. NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8", + "properties": { + "ports": { + "description": "List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPort" + }, + "type": "array" + }, + "to": { + "description": "List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPeer" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule": { + "description": "DEPRECATED 1.9 - This group version of NetworkPolicyIngressRule is deprecated by networking/v1/NetworkPolicyIngressRule. This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.", + "properties": { + "from": { + "description": "List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least on item, this rule allows traffic only if the traffic matches at least one item in the from list.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPeer" + }, + "type": "array" + }, + "ports": { + "description": "List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPort" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.NetworkPolicyList": { + "description": "DEPRECATED 1.9 - This group version of NetworkPolicyList is deprecated by networking/v1/NetworkPolicyList. Network Policy List is a list of NetworkPolicy objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "NetworkPolicyList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.NetworkPolicyPeer": { + "description": "DEPRECATED 1.9 - This group version of NetworkPolicyPeer is deprecated by networking/v1/NetworkPolicyPeer.", + "properties": { + "ipBlock": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IPBlock", + "description": "IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be." + }, + "namespaceSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.\n\nIf PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector." + }, + "podSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.\n\nIf NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace." + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.NetworkPolicyPort": { + "description": "DEPRECATED 1.9 - This group version of NetworkPolicyPort is deprecated by networking/v1/NetworkPolicyPort.", + "properties": { + "port": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "If specified, the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched." + }, + "protocol": { + "description": "Optional. The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.NetworkPolicySpec": { + "description": "DEPRECATED 1.9 - This group version of NetworkPolicySpec is deprecated by networking/v1/NetworkPolicySpec.", + "properties": { + "egress": { + "description": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyEgressRule" + }, + "type": "array" + }, + "ingress": { + "description": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default).", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule" + }, + "type": "array" + }, + "podSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace." + }, + "policyTypes": { + "description": "List of rule types that the NetworkPolicy relates to. Valid options are \"Ingress\", \"Egress\", or \"Ingress,Egress\". If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "podSelector" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.PodSecurityPolicy": { + "description": "PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container. Deprecated: use PodSecurityPolicy from policy API Group instead.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec", + "description": "spec defines the policy enforced." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.PodSecurityPolicyList": { + "description": "PodSecurityPolicyList is a list of PodSecurityPolicy objects. Deprecated: use PodSecurityPolicyList from policy API Group instead.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "PodSecurityPolicyList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec": { + "description": "PodSecurityPolicySpec defines the policy enforced. Deprecated: use PodSecurityPolicySpec from policy API Group instead.", + "properties": { + "allowPrivilegeEscalation": { + "description": "allowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.", + "type": "boolean" + }, + "allowedCapabilities": { + "description": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both allowedCapabilities and requiredDropCapabilities.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedFlexVolumes": { + "description": "allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.AllowedFlexVolume" + }, + "type": "array" + }, + "allowedHostPaths": { + "description": "allowedHostPaths is a white list of allowed host paths. Empty indicates that all host paths may be used.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.AllowedHostPath" + }, + "type": "array" + }, + "allowedProcMountTypes": { + "description": "AllowedProcMountTypes is a whitelist of allowed ProcMountTypes. Empty or nil indicates that only the DefaultProcMountType may be used. This requires the ProcMountType feature flag to be enabled.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedUnsafeSysctls": { + "description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.", + "items": { + "type": "string" + }, + "type": "array" + }, + "defaultAddCapabilities": { + "description": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.", + "items": { + "type": "string" + }, + "type": "array" + }, + "defaultAllowPrivilegeEscalation": { + "description": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.", + "type": "boolean" + }, + "forbiddenSysctls": { + "description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.", + "items": { + "type": "string" + }, + "type": "array" + }, + "fsGroup": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions", + "description": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext." + }, + "hostIPC": { + "description": "hostIPC determines if the policy allows the use of HostIPC in the pod spec.", + "type": "boolean" + }, + "hostNetwork": { + "description": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.", + "type": "boolean" + }, + "hostPID": { + "description": "hostPID determines if the policy allows the use of HostPID in the pod spec.", + "type": "boolean" + }, + "hostPorts": { + "description": "hostPorts determines which host port ranges are allowed to be exposed.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HostPortRange" + }, + "type": "array" + }, + "privileged": { + "description": "privileged determines if a pod can request to be run as privileged.", + "type": "boolean" + }, + "readOnlyRootFilesystem": { + "description": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", + "type": "boolean" + }, + "requiredDropCapabilities": { + "description": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", + "items": { + "type": "string" + }, + "type": "array" + }, + "runAsGroup": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RunAsGroupStrategyOptions", + "description": "RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set. If this field is omitted, the pod's RunAsGroup can take any value. This field requires the RunAsGroup feature gate to be enabled." + }, + "runAsUser": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions", + "description": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set." + }, + "seLinux": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions", + "description": "seLinux is the strategy that will dictate the allowable labels that may be set." + }, + "supplementalGroups": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions", + "description": "supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext." + }, + "volumes": { + "description": "volumes is a white list of allowed volume plugins. Empty indicates that no volumes may be used. To allow all volumes you may use '*'.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "seLinux", + "runAsUser", + "supplementalGroups", + "fsGroup" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.ReplicaSet": { + "description": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetSpec", + "description": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetStatus", + "description": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.ReplicaSetCondition": { + "description": "ReplicaSetCondition describes the state of a replica set at a certain point.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "The last time the condition transitioned from one status to another." + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of replica set condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.ReplicaSetList": { + "description": "ReplicaSetList is a collection of ReplicaSets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "ReplicaSetList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.ReplicaSetSpec": { + "description": "ReplicaSetSpec is the specification of a ReplicaSet.", + "properties": { + "minReadySeconds": { + "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selector is a label query over pods that should match the replica count. If the selector is empty, it is defaulted to the labels present on the pod template. Label keys and values that must match in order to be controlled by this replica set. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + }, + "template": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.ReplicaSetStatus": { + "description": "ReplicaSetStatus represents the current status of a ReplicaSet.", + "properties": { + "availableReplicas": { + "description": "The number of available replicas (ready for at least minReadySeconds) for this replica set.", + "format": "int32", + "type": "integer" + }, + "conditions": { + "description": "Represents the latest available observations of a replica set's current state.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + }, + "fullyLabeledReplicas": { + "description": "The number of pods that have labels matching the labels of the pod template of the replicaset.", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.", + "format": "int64", + "type": "integer" + }, + "readyReplicas": { + "description": "The number of ready replicas for this replica set.", + "format": "int32", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.RollbackConfig": { + "description": "DEPRECATED.", + "properties": { + "revision": { + "description": "The revision to rollback to. If set to 0, rollback to the last revision.", + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet": { + "description": "Spec to control the desired behavior of daemon set rolling update.", + "properties": { + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update." + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.RollingUpdateDeployment": { + "description": "Spec to control the desired behavior of rolling update.", + "properties": { + "maxSurge": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default, a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods." + }, + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods." + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.RunAsGroupStrategyOptions": { + "description": "RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsGroupStrategyOptions from policy API Group instead.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of gids that may be used. If you would like to force a single gid then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate the allowable RunAsGroup values that may be set.", + "type": "string" + } + }, + "required": [ + "rule" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions": { + "description": "RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsUserStrategyOptions from policy API Group instead.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of uids that may be used. If you would like to force a single uid then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate the allowable RunAsUser values that may be set.", + "type": "string" + } + }, + "required": [ + "rule" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions": { + "description": "SELinuxStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use SELinuxStrategyOptions from policy API Group instead.", + "properties": { + "rule": { + "description": "rule is the strategy that will dictate the allowable labels that may be set.", + "type": "string" + }, + "seLinuxOptions": { + "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions", + "description": "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + } + }, + "required": [ + "rule" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.Scale": { + "description": "represents a scaling request for a resource.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleSpec", + "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleStatus", + "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.extensions.v1beta1.ScaleSpec": { + "description": "describes the attributes of a scale subresource", + "properties": { + "replicas": { + "description": "desired number of instances for the scaled object.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.ScaleStatus": { + "description": "represents the current status of a scale subresource.", + "properties": { + "replicas": { + "description": "actual number of observed instances of the scaled object.", + "format": "int32", + "type": "integer" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors", + "type": "object" + }, + "targetSelector": { + "description": "label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", + "type": "string" + } + }, + "required": [ + "replicas" + ], + "type": "object" + }, + "io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions": { + "description": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use SupplementalGroupsStrategyOptions from policy API Group instead.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1.IPBlock": { + "description": "IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.", + "properties": { + "cidr": { + "description": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"", + "type": "string" + }, + "except": { + "description": "Except is a slice of CIDRs that should not be included within an IP Block Valid examples are \"192.168.1.1/24\" Except values will be rejected if they are outside the CIDR range", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "cidr" + ], + "type": "object" + }, + "io.k8s.api.networking.v1.NetworkPolicy": { + "description": "NetworkPolicy describes what network traffic is allowed for a set of Pods", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicySpec", + "description": "Specification of the desired behavior for this NetworkPolicy." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + ] + }, + "io.k8s.api.networking.v1.NetworkPolicyEgressRule": { + "description": "NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8", + "properties": { + "ports": { + "description": "List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort" + }, + "type": "array" + }, + "to": { + "description": "List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1.NetworkPolicyIngressRule": { + "description": "NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.", + "properties": { + "from": { + "description": "List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least on item, this rule allows traffic only if the traffic matches at least one item in the from list.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer" + }, + "type": "array" + }, + "ports": { + "description": "List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1.NetworkPolicyList": { + "description": "NetworkPolicyList is a list of NetworkPolicy objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "networking.k8s.io", + "kind": "NetworkPolicyList", + "version": "v1" + } + ] + }, + "io.k8s.api.networking.v1.NetworkPolicyPeer": { + "description": "NetworkPolicyPeer describes a peer to allow traffic from. Only certain combinations of fields are allowed", + "properties": { + "ipBlock": { + "$ref": "#/definitions/io.k8s.api.networking.v1.IPBlock", + "description": "IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be." + }, + "namespaceSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.\n\nIf PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector." + }, + "podSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.\n\nIf NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace." + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1.NetworkPolicyPort": { + "description": "NetworkPolicyPort describes a port to allow traffic on", + "properties": { + "port": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers." + }, + "protocol": { + "description": "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1.NetworkPolicySpec": { + "description": "NetworkPolicySpec provides the specification of a NetworkPolicy", + "properties": { + "egress": { + "description": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyEgressRule" + }, + "type": "array" + }, + "ingress": { + "description": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyIngressRule" + }, + "type": "array" + }, + "podSelector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace." + }, + "policyTypes": { + "description": "List of rule types that the NetworkPolicy relates to. Valid options are \"Ingress\", \"Egress\", or \"Ingress,Egress\". If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "podSelector" + ], + "type": "object" + }, + "io.k8s.api.networking.v1beta1.HTTPIngressPath": { + "description": "HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.", + "properties": { + "backend": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressBackend", + "description": "Backend defines the referenced service endpoint to which the traffic will be forwarded to." + }, + "path": { + "description": "Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend.", + "type": "string" + } + }, + "required": [ + "backend" + ], + "type": "object" + }, + "io.k8s.api.networking.v1beta1.HTTPIngressRuleValue": { + "description": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", + "properties": { + "paths": { + "description": "A collection of paths that map requests to backends.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.HTTPIngressPath" + }, + "type": "array" + } + }, + "required": [ + "paths" + ], + "type": "object" + }, + "io.k8s.api.networking.v1beta1.Ingress": { + "description": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressSpec", + "description": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressStatus", + "description": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.networking.v1beta1.IngressBackend": { + "description": "IngressBackend describes all endpoints for a given service and port.", + "properties": { + "serviceName": { + "description": "Specifies the name of the referenced service.", + "type": "string" + }, + "servicePort": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "Specifies the port of the referenced service." + } + }, + "required": [ + "serviceName", + "servicePort" + ], + "type": "object" + }, + "io.k8s.api.networking.v1beta1.IngressList": { + "description": "IngressList is a collection of Ingress.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of Ingress.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "networking.k8s.io", + "kind": "IngressList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.networking.v1beta1.IngressRule": { + "description": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", + "properties": { + "host": { + "description": "Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the\n\t IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.", + "type": "string" + }, + "http": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.HTTPIngressRuleValue" + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1beta1.IngressSpec": { + "description": "IngressSpec describes the Ingress the user wishes to exist.", + "properties": { + "backend": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressBackend", + "description": "A default backend capable of servicing requests that don't match any rule. At least one of 'backend' or 'rules' must be specified. This field is optional to allow the loadbalancer controller or defaulting logic to specify a global default." + }, + "rules": { + "description": "A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressRule" + }, + "type": "array" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressTLS" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1beta1.IngressStatus": { + "description": "IngressStatus describe the current state of the Ingress.", + "properties": { + "loadBalancer": { + "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerStatus", + "description": "LoadBalancer contains the current status of the load-balancer." + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1beta1.IngressTLS": { + "description": "IngressTLS describes the transport layer security associated with an Ingress.", + "properties": { + "hosts": { + "description": "Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array" + }, + "secretName": { + "description": "SecretName is the name of the secret used to terminate SSL traffic on 443. Field is left optional to allow SSL routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.policy.v1beta1.AllowedFlexVolume": { + "description": "AllowedFlexVolume represents a single Flexvolume that is allowed to be used.", + "properties": { + "driver": { + "description": "driver is the name of the Flexvolume driver.", + "type": "string" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.AllowedHostPath": { + "description": "AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined.", + "properties": { + "pathPrefix": { + "description": "pathPrefix is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`", + "type": "string" + }, + "readOnly": { + "description": "when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.", + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.api.policy.v1beta1.Eviction": { + "description": "Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod. A request to cause such an eviction is created by POSTing to .../pods//evictions.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "deleteOptions": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions", + "description": "DeleteOptions may be provided" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "ObjectMeta describes the pod that is being evicted." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "policy", + "kind": "Eviction", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.policy.v1beta1.FSGroupStrategyOptions": { + "description": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate what FSGroup is used in the SecurityContext.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.policy.v1beta1.HostPortRange": { + "description": "HostPortRange defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined.", + "properties": { + "max": { + "description": "max is the end of the range, inclusive.", + "format": "int32", + "type": "integer" + }, + "min": { + "description": "min is the start of the range, inclusive.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "min", + "max" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.IDRange": { + "description": "IDRange provides a min/max of an allowed range of IDs.", + "properties": { + "max": { + "description": "max is the end of the range, inclusive.", + "format": "int64", + "type": "integer" + }, + "min": { + "description": "min is the start of the range, inclusive.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "min", + "max" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.PodDisruptionBudget": { + "description": "PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec", + "description": "Specification of the desired behavior of the PodDisruptionBudget." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus", + "description": "Most recently observed status of the PodDisruptionBudget." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.policy.v1beta1.PodDisruptionBudgetList": { + "description": "PodDisruptionBudgetList is a collection of PodDisruptionBudgets.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "policy", + "kind": "PodDisruptionBudgetList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec": { + "description": "PodDisruptionBudgetSpec is a description of a PodDisruptionBudget.", + "properties": { + "maxUnavailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "An eviction is allowed if at most \"maxUnavailable\" pods selected by \"selector\" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with \"minAvailable\"." + }, + "minAvailable": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", + "description": "An eviction is allowed if at least \"minAvailable\" pods selected by \"selector\" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying \"100%\"." + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Label query over pods whose evictions are managed by the disruption budget." + } + }, + "type": "object" + }, + "io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus": { + "description": "PodDisruptionBudgetStatus represents information about the status of a PodDisruptionBudget. Status may trail the actual state of a system.", + "properties": { + "currentHealthy": { + "description": "current number of healthy pods", + "format": "int32", + "type": "integer" + }, + "desiredHealthy": { + "description": "minimum desired number of healthy pods", + "format": "int32", + "type": "integer" + }, + "disruptedPods": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" + }, + "description": "DisruptedPods contains information about pods whose eviction was processed by the API server eviction subresource handler but has not yet been observed by the PodDisruptionBudget controller. A pod will be in this map from the time when the API server processed the eviction request to the time when the pod is seen by PDB controller as having been marked for deletion (or after a timeout). The key in the map is the name of the pod and the value is the time when the API server processed the eviction request. If the deletion didn't occur and a pod is still there it will be removed from the list automatically by PodDisruptionBudget controller after some time. If everything goes smooth this map should be empty for the most of the time. Large number of entries in the map may indicate problems with pod deletions.", + "type": "object" + }, + "disruptionsAllowed": { + "description": "Number of pod disruptions that are currently allowed.", + "format": "int32", + "type": "integer" + }, + "expectedPods": { + "description": "total number of pods counted by this disruption budget", + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "description": "Most recent generation observed when updating this PDB status. PodDisruptionsAllowed and other status informatio is valid only if observedGeneration equals to PDB's object generation.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "disruptionsAllowed", + "currentHealthy", + "desiredHealthy", + "expectedPods" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.PodSecurityPolicy": { + "description": "PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicySpec", + "description": "spec defines the policy enforced." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.policy.v1beta1.PodSecurityPolicyList": { + "description": "PodSecurityPolicyList is a list of PodSecurityPolicy objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "policy", + "kind": "PodSecurityPolicyList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.policy.v1beta1.PodSecurityPolicySpec": { + "description": "PodSecurityPolicySpec defines the policy enforced.", + "properties": { + "allowPrivilegeEscalation": { + "description": "allowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.", + "type": "boolean" + }, + "allowedCapabilities": { + "description": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both allowedCapabilities and requiredDropCapabilities.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedFlexVolumes": { + "description": "allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.AllowedFlexVolume" + }, + "type": "array" + }, + "allowedHostPaths": { + "description": "allowedHostPaths is a white list of allowed host paths. Empty indicates that all host paths may be used.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.AllowedHostPath" + }, + "type": "array" + }, + "allowedProcMountTypes": { + "description": "AllowedProcMountTypes is a whitelist of allowed ProcMountTypes. Empty or nil indicates that only the DefaultProcMountType may be used. This requires the ProcMountType feature flag to be enabled.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedUnsafeSysctls": { + "description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.", + "items": { + "type": "string" + }, + "type": "array" + }, + "defaultAddCapabilities": { + "description": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.", + "items": { + "type": "string" + }, + "type": "array" + }, + "defaultAllowPrivilegeEscalation": { + "description": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.", + "type": "boolean" + }, + "forbiddenSysctls": { + "description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.", + "items": { + "type": "string" + }, + "type": "array" + }, + "fsGroup": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.FSGroupStrategyOptions", + "description": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext." + }, + "hostIPC": { + "description": "hostIPC determines if the policy allows the use of HostIPC in the pod spec.", + "type": "boolean" + }, + "hostNetwork": { + "description": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.", + "type": "boolean" + }, + "hostPID": { + "description": "hostPID determines if the policy allows the use of HostPID in the pod spec.", + "type": "boolean" + }, + "hostPorts": { + "description": "hostPorts determines which host port ranges are allowed to be exposed.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.HostPortRange" + }, + "type": "array" + }, + "privileged": { + "description": "privileged determines if a pod can request to be run as privileged.", + "type": "boolean" + }, + "readOnlyRootFilesystem": { + "description": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", + "type": "boolean" + }, + "requiredDropCapabilities": { + "description": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", + "items": { + "type": "string" + }, + "type": "array" + }, + "runAsGroup": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.RunAsGroupStrategyOptions", + "description": "RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set. If this field is omitted, the pod's RunAsGroup can take any value. This field requires the RunAsGroup feature gate to be enabled." + }, + "runAsUser": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.RunAsUserStrategyOptions", + "description": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set." + }, + "seLinux": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.SELinuxStrategyOptions", + "description": "seLinux is the strategy that will dictate the allowable labels that may be set." + }, + "supplementalGroups": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.SupplementalGroupsStrategyOptions", + "description": "supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext." + }, + "volumes": { + "description": "volumes is a white list of allowed volume plugins. Empty indicates that no volumes may be used. To allow all volumes you may use '*'.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "seLinux", + "runAsUser", + "supplementalGroups", + "fsGroup" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.RunAsGroupStrategyOptions": { + "description": "RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of gids that may be used. If you would like to force a single gid then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate the allowable RunAsGroup values that may be set.", + "type": "string" + } + }, + "required": [ + "rule" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.RunAsUserStrategyOptions": { + "description": "RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of uids that may be used. If you would like to force a single uid then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate the allowable RunAsUser values that may be set.", + "type": "string" + } + }, + "required": [ + "rule" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.SELinuxStrategyOptions": { + "description": "SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.", + "properties": { + "rule": { + "description": "rule is the strategy that will dictate the allowable labels that may be set.", + "type": "string" + }, + "seLinuxOptions": { + "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions", + "description": "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + } + }, + "required": [ + "rule" + ], + "type": "object" + }, + "io.k8s.api.policy.v1beta1.SupplementalGroupsStrategyOptions": { + "description": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.", + "properties": { + "ranges": { + "description": "ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end. Required for MustRunAs.", + "items": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" + }, + "type": "array" + }, + "rule": { + "description": "rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.rbac.v1.AggregationRule": { + "description": "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole", + "properties": { + "clusterRoleSelectors": { + "description": "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.rbac.v1.ClusterRole": { + "description": "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.", + "properties": { + "aggregationRule": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.AggregationRule", + "description": "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller." + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "rules": { + "description": "Rules holds all the PolicyRules for this ClusterRole", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.PolicyRule" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.ClusterRoleBinding": { + "description": "ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "roleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleRef", + "description": "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error." + }, + "subjects": { + "description": "Subjects holds references to the objects the role applies to.", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Subject" + }, + "type": "array" + } + }, + "required": [ + "roleRef" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.ClusterRoleBindingList": { + "description": "ClusterRoleBindingList is a collection of ClusterRoleBindings", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of ClusterRoleBindings", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBindingList", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.ClusterRoleList": { + "description": "ClusterRoleList is a collection of ClusterRoles", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of ClusterRoles", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleList", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.PolicyRule": { + "description": "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.", + "properties": { + "apiGroups": { + "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "nonResourceURLs": { + "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resourceNames": { + "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resources": { + "description": "Resources is a list of resources this rule applies to. ResourceAll represents all resources.", + "items": { + "type": "string" + }, + "type": "array" + }, + "verbs": { + "description": "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "verbs" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1.Role": { + "description": "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "rules": { + "description": "Rules holds all the PolicyRules for this Role", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.PolicyRule" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.RoleBinding": { + "description": "RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "roleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleRef", + "description": "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error." + }, + "subjects": { + "description": "Subjects holds references to the objects the role applies to.", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Subject" + }, + "type": "array" + } + }, + "required": [ + "roleRef" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.RoleBindingList": { + "description": "RoleBindingList is a collection of RoleBindings", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of RoleBindings", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBindingList", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.RoleList": { + "description": "RoleList is a collection of Roles", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of Roles", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleList", + "version": "v1" + } + ] + }, + "io.k8s.api.rbac.v1.RoleRef": { + "description": "RoleRef contains information that points to the role being used", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "apiGroup", + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1.Subject": { + "description": "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.", + "properties": { + "apiGroup": { + "description": "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.", + "type": "string" + }, + "kind": { + "description": "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.", + "type": "string" + }, + "name": { + "description": "Name of the object being referenced.", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1alpha1.AggregationRule": { + "description": "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole", + "properties": { + "clusterRoleSelectors": { + "description": "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.rbac.v1alpha1.ClusterRole": { + "description": "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.", + "properties": { + "aggregationRule": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.AggregationRule", + "description": "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller." + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "rules": { + "description": "Rules holds all the PolicyRules for this ClusterRole", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.PolicyRule" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.ClusterRoleBinding": { + "description": "ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "roleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleRef", + "description": "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error." + }, + "subjects": { + "description": "Subjects holds references to the objects the role applies to.", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Subject" + }, + "type": "array" + } + }, + "required": [ + "roleRef" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList": { + "description": "ClusterRoleBindingList is a collection of ClusterRoleBindings", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of ClusterRoleBindings", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBindingList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.ClusterRoleList": { + "description": "ClusterRoleList is a collection of ClusterRoles", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of ClusterRoles", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.PolicyRule": { + "description": "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.", + "properties": { + "apiGroups": { + "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "nonResourceURLs": { + "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path This name is intentionally different than the internal type so that the DefaultConvert works nicely and because the ordering may be different. Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resourceNames": { + "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resources": { + "description": "Resources is a list of resources this rule applies to. ResourceAll represents all resources.", + "items": { + "type": "string" + }, + "type": "array" + }, + "verbs": { + "description": "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "verbs" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1alpha1.Role": { + "description": "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "rules": { + "description": "Rules holds all the PolicyRules for this Role", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.PolicyRule" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.RoleBinding": { + "description": "RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "roleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleRef", + "description": "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error." + }, + "subjects": { + "description": "Subjects holds references to the objects the role applies to.", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Subject" + }, + "type": "array" + } + }, + "required": [ + "roleRef" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.RoleBindingList": { + "description": "RoleBindingList is a collection of RoleBindings", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of RoleBindings", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBindingList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.RoleList": { + "description": "RoleList is a collection of Roles", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of Roles", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.rbac.v1alpha1.RoleRef": { + "description": "RoleRef contains information that points to the role being used", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "apiGroup", + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1alpha1.Subject": { + "description": "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.", + "properties": { + "apiVersion": { + "description": "APIVersion holds the API group and version of the referenced subject. Defaults to \"v1\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io/v1alpha1\" for User and Group subjects.", + "type": "string" + }, + "kind": { + "description": "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.", + "type": "string" + }, + "name": { + "description": "Name of the object being referenced.", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1beta1.AggregationRule": { + "description": "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole", + "properties": { + "clusterRoleSelectors": { + "description": "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.rbac.v1beta1.ClusterRole": { + "description": "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.", + "properties": { + "aggregationRule": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.AggregationRule", + "description": "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller." + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "rules": { + "description": "Rules holds all the PolicyRules for this ClusterRole", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.PolicyRule" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.ClusterRoleBinding": { + "description": "ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "roleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleRef", + "description": "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error." + }, + "subjects": { + "description": "Subjects holds references to the objects the role applies to.", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Subject" + }, + "type": "array" + } + }, + "required": [ + "roleRef" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.ClusterRoleBindingList": { + "description": "ClusterRoleBindingList is a collection of ClusterRoleBindings", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of ClusterRoleBindings", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBindingList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.ClusterRoleList": { + "description": "ClusterRoleList is a collection of ClusterRoles", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of ClusterRoles", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.PolicyRule": { + "description": "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.", + "properties": { + "apiGroups": { + "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "nonResourceURLs": { + "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resourceNames": { + "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resources": { + "description": "Resources is a list of resources this rule applies to. '*' represents all resources in the specified apiGroups. '*/foo' represents the subresource 'foo' for all resources in the specified apiGroups.", + "items": { + "type": "string" + }, + "type": "array" + }, + "verbs": { + "description": "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "verbs" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1beta1.Role": { + "description": "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "rules": { + "description": "Rules holds all the PolicyRules for this Role", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.PolicyRule" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.RoleBinding": { + "description": "RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata." + }, + "roleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleRef", + "description": "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error." + }, + "subjects": { + "description": "Subjects holds references to the objects the role applies to.", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Subject" + }, + "type": "array" + } + }, + "required": [ + "roleRef" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.RoleBindingList": { + "description": "RoleBindingList is a collection of RoleBindings", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of RoleBindings", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBindingList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.RoleList": { + "description": "RoleList is a collection of Roles", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of Roles", + "items": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "rbac.authorization.k8s.io", + "kind": "RoleList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.rbac.v1beta1.RoleRef": { + "description": "RoleRef contains information that points to the role being used", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "apiGroup", + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.rbac.v1beta1.Subject": { + "description": "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.", + "properties": { + "apiGroup": { + "description": "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.", + "type": "string" + }, + "kind": { + "description": "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.", + "type": "string" + }, + "name": { + "description": "Name of the object being referenced.", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "io.k8s.api.scheduling.v1alpha1.PriorityClass": { + "description": "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "description": { + "description": "description is an arbitrary string that usually provides guidelines on when this priority class should be used.", + "type": "string" + }, + "globalDefault": { + "description": "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.", + "type": "boolean" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "value": { + "description": "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "value" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.scheduling.v1alpha1.PriorityClassList": { + "description": "PriorityClassList is a collection of priority classes.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of PriorityClasses", + "items": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "scheduling.k8s.io", + "kind": "PriorityClassList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.scheduling.v1beta1.PriorityClass": { + "description": "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "description": { + "description": "description is an arbitrary string that usually provides guidelines on when this priority class should be used.", + "type": "string" + }, + "globalDefault": { + "description": "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.", + "type": "boolean" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "value": { + "description": "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "value" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.scheduling.v1beta1.PriorityClassList": { + "description": "PriorityClassList is a collection of priority classes.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of PriorityClasses", + "items": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "scheduling.k8s.io", + "kind": "PriorityClassList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.settings.v1alpha1.PodPreset": { + "description": "PodPreset is a policy resource that defines additional runtime requirements for a Pod.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetSpec" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.settings.v1alpha1.PodPresetList": { + "description": "PodPresetList is a list of PodPreset objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is a list of schema objects.", + "items": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "settings.k8s.io", + "kind": "PodPresetList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.settings.v1alpha1.PodPresetSpec": { + "description": "PodPresetSpec is a description of a pod preset.", + "properties": { + "env": { + "description": "Env defines the collection of EnvVar to inject into containers.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvVar" + }, + "type": "array" + }, + "envFrom": { + "description": "EnvFrom defines the collection of EnvFromSource to inject into containers.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvFromSource" + }, + "type": "array" + }, + "selector": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", + "description": "Selector is a label query over a set of resources, in this case pods. Required." + }, + "volumeMounts": { + "description": "VolumeMounts defines the collection of VolumeMount to inject into containers.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.VolumeMount" + }, + "type": "array" + }, + "volumes": { + "description": "Volumes defines the collection of Volume to inject into the pod.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.Volume" + }, + "type": "array" + } + }, + "type": "object" + }, + "io.k8s.api.storage.v1.StorageClass": { + "description": "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.", + "properties": { + "allowVolumeExpansion": { + "description": "AllowVolumeExpansion shows whether the storage class allow volume expand", + "type": "boolean" + }, + "allowedTopologies": { + "description": "Restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.TopologySelectorTerm" + }, + "type": "array" + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "mountOptions": { + "description": "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", + "items": { + "type": "string" + }, + "type": "array" + }, + "parameters": { + "additionalProperties": { + "type": "string" + }, + "description": "Parameters holds the parameters for the provisioner that should create volumes of this storage class.", + "type": "object" + }, + "provisioner": { + "description": "Provisioner indicates the type of the provisioner.", + "type": "string" + }, + "reclaimPolicy": { + "description": "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.", + "type": "string" + }, + "volumeBindingMode": { + "description": "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.", + "type": "string" + } + }, + "required": [ + "provisioner" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + ] + }, + "io.k8s.api.storage.v1.StorageClassList": { + "description": "StorageClassList is a collection of storage classes.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of StorageClasses", + "items": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "StorageClassList", + "version": "v1" + } + ] + }, + "io.k8s.api.storage.v1.VolumeAttachment": { + "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentSpec", + "description": "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentStatus", + "description": "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + ] + }, + "io.k8s.api.storage.v1.VolumeAttachmentList": { + "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of VolumeAttachments", + "items": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachmentList", + "version": "v1" + } + ] + }, + "io.k8s.api.storage.v1.VolumeAttachmentSource": { + "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.", + "properties": { + "persistentVolumeName": { + "description": "Name of the persistent volume to attach.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.storage.v1.VolumeAttachmentSpec": { + "description": "VolumeAttachmentSpec is the specification of a VolumeAttachment request.", + "properties": { + "attacher": { + "description": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", + "type": "string" + }, + "nodeName": { + "description": "The node that the volume should be attached to.", + "type": "string" + }, + "source": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentSource", + "description": "Source represents the volume that should be attached." + } + }, + "required": [ + "attacher", + "source", + "nodeName" + ], + "type": "object" + }, + "io.k8s.api.storage.v1.VolumeAttachmentStatus": { + "description": "VolumeAttachmentStatus is the status of a VolumeAttachment request.", + "properties": { + "attachError": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeError", + "description": "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher." + }, + "attached": { + "description": "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "type": "boolean" + }, + "attachmentMetadata": { + "additionalProperties": { + "type": "string" + }, + "description": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "type": "object" + }, + "detachError": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeError", + "description": "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher." + } + }, + "required": [ + "attached" + ], + "type": "object" + }, + "io.k8s.api.storage.v1.VolumeError": { + "description": "VolumeError captures an error encountered during a volume operation.", + "properties": { + "message": { + "description": "String detailing the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.", + "type": "string" + }, + "time": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Time the error was encountered." + } + }, + "type": "object" + }, + "io.k8s.api.storage.v1alpha1.VolumeAttachment": { + "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentSpec", + "description": "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentStatus", + "description": "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.storage.v1alpha1.VolumeAttachmentList": { + "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of VolumeAttachments", + "items": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachmentList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.storage.v1alpha1.VolumeAttachmentSource": { + "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.", + "properties": { + "persistentVolumeName": { + "description": "Name of the persistent volume to attach.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.storage.v1alpha1.VolumeAttachmentSpec": { + "description": "VolumeAttachmentSpec is the specification of a VolumeAttachment request.", + "properties": { + "attacher": { + "description": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", + "type": "string" + }, + "nodeName": { + "description": "The node that the volume should be attached to.", + "type": "string" + }, + "source": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentSource", + "description": "Source represents the volume that should be attached." + } + }, + "required": [ + "attacher", + "source", + "nodeName" + ], + "type": "object" + }, + "io.k8s.api.storage.v1alpha1.VolumeAttachmentStatus": { + "description": "VolumeAttachmentStatus is the status of a VolumeAttachment request.", + "properties": { + "attachError": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeError", + "description": "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher." + }, + "attached": { + "description": "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "type": "boolean" + }, + "attachmentMetadata": { + "additionalProperties": { + "type": "string" + }, + "description": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "type": "object" + }, + "detachError": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeError", + "description": "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher." + } + }, + "required": [ + "attached" + ], + "type": "object" + }, + "io.k8s.api.storage.v1alpha1.VolumeError": { + "description": "VolumeError captures an error encountered during a volume operation.", + "properties": { + "message": { + "description": "String detailing the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.", + "type": "string" + }, + "time": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Time the error was encountered." + } + }, + "type": "object" + }, + "io.k8s.api.storage.v1beta1.StorageClass": { + "description": "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.", + "properties": { + "allowVolumeExpansion": { + "description": "AllowVolumeExpansion shows whether the storage class allow volume expand", + "type": "boolean" + }, + "allowedTopologies": { + "description": "Restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.TopologySelectorTerm" + }, + "type": "array" + }, + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "mountOptions": { + "description": "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", + "items": { + "type": "string" + }, + "type": "array" + }, + "parameters": { + "additionalProperties": { + "type": "string" + }, + "description": "Parameters holds the parameters for the provisioner that should create volumes of this storage class.", + "type": "object" + }, + "provisioner": { + "description": "Provisioner indicates the type of the provisioner.", + "type": "string" + }, + "reclaimPolicy": { + "description": "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.", + "type": "string" + }, + "volumeBindingMode": { + "description": "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.", + "type": "string" + } + }, + "required": [ + "provisioner" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.storage.v1beta1.StorageClassList": { + "description": "StorageClassList is a collection of storage classes.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of StorageClasses", + "items": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "StorageClassList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.storage.v1beta1.VolumeAttachment": { + "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentSpec", + "description": "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentStatus", + "description": "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.storage.v1beta1.VolumeAttachmentList": { + "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items is the list of VolumeAttachments", + "items": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "storage.k8s.io", + "kind": "VolumeAttachmentList", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.storage.v1beta1.VolumeAttachmentSource": { + "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.", + "properties": { + "persistentVolumeName": { + "description": "Name of the persistent volume to attach.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.api.storage.v1beta1.VolumeAttachmentSpec": { + "description": "VolumeAttachmentSpec is the specification of a VolumeAttachment request.", + "properties": { + "attacher": { + "description": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", + "type": "string" + }, + "nodeName": { + "description": "The node that the volume should be attached to.", + "type": "string" + }, + "source": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentSource", + "description": "Source represents the volume that should be attached." + } + }, + "required": [ + "attacher", + "source", + "nodeName" + ], + "type": "object" + }, + "io.k8s.api.storage.v1beta1.VolumeAttachmentStatus": { + "description": "VolumeAttachmentStatus is the status of a VolumeAttachment request.", + "properties": { + "attachError": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeError", + "description": "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher." + }, + "attached": { + "description": "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "type": "boolean" + }, + "attachmentMetadata": { + "additionalProperties": { + "type": "string" + }, + "description": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "type": "object" + }, + "detachError": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeError", + "description": "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher." + } + }, + "required": [ + "attached" + ], + "type": "object" + }, + "io.k8s.api.storage.v1beta1.VolumeError": { + "description": "VolumeError captures an error encountered during a volume operation.", + "properties": { + "message": { + "description": "String detailing the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.", + "type": "string" + }, + "time": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Time the error was encountered." + } + }, + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceColumnDefinition": { + "description": "CustomResourceColumnDefinition specifies a column for server side printing.", + "properties": { + "JSONPath": { + "description": "JSONPath is a simple JSON path, i.e. with array notation.", + "type": "string" + }, + "description": { + "description": "description is a human readable description of this column.", + "type": "string" + }, + "format": { + "description": "format is an optional OpenAPI type definition for this column. The 'name' format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", + "type": "string" + }, + "name": { + "description": "name is a human readable name for the column.", + "type": "string" + }, + "priority": { + "description": "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.", + "format": "int32", + "type": "integer" + }, + "type": { + "description": "type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", + "type": "string" + } + }, + "required": [ + "name", + "type", + "JSONPath" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceConversion": { + "description": "CustomResourceConversion describes how to convert different versions of a CR.", + "properties": { + "strategy": { + "description": "`strategy` specifies the conversion strategy. Allowed values are: - `None`: The converter only change the apiVersion and would not touch any other field in the CR. - `Webhook`: API Server will call to an external webhook to do the conversion. Additional information is needed for this option.", + "type": "string" + }, + "webhookClientConfig": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.WebhookClientConfig", + "description": "`webhookClientConfig` is the instructions for how to call the webhook if strategy is `Webhook`. This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature." + } + }, + "required": [ + "strategy" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition": { + "description": "CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format <.spec.name>.<.spec.group>.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionSpec", + "description": "Spec describes how the user wants the resources to appear" + }, + "status": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionStatus", + "description": "Status indicates the actual state of the CustomResourceDefinition" + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + ] + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionCondition": { + "description": "CustomResourceDefinitionCondition contains details for the current condition of this pod.", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "Human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "Unique, one-word, CamelCase reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status is the status of the condition. Can be True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionList": { + "description": "CustomResourceDefinitionList is a list of CustomResourceDefinition objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "Items individual CustomResourceDefinitions", + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinitionList", + "version": "v1beta1" + } + ] + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames": { + "description": "CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition", + "properties": { + "categories": { + "description": "Categories is a list of grouped resources custom resources belong to (e.g. 'all')", + "items": { + "type": "string" + }, + "type": "array" + }, + "kind": { + "description": "Kind is the serialized kind of the resource. It is normally CamelCase and singular.", + "type": "string" + }, + "listKind": { + "description": "ListKind is the serialized kind of the list for this resource. Defaults to List.", + "type": "string" + }, + "plural": { + "description": "Plural is the plural name of the resource to serve. It must match the name of the CustomResourceDefinition-registration too: plural.group and it must be all lowercase.", + "type": "string" + }, + "shortNames": { + "description": "ShortNames are short names for the resource. It must be all lowercase.", + "items": { + "type": "string" + }, + "type": "array" + }, + "singular": { + "description": "Singular is the singular name of the resource. It must be all lowercase Defaults to lowercased ", + "type": "string" + } + }, + "required": [ + "plural", + "kind" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionSpec": { + "description": "CustomResourceDefinitionSpec describes how a user wants their resource to appear", + "properties": { + "additionalPrinterColumns": { + "description": "AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column. Optional, the global columns for all versions. Top-level and per-version columns are mutually exclusive.", + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceColumnDefinition" + }, + "type": "array" + }, + "conversion": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceConversion", + "description": "`conversion` defines conversion settings for the CRD." + }, + "group": { + "description": "Group is the group this resource belongs in", + "type": "string" + }, + "names": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames", + "description": "Names are the names used to describe this custom resource" + }, + "scope": { + "description": "Scope indicates whether this resource is cluster or namespace scoped. Default is namespaced", + "type": "string" + }, + "subresources": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresources", + "description": "Subresources describes the subresources for CustomResource Optional, the global subresources for all versions. Top-level and per-version subresources are mutually exclusive." + }, + "validation": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceValidation", + "description": "Validation describes the validation methods for CustomResources Optional, the global validation schema for all versions. Top-level and per-version schemas are mutually exclusive." + }, + "version": { + "description": "Version is the version this resource belongs in Should be always first item in Versions field if provided. Optional, but at least one of Version or Versions must be set. Deprecated: Please use `Versions`.", + "type": "string" + }, + "versions": { + "description": "Versions is the list of all supported versions for this resource. If Version field is provided, this field is optional. Validation: All versions must use the same validation schema for now. i.e., top level Validation field is applied to all of these versions. Order: The version name will be used to compute the order. If the version string is \"kube-like\", it will sort above non \"kube-like\" version strings, which are ordered lexicographically. \"Kube-like\" versions start with a \"v\", then are followed by a number (the major version), then optionally the string \"alpha\" or \"beta\" and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.", + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionVersion" + }, + "type": "array" + } + }, + "required": [ + "group", + "names", + "scope" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionStatus": { + "description": "CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition", + "properties": { + "acceptedNames": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames", + "description": "AcceptedNames are the names that are actually being used to serve discovery They may be different than the names in spec." + }, + "conditions": { + "description": "Conditions indicate state for particular aspects of a CustomResourceDefinition", + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionCondition" + }, + "type": "array" + }, + "storedVersions": { + "description": "StoredVersions are all versions of CustomResources that were ever persisted. Tracking these versions allows a migration path for stored versions in etcd. The field is mutable so the migration controller can first finish a migration to another version (i.e. that no old objects are left in the storage), and then remove the rest of the versions from this list. None of the versions in this list can be removed from the spec.Versions field.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "conditions", + "acceptedNames", + "storedVersions" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionVersion": { + "description": "CustomResourceDefinitionVersion describes a version for CRD.", + "properties": { + "additionalPrinterColumns": { + "description": "AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column. Top-level and per-version columns are mutually exclusive. Per-version columns must not all be set to identical values (top-level columns should be used instead) This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature. NOTE: CRDs created prior to 1.13 populated the top-level additionalPrinterColumns field by default. To apply an update that changes to per-version additionalPrinterColumns, the top-level additionalPrinterColumns field must be explicitly set to null", + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceColumnDefinition" + }, + "type": "array" + }, + "name": { + "description": "Name is the version name, e.g. “v1”, “v2beta1”, etc.", + "type": "string" + }, + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceValidation", + "description": "Schema describes the schema for CustomResource used in validation, pruning, and defaulting. Top-level and per-version schemas are mutually exclusive. Per-version schemas must not all be set to identical values (top-level validation schema should be used instead) This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature." + }, + "served": { + "description": "Served is a flag enabling/disabling this version from being served via REST APIs", + "type": "boolean" + }, + "storage": { + "description": "Storage flags the version as storage version. There must be exactly one flagged as storage version.", + "type": "boolean" + }, + "subresources": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresources", + "description": "Subresources describes the subresources for CustomResource Top-level and per-version subresources are mutually exclusive. Per-version subresources must not all be set to identical values (top-level subresources should be used instead) This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature." + } + }, + "required": [ + "name", + "served", + "storage" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceScale": { + "description": "CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.", + "properties": { + "labelSelectorPath": { + "description": "LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. Must be set to work with HPA. If there is no value under the given path in the CustomResource, the status label selector value in the /scale subresource will default to the empty string.", + "type": "string" + }, + "specReplicasPath": { + "description": "SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .spec. If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.", + "type": "string" + }, + "statusReplicasPath": { + "description": "StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource will default to 0.", + "type": "string" + } + }, + "required": [ + "specReplicasPath", + "statusReplicasPath" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceStatus": { + "description": "CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources. Status is represented by the `.status` JSON path inside of a CustomResource. When set, * exposes a /status subresource for the custom resource * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza", + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresources": { + "description": "CustomResourceSubresources defines the status and scale subresources for CustomResources.", + "properties": { + "scale": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceScale", + "description": "Scale denotes the scale subresource for CustomResources" + }, + "status": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceStatus", + "description": "Status denotes the status subresource for CustomResources" + } + }, + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceValidation": { + "description": "CustomResourceValidation is a list of validation methods for CustomResources.", + "properties": { + "openAPIV3Schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps", + "description": "OpenAPIV3Schema is the OpenAPI v3 schema to be validated against." + } + }, + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ExternalDocumentation": { + "description": "ExternalDocumentation allows referencing an external resource for extended documentation.", + "properties": { + "description": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON": { + "description": "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps": { + "description": "JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).", + "properties": { + "$ref": { + "type": "string" + }, + "$schema": { + "type": "string" + }, + "additionalItems": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrBool" + }, + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrBool" + }, + "allOf": { + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" + }, + "type": "array" + }, + "anyOf": { + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" + }, + "type": "array" + }, + "default": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON" + }, + "definitions": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" + }, + "type": "object" + }, + "dependencies": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrStringArray" + }, + "type": "object" + }, + "description": { + "type": "string" + }, + "enum": { + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON" + }, + "type": "array" + }, + "example": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON" + }, + "exclusiveMaximum": { + "type": "boolean" + }, + "exclusiveMinimum": { + "type": "boolean" + }, + "externalDocs": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ExternalDocumentation" + }, + "format": { + "type": "string" + }, + "id": { + "type": "string" + }, + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrArray" + }, + "maxItems": { + "format": "int64", + "type": "integer" + }, + "maxLength": { + "format": "int64", + "type": "integer" + }, + "maxProperties": { + "format": "int64", + "type": "integer" + }, + "maximum": { + "format": "double", + "type": "number" + }, + "minItems": { + "format": "int64", + "type": "integer" + }, + "minLength": { + "format": "int64", + "type": "integer" + }, + "minProperties": { + "format": "int64", + "type": "integer" + }, + "minimum": { + "format": "double", + "type": "number" + }, + "multipleOf": { + "format": "double", + "type": "number" + }, + "not": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" + }, + "oneOf": { + "items": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" + }, + "type": "array" + }, + "pattern": { + "type": "string" + }, + "patternProperties": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" + }, + "type": "object" + }, + "properties": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" + }, + "type": "object" + }, + "required": { + "items": { + "type": "string" + }, + "type": "array" + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + }, + "uniqueItems": { + "type": "boolean" + } + }, + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrArray": { + "description": "JSONSchemaPropsOrArray represents a value that can either be a JSONSchemaProps or an array of JSONSchemaProps. Mainly here for serialization purposes." + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrBool": { + "description": "JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value. Defaults to true for the boolean property." + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrStringArray": { + "description": "JSONSchemaPropsOrStringArray represents a JSONSchemaProps or a string array." + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ServiceReference": { + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "properties": { + "name": { + "description": "`name` is the name of the service. Required", + "type": "string" + }, + "namespace": { + "description": "`namespace` is the namespace of the service. Required", + "type": "string" + }, + "path": { + "description": "`path` is an optional URL path which will be sent in any request to this service.", + "type": "string" + } + }, + "required": [ + "namespace", + "name" + ], + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.WebhookClientConfig": { + "description": "WebhookClientConfig contains the information to make a TLS connection with the webhook. It has the same field as admissionregistration.v1beta1.WebhookClientConfig.", + "properties": { + "caBundle": { + "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.", + "format": "byte", + "type": "string" + }, + "service": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ServiceReference", + "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error." + }, + "url": { + "description": "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.api.resource.Quantity": { + "description": "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and Int64() accessors.\n\nThe serialization format is:\n\n ::= \n (Note that may be empty, from the \"\" case in .)\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n (International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n ::= m | \"\" | k | M | G | T | P | E\n (Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n ::= \"e\" | \"E\" \n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n a. No precision is lost\n b. No fractional digits will be emitted\n c. The exponent (or suffix) is as large as possible.\nThe sign will be omitted unless the number is negative.\n\nExamples:\n 1.5 will be serialized as \"1500m\"\n 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", + "type": "string" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup": { + "description": "APIGroup contains the name, the supported versions, and the preferred version of a group.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "name is the name of the group.", + "type": "string" + }, + "preferredVersion": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery", + "description": "preferredVersion is the version preferred by the API server, which probably is the storage version." + }, + "serverAddressByClientCIDRs": { + "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" + }, + "type": "array" + }, + "versions": { + "description": "versions are the versions supported in this group.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery" + }, + "type": "array" + } + }, + "required": [ + "name", + "versions" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "APIGroup", + "version": "v1" + } + ] + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.APIGroupList": { + "description": "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "groups": { + "description": "groups is a list of APIGroup.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + } + }, + "required": [ + "groups" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "APIGroupList", + "version": "v1" + } + ] + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.APIResource": { + "description": "APIResource specifies the name of a resource and whether it is namespaced.", + "properties": { + "categories": { + "description": "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", + "items": { + "type": "string" + }, + "type": "array" + }, + "group": { + "description": "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".", + "type": "string" + }, + "kind": { + "description": "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')", + "type": "string" + }, + "name": { + "description": "name is the plural name of the resource.", + "type": "string" + }, + "namespaced": { + "description": "namespaced indicates if a resource is namespaced or not.", + "type": "boolean" + }, + "shortNames": { + "description": "shortNames is a list of suggested short names of the resource.", + "items": { + "type": "string" + }, + "type": "array" + }, + "singularName": { + "description": "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.", + "type": "string" + }, + "storageVersionHash": { + "description": "The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates.", + "type": "string" + }, + "verbs": { + "description": "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)", + "items": { + "type": "string" + }, + "type": "array" + }, + "version": { + "description": "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".", + "type": "string" + } + }, + "required": [ + "name", + "singularName", + "namespaced", + "kind", + "verbs" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList": { + "description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "groupVersion": { + "description": "groupVersion is the group and version this APIResourceList is for.", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "resources": { + "description": "resources contains the name of the resources and if they are namespaced.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResource" + }, + "type": "array" + } + }, + "required": [ + "groupVersion", + "resources" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "APIResourceList", + "version": "v1" + } + ] + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.APIVersions": { + "description": "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "serverAddressByClientCIDRs": { + "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" + }, + "type": "array" + }, + "versions": { + "description": "versions are the api versions that are available.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "versions", + "serverAddressByClientCIDRs" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "APIVersions", + "version": "v1" + } + ] + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions": { + "description": "DeleteOptions may be provided when deleting an API object.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "dryRun": { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "items": { + "type": "string" + }, + "type": "array" + }, + "gracePeriodSeconds": { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "format": "int64", + "type": "integer" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "orphanDependents": { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "type": "boolean" + }, + "preconditions": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions", + "description": "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned." + }, + "propagationPolicy": { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "admission.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "admissionregistration.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "apiextensions.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "apiregistration.k8s.io", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "apiregistration.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "apps", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "apps", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "apps", + "kind": "DeleteOptions", + "version": "v1beta2" + }, + { + "group": "auditregistration.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, + { + "group": "authentication.k8s.io", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "authentication.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "authorization.k8s.io", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "authorization.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "autoscaling", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "autoscaling", + "kind": "DeleteOptions", + "version": "v2beta1" + }, + { + "group": "autoscaling", + "kind": "DeleteOptions", + "version": "v2beta2" + }, + { + "group": "batch", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "batch", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "batch", + "kind": "DeleteOptions", + "version": "v2alpha1" + }, + { + "group": "certificates.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "coordination.k8s.io", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "coordination.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "events.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "extensions", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "imagepolicy.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, + { + "group": "networking.k8s.io", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "networking.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "policy", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "rbac.authorization.k8s.io", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "rbac.authorization.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, + { + "group": "rbac.authorization.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "scheduling.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, + { + "group": "scheduling.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + }, + { + "group": "settings.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, + { + "group": "storage.k8s.io", + "kind": "DeleteOptions", + "version": "v1" + }, + { + "group": "storage.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, + { + "group": "storage.k8s.io", + "kind": "DeleteOptions", + "version": "v1beta1" + } + ] + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.Fields": { + "description": "Fields stores a set of fields in a data structure like a Trie. To understand how this is used, see: https://github.com/kubernetes-sigs/structured-merge-diff", + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery": { + "description": "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", + "properties": { + "groupVersion": { + "description": "groupVersion specifies the API group and version in the form \"group/version\"", + "type": "string" + }, + "version": { + "description": "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.", + "type": "string" + } + }, + "required": [ + "groupVersion", + "version" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.Initializer": { + "description": "Initializer is information about an initializer that has not yet completed.", + "properties": { + "name": { + "description": "name of the process that is responsible for initializing this object.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.Initializers": { + "description": "Initializers tracks the progress of initialization.", + "properties": { + "pending": { + "description": "Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Initializer" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, + "result": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status", + "description": "If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion." + } + }, + "required": [ + "pending" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string", + "x-kubernetes-patch-merge-key": "key", + "x-kubernetes-patch-strategy": "merge" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta": { + "description": "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", + "properties": { + "continue": { + "description": "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.", + "type": "string" + }, + "resourceVersion": { + "description": "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "selfLink": { + "description": "selfLink is a URL representing this object. Populated by the system. Read-only.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry": { + "description": "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the version of this resource that this field set applies to. The format is \"group/version\" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.", + "type": "string" + }, + "fields": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Fields", + "description": "Fields identifies a set of fields." + }, + "manager": { + "description": "Manager is an identifier of the workflow managing these fields.", + "type": "string" + }, + "operation": { + "description": "Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.", + "type": "string" + }, + "time": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply'" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime": { + "description": "MicroTime is version of Time with microsecond level precision.", + "format": "date-time", + "type": "string" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta": { + "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", + "type": "object" + }, + "clusterName": { + "description": "The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.", + "type": "string" + }, + "creationTimestamp": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "deletionGracePeriodSeconds": { + "description": "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", + "format": "int64", + "type": "integer" + }, + "deletionTimestamp": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + }, + "finalizers": { + "description": "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-patch-strategy": "merge" + }, + "generateName": { + "description": "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency", + "type": "string" + }, + "generation": { + "description": "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", + "format": "int64", + "type": "integer" + }, + "initializers": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Initializers", + "description": "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.\n\nWhen an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.\n\nDEPRECATED - initializers are an alpha field and will be removed in v1.15." + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", + "type": "object" + }, + "managedFields": { + "description": "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.\n\nThis field is alpha and can be changed or removed without notice.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry" + }, + "type": "array" + }, + "name": { + "description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "type": "string" + }, + "namespace": { + "description": "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces", + "type": "string" + }, + "ownerReferences": { + "description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "uid", + "x-kubernetes-patch-strategy": "merge" + }, + "resourceVersion": { + "description": "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "selfLink": { + "description": "SelfLink is a URL representing this object. Populated by the system. Read-only.", + "type": "string" + }, + "uid": { + "description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference": { + "description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "blockOwnerDeletion": { + "description": "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", + "type": "boolean" + }, + "controller": { + "description": "If true, this reference points to the managing controller.", + "type": "boolean" + }, + "kind": { + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "type": "string" + }, + "uid": { + "description": "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + "type": "string" + } + }, + "required": [ + "apiVersion", + "kind", + "name", + "uid" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.Patch": { + "description": "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions": { + "description": "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", + "properties": { + "uid": { + "description": "Specifies the target UID.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR": { + "description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", + "properties": { + "clientCIDR": { + "description": "The CIDR with which clients can match their IP to figure out the server address that they should use.", + "type": "string" + }, + "serverAddress": { + "description": "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.", + "type": "string" + } + }, + "required": [ + "clientCIDR", + "serverAddress" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.Status": { + "description": "Status is a return value for calls that don't return other objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "code": { + "description": "Suggested HTTP return code for this status, 0 if not set.", + "format": "int32", + "type": "integer" + }, + "details": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.StatusDetails", + "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type." + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "message": { + "description": "A human-readable description of the status of this operation.", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds" + }, + "reason": { + "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", + "type": "string" + }, + "status": { + "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "Status", + "version": "v1" + } + ] + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.StatusCause": { + "description": "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", + "properties": { + "field": { + "description": "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"", + "type": "string" + }, + "message": { + "description": "A human-readable description of the cause of the error. This field may be presented as-is to a reader.", + "type": "string" + }, + "reason": { + "description": "A machine-readable description of the cause of the error. If this value is empty there is no information available.", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.StatusDetails": { + "description": "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", + "properties": { + "causes": { + "description": "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.StatusCause" + }, + "type": "array" + }, + "group": { + "description": "The group attribute of the resource associated with the status StatusReason.", + "type": "string" + }, + "kind": { + "description": "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).", + "type": "string" + }, + "retryAfterSeconds": { + "description": "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.", + "format": "int32", + "type": "integer" + }, + "uid": { + "description": "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.Time": { + "description": "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", + "format": "date-time", + "type": "string" + }, + "io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent": { + "description": "Event represents a single event to a watched resource.", + "properties": { + "object": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension", + "description": "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context." + }, + "type": { + "type": "string" + } + }, + "required": [ + "type", + "object" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "admission.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "admissionregistration.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "apiextensions.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "apiregistration.k8s.io", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "apiregistration.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "apps", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "apps", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "apps", + "kind": "WatchEvent", + "version": "v1beta2" + }, + { + "group": "auditregistration.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, + { + "group": "authentication.k8s.io", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "authentication.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "authorization.k8s.io", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "authorization.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "autoscaling", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "autoscaling", + "kind": "WatchEvent", + "version": "v2beta1" + }, + { + "group": "autoscaling", + "kind": "WatchEvent", + "version": "v2beta2" + }, + { + "group": "batch", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "batch", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "batch", + "kind": "WatchEvent", + "version": "v2alpha1" + }, + { + "group": "certificates.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "coordination.k8s.io", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "coordination.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "events.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "extensions", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "imagepolicy.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, + { + "group": "networking.k8s.io", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "networking.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "policy", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "rbac.authorization.k8s.io", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "rbac.authorization.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, + { + "group": "rbac.authorization.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "scheduling.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, + { + "group": "scheduling.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + }, + { + "group": "settings.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, + { + "group": "storage.k8s.io", + "kind": "WatchEvent", + "version": "v1" + }, + { + "group": "storage.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, + { + "group": "storage.k8s.io", + "kind": "WatchEvent", + "version": "v1beta1" + } + ] + }, + "io.k8s.apimachinery.pkg.runtime.RawExtension": { + "description": "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.Object `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// External package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// On the wire, the JSON will look something like this: {\n\t\"kind\":\"MyAPIObject\",\n\t\"apiVersion\":\"v1\",\n\t\"myPlugin\": {\n\t\t\"kind\":\"PluginA\",\n\t\t\"aOption\":\"foo\",\n\t},\n}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)", + "properties": { + "Raw": { + "description": "Raw is the underlying serialization of this object.", + "format": "byte", + "type": "string" + } + }, + "required": [ + "Raw" + ], + "type": "object" + }, + "io.k8s.apimachinery.pkg.util.intstr.IntOrString": { + "description": "IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.", + "format": "int-or-string", + "type": "string" + }, + "io.k8s.apimachinery.pkg.version.Info": { + "description": "Info contains versioning information. how we'll want to distribute that information.", + "properties": { + "buildDate": { + "type": "string" + }, + "compiler": { + "type": "string" + }, + "gitCommit": { + "type": "string" + }, + "gitTreeState": { + "type": "string" + }, + "gitVersion": { + "type": "string" + }, + "goVersion": { + "type": "string" + }, + "major": { + "type": "string" + }, + "minor": { + "type": "string" + }, + "platform": { + "type": "string" + } + }, + "required": [ + "major", + "minor", + "gitVersion", + "gitCommit", + "gitTreeState", + "buildDate", + "goVersion", + "compiler", + "platform" + ], + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService": { + "description": "APIService represents a server for a particular GroupVersion. Name must be \"version.group\".", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceSpec", + "description": "Spec contains information for locating and communicating with a server" + }, + "status": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceStatus", + "description": "Status contains derived information about an API server" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + ] + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceCondition": { + "description": "APIServiceCondition describes the state of an APIService at a particular point", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "Human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "Unique, one-word, CamelCase reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status is the status of the condition. Can be True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceList": { + "description": "APIServiceList is a list of APIService objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apiregistration.k8s.io", + "kind": "APIServiceList", + "version": "v1" + } + ] + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceSpec": { + "description": "APIServiceSpec contains information for locating and communicating with a server. Only https is supported, though you are able to disable certificate verification.", + "properties": { + "caBundle": { + "description": "CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. If unspecified, system trust roots on the apiserver are used.", + "format": "byte", + "type": "string" + }, + "group": { + "description": "Group is the API group name this server hosts", + "type": "string" + }, + "groupPriorityMinimum": { + "description": "GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object. (v1.bar before v1.foo) We'd recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s", + "format": "int32", + "type": "integer" + }, + "insecureSkipTLSVerify": { + "description": "InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged. You should use the CABundle instead.", + "type": "boolean" + }, + "service": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.ServiceReference", + "description": "Service is a reference to the service for this API server. It must communicate on port 443 If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled." + }, + "version": { + "description": "Version is the API version this server hosts. For example, \"v1\"", + "type": "string" + }, + "versionPriority": { + "description": "VersionPriority controls the ordering of this API version inside of its group. Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). Since it's inside of a group, the number can be small, probably in the 10s. In case of equal version priorities, the version string will be used to compute the order inside a group. If the version string is \"kube-like\", it will sort above non \"kube-like\" version strings, which are ordered lexicographically. \"Kube-like\" versions start with a \"v\", then are followed by a number (the major version), then optionally the string \"alpha\" or \"beta\" and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "service", + "groupPriorityMinimum", + "versionPriority" + ], + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceStatus": { + "description": "APIServiceStatus contains derived information about an API server", + "properties": { + "conditions": { + "description": "Current service state of apiService.", + "items": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + } + }, + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.ServiceReference": { + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "properties": { + "name": { + "description": "Name is the name of the service", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the service", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService": { + "description": "APIService represents a server for a particular GroupVersion. Name must be \"version.group\".", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + }, + "spec": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceSpec", + "description": "Spec contains information for locating and communicating with a server" + }, + "status": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceStatus", + "description": "Status contains derived information about an API server" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + ] + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceCondition": { + "description": "APIServiceCondition describes the state of an APIService at a particular point", + "properties": { + "lastTransitionTime": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", + "description": "Last time the condition transitioned from one status to another." + }, + "message": { + "description": "Human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "Unique, one-word, CamelCase reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status is the status of the condition. Can be True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceList": { + "description": "APIServiceList is a list of APIService objects.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "items": { + "items": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "apiregistration.k8s.io", + "kind": "APIServiceList", + "version": "v1beta1" + } + ] + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceSpec": { + "description": "APIServiceSpec contains information for locating and communicating with a server. Only https is supported, though you are able to disable certificate verification.", + "properties": { + "caBundle": { + "description": "CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. If unspecified, system trust roots on the apiserver are used.", + "format": "byte", + "type": "string" + }, + "group": { + "description": "Group is the API group name this server hosts", + "type": "string" + }, + "groupPriorityMinimum": { + "description": "GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object. (v1.bar before v1.foo) We'd recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s", + "format": "int32", + "type": "integer" + }, + "insecureSkipTLSVerify": { + "description": "InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged. You should use the CABundle instead.", + "type": "boolean" + }, + "service": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.ServiceReference", + "description": "Service is a reference to the service for this API server. It must communicate on port 443 If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled." + }, + "version": { + "description": "Version is the API version this server hosts. For example, \"v1\"", + "type": "string" + }, + "versionPriority": { + "description": "VersionPriority controls the ordering of this API version inside of its group. Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). Since it's inside of a group, the number can be small, probably in the 10s. In case of equal version priorities, the version string will be used to compute the order inside a group. If the version string is \"kube-like\", it will sort above non \"kube-like\" version strings, which are ordered lexicographically. \"Kube-like\" versions start with a \"v\", then are followed by a number (the major version), then optionally the string \"alpha\" or \"beta\" and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "service", + "groupPriorityMinimum", + "versionPriority" + ], + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceStatus": { + "description": "APIServiceStatus contains derived information about an API server", + "properties": { + "conditions": { + "description": "Current service state of apiService.", + "items": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceCondition" + }, + "type": "array", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge" + } + }, + "type": "object" + }, + "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.ServiceReference": { + "description": "ServiceReference holds a reference to Service.legacy.k8s.io", + "properties": { + "name": { + "description": "Name is the name of the service", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the service", + "type": "string" + } + }, + "type": "object" + }, + "io.k8s.kubernetes.pkg.api.v1.AWSElasticBlockStoreVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Affinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.Affinity", + "description": "Deprecated. Please use io.k8s.api.core.v1.Affinity instead." + }, + "io.k8s.kubernetes.pkg.api.v1.AttachedVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.AttachedVolume", + "description": "Deprecated. Please use io.k8s.api.core.v1.AttachedVolume instead." + }, + "io.k8s.kubernetes.pkg.api.v1.AzureDiskVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.AzureDiskVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.AzureDiskVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.AzureFileVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.AzureFileVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.AzureFileVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Binding": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding", + "description": "Deprecated. Please use io.k8s.api.core.v1.Binding instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Capabilities": { + "$ref": "#/definitions/io.k8s.api.core.v1.Capabilities", + "description": "Deprecated. Please use io.k8s.api.core.v1.Capabilities instead." + }, + "io.k8s.kubernetes.pkg.api.v1.CephFSVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.CephFSVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.CephFSVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.CinderVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.CinderVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.CinderVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ComponentCondition": { + "$ref": "#/definitions/io.k8s.api.core.v1.ComponentCondition", + "description": "Deprecated. Please use io.k8s.api.core.v1.ComponentCondition instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ComponentStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.ComponentStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ComponentStatusList": { + "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatusList", + "description": "Deprecated. Please use io.k8s.api.core.v1.ComponentStatusList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ConfigMap": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap", + "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMap instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ConfigMapEnvSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapEnvSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapEnvSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ConfigMapKeySelector": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapKeySelector", + "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapKeySelector instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ConfigMapList": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapList", + "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ConfigMapProjection": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapProjection", + "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapProjection instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ConfigMapVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Container": { + "$ref": "#/definitions/io.k8s.api.core.v1.Container", + "description": "Deprecated. Please use io.k8s.api.core.v1.Container instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ContainerImage": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerImage", + "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerImage instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ContainerPort": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerPort", + "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerPort instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ContainerState": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState", + "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerState instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ContainerStateRunning": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateRunning", + "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStateRunning instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ContainerStateTerminated": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateTerminated", + "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStateTerminated instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ContainerStateWaiting": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateWaiting", + "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStateWaiting instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ContainerStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.DaemonEndpoint": { + "$ref": "#/definitions/io.k8s.api.core.v1.DaemonEndpoint", + "description": "Deprecated. Please use io.k8s.api.core.v1.DaemonEndpoint instead." + }, + "io.k8s.kubernetes.pkg.api.v1.DownwardAPIProjection": { + "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIProjection", + "description": "Deprecated. Please use io.k8s.api.core.v1.DownwardAPIProjection instead." + }, + "io.k8s.kubernetes.pkg.api.v1.DownwardAPIVolumeFile": { + "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeFile", + "description": "Deprecated. Please use io.k8s.api.core.v1.DownwardAPIVolumeFile instead." + }, + "io.k8s.kubernetes.pkg.api.v1.DownwardAPIVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.DownwardAPIVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EmptyDirVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.EmptyDirVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.EmptyDirVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EndpointAddress": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointAddress", + "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointAddress instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EndpointPort": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointPort", + "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointPort instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EndpointSubset": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointSubset", + "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointSubset instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Endpoints": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints", + "description": "Deprecated. Please use io.k8s.api.core.v1.Endpoints instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EndpointsList": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointsList", + "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointsList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EnvFromSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvFromSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.EnvFromSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EnvVar": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvVar", + "description": "Deprecated. Please use io.k8s.api.core.v1.EnvVar instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EnvVarSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.EnvVarSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.EnvVarSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Event": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event", + "description": "Deprecated. Please use io.k8s.api.core.v1.Event instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EventList": { + "$ref": "#/definitions/io.k8s.api.core.v1.EventList", + "description": "Deprecated. Please use io.k8s.api.core.v1.EventList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.EventSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.EventSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.EventSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ExecAction": { + "$ref": "#/definitions/io.k8s.api.core.v1.ExecAction", + "description": "Deprecated. Please use io.k8s.api.core.v1.ExecAction instead." + }, + "io.k8s.kubernetes.pkg.api.v1.FCVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.FCVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.FCVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.FlexVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.FlexVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.FlexVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.FlockerVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.FlockerVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.FlockerVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.GCEPersistentDiskVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.GCEPersistentDiskVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.GCEPersistentDiskVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.GitRepoVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.GitRepoVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.GitRepoVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.GlusterfsVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.GlusterfsVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.GlusterfsVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.HTTPGetAction": { + "$ref": "#/definitions/io.k8s.api.core.v1.HTTPGetAction", + "description": "Deprecated. Please use io.k8s.api.core.v1.HTTPGetAction instead." + }, + "io.k8s.kubernetes.pkg.api.v1.HTTPHeader": { + "$ref": "#/definitions/io.k8s.api.core.v1.HTTPHeader", + "description": "Deprecated. Please use io.k8s.api.core.v1.HTTPHeader instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Handler": { + "$ref": "#/definitions/io.k8s.api.core.v1.Handler", + "description": "Deprecated. Please use io.k8s.api.core.v1.Handler instead." + }, + "io.k8s.kubernetes.pkg.api.v1.HostAlias": { + "$ref": "#/definitions/io.k8s.api.core.v1.HostAlias", + "description": "Deprecated. Please use io.k8s.api.core.v1.HostAlias instead." + }, + "io.k8s.kubernetes.pkg.api.v1.HostPathVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.HostPathVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ISCSIVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.ISCSIVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.KeyToPath": { + "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath", + "description": "Deprecated. Please use io.k8s.api.core.v1.KeyToPath instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Lifecycle": { + "$ref": "#/definitions/io.k8s.api.core.v1.Lifecycle", + "description": "Deprecated. Please use io.k8s.api.core.v1.Lifecycle instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LimitRange": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange", + "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRange instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LimitRangeItem": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeItem", + "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRangeItem instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LimitRangeList": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeList", + "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRangeList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LimitRangeSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRangeSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LoadBalancerIngress": { + "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerIngress", + "description": "Deprecated. Please use io.k8s.api.core.v1.LoadBalancerIngress instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LoadBalancerStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.LoadBalancerStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LocalObjectReference": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference", + "description": "Deprecated. Please use io.k8s.api.core.v1.LocalObjectReference instead." + }, + "io.k8s.kubernetes.pkg.api.v1.LocalVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.LocalVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.LocalVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NFSVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.NFSVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.NFSVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Namespace": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace", + "description": "Deprecated. Please use io.k8s.api.core.v1.Namespace instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NamespaceList": { + "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceList", + "description": "Deprecated. Please use io.k8s.api.core.v1.NamespaceList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NamespaceSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.NamespaceSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NamespaceStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.NamespaceStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Node": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node", + "description": "Deprecated. Please use io.k8s.api.core.v1.Node instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeAddress": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeAddress", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeAddress instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeAffinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeAffinity", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeAffinity instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeCondition": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeCondition", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeCondition instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeDaemonEndpoints": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeDaemonEndpoints", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeDaemonEndpoints instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeList": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeList", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeSelector": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSelector instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeSelectorRequirement": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorRequirement", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSelectorRequirement instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeSelectorTerm": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorTerm", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSelectorTerm instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.NodeSystemInfo": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeSystemInfo", + "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSystemInfo instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ObjectFieldSelector": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectFieldSelector", + "description": "Deprecated. Please use io.k8s.api.core.v1.ObjectFieldSelector instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ObjectReference": { + "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference", + "description": "Deprecated. Please use io.k8s.api.core.v1.ObjectReference instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolume": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolume instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaim": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaim instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimList": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimList", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeList": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeList", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PhotonPersistentDiskVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Pod": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod", + "description": "Deprecated. Please use io.k8s.api.core.v1.Pod instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodAffinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinity", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodAffinity instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodAffinityTerm": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodAffinityTerm instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodAntiAffinity": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodAntiAffinity", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodAntiAffinity instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodCondition": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodCondition", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodCondition instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodList": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodList", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodSecurityContext": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodSecurityContext", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodSecurityContext instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodTemplate": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodTemplate instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodTemplateList": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateList", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodTemplateList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PodTemplateSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.PodTemplateSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PortworxVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.PortworxVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.PortworxVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.PreferredSchedulingTerm": { + "$ref": "#/definitions/io.k8s.api.core.v1.PreferredSchedulingTerm", + "description": "Deprecated. Please use io.k8s.api.core.v1.PreferredSchedulingTerm instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Probe": { + "$ref": "#/definitions/io.k8s.api.core.v1.Probe", + "description": "Deprecated. Please use io.k8s.api.core.v1.Probe instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ProjectedVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.ProjectedVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.ProjectedVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.QuobyteVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.QuobyteVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.QuobyteVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.RBDVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.RBDVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.RBDVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ReplicationController": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController", + "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationController instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerCondition": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerCondition", + "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerCondition instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerList": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerList", + "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ResourceFieldSelector": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceFieldSelector", + "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceFieldSelector instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ResourceQuota": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota", + "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuota instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ResourceQuotaList": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaList", + "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuotaList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ResourceQuotaSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuotaSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ResourceQuotaStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuotaStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ResourceRequirements": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements", + "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceRequirements instead." + }, + "io.k8s.kubernetes.pkg.api.v1.SELinuxOptions": { + "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions", + "description": "Deprecated. Please use io.k8s.api.core.v1.SELinuxOptions instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ScaleIOVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.ScaleIOVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.ScaleIOVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Secret": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret", + "description": "Deprecated. Please use io.k8s.api.core.v1.Secret instead." + }, + "io.k8s.kubernetes.pkg.api.v1.SecretEnvSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretEnvSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.SecretEnvSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.SecretKeySelector": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector", + "description": "Deprecated. Please use io.k8s.api.core.v1.SecretKeySelector instead." + }, + "io.k8s.kubernetes.pkg.api.v1.SecretList": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretList", + "description": "Deprecated. Please use io.k8s.api.core.v1.SecretList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.SecretProjection": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretProjection", + "description": "Deprecated. Please use io.k8s.api.core.v1.SecretProjection instead." + }, + "io.k8s.kubernetes.pkg.api.v1.SecretVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.SecretVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.SecurityContext": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecurityContext", + "description": "Deprecated. Please use io.k8s.api.core.v1.SecurityContext instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Service": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service", + "description": "Deprecated. Please use io.k8s.api.core.v1.Service instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ServiceAccount": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount", + "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceAccount instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ServiceAccountList": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountList", + "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceAccountList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ServiceList": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceList", + "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceList instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ServicePort": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServicePort", + "description": "Deprecated. Please use io.k8s.api.core.v1.ServicePort instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ServiceSpec": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceSpec", + "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceSpec instead." + }, + "io.k8s.kubernetes.pkg.api.v1.ServiceStatus": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceStatus", + "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceStatus instead." + }, + "io.k8s.kubernetes.pkg.api.v1.StorageOSPersistentVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSPersistentVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.StorageOSPersistentVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.StorageOSVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.StorageOSVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.TCPSocketAction": { + "$ref": "#/definitions/io.k8s.api.core.v1.TCPSocketAction", + "description": "Deprecated. Please use io.k8s.api.core.v1.TCPSocketAction instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Taint": { + "$ref": "#/definitions/io.k8s.api.core.v1.Taint", + "description": "Deprecated. Please use io.k8s.api.core.v1.Taint instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Toleration": { + "$ref": "#/definitions/io.k8s.api.core.v1.Toleration", + "description": "Deprecated. Please use io.k8s.api.core.v1.Toleration instead." + }, + "io.k8s.kubernetes.pkg.api.v1.Volume": { + "$ref": "#/definitions/io.k8s.api.core.v1.Volume", + "description": "Deprecated. Please use io.k8s.api.core.v1.Volume instead." + }, + "io.k8s.kubernetes.pkg.api.v1.VolumeMount": { + "$ref": "#/definitions/io.k8s.api.core.v1.VolumeMount", + "description": "Deprecated. Please use io.k8s.api.core.v1.VolumeMount instead." + }, + "io.k8s.kubernetes.pkg.api.v1.VolumeProjection": { + "$ref": "#/definitions/io.k8s.api.core.v1.VolumeProjection", + "description": "Deprecated. Please use io.k8s.api.core.v1.VolumeProjection instead." + }, + "io.k8s.kubernetes.pkg.api.v1.VsphereVirtualDiskVolumeSource": { + "$ref": "#/definitions/io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource", + "description": "Deprecated. Please use io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource instead." + }, + "io.k8s.kubernetes.pkg.api.v1.WeightedPodAffinityTerm": { + "$ref": "#/definitions/io.k8s.api.core.v1.WeightedPodAffinityTerm", + "description": "Deprecated. Please use io.k8s.api.core.v1.WeightedPodAffinityTerm instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ControllerRevision": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ControllerRevision instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ControllerRevisionList": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevisionList", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ControllerRevisionList instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.Deployment": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.Deployment instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentCondition": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentCondition", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentCondition instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentList": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentList", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentList instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentRollback": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentRollback", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentRollback instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentSpec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentSpec", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentStatus": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStatus", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStrategy", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentStrategy instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.RollbackConfig": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollbackConfig", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.RollbackConfig instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.RollingUpdateDeployment": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateDeployment", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.RollingUpdateDeployment instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.RollingUpdateStatefulSetStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.Scale": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.Scale instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ScaleSpec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleSpec", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ScaleSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ScaleStatus": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleStatus", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ScaleStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSet": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSet instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetList": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetList", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetList instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetSpec": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetSpec", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetStatus": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetStatus", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetUpdateStrategy": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy", + "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1.TokenReview": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview", + "description": "Deprecated. Please use io.k8s.api.authentication.v1.TokenReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1.TokenReviewSpec": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewSpec", + "description": "Deprecated. Please use io.k8s.api.authentication.v1.TokenReviewSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1.TokenReviewStatus": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewStatus", + "description": "Deprecated. Please use io.k8s.api.authentication.v1.TokenReviewStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1.UserInfo": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.UserInfo", + "description": "Deprecated. Please use io.k8s.api.authentication.v1.UserInfo instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.TokenReview": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview", + "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.TokenReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.TokenReviewSpec": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewSpec", + "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.TokenReviewSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.TokenReviewStatus": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewStatus", + "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.TokenReviewStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.UserInfo": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.UserInfo", + "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.UserInfo instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.LocalSubjectAccessReview": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.LocalSubjectAccessReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.NonResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceAttributes", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.NonResourceAttributes instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.ResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.ResourceAttributes instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.SelfSubjectAccessReview": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.SelfSubjectAccessReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.SelfSubjectAccessReviewSpec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.SubjectAccessReview": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.SubjectAccessReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.SubjectAccessReviewSpec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewSpec", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.SubjectAccessReviewSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1.SubjectAccessReviewStatus": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus", + "description": "Deprecated. Please use io.k8s.api.authorization.v1.SubjectAccessReviewStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.LocalSubjectAccessReview": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.NonResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceAttributes", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.NonResourceAttributes instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.ResourceAttributes": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.ResourceAttributes instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SelfSubjectAccessReview": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SelfSubjectAccessReviewSpec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SubjectAccessReview": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SubjectAccessReview instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SubjectAccessReviewSpec": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SubjectAccessReviewStatus": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus", + "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.CrossVersionObjectReference": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.CrossVersionObjectReference", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.CrossVersionObjectReference instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscaler": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscalerList": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscalerSpec": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscalerStatus": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.Scale": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.Scale instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.ScaleSpec": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleSpec", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.ScaleSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.autoscaling.v1.ScaleStatus": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleStatus", + "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.ScaleStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v1.Job": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job", + "description": "Deprecated. Please use io.k8s.api.batch.v1.Job instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v1.JobCondition": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobCondition", + "description": "Deprecated. Please use io.k8s.api.batch.v1.JobCondition instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v1.JobList": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobList", + "description": "Deprecated. Please use io.k8s.api.batch.v1.JobList instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v1.JobSpec": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec", + "description": "Deprecated. Please use io.k8s.api.batch.v1.JobSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v1.JobStatus": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobStatus", + "description": "Deprecated. Please use io.k8s.api.batch.v1.JobStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJob": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob", + "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJob instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJobList": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobList", + "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJobList instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJobSpec": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobSpec", + "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJobSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJobStatus": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobStatus", + "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJobStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.JobTemplateSpec": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.JobTemplateSpec", + "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.JobTemplateSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequest": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest", + "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequest instead." + }, + "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestCondition": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition", + "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition instead." + }, + "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestList": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestList", + "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestList instead." + }, + "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestSpec": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec", + "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestStatus": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus", + "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSet": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSet instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetList": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetList", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetList instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetSpec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetSpec", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetStatus": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetStatus", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetUpdateStrategy": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.Deployment": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.Deployment instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentCondition": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentCondition", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentCondition instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentList": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentList", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentList instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentRollback": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentRollback", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentRollback instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentSpec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentSpec", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentStatus": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStatus", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentStrategy": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStrategy", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentStrategy instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.FSGroupStrategyOptions": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.HTTPIngressPath": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressPath", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.HTTPIngressPath instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.HTTPIngressRuleValue": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.HostPortRange": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HostPortRange", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.HostPortRange instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IDRange": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IDRange instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.Ingress": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.Ingress instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressBackend": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressBackend", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressBackend instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressList": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressList", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressList instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressRule": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressRule", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressRule instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressSpec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressSpec", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressStatus": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressStatus", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressTLS": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressTLS", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressTLS instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicy": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicy instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyIngressRule": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyList": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyList", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyList instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyPeer": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPeer", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyPeer instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyPort": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPort", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyPort instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicySpec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicySpec", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicySpec instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.PodSecurityPolicy": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.PodSecurityPolicy instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.PodSecurityPolicyList": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicyList", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.PodSecurityPolicyList instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.PodSecurityPolicySpec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSet": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSet instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetCondition": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetCondition", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetCondition instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetList": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetList", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetList instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetSpec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetSpec", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetStatus": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetStatus", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RollbackConfig": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollbackConfig", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RollbackConfig instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RollingUpdateDaemonSet": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RollingUpdateDeployment": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDeployment", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RollingUpdateDeployment instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RunAsUserStrategyOptions": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.SELinuxStrategyOptions": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.Scale": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.Scale instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ScaleSpec": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleSpec", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ScaleSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ScaleStatus": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleStatus", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ScaleStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.SupplementalGroupsStrategyOptions": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions", + "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions instead." + }, + "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicy": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy", + "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicy instead." + }, + "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyIngressRule": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyIngressRule", + "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyIngressRule instead." + }, + "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyList": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyList", + "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyList instead." + }, + "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyPeer": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer", + "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyPeer instead." + }, + "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyPort": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort", + "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyPort instead." + }, + "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicySpec": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicySpec", + "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicySpec instead." + }, + "io.k8s.kubernetes.pkg.apis.policy.v1beta1.Eviction": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction", + "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.Eviction instead." + }, + "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudget": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget", + "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudget instead." + }, + "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudgetList": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetList", + "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudgetList instead." + }, + "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudgetSpec": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec", + "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudgetStatus": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus", + "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRole": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRole instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRoleBinding": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRoleBinding instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRoleBindingList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRoleList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRoleList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.PolicyRule": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.PolicyRule", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.PolicyRule instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.Role": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.Role instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleBinding": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleBinding instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleBindingList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBindingList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleBindingList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleRef", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleRef instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.Subject": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Subject", + "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.Subject instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRole": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRole instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRoleBinding": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRoleBinding instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRoleBindingList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBindingList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRoleBindingList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRoleList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRoleList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.PolicyRule": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.PolicyRule", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.PolicyRule instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.Role": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.Role instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleBinding": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleBinding instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleBindingList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBindingList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleBindingList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleList": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleList", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleList instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleRef": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleRef", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleRef instead." + }, + "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.Subject": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Subject", + "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.Subject instead." + }, + "io.k8s.kubernetes.pkg.apis.settings.v1alpha1.PodPreset": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset", + "description": "Deprecated. Please use io.k8s.api.settings.v1alpha1.PodPreset instead." + }, + "io.k8s.kubernetes.pkg.apis.settings.v1alpha1.PodPresetList": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetList", + "description": "Deprecated. Please use io.k8s.api.settings.v1alpha1.PodPresetList instead." + }, + "io.k8s.kubernetes.pkg.apis.settings.v1alpha1.PodPresetSpec": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetSpec", + "description": "Deprecated. Please use io.k8s.api.settings.v1alpha1.PodPresetSpec instead." + }, + "io.k8s.kubernetes.pkg.apis.storage.v1.StorageClass": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass", + "description": "Deprecated. Please use io.k8s.api.storage.v1.StorageClass instead." + }, + "io.k8s.kubernetes.pkg.apis.storage.v1.StorageClassList": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClassList", + "description": "Deprecated. Please use io.k8s.api.storage.v1.StorageClassList instead." + }, + "io.k8s.kubernetes.pkg.apis.storage.v1beta1.StorageClass": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass", + "description": "Deprecated. Please use io.k8s.api.storage.v1beta1.StorageClass instead." + }, + "io.k8s.kubernetes.pkg.apis.storage.v1beta1.StorageClassList": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClassList", + "description": "Deprecated. Please use io.k8s.api.storage.v1beta1.StorageClassList instead." + } + }, "info": { - "title": "Kubernetes", - "version": "v1.14.0" + "title": "Kubernetes", + "version": "v1.15.0" }, "paths": { - "/api/": { - "get": { - "description": "get available API versions", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core" - ], - "operationId": "getCoreAPIVersions", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIVersions" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/api/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "getCoreV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/api/v1/componentstatuses": { - "get": { - "description": "list objects of kind ComponentStatus", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1ComponentStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatusList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ComponentStatus", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/componentstatuses/{name}": { - "get": { - "description": "read the specified ComponentStatus", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1ComponentStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatus" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ComponentStatus", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ComponentStatus", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/configmaps": { - "get": { - "description": "list or watch objects of kind ConfigMap", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1ConfigMapForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/endpoints": { - "get": { - "description": "list or watch objects of kind Endpoints", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1EndpointsForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointsList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/events": { - "get": { - "description": "list or watch objects of kind Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1EventForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.EventList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/limitranges": { - "get": { - "description": "list or watch objects of kind LimitRange", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1LimitRangeForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/namespaces": { - "get": { - "description": "list or watch objects of kind Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1Namespace", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "post": { - "description": "create a Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1Namespace", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/bindings": { - "post": { - "description": "create a Binding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Binding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/configmaps": { - "get": { - "description": "list or watch objects of kind ConfigMap", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedConfigMap", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "post": { - "description": "create a ConfigMap", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedConfigMap", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ConfigMap", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedConfigMap", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/configmaps/{name}": { - "get": { - "description": "read the specified ConfigMap", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedConfigMap", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ConfigMap", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedConfigMap", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "delete": { - "description": "delete a ConfigMap", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedConfigMap", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ConfigMap", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedConfigMap", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ConfigMap", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/endpoints": { - "get": { - "description": "list or watch objects of kind Endpoints", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedEndpoints", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointsList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "post": { - "description": "create Endpoints", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedEndpoints", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Endpoints", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedEndpoints", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/endpoints/{name}": { - "get": { - "description": "read the specified Endpoints", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedEndpoints", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Endpoints", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedEndpoints", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "delete": { - "description": "delete Endpoints", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedEndpoints", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Endpoints", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedEndpoints", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Endpoints", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/events": { - "get": { - "description": "list or watch objects of kind Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedEvent", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.EventList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "post": { - "description": "create an Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedEvent", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/events/{name}": { - "get": { - "description": "read the specified Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedEvent", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "delete": { - "description": "delete an Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Event", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Event", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/limitranges": { - "get": { - "description": "list or watch objects of kind LimitRange", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedLimitRange", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "post": { - "description": "create a LimitRange", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedLimitRange", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of LimitRange", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedLimitRange", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/limitranges/{name}": { - "get": { - "description": "read the specified LimitRange", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedLimitRange", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "put": { - "description": "replace the specified LimitRange", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedLimitRange", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "delete": { - "description": "delete a LimitRange", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedLimitRange", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified LimitRange", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedLimitRange", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the LimitRange", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/persistentvolumeclaims": { - "get": { - "description": "list or watch objects of kind PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedPersistentVolumeClaim", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "post": { - "description": "create a PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedPersistentVolumeClaim", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedPersistentVolumeClaim", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}": { - "get": { - "description": "read the specified PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedPersistentVolumeClaim", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "put": { - "description": "replace the specified PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedPersistentVolumeClaim", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "delete": { - "description": "delete a PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedPersistentVolumeClaim", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified PersistentVolumeClaim", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedPersistentVolumeClaim", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PersistentVolumeClaim", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status": { - "get": { - "description": "read status of the specified PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedPersistentVolumeClaimStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedPersistentVolumeClaimStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified PersistentVolumeClaim", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedPersistentVolumeClaimStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PersistentVolumeClaim", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods": { - "get": { - "description": "list or watch objects of kind Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedPod", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "post": { - "description": "create a Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedPod", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedPod", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}": { - "get": { - "description": "read the specified Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedPod", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedPod", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "delete": { - "description": "delete a Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedPod", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Pod", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedPod", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Pod", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/attach": { - "get": { - "description": "connect GET requests to attach of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNamespacedPodAttach", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodAttachOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to attach of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNamespacedPodAttach", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodAttachOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The container in which to execute the command. Defaults to only container if there is only one container in the pod.", - "name": "container", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodAttachOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Stderr if true indicates that stderr is to be redirected for the attach call. Defaults to true.", - "name": "stderr", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Stdin if true, redirects the standard input stream of the pod for this call. Defaults to false.", - "name": "stdin", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Stdout if true indicates that stdout is to be redirected for the attach call. Defaults to true.", - "name": "stdout", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "TTY if true indicates that a tty will be allocated for the attach call. This is passed through the container runtime so the tty is allocated on the worker node by the container runtime. Defaults to false.", - "name": "tty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/binding": { - "post": { - "description": "create binding of a Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedPodBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Binding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Binding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/eviction": { - "post": { - "description": "create eviction of a Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedPodEviction", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "Eviction", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Eviction", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/exec": { - "get": { - "description": "connect GET requests to exec of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNamespacedPodExec", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodExecOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to exec of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNamespacedPodExec", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodExecOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "Command is the remote command to execute. argv array. Not executed within a shell.", - "name": "command", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Container in which to execute the command. Defaults to only container if there is only one container in the pod.", - "name": "container", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodExecOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Redirect the standard error stream of the pod for this call. Defaults to true.", - "name": "stderr", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Redirect the standard input stream of the pod for this call. Defaults to false.", - "name": "stdin", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Redirect the standard output stream of the pod for this call. Defaults to true.", - "name": "stdout", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "TTY if true indicates that a tty will be allocated for the exec call. Defaults to false.", - "name": "tty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/log": { - "get": { - "description": "read log of the specified Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "text/plain", - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedPodLog", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The container for which to stream logs. Defaults to only container if there is one container in the pod.", - "name": "container", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Follow the log stream of the pod. Defaults to false.", - "name": "follow", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.", - "name": "limitBytes", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Pod", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Return previous terminated container logs. Defaults to false.", - "name": "previous", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", - "name": "sinceSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", - "name": "tailLines", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false.", - "name": "timestamps", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/portforward": { - "get": { - "description": "connect GET requests to portforward of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNamespacedPodPortforward", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodPortForwardOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to portforward of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNamespacedPodPortforward", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodPortForwardOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodPortForwardOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "integer", - "description": "List of ports to forward Required when using WebSockets", - "name": "ports", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/proxy": { - "get": { - "description": "connect GET requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNamespacedPodProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "put": { - "description": "connect PUT requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PutNamespacedPodProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNamespacedPodProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "delete": { - "description": "connect DELETE requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1DeleteNamespacedPodProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "options": { - "description": "connect OPTIONS requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1OptionsNamespacedPodProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "head": { - "description": "connect HEAD requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1HeadNamespacedPodProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "patch": { - "description": "connect PATCH requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PatchNamespacedPodProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodProxyOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "Path is the URL path to use for the current proxy request to pod.", - "name": "path", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/proxy/{path}": { - "get": { - "description": "connect GET requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNamespacedPodProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "put": { - "description": "connect PUT requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PutNamespacedPodProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNamespacedPodProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "delete": { - "description": "connect DELETE requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1DeleteNamespacedPodProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "options": { - "description": "connect OPTIONS requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1OptionsNamespacedPodProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "head": { - "description": "connect HEAD requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1HeadNamespacedPodProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "patch": { - "description": "connect PATCH requests to proxy of Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PatchNamespacedPodProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodProxyOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodProxyOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "path to the resource", - "name": "path", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "Path is the URL path to use for the current proxy request to pod.", - "name": "path", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/pods/{name}/status": { - "get": { - "description": "read status of the specified Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedPodStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedPodStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified Pod", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedPodStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Pod", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/podtemplates": { - "get": { - "description": "list or watch objects of kind PodTemplate", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedPodTemplate", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "post": { - "description": "create a PodTemplate", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedPodTemplate", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of PodTemplate", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedPodTemplate", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/podtemplates/{name}": { - "get": { - "description": "read the specified PodTemplate", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedPodTemplate", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "put": { - "description": "replace the specified PodTemplate", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedPodTemplate", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "delete": { - "description": "delete a PodTemplate", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedPodTemplate", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified PodTemplate", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedPodTemplate", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodTemplate", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/replicationcontrollers": { - "get": { - "description": "list or watch objects of kind ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedReplicationController", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "post": { - "description": "create a ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedReplicationController", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedReplicationController", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/replicationcontrollers/{name}": { - "get": { - "description": "read the specified ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedReplicationController", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedReplicationController", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "delete": { - "description": "delete a ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedReplicationController", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ReplicationController", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedReplicationController", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicationController", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/replicationcontrollers/{name}/scale": { - "get": { - "description": "read scale of the specified ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedReplicationControllerScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "put": { - "description": "replace scale of the specified ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedReplicationControllerScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "patch": { - "description": "partially update scale of the specified ReplicationController", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedReplicationControllerScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/replicationcontrollers/{name}/status": { - "get": { - "description": "read status of the specified ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedReplicationControllerStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedReplicationControllerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified ReplicationController", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedReplicationControllerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicationController", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/resourcequotas": { - "get": { - "description": "list or watch objects of kind ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedResourceQuota", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "post": { - "description": "create a ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedResourceQuota", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedResourceQuota", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/resourcequotas/{name}": { - "get": { - "description": "read the specified ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedResourceQuota", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedResourceQuota", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "delete": { - "description": "delete a ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedResourceQuota", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ResourceQuota", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedResourceQuota", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ResourceQuota", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/resourcequotas/{name}/status": { - "get": { - "description": "read status of the specified ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedResourceQuotaStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedResourceQuotaStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified ResourceQuota", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedResourceQuotaStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ResourceQuota", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/secrets": { - "get": { - "description": "list or watch objects of kind Secret", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedSecret", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.SecretList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "post": { - "description": "create a Secret", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedSecret", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Secret", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedSecret", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/secrets/{name}": { - "get": { - "description": "read the specified Secret", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedSecret", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Secret", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedSecret", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "delete": { - "description": "delete a Secret", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedSecret", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Secret", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedSecret", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Secret", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/serviceaccounts": { - "get": { - "description": "list or watch objects of kind ServiceAccount", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedServiceAccount", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "post": { - "description": "create a ServiceAccount", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedServiceAccount", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ServiceAccount", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNamespacedServiceAccount", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/serviceaccounts/{name}": { - "get": { - "description": "read the specified ServiceAccount", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedServiceAccount", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ServiceAccount", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedServiceAccount", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "delete": { - "description": "delete a ServiceAccount", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedServiceAccount", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ServiceAccount", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedServiceAccount", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ServiceAccount", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/services": { - "get": { - "description": "list or watch objects of kind Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1NamespacedService", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "post": { - "description": "create a Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1NamespacedService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/services/{name}": { - "get": { - "description": "read the specified Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedService", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "delete": { - "description": "delete a Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1NamespacedService", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Service", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Service", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/services/{name}/proxy": { - "get": { - "description": "connect GET requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNamespacedServiceProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "put": { - "description": "connect PUT requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PutNamespacedServiceProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNamespacedServiceProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "delete": { - "description": "connect DELETE requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1DeleteNamespacedServiceProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "options": { - "description": "connect OPTIONS requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1OptionsNamespacedServiceProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "head": { - "description": "connect HEAD requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1HeadNamespacedServiceProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "patch": { - "description": "connect PATCH requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PatchNamespacedServiceProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ServiceProxyOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.", - "name": "path", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/services/{name}/proxy/{path}": { - "get": { - "description": "connect GET requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNamespacedServiceProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "put": { - "description": "connect PUT requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PutNamespacedServiceProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNamespacedServiceProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "delete": { - "description": "connect DELETE requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1DeleteNamespacedServiceProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "options": { - "description": "connect OPTIONS requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1OptionsNamespacedServiceProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "head": { - "description": "connect HEAD requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1HeadNamespacedServiceProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "patch": { - "description": "connect PATCH requests to proxy of Service", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PatchNamespacedServiceProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceProxyOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ServiceProxyOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "path to the resource", - "name": "path", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.", - "name": "path", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{namespace}/services/{name}/status": { - "get": { - "description": "read status of the specified Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespacedServiceStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespacedServiceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified Service", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespacedServiceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Service", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{name}": { - "get": { - "description": "read the specified Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1Namespace", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1Namespace", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "delete": { - "description": "delete a Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1Namespace", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Namespace", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1Namespace", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Namespace", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{name}/finalize": { - "put": { - "description": "replace finalize of the specified Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespaceFinalize", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Namespace", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/namespaces/{name}/status": { - "get": { - "description": "read status of the specified Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NamespaceStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified Namespace", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NamespaceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified Namespace", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NamespaceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Namespace", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/nodes": { - "get": { - "description": "list or watch objects of kind Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1Node", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.NodeList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "post": { - "description": "create a Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1Node", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionNode", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/nodes/{name}": { - "get": { - "description": "read the specified Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1Node", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1Node", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "delete": { - "description": "delete a Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1Node", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Node", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1Node", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Node", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/nodes/{name}/proxy": { - "get": { - "description": "connect GET requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNodeProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "put": { - "description": "connect PUT requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PutNodeProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNodeProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "delete": { - "description": "connect DELETE requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1DeleteNodeProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "options": { - "description": "connect OPTIONS requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1OptionsNodeProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "head": { - "description": "connect HEAD requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1HeadNodeProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "patch": { - "description": "connect PATCH requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PatchNodeProxy", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the NodeProxyOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "Path is the URL path to use for the current proxy request to node.", - "name": "path", - "in": "query" - } - ] - }, - "/api/v1/nodes/{name}/proxy/{path}": { - "get": { - "description": "connect GET requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1GetNodeProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "put": { - "description": "connect PUT requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PutNodeProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "post": { - "description": "connect POST requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PostNodeProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "delete": { - "description": "connect DELETE requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1DeleteNodeProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "options": { - "description": "connect OPTIONS requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1OptionsNodeProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "head": { - "description": "connect HEAD requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1HeadNodeProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "patch": { - "description": "connect PATCH requests to proxy of Node", - "consumes": [ - "*/*" - ], - "produces": [ - "*/*" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "connectCoreV1PatchNodeProxyWithPath", - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "string" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "connect", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "NodeProxyOptions", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the NodeProxyOptions", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "path to the resource", - "name": "path", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "Path is the URL path to use for the current proxy request to node.", - "name": "path", - "in": "query" - } - ] - }, - "/api/v1/nodes/{name}/status": { - "get": { - "description": "read status of the specified Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1NodeStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified Node", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1NodeStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified Node", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1NodeStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Node", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/persistentvolumeclaims": { - "get": { - "description": "list or watch objects of kind PersistentVolumeClaim", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1PersistentVolumeClaimForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/persistentvolumes": { - "get": { - "description": "list or watch objects of kind PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1PersistentVolume", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "post": { - "description": "create a PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "createCoreV1PersistentVolume", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1CollectionPersistentVolume", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/persistentvolumes/{name}": { - "get": { - "description": "read the specified PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1PersistentVolume", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "put": { - "description": "replace the specified PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1PersistentVolume", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "delete": { - "description": "delete a PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "deleteCoreV1PersistentVolume", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified PersistentVolume", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1PersistentVolume", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PersistentVolume", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/persistentvolumes/{name}/status": { - "get": { - "description": "read status of the specified PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "readCoreV1PersistentVolumeStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified PersistentVolume", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "replaceCoreV1PersistentVolumeStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified PersistentVolume", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "patchCoreV1PersistentVolumeStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PersistentVolume", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/api/v1/pods": { - "get": { - "description": "list or watch objects of kind Pod", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1PodForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/podtemplates": { - "get": { - "description": "list or watch objects of kind PodTemplate", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1PodTemplateForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/replicationcontrollers": { - "get": { - "description": "list or watch objects of kind ReplicationController", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1ReplicationControllerForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/resourcequotas": { - "get": { - "description": "list or watch objects of kind ResourceQuota", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1ResourceQuotaForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/secrets": { - "get": { - "description": "list or watch objects of kind Secret", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1SecretForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.SecretList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/serviceaccounts": { - "get": { - "description": "list or watch objects of kind ServiceAccount", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1ServiceAccountForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/services": { - "get": { - "description": "list or watch objects of kind Service", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "listCoreV1ServiceForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/configmaps": { - "get": { - "description": "watch individual changes to a list of ConfigMap. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1ConfigMapListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/endpoints": { - "get": { - "description": "watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1EndpointsListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/events": { - "get": { - "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1EventListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/limitranges": { - "get": { - "description": "watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1LimitRangeListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces": { - "get": { - "description": "watch individual changes to a list of Namespace. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespaceList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/configmaps": { - "get": { - "description": "watch individual changes to a list of ConfigMap. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedConfigMapList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/configmaps/{name}": { - "get": { - "description": "watch changes to an object of kind ConfigMap. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedConfigMap", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ConfigMap", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/endpoints": { - "get": { - "description": "watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedEndpointsList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/endpoints/{name}": { - "get": { - "description": "watch changes to an object of kind Endpoints. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedEndpoints", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Endpoints", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/events": { - "get": { - "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedEventList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/events/{name}": { - "get": { - "description": "watch changes to an object of kind Event. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedEvent", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Event", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Event", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/limitranges": { - "get": { - "description": "watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedLimitRangeList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/limitranges/{name}": { - "get": { - "description": "watch changes to an object of kind LimitRange. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedLimitRange", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the LimitRange", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/persistentvolumeclaims": { - "get": { - "description": "watch individual changes to a list of PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedPersistentVolumeClaimList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/persistentvolumeclaims/{name}": { - "get": { - "description": "watch changes to an object of kind PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedPersistentVolumeClaim", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PersistentVolumeClaim", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/pods": { - "get": { - "description": "watch individual changes to a list of Pod. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedPodList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/pods/{name}": { - "get": { - "description": "watch changes to an object of kind Pod. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedPod", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Pod", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/podtemplates": { - "get": { - "description": "watch individual changes to a list of PodTemplate. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedPodTemplateList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/podtemplates/{name}": { - "get": { - "description": "watch changes to an object of kind PodTemplate. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedPodTemplate", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodTemplate", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/replicationcontrollers": { - "get": { - "description": "watch individual changes to a list of ReplicationController. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedReplicationControllerList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/replicationcontrollers/{name}": { - "get": { - "description": "watch changes to an object of kind ReplicationController. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedReplicationController", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicationController", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/resourcequotas": { - "get": { - "description": "watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedResourceQuotaList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/resourcequotas/{name}": { - "get": { - "description": "watch changes to an object of kind ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedResourceQuota", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ResourceQuota", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/secrets": { - "get": { - "description": "watch individual changes to a list of Secret. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedSecretList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/secrets/{name}": { - "get": { - "description": "watch changes to an object of kind Secret. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedSecret", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Secret", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/serviceaccounts": { - "get": { - "description": "watch individual changes to a list of ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedServiceAccountList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/serviceaccounts/{name}": { - "get": { - "description": "watch changes to an object of kind ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedServiceAccount", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ServiceAccount", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/services": { - "get": { - "description": "watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedServiceList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{namespace}/services/{name}": { - "get": { - "description": "watch changes to an object of kind Service. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NamespacedService", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Service", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/namespaces/{name}": { - "get": { - "description": "watch changes to an object of kind Namespace. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1Namespace", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Namespace", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Namespace", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/nodes": { - "get": { - "description": "watch individual changes to a list of Node. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1NodeList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/nodes/{name}": { - "get": { - "description": "watch changes to an object of kind Node. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1Node", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Node", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Node", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/persistentvolumeclaims": { - "get": { - "description": "watch individual changes to a list of PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1PersistentVolumeClaimListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/persistentvolumes": { - "get": { - "description": "watch individual changes to a list of PersistentVolume. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1PersistentVolumeList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/persistentvolumes/{name}": { - "get": { - "description": "watch changes to an object of kind PersistentVolume. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1PersistentVolume", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PersistentVolume", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/pods": { - "get": { - "description": "watch individual changes to a list of Pod. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1PodListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Pod", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/podtemplates": { - "get": { - "description": "watch individual changes to a list of PodTemplate. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1PodTemplateListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/replicationcontrollers": { - "get": { - "description": "watch individual changes to a list of ReplicationController. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1ReplicationControllerListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/resourcequotas": { - "get": { - "description": "watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1ResourceQuotaListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/secrets": { - "get": { - "description": "watch individual changes to a list of Secret. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1SecretListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Secret", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/serviceaccounts": { - "get": { - "description": "watch individual changes to a list of ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1ServiceAccountListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/api/v1/watch/services": { - "get": { - "description": "watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "core_v1" - ], - "operationId": "watchCoreV1ServiceListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "", - "kind": "Service", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/": { - "get": { - "description": "get available API versions", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apis" - ], - "operationId": "getAPIVersions", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroupList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/admissionregistration.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration" - ], - "operationId": "getAdmissionregistrationAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/admissionregistration.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "getAdmissionregistrationV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/admissionregistration.k8s.io/v1beta1/mutatingwebhookconfigurations": { - "get": { - "description": "list or watch objects of kind MutatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "listAdmissionregistrationV1beta1MutatingWebhookConfiguration", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfigurationList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "post": { - "description": "create a MutatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "createAdmissionregistrationV1beta1MutatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of MutatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "deleteAdmissionregistrationV1beta1CollectionMutatingWebhookConfiguration", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/admissionregistration.k8s.io/v1beta1/mutatingwebhookconfigurations/{name}": { - "get": { - "description": "read the specified MutatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "readAdmissionregistrationV1beta1MutatingWebhookConfiguration", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified MutatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "replaceAdmissionregistrationV1beta1MutatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a MutatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "deleteAdmissionregistrationV1beta1MutatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified MutatingWebhookConfiguration", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "patchAdmissionregistrationV1beta1MutatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the MutatingWebhookConfiguration", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/admissionregistration.k8s.io/v1beta1/validatingwebhookconfigurations": { - "get": { - "description": "list or watch objects of kind ValidatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "listAdmissionregistrationV1beta1ValidatingWebhookConfiguration", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfigurationList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "post": { - "description": "create a ValidatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "createAdmissionregistrationV1beta1ValidatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of ValidatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "deleteAdmissionregistrationV1beta1CollectionValidatingWebhookConfiguration", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/admissionregistration.k8s.io/v1beta1/validatingwebhookconfigurations/{name}": { - "get": { - "description": "read the specified ValidatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "readAdmissionregistrationV1beta1ValidatingWebhookConfiguration", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified ValidatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "replaceAdmissionregistrationV1beta1ValidatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a ValidatingWebhookConfiguration", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "deleteAdmissionregistrationV1beta1ValidatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified ValidatingWebhookConfiguration", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "patchAdmissionregistrationV1beta1ValidatingWebhookConfiguration", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ValidatingWebhookConfiguration", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/admissionregistration.k8s.io/v1beta1/watch/mutatingwebhookconfigurations": { - "get": { - "description": "watch individual changes to a list of MutatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "watchAdmissionregistrationV1beta1MutatingWebhookConfigurationList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/admissionregistration.k8s.io/v1beta1/watch/mutatingwebhookconfigurations/{name}": { - "get": { - "description": "watch changes to an object of kind MutatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "watchAdmissionregistrationV1beta1MutatingWebhookConfiguration", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the MutatingWebhookConfiguration", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/admissionregistration.k8s.io/v1beta1/watch/validatingwebhookconfigurations": { - "get": { - "description": "watch individual changes to a list of ValidatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "watchAdmissionregistrationV1beta1ValidatingWebhookConfigurationList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/admissionregistration.k8s.io/v1beta1/watch/validatingwebhookconfigurations/{name}": { - "get": { - "description": "watch changes to an object of kind ValidatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "admissionregistration_v1beta1" - ], - "operationId": "watchAdmissionregistrationV1beta1ValidatingWebhookConfiguration", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ValidatingWebhookConfiguration", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apiextensions.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions" - ], - "operationId": "getApiextensionsAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apiextensions.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "getApiextensionsV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions": { - "get": { - "description": "list or watch objects of kind CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "listApiextensionsV1beta1CustomResourceDefinition", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "post": { - "description": "create a CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "createApiextensionsV1beta1CustomResourceDefinition", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "deleteApiextensionsV1beta1CollectionCustomResourceDefinition", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions/{name}": { - "get": { - "description": "read the specified CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "readApiextensionsV1beta1CustomResourceDefinition", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "replaceApiextensionsV1beta1CustomResourceDefinition", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "deleteApiextensionsV1beta1CustomResourceDefinition", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified CustomResourceDefinition", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "patchApiextensionsV1beta1CustomResourceDefinition", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CustomResourceDefinition", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions/{name}/status": { - "get": { - "description": "read status of the specified CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "readApiextensionsV1beta1CustomResourceDefinitionStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified CustomResourceDefinition", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "replaceApiextensionsV1beta1CustomResourceDefinitionStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified CustomResourceDefinition", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "patchApiextensionsV1beta1CustomResourceDefinitionStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CustomResourceDefinition", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiextensions.k8s.io/v1beta1/watch/customresourcedefinitions": { - "get": { - "description": "watch individual changes to a list of CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "watchApiextensionsV1beta1CustomResourceDefinitionList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apiextensions.k8s.io/v1beta1/watch/customresourcedefinitions/{name}": { - "get": { - "description": "watch changes to an object of kind CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiextensions_v1beta1" - ], - "operationId": "watchApiextensionsV1beta1CustomResourceDefinition", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the CustomResourceDefinition", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration" - ], - "operationId": "getApiregistrationAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apiregistration.k8s.io/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "getApiregistrationV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apiregistration.k8s.io/v1/apiservices": { - "get": { - "description": "list or watch objects of kind APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "listApiregistrationV1APIService", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "post": { - "description": "create an APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "createApiregistrationV1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "deleteApiregistrationV1CollectionAPIService", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1/apiservices/{name}": { - "get": { - "description": "read the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "readApiregistrationV1APIService", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "put": { - "description": "replace the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "replaceApiregistrationV1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "delete": { - "description": "delete an APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "deleteApiregistrationV1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified APIService", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "patchApiregistrationV1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the APIService", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1/apiservices/{name}/status": { - "get": { - "description": "read status of the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "readApiregistrationV1APIServiceStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "replaceApiregistrationV1APIServiceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified APIService", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "patchApiregistrationV1APIServiceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the APIService", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1/watch/apiservices": { - "get": { - "description": "watch individual changes to a list of APIService. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "watchApiregistrationV1APIServiceList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1/watch/apiservices/{name}": { - "get": { - "description": "watch changes to an object of kind APIService. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1" - ], - "operationId": "watchApiregistrationV1APIService", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the APIService", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "getApiregistrationV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apiregistration.k8s.io/v1beta1/apiservices": { - "get": { - "description": "list or watch objects of kind APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "listApiregistrationV1beta1APIService", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "post": { - "description": "create an APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "createApiregistrationV1beta1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "deleteApiregistrationV1beta1CollectionAPIService", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1beta1/apiservices/{name}": { - "get": { - "description": "read the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "readApiregistrationV1beta1APIService", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "replaceApiregistrationV1beta1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete an APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "deleteApiregistrationV1beta1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified APIService", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "patchApiregistrationV1beta1APIService", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the APIService", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1beta1/apiservices/{name}/status": { - "get": { - "description": "read status of the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "readApiregistrationV1beta1APIServiceStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified APIService", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "replaceApiregistrationV1beta1APIServiceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified APIService", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "patchApiregistrationV1beta1APIServiceStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the APIService", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1beta1/watch/apiservices": { - "get": { - "description": "watch individual changes to a list of APIService. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "watchApiregistrationV1beta1APIServiceList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apiregistration.k8s.io/v1beta1/watch/apiservices/{name}": { - "get": { - "description": "watch changes to an object of kind APIService. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apiregistration_v1beta1" - ], - "operationId": "watchApiregistrationV1beta1APIService", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the APIService", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps" - ], - "operationId": "getAppsAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apps/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "getAppsV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apps/v1/controllerrevisions": { - "get": { - "description": "list or watch objects of kind ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1ControllerRevisionForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevisionList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/daemonsets": { - "get": { - "description": "list or watch objects of kind DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1DaemonSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1DeploymentForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/controllerrevisions": { - "get": { - "description": "list or watch objects of kind ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1NamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevisionList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "post": { - "description": "create a ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "createAppsV1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1CollectionNamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/controllerrevisions/{name}": { - "get": { - "description": "read the specified ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "delete": { - "description": "delete a ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ControllerRevision", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ControllerRevision", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/daemonsets": { - "get": { - "description": "list or watch objects of kind DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1NamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "post": { - "description": "create a DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "createAppsV1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1CollectionNamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/daemonsets/{name}": { - "get": { - "description": "read the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "put": { - "description": "replace the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "delete": { - "description": "delete a DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified DaemonSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/daemonsets/{name}/status": { - "get": { - "description": "read status of the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedDaemonSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedDaemonSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified DaemonSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedDaemonSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "post": { - "description": "create a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "createAppsV1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1CollectionNamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "read the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "delete": { - "description": "delete a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/deployments/{name}/scale": { - "get": { - "description": "read scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedDeploymentScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "put": { - "description": "replace scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "patch": { - "description": "partially update scale of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/deployments/{name}/status": { - "get": { - "description": "read status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedDeploymentStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/replicasets": { - "get": { - "description": "list or watch objects of kind ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1NamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "post": { - "description": "create a ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "createAppsV1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1CollectionNamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/replicasets/{name}": { - "get": { - "description": "read the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "delete": { - "description": "delete a ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/replicasets/{name}/scale": { - "get": { - "description": "read scale of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedReplicaSetScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "put": { - "description": "replace scale of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedReplicaSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "patch": { - "description": "partially update scale of the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedReplicaSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/replicasets/{name}/status": { - "get": { - "description": "read status of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedReplicaSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedReplicaSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedReplicaSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/statefulsets": { - "get": { - "description": "list or watch objects of kind StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1NamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "post": { - "description": "create a StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "createAppsV1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1CollectionNamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}": { - "get": { - "description": "read the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "put": { - "description": "replace the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "delete": { - "description": "delete a StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "deleteAppsV1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/scale": { - "get": { - "description": "read scale of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedStatefulSetScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "put": { - "description": "replace scale of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedStatefulSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "patch": { - "description": "partially update scale of the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedStatefulSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/status": { - "get": { - "description": "read status of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "readAppsV1NamespacedStatefulSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "replaceAppsV1NamespacedStatefulSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "patchAppsV1NamespacedStatefulSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1/replicasets": { - "get": { - "description": "list or watch objects of kind ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1ReplicaSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/statefulsets": { - "get": { - "description": "list or watch objects of kind StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "listAppsV1StatefulSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/controllerrevisions": { - "get": { - "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1ControllerRevisionListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/daemonsets": { - "get": { - "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1DaemonSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1DeploymentListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/controllerrevisions": { - "get": { - "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedControllerRevisionList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/controllerrevisions/{name}": { - "get": { - "description": "watch changes to an object of kind ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedControllerRevision", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ControllerRevision", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/daemonsets": { - "get": { - "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedDaemonSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/daemonsets/{name}": { - "get": { - "description": "watch changes to an object of kind DaemonSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedDaemonSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedDeploymentList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedDeployment", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/replicasets": { - "get": { - "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedReplicaSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/replicasets/{name}": { - "get": { - "description": "watch changes to an object of kind ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedReplicaSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/statefulsets": { - "get": { - "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedStatefulSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/namespaces/{namespace}/statefulsets/{name}": { - "get": { - "description": "watch changes to an object of kind StatefulSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1NamespacedStatefulSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/replicasets": { - "get": { - "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1ReplicaSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1/watch/statefulsets": { - "get": { - "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1" - ], - "operationId": "watchAppsV1StatefulSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "getAppsV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apps/v1beta1/controllerrevisions": { - "get": { - "description": "list or watch objects of kind ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "listAppsV1beta1ControllerRevisionForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevisionList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "listAppsV1beta1DeploymentForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/controllerrevisions": { - "get": { - "description": "list or watch objects of kind ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "listAppsV1beta1NamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevisionList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "post": { - "description": "create a ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "createAppsV1beta1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "deleteAppsV1beta1CollectionNamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/controllerrevisions/{name}": { - "get": { - "description": "read the specified ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "readAppsV1beta1NamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "replaceAppsV1beta1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "deleteAppsV1beta1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified ControllerRevision", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "patchAppsV1beta1NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ControllerRevision", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "listAppsV1beta1NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "post": { - "description": "create a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "createAppsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "deleteAppsV1beta1CollectionNamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "read the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "readAppsV1beta1NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "replaceAppsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "deleteAppsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "patchAppsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}/rollback": { - "post": { - "description": "create rollback of a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "createAppsV1beta1NamespacedDeploymentRollback", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentRollback" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DeploymentRollback", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the DeploymentRollback", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}/scale": { - "get": { - "description": "read scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "readAppsV1beta1NamespacedDeploymentScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta1" - } - }, - "put": { - "description": "replace scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "replaceAppsV1beta1NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update scale of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "patchAppsV1beta1NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}/status": { - "get": { - "description": "read status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "readAppsV1beta1NamespacedDeploymentStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "replaceAppsV1beta1NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "patchAppsV1beta1NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets": { - "get": { - "description": "list or watch objects of kind StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "listAppsV1beta1NamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "post": { - "description": "create a StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "createAppsV1beta1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "deleteAppsV1beta1CollectionNamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets/{name}": { - "get": { - "description": "read the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "readAppsV1beta1NamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "replaceAppsV1beta1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "deleteAppsV1beta1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "patchAppsV1beta1NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets/{name}/scale": { - "get": { - "description": "read scale of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "readAppsV1beta1NamespacedStatefulSetScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta1" - } - }, - "put": { - "description": "replace scale of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "replaceAppsV1beta1NamespacedStatefulSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update scale of the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "patchAppsV1beta1NamespacedStatefulSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets/{name}/status": { - "get": { - "description": "read status of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "readAppsV1beta1NamespacedStatefulSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "replaceAppsV1beta1NamespacedStatefulSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "patchAppsV1beta1NamespacedStatefulSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/statefulsets": { - "get": { - "description": "list or watch objects of kind StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "listAppsV1beta1StatefulSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/controllerrevisions": { - "get": { - "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1ControllerRevisionListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1DeploymentListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/namespaces/{namespace}/controllerrevisions": { - "get": { - "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1NamespacedControllerRevisionList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/namespaces/{namespace}/controllerrevisions/{name}": { - "get": { - "description": "watch changes to an object of kind ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1NamespacedControllerRevision", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ControllerRevision", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/namespaces/{namespace}/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1NamespacedDeploymentList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1NamespacedDeployment", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/namespaces/{namespace}/statefulsets": { - "get": { - "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1NamespacedStatefulSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/namespaces/{namespace}/statefulsets/{name}": { - "get": { - "description": "watch changes to an object of kind StatefulSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1NamespacedStatefulSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta1/watch/statefulsets": { - "get": { - "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta1" - ], - "operationId": "watchAppsV1beta1StatefulSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "getAppsV1beta2APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/apps/v1beta2/controllerrevisions": { - "get": { - "description": "list or watch objects of kind ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2ControllerRevisionForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevisionList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/daemonsets": { - "get": { - "description": "list or watch objects of kind DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2DaemonSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2DeploymentForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/controllerrevisions": { - "get": { - "description": "list or watch objects of kind ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2NamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevisionList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "post": { - "description": "create a ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "createAppsV1beta2NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete collection of ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2CollectionNamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/controllerrevisions/{name}": { - "get": { - "description": "read the specified ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedControllerRevision", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "put": { - "description": "replace the specified ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete a ControllerRevision", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update the specified ControllerRevision", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedControllerRevision", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ControllerRevision", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/daemonsets": { - "get": { - "description": "list or watch objects of kind DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2NamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "post": { - "description": "create a DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "createAppsV1beta2NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete collection of DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2CollectionNamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/daemonsets/{name}": { - "get": { - "description": "read the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "put": { - "description": "replace the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete a DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update the specified DaemonSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/daemonsets/{name}/status": { - "get": { - "description": "read status of the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedDaemonSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "put": { - "description": "replace status of the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedDaemonSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update status of the specified DaemonSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedDaemonSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "post": { - "description": "create a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "createAppsV1beta2NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete collection of Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2CollectionNamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "read the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "put": { - "description": "replace the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/deployments/{name}/scale": { - "get": { - "description": "read scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedDeploymentScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "put": { - "description": "replace scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update scale of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/deployments/{name}/status": { - "get": { - "description": "read status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedDeploymentStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "put": { - "description": "replace status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update status of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/replicasets": { - "get": { - "description": "list or watch objects of kind ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2NamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "post": { - "description": "create a ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "createAppsV1beta2NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete collection of ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2CollectionNamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/replicasets/{name}": { - "get": { - "description": "read the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "put": { - "description": "replace the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete a ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/replicasets/{name}/scale": { - "get": { - "description": "read scale of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedReplicaSetScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "put": { - "description": "replace scale of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedReplicaSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update scale of the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedReplicaSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/replicasets/{name}/status": { - "get": { - "description": "read status of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedReplicaSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "put": { - "description": "replace status of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedReplicaSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update status of the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedReplicaSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets": { - "get": { - "description": "list or watch objects of kind StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2NamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "post": { - "description": "create a StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "createAppsV1beta2NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete collection of StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2CollectionNamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets/{name}": { - "get": { - "description": "read the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedStatefulSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "put": { - "description": "replace the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "delete": { - "description": "delete a StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "deleteAppsV1beta2NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedStatefulSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets/{name}/scale": { - "get": { - "description": "read scale of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedStatefulSetScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "put": { - "description": "replace scale of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedStatefulSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update scale of the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedStatefulSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets/{name}/status": { - "get": { - "description": "read status of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "readAppsV1beta2NamespacedStatefulSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "put": { - "description": "replace status of the specified StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "replaceAppsV1beta2NamespacedStatefulSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "patch": { - "description": "partially update status of the specified StatefulSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "patchAppsV1beta2NamespacedStatefulSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/replicasets": { - "get": { - "description": "list or watch objects of kind ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2ReplicaSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/statefulsets": { - "get": { - "description": "list or watch objects of kind StatefulSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "listAppsV1beta2StatefulSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/controllerrevisions": { - "get": { - "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2ControllerRevisionListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/daemonsets": { - "get": { - "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2DaemonSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2DeploymentListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/controllerrevisions": { - "get": { - "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedControllerRevisionList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/controllerrevisions/{name}": { - "get": { - "description": "watch changes to an object of kind ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedControllerRevision", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ControllerRevision", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/daemonsets": { - "get": { - "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedDaemonSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/daemonsets/{name}": { - "get": { - "description": "watch changes to an object of kind DaemonSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedDaemonSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedDeploymentList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedDeployment", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/replicasets": { - "get": { - "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedReplicaSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/replicasets/{name}": { - "get": { - "description": "watch changes to an object of kind ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedReplicaSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/statefulsets": { - "get": { - "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedStatefulSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/namespaces/{namespace}/statefulsets/{name}": { - "get": { - "description": "watch changes to an object of kind StatefulSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2NamespacedStatefulSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the StatefulSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/replicasets": { - "get": { - "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2ReplicaSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/apps/v1beta2/watch/statefulsets": { - "get": { - "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "apps_v1beta2" - ], - "operationId": "watchAppsV1beta2StatefulSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/auditregistration.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration" - ], - "operationId": "getAuditregistrationAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/auditregistration.k8s.io/v1alpha1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "getAuditregistrationV1alpha1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/auditregistration.k8s.io/v1alpha1/auditsinks": { - "get": { - "description": "list or watch objects of kind AuditSink", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "listAuditregistrationV1alpha1AuditSink", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "post": { - "description": "create an AuditSink", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "createAuditregistrationV1alpha1AuditSink", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of AuditSink", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "deleteAuditregistrationV1alpha1CollectionAuditSink", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}": { - "get": { - "description": "read the specified AuditSink", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "readAuditregistrationV1alpha1AuditSink", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified AuditSink", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "replaceAuditregistrationV1alpha1AuditSink", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete an AuditSink", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "deleteAuditregistrationV1alpha1AuditSink", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified AuditSink", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "patchAuditregistrationV1alpha1AuditSink", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the AuditSink", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks": { - "get": { - "description": "watch individual changes to a list of AuditSink. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "watchAuditregistrationV1alpha1AuditSinkList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}": { - "get": { - "description": "watch changes to an object of kind AuditSink. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "auditregistration_v1alpha1" - ], - "operationId": "watchAuditregistrationV1alpha1AuditSink", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the AuditSink", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/authentication.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authentication" - ], - "operationId": "getAuthenticationAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/authentication.k8s.io/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authentication_v1" - ], - "operationId": "getAuthenticationV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/authentication.k8s.io/v1/tokenreviews": { - "post": { - "description": "create a TokenReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authentication_v1" - ], - "operationId": "createAuthenticationV1TokenReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authentication.k8s.io", - "kind": "TokenReview", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authentication.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authentication_v1beta1" - ], - "operationId": "getAuthenticationV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/authentication.k8s.io/v1beta1/tokenreviews": { - "post": { - "description": "create a TokenReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authentication_v1beta1" - ], - "operationId": "createAuthenticationV1beta1TokenReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authentication.k8s.io", - "kind": "TokenReview", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization" - ], - "operationId": "getAuthorizationAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/authorization.k8s.io/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1" - ], - "operationId": "getAuthorizationV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/authorization.k8s.io/v1/namespaces/{namespace}/localsubjectaccessreviews": { - "post": { - "description": "create a LocalSubjectAccessReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1" - ], - "operationId": "createAuthorizationV1NamespacedLocalSubjectAccessReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "LocalSubjectAccessReview", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/v1/selfsubjectaccessreviews": { - "post": { - "description": "create a SelfSubjectAccessReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1" - ], - "operationId": "createAuthorizationV1SelfSubjectAccessReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "SelfSubjectAccessReview", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/v1/selfsubjectrulesreviews": { - "post": { - "description": "create a SelfSubjectRulesReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1" - ], - "operationId": "createAuthorizationV1SelfSubjectRulesReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "SelfSubjectRulesReview", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/v1/subjectaccessreviews": { - "post": { - "description": "create a SubjectAccessReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1" - ], - "operationId": "createAuthorizationV1SubjectAccessReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "SubjectAccessReview", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1beta1" - ], - "operationId": "getAuthorizationV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/authorization.k8s.io/v1beta1/namespaces/{namespace}/localsubjectaccessreviews": { - "post": { - "description": "create a LocalSubjectAccessReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1beta1" - ], - "operationId": "createAuthorizationV1beta1NamespacedLocalSubjectAccessReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "LocalSubjectAccessReview", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/v1beta1/selfsubjectaccessreviews": { - "post": { - "description": "create a SelfSubjectAccessReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1beta1" - ], - "operationId": "createAuthorizationV1beta1SelfSubjectAccessReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "SelfSubjectAccessReview", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/v1beta1/selfsubjectrulesreviews": { - "post": { - "description": "create a SelfSubjectRulesReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1beta1" - ], - "operationId": "createAuthorizationV1beta1SelfSubjectRulesReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "SelfSubjectRulesReview", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/authorization.k8s.io/v1beta1/subjectaccessreviews": { - "post": { - "description": "create a SubjectAccessReview", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "authorization_v1beta1" - ], - "operationId": "createAuthorizationV1beta1SubjectAccessReview", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "authorization.k8s.io", - "kind": "SubjectAccessReview", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling" - ], - "operationId": "getAutoscalingAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/autoscaling/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "getAutoscalingV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/autoscaling/v1/horizontalpodautoscalers": { - "get": { - "description": "list or watch objects of kind HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "listAutoscalingV1HorizontalPodAutoscalerForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers": { - "get": { - "description": "list or watch objects of kind HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "listAutoscalingV1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "post": { - "description": "create a HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "createAutoscalingV1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "deleteAutoscalingV1CollectionNamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}": { - "get": { - "description": "read the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "readAutoscalingV1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "put": { - "description": "replace the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "replaceAutoscalingV1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "delete": { - "description": "delete a HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "deleteAutoscalingV1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified HorizontalPodAutoscaler", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "patchAutoscalingV1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status": { - "get": { - "description": "read status of the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "readAutoscalingV1NamespacedHorizontalPodAutoscalerStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "replaceAutoscalingV1NamespacedHorizontalPodAutoscalerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified HorizontalPodAutoscaler", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "patchAutoscalingV1NamespacedHorizontalPodAutoscalerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v1/watch/horizontalpodautoscalers": { - "get": { - "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "watchAutoscalingV1HorizontalPodAutoscalerListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers": { - "get": { - "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "watchAutoscalingV1NamespacedHorizontalPodAutoscalerList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}": { - "get": { - "description": "watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v1" - ], - "operationId": "watchAutoscalingV1NamespacedHorizontalPodAutoscaler", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "getAutoscalingV2beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/autoscaling/v2beta1/horizontalpodautoscalers": { - "get": { - "description": "list or watch objects of kind HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "listAutoscalingV2beta1HorizontalPodAutoscalerForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta1/namespaces/{namespace}/horizontalpodautoscalers": { - "get": { - "description": "list or watch objects of kind HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "listAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "post": { - "description": "create a HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "createAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "delete": { - "description": "delete collection of HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "deleteAutoscalingV2beta1CollectionNamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta1/namespaces/{namespace}/horizontalpodautoscalers/{name}": { - "get": { - "description": "read the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "readAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "put": { - "description": "replace the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "replaceAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "delete": { - "description": "delete a HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "deleteAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "patch": { - "description": "partially update the specified HorizontalPodAutoscaler", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "patchAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status": { - "get": { - "description": "read status of the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "readAutoscalingV2beta1NamespacedHorizontalPodAutoscalerStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "put": { - "description": "replace status of the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "replaceAutoscalingV2beta1NamespacedHorizontalPodAutoscalerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "patch": { - "description": "partially update status of the specified HorizontalPodAutoscaler", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "patchAutoscalingV2beta1NamespacedHorizontalPodAutoscalerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta1/watch/horizontalpodautoscalers": { - "get": { - "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "watchAutoscalingV2beta1HorizontalPodAutoscalerListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta1/watch/namespaces/{namespace}/horizontalpodautoscalers": { - "get": { - "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "watchAutoscalingV2beta1NamespacedHorizontalPodAutoscalerList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}": { - "get": { - "description": "watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta1" - ], - "operationId": "watchAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta2/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "getAutoscalingV2beta2APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/autoscaling/v2beta2/horizontalpodautoscalers": { - "get": { - "description": "list or watch objects of kind HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "listAutoscalingV2beta2HorizontalPodAutoscalerForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta2/namespaces/{namespace}/horizontalpodautoscalers": { - "get": { - "description": "list or watch objects of kind HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "listAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "post": { - "description": "create a HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "createAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "delete": { - "description": "delete collection of HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "deleteAutoscalingV2beta2CollectionNamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta2/namespaces/{namespace}/horizontalpodautoscalers/{name}": { - "get": { - "description": "read the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "readAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "put": { - "description": "replace the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "replaceAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "delete": { - "description": "delete a HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "deleteAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "patch": { - "description": "partially update the specified HorizontalPodAutoscaler", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "patchAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta2/namespaces/{namespace}/horizontalpodautoscalers/{name}/status": { - "get": { - "description": "read status of the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "readAutoscalingV2beta2NamespacedHorizontalPodAutoscalerStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "put": { - "description": "replace status of the specified HorizontalPodAutoscaler", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "replaceAutoscalingV2beta2NamespacedHorizontalPodAutoscalerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "patch": { - "description": "partially update status of the specified HorizontalPodAutoscaler", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "patchAutoscalingV2beta2NamespacedHorizontalPodAutoscalerStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta2/watch/horizontalpodautoscalers": { - "get": { - "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "watchAutoscalingV2beta2HorizontalPodAutoscalerListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta2/watch/namespaces/{namespace}/horizontalpodautoscalers": { - "get": { - "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "watchAutoscalingV2beta2NamespacedHorizontalPodAutoscalerList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/autoscaling/v2beta2/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}": { - "get": { - "description": "watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "autoscaling_v2beta2" - ], - "operationId": "watchAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the HorizontalPodAutoscaler", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch" - ], - "operationId": "getBatchAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/batch/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "getBatchV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/batch/v1/jobs": { - "get": { - "description": "list or watch objects of kind Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "listBatchV1JobForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.JobList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v1/namespaces/{namespace}/jobs": { - "get": { - "description": "list or watch objects of kind Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "listBatchV1NamespacedJob", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.JobList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "post": { - "description": "create a Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "createBatchV1NamespacedJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "deleteBatchV1CollectionNamespacedJob", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v1/namespaces/{namespace}/jobs/{name}": { - "get": { - "description": "read the specified Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "readBatchV1NamespacedJob", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "replaceBatchV1NamespacedJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "delete": { - "description": "delete a Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "deleteBatchV1NamespacedJob", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Job", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "patchBatchV1NamespacedJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Job", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v1/namespaces/{namespace}/jobs/{name}/status": { - "get": { - "description": "read status of the specified Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "readBatchV1NamespacedJobStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified Job", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "replaceBatchV1NamespacedJobStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified Job", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "patchBatchV1NamespacedJobStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Job", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v1/watch/jobs": { - "get": { - "description": "watch individual changes to a list of Job. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "watchBatchV1JobListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v1/watch/namespaces/{namespace}/jobs": { - "get": { - "description": "watch individual changes to a list of Job. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "watchBatchV1NamespacedJobList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v1/watch/namespaces/{namespace}/jobs/{name}": { - "get": { - "description": "watch changes to an object of kind Job. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1" - ], - "operationId": "watchBatchV1NamespacedJob", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "Job", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Job", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "getBatchV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/batch/v1beta1/cronjobs": { - "get": { - "description": "list or watch objects of kind CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "listBatchV1beta1CronJobForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v1beta1/namespaces/{namespace}/cronjobs": { - "get": { - "description": "list or watch objects of kind CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "listBatchV1beta1NamespacedCronJob", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "post": { - "description": "create a CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "createBatchV1beta1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "deleteBatchV1beta1CollectionNamespacedCronJob", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v1beta1/namespaces/{namespace}/cronjobs/{name}": { - "get": { - "description": "read the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "readBatchV1beta1NamespacedCronJob", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "replaceBatchV1beta1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "deleteBatchV1beta1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified CronJob", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "patchBatchV1beta1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CronJob", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v1beta1/namespaces/{namespace}/cronjobs/{name}/status": { - "get": { - "description": "read status of the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "readBatchV1beta1NamespacedCronJobStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "replaceBatchV1beta1NamespacedCronJobStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified CronJob", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "patchBatchV1beta1NamespacedCronJobStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CronJob", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v1beta1/watch/cronjobs": { - "get": { - "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "watchBatchV1beta1CronJobListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v1beta1/watch/namespaces/{namespace}/cronjobs": { - "get": { - "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "watchBatchV1beta1NamespacedCronJobList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v1beta1/watch/namespaces/{namespace}/cronjobs/{name}": { - "get": { - "description": "watch changes to an object of kind CronJob. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v1beta1" - ], - "operationId": "watchBatchV1beta1NamespacedCronJob", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the CronJob", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v2alpha1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "getBatchV2alpha1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/batch/v2alpha1/cronjobs": { - "get": { - "description": "list or watch objects of kind CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "listBatchV2alpha1CronJobForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v2alpha1/namespaces/{namespace}/cronjobs": { - "get": { - "description": "list or watch objects of kind CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "listBatchV2alpha1NamespacedCronJob", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "post": { - "description": "create a CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "createBatchV2alpha1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "delete": { - "description": "delete collection of CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "deleteBatchV2alpha1CollectionNamespacedCronJob", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v2alpha1/namespaces/{namespace}/cronjobs/{name}": { - "get": { - "description": "read the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "readBatchV2alpha1NamespacedCronJob", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "put": { - "description": "replace the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "replaceBatchV2alpha1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "delete": { - "description": "delete a CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "deleteBatchV2alpha1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "patch": { - "description": "partially update the specified CronJob", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "patchBatchV2alpha1NamespacedCronJob", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CronJob", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v2alpha1/namespaces/{namespace}/cronjobs/{name}/status": { - "get": { - "description": "read status of the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "readBatchV2alpha1NamespacedCronJobStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "put": { - "description": "replace status of the specified CronJob", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "replaceBatchV2alpha1NamespacedCronJobStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "patch": { - "description": "partially update status of the specified CronJob", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "patchBatchV2alpha1NamespacedCronJobStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CronJob", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/batch/v2alpha1/watch/cronjobs": { - "get": { - "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "watchBatchV2alpha1CronJobListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v2alpha1/watch/namespaces/{namespace}/cronjobs": { - "get": { - "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "watchBatchV2alpha1NamespacedCronJobList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/batch/v2alpha1/watch/namespaces/{namespace}/cronjobs/{name}": { - "get": { - "description": "watch changes to an object of kind CronJob. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "batch_v2alpha1" - ], - "operationId": "watchBatchV2alpha1NamespacedCronJob", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the CronJob", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/certificates.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates" - ], - "operationId": "getCertificatesAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/certificates.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "getCertificatesV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests": { - "get": { - "description": "list or watch objects of kind CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "listCertificatesV1beta1CertificateSigningRequest", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "post": { - "description": "create a CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "createCertificatesV1beta1CertificateSigningRequest", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "deleteCertificatesV1beta1CollectionCertificateSigningRequest", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/{name}": { - "get": { - "description": "read the specified CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "readCertificatesV1beta1CertificateSigningRequest", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "replaceCertificatesV1beta1CertificateSigningRequest", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "deleteCertificatesV1beta1CertificateSigningRequest", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified CertificateSigningRequest", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "patchCertificatesV1beta1CertificateSigningRequest", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CertificateSigningRequest", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/{name}/approval": { - "put": { - "description": "replace approval of the specified CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "replaceCertificatesV1beta1CertificateSigningRequestApproval", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the CertificateSigningRequest", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/{name}/status": { - "get": { - "description": "read status of the specified CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "readCertificatesV1beta1CertificateSigningRequestStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified CertificateSigningRequest", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "replaceCertificatesV1beta1CertificateSigningRequestStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified CertificateSigningRequest", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "patchCertificatesV1beta1CertificateSigningRequestStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the CertificateSigningRequest", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests": { - "get": { - "description": "watch individual changes to a list of CertificateSigningRequest. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "watchCertificatesV1beta1CertificateSigningRequestList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests/{name}": { - "get": { - "description": "watch changes to an object of kind CertificateSigningRequest. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "certificates_v1beta1" - ], - "operationId": "watchCertificatesV1beta1CertificateSigningRequest", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the CertificateSigningRequest", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination" - ], - "operationId": "getCoordinationAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/coordination.k8s.io/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "getCoordinationV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/coordination.k8s.io/v1/leases": { - "get": { - "description": "list or watch objects of kind Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "listCoordinationV1LeaseForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.LeaseList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1/namespaces/{namespace}/leases": { - "get": { - "description": "list or watch objects of kind Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "listCoordinationV1NamespacedLease", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.LeaseList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "post": { - "description": "create a Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "createCoordinationV1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "deleteCoordinationV1CollectionNamespacedLease", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name}": { - "get": { - "description": "read the specified Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "readCoordinationV1NamespacedLease", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "replaceCoordinationV1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "delete": { - "description": "delete a Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "deleteCoordinationV1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Lease", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "patchCoordinationV1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Lease", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1/watch/leases": { - "get": { - "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "watchCoordinationV1LeaseListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1/watch/namespaces/{namespace}/leases": { - "get": { - "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "watchCoordinationV1NamespacedLeaseList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1/watch/namespaces/{namespace}/leases/{name}": { - "get": { - "description": "watch changes to an object of kind Lease. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1" - ], - "operationId": "watchCoordinationV1NamespacedLease", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Lease", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "getCoordinationV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/coordination.k8s.io/v1beta1/leases": { - "get": { - "description": "list or watch objects of kind Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "listCoordinationV1beta1LeaseForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.LeaseList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1beta1/namespaces/{namespace}/leases": { - "get": { - "description": "list or watch objects of kind Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "listCoordinationV1beta1NamespacedLease", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.LeaseList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "post": { - "description": "create a Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "createCoordinationV1beta1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "deleteCoordinationV1beta1CollectionNamespacedLease", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1beta1/namespaces/{namespace}/leases/{name}": { - "get": { - "description": "read the specified Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "readCoordinationV1beta1NamespacedLease", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "replaceCoordinationV1beta1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a Lease", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "deleteCoordinationV1beta1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified Lease", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "patchCoordinationV1beta1NamespacedLease", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Lease", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1beta1/watch/leases": { - "get": { - "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "watchCoordinationV1beta1LeaseListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1beta1/watch/namespaces/{namespace}/leases": { - "get": { - "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "watchCoordinationV1beta1NamespacedLeaseList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/coordination.k8s.io/v1beta1/watch/namespaces/{namespace}/leases/{name}": { - "get": { - "description": "watch changes to an object of kind Lease. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "coordination_v1beta1" - ], - "operationId": "watchCoordinationV1beta1NamespacedLease", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Lease", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/events.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events" - ], - "operationId": "getEventsAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/events.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "getEventsV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/events.k8s.io/v1beta1/events": { - "get": { - "description": "list or watch objects of kind Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "listEventsV1beta1EventForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.EventList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/events.k8s.io/v1beta1/namespaces/{namespace}/events": { - "get": { - "description": "list or watch objects of kind Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "listEventsV1beta1NamespacedEvent", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.EventList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "post": { - "description": "create an Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "createEventsV1beta1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "deleteEventsV1beta1CollectionNamespacedEvent", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/events.k8s.io/v1beta1/namespaces/{namespace}/events/{name}": { - "get": { - "description": "read the specified Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "readEventsV1beta1NamespacedEvent", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "replaceEventsV1beta1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete an Event", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "deleteEventsV1beta1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified Event", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "patchEventsV1beta1NamespacedEvent", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Event", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/events.k8s.io/v1beta1/watch/events": { - "get": { - "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "watchEventsV1beta1EventListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/events.k8s.io/v1beta1/watch/namespaces/{namespace}/events": { - "get": { - "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "watchEventsV1beta1NamespacedEventList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/events.k8s.io/v1beta1/watch/namespaces/{namespace}/events/{name}": { - "get": { - "description": "watch changes to an object of kind Event. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "events_v1beta1" - ], - "operationId": "watchEventsV1beta1NamespacedEvent", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Event", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions" - ], - "operationId": "getExtensionsAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/extensions/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "getExtensionsV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/extensions/v1beta1/daemonsets": { - "get": { - "description": "list or watch objects of kind DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1DaemonSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1DeploymentForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/ingresses": { - "get": { - "description": "list or watch objects of kind Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1IngressForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/daemonsets": { - "get": { - "description": "list or watch objects of kind DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1NamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "post": { - "description": "create a DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "createExtensionsV1beta1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1CollectionNamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/daemonsets/{name}": { - "get": { - "description": "read the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedDaemonSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified DaemonSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedDaemonSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/daemonsets/{name}/status": { - "get": { - "description": "read status of the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedDaemonSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified DaemonSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedDaemonSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified DaemonSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedDaemonSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/deployments": { - "get": { - "description": "list or watch objects of kind Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "post": { - "description": "create a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "createExtensionsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1CollectionNamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "read the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedDeployment", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedDeployment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}/rollback": { - "post": { - "description": "create rollback of a Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "createExtensionsV1beta1NamespacedDeploymentRollback", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentRollback" - } - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DeploymentRollback", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the DeploymentRollback", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}/scale": { - "get": { - "description": "read scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedDeploymentScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "put": { - "description": "replace scale of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update scale of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedDeploymentScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}/status": { - "get": { - "description": "read status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedDeploymentStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified Deployment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified Deployment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedDeploymentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/ingresses": { - "get": { - "description": "list or watch objects of kind Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1NamespacedIngress", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "post": { - "description": "create an Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "createExtensionsV1beta1NamespacedIngress", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1CollectionNamespacedIngress", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/ingresses/{name}": { - "get": { - "description": "read the specified Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedIngress", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedIngress", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete an Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1NamespacedIngress", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified Ingress", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedIngress", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Ingress", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/ingresses/{name}/status": { - "get": { - "description": "read status of the specified Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedIngressStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified Ingress", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedIngressStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified Ingress", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedIngressStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Ingress", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/networkpolicies": { - "get": { - "description": "list or watch objects of kind NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1NamespacedNetworkPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "post": { - "description": "create a NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "createExtensionsV1beta1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1CollectionNamespacedNetworkPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/networkpolicies/{name}": { - "get": { - "description": "read the specified NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedNetworkPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified NetworkPolicy", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the NetworkPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets": { - "get": { - "description": "list or watch objects of kind ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1NamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "post": { - "description": "create a ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "createExtensionsV1beta1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1CollectionNamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets/{name}": { - "get": { - "description": "read the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedReplicaSet", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedReplicaSet", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets/{name}/scale": { - "get": { - "description": "read scale of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedReplicaSetScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "put": { - "description": "replace scale of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedReplicaSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update scale of the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedReplicaSetScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets/{name}/status": { - "get": { - "description": "read status of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedReplicaSetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedReplicaSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified ReplicaSet", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedReplicaSetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/namespaces/{namespace}/replicationcontrollers/{name}/scale": { - "get": { - "description": "read scale of the specified ReplicationControllerDummy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1NamespacedReplicationControllerDummyScale", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "put": { - "description": "replace scale of the specified ReplicationControllerDummy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1NamespacedReplicationControllerDummyScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update scale of the specified ReplicationControllerDummy", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1NamespacedReplicationControllerDummyScale", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Scale", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/networkpolicies": { - "get": { - "description": "list or watch objects of kind NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1NetworkPolicyForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/podsecuritypolicies": { - "get": { - "description": "list or watch objects of kind PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1PodSecurityPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicyList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "post": { - "description": "create a PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "createExtensionsV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1CollectionPodSecurityPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/podsecuritypolicies/{name}": { - "get": { - "description": "read the specified PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "readExtensionsV1beta1PodSecurityPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "replaceExtensionsV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "deleteExtensionsV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified PodSecurityPolicy", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "patchExtensionsV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodSecurityPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/replicasets": { - "get": { - "description": "list or watch objects of kind ReplicaSet", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "listExtensionsV1beta1ReplicaSetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/daemonsets": { - "get": { - "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1DaemonSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1DeploymentListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/ingresses": { - "get": { - "description": "watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1IngressListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/daemonsets": { - "get": { - "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedDaemonSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/daemonsets/{name}": { - "get": { - "description": "watch changes to an object of kind DaemonSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedDaemonSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the DaemonSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/deployments": { - "get": { - "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedDeploymentList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/deployments/{name}": { - "get": { - "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedDeployment", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Deployment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/ingresses": { - "get": { - "description": "watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedIngressList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/ingresses/{name}": { - "get": { - "description": "watch changes to an object of kind Ingress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedIngress", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Ingress", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/networkpolicies": { - "get": { - "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedNetworkPolicyList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/networkpolicies/{name}": { - "get": { - "description": "watch changes to an object of kind NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedNetworkPolicy", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the NetworkPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/replicasets": { - "get": { - "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedReplicaSetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/namespaces/{namespace}/replicasets/{name}": { - "get": { - "description": "watch changes to an object of kind ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NamespacedReplicaSet", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ReplicaSet", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/networkpolicies": { - "get": { - "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1NetworkPolicyListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/podsecuritypolicies": { - "get": { - "description": "watch individual changes to a list of PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1PodSecurityPolicyList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/podsecuritypolicies/{name}": { - "get": { - "description": "watch changes to an object of kind PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1PodSecurityPolicy", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodSecurityPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/extensions/v1beta1/watch/replicasets": { - "get": { - "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "extensions_v1beta1" - ], - "operationId": "watchExtensionsV1beta1ReplicaSetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/networking.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking" - ], - "operationId": "getNetworkingAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/networking.k8s.io/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "getNetworkingV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies": { - "get": { - "description": "list or watch objects of kind NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "listNetworkingV1NamespacedNetworkPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "post": { - "description": "create a NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "createNetworkingV1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "deleteNetworkingV1CollectionNamespacedNetworkPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}": { - "get": { - "description": "read the specified NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "readNetworkingV1NamespacedNetworkPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "put": { - "description": "replace the specified NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "replaceNetworkingV1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "delete": { - "description": "delete a NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "deleteNetworkingV1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified NetworkPolicy", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "patchNetworkingV1NamespacedNetworkPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the NetworkPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/networking.k8s.io/v1/networkpolicies": { - "get": { - "description": "list or watch objects of kind NetworkPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "listNetworkingV1NetworkPolicyForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies": { - "get": { - "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "watchNetworkingV1NamespacedNetworkPolicyList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies/{name}": { - "get": { - "description": "watch changes to an object of kind NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "watchNetworkingV1NamespacedNetworkPolicy", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the NetworkPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/networking.k8s.io/v1/watch/networkpolicies": { - "get": { - "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "networking_v1" - ], - "operationId": "watchNetworkingV1NetworkPolicyListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/policy/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy" - ], - "operationId": "getPolicyAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/policy/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "getPolicyV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/policy/v1beta1/namespaces/{namespace}/poddisruptionbudgets": { - "get": { - "description": "list or watch objects of kind PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "listPolicyV1beta1NamespacedPodDisruptionBudget", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "post": { - "description": "create a PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "createPolicyV1beta1NamespacedPodDisruptionBudget", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "deletePolicyV1beta1CollectionNamespacedPodDisruptionBudget", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/namespaces/{namespace}/poddisruptionbudgets/{name}": { - "get": { - "description": "read the specified PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "readPolicyV1beta1NamespacedPodDisruptionBudget", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "replacePolicyV1beta1NamespacedPodDisruptionBudget", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "deletePolicyV1beta1NamespacedPodDisruptionBudget", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified PodDisruptionBudget", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "patchPolicyV1beta1NamespacedPodDisruptionBudget", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodDisruptionBudget", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/namespaces/{namespace}/poddisruptionbudgets/{name}/status": { - "get": { - "description": "read status of the specified PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "readPolicyV1beta1NamespacedPodDisruptionBudgetStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "put": { - "description": "replace status of the specified PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "replacePolicyV1beta1NamespacedPodDisruptionBudgetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update status of the specified PodDisruptionBudget", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "patchPolicyV1beta1NamespacedPodDisruptionBudgetStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodDisruptionBudget", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/poddisruptionbudgets": { - "get": { - "description": "list or watch objects of kind PodDisruptionBudget", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "listPolicyV1beta1PodDisruptionBudgetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/podsecuritypolicies": { - "get": { - "description": "list or watch objects of kind PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "listPolicyV1beta1PodSecurityPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicyList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "post": { - "description": "create a PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "createPolicyV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "deletePolicyV1beta1CollectionPodSecurityPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/podsecuritypolicies/{name}": { - "get": { - "description": "read the specified PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "readPolicyV1beta1PodSecurityPolicy", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "replacePolicyV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a PodSecurityPolicy", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "deletePolicyV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified PodSecurityPolicy", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "patchPolicyV1beta1PodSecurityPolicy", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodSecurityPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/watch/namespaces/{namespace}/poddisruptionbudgets": { - "get": { - "description": "watch individual changes to a list of PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "watchPolicyV1beta1NamespacedPodDisruptionBudgetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/watch/namespaces/{namespace}/poddisruptionbudgets/{name}": { - "get": { - "description": "watch changes to an object of kind PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "watchPolicyV1beta1NamespacedPodDisruptionBudget", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodDisruptionBudget", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/watch/poddisruptionbudgets": { - "get": { - "description": "watch individual changes to a list of PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "watchPolicyV1beta1PodDisruptionBudgetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/watch/podsecuritypolicies": { - "get": { - "description": "watch individual changes to a list of PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "watchPolicyV1beta1PodSecurityPolicyList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/policy/v1beta1/watch/podsecuritypolicies/{name}": { - "get": { - "description": "watch changes to an object of kind PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "policy_v1beta1" - ], - "operationId": "watchPolicyV1beta1PodSecurityPolicy", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodSecurityPolicy", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization" - ], - "operationId": "getRbacAuthorizationAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/rbac.authorization.k8s.io/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "getRbacAuthorizationV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings": { - "get": { - "description": "list or watch objects of kind ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "listRbacAuthorizationV1ClusterRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "post": { - "description": "create a ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "createRbacAuthorizationV1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1CollectionClusterRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/{name}": { - "get": { - "description": "read the specified ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "readRbacAuthorizationV1ClusterRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "replaceRbacAuthorizationV1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "delete": { - "description": "delete a ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ClusterRoleBinding", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "patchRbacAuthorizationV1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/clusterroles": { - "get": { - "description": "list or watch objects of kind ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "listRbacAuthorizationV1ClusterRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "post": { - "description": "create a ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "createRbacAuthorizationV1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1CollectionClusterRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/clusterroles/{name}": { - "get": { - "description": "read the specified ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "readRbacAuthorizationV1ClusterRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "put": { - "description": "replace the specified ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "replaceRbacAuthorizationV1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "delete": { - "description": "delete a ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified ClusterRole", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "patchRbacAuthorizationV1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRole", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings": { - "get": { - "description": "list or watch objects of kind RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "listRbacAuthorizationV1NamespacedRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "post": { - "description": "create a RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "createRbacAuthorizationV1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1CollectionNamespacedRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}": { - "get": { - "description": "read the specified RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "readRbacAuthorizationV1NamespacedRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "put": { - "description": "replace the specified RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "replaceRbacAuthorizationV1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "delete": { - "description": "delete a RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified RoleBinding", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "patchRbacAuthorizationV1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the RoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles": { - "get": { - "description": "list or watch objects of kind Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "listRbacAuthorizationV1NamespacedRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "post": { - "description": "create a Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "createRbacAuthorizationV1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1CollectionNamespacedRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles/{name}": { - "get": { - "description": "read the specified Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "readRbacAuthorizationV1NamespacedRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "put": { - "description": "replace the specified Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "replaceRbacAuthorizationV1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "delete": { - "description": "delete a Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "deleteRbacAuthorizationV1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified Role", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "patchRbacAuthorizationV1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Role", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/rolebindings": { - "get": { - "description": "list or watch objects of kind RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "listRbacAuthorizationV1RoleBindingForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/roles": { - "get": { - "description": "list or watch objects of kind Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "listRbacAuthorizationV1RoleForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/clusterrolebindings": { - "get": { - "description": "watch individual changes to a list of ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1ClusterRoleBindingList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/clusterrolebindings/{name}": { - "get": { - "description": "watch changes to an object of kind ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1ClusterRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/clusterroles": { - "get": { - "description": "watch individual changes to a list of ClusterRole. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1ClusterRoleList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/clusterroles/{name}": { - "get": { - "description": "watch changes to an object of kind ClusterRole. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1ClusterRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRole", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/rolebindings": { - "get": { - "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1NamespacedRoleBindingList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/rolebindings/{name}": { - "get": { - "description": "watch changes to an object of kind RoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1NamespacedRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the RoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/roles": { - "get": { - "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1NamespacedRoleList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/roles/{name}": { - "get": { - "description": "watch changes to an object of kind Role. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1NamespacedRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Role", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/rolebindings": { - "get": { - "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1RoleBindingListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1/watch/roles": { - "get": { - "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1" - ], - "operationId": "watchRbacAuthorizationV1RoleListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "getRbacAuthorizationV1alpha1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/clusterrolebindings": { - "get": { - "description": "list or watch objects of kind ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "listRbacAuthorizationV1alpha1ClusterRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "post": { - "description": "create a ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "createRbacAuthorizationV1alpha1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1CollectionClusterRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/clusterrolebindings/{name}": { - "get": { - "description": "read the specified ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "readRbacAuthorizationV1alpha1ClusterRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "replaceRbacAuthorizationV1alpha1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete a ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified ClusterRoleBinding", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "patchRbacAuthorizationV1alpha1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/clusterroles": { - "get": { - "description": "list or watch objects of kind ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "listRbacAuthorizationV1alpha1ClusterRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "post": { - "description": "create a ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "createRbacAuthorizationV1alpha1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1CollectionClusterRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/clusterroles/{name}": { - "get": { - "description": "read the specified ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "readRbacAuthorizationV1alpha1ClusterRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "replaceRbacAuthorizationV1alpha1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete a ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified ClusterRole", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "patchRbacAuthorizationV1alpha1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRole", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/rolebindings": { - "get": { - "description": "list or watch objects of kind RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "listRbacAuthorizationV1alpha1NamespacedRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "post": { - "description": "create a RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "createRbacAuthorizationV1alpha1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1CollectionNamespacedRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/rolebindings/{name}": { - "get": { - "description": "read the specified RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "readRbacAuthorizationV1alpha1NamespacedRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "replaceRbacAuthorizationV1alpha1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete a RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified RoleBinding", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "patchRbacAuthorizationV1alpha1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the RoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/roles": { - "get": { - "description": "list or watch objects of kind Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "listRbacAuthorizationV1alpha1NamespacedRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "post": { - "description": "create a Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "createRbacAuthorizationV1alpha1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1CollectionNamespacedRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/roles/{name}": { - "get": { - "description": "read the specified Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "readRbacAuthorizationV1alpha1NamespacedRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "replaceRbacAuthorizationV1alpha1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete a Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "deleteRbacAuthorizationV1alpha1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified Role", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "patchRbacAuthorizationV1alpha1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Role", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/rolebindings": { - "get": { - "description": "list or watch objects of kind RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "listRbacAuthorizationV1alpha1RoleBindingForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/roles": { - "get": { - "description": "list or watch objects of kind Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "listRbacAuthorizationV1alpha1RoleForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterrolebindings": { - "get": { - "description": "watch individual changes to a list of ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1ClusterRoleBindingList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterrolebindings/{name}": { - "get": { - "description": "watch changes to an object of kind ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1ClusterRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterroles": { - "get": { - "description": "watch individual changes to a list of ClusterRole. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1ClusterRoleList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterroles/{name}": { - "get": { - "description": "watch changes to an object of kind ClusterRole. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1ClusterRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRole", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/rolebindings": { - "get": { - "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1NamespacedRoleBindingList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/rolebindings/{name}": { - "get": { - "description": "watch changes to an object of kind RoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1NamespacedRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the RoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/roles": { - "get": { - "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1NamespacedRoleList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/roles/{name}": { - "get": { - "description": "watch changes to an object of kind Role. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1NamespacedRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Role", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/rolebindings": { - "get": { - "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1RoleBindingListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1alpha1/watch/roles": { - "get": { - "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1alpha1" - ], - "operationId": "watchRbacAuthorizationV1alpha1RoleListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "getRbacAuthorizationV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings": { - "get": { - "description": "list or watch objects of kind ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "listRbacAuthorizationV1beta1ClusterRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "post": { - "description": "create a ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "createRbacAuthorizationV1beta1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1CollectionClusterRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/{name}": { - "get": { - "description": "read the specified ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "readRbacAuthorizationV1beta1ClusterRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "replaceRbacAuthorizationV1beta1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a ClusterRoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified ClusterRoleBinding", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "patchRbacAuthorizationV1beta1ClusterRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/clusterroles": { - "get": { - "description": "list or watch objects of kind ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "listRbacAuthorizationV1beta1ClusterRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "post": { - "description": "create a ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "createRbacAuthorizationV1beta1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1CollectionClusterRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/clusterroles/{name}": { - "get": { - "description": "read the specified ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "readRbacAuthorizationV1beta1ClusterRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "replaceRbacAuthorizationV1beta1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a ClusterRole", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified ClusterRole", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "patchRbacAuthorizationV1beta1ClusterRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRole", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/rolebindings": { - "get": { - "description": "list or watch objects of kind RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "listRbacAuthorizationV1beta1NamespacedRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "post": { - "description": "create a RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "createRbacAuthorizationV1beta1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1CollectionNamespacedRoleBinding", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/rolebindings/{name}": { - "get": { - "description": "read the specified RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "readRbacAuthorizationV1beta1NamespacedRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "replaceRbacAuthorizationV1beta1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified RoleBinding", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "patchRbacAuthorizationV1beta1NamespacedRoleBinding", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the RoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/roles": { - "get": { - "description": "list or watch objects of kind Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "listRbacAuthorizationV1beta1NamespacedRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "post": { - "description": "create a Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "createRbacAuthorizationV1beta1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1CollectionNamespacedRole", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/roles/{name}": { - "get": { - "description": "read the specified Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "readRbacAuthorizationV1beta1NamespacedRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "replaceRbacAuthorizationV1beta1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "deleteRbacAuthorizationV1beta1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified Role", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "patchRbacAuthorizationV1beta1NamespacedRole", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the Role", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/rolebindings": { - "get": { - "description": "list or watch objects of kind RoleBinding", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "listRbacAuthorizationV1beta1RoleBindingForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBindingList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/roles": { - "get": { - "description": "list or watch objects of kind Role", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "listRbacAuthorizationV1beta1RoleForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings": { - "get": { - "description": "watch individual changes to a list of ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1ClusterRoleBindingList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings/{name}": { - "get": { - "description": "watch changes to an object of kind ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1ClusterRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles": { - "get": { - "description": "watch individual changes to a list of ClusterRole. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1ClusterRoleList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles/{name}": { - "get": { - "description": "watch changes to an object of kind ClusterRole. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1ClusterRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the ClusterRole", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/rolebindings": { - "get": { - "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1NamespacedRoleBindingList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/rolebindings/{name}": { - "get": { - "description": "watch changes to an object of kind RoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1NamespacedRoleBinding", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the RoleBinding", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/roles": { - "get": { - "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1NamespacedRoleList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/roles/{name}": { - "get": { - "description": "watch changes to an object of kind Role. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1NamespacedRole", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the Role", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/rolebindings": { - "get": { - "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1RoleBindingListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/rbac.authorization.k8s.io/v1beta1/watch/roles": { - "get": { - "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "rbacAuthorization_v1beta1" - ], - "operationId": "watchRbacAuthorizationV1beta1RoleListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling" - ], - "operationId": "getSchedulingAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/scheduling.k8s.io/v1alpha1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "getSchedulingV1alpha1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/scheduling.k8s.io/v1alpha1/priorityclasses": { - "get": { - "description": "list or watch objects of kind PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "listSchedulingV1alpha1PriorityClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClassList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "post": { - "description": "create a PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "createSchedulingV1alpha1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "deleteSchedulingV1alpha1CollectionPriorityClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/v1alpha1/priorityclasses/{name}": { - "get": { - "description": "read the specified PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "readSchedulingV1alpha1PriorityClass", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "replaceSchedulingV1alpha1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete a PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "deleteSchedulingV1alpha1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified PriorityClass", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "patchSchedulingV1alpha1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PriorityClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/v1alpha1/watch/priorityclasses": { - "get": { - "description": "watch individual changes to a list of PriorityClass. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "watchSchedulingV1alpha1PriorityClassList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/v1alpha1/watch/priorityclasses/{name}": { - "get": { - "description": "watch changes to an object of kind PriorityClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1alpha1" - ], - "operationId": "watchSchedulingV1alpha1PriorityClass", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PriorityClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "getSchedulingV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/scheduling.k8s.io/v1beta1/priorityclasses": { - "get": { - "description": "list or watch objects of kind PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "listSchedulingV1beta1PriorityClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClassList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "post": { - "description": "create a PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "createSchedulingV1beta1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "deleteSchedulingV1beta1CollectionPriorityClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/v1beta1/priorityclasses/{name}": { - "get": { - "description": "read the specified PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "readSchedulingV1beta1PriorityClass", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "replaceSchedulingV1beta1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a PriorityClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "deleteSchedulingV1beta1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified PriorityClass", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "patchSchedulingV1beta1PriorityClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PriorityClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/v1beta1/watch/priorityclasses": { - "get": { - "description": "watch individual changes to a list of PriorityClass. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "watchSchedulingV1beta1PriorityClassList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/scheduling.k8s.io/v1beta1/watch/priorityclasses/{name}": { - "get": { - "description": "watch changes to an object of kind PriorityClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "scheduling_v1beta1" - ], - "operationId": "watchSchedulingV1beta1PriorityClass", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PriorityClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/settings.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings" - ], - "operationId": "getSettingsAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/settings.k8s.io/v1alpha1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "getSettingsV1alpha1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/settings.k8s.io/v1alpha1/namespaces/{namespace}/podpresets": { - "get": { - "description": "list or watch objects of kind PodPreset", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "listSettingsV1alpha1NamespacedPodPreset", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "post": { - "description": "create a PodPreset", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "createSettingsV1alpha1NamespacedPodPreset", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of PodPreset", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "deleteSettingsV1alpha1CollectionNamespacedPodPreset", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/settings.k8s.io/v1alpha1/namespaces/{namespace}/podpresets/{name}": { - "get": { - "description": "read the specified PodPreset", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "readSettingsV1alpha1NamespacedPodPreset", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified PodPreset", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "replaceSettingsV1alpha1NamespacedPodPreset", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete a PodPreset", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "deleteSettingsV1alpha1NamespacedPodPreset", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified PodPreset", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "patchSettingsV1alpha1NamespacedPodPreset", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodPreset", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/settings.k8s.io/v1alpha1/podpresets": { - "get": { - "description": "list or watch objects of kind PodPreset", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "listSettingsV1alpha1PodPresetForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/settings.k8s.io/v1alpha1/watch/namespaces/{namespace}/podpresets": { - "get": { - "description": "watch individual changes to a list of PodPreset. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "watchSettingsV1alpha1NamespacedPodPresetList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/settings.k8s.io/v1alpha1/watch/namespaces/{namespace}/podpresets/{name}": { - "get": { - "description": "watch changes to an object of kind PodPreset. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "watchSettingsV1alpha1NamespacedPodPreset", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the PodPreset", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "object name and auth scope, such as for teams and projects", - "name": "namespace", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/settings.k8s.io/v1alpha1/watch/podpresets": { - "get": { - "description": "watch individual changes to a list of PodPreset. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "settings_v1alpha1" - ], - "operationId": "watchSettingsV1alpha1PodPresetListForAllNamespaces", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/": { - "get": { - "description": "get information of a group", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage" - ], - "operationId": "getStorageAPIGroup", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/storage.k8s.io/v1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "getStorageV1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/storage.k8s.io/v1/storageclasses": { - "get": { - "description": "list or watch objects of kind StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "listStorageV1StorageClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClassList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "post": { - "description": "create a StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "createStorageV1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "deleteStorageV1CollectionStorageClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/storageclasses/{name}": { - "get": { - "description": "read the specified StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "readStorageV1StorageClass", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "put": { - "description": "replace the specified StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "replaceStorageV1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "delete": { - "description": "delete a StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "deleteStorageV1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified StorageClass", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "patchStorageV1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StorageClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/volumeattachments": { - "get": { - "description": "list or watch objects of kind VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "listStorageV1VolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "post": { - "description": "create a VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "createStorageV1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "delete": { - "description": "delete collection of VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "deleteStorageV1CollectionVolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/volumeattachments/{name}": { - "get": { - "description": "read the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "readStorageV1VolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "put": { - "description": "replace the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "replaceStorageV1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "delete": { - "description": "delete a VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "deleteStorageV1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "patch": { - "description": "partially update the specified VolumeAttachment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "patchStorageV1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the VolumeAttachment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/volumeattachments/{name}/status": { - "get": { - "description": "read status of the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "readStorageV1VolumeAttachmentStatus", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "put": { - "description": "replace status of the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "replaceStorageV1VolumeAttachmentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "patch": { - "description": "partially update status of the specified VolumeAttachment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "patchStorageV1VolumeAttachmentStatus", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the VolumeAttachment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/watch/storageclasses": { - "get": { - "description": "watch individual changes to a list of StorageClass. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "watchStorageV1StorageClassList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/watch/storageclasses/{name}": { - "get": { - "description": "watch changes to an object of kind StorageClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "watchStorageV1StorageClass", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the StorageClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/watch/volumeattachments": { - "get": { - "description": "watch individual changes to a list of VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "watchStorageV1VolumeAttachmentList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1/watch/volumeattachments/{name}": { - "get": { - "description": "watch changes to an object of kind VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1" - ], - "operationId": "watchStorageV1VolumeAttachment", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the VolumeAttachment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1alpha1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "getStorageV1alpha1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/storage.k8s.io/v1alpha1/volumeattachments": { - "get": { - "description": "list or watch objects of kind VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "listStorageV1alpha1VolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "post": { - "description": "create a VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "createStorageV1alpha1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete collection of VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "deleteStorageV1alpha1CollectionVolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1alpha1/volumeattachments/{name}": { - "get": { - "description": "read the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "readStorageV1alpha1VolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "put": { - "description": "replace the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "replaceStorageV1alpha1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "delete": { - "description": "delete a VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "deleteStorageV1alpha1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "patch": { - "description": "partially update the specified VolumeAttachment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "patchStorageV1alpha1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the VolumeAttachment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1alpha1/watch/volumeattachments": { - "get": { - "description": "watch individual changes to a list of VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "watchStorageV1alpha1VolumeAttachmentList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1alpha1/watch/volumeattachments/{name}": { - "get": { - "description": "watch changes to an object of kind VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1alpha1" - ], - "operationId": "watchStorageV1alpha1VolumeAttachment", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the VolumeAttachment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/": { - "get": { - "description": "get available resources", - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "getStorageV1beta1APIResources", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - }, - "/apis/storage.k8s.io/v1beta1/storageclasses": { - "get": { - "description": "list or watch objects of kind StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "listStorageV1beta1StorageClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClassList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "post": { - "description": "create a StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "createStorageV1beta1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "deleteStorageV1beta1CollectionStorageClass", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/storageclasses/{name}": { - "get": { - "description": "read the specified StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "readStorageV1beta1StorageClass", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "replaceStorageV1beta1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a StorageClass", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "deleteStorageV1beta1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified StorageClass", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "patchStorageV1beta1StorageClass", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the StorageClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/volumeattachments": { - "get": { - "description": "list or watch objects of kind VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "listStorageV1beta1VolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "post": { - "description": "create a VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "createStorageV1beta1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete collection of VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "deleteStorageV1beta1CollectionVolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/volumeattachments/{name}": { - "get": { - "description": "read the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "readStorageV1beta1VolumeAttachment", - "parameters": [ - { - "uniqueItems": true, - "type": "boolean", - "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", - "name": "exact", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Should this value be exported. Export strips fields that a user can not specify.", - "name": "export", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "put": { - "description": "replace the specified VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "replaceStorageV1beta1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "delete": { - "description": "delete a VolumeAttachment", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "deleteStorageV1beta1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "name": "gracePeriodSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "name": "orphanDependents", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "name": "propagationPolicy", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "patch": { - "description": "partially update the specified VolumeAttachment", - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "patchStorageV1beta1VolumeAttachment", - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "uniqueItems": true, - "type": "string", - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "name": "dryRun", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "name": "force", - "in": "query" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "name of the VolumeAttachment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/watch/storageclasses": { - "get": { - "description": "watch individual changes to a list of StorageClass. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "watchStorageV1beta1StorageClassList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/watch/storageclasses/{name}": { - "get": { - "description": "watch changes to an object of kind StorageClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "watchStorageV1beta1StorageClass", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the StorageClass", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/watch/volumeattachments": { - "get": { - "description": "watch individual changes to a list of VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "watchStorageV1beta1VolumeAttachmentList", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/apis/storage.k8s.io/v1beta1/watch/volumeattachments/{name}": { - "get": { - "description": "watch changes to an object of kind VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "consumes": [ - "*/*" - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "operationId": "watchStorageV1beta1VolumeAttachment", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "name": "continue", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "name": "fieldSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "name": "labelSelector", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "name": "limit", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "name of the VolumeAttachment", - "name": "name", - "in": "path", - "required": true - }, - { - "uniqueItems": true, - "type": "string", - "description": "If 'true', then the output is pretty printed.", - "name": "pretty", - "in": "query" - }, - { - "uniqueItems": true, - "type": "string", - "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", - "name": "resourceVersion", - "in": "query" - }, - { - "uniqueItems": true, - "type": "integer", - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "name": "timeoutSeconds", - "in": "query" - }, - { - "uniqueItems": true, - "type": "boolean", - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "name": "watch", - "in": "query" - } - ] - }, - "/logs/": { - "get": { - "schemes": [ - "https" - ], - "tags": [ - "logs" - ], - "operationId": "logFileListHandler", - "responses": { - "401": { - "description": "Unauthorized" - } - } - } - }, - "/logs/{logpath}": { - "get": { - "schemes": [ - "https" - ], - "tags": [ - "logs" - ], - "operationId": "logFileHandler", - "responses": { - "401": { - "description": "Unauthorized" - } - } - }, - "parameters": [ - { - "uniqueItems": true, - "type": "string", - "description": "path to the log", - "name": "logpath", - "in": "path", - "required": true - } - ] - }, - "/version/": { - "get": { - "description": "get the code version", - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "schemes": [ - "https" - ], - "tags": [ - "version" - ], - "operationId": "getCodeVersion", - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.version.Info" - } - }, - "401": { - "description": "Unauthorized" - } - } - } - } - }, - "definitions": { - "io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration": { - "description": "MutatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and may change the object.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "webhooks": { - "description": "Webhooks is a list of webhooks and the affected resources and operations.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.Webhook" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfiguration", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfigurationList": { - "description": "MutatingWebhookConfigurationList is a list of MutatingWebhookConfiguration.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of MutatingWebhookConfiguration.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "admissionregistration.k8s.io", - "kind": "MutatingWebhookConfigurationList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.admissionregistration.v1beta1.RuleWithOperations": { - "description": "RuleWithOperations is a tuple of Operations and Resources. It is recommended to make sure that all the tuple expansions are valid.", - "type": "object", - "properties": { - "apiGroups": { - "description": "APIGroups is the API groups the resources belong to. '*' is all groups. If '*' is present, the length of the slice must be one. Required.", - "type": "array", - "items": { - "type": "string" - } - }, - "apiVersions": { - "description": "APIVersions is the API versions the resources belong to. '*' is all versions. If '*' is present, the length of the slice must be one. Required.", - "type": "array", - "items": { - "type": "string" - } - }, - "operations": { - "description": "Operations is the operations the admission hook cares about - CREATE, UPDATE, or * for all operations. If '*' is present, the length of the slice must be one. Required.", - "type": "array", - "items": { - "type": "string" - } - }, - "resources": { - "description": "Resources is a list of resources this rule applies to.\n\nFor example: 'pods' means pods. 'pods/log' means the log subresource of pods. '*' means all resources, but not subresources. 'pods/*' means all subresources of pods. '*/scale' means all scale subresources. '*/*' means all resources and their subresources.\n\nIf wildcard is present, the validation rule will ensure resources do not overlap with each other.\n\nDepending on the enclosing object, subresources might not be allowed. Required.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.admissionregistration.v1beta1.ServiceReference": { - "description": "ServiceReference holds a reference to Service.legacy.k8s.io", - "type": "object", - "required": [ - "namespace", - "name" - ], - "properties": { - "name": { - "description": "`name` is the name of the service. Required", - "type": "string" - }, - "namespace": { - "description": "`namespace` is the namespace of the service. Required", - "type": "string" - }, - "path": { - "description": "`path` is an optional URL path which will be sent in any request to this service.", - "type": "string" - } - } - }, - "io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration": { - "description": "ValidatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and object without changing it.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "webhooks": { - "description": "Webhooks is a list of webhooks and the affected resources and operations.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.Webhook" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfiguration", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfigurationList": { - "description": "ValidatingWebhookConfigurationList is a list of ValidatingWebhookConfiguration.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of ValidatingWebhookConfiguration.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "admissionregistration.k8s.io", - "kind": "ValidatingWebhookConfigurationList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.admissionregistration.v1beta1.Webhook": { - "description": "Webhook describes an admission webhook and the resources and operations it applies to.", - "type": "object", - "required": [ - "name", - "clientConfig" - ], - "properties": { - "clientConfig": { - "description": "ClientConfig defines how to communicate with the hook. Required", - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.WebhookClientConfig" - }, - "failurePolicy": { - "description": "FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Ignore.", - "type": "string" - }, - "name": { - "description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.", - "type": "string" - }, - "namespaceSelector": { - "description": "NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.\n\nFor example, to run the webhook on any objects whose namespace is not associated with \"runlevel\" of \"0\" or \"1\"; you will set the selector as follows: \"namespaceSelector\": {\n \"matchExpressions\": [\n {\n \"key\": \"runlevel\",\n \"operator\": \"NotIn\",\n \"values\": [\n \"0\",\n \"1\"\n ]\n }\n ]\n}\n\nIf instead you want to only run the webhook on any objects whose namespace is associated with the \"environment\" of \"prod\" or \"staging\"; you will set the selector as follows: \"namespaceSelector\": {\n \"matchExpressions\": [\n {\n \"key\": \"environment\",\n \"operator\": \"In\",\n \"values\": [\n \"prod\",\n \"staging\"\n ]\n }\n ]\n}\n\nSee https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.\n\nDefault to the empty LabelSelector, which matches everything.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "rules": { - "description": "Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.RuleWithOperations" - } - }, - "sideEffects": { - "description": "SideEffects states whether this webhookk has side effects. Acceptable values are: Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission change and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some. Defaults to Unknown.", - "type": "string" - } - } - }, - "io.k8s.api.admissionregistration.v1beta1.WebhookClientConfig": { - "description": "WebhookClientConfig contains the information to make a TLS connection with the webhook", - "type": "object", - "properties": { - "caBundle": { - "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.", - "type": "string", - "format": "byte" - }, - "service": { - "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", - "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ServiceReference" - }, - "url": { - "description": "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1.ControllerRevision": { - "description": "ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.", - "type": "object", - "required": [ - "revision" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "data": { - "description": "Data is the serialized representation of the state.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "revision": { - "description": "Revision indicates the revision of the state represented by Data.", - "type": "integer", - "format": "int64" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.ControllerRevisionList": { - "description": "ControllerRevisionList is a resource containing a list of ControllerRevision objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of ControllerRevisions", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ControllerRevisionList", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.DaemonSet": { - "description": "DaemonSet represents the configuration of a daemon set.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetSpec" - }, - "status": { - "description": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DaemonSet", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.DaemonSetCondition": { - "description": "DaemonSetCondition describes the state of a DaemonSet at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of DaemonSet condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1.DaemonSetList": { - "description": "DaemonSetList is a collection of daemon sets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "A list of daemon sets.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DaemonSetList", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.DaemonSetSpec": { - "description": "DaemonSetSpec is the specification of a daemon set.", - "type": "object", - "required": [ - "selector", - "template" - ], - "properties": { - "minReadySeconds": { - "description": "The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "A label query over pods that are managed by the daemon set. Must match in order to be controlled. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "template": { - "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "updateStrategy": { - "description": "An update strategy to replace existing DaemonSet pods with new pods.", - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetUpdateStrategy" - } - } - }, - "io.k8s.api.apps.v1.DaemonSetStatus": { - "description": "DaemonSetStatus represents the current status of a daemon set.", - "type": "object", - "required": [ - "currentNumberScheduled", - "numberMisscheduled", - "desiredNumberScheduled", - "numberReady" - ], - "properties": { - "collisionCount": { - "description": "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a DaemonSet's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "currentNumberScheduled": { - "description": "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "desiredNumberScheduled": { - "description": "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "numberAvailable": { - "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)", - "type": "integer", - "format": "int32" - }, - "numberMisscheduled": { - "description": "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "numberReady": { - "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.", - "type": "integer", - "format": "int32" - }, - "numberUnavailable": { - "description": "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "The most recent generation observed by the daemon set controller.", - "type": "integer", - "format": "int64" - }, - "updatedNumberScheduled": { - "description": "The total number of nodes that are running updated daemon pod", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1.DaemonSetUpdateStrategy": { - "description": "DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "Rolling update config params. Present only if type = \"RollingUpdate\".", - "$ref": "#/definitions/io.k8s.api.apps.v1.RollingUpdateDaemonSet" - }, - "type": { - "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1.Deployment": { - "description": "Deployment enables declarative updates for Pods and ReplicaSets.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the Deployment.", - "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentSpec" - }, - "status": { - "description": "Most recently observed status of the Deployment.", - "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "Deployment", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.DeploymentCondition": { - "description": "DeploymentCondition describes the state of a deployment at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastUpdateTime": { - "description": "The last time this condition was updated.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of deployment condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1.DeploymentList": { - "description": "DeploymentList is a list of Deployments.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of Deployments.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DeploymentList", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.DeploymentSpec": { - "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", - "type": "object", - "required": [ - "selector", - "template" - ], - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "paused": { - "description": "Indicates that the deployment is paused.", - "type": "boolean" - }, - "progressDeadlineSeconds": { - "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. It must match the pod template's labels.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "strategy": { - "description": "The deployment strategy to use to replace existing pods with new ones.", - "x-kubernetes-patch-strategy": "retainKeys", - "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentStrategy" - }, - "template": { - "description": "Template describes the pods that will be created.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.apps.v1.DeploymentStatus": { - "description": "DeploymentStatus is the most recently observed status of the Deployment.", - "type": "object", - "properties": { - "availableReplicas": { - "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "collisionCount": { - "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a deployment's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "observedGeneration": { - "description": "The generation observed by the deployment controller.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "Total number of ready pods targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", - "type": "integer", - "format": "int32" - }, - "unavailableReplicas": { - "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", - "type": "integer", - "format": "int32" - }, - "updatedReplicas": { - "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1.DeploymentStrategy": { - "description": "DeploymentStrategy describes how to replace existing pods with new ones.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.", - "$ref": "#/definitions/io.k8s.api.apps.v1.RollingUpdateDeployment" - }, - "type": { - "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1.ReplicaSet": { - "description": "ReplicaSet ensures that a specified number of pod replicas are running at any given time.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetSpec" - }, - "status": { - "description": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.ReplicaSetCondition": { - "description": "ReplicaSetCondition describes the state of a replica set at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "The last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of replica set condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1.ReplicaSetList": { - "description": "ReplicaSetList is a collection of ReplicaSets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ReplicaSetList", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.ReplicaSetSpec": { - "description": "ReplicaSetSpec is the specification of a ReplicaSet.", - "type": "object", - "required": [ - "selector" - ], - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "template": { - "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.apps.v1.ReplicaSetStatus": { - "description": "ReplicaSetStatus represents the current status of a ReplicaSet.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "availableReplicas": { - "description": "The number of available replicas (ready for at least minReadySeconds) for this replica set.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a replica set's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "fullyLabeledReplicas": { - "description": "The number of pods that have labels matching the labels of the pod template of the replicaset.", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "The number of ready replicas for this replica set.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1.RollingUpdateDaemonSet": { - "description": "Spec to control the desired behavior of daemon set rolling update.", - "type": "object", - "properties": { - "maxUnavailable": { - "description": "The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.apps.v1.RollingUpdateDeployment": { - "description": "Spec to control the desired behavior of rolling update.", - "type": "object", - "properties": { - "maxSurge": { - "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "maxUnavailable": { - "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.apps.v1.RollingUpdateStatefulSetStrategy": { - "description": "RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.", - "type": "object", - "properties": { - "partition": { - "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned. Default value is 0.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1.StatefulSet": { - "description": "StatefulSet represents a set of pods with consistent identities. Identities are defined as:\n - Network: A single stable DNS and hostname.\n - Storage: As many VolumeClaims as requested.\nThe StatefulSet guarantees that a given network identity will always map to the same storage identity.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the desired identities of pods in this set.", - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetSpec" - }, - "status": { - "description": "Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.", - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "StatefulSet", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.StatefulSetCondition": { - "description": "StatefulSetCondition describes the state of a statefulset at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of statefulset condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1.StatefulSetList": { - "description": "StatefulSetList is a collection of StatefulSets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "StatefulSetList", - "version": "v1" - } - ] - }, - "io.k8s.api.apps.v1.StatefulSetSpec": { - "description": "A StatefulSetSpec is the specification of a StatefulSet.", - "type": "object", - "required": [ - "selector", - "template", - "serviceName" - ], - "properties": { - "podManagementPolicy": { - "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.", - "type": "string" - }, - "replicas": { - "description": "replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "selector is a label query over pods that should match the replica count. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "serviceName": { - "description": "serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where \"pod-specific-string\" is managed by the StatefulSet controller.", - "type": "string" - }, - "template": { - "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "updateStrategy": { - "description": "updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.", - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetUpdateStrategy" - }, - "volumeClaimTemplates": { - "description": "volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - } - } - }, - "io.k8s.api.apps.v1.StatefulSetStatus": { - "description": "StatefulSetStatus represents the current state of a StatefulSet.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "collisionCount": { - "description": "collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a statefulset's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "currentReplicas": { - "description": "currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.", - "type": "integer", - "format": "int32" - }, - "currentRevision": { - "description": "currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).", - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet's generation, which is updated on mutation by the API Server.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "replicas is the number of Pods created by the StatefulSet controller.", - "type": "integer", - "format": "int32" - }, - "updateRevision": { - "description": "updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)", - "type": "string" - }, - "updatedReplicas": { - "description": "updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1.StatefulSetUpdateStrategy": { - "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.", - "$ref": "#/definitions/io.k8s.api.apps.v1.RollingUpdateStatefulSetStrategy" - }, - "type": { - "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta1.ControllerRevision": { - "description": "DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1beta2/ControllerRevision. See the release notes for more information. ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.", - "type": "object", - "required": [ - "revision" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "data": { - "description": "Data is the serialized representation of the state.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "revision": { - "description": "Revision indicates the revision of the state represented by Data.", - "type": "integer", - "format": "int64" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.ControllerRevisionList": { - "description": "ControllerRevisionList is a resource containing a list of ControllerRevision objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of ControllerRevisions", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ControllerRevisionList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.Deployment": { - "description": "DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the Deployment.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentSpec" - }, - "status": { - "description": "Most recently observed status of the Deployment.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "Deployment", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.DeploymentCondition": { - "description": "DeploymentCondition describes the state of a deployment at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastUpdateTime": { - "description": "The last time this condition was updated.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of deployment condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta1.DeploymentList": { - "description": "DeploymentList is a list of Deployments.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of Deployments.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DeploymentList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.DeploymentRollback": { - "description": "DEPRECATED. DeploymentRollback stores the information required to rollback a deployment.", - "type": "object", - "required": [ - "name", - "rollbackTo" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "name": { - "description": "Required: This must match the Name of a deployment.", - "type": "string" - }, - "rollbackTo": { - "description": "The config of this deployment rollback.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollbackConfig" - }, - "updatedAnnotations": { - "description": "The annotations to be updated to a deployment", - "type": "object", - "additionalProperties": { - "type": "string" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DeploymentRollback", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.DeploymentSpec": { - "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", - "type": "object", - "required": [ - "template" - ], - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "paused": { - "description": "Indicates that the deployment is paused.", - "type": "boolean" - }, - "progressDeadlineSeconds": { - "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 2.", - "type": "integer", - "format": "int32" - }, - "rollbackTo": { - "description": "DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollbackConfig" - }, - "selector": { - "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "strategy": { - "description": "The deployment strategy to use to replace existing pods with new ones.", - "x-kubernetes-patch-strategy": "retainKeys", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStrategy" - }, - "template": { - "description": "Template describes the pods that will be created.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.apps.v1beta1.DeploymentStatus": { - "description": "DeploymentStatus is the most recently observed status of the Deployment.", - "type": "object", - "properties": { - "availableReplicas": { - "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "collisionCount": { - "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a deployment's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "observedGeneration": { - "description": "The generation observed by the deployment controller.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "Total number of ready pods targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", - "type": "integer", - "format": "int32" - }, - "unavailableReplicas": { - "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", - "type": "integer", - "format": "int32" - }, - "updatedReplicas": { - "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta1.DeploymentStrategy": { - "description": "DeploymentStrategy describes how to replace existing pods with new ones.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateDeployment" - }, - "type": { - "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta1.RollbackConfig": { - "description": "DEPRECATED.", - "type": "object", - "properties": { - "revision": { - "description": "The revision to rollback to. If set to 0, rollback to the last revision.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.apps.v1beta1.RollingUpdateDeployment": { - "description": "Spec to control the desired behavior of rolling update.", - "type": "object", - "properties": { - "maxSurge": { - "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "maxUnavailable": { - "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy": { - "description": "RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.", - "type": "object", - "properties": { - "partition": { - "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta1.Scale": { - "description": "Scale represents a scaling request for a resource.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleSpec" - }, - "status": { - "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "Scale", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.ScaleSpec": { - "description": "ScaleSpec describes the attributes of a scale subresource", - "type": "object", - "properties": { - "replicas": { - "description": "desired number of instances for the scaled object.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta1.ScaleStatus": { - "description": "ScaleStatus represents the current status of a scale subresource.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "replicas": { - "description": "actual number of observed instances of the scaled object.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "targetSelector": { - "description": "label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta1.StatefulSet": { - "description": "DEPRECATED - This group version of StatefulSet is deprecated by apps/v1beta2/StatefulSet. See the release notes for more information. StatefulSet represents a set of pods with consistent identities. Identities are defined as:\n - Network: A single stable DNS and hostname.\n - Storage: As many VolumeClaims as requested.\nThe StatefulSet guarantees that a given network identity will always map to the same storage identity.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the desired identities of pods in this set.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetSpec" - }, - "status": { - "description": "Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.StatefulSetCondition": { - "description": "StatefulSetCondition describes the state of a statefulset at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of statefulset condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta1.StatefulSetList": { - "description": "StatefulSetList is a collection of StatefulSets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "StatefulSetList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.apps.v1beta1.StatefulSetSpec": { - "description": "A StatefulSetSpec is the specification of a StatefulSet.", - "type": "object", - "required": [ - "template", - "serviceName" - ], - "properties": { - "podManagementPolicy": { - "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.", - "type": "string" - }, - "replicas": { - "description": "replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "selector is a label query over pods that should match the replica count. If empty, defaulted to labels on the pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "serviceName": { - "description": "serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where \"pod-specific-string\" is managed by the StatefulSet controller.", - "type": "string" - }, - "template": { - "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "updateStrategy": { - "description": "updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy" - }, - "volumeClaimTemplates": { - "description": "volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - } - } - }, - "io.k8s.api.apps.v1beta1.StatefulSetStatus": { - "description": "StatefulSetStatus represents the current state of a StatefulSet.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "collisionCount": { - "description": "collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a statefulset's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "currentReplicas": { - "description": "currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.", - "type": "integer", - "format": "int32" - }, - "currentRevision": { - "description": "currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).", - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet's generation, which is updated on mutation by the API Server.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "replicas is the number of Pods created by the StatefulSet controller.", - "type": "integer", - "format": "int32" - }, - "updateRevision": { - "description": "updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)", - "type": "string" - }, - "updatedReplicas": { - "description": "updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy": { - "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy" - }, - "type": { - "description": "Type indicates the type of the StatefulSetUpdateStrategy.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.ControllerRevision": { - "description": "DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1/ControllerRevision. See the release notes for more information. ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.", - "type": "object", - "required": [ - "revision" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "data": { - "description": "Data is the serialized representation of the state.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "revision": { - "description": "Revision indicates the revision of the state represented by Data.", - "type": "integer", - "format": "int64" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ControllerRevision", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.ControllerRevisionList": { - "description": "ControllerRevisionList is a resource containing a list of ControllerRevision objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of ControllerRevisions", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ControllerRevisionList", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.DaemonSet": { - "description": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetSpec" - }, - "status": { - "description": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DaemonSet", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.DaemonSetCondition": { - "description": "DaemonSetCondition describes the state of a DaemonSet at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of DaemonSet condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.DaemonSetList": { - "description": "DaemonSetList is a collection of daemon sets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "A list of daemon sets.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DaemonSetList", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.DaemonSetSpec": { - "description": "DaemonSetSpec is the specification of a daemon set.", - "type": "object", - "required": [ - "selector", - "template" - ], - "properties": { - "minReadySeconds": { - "description": "The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "A label query over pods that are managed by the daemon set. Must match in order to be controlled. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "template": { - "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "updateStrategy": { - "description": "An update strategy to replace existing DaemonSet pods with new pods.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetUpdateStrategy" - } - } - }, - "io.k8s.api.apps.v1beta2.DaemonSetStatus": { - "description": "DaemonSetStatus represents the current status of a daemon set.", - "type": "object", - "required": [ - "currentNumberScheduled", - "numberMisscheduled", - "desiredNumberScheduled", - "numberReady" - ], - "properties": { - "collisionCount": { - "description": "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a DaemonSet's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "currentNumberScheduled": { - "description": "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "desiredNumberScheduled": { - "description": "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "numberAvailable": { - "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)", - "type": "integer", - "format": "int32" - }, - "numberMisscheduled": { - "description": "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "numberReady": { - "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.", - "type": "integer", - "format": "int32" - }, - "numberUnavailable": { - "description": "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "The most recent generation observed by the daemon set controller.", - "type": "integer", - "format": "int64" - }, - "updatedNumberScheduled": { - "description": "The total number of nodes that are running updated daemon pod", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta2.DaemonSetUpdateStrategy": { - "description": "DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "Rolling update config params. Present only if type = \"RollingUpdate\".", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.RollingUpdateDaemonSet" - }, - "type": { - "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.Deployment": { - "description": "DEPRECATED - This group version of Deployment is deprecated by apps/v1/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the Deployment.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentSpec" - }, - "status": { - "description": "Most recently observed status of the Deployment.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "Deployment", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.DeploymentCondition": { - "description": "DeploymentCondition describes the state of a deployment at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastUpdateTime": { - "description": "The last time this condition was updated.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of deployment condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.DeploymentList": { - "description": "DeploymentList is a list of Deployments.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of Deployments.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "DeploymentList", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.DeploymentSpec": { - "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", - "type": "object", - "required": [ - "selector", - "template" - ], - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "paused": { - "description": "Indicates that the deployment is paused.", - "type": "boolean" - }, - "progressDeadlineSeconds": { - "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. It must match the pod template's labels.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "strategy": { - "description": "The deployment strategy to use to replace existing pods with new ones.", - "x-kubernetes-patch-strategy": "retainKeys", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentStrategy" - }, - "template": { - "description": "Template describes the pods that will be created.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.apps.v1beta2.DeploymentStatus": { - "description": "DeploymentStatus is the most recently observed status of the Deployment.", - "type": "object", - "properties": { - "availableReplicas": { - "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "collisionCount": { - "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a deployment's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "observedGeneration": { - "description": "The generation observed by the deployment controller.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "Total number of ready pods targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", - "type": "integer", - "format": "int32" - }, - "unavailableReplicas": { - "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", - "type": "integer", - "format": "int32" - }, - "updatedReplicas": { - "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta2.DeploymentStrategy": { - "description": "DeploymentStrategy describes how to replace existing pods with new ones.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.RollingUpdateDeployment" - }, - "type": { - "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.ReplicaSet": { - "description": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetSpec" - }, - "status": { - "description": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ReplicaSet", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.ReplicaSetCondition": { - "description": "ReplicaSetCondition describes the state of a replica set at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "The last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of replica set condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.ReplicaSetList": { - "description": "ReplicaSetList is a collection of ReplicaSets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "ReplicaSetList", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.ReplicaSetSpec": { - "description": "ReplicaSetSpec is the specification of a ReplicaSet.", - "type": "object", - "required": [ - "selector" - ], - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "template": { - "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.apps.v1beta2.ReplicaSetStatus": { - "description": "ReplicaSetStatus represents the current status of a ReplicaSet.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "availableReplicas": { - "description": "The number of available replicas (ready for at least minReadySeconds) for this replica set.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a replica set's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "fullyLabeledReplicas": { - "description": "The number of pods that have labels matching the labels of the pod template of the replicaset.", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "The number of ready replicas for this replica set.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta2.RollingUpdateDaemonSet": { - "description": "Spec to control the desired behavior of daemon set rolling update.", - "type": "object", - "properties": { - "maxUnavailable": { - "description": "The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.apps.v1beta2.RollingUpdateDeployment": { - "description": "Spec to control the desired behavior of rolling update.", - "type": "object", - "properties": { - "maxSurge": { - "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "maxUnavailable": { - "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.apps.v1beta2.RollingUpdateStatefulSetStrategy": { - "description": "RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.", - "type": "object", - "properties": { - "partition": { - "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned. Default value is 0.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta2.Scale": { - "description": "Scale represents a scaling request for a resource.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ScaleSpec" - }, - "status": { - "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ScaleStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "Scale", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.ScaleSpec": { - "description": "ScaleSpec describes the attributes of a scale subresource", - "type": "object", - "properties": { - "replicas": { - "description": "desired number of instances for the scaled object.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta2.ScaleStatus": { - "description": "ScaleStatus represents the current status of a scale subresource.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "replicas": { - "description": "actual number of observed instances of the scaled object.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "targetSelector": { - "description": "label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.StatefulSet": { - "description": "DEPRECATED - This group version of StatefulSet is deprecated by apps/v1/StatefulSet. See the release notes for more information. StatefulSet represents a set of pods with consistent identities. Identities are defined as:\n - Network: A single stable DNS and hostname.\n - Storage: As many VolumeClaims as requested.\nThe StatefulSet guarantees that a given network identity will always map to the same storage identity.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the desired identities of pods in this set.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetSpec" - }, - "status": { - "description": "Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "StatefulSet", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.StatefulSetCondition": { - "description": "StatefulSetCondition describes the state of a statefulset at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of statefulset condition.", - "type": "string" - } - } - }, - "io.k8s.api.apps.v1beta2.StatefulSetList": { - "description": "StatefulSetList is a collection of StatefulSets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apps", - "kind": "StatefulSetList", - "version": "v1beta2" - } - ] - }, - "io.k8s.api.apps.v1beta2.StatefulSetSpec": { - "description": "A StatefulSetSpec is the specification of a StatefulSet.", - "type": "object", - "required": [ - "selector", - "template", - "serviceName" - ], - "properties": { - "podManagementPolicy": { - "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.", - "type": "string" - }, - "replicas": { - "description": "replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "selector is a label query over pods that should match the replica count. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "serviceName": { - "description": "serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where \"pod-specific-string\" is managed by the StatefulSet controller.", - "type": "string" - }, - "template": { - "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "updateStrategy": { - "description": "updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetUpdateStrategy" - }, - "volumeClaimTemplates": { - "description": "volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - } - } - }, - "io.k8s.api.apps.v1beta2.StatefulSetStatus": { - "description": "StatefulSetStatus represents the current state of a StatefulSet.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "collisionCount": { - "description": "collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a statefulset's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "currentReplicas": { - "description": "currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.", - "type": "integer", - "format": "int32" - }, - "currentRevision": { - "description": "currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).", - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet's generation, which is updated on mutation by the API Server.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "replicas is the number of Pods created by the StatefulSet controller.", - "type": "integer", - "format": "int32" - }, - "updateRevision": { - "description": "updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)", - "type": "string" - }, - "updatedReplicas": { - "description": "updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.apps.v1beta2.StatefulSetUpdateStrategy": { - "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta2.RollingUpdateStatefulSetStrategy" - }, - "type": { - "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.auditregistration.v1alpha1.AuditSink": { - "description": "AuditSink represents a cluster level audit sink", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the audit configuration spec", - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "auditregistration.k8s.io", - "kind": "AuditSink", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.auditregistration.v1alpha1.AuditSinkList": { - "description": "AuditSinkList is a list of AuditSink items.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of audit configurations.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "auditregistration.k8s.io", - "kind": "AuditSinkList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.auditregistration.v1alpha1.AuditSinkSpec": { - "description": "AuditSinkSpec holds the spec for the audit sink", - "type": "object", - "required": [ - "policy", - "webhook" - ], - "properties": { - "policy": { - "description": "Policy defines the policy for selecting which events should be sent to the webhook required", - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Policy" - }, - "webhook": { - "description": "Webhook to send events required", - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.Webhook" - } - } - }, - "io.k8s.api.auditregistration.v1alpha1.Policy": { - "description": "Policy defines the configuration of how audit events are logged", - "type": "object", - "required": [ - "level" - ], - "properties": { - "level": { - "description": "The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required", - "type": "string" - }, - "stages": { - "description": "Stages is a list of stages for which events are created.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.auditregistration.v1alpha1.ServiceReference": { - "description": "ServiceReference holds a reference to Service.legacy.k8s.io", - "type": "object", - "required": [ - "namespace", - "name" - ], - "properties": { - "name": { - "description": "`name` is the name of the service. Required", - "type": "string" - }, - "namespace": { - "description": "`namespace` is the namespace of the service. Required", - "type": "string" - }, - "path": { - "description": "`path` is an optional URL path which will be sent in any request to this service.", - "type": "string" - } - } - }, - "io.k8s.api.auditregistration.v1alpha1.Webhook": { - "description": "Webhook holds the configuration of the webhook", - "type": "object", - "required": [ - "clientConfig" - ], - "properties": { - "clientConfig": { - "description": "ClientConfig holds the connection parameters for the webhook required", - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig" - }, - "throttle": { - "description": "Throttle holds the options for throttling the webhook", - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig" - } - } - }, - "io.k8s.api.auditregistration.v1alpha1.WebhookClientConfig": { - "description": "WebhookClientConfig contains the information to make a connection with the webhook", - "type": "object", - "properties": { - "caBundle": { - "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.", - "type": "string", - "format": "byte" - }, - "service": { - "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", - "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.ServiceReference" - }, - "url": { - "description": "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", - "type": "string" - } - } - }, - "io.k8s.api.auditregistration.v1alpha1.WebhookThrottleConfig": { - "description": "WebhookThrottleConfig holds the configuration for throttling events", - "type": "object", - "properties": { - "burst": { - "description": "ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS", - "type": "integer", - "format": "int64" - }, - "qps": { - "description": "ThrottleQPS maximum number of batches per second default 10 QPS", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.authentication.v1.TokenReview": { - "description": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated", - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request can be authenticated.", - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authentication.k8s.io", - "kind": "TokenReview", - "version": "v1" - } - ] - }, - "io.k8s.api.authentication.v1.TokenReviewSpec": { - "description": "TokenReviewSpec is a description of the token authentication request.", - "type": "object", - "properties": { - "audiences": { - "description": "Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.", - "type": "array", - "items": { - "type": "string" - } - }, - "token": { - "description": "Token is the opaque bearer token.", - "type": "string" - } - } - }, - "io.k8s.api.authentication.v1.TokenReviewStatus": { - "description": "TokenReviewStatus is the result of the token authentication request.", - "type": "object", - "properties": { - "audiences": { - "description": "Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token's audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is \"true\", the token is valid against the audience of the Kubernetes API server.", - "type": "array", - "items": { - "type": "string" - } - }, - "authenticated": { - "description": "Authenticated indicates that the token was associated with a known user.", - "type": "boolean" - }, - "error": { - "description": "Error indicates that the token couldn't be checked", - "type": "string" - }, - "user": { - "description": "User is the UserInfo associated with the provided token.", - "$ref": "#/definitions/io.k8s.api.authentication.v1.UserInfo" - } - } - }, - "io.k8s.api.authentication.v1.UserInfo": { - "description": "UserInfo holds the information about the user needed to implement the user.Info interface.", - "type": "object", - "properties": { - "extra": { - "description": "Any additional information provided by the authenticator.", - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "groups": { - "description": "The names of groups this user is a part of.", - "type": "array", - "items": { - "type": "string" - } - }, - "uid": { - "description": "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", - "type": "string" - }, - "username": { - "description": "The name that uniquely identifies this user among all active users.", - "type": "string" - } - } - }, - "io.k8s.api.authentication.v1beta1.TokenReview": { - "description": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated", - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request can be authenticated.", - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authentication.k8s.io", - "kind": "TokenReview", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.authentication.v1beta1.TokenReviewSpec": { - "description": "TokenReviewSpec is a description of the token authentication request.", - "type": "object", - "properties": { - "audiences": { - "description": "Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.", - "type": "array", - "items": { - "type": "string" - } - }, - "token": { - "description": "Token is the opaque bearer token.", - "type": "string" - } - } - }, - "io.k8s.api.authentication.v1beta1.TokenReviewStatus": { - "description": "TokenReviewStatus is the result of the token authentication request.", - "type": "object", - "properties": { - "audiences": { - "description": "Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token's audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is \"true\", the token is valid against the audience of the Kubernetes API server.", - "type": "array", - "items": { - "type": "string" - } - }, - "authenticated": { - "description": "Authenticated indicates that the token was associated with a known user.", - "type": "boolean" - }, - "error": { - "description": "Error indicates that the token couldn't be checked", - "type": "string" - }, - "user": { - "description": "User is the UserInfo associated with the provided token.", - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.UserInfo" - } - } - }, - "io.k8s.api.authentication.v1beta1.UserInfo": { - "description": "UserInfo holds the information about the user needed to implement the user.Info interface.", - "type": "object", - "properties": { - "extra": { - "description": "Any additional information provided by the authenticator.", - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "groups": { - "description": "The names of groups this user is a part of.", - "type": "array", - "items": { - "type": "string" - } - }, - "uid": { - "description": "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.", - "type": "string" - }, - "username": { - "description": "The name that uniquely identifies this user among all active users.", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1.LocalSubjectAccessReview": { - "description": "LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request is allowed or not", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "LocalSubjectAccessReview", - "version": "v1" - } - ] - }, - "io.k8s.api.authorization.v1.NonResourceAttributes": { - "description": "NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface", - "type": "object", - "properties": { - "path": { - "description": "Path is the URL path of the request", - "type": "string" - }, - "verb": { - "description": "Verb is the standard HTTP verb", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1.NonResourceRule": { - "description": "NonResourceRule holds information that describes a rule for the non-resource", - "type": "object", - "required": [ - "verbs" - ], - "properties": { - "nonResourceURLs": { - "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - }, - "verbs": { - "description": "Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.authorization.v1.ResourceAttributes": { - "description": "ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface", - "type": "object", - "properties": { - "group": { - "description": "Group is the API Group of the Resource. \"*\" means all.", - "type": "string" - }, - "name": { - "description": "Name is the name of the resource being requested for a \"get\" or deleted for a \"delete\". \"\" (empty) means all.", - "type": "string" - }, - "namespace": { - "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces \"\" (empty) is defaulted for LocalSubjectAccessReviews \"\" (empty) is empty for cluster-scoped resources \"\" (empty) means \"all\" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview", - "type": "string" - }, - "resource": { - "description": "Resource is one of the existing resource types. \"*\" means all.", - "type": "string" - }, - "subresource": { - "description": "Subresource is one of the existing resource types. \"\" means none.", - "type": "string" - }, - "verb": { - "description": "Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", - "type": "string" - }, - "version": { - "description": "Version is the API Version of the Resource. \"*\" means all.", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1.ResourceRule": { - "description": "ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", - "type": "object", - "required": [ - "verbs" - ], - "properties": { - "apiGroups": { - "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - }, - "resourceNames": { - "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - }, - "resources": { - "description": "Resources is a list of resources this rule applies to. \"*\" means all in the specified apiGroups.\n \"*/foo\" represents the subresource 'foo' for all resources in the specified apiGroups.", - "type": "array", - "items": { - "type": "string" - } - }, - "verbs": { - "description": "Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.authorization.v1.SelfSubjectAccessReview": { - "description": "SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means \"in all namespaces\". Self is a special case, because users should always be able to check whether they can perform an action", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated. user and groups must be empty", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request is allowed or not", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "SelfSubjectAccessReview", - "version": "v1" - } - ] - }, - "io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec": { - "description": "SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", - "type": "object", - "properties": { - "nonResourceAttributes": { - "description": "NonResourceAttributes describes information for a non-resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceAttributes" - }, - "resourceAttributes": { - "description": "ResourceAuthorizationAttributes describes information for a resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes" - } - } - }, - "io.k8s.api.authorization.v1.SelfSubjectRulesReview": { - "description": "SelfSubjectRulesReview enumerates the set of actions the current user can perform within a namespace. The returned list of actions may be incomplete depending on the server's authorization mode, and any errors experienced during the evaluation. SelfSubjectRulesReview should be used by UIs to show/hide actions, or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns. SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates the set of actions a user can perform.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectRulesReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "SelfSubjectRulesReview", - "version": "v1" - } - ] - }, - "io.k8s.api.authorization.v1.SelfSubjectRulesReviewSpec": { - "type": "object", - "properties": { - "namespace": { - "description": "Namespace to evaluate rules for. Required.", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1.SubjectAccessReview": { - "description": "SubjectAccessReview checks whether or not a user or group can perform an action.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request is allowed or not", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "SubjectAccessReview", - "version": "v1" - } - ] - }, - "io.k8s.api.authorization.v1.SubjectAccessReviewSpec": { - "description": "SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", - "type": "object", - "properties": { - "extra": { - "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.", - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "groups": { - "description": "Groups is the groups you're testing for.", - "type": "array", - "items": { - "type": "string" - } - }, - "nonResourceAttributes": { - "description": "NonResourceAttributes describes information for a non-resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceAttributes" - }, - "resourceAttributes": { - "description": "ResourceAuthorizationAttributes describes information for a resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes" - }, - "uid": { - "description": "UID information about the requesting user.", - "type": "string" - }, - "user": { - "description": "User is the user you're testing for. If you specify \"User\" but not \"Groups\", then is it interpreted as \"What if User were not a member of any groups", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1.SubjectAccessReviewStatus": { - "description": "SubjectAccessReviewStatus", - "type": "object", - "required": [ - "allowed" - ], - "properties": { - "allowed": { - "description": "Allowed is required. True if the action would be allowed, false otherwise.", - "type": "boolean" - }, - "denied": { - "description": "Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.", - "type": "boolean" - }, - "evaluationError": { - "description": "EvaluationError is an indication that some error occurred during the authorization check. It is entirely possible to get an error and be able to continue determine authorization status in spite of it. For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.", - "type": "string" - }, - "reason": { - "description": "Reason is optional. It indicates why a request was allowed or denied.", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1.SubjectRulesReviewStatus": { - "description": "SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission, even if that list is incomplete.", - "type": "object", - "required": [ - "resourceRules", - "nonResourceRules", - "incomplete" - ], - "properties": { - "evaluationError": { - "description": "EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn't support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.", - "type": "string" - }, - "incomplete": { - "description": "Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.", - "type": "boolean" - }, - "nonResourceRules": { - "description": "NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceRule" - } - }, - "resourceRules": { - "description": "ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceRule" - } - } - } - }, - "io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview": { - "description": "LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request is allowed or not", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "LocalSubjectAccessReview", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.authorization.v1beta1.NonResourceAttributes": { - "description": "NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface", - "type": "object", - "properties": { - "path": { - "description": "Path is the URL path of the request", - "type": "string" - }, - "verb": { - "description": "Verb is the standard HTTP verb", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1beta1.NonResourceRule": { - "description": "NonResourceRule holds information that describes a rule for the non-resource", - "type": "object", - "required": [ - "verbs" - ], - "properties": { - "nonResourceURLs": { - "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - }, - "verbs": { - "description": "Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.authorization.v1beta1.ResourceAttributes": { - "description": "ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface", - "type": "object", - "properties": { - "group": { - "description": "Group is the API Group of the Resource. \"*\" means all.", - "type": "string" - }, - "name": { - "description": "Name is the name of the resource being requested for a \"get\" or deleted for a \"delete\". \"\" (empty) means all.", - "type": "string" - }, - "namespace": { - "description": "Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces \"\" (empty) is defaulted for LocalSubjectAccessReviews \"\" (empty) is empty for cluster-scoped resources \"\" (empty) means \"all\" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview", - "type": "string" - }, - "resource": { - "description": "Resource is one of the existing resource types. \"*\" means all.", - "type": "string" - }, - "subresource": { - "description": "Subresource is one of the existing resource types. \"\" means none.", - "type": "string" - }, - "verb": { - "description": "Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", - "type": "string" - }, - "version": { - "description": "Version is the API Version of the Resource. \"*\" means all.", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1beta1.ResourceRule": { - "description": "ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", - "type": "object", - "required": [ - "verbs" - ], - "properties": { - "apiGroups": { - "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - }, - "resourceNames": { - "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - }, - "resources": { - "description": "Resources is a list of resources this rule applies to. \"*\" means all in the specified apiGroups.\n \"*/foo\" represents the subresource 'foo' for all resources in the specified apiGroups.", - "type": "array", - "items": { - "type": "string" - } - }, - "verbs": { - "description": "Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. \"*\" means all.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview": { - "description": "SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means \"in all namespaces\". Self is a special case, because users should always be able to check whether they can perform an action", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated. user and groups must be empty", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request is allowed or not", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "SelfSubjectAccessReview", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec": { - "description": "SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", - "type": "object", - "properties": { - "nonResourceAttributes": { - "description": "NonResourceAttributes describes information for a non-resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceAttributes" - }, - "resourceAttributes": { - "description": "ResourceAuthorizationAttributes describes information for a resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes" - } - } - }, - "io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview": { - "description": "SelfSubjectRulesReview enumerates the set of actions the current user can perform within a namespace. The returned list of actions may be incomplete depending on the server's authorization mode, and any errors experienced during the evaluation. SelfSubjectRulesReview should be used by UIs to show/hide actions, or to quickly let an end user reason about their permissions. It should NOT Be used by external systems to drive authorization decisions as this raises confused deputy, cache lifetime/revocation, and correctness concerns. SubjectAccessReview, and LocalAccessReview are the correct way to defer authorization decisions to the API server.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates the set of actions a user can perform.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectRulesReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "SelfSubjectRulesReview", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.authorization.v1beta1.SelfSubjectRulesReviewSpec": { - "type": "object", - "properties": { - "namespace": { - "description": "Namespace to evaluate rules for. Required.", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1beta1.SubjectAccessReview": { - "description": "SubjectAccessReview checks whether or not a user or group can perform an action.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds information about the request being evaluated", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec" - }, - "status": { - "description": "Status is filled in by the server and indicates whether the request is allowed or not", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "authorization.k8s.io", - "kind": "SubjectAccessReview", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec": { - "description": "SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", - "type": "object", - "properties": { - "extra": { - "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.", - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "group": { - "description": "Groups is the groups you're testing for.", - "type": "array", - "items": { - "type": "string" - } - }, - "nonResourceAttributes": { - "description": "NonResourceAttributes describes information for a non-resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceAttributes" - }, - "resourceAttributes": { - "description": "ResourceAuthorizationAttributes describes information for a resource access request", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes" - }, - "uid": { - "description": "UID information about the requesting user.", - "type": "string" - }, - "user": { - "description": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus": { - "description": "SubjectAccessReviewStatus", - "type": "object", - "required": [ - "allowed" - ], - "properties": { - "allowed": { - "description": "Allowed is required. True if the action would be allowed, false otherwise.", - "type": "boolean" - }, - "denied": { - "description": "Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.", - "type": "boolean" - }, - "evaluationError": { - "description": "EvaluationError is an indication that some error occurred during the authorization check. It is entirely possible to get an error and be able to continue determine authorization status in spite of it. For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.", - "type": "string" - }, - "reason": { - "description": "Reason is optional. It indicates why a request was allowed or denied.", - "type": "string" - } - } - }, - "io.k8s.api.authorization.v1beta1.SubjectRulesReviewStatus": { - "description": "SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission, even if that list is incomplete.", - "type": "object", - "required": [ - "resourceRules", - "nonResourceRules", - "incomplete" - ], - "properties": { - "evaluationError": { - "description": "EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn't support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.", - "type": "string" - }, - "incomplete": { - "description": "Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.", - "type": "boolean" - }, - "nonResourceRules": { - "description": "NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceRule" - } - }, - "resourceRules": { - "description": "ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceRule" - } - } - } - }, - "io.k8s.api.autoscaling.v1.CrossVersionObjectReference": { - "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", - "type": "object", - "required": [ - "kind", - "name" - ], - "properties": { - "apiVersion": { - "description": "API version of the referent", - "type": "string" - }, - "kind": { - "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds\"", - "type": "string" - }, - "name": { - "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler": { - "description": "configuration of a horizontal pod autoscaler.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec" - }, - "status": { - "description": "current information about the autoscaler.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v1" - } - ] - }, - "io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList": { - "description": "list of horizontal pod autoscaler objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "list of horizontal pod autoscaler objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "autoscaling", - "kind": "HorizontalPodAutoscalerList", - "version": "v1" - } - ] - }, - "io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec": { - "description": "specification of a horizontal pod autoscaler.", - "type": "object", - "required": [ - "scaleTargetRef", - "maxReplicas" - ], - "properties": { - "maxReplicas": { - "description": "upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.", - "type": "integer", - "format": "int32" - }, - "minReplicas": { - "description": "lower limit for the number of pods that can be set by the autoscaler, default 1.", - "type": "integer", - "format": "int32" - }, - "scaleTargetRef": { - "description": "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.CrossVersionObjectReference" - }, - "targetCPUUtilizationPercentage": { - "description": "target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus": { - "description": "current status of a horizontal pod autoscaler", - "type": "object", - "required": [ - "currentReplicas", - "desiredReplicas" - ], - "properties": { - "currentCPUUtilizationPercentage": { - "description": "current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU.", - "type": "integer", - "format": "int32" - }, - "currentReplicas": { - "description": "current number of replicas of pods managed by this autoscaler.", - "type": "integer", - "format": "int32" - }, - "desiredReplicas": { - "description": "desired number of replicas of pods managed by this autoscaler.", - "type": "integer", - "format": "int32" - }, - "lastScaleTime": { - "description": "last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "observedGeneration": { - "description": "most recent generation observed by this autoscaler.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.autoscaling.v1.Scale": { - "description": "Scale represents a scaling request for a resource.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleSpec" - }, - "status": { - "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "autoscaling", - "kind": "Scale", - "version": "v1" - } - ] - }, - "io.k8s.api.autoscaling.v1.ScaleSpec": { - "description": "ScaleSpec describes the attributes of a scale subresource.", - "type": "object", - "properties": { - "replicas": { - "description": "desired number of instances for the scaled object.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.autoscaling.v1.ScaleStatus": { - "description": "ScaleStatus represents the current status of a scale subresource.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "replicas": { - "description": "actual number of observed instances of the scaled object.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "label query over pods that should match the replicas count. This is same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference": { - "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", - "type": "object", - "required": [ - "kind", - "name" - ], - "properties": { - "apiVersion": { - "description": "API version of the referent", - "type": "string" - }, - "kind": { - "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds\"", - "type": "string" - }, - "name": { - "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.ExternalMetricSource": { - "description": "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). Exactly one \"target\" type should be set.", - "type": "object", - "required": [ - "metricName" - ], - "properties": { - "metricName": { - "description": "metricName is the name of the metric in question.", - "type": "string" - }, - "metricSelector": { - "description": "metricSelector is used to identify a specific time series within a given metric.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "targetAverageValue": { - "description": "targetAverageValue is the target per-pod value of global metric (as a quantity). Mutually exclusive with TargetValue.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "targetValue": { - "description": "targetValue is the target value of the metric (as a quantity). Mutually exclusive with TargetAverageValue.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.ExternalMetricStatus": { - "description": "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.", - "type": "object", - "required": [ - "metricName", - "currentValue" - ], - "properties": { - "currentAverageValue": { - "description": "currentAverageValue is the current value of metric averaged over autoscaled pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "currentValue": { - "description": "currentValue is the current value of the metric (as a quantity)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "metricName": { - "description": "metricName is the name of a metric used for autoscaling in metric system.", - "type": "string" - }, - "metricSelector": { - "description": "metricSelector is used to identify a specific time series within a given metric.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler": { - "description": "HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "spec is the specification for the behaviour of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerSpec" - }, - "status": { - "description": "status is the current information about the autoscaler.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta1" - } - ] - }, - "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerCondition": { - "description": "HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the last time the condition transitioned from one status to another", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "message is a human-readable explanation containing details about the transition", - "type": "string" - }, - "reason": { - "description": "reason is the reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "status is the status of the condition (True, False, Unknown)", - "type": "string" - }, - "type": { - "description": "type describes the current condition", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerList": { - "description": "HorizontalPodAutoscaler is a list of horizontal pod autoscaler objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of horizontal pod autoscaler objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard list metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "autoscaling", - "kind": "HorizontalPodAutoscalerList", - "version": "v2beta1" - } - ] - }, - "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerSpec": { - "description": "HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.", - "type": "object", - "required": [ - "scaleTargetRef", - "maxReplicas" - ], - "properties": { - "maxReplicas": { - "description": "maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.", - "type": "integer", - "format": "int32" - }, - "metrics": { - "description": "metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.MetricSpec" - } - }, - "minReplicas": { - "description": "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod.", - "type": "integer", - "format": "int32" - }, - "scaleTargetRef": { - "description": "scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerStatus": { - "description": "HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.", - "type": "object", - "required": [ - "currentReplicas", - "desiredReplicas", - "conditions" - ], - "properties": { - "conditions": { - "description": "conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerCondition" - } - }, - "currentMetrics": { - "description": "currentMetrics is the last read state of the metrics used by this autoscaler.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.MetricStatus" - } - }, - "currentReplicas": { - "description": "currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler.", - "type": "integer", - "format": "int32" - }, - "desiredReplicas": { - "description": "desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler.", - "type": "integer", - "format": "int32" - }, - "lastScaleTime": { - "description": "lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "observedGeneration": { - "description": "observedGeneration is the most recent generation observed by this autoscaler.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.MetricSpec": { - "description": "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).", - "type": "object", - "required": [ - "type" - ], - "properties": { - "external": { - "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ExternalMetricSource" - }, - "object": { - "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ObjectMetricSource" - }, - "pods": { - "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.PodsMetricSource" - }, - "resource": { - "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ResourceMetricSource" - }, - "type": { - "description": "type is the type of metric source. It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.MetricStatus": { - "description": "MetricStatus describes the last-read state of a single metric.", - "type": "object", - "required": [ - "type" - ], - "properties": { - "external": { - "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ExternalMetricStatus" - }, - "object": { - "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ObjectMetricStatus" - }, - "pods": { - "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.PodsMetricStatus" - }, - "resource": { - "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.ResourceMetricStatus" - }, - "type": { - "description": "type is the type of metric source. It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.ObjectMetricSource": { - "description": "ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", - "type": "object", - "required": [ - "target", - "metricName", - "targetValue" - ], - "properties": { - "averageValue": { - "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "metricName": { - "description": "metricName is the name of the metric in question.", - "type": "string" - }, - "selector": { - "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping When unset, just the metricName will be used to gather metrics.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "target": { - "description": "target is the described Kubernetes object.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference" - }, - "targetValue": { - "description": "targetValue is the target value of the metric (as a quantity).", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.ObjectMetricStatus": { - "description": "ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", - "type": "object", - "required": [ - "target", - "metricName", - "currentValue" - ], - "properties": { - "averageValue": { - "description": "averageValue is the current value of the average of the metric across all relevant pods (as a quantity)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "currentValue": { - "description": "currentValue is the current value of the metric (as a quantity).", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "metricName": { - "description": "metricName is the name of the metric in question.", - "type": "string" - }, - "selector": { - "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set in the ObjectMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "target": { - "description": "target is the described Kubernetes object.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.CrossVersionObjectReference" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.PodsMetricSource": { - "description": "PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", - "type": "object", - "required": [ - "metricName", - "targetAverageValue" - ], - "properties": { - "metricName": { - "description": "metricName is the name of the metric in question", - "type": "string" - }, - "selector": { - "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping When unset, just the metricName will be used to gather metrics.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "targetAverageValue": { - "description": "targetAverageValue is the target value of the average of the metric across all relevant pods (as a quantity)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.PodsMetricStatus": { - "description": "PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second).", - "type": "object", - "required": [ - "metricName", - "currentAverageValue" - ], - "properties": { - "currentAverageValue": { - "description": "currentAverageValue is the current value of the average of the metric across all relevant pods (as a quantity)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "metricName": { - "description": "metricName is the name of the metric in question", - "type": "string" - }, - "selector": { - "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set in the PodsMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.ResourceMetricSource": { - "description": "ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source. Only one \"target\" type should be set.", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "description": "name is the name of the resource in question.", - "type": "string" - }, - "targetAverageUtilization": { - "description": "targetAverageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods.", - "type": "integer", - "format": "int32" - }, - "targetAverageValue": { - "description": "targetAverageValue is the target value of the average of the resource metric across all relevant pods, as a raw value (instead of as a percentage of the request), similar to the \"pods\" metric source type.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - }, - "io.k8s.api.autoscaling.v2beta1.ResourceMetricStatus": { - "description": "ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", - "type": "object", - "required": [ - "name", - "currentAverageValue" - ], - "properties": { - "currentAverageUtilization": { - "description": "currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. It will only be present if `targetAverageValue` was set in the corresponding metric specification.", - "type": "integer", - "format": "int32" - }, - "currentAverageValue": { - "description": "currentAverageValue is the current value of the average of the resource metric across all relevant pods, as a raw value (instead of as a percentage of the request), similar to the \"pods\" metric source type. It will always be set, regardless of the corresponding metric specification.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "name": { - "description": "name is the name of the resource in question.", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference": { - "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", - "type": "object", - "required": [ - "kind", - "name" - ], - "properties": { - "apiVersion": { - "description": "API version of the referent", - "type": "string" - }, - "kind": { - "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds\"", - "type": "string" - }, - "name": { - "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.ExternalMetricSource": { - "description": "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).", - "type": "object", - "required": [ - "metric", - "target" - ], - "properties": { - "metric": { - "description": "metric identifies the target metric by name and selector", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier" - }, - "target": { - "description": "target specifies the target value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.ExternalMetricStatus": { - "description": "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.", - "type": "object", - "required": [ - "metric", - "current" - ], - "properties": { - "current": { - "description": "current contains the current value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus" - }, - "metric": { - "description": "metric identifies the target metric by name and selector", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler": { - "description": "HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "spec is the specification for the behaviour of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerSpec" - }, - "status": { - "description": "status is the current information about the autoscaler.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "autoscaling", - "kind": "HorizontalPodAutoscaler", - "version": "v2beta2" - } - ] - }, - "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerCondition": { - "description": "HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the last time the condition transitioned from one status to another", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "message is a human-readable explanation containing details about the transition", - "type": "string" - }, - "reason": { - "description": "reason is the reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "status is the status of the condition (True, False, Unknown)", - "type": "string" - }, - "type": { - "description": "type describes the current condition", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerList": { - "description": "HorizontalPodAutoscalerList is a list of horizontal pod autoscaler objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of horizontal pod autoscaler objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "metadata is the standard list metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "autoscaling", - "kind": "HorizontalPodAutoscalerList", - "version": "v2beta2" - } - ] - }, - "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerSpec": { - "description": "HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.", - "type": "object", - "required": [ - "scaleTargetRef", - "maxReplicas" - ], - "properties": { - "maxReplicas": { - "description": "maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.", - "type": "integer", - "format": "int32" - }, - "metrics": { - "description": "metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricSpec" - } - }, - "minReplicas": { - "description": "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod.", - "type": "integer", - "format": "int32" - }, - "scaleTargetRef": { - "description": "scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerStatus": { - "description": "HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.", - "type": "object", - "required": [ - "currentReplicas", - "desiredReplicas", - "conditions" - ], - "properties": { - "conditions": { - "description": "conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerCondition" - } - }, - "currentMetrics": { - "description": "currentMetrics is the last read state of the metrics used by this autoscaler.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricStatus" - } - }, - "currentReplicas": { - "description": "currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler.", - "type": "integer", - "format": "int32" - }, - "desiredReplicas": { - "description": "desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler.", - "type": "integer", - "format": "int32" - }, - "lastScaleTime": { - "description": "lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "observedGeneration": { - "description": "observedGeneration is the most recent generation observed by this autoscaler.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.MetricIdentifier": { - "description": "MetricIdentifier defines the name and optionally selector for a metric", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "description": "name is the name of the given metric", - "type": "string" - }, - "selector": { - "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.MetricSpec": { - "description": "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).", - "type": "object", - "required": [ - "type" - ], - "properties": { - "external": { - "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ExternalMetricSource" - }, - "object": { - "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ObjectMetricSource" - }, - "pods": { - "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.PodsMetricSource" - }, - "resource": { - "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ResourceMetricSource" - }, - "type": { - "description": "type is the type of metric source. It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.MetricStatus": { - "description": "MetricStatus describes the last-read state of a single metric.", - "type": "object", - "required": [ - "type" - ], - "properties": { - "external": { - "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ExternalMetricStatus" - }, - "object": { - "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ObjectMetricStatus" - }, - "pods": { - "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.PodsMetricStatus" - }, - "resource": { - "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.ResourceMetricStatus" - }, - "type": { - "description": "type is the type of metric source. It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.", - "type": "string" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.MetricTarget": { - "description": "MetricTarget defines the target value, average value, or average utilization of a specific metric", - "type": "object", - "required": [ - "type" - ], - "properties": { - "averageUtilization": { - "description": "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type", - "type": "integer", - "format": "int32" - }, - "averageValue": { - "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "type": { - "description": "type represents whether the metric type is Utilization, Value, or AverageValue", - "type": "string" - }, - "value": { - "description": "value is the target value of the metric (as a quantity).", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.MetricValueStatus": { - "description": "MetricValueStatus holds the current value for a metric", - "type": "object", - "properties": { - "averageUtilization": { - "description": "currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods.", - "type": "integer", - "format": "int32" - }, - "averageValue": { - "description": "averageValue is the current value of the average of the metric across all relevant pods (as a quantity)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "value": { - "description": "value is the current value of the metric (as a quantity).", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.ObjectMetricSource": { - "description": "ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", - "type": "object", - "required": [ - "describedObject", - "target", - "metric" - ], - "properties": { - "describedObject": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference" - }, - "metric": { - "description": "metric identifies the target metric by name and selector", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier" - }, - "target": { - "description": "target specifies the target value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.ObjectMetricStatus": { - "description": "ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).", - "type": "object", - "required": [ - "metric", - "current", - "describedObject" - ], - "properties": { - "current": { - "description": "current contains the current value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus" - }, - "describedObject": { - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.CrossVersionObjectReference" - }, - "metric": { - "description": "metric identifies the target metric by name and selector", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.PodsMetricSource": { - "description": "PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", - "type": "object", - "required": [ - "metric", - "target" - ], - "properties": { - "metric": { - "description": "metric identifies the target metric by name and selector", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier" - }, - "target": { - "description": "target specifies the target value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.PodsMetricStatus": { - "description": "PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second).", - "type": "object", - "required": [ - "metric", - "current" - ], - "properties": { - "current": { - "description": "current contains the current value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus" - }, - "metric": { - "description": "metric identifies the target metric by name and selector", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricIdentifier" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.ResourceMetricSource": { - "description": "ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source. Only one \"target\" type should be set.", - "type": "object", - "required": [ - "name", - "target" - ], - "properties": { - "name": { - "description": "name is the name of the resource in question.", - "type": "string" - }, - "target": { - "description": "target specifies the target value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricTarget" - } - } - }, - "io.k8s.api.autoscaling.v2beta2.ResourceMetricStatus": { - "description": "ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", - "type": "object", - "required": [ - "name", - "current" - ], - "properties": { - "current": { - "description": "current contains the current value for the given metric", - "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.MetricValueStatus" - }, - "name": { - "description": "Name is the name of the resource in question.", - "type": "string" - } - } - }, - "io.k8s.api.batch.v1.Job": { - "description": "Job represents the configuration of a single job.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec" - }, - "status": { - "description": "Current status of a job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "batch", - "kind": "Job", - "version": "v1" - } - ] - }, - "io.k8s.api.batch.v1.JobCondition": { - "description": "JobCondition describes current state of a job.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastProbeTime": { - "description": "Last time the condition was checked.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastTransitionTime": { - "description": "Last time the condition transit from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Human readable message indicating details about last transition.", - "type": "string" - }, - "reason": { - "description": "(brief) reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of job condition, Complete or Failed.", - "type": "string" - } - } - }, - "io.k8s.api.batch.v1.JobList": { - "description": "JobList is a collection of jobs.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of Jobs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "batch", - "kind": "JobList", - "version": "v1" - } - ] - }, - "io.k8s.api.batch.v1.JobSpec": { - "description": "JobSpec describes how the job execution will look like.", - "type": "object", - "required": [ - "template" - ], - "properties": { - "activeDeadlineSeconds": { - "description": "Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it; value must be positive integer", - "type": "integer", - "format": "int64" - }, - "backoffLimit": { - "description": "Specifies the number of retries before marking this job failed. Defaults to 6", - "type": "integer", - "format": "int32" - }, - "completions": { - "description": "Specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", - "type": "integer", - "format": "int32" - }, - "manualSelector": { - "description": "manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` unset unless you are certain what you are doing. When false or unset, the system pick labels unique to this job and appends those labels to the pod template. When true, the user is responsible for picking unique labels and specifying the selector. Failure to pick a unique label may cause this and other jobs to not function correctly. However, You may see `manualSelector=true` in jobs that were created with the old `extensions/v1beta1` API. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector", - "type": "boolean" - }, - "parallelism": { - "description": "Specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) \u003c .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "A label query over pods that should match the pod count. Normally, the system sets this field for you. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "template": { - "description": "Describes the pod that will be created when executing a job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "ttlSecondsAfterFinished": { - "description": "ttlSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. This field is alpha-level and is only honored by servers that enable the TTLAfterFinished feature.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.batch.v1.JobStatus": { - "description": "JobStatus represents the current state of a Job.", - "type": "object", - "properties": { - "active": { - "description": "The number of actively running pods.", - "type": "integer", - "format": "int32" - }, - "completionTime": { - "description": "Represents time when the job was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "conditions": { - "description": "The latest available observations of an object's current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.batch.v1.JobCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "failed": { - "description": "The number of pods which reached phase Failed.", - "type": "integer", - "format": "int32" - }, - "startTime": { - "description": "Represents time when the job was acknowledged by the job controller. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "succeeded": { - "description": "The number of pods which reached phase Succeeded.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.batch.v1beta1.CronJob": { - "description": "CronJob represents the configuration of a single cron job.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of a cron job, including the schedule. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobSpec" - }, - "status": { - "description": "Current status of a cron job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "batch", - "kind": "CronJob", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.batch.v1beta1.CronJobList": { - "description": "CronJobList is a collection of cron jobs.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of CronJobs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "batch", - "kind": "CronJobList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.batch.v1beta1.CronJobSpec": { - "description": "CronJobSpec describes how the job execution will look like and when it will actually run.", - "type": "object", - "required": [ - "schedule", - "jobTemplate" - ], - "properties": { - "concurrencyPolicy": { - "description": "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\" (default): allows CronJobs to run concurrently; - \"Forbid\": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one", - "type": "string" - }, - "failedJobsHistoryLimit": { - "description": "The number of failed finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", - "type": "integer", - "format": "int32" - }, - "jobTemplate": { - "description": "Specifies the job that will be created when executing a CronJob.", - "$ref": "#/definitions/io.k8s.api.batch.v1beta1.JobTemplateSpec" - }, - "schedule": { - "description": "The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.", - "type": "string" - }, - "startingDeadlineSeconds": { - "description": "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones.", - "type": "integer", - "format": "int64" - }, - "successfulJobsHistoryLimit": { - "description": "The number of successful finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified. Defaults to 3.", - "type": "integer", - "format": "int32" - }, - "suspend": { - "description": "This flag tells the controller to suspend subsequent executions, it does not apply to already started executions. Defaults to false.", - "type": "boolean" - } - } - }, - "io.k8s.api.batch.v1beta1.CronJobStatus": { - "description": "CronJobStatus represents the current state of a cron job.", - "type": "object", - "properties": { - "active": { - "description": "A list of pointers to currently running jobs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - } - }, - "lastScheduleTime": { - "description": "Information when was the last time the job was successfully scheduled.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.api.batch.v1beta1.JobTemplateSpec": { - "description": "JobTemplateSpec describes the data a Job should have when created from a template", - "type": "object", - "properties": { - "metadata": { - "description": "Standard object's metadata of the jobs created from this template. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec" - } - } - }, - "io.k8s.api.batch.v2alpha1.CronJob": { - "description": "CronJob represents the configuration of a single cron job.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of a cron job, including the schedule. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobSpec" - }, - "status": { - "description": "Current status of a cron job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "batch", - "kind": "CronJob", - "version": "v2alpha1" - } - ] - }, - "io.k8s.api.batch.v2alpha1.CronJobList": { - "description": "CronJobList is a collection of cron jobs.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of CronJobs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "batch", - "kind": "CronJobList", - "version": "v2alpha1" - } - ] - }, - "io.k8s.api.batch.v2alpha1.CronJobSpec": { - "description": "CronJobSpec describes how the job execution will look like and when it will actually run.", - "type": "object", - "required": [ - "schedule", - "jobTemplate" - ], - "properties": { - "concurrencyPolicy": { - "description": "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\" (default): allows CronJobs to run concurrently; - \"Forbid\": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one", - "type": "string" - }, - "failedJobsHistoryLimit": { - "description": "The number of failed finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified.", - "type": "integer", - "format": "int32" - }, - "jobTemplate": { - "description": "Specifies the job that will be created when executing a CronJob.", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.JobTemplateSpec" - }, - "schedule": { - "description": "The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.", - "type": "string" - }, - "startingDeadlineSeconds": { - "description": "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones.", - "type": "integer", - "format": "int64" - }, - "successfulJobsHistoryLimit": { - "description": "The number of successful finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified.", - "type": "integer", - "format": "int32" - }, - "suspend": { - "description": "This flag tells the controller to suspend subsequent executions, it does not apply to already started executions. Defaults to false.", - "type": "boolean" - } - } - }, - "io.k8s.api.batch.v2alpha1.CronJobStatus": { - "description": "CronJobStatus represents the current state of a cron job.", - "type": "object", - "properties": { - "active": { - "description": "A list of pointers to currently running jobs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - } - }, - "lastScheduleTime": { - "description": "Information when was the last time the job was successfully scheduled.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.api.batch.v2alpha1.JobTemplateSpec": { - "description": "JobTemplateSpec describes the data a Job should have when created from a template", - "type": "object", - "properties": { - "metadata": { - "description": "Standard object's metadata of the jobs created from this template. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the job. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec" - } - } - }, - "io.k8s.api.certificates.v1beta1.CertificateSigningRequest": { - "description": "Describes a certificate signing request", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "The certificate request itself and any additional information.", - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec" - }, - "status": { - "description": "Derived information about the request.", - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequest", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition": { - "type": "object", - "required": [ - "type" - ], - "properties": { - "lastUpdateTime": { - "description": "timestamp for the last update to this condition", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "human readable message with details about the request state", - "type": "string" - }, - "reason": { - "description": "brief reason for the request state", - "type": "string" - }, - "type": { - "description": "request approval state, currently Approved or Denied.", - "type": "string" - } - } - }, - "io.k8s.api.certificates.v1beta1.CertificateSigningRequestList": { - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "certificates.k8s.io", - "kind": "CertificateSigningRequestList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec": { - "description": "This information is immutable after the request is created. Only the Request and Usages fields can be set on creation, other fields are derived by Kubernetes and cannot be modified by users.", - "type": "object", - "required": [ - "request" - ], - "properties": { - "extra": { - "description": "Extra information about the requesting user. See user.Info interface for details.", - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "groups": { - "description": "Group information about the requesting user. See user.Info interface for details.", - "type": "array", - "items": { - "type": "string" - } - }, - "request": { - "description": "Base64-encoded PKCS#10 CSR data", - "type": "string", - "format": "byte" - }, - "uid": { - "description": "UID information about the requesting user. See user.Info interface for details.", - "type": "string" - }, - "usages": { - "description": "allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3\n https://tools.ietf.org/html/rfc5280#section-4.2.1.12", - "type": "array", - "items": { - "type": "string" - } - }, - "username": { - "description": "Information about the requesting user. See user.Info interface for details.", - "type": "string" - } - } - }, - "io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus": { - "type": "object", - "properties": { - "certificate": { - "description": "If request was approved, the controller will place the issued certificate here.", - "type": "string", - "format": "byte" - }, - "conditions": { - "description": "Conditions applied to the request, such as approval or denial.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition" - } - } - } - }, - "io.k8s.api.coordination.v1.Lease": { - "description": "Lease defines a lease concept.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.coordination.v1.LeaseSpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1" - } - ] - }, - "io.k8s.api.coordination.v1.LeaseList": { - "description": "LeaseList is a list of Lease objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "coordination.k8s.io", - "kind": "LeaseList", - "version": "v1" - } - ] - }, - "io.k8s.api.coordination.v1.LeaseSpec": { - "description": "LeaseSpec is a specification of a Lease.", - "type": "object", - "properties": { - "acquireTime": { - "description": "acquireTime is a time when the current lease was acquired.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - }, - "holderIdentity": { - "description": "holderIdentity contains the identity of the holder of a current lease.", - "type": "string" - }, - "leaseDurationSeconds": { - "description": "leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime.", - "type": "integer", - "format": "int32" - }, - "leaseTransitions": { - "description": "leaseTransitions is the number of transitions of a lease between holders.", - "type": "integer", - "format": "int32" - }, - "renewTime": { - "description": "renewTime is a time when the current holder of a lease has last updated the lease.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - } - } - }, - "io.k8s.api.coordination.v1beta1.Lease": { - "description": "Lease defines a lease concept.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.LeaseSpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "coordination.k8s.io", - "kind": "Lease", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.coordination.v1beta1.LeaseList": { - "description": "LeaseList is a list of Lease objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "coordination.k8s.io", - "kind": "LeaseList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.coordination.v1beta1.LeaseSpec": { - "description": "LeaseSpec is a specification of a Lease.", - "type": "object", - "properties": { - "acquireTime": { - "description": "acquireTime is a time when the current lease was acquired.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - }, - "holderIdentity": { - "description": "holderIdentity contains the identity of the holder of a current lease.", - "type": "string" - }, - "leaseDurationSeconds": { - "description": "leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime.", - "type": "integer", - "format": "int32" - }, - "leaseTransitions": { - "description": "leaseTransitions is the number of transitions of a lease between holders.", - "type": "integer", - "format": "int32" - }, - "renewTime": { - "description": "renewTime is a time when the current holder of a lease has last updated the lease.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - } - } - }, - "io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource": { - "description": "Represents a Persistent Disk resource in AWS.\n\nAn AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "volumeID" - ], - "properties": { - "fsType": { - "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - "type": "string" - }, - "partition": { - "description": "The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", - "type": "integer", - "format": "int32" - }, - "readOnly": { - "description": "Specify \"true\" to force and set the ReadOnly property in VolumeMounts to \"true\". If omitted, the default is \"false\". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - "type": "boolean" - }, - "volumeID": { - "description": "Unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Affinity": { - "description": "Affinity is a group of affinity scheduling rules.", - "type": "object", - "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeAffinity" - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinity" - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - "$ref": "#/definitions/io.k8s.api.core.v1.PodAntiAffinity" - } - } - }, - "io.k8s.api.core.v1.AttachedVolume": { - "description": "AttachedVolume describes a volume attached to a node", - "type": "object", - "required": [ - "name", - "devicePath" - ], - "properties": { - "devicePath": { - "description": "DevicePath represents the device path where the volume should be available", - "type": "string" - }, - "name": { - "description": "Name of the attached volume", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.AzureDiskVolumeSource": { - "description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - "type": "object", - "required": [ - "diskName", - "diskURI" - ], - "properties": { - "cachingMode": { - "description": "Host Caching mode: None, Read Only, Read Write.", - "type": "string" - }, - "diskName": { - "description": "The Name of the data disk in the blob storage", - "type": "string" - }, - "diskURI": { - "description": "The URI the data disk in the blob storage", - "type": "string" - }, - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", - "type": "string" - }, - "kind": { - "description": "Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", - "type": "string" - }, - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.AzureFilePersistentVolumeSource": { - "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod.", - "type": "object", - "required": [ - "secretName", - "shareName" - ], - "properties": { - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretName": { - "description": "the name of secret that contains Azure Storage Account Name and Key", - "type": "string" - }, - "secretNamespace": { - "description": "the namespace of the secret that contains Azure Storage Account Name and Key default is the same as the Pod", - "type": "string" - }, - "shareName": { - "description": "Share Name", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.AzureFileVolumeSource": { - "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod.", - "type": "object", - "required": [ - "secretName", - "shareName" - ], - "properties": { - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretName": { - "description": "the name of secret that contains Azure Storage Account Name and Key", - "type": "string" - }, - "shareName": { - "description": "Share Name", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Binding": { - "description": "Binding ties one object to another; for example, a pod is bound to a node by a scheduler. Deprecated in 1.7, please use the bindings subresource of pods instead.", - "type": "object", - "required": [ - "target" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "target": { - "description": "The target object that you want to bind to the standard object.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Binding", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.CSIPersistentVolumeSource": { - "description": "Represents storage that is managed by an external CSI volume driver (Beta feature)", - "type": "object", - "required": [ - "driver", - "volumeHandle" - ], - "properties": { - "controllerPublishSecretRef": { - "description": "ControllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "driver": { - "description": "Driver is the name of the driver to use for this volume. Required.", - "type": "string" - }, - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\".", - "type": "string" - }, - "nodePublishSecretRef": { - "description": "NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "nodeStageSecretRef": { - "description": "NodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "readOnly": { - "description": "Optional: The value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).", - "type": "boolean" - }, - "volumeAttributes": { - "description": "Attributes of the volume to publish.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "volumeHandle": { - "description": "VolumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Capabilities": { - "description": "Adds and removes POSIX capabilities from running containers.", - "type": "object", - "properties": { - "add": { - "description": "Added capabilities", - "type": "array", - "items": { - "type": "string" - } - }, - "drop": { - "description": "Removed capabilities", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.CephFSPersistentVolumeSource": { - "description": "Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "required": [ - "monitors" - ], - "properties": { - "monitors": { - "description": "Required: Monitors is a collection of Ceph monitors More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "array", - "items": { - "type": "string" - } - }, - "path": { - "description": "Optional: Used as the mounted root, rather than the full Ceph tree, default is /", - "type": "string" - }, - "readOnly": { - "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "boolean" - }, - "secretFile": { - "description": "Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "string" - }, - "secretRef": { - "description": "Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "user": { - "description": "Optional: User is the rados user name, default is admin More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.CephFSVolumeSource": { - "description": "Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "required": [ - "monitors" - ], - "properties": { - "monitors": { - "description": "Required: Monitors is a collection of Ceph monitors More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "array", - "items": { - "type": "string" - } - }, - "path": { - "description": "Optional: Used as the mounted root, rather than the full Ceph tree, default is /", - "type": "string" - }, - "readOnly": { - "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "boolean" - }, - "secretFile": { - "description": "Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "string" - }, - "secretRef": { - "description": "Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "user": { - "description": "Optional: User is the rados user name, default is admin More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.CinderPersistentVolumeSource": { - "description": "Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "volumeID" - ], - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "type": "string" - }, - "readOnly": { - "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "type": "boolean" - }, - "secretRef": { - "description": "Optional: points to a secret object containing parameters used to connect to OpenStack.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "volumeID": { - "description": "volume id used to identify the volume in cinder More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.CinderVolumeSource": { - "description": "Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "volumeID" - ], - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "type": "string" - }, - "readOnly": { - "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "type": "boolean" - }, - "secretRef": { - "description": "Optional: points to a secret object containing parameters used to connect to OpenStack.", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "volumeID": { - "description": "volume id used to identify the volume in cinder More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ClientIPConfig": { - "description": "ClientIPConfig represents the configurations of Client IP based session affinity.", - "type": "object", - "properties": { - "timeoutSeconds": { - "description": "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be \u003e0 \u0026\u0026 \u003c=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours).", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.core.v1.ComponentCondition": { - "description": "Information about the condition of a component.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "error": { - "description": "Condition error code for a component. For example, a health check error code.", - "type": "string" - }, - "message": { - "description": "Message about the condition for a component. For example, information about a health check.", - "type": "string" - }, - "status": { - "description": "Status of the condition for a component. Valid values for \"Healthy\": \"True\", \"False\", or \"Unknown\".", - "type": "string" - }, - "type": { - "description": "Type of condition for a component. Valid value: \"Healthy\"", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ComponentStatus": { - "description": "ComponentStatus (and ComponentStatusList) holds the cluster validation info.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "conditions": { - "description": "List of component conditions observed", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ComponentCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ComponentStatus", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ComponentStatusList": { - "description": "Status of all the conditions for the component as a list of ComponentStatus objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of ComponentStatus objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatus" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ComponentStatusList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ConfigMap": { - "description": "ConfigMap holds configuration data for pods to consume.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "binaryData": { - "description": "BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.", - "type": "object", - "additionalProperties": { - "type": "string", - "format": "byte" - } - }, - "data": { - "description": "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ConfigMap", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ConfigMapEnvSource": { - "description": "ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", - "type": "object", - "properties": { - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "optional": { - "description": "Specify whether the ConfigMap must be defined", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.ConfigMapKeySelector": { - "description": "Selects a key from a ConfigMap.", - "type": "object", - "required": [ - "key" - ], - "properties": { - "key": { - "description": "The key to select.", - "type": "string" - }, - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "optional": { - "description": "Specify whether the ConfigMap or it's key must be defined", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.ConfigMapList": { - "description": "ConfigMapList is a resource containing a list of ConfigMap objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of ConfigMaps.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ConfigMapList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ConfigMapNodeConfigSource": { - "description": "ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node.", - "type": "object", - "required": [ - "namespace", - "name", - "kubeletConfigKey" - ], - "properties": { - "kubeletConfigKey": { - "description": "KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure This field is required in all cases.", - "type": "string" - }, - "name": { - "description": "Name is the metadata.name of the referenced ConfigMap. This field is required in all cases.", - "type": "string" - }, - "namespace": { - "description": "Namespace is the metadata.namespace of the referenced ConfigMap. This field is required in all cases.", - "type": "string" - }, - "resourceVersion": { - "description": "ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.", - "type": "string" - }, - "uid": { - "description": "UID is the metadata.UID of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ConfigMapProjection": { - "description": "Adapts a ConfigMap into a projected volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a projected volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. Note that this is identical to a configmap volume source without the default mode.", - "type": "object", - "properties": { - "items": { - "description": "If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" - } - }, - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "optional": { - "description": "Specify whether the ConfigMap or it's keys must be defined", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.ConfigMapVolumeSource": { - "description": "Adapts a ConfigMap into a volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.", - "type": "object", - "properties": { - "defaultMode": { - "description": "Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", - "type": "integer", - "format": "int32" - }, - "items": { - "description": "If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" - } - }, - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "optional": { - "description": "Specify whether the ConfigMap or it's keys must be defined", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.Container": { - "description": "A single application container that you want to run within a pod.", - "type": "object", - "required": [ - "name" - ], - "properties": { - "args": { - "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", - "type": "array", - "items": { - "type": "string" - } - }, - "command": { - "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", - "type": "array", - "items": { - "type": "string" - } - }, - "env": { - "description": "List of environment variables to set in the container. Cannot be updated.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EnvVar" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - }, - "envFrom": { - "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EnvFromSource" - } - }, - "image": { - "description": "Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", - "type": "string" - }, - "imagePullPolicy": { - "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", - "type": "string" - }, - "lifecycle": { - "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", - "$ref": "#/definitions/io.k8s.api.core.v1.Lifecycle" - }, - "livenessProbe": { - "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - "$ref": "#/definitions/io.k8s.api.core.v1.Probe" - }, - "name": { - "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", - "type": "string" - }, - "ports": { - "description": "List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerPort" - }, - "x-kubernetes-list-map-keys": [ - "containerPort", - "protocol" + "/api/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available API versions", + "operationId": "getCoreAPIVersions", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIVersions" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core" + ] + } + }, + "/api/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getCoreV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ] + } + }, + "/api/v1/componentstatuses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list objects of kind ComponentStatus", + "operationId": "listCoreV1ComponentStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatusList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ComponentStatus", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/componentstatuses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ComponentStatus", + "operationId": "readCoreV1ComponentStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatus" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ComponentStatus", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ComponentStatus", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ] + }, + "/api/v1/configmaps": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ConfigMap", + "operationId": "listCoreV1ConfigMapForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/endpoints": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Endpoints", + "operationId": "listCoreV1EndpointsForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointsList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/events": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Event", + "operationId": "listCoreV1EventForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.EventList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/limitranges": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind LimitRange", + "operationId": "listCoreV1LimitRangeForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/namespaces": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Namespace", + "operationId": "listCoreV1Namespace", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } ], - "x-kubernetes-list-type": "map", - "x-kubernetes-patch-merge-key": "containerPort", - "x-kubernetes-patch-strategy": "merge" - }, - "readinessProbe": { - "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - "$ref": "#/definitions/io.k8s.api.core.v1.Probe" - }, - "resources": { - "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements" - }, - "securityContext": { - "description": "Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - "$ref": "#/definitions/io.k8s.api.core.v1.SecurityContext" - }, - "stdin": { - "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", - "type": "boolean" - }, - "stdinOnce": { - "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", - "type": "boolean" - }, - "terminationMessagePath": { - "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", - "type": "string" - }, - "terminationMessagePolicy": { - "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", - "type": "string" - }, - "tty": { - "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", - "type": "boolean" - }, - "volumeDevices": { - "description": "volumeDevices is the list of block devices to be used by the container. This is a beta feature.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.VolumeDevice" - }, - "x-kubernetes-patch-merge-key": "devicePath", - "x-kubernetes-patch-strategy": "merge" - }, - "volumeMounts": { - "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.VolumeMount" - }, - "x-kubernetes-patch-merge-key": "mountPath", - "x-kubernetes-patch-strategy": "merge" - }, - "workingDir": { - "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ContainerImage": { - "description": "Describe a container image", - "type": "object", - "required": [ - "names" - ], - "properties": { - "names": { - "description": "Names by which this image is known. e.g. [\"k8s.gcr.io/hyperkube:v1.0.7\", \"dockerhub.io/google_containers/hyperkube:v1.0.7\"]", - "type": "array", - "items": { - "type": "string" + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Namespace", + "operationId": "createCoreV1Namespace", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } } - }, - "sizeBytes": { - "description": "The size of the image in bytes.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.core.v1.ContainerPort": { - "description": "ContainerPort represents a network port in a single container.", - "type": "object", - "required": [ - "containerPort" - ], - "properties": { - "containerPort": { - "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 \u003c x \u003c 65536.", - "type": "integer", - "format": "int32" - }, - "hostIP": { - "description": "What host IP to bind the external port to.", - "type": "string" - }, - "hostPort": { - "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 \u003c x \u003c 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", - "type": "integer", - "format": "int32" - }, - "name": { - "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", - "type": "string" - }, - "protocol": { - "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ContainerState": { - "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", - "type": "object", - "properties": { - "running": { - "description": "Details about a running container", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateRunning" - }, - "terminated": { - "description": "Details about a terminated container", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateTerminated" - }, - "waiting": { - "description": "Details about a waiting container", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateWaiting" - } - } - }, - "io.k8s.api.core.v1.ContainerStateRunning": { - "description": "ContainerStateRunning is a running state of a container.", - "type": "object", - "properties": { - "startedAt": { - "description": "Time at which the container was last (re-)started", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.api.core.v1.ContainerStateTerminated": { - "description": "ContainerStateTerminated is a terminated state of a container.", - "type": "object", - "required": [ - "exitCode" - ], - "properties": { - "containerID": { - "description": "Container's ID in the format 'docker://\u003ccontainer_id\u003e'", - "type": "string" - }, - "exitCode": { - "description": "Exit status from the last termination of the container", - "type": "integer", - "format": "int32" - }, - "finishedAt": { - "description": "Time at which the container last terminated", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Message regarding the last termination of the container", - "type": "string" - }, - "reason": { - "description": "(brief) reason from the last termination of the container", - "type": "string" - }, - "signal": { - "description": "Signal from the last termination of the container", - "type": "integer", - "format": "int32" - }, - "startedAt": { - "description": "Time at which previous execution of the container started", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.api.core.v1.ContainerStateWaiting": { - "description": "ContainerStateWaiting is a waiting state of a container.", - "type": "object", - "properties": { - "message": { - "description": "Message regarding why the container is not yet running.", - "type": "string" - }, - "reason": { - "description": "(brief) reason the container is not yet running.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ContainerStatus": { - "description": "ContainerStatus contains details for the current status of this container.", - "type": "object", - "required": [ - "name", - "ready", - "restartCount", - "image", - "imageID" - ], - "properties": { - "containerID": { - "description": "Container's ID in the format 'docker://\u003ccontainer_id\u003e'.", - "type": "string" - }, - "image": { - "description": "The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images", - "type": "string" - }, - "imageID": { - "description": "ImageID of the container's image.", - "type": "string" - }, - "lastState": { - "description": "Details about the container's last termination condition.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState" - }, - "name": { - "description": "This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated.", - "type": "string" - }, - "ready": { - "description": "Specifies whether the container has passed its readiness probe.", - "type": "boolean" - }, - "restartCount": { - "description": "The number of times the container has been restarted, currently based on the number of dead containers that have not yet been removed. Note that this is calculated from dead containers. But those containers are subject to garbage collection. This value will get capped at 5 by GC.", - "type": "integer", - "format": "int32" - }, - "state": { - "description": "Details about the container's current condition.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState" - } - } - }, - "io.k8s.api.core.v1.DaemonEndpoint": { - "description": "DaemonEndpoint contains information about a single Daemon endpoint.", - "type": "object", - "required": [ - "Port" - ], - "properties": { - "Port": { - "description": "Port number of the given endpoint.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.core.v1.DownwardAPIProjection": { - "description": "Represents downward API info for projecting into a projected volume. Note that this is identical to a downwardAPI volume source without the default mode.", - "type": "object", - "properties": { - "items": { - "description": "Items is a list of DownwardAPIVolume file", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeFile" - } - } - } - }, - "io.k8s.api.core.v1.DownwardAPIVolumeFile": { - "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", - "type": "object", - "required": [ - "path" - ], - "properties": { - "fieldRef": { - "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectFieldSelector" - }, - "mode": { - "description": "Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", - "type": "integer", - "format": "int32" - }, - "path": { - "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", - "type": "string" - }, - "resourceFieldRef": { - "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceFieldSelector" - } - } - }, - "io.k8s.api.core.v1.DownwardAPIVolumeSource": { - "description": "DownwardAPIVolumeSource represents a volume containing downward API info. Downward API volumes support ownership management and SELinux relabeling.", - "type": "object", - "properties": { - "defaultMode": { - "description": "Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", - "type": "integer", - "format": "int32" - }, - "items": { - "description": "Items is a list of downward API volume file", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeFile" - } - } - } - }, - "io.k8s.api.core.v1.EmptyDirVolumeSource": { - "description": "Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.", - "type": "object", - "properties": { - "medium": { - "description": "What type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - "type": "string" - }, - "sizeLimit": { - "description": "Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - }, - "io.k8s.api.core.v1.EndpointAddress": { - "description": "EndpointAddress is a tuple that describes single IP address.", - "type": "object", - "required": [ - "ip" - ], - "properties": { - "hostname": { - "description": "The Hostname of this endpoint", - "type": "string" - }, - "ip": { - "description": "The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.", - "type": "string" - }, - "nodeName": { - "description": "Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.", - "type": "string" - }, - "targetRef": { - "description": "Reference to object providing the endpoint.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - } - } - }, - "io.k8s.api.core.v1.EndpointPort": { - "description": "EndpointPort is a tuple that describes a single port.", - "type": "object", - "required": [ - "port" - ], - "properties": { - "name": { - "description": "The name of this port (corresponds to ServicePort.Name). Must be a DNS_LABEL. Optional only if one port is defined.", - "type": "string" - }, - "port": { - "description": "The port number of the endpoint.", - "type": "integer", - "format": "int32" - }, - "protocol": { - "description": "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.EndpointSubset": { - "description": "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n {\n Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n }\nThe resulting set of endpoints can be viewed as:\n a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n b: [ 10.10.1.1:309, 10.10.2.2:309 ]", - "type": "object", - "properties": { - "addresses": { - "description": "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointAddress" - } - }, - "notReadyAddresses": { - "description": "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointAddress" - } - }, - "ports": { - "description": "Port numbers available on the related IP addresses.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointPort" - } - } - } - }, - "io.k8s.api.core.v1.Endpoints": { - "description": "Endpoints is a collection of endpoints that implement the actual service. Example:\n Name: \"mysvc\",\n Subsets: [\n {\n Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n },\n {\n Addresses: [{\"ip\": \"10.10.3.3\"}],\n Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n },\n ]", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "subsets": { - "description": "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointSubset" - } - } }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Endpoints", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.EndpointsList": { - "description": "EndpointsList is a list of endpoints.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of endpoints.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "EndpointsList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.EnvFromSource": { - "description": "EnvFromSource represents the source of a set of ConfigMaps", - "type": "object", - "properties": { - "configMapRef": { - "description": "The ConfigMap to select from", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapEnvSource" - }, - "prefix": { - "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", - "type": "string" - }, - "secretRef": { - "description": "The Secret to select from", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretEnvSource" - } - } - }, - "io.k8s.api.core.v1.EnvVar": { - "description": "EnvVar represents an environment variable present in a Container.", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "description": "Name of the environment variable. Must be a C_IDENTIFIER.", - "type": "string" - }, - "value": { - "description": "Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", - "type": "string" - }, - "valueFrom": { - "description": "Source for the environment variable's value. Cannot be used if value is not empty.", - "$ref": "#/definitions/io.k8s.api.core.v1.EnvVarSource" - } - } - }, - "io.k8s.api.core.v1.EnvVarSource": { - "description": "EnvVarSource represents a source for the value of an EnvVar.", - "type": "object", - "properties": { - "configMapKeyRef": { - "description": "Selects a key of a ConfigMap.", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapKeySelector" - }, - "fieldRef": { - "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectFieldSelector" - }, - "resourceFieldRef": { - "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceFieldSelector" - }, - "secretKeyRef": { - "description": "Selects a key of a secret in the pod's namespace", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" - } - } - }, - "io.k8s.api.core.v1.Event": { - "description": "Event is a report of an event somewhere in the cluster.", - "type": "object", - "required": [ - "metadata", - "involvedObject" - ], - "properties": { - "action": { - "description": "What action was taken/failed regarding to the Regarding object.", - "type": "string" - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "count": { - "description": "The number of times this event has occurred.", - "type": "integer", - "format": "int32" - }, - "eventTime": { - "description": "Time when this Event was first observed.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - }, - "firstTimestamp": { - "description": "The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "involvedObject": { - "description": "The object that this event is about.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "lastTimestamp": { - "description": "The time at which the most recent occurrence of this event was recorded.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human-readable description of the status of this operation.", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "reason": { - "description": "This should be a short, machine understandable string that gives the reason for the transition into the object's current status.", - "type": "string" - }, - "related": { - "description": "Optional secondary object for more complex actions.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "reportingComponent": { - "description": "Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.", - "type": "string" - }, - "reportingInstance": { - "description": "ID of the controller instance, e.g. `kubelet-xyzf`.", - "type": "string" - }, - "series": { - "description": "Data about the Event series this event represents or nil if it's a singleton Event.", - "$ref": "#/definitions/io.k8s.api.core.v1.EventSeries" - }, - "source": { - "description": "The component reporting this event. Should be a short machine understandable string.", - "$ref": "#/definitions/io.k8s.api.core.v1.EventSource" - }, - "type": { - "description": "Type of this event (Normal, Warning), new types could be added in the future", - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Event", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.EventList": { - "description": "EventList is a list of events.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of events", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "EventList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.EventSeries": { - "description": "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.", - "type": "object", - "properties": { - "count": { - "description": "Number of occurrences in this series up to the last heartbeat time", - "type": "integer", - "format": "int32" - }, - "lastObservedTime": { - "description": "Time of the last occurrence observed", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - }, - "state": { - "description": "State of this Series: Ongoing or Finished", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.EventSource": { - "description": "EventSource contains information for an event.", - "type": "object", - "properties": { - "component": { - "description": "Component from which the event is generated.", - "type": "string" - }, - "host": { - "description": "Node name on which the event is generated.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ExecAction": { - "description": "ExecAction describes a \"run in container\" action.", - "type": "object", - "properties": { - "command": { - "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.FCVolumeSource": { - "description": "Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.", - "type": "object", - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", - "type": "string" - }, - "lun": { - "description": "Optional: FC target lun number", - "type": "integer", - "format": "int32" - }, - "readOnly": { - "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "targetWWNs": { - "description": "Optional: FC target worldwide names (WWNs)", - "type": "array", - "items": { - "type": "string" - } - }, - "wwids": { - "description": "Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.FlexPersistentVolumeSource": { - "description": "FlexPersistentVolumeSource represents a generic persistent volume resource that is provisioned/attached using an exec based plugin.", - "type": "object", - "required": [ - "driver" - ], - "properties": { - "driver": { - "description": "Driver is the name of the driver to use for this volume.", - "type": "string" - }, - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", - "type": "string" - }, - "options": { - "description": "Optional: Extra command options if any.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "readOnly": { - "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretRef": { - "description": "Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - } - } - }, - "io.k8s.api.core.v1.FlexVolumeSource": { - "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - "type": "object", - "required": [ - "driver" - ], - "properties": { - "driver": { - "description": "Driver is the name of the driver to use for this volume.", - "type": "string" - }, - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", - "type": "string" - }, - "options": { - "description": "Optional: Extra command options if any.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "readOnly": { - "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretRef": { - "description": "Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - } - } - }, - "io.k8s.api.core.v1.FlockerVolumeSource": { - "description": "Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "properties": { - "datasetName": { - "description": "Name of the dataset stored as metadata -\u003e name on the dataset for Flocker should be considered as deprecated", - "type": "string" - }, - "datasetUUID": { - "description": "UUID of the dataset. This is unique identifier of a Flocker dataset", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.GCEPersistentDiskVolumeSource": { - "description": "Represents a Persistent Disk resource in Google Compute Engine.\n\nA GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "pdName" - ], - "properties": { - "fsType": { - "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - "type": "string" - }, - "partition": { - "description": "The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - "type": "integer", - "format": "int32" - }, - "pdName": { - "description": "Unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - "type": "string" - }, - "readOnly": { - "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.GitRepoVolumeSource": { - "description": "Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.\n\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - "type": "object", - "required": [ - "repository" - ], - "properties": { - "directory": { - "description": "Target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", - "type": "string" - }, - "repository": { - "description": "Repository URL", - "type": "string" - }, - "revision": { - "description": "Commit hash for the specified revision.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.GlusterfsPersistentVolumeSource": { - "description": "Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "required": [ - "endpoints", - "path" - ], - "properties": { - "endpoints": { - "description": "EndpointsName is the endpoint name that details Glusterfs topology. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", - "type": "string" - }, - "endpointsNamespace": { - "description": "EndpointsNamespace is the namespace that contains Glusterfs endpoint. If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", - "type": "string" - }, - "path": { - "description": "Path is the Glusterfs volume path. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", - "type": "string" - }, - "readOnly": { - "description": "ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.GlusterfsVolumeSource": { - "description": "Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "required": [ - "endpoints", - "path" - ], - "properties": { - "endpoints": { - "description": "EndpointsName is the endpoint name that details Glusterfs topology. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", - "type": "string" - }, - "path": { - "description": "Path is the Glusterfs volume path. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", - "type": "string" - }, - "readOnly": { - "description": "ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.HTTPGetAction": { - "description": "HTTPGetAction describes an action based on HTTP Get requests.", - "type": "object", - "required": [ - "port" - ], - "properties": { - "host": { - "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", - "type": "string" - }, - "httpHeaders": { - "description": "Custom headers to set in the request. HTTP allows repeated headers.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.HTTPHeader" - } - }, - "path": { - "description": "Path to access on the HTTP server.", - "type": "string" - }, - "port": { - "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "scheme": { - "description": "Scheme to use for connecting to the host. Defaults to HTTP.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.HTTPHeader": { - "description": "HTTPHeader describes a custom header to be used in HTTP probes", - "type": "object", - "required": [ - "name", - "value" - ], - "properties": { - "name": { - "description": "The header field name", - "type": "string" - }, - "value": { - "description": "The header field value", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Handler": { - "description": "Handler defines a specific action that should be taken", - "type": "object", - "properties": { - "exec": { - "description": "One and only one of the following should be specified. Exec specifies the action to take.", - "$ref": "#/definitions/io.k8s.api.core.v1.ExecAction" - }, - "httpGet": { - "description": "HTTPGet specifies the http request to perform.", - "$ref": "#/definitions/io.k8s.api.core.v1.HTTPGetAction" - }, - "tcpSocket": { - "description": "TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported", - "$ref": "#/definitions/io.k8s.api.core.v1.TCPSocketAction" - } - } - }, - "io.k8s.api.core.v1.HostAlias": { - "description": "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.", - "type": "object", - "properties": { - "hostnames": { - "description": "Hostnames for the above IP address.", - "type": "array", - "items": { - "type": "string" - } - }, - "ip": { - "description": "IP address of the host file entry.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.HostPathVolumeSource": { - "description": "Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "required": [ - "path" - ], - "properties": { - "path": { - "description": "Path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - "type": "string" - }, - "type": { - "description": "Type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ISCSIPersistentVolumeSource": { - "description": "ISCSIPersistentVolumeSource represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "targetPortal", - "iqn", - "lun" - ], - "properties": { - "chapAuthDiscovery": { - "description": "whether support iSCSI Discovery CHAP authentication", - "type": "boolean" - }, - "chapAuthSession": { - "description": "whether support iSCSI Session CHAP authentication", - "type": "boolean" - }, - "fsType": { - "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi", - "type": "string" - }, - "initiatorName": { - "description": "Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface \u003ctarget portal\u003e:\u003cvolume name\u003e will be created for the connection.", - "type": "string" - }, - "iqn": { - "description": "Target iSCSI Qualified Name.", - "type": "string" - }, - "iscsiInterface": { - "description": "iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", - "type": "string" - }, - "lun": { - "description": "iSCSI Target Lun number.", - "type": "integer", - "format": "int32" - }, - "portals": { - "description": "iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", - "type": "array", - "items": { - "type": "string" - } - }, - "readOnly": { - "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", - "type": "boolean" - }, - "secretRef": { - "description": "CHAP Secret for iSCSI target and initiator authentication", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "targetPortal": { - "description": "iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ISCSIVolumeSource": { - "description": "Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "targetPortal", - "iqn", - "lun" - ], - "properties": { - "chapAuthDiscovery": { - "description": "whether support iSCSI Discovery CHAP authentication", - "type": "boolean" - }, - "chapAuthSession": { - "description": "whether support iSCSI Session CHAP authentication", - "type": "boolean" - }, - "fsType": { - "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi", - "type": "string" - }, - "initiatorName": { - "description": "Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface \u003ctarget portal\u003e:\u003cvolume name\u003e will be created for the connection.", - "type": "string" - }, - "iqn": { - "description": "Target iSCSI Qualified Name.", - "type": "string" - }, - "iscsiInterface": { - "description": "iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", - "type": "string" - }, - "lun": { - "description": "iSCSI Target Lun number.", - "type": "integer", - "format": "int32" - }, - "portals": { - "description": "iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", - "type": "array", - "items": { - "type": "string" - } - }, - "readOnly": { - "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", - "type": "boolean" - }, - "secretRef": { - "description": "CHAP Secret for iSCSI target and initiator authentication", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "targetPortal": { - "description": "iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.KeyToPath": { - "description": "Maps a string key to a path within a volume.", - "type": "object", - "required": [ - "key", - "path" - ], - "properties": { - "key": { - "description": "The key to project.", - "type": "string" - }, - "mode": { - "description": "Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", - "type": "integer", - "format": "int32" - }, - "path": { - "description": "The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Lifecycle": { - "description": "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.", - "type": "object", - "properties": { - "postStart": { - "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - "$ref": "#/definitions/io.k8s.api.core.v1.Handler" - }, - "preStop": { - "description": "PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", - "$ref": "#/definitions/io.k8s.api.core.v1.Handler" - } - } - }, - "io.k8s.api.core.v1.LimitRange": { - "description": "LimitRange sets resource usage limits for each kind of resource in a Namespace.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeSpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "LimitRange", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.LimitRangeItem": { - "description": "LimitRangeItem defines a min/max usage limit for any resource that matches on kind.", - "type": "object", - "properties": { - "default": { - "description": "Default resource requirement limit value by resource name if resource limit is omitted.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "defaultRequest": { - "description": "DefaultRequest is the default resource requirement request value by resource name if resource request is omitted.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "max": { - "description": "Max usage constraints on this kind by resource name.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "maxLimitRequestRatio": { - "description": "MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "min": { - "description": "Min usage constraints on this kind by resource name.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "type": { - "description": "Type of resource that this limit applies to.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.LimitRangeList": { - "description": "LimitRangeList is a list of LimitRange items.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of LimitRange objects. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "LimitRangeList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.LimitRangeSpec": { - "description": "LimitRangeSpec defines a min/max usage limit for resources that match on kind.", - "type": "object", - "required": [ - "limits" - ], - "properties": { - "limits": { - "description": "Limits is the list of LimitRangeItem objects that are enforced.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeItem" - } - } - } - }, - "io.k8s.api.core.v1.LoadBalancerIngress": { - "description": "LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.", - "type": "object", - "properties": { - "hostname": { - "description": "Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)", - "type": "string" - }, - "ip": { - "description": "IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.LoadBalancerStatus": { - "description": "LoadBalancerStatus represents the status of a load-balancer.", - "type": "object", - "properties": { - "ingress": { - "description": "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerIngress" - } - } - } - }, - "io.k8s.api.core.v1.LocalObjectReference": { - "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", - "type": "object", - "properties": { - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.LocalVolumeSource": { - "description": "Local represents directly-attached storage with node affinity (Beta feature)", - "type": "object", - "required": [ - "path" - ], - "properties": { - "fsType": { - "description": "Filesystem type to mount. It applies only when the Path is a block device. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default value is to auto-select a fileystem if unspecified.", - "type": "string" - }, - "path": { - "description": "The full path to the volume on the node. It can be either a directory or block device (disk, partition, ...).", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.NFSVolumeSource": { - "description": "Represents an NFS mount that lasts the lifetime of a pod. NFS volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "required": [ - "server", - "path" - ], - "properties": { - "path": { - "description": "Path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - "type": "string" - }, - "readOnly": { - "description": "ReadOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - "type": "boolean" - }, - "server": { - "description": "Server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Namespace": { - "description": "Namespace provides a scope for Names. Use of multiple namespaces is optional.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceSpec" - }, - "status": { - "description": "Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Namespace", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.NamespaceList": { - "description": "NamespaceList is a list of Namespaces.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of Namespace objects in the list. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "NamespaceList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.NamespaceSpec": { - "description": "NamespaceSpec describes the attributes on a Namespace.", - "type": "object", - "properties": { - "finalizers": { - "description": "Finalizers is an opaque list of values that must be empty to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.NamespaceStatus": { - "description": "NamespaceStatus is information about the current status of a Namespace.", - "type": "object", - "properties": { - "phase": { - "description": "Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Node": { - "description": "Node is a worker node in Kubernetes. Each node will have a unique identifier in the cache (i.e. in etcd).", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSpec" - }, - "status": { - "description": "Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Node", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.NodeAddress": { - "description": "NodeAddress contains information for the node's address.", - "type": "object", - "required": [ - "type", - "address" - ], - "properties": { - "address": { - "description": "The node address.", - "type": "string" - }, - "type": { - "description": "Node address type, one of Hostname, ExternalIP or InternalIP.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.NodeAffinity": { - "description": "Node affinity is a group of node affinity scheduling rules.", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PreferredSchedulingTerm" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector" - } - } - }, - "io.k8s.api.core.v1.NodeCondition": { - "description": "NodeCondition contains condition information for a node.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastHeartbeatTime": { - "description": "Last time we got an update on a given condition.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastTransitionTime": { - "description": "Last time the condition transit from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Human readable message indicating details about last transition.", - "type": "string" - }, - "reason": { - "description": "(brief) reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of node condition.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.NodeConfigSource": { - "description": "NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil.", - "type": "object", - "properties": { - "configMap": { - "description": "ConfigMap is a reference to a Node's ConfigMap", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapNodeConfigSource" - } - } - }, - "io.k8s.api.core.v1.NodeConfigStatus": { - "description": "NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource.", - "type": "object", - "properties": { - "active": { - "description": "Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource" - }, - "assigned": { - "description": "Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource" - }, - "error": { - "description": "Error describes any problems reconciling the Spec.ConfigSource to the Active config. Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting to load or validate the Assigned config, etc. Errors may occur at different points while syncing config. Earlier errors (e.g. download or checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error by fixing the config assigned in Spec.ConfigSource. You can find additional information for debugging by searching the error message in the Kubelet log. Error is a human-readable description of the error state; machines can check whether or not Error is empty, but should not rely on the stability of the Error text across Kubelet versions.", - "type": "string" - }, - "lastKnownGood": { - "description": "LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource" - } - } - }, - "io.k8s.api.core.v1.NodeDaemonEndpoints": { - "description": "NodeDaemonEndpoints lists ports opened by daemons running on the Node.", - "type": "object", - "properties": { - "kubeletEndpoint": { - "description": "Endpoint on which Kubelet is listening.", - "$ref": "#/definitions/io.k8s.api.core.v1.DaemonEndpoint" - } - } - }, - "io.k8s.api.core.v1.NodeList": { - "description": "NodeList is the whole list of all Nodes which have been registered with master.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of nodes", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "NodeList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.NodeSelector": { - "description": "A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.", - "type": "object", - "required": [ - "nodeSelectorTerms" - ], - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorTerm" - } - } - } - }, - "io.k8s.api.core.v1.NodeSelectorRequirement": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.NodeSelectorTerm": { - "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorRequirement" - } - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorRequirement" - } - } - } - }, - "io.k8s.api.core.v1.NodeSpec": { - "description": "NodeSpec describes the attributes that a node is created with.", - "type": "object", - "properties": { - "configSource": { - "description": "If specified, the source to get node configuration from The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigSource" - }, - "externalID": { - "description": "Deprecated. Not all kubelets will set this field. Remove field after 1.13. see: https://issues.k8s.io/61966", - "type": "string" - }, - "podCIDR": { - "description": "PodCIDR represents the pod IP range assigned to the node.", - "type": "string" - }, - "providerID": { - "description": "ID of the node assigned by the cloud provider in the format: \u003cProviderName\u003e://\u003cProviderSpecificNodeID\u003e", - "type": "string" - }, - "taints": { - "description": "If specified, the node's taints.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Taint" - } - }, - "unschedulable": { - "description": "Unschedulable controls node schedulability of new pods. By default, node is schedulable. More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.NodeStatus": { - "description": "NodeStatus is information about the current status of a node.", - "type": "object", - "properties": { - "addresses": { - "description": "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.NodeAddress" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "allocatable": { - "description": "Allocatable represents the resources of a node that are available for scheduling. Defaults to Capacity.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "capacity": { - "description": "Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "conditions": { - "description": "Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.NodeCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "config": { - "description": "Status of the config assigned to the node via the dynamic Kubelet config feature.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeConfigStatus" - }, - "daemonEndpoints": { - "description": "Endpoints of daemons running on the Node.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeDaemonEndpoints" - }, - "images": { - "description": "List of container images on this node", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerImage" - } - }, - "nodeInfo": { - "description": "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSystemInfo" - }, - "phase": { - "description": "NodePhase is the recently observed lifecycle phase of the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never populated, and now is deprecated.", - "type": "string" - }, - "volumesAttached": { - "description": "List of volumes that are attached to the node.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.AttachedVolume" - } - }, - "volumesInUse": { - "description": "List of attachable volumes in use (mounted) by the node.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.NodeSystemInfo": { - "description": "NodeSystemInfo is a set of ids/uuids to uniquely identify the node.", - "type": "object", - "required": [ - "machineID", - "systemUUID", - "bootID", - "kernelVersion", - "osImage", - "containerRuntimeVersion", - "kubeletVersion", - "kubeProxyVersion", - "operatingSystem", - "architecture" - ], - "properties": { - "architecture": { - "description": "The Architecture reported by the node", - "type": "string" - }, - "bootID": { - "description": "Boot ID reported by the node.", - "type": "string" - }, - "containerRuntimeVersion": { - "description": "ContainerRuntime Version reported by the node through runtime remote API (e.g. docker://1.5.0).", - "type": "string" - }, - "kernelVersion": { - "description": "Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64).", - "type": "string" - }, - "kubeProxyVersion": { - "description": "KubeProxy Version reported by the node.", - "type": "string" - }, - "kubeletVersion": { - "description": "Kubelet Version reported by the node.", - "type": "string" - }, - "machineID": { - "description": "MachineID reported by the node. For unique machine identification in the cluster this field is preferred. Learn more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html", - "type": "string" - }, - "operatingSystem": { - "description": "The Operating System reported by the node", - "type": "string" - }, - "osImage": { - "description": "OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)).", - "type": "string" - }, - "systemUUID": { - "description": "SystemUUID reported by the node. For unique machine identification MachineID is preferred. This field is specific to Red Hat hosts https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/getting-system-uuid.html", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ObjectFieldSelector": { - "description": "ObjectFieldSelector selects an APIVersioned field of an object.", - "type": "object", - "required": [ - "fieldPath" - ], - "properties": { - "apiVersion": { - "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", - "type": "string" - }, - "fieldPath": { - "description": "Path of the field to select in the specified API version.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ObjectReference": { - "description": "ObjectReference contains enough information to let you inspect or modify the referred object.", - "type": "object", - "properties": { - "apiVersion": { - "description": "API version of the referent.", - "type": "string" - }, - "fieldPath": { - "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.", - "type": "string" - }, - "kind": { - "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "namespace": { - "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", - "type": "string" - }, - "resourceVersion": { - "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", - "type": "string" - }, - "uid": { - "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PersistentVolume": { - "description": "PersistentVolume (PV) is a storage resource provisioned by an administrator. It is analogous to a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeSpec" - }, - "status": { - "description": "Status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "PersistentVolume", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PersistentVolumeClaim": { - "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimSpec" - }, - "status": { - "description": "Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "PersistentVolumeClaim", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PersistentVolumeClaimCondition": { - "description": "PersistentVolumeClaimCondition contails details about state of pvc", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastProbeTime": { - "description": "Last time we probed the condition.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Human-readable message indicating details about last transition.", - "type": "string" - }, - "reason": { - "description": "Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", - "type": "string" - }, - "status": { - "type": "string" - }, - "type": { - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PersistentVolumeClaimList": { - "description": "PersistentVolumeClaimList is a list of PersistentVolumeClaim items.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "A list of persistent volume claims. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "PersistentVolumeClaimList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PersistentVolumeClaimSpec": { - "description": "PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes", - "type": "object", - "properties": { - "accessModes": { - "description": "AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", - "type": "array", - "items": { - "type": "string" - } - }, - "dataSource": { - "description": "This field requires the VolumeSnapshotDataSource alpha feature gate to be enabled and currently VolumeSnapshot is the only supported data source. If the provisioner can support VolumeSnapshot data source, it will create a new volume and data will be restored to the volume at the same time. If the provisioner does not support VolumeSnapshot data source, volume will not be created and the failure will be reported as an event. In the future, we plan to support more data source types and the behavior of the provisioner may change.", - "$ref": "#/definitions/io.k8s.api.core.v1.TypedLocalObjectReference" - }, - "resources": { - "description": "Resources represents the minimum resources the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements" - }, - "selector": { - "description": "A label query over volumes to consider for binding.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "storageClassName": { - "description": "Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", - "type": "string" - }, - "volumeMode": { - "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. This is a beta feature.", - "type": "string" - }, - "volumeName": { - "description": "VolumeName is the binding reference to the PersistentVolume backing this claim.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PersistentVolumeClaimStatus": { - "description": "PersistentVolumeClaimStatus is the current status of a persistent volume claim.", - "type": "object", - "properties": { - "accessModes": { - "description": "AccessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", - "type": "array", - "items": { - "type": "string" - } - }, - "capacity": { - "description": "Represents the actual resources of the underlying volume.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "conditions": { - "description": "Current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "phase": { - "description": "Phase represents the current phase of PersistentVolumeClaim.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource": { - "description": "PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).", - "type": "object", - "required": [ - "claimName" - ], - "properties": { - "claimName": { - "description": "ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - "type": "string" - }, - "readOnly": { - "description": "Will force the ReadOnly setting in VolumeMounts. Default false.", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.PersistentVolumeList": { - "description": "PersistentVolumeList is a list of PersistentVolume items.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of persistent volumes. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "PersistentVolumeList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PersistentVolumeSpec": { - "description": "PersistentVolumeSpec is the specification of a persistent volume.", - "type": "object", - "properties": { - "accessModes": { - "description": "AccessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes", - "type": "array", - "items": { - "type": "string" - } - }, - "awsElasticBlockStore": { - "description": "AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - "$ref": "#/definitions/io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource" - }, - "azureDisk": { - "description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - "$ref": "#/definitions/io.k8s.api.core.v1.AzureDiskVolumeSource" - }, - "azureFile": { - "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod.", - "$ref": "#/definitions/io.k8s.api.core.v1.AzureFilePersistentVolumeSource" - }, - "capacity": { - "description": "A description of the persistent volume's resources and capacity. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "cephfs": { - "description": "CephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - "$ref": "#/definitions/io.k8s.api.core.v1.CephFSPersistentVolumeSource" - }, - "cinder": { - "description": "Cinder represents a cinder volume attached and mounted on kubelets host machine More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.CinderPersistentVolumeSource" - }, - "claimRef": { - "description": "ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "csi": { - "description": "CSI represents storage that handled by an external CSI driver (Beta feature).", - "$ref": "#/definitions/io.k8s.api.core.v1.CSIPersistentVolumeSource" - }, - "fc": { - "description": "FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - "$ref": "#/definitions/io.k8s.api.core.v1.FCVolumeSource" - }, - "flexVolume": { - "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - "$ref": "#/definitions/io.k8s.api.core.v1.FlexPersistentVolumeSource" - }, - "flocker": { - "description": "Flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running", - "$ref": "#/definitions/io.k8s.api.core.v1.FlockerVolumeSource" - }, - "gcePersistentDisk": { - "description": "GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - "$ref": "#/definitions/io.k8s.api.core.v1.GCEPersistentDiskVolumeSource" - }, - "glusterfs": { - "description": "Glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.GlusterfsPersistentVolumeSource" - }, - "hostPath": { - "description": "HostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource" - }, - "iscsi": { - "description": "ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.", - "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIPersistentVolumeSource" - }, - "local": { - "description": "Local represents directly-attached storage with node affinity", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalVolumeSource" - }, - "mountOptions": { - "description": "A list of mount options, e.g. [\"ro\", \"soft\"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options", - "type": "array", - "items": { - "type": "string" - } - }, - "nfs": { - "description": "NFS represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - "$ref": "#/definitions/io.k8s.api.core.v1.NFSVolumeSource" - }, - "nodeAffinity": { - "description": "NodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.", - "$ref": "#/definitions/io.k8s.api.core.v1.VolumeNodeAffinity" - }, - "persistentVolumeReclaimPolicy": { - "description": "What happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming", - "type": "string" - }, - "photonPersistentDisk": { - "description": "PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - "$ref": "#/definitions/io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource" - }, - "portworxVolume": { - "description": "PortworxVolume represents a portworx volume attached and mounted on kubelets host machine", - "$ref": "#/definitions/io.k8s.api.core.v1.PortworxVolumeSource" - }, - "quobyte": { - "description": "Quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - "$ref": "#/definitions/io.k8s.api.core.v1.QuobyteVolumeSource" - }, - "rbd": { - "description": "RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.RBDPersistentVolumeSource" - }, - "scaleIO": { - "description": "ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - "$ref": "#/definitions/io.k8s.api.core.v1.ScaleIOPersistentVolumeSource" - }, - "storageClassName": { - "description": "Name of StorageClass to which this persistent volume belongs. Empty value means that this volume does not belong to any StorageClass.", - "type": "string" - }, - "storageos": { - "description": "StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://releases.k8s.io/HEAD/examples/volumes/storageos/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSPersistentVolumeSource" - }, - "volumeMode": { - "description": "volumeMode defines if a volume is intended to be used with a formatted filesystem or to remain in raw block state. Value of Filesystem is implied when not included in spec. This is a beta feature.", - "type": "string" - }, - "vsphereVolume": { - "description": "VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - "$ref": "#/definitions/io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource" - } - } - }, - "io.k8s.api.core.v1.PersistentVolumeStatus": { - "description": "PersistentVolumeStatus is the current status of a persistent volume.", - "type": "object", - "properties": { - "message": { - "description": "A human-readable message indicating details about why the volume is in this state.", - "type": "string" - }, - "phase": { - "description": "Phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase", - "type": "string" - }, - "reason": { - "description": "Reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource": { - "description": "Represents a Photon Controller persistent disk resource.", - "type": "object", - "required": [ - "pdID" - ], - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", - "type": "string" - }, - "pdID": { - "description": "ID that identifies Photon Controller persistent disk", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Pod": { - "description": "Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.PodSpec" - }, - "status": { - "description": "Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.PodStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Pod", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PodAffinity": { - "description": "Pod affinity is a group of inter pod affinity scheduling rules.", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.WeightedPodAffinityTerm" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm" - } - } - } - }, - "io.k8s.api.core.v1.PodAffinityTerm": { - "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key \u003ctopologyKey\u003e matches that of any node on which a pod of the set of pods is running", - "type": "object", - "required": [ - "topologyKey" - ], - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "namespaces": { - "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", - "type": "array", - "items": { - "type": "string" - } - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PodAntiAffinity": { - "description": "Pod anti affinity is a group of inter pod anti affinity scheduling rules.", - "type": "object", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.WeightedPodAffinityTerm" - } - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm" - } - } - } - }, - "io.k8s.api.core.v1.PodCondition": { - "description": "PodCondition contains details for the current condition of this pod.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastProbeTime": { - "description": "Last time we probed the condition.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Human-readable message indicating details about last transition.", - "type": "string" - }, - "reason": { - "description": "Unique, one-word, CamelCase reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", - "type": "string" - }, - "type": { - "description": "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PodDNSConfig": { - "description": "PodDNSConfig defines the DNS parameters of a pod in addition to those generated from DNSPolicy.", - "type": "object", - "properties": { - "nameservers": { - "description": "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", - "type": "array", - "items": { - "type": "string" - } - }, - "options": { - "description": "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodDNSConfigOption" - } - }, - "searches": { - "description": "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.PodDNSConfigOption": { - "description": "PodDNSConfigOption defines DNS resolver options of a pod.", - "type": "object", - "properties": { - "name": { - "description": "Required.", - "type": "string" - }, - "value": { - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PodList": { - "description": "PodList is a list of Pods.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of pods. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "PodList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PodReadinessGate": { - "description": "PodReadinessGate contains the reference to a pod condition", - "type": "object", - "required": [ - "conditionType" - ], - "properties": { - "conditionType": { - "description": "ConditionType refers to a condition in the pod's condition list with matching type.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PodSecurityContext": { - "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.", - "type": "object", - "properties": { - "fsGroup": { - "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.", - "type": "integer", - "format": "int64" - }, - "runAsGroup": { - "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.", - "type": "integer", - "format": "int64" - }, - "runAsNonRoot": { - "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", - "type": "boolean" - }, - "runAsUser": { - "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.", - "type": "integer", - "format": "int64" - }, - "seLinuxOptions": { - "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.", - "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions" - }, - "supplementalGroups": { - "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container.", - "type": "array", - "items": { - "type": "integer", - "format": "int64" - } - }, - "sysctls": { - "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Sysctl" - } - } - } - }, - "io.k8s.api.core.v1.PodSpec": { - "description": "PodSpec is a description of a pod.", - "type": "object", - "required": [ - "containers" - ], - "properties": { - "activeDeadlineSeconds": { - "description": "Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.", - "type": "integer", - "format": "int64" - }, - "affinity": { - "description": "If specified, the pod's scheduling constraints", - "$ref": "#/definitions/io.k8s.api.core.v1.Affinity" - }, - "automountServiceAccountToken": { - "description": "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.", - "type": "boolean" - }, - "containers": { - "description": "List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Container" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - }, - "dnsConfig": { - "description": "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodDNSConfig" - }, - "dnsPolicy": { - "description": "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.", - "type": "string" - }, - "enableServiceLinks": { - "description": "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.", - "type": "boolean" - }, - "hostAliases": { - "description": "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.HostAlias" - }, - "x-kubernetes-patch-merge-key": "ip", - "x-kubernetes-patch-strategy": "merge" - }, - "hostIPC": { - "description": "Use the host's ipc namespace. Optional: Default to false.", - "type": "boolean" - }, - "hostNetwork": { - "description": "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", - "type": "boolean" - }, - "hostPID": { - "description": "Use the host's pid namespace. Optional: Default to false.", - "type": "boolean" - }, - "hostname": { - "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.", - "type": "string" - }, - "imagePullSecrets": { - "description": "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - }, - "initContainers": { - "description": "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, or Liveness probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Container" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - }, - "nodeName": { - "description": "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", - "type": "string" - }, - "nodeSelector": { - "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "priority": { - "description": "The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.", - "type": "integer", - "format": "int32" - }, - "priorityClassName": { - "description": "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.", - "type": "string" - }, - "readinessGates": { - "description": "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://github.com/kubernetes/community/blob/master/keps/sig-network/0007-pod-ready%2B%2B.md", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodReadinessGate" - } - }, - "restartPolicy": { - "description": "Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy", - "type": "string" - }, - "runtimeClassName": { - "description": "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md This is an alpha feature and may change in the future.", - "type": "string" - }, - "schedulerName": { - "description": "If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.", - "type": "string" - }, - "securityContext": { - "description": "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodSecurityContext" - }, - "serviceAccount": { - "description": "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", - "type": "string" - }, - "serviceAccountName": { - "description": "ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", - "type": "string" - }, - "shareProcessNamespace": { - "description": "Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. This field is beta-level and may be disabled with the PodShareProcessNamespace feature.", - "type": "boolean" - }, - "subdomain": { - "description": "If specified, the fully qualified Pod hostname will be \"\u003chostname\u003e.\u003csubdomain\u003e.\u003cpod namespace\u003e.svc.\u003ccluster domain\u003e\". If not specified, the pod will not have a domainname at all.", - "type": "string" - }, - "terminationGracePeriodSeconds": { - "description": "Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.", - "type": "integer", - "format": "int64" - }, - "tolerations": { - "description": "If specified, the pod's tolerations.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" - } - }, - "volumes": { - "description": "List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Volume" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge,retainKeys" - } - } - }, - "io.k8s.api.core.v1.PodStatus": { - "description": "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", - "type": "object", - "properties": { - "conditions": { - "description": "Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "containerStatuses": { - "description": "The list has one entry per container in the manifest. Each entry is currently the output of `docker inspect`. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" - } - }, - "hostIP": { - "description": "IP address of the host to which the pod is assigned. Empty if not yet scheduled.", - "type": "string" - }, - "initContainerStatuses": { - "description": "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" - } - }, - "message": { - "description": "A human readable message indicating details about why the pod is in this condition.", - "type": "string" - }, - "nominatedNodeName": { - "description": "nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be scheduled right away as preemption victims receive their graceful termination periods. This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to give the resources on this node to a higher priority pod that is created after preemption. As a result, this field may be different than PodSpec.nodeName when the pod is scheduled.", - "type": "string" - }, - "phase": { - "description": "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase", - "type": "string" - }, - "podIP": { - "description": "IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.", - "type": "string" - }, - "qosClass": { - "description": "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md", - "type": "string" - }, - "reason": { - "description": "A brief CamelCase message indicating details about why the pod is in this state. e.g. 'Evicted'", - "type": "string" - }, - "startTime": { - "description": "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.api.core.v1.PodTemplate": { - "description": "PodTemplate describes a template for creating copies of a predefined pod.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "template": { - "description": "Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "PodTemplate", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PodTemplateList": { - "description": "PodTemplateList is a list of PodTemplates.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of pod templates", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "PodTemplateList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.PodTemplateSpec": { - "description": "PodTemplateSpec describes the data a pod should have when created from a template", - "type": "object", - "properties": { - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.PodSpec" - } - } - }, - "io.k8s.api.core.v1.PortworxVolumeSource": { - "description": "PortworxVolumeSource represents a Portworx volume resource.", - "type": "object", - "required": [ - "volumeID" - ], - "properties": { - "fsType": { - "description": "FSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", - "type": "string" - }, - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "volumeID": { - "description": "VolumeID uniquely identifies a Portworx volume", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.PreferredSchedulingTerm": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "type": "object", - "required": [ - "weight", - "preference" - ], - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorTerm" - }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.core.v1.Probe": { - "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", - "type": "object", - "properties": { - "exec": { - "description": "One and only one of the following should be specified. Exec specifies the action to take.", - "$ref": "#/definitions/io.k8s.api.core.v1.ExecAction" - }, - "failureThreshold": { - "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", - "type": "integer", - "format": "int32" - }, - "httpGet": { - "description": "HTTPGet specifies the http request to perform.", - "$ref": "#/definitions/io.k8s.api.core.v1.HTTPGetAction" - }, - "initialDelaySeconds": { - "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - "type": "integer", - "format": "int32" - }, - "periodSeconds": { - "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", - "type": "integer", - "format": "int32" - }, - "successThreshold": { - "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.", - "type": "integer", - "format": "int32" - }, - "tcpSocket": { - "description": "TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported", - "$ref": "#/definitions/io.k8s.api.core.v1.TCPSocketAction" - }, - "timeoutSeconds": { - "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.core.v1.ProjectedVolumeSource": { - "description": "Represents a projected volume source", - "type": "object", - "required": [ - "sources" - ], - "properties": { - "defaultMode": { - "description": "Mode bits to use on created files by default. Must be a value between 0 and 0777. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", - "type": "integer", - "format": "int32" - }, - "sources": { - "description": "list of volume projections", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.VolumeProjection" - } - } - } - }, - "io.k8s.api.core.v1.QuobyteVolumeSource": { - "description": "Represents a Quobyte mount that lasts the lifetime of a pod. Quobyte volumes do not support ownership management or SELinux relabeling.", - "type": "object", - "required": [ - "registry", - "volume" - ], - "properties": { - "group": { - "description": "Group to map volume access to Default is no group", - "type": "string" - }, - "readOnly": { - "description": "ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", - "type": "boolean" - }, - "registry": { - "description": "Registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", - "type": "string" - }, - "tenant": { - "description": "Tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", - "type": "string" - }, - "user": { - "description": "User to map volume access to Defaults to serivceaccount user", - "type": "string" - }, - "volume": { - "description": "Volume is a string that references an already created Quobyte volume by name.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.RBDPersistentVolumeSource": { - "description": "Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "monitors", - "image" - ], - "properties": { - "fsType": { - "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd", - "type": "string" - }, - "image": { - "description": "The rados image name. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - }, - "keyring": { - "description": "Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - }, - "monitors": { - "description": "A collection of Ceph monitors. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "array", - "items": { - "type": "string" - } - }, - "pool": { - "description": "The rados pool name. Default is rbd. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - }, - "readOnly": { - "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "boolean" - }, - "secretRef": { - "description": "SecretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "user": { - "description": "The rados user name. Default is admin. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.RBDVolumeSource": { - "description": "Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.", - "type": "object", - "required": [ - "monitors", - "image" - ], - "properties": { - "fsType": { - "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd", - "type": "string" - }, - "image": { - "description": "The rados image name. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - }, - "keyring": { - "description": "Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - }, - "monitors": { - "description": "A collection of Ceph monitors. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "array", - "items": { - "type": "string" - } - }, - "pool": { - "description": "The rados pool name. Default is rbd. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - }, - "readOnly": { - "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "boolean" - }, - "secretRef": { - "description": "SecretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "user": { - "description": "The rados user name. Default is admin. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ReplicationController": { - "description": "ReplicationController represents the configuration of a replication controller.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerSpec" - }, - "status": { - "description": "Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ReplicationController", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ReplicationControllerCondition": { - "description": "ReplicationControllerCondition describes the state of a replication controller at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "The last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of replication controller condition.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ReplicationControllerList": { - "description": "ReplicationControllerList is a collection of replication controllers.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of replication controllers. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ReplicationControllerList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ReplicationControllerSpec": { - "description": "ReplicationControllerSpec is the specification of a replication controller.", - "type": "object", - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "Selector is a label query over pods that should match the Replicas count. If Selector is empty, it is defaulted to the labels present on the Pod template. Label keys and values that must match in order to be controlled by this replication controller, if empty defaulted to labels on Pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "template": { - "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.core.v1.ReplicationControllerStatus": { - "description": "ReplicationControllerStatus represents the current status of a replication controller.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "availableReplicas": { - "description": "The number of available replicas (ready for at least minReadySeconds) for this replication controller.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a replication controller's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerCondition" - }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "fullyLabeledReplicas": { - "description": "The number of pods that have labels matching the labels of the pod template of the replication controller.", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "ObservedGeneration reflects the generation of the most recently observed replication controller.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "The number of ready replicas for this replication controller.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.core.v1.ResourceFieldSelector": { - "description": "ResourceFieldSelector represents container resources (cpu, memory) and their output format", - "type": "object", - "required": [ - "resource" - ], - "properties": { - "containerName": { - "description": "Container name: required for volumes, optional for env vars", - "type": "string" - }, - "divisor": { - "description": "Specifies the output format of the exposed resources, defaults to \"1\"", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - }, - "resource": { - "description": "Required: resource to select", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ResourceQuota": { - "description": "ResourceQuota sets aggregate quota restrictions enforced per namespace", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaSpec" - }, - "status": { - "description": "Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ResourceQuota", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ResourceQuotaList": { - "description": "ResourceQuotaList is a list of ResourceQuota items.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of ResourceQuota objects. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ResourceQuotaList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ResourceQuotaSpec": { - "description": "ResourceQuotaSpec defines the desired hard limits to enforce for Quota.", - "type": "object", - "properties": { - "hard": { - "description": "hard is the set of desired hard limits for each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "scopeSelector": { - "description": "scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.", - "$ref": "#/definitions/io.k8s.api.core.v1.ScopeSelector" - }, - "scopes": { - "description": "A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.ResourceQuotaStatus": { - "description": "ResourceQuotaStatus defines the enforced hard limits and observed use.", - "type": "object", - "properties": { - "hard": { - "description": "Hard is the set of enforced hard limits for each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "used": { - "description": "Used is the current observed total usage of the resource in the namespace.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - } - }, - "io.k8s.api.core.v1.ResourceRequirements": { - "description": "ResourceRequirements describes the compute resource requirements.", - "type": "object", - "properties": { - "limits": { - "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - }, - "requests": { - "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" - } - } - } - }, - "io.k8s.api.core.v1.SELinuxOptions": { - "description": "SELinuxOptions are the labels to be applied to the container", - "type": "object", - "properties": { - "level": { - "description": "Level is SELinux level label that applies to the container.", - "type": "string" - }, - "role": { - "description": "Role is a SELinux role label that applies to the container.", - "type": "string" - }, - "type": { - "description": "Type is a SELinux type label that applies to the container.", - "type": "string" - }, - "user": { - "description": "User is a SELinux user label that applies to the container.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ScaleIOPersistentVolumeSource": { - "description": "ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume", - "type": "object", - "required": [ - "gateway", - "system", - "secretRef" - ], - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"", - "type": "string" - }, - "gateway": { - "description": "The host address of the ScaleIO API Gateway.", - "type": "string" - }, - "protectionDomain": { - "description": "The name of the ScaleIO Protection Domain for the configured storage.", - "type": "string" - }, - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretRef": { - "description": "SecretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference" - }, - "sslEnabled": { - "description": "Flag to enable/disable SSL communication with Gateway, default false", - "type": "boolean" - }, - "storageMode": { - "description": "Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", - "type": "string" - }, - "storagePool": { - "description": "The ScaleIO Storage Pool associated with the protection domain.", - "type": "string" - }, - "system": { - "description": "The name of the storage system as configured in ScaleIO.", - "type": "string" - }, - "volumeName": { - "description": "The name of a volume already created in the ScaleIO system that is associated with this volume source.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ScaleIOVolumeSource": { - "description": "ScaleIOVolumeSource represents a persistent ScaleIO volume", - "type": "object", - "required": [ - "gateway", - "system", - "secretRef" - ], - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", - "type": "string" - }, - "gateway": { - "description": "The host address of the ScaleIO API Gateway.", - "type": "string" - }, - "protectionDomain": { - "description": "The name of the ScaleIO Protection Domain for the configured storage.", - "type": "string" - }, - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretRef": { - "description": "SecretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "sslEnabled": { - "description": "Flag to enable/disable SSL communication with Gateway, default false", - "type": "boolean" - }, - "storageMode": { - "description": "Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", - "type": "string" - }, - "storagePool": { - "description": "The ScaleIO Storage Pool associated with the protection domain.", - "type": "string" - }, - "system": { - "description": "The name of the storage system as configured in ScaleIO.", - "type": "string" - }, - "volumeName": { - "description": "The name of a volume already created in the ScaleIO system that is associated with this volume source.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ScopeSelector": { - "description": "A scope selector represents the AND of the selectors represented by the scoped-resource selector requirements.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "A list of scope selector requirements by scope of the resources.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ScopedResourceSelectorRequirement" - } - } - } - }, - "io.k8s.api.core.v1.ScopedResourceSelectorRequirement": { - "description": "A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator that relates the scope name and values.", - "type": "object", - "required": [ - "scopeName", - "operator" - ], - "properties": { - "operator": { - "description": "Represents a scope's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist.", - "type": "string" - }, - "scopeName": { - "description": "The name of the scope that the selector applies to.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.Secret": { - "description": "Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "data": { - "description": "Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4", - "type": "object", - "additionalProperties": { - "type": "string", - "format": "byte" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "stringData": { - "description": "stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "type": { - "description": "Used to facilitate programmatic handling of secret data.", - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Secret", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.SecretEnvSource": { - "description": "SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.", - "type": "object", - "properties": { - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "optional": { - "description": "Specify whether the Secret must be defined", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.SecretKeySelector": { - "description": "SecretKeySelector selects a key of a Secret.", - "type": "object", - "required": [ - "key" - ], - "properties": { - "key": { - "description": "The key of the secret to select from. Must be a valid secret key.", - "type": "string" - }, - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "optional": { - "description": "Specify whether the Secret or it's key must be defined", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.SecretList": { - "description": "SecretList is a list of Secret.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of secret objects. More info: https://kubernetes.io/docs/concepts/configuration/secret", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "SecretList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.SecretProjection": { - "description": "Adapts a secret into a projected volume.\n\nThe contents of the target Secret's Data field will be presented in a projected volume as files using the keys in the Data field as the file names. Note that this is identical to a secret volume source without the default mode.", - "type": "object", - "properties": { - "items": { - "description": "If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" - } - }, - "name": { - "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "optional": { - "description": "Specify whether the Secret or its key must be defined", - "type": "boolean" - } - } - }, - "io.k8s.api.core.v1.SecretReference": { - "description": "SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace", - "type": "object", - "properties": { - "name": { - "description": "Name is unique within a namespace to reference a secret resource.", - "type": "string" - }, - "namespace": { - "description": "Namespace defines the space within which the secret name must be unique.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.SecretVolumeSource": { - "description": "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.", - "type": "object", - "properties": { - "defaultMode": { - "description": "Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", - "type": "integer", - "format": "int32" - }, - "items": { - "description": "If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" - } - }, - "optional": { - "description": "Specify whether the Secret or it's keys must be defined", - "type": "boolean" - }, - "secretName": { - "description": "Name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.SecurityContext": { - "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", - "type": "object", - "properties": { - "allowPrivilegeEscalation": { - "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN", - "type": "boolean" - }, - "capabilities": { - "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime.", - "$ref": "#/definitions/io.k8s.api.core.v1.Capabilities" - }, - "privileged": { - "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.", - "type": "boolean" - }, - "procMount": { - "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled.", - "type": "string" - }, - "readOnlyRootFilesystem": { - "description": "Whether this container has a read-only root filesystem. Default is false.", - "type": "boolean" - }, - "runAsGroup": { - "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", - "type": "integer", - "format": "int64" - }, - "runAsNonRoot": { - "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", - "type": "boolean" - }, - "runAsUser": { - "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", - "type": "integer", - "format": "int64" - }, - "seLinuxOptions": { - "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", - "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions" - } - } - }, - "io.k8s.api.core.v1.Service": { - "description": "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceSpec" - }, - "status": { - "description": "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Service", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ServiceAccount": { - "description": "ServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "automountServiceAccountToken": { - "description": "AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level.", - "type": "boolean" - }, - "imagePullSecrets": { - "description": "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "secrets": { - "description": "Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount. More info: https://kubernetes.io/docs/concepts/configuration/secret", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ServiceAccount", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ServiceAccountList": { - "description": "ServiceAccountList is a list of ServiceAccount objects", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of ServiceAccounts. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ServiceAccountList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ServiceAccountTokenProjection": { - "description": "ServiceAccountTokenProjection represents a projected service account token volume. This projection can be used to insert a service account token into the pods runtime filesystem for use against APIs (Kubernetes API Server or otherwise).", - "type": "object", - "required": [ - "path" - ], - "properties": { - "audience": { - "description": "Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", - "type": "string" - }, - "expirationSeconds": { - "description": "ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", - "type": "integer", - "format": "int64" - }, - "path": { - "description": "Path is the path relative to the mount point of the file to project the token into.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ServiceList": { - "description": "ServiceList holds a list of services.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of services", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "ServiceList", - "version": "v1" - } - ] - }, - "io.k8s.api.core.v1.ServicePort": { - "description": "ServicePort contains information on service's port.", - "type": "object", - "required": [ - "port" - ], - "properties": { - "name": { - "description": "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the 'Name' field in EndpointPort objects. Optional if only one ServicePort is defined on this service.", - "type": "string" - }, - "nodePort": { - "description": "The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport", - "type": "integer", - "format": "int32" - }, - "port": { - "description": "The port that will be exposed by this service.", - "type": "integer", - "format": "int32" - }, - "protocol": { - "description": "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.", - "type": "string" - }, - "targetPort": { - "description": "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.core.v1.ServiceSpec": { - "description": "ServiceSpec describes the attributes that a user creates on a service.", - "type": "object", - "properties": { - "clusterIP": { - "description": "clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are \"None\", empty string (\"\"), or a valid IP address. \"None\" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", - "type": "string" - }, - "externalIPs": { - "description": "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", - "type": "array", - "items": { - "type": "string" - } - }, - "externalName": { - "description": "externalName is the external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires Type to be ExternalName.", - "type": "string" - }, - "externalTrafficPolicy": { - "description": "externalTrafficPolicy denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. \"Local\" preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. \"Cluster\" obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading.", - "type": "string" - }, - "healthCheckNodePort": { - "description": "healthCheckNodePort specifies the healthcheck nodePort for the service. If not specified, HealthCheckNodePort is created by the service api backend with the allocated nodePort. Will use user-specified nodePort value if specified by the client. Only effects when Type is set to LoadBalancer and ExternalTrafficPolicy is set to Local.", - "type": "integer", - "format": "int32" - }, - "loadBalancerIP": { - "description": "Only applies to Service Type: LoadBalancer LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.", - "type": "string" - }, - "loadBalancerSourceRanges": { - "description": "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/", - "type": "array", - "items": { - "type": "string" - } - }, - "ports": { - "description": "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.ServicePort" - }, - "x-kubernetes-list-map-keys": [ - "port", - "protocol" + "/api/v1/namespaces/{namespace}/bindings": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } ], - "x-kubernetes-list-type": "map", - "x-kubernetes-patch-merge-key": "port", - "x-kubernetes-patch-strategy": "merge" - }, - "publishNotReadyAddresses": { - "description": "publishNotReadyAddresses, when set to true, indicates that DNS implementations must publish the notReadyAddresses of subsets for the Endpoints associated with the Service. The default value is false. The primary use case for setting this field is to use a StatefulSet's Headless Service to propagate SRV records for its Pods without respect to their readiness for purpose of peer discovery.", - "type": "boolean" - }, - "selector": { - "description": "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/", - "type": "object", - "additionalProperties": { - "type": "string" + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Binding", + "operationId": "createCoreV1NamespacedBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Binding", + "version": "v1" + } } - }, - "sessionAffinity": { - "description": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", - "type": "string" - }, - "sessionAffinityConfig": { - "description": "sessionAffinityConfig contains the configurations of session affinity.", - "$ref": "#/definitions/io.k8s.api.core.v1.SessionAffinityConfig" - }, - "type": { - "description": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ExternalName\" maps to the specified externalName. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.ServiceStatus": { - "description": "ServiceStatus represents the current status of a service.", - "type": "object", - "properties": { - "loadBalancer": { - "description": "LoadBalancer contains the current status of the load-balancer, if one is present.", - "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerStatus" - } - } - }, - "io.k8s.api.core.v1.SessionAffinityConfig": { - "description": "SessionAffinityConfig represents the configurations of session affinity.", - "type": "object", - "properties": { - "clientIP": { - "description": "clientIP contains the configurations of Client IP based session affinity.", - "$ref": "#/definitions/io.k8s.api.core.v1.ClientIPConfig" - } - } - }, - "io.k8s.api.core.v1.StorageOSPersistentVolumeSource": { - "description": "Represents a StorageOS persistent volume resource.", - "type": "object", - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", - "type": "string" - }, - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretRef": { - "description": "SecretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "volumeName": { - "description": "VolumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", - "type": "string" - }, - "volumeNamespace": { - "description": "VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.StorageOSVolumeSource": { - "description": "Represents a StorageOS persistent volume resource.", - "type": "object", - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", - "type": "string" - }, - "readOnly": { - "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", - "type": "boolean" - }, - "secretRef": { - "description": "SecretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "volumeName": { - "description": "VolumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", - "type": "string" - }, - "volumeNamespace": { - "description": "VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Sysctl": { - "description": "Sysctl defines a kernel parameter to be set", - "type": "object", - "required": [ - "name", - "value" - ], - "properties": { - "name": { - "description": "Name of a property to set", - "type": "string" - }, - "value": { - "description": "Value of a property to set", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.TCPSocketAction": { - "description": "TCPSocketAction describes an action based on opening a socket", - "type": "object", - "required": [ - "port" - ], - "properties": { - "host": { - "description": "Optional: Host name to connect to, defaults to the pod IP.", - "type": "string" - }, - "port": { - "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.core.v1.Taint": { - "description": "The node this Taint is attached to has the \"effect\" on any pod that does not tolerate the Taint.", - "type": "object", - "required": [ - "key", - "effect" - ], - "properties": { - "effect": { - "description": "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute.", - "type": "string" - }, - "key": { - "description": "Required. The taint key to be applied to a node.", - "type": "string" - }, - "timeAdded": { - "description": "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "value": { - "description": "Required. The taint value corresponding to the taint key.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Toleration": { - "description": "The pod this Toleration is attached to tolerates any taint that matches the triple \u003ckey,value,effect\u003e using the matching operator \u003coperator\u003e.", - "type": "object", - "properties": { - "effect": { - "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", - "type": "string" - }, - "key": { - "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", - "type": "string" - }, - "operator": { - "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", - "type": "string" - }, - "tolerationSeconds": { - "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", - "type": "integer", - "format": "int64" - }, - "value": { - "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.TopologySelectorLabelRequirement": { - "description": "A topology selector requirement is a selector that matches given label. This is an alpha feature and may change in the future.", - "type": "object", - "required": [ - "key", - "values" - ], - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "values": { - "description": "An array of string values. One value must match the label to be selected. Each entry in Values is ORed.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.core.v1.TopologySelectorTerm": { - "description": "A topology selector term represents the result of label queries. A null or empty topology selector term matches no objects. The requirements of them are ANDed. It provides a subset of functionality as NodeSelectorTerm. This is an alpha feature and may change in the future.", - "type": "object", - "properties": { - "matchLabelExpressions": { - "description": "A list of topology selector requirements by labels.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.TopologySelectorLabelRequirement" - } - } - } - }, - "io.k8s.api.core.v1.TypedLocalObjectReference": { - "description": "TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.", - "type": "object", - "required": [ - "kind", - "name" - ], - "properties": { - "apiGroup": { - "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", - "type": "string" - }, - "kind": { - "description": "Kind is the type of resource being referenced", - "type": "string" - }, - "name": { - "description": "Name is the name of resource being referenced", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.Volume": { - "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", - "type": "object", - "required": [ - "name" - ], - "properties": { - "awsElasticBlockStore": { - "description": "AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", - "$ref": "#/definitions/io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource" - }, - "azureDisk": { - "description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", - "$ref": "#/definitions/io.k8s.api.core.v1.AzureDiskVolumeSource" - }, - "azureFile": { - "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod.", - "$ref": "#/definitions/io.k8s.api.core.v1.AzureFileVolumeSource" - }, - "cephfs": { - "description": "CephFS represents a Ceph FS mount on the host that shares a pod's lifetime", - "$ref": "#/definitions/io.k8s.api.core.v1.CephFSVolumeSource" - }, - "cinder": { - "description": "Cinder represents a cinder volume attached and mounted on kubelets host machine More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.CinderVolumeSource" - }, - "configMap": { - "description": "ConfigMap represents a configMap that should populate this volume", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapVolumeSource" - }, - "downwardAPI": { - "description": "DownwardAPI represents downward API about the pod that should populate this volume", - "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeSource" - }, - "emptyDir": { - "description": "EmptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", - "$ref": "#/definitions/io.k8s.api.core.v1.EmptyDirVolumeSource" - }, - "fc": { - "description": "FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", - "$ref": "#/definitions/io.k8s.api.core.v1.FCVolumeSource" - }, - "flexVolume": { - "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", - "$ref": "#/definitions/io.k8s.api.core.v1.FlexVolumeSource" - }, - "flocker": { - "description": "Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", - "$ref": "#/definitions/io.k8s.api.core.v1.FlockerVolumeSource" - }, - "gcePersistentDisk": { - "description": "GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", - "$ref": "#/definitions/io.k8s.api.core.v1.GCEPersistentDiskVolumeSource" - }, - "gitRepo": { - "description": "GitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", - "$ref": "#/definitions/io.k8s.api.core.v1.GitRepoVolumeSource" - }, - "glusterfs": { - "description": "Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.GlusterfsVolumeSource" - }, - "hostPath": { - "description": "HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", - "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource" - }, - "iscsi": { - "description": "ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://releases.k8s.io/HEAD/examples/volumes/iscsi/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIVolumeSource" - }, - "name": { - "description": "Volume's name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - "type": "string" - }, - "nfs": { - "description": "NFS represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", - "$ref": "#/definitions/io.k8s.api.core.v1.NFSVolumeSource" - }, - "persistentVolumeClaim": { - "description": "PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource" - }, - "photonPersistentDisk": { - "description": "PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", - "$ref": "#/definitions/io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource" - }, - "portworxVolume": { - "description": "PortworxVolume represents a portworx volume attached and mounted on kubelets host machine", - "$ref": "#/definitions/io.k8s.api.core.v1.PortworxVolumeSource" - }, - "projected": { - "description": "Items for all in one resources secrets, configmaps, and downward API", - "$ref": "#/definitions/io.k8s.api.core.v1.ProjectedVolumeSource" - }, - "quobyte": { - "description": "Quobyte represents a Quobyte mount on the host that shares a pod's lifetime", - "$ref": "#/definitions/io.k8s.api.core.v1.QuobyteVolumeSource" - }, - "rbd": { - "description": "RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md", - "$ref": "#/definitions/io.k8s.api.core.v1.RBDVolumeSource" - }, - "scaleIO": { - "description": "ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", - "$ref": "#/definitions/io.k8s.api.core.v1.ScaleIOVolumeSource" - }, - "secret": { - "description": "Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretVolumeSource" - }, - "storageos": { - "description": "StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", - "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSVolumeSource" - }, - "vsphereVolume": { - "description": "VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", - "$ref": "#/definitions/io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource" - } - } - }, - "io.k8s.api.core.v1.VolumeDevice": { - "description": "volumeDevice describes a mapping of a raw block device within a container.", - "type": "object", - "required": [ - "name", - "devicePath" - ], - "properties": { - "devicePath": { - "description": "devicePath is the path inside of the container that the device will be mapped to.", - "type": "string" - }, - "name": { - "description": "name must match the name of a persistentVolumeClaim in the pod", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.VolumeMount": { - "description": "VolumeMount describes a mounting of a Volume within a container.", - "type": "object", - "required": [ - "name", - "mountPath" - ], - "properties": { - "mountPath": { - "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", - "type": "string" - }, - "mountPropagation": { - "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", - "type": "string" - }, - "name": { - "description": "This must match the Name of a Volume.", - "type": "string" - }, - "readOnly": { - "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", - "type": "boolean" - }, - "subPath": { - "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.VolumeNodeAffinity": { - "description": "VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.", - "type": "object", - "properties": { - "required": { - "description": "Required specifies hard node constraints that must be met.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector" - } - } - }, - "io.k8s.api.core.v1.VolumeProjection": { - "description": "Projection that may be projected along with other supported volume types", - "type": "object", - "properties": { - "configMap": { - "description": "information about the configMap data to project", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapProjection" - }, - "downwardAPI": { - "description": "information about the downwardAPI data to project", - "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIProjection" - }, - "secret": { - "description": "information about the secret data to project", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretProjection" - }, - "serviceAccountToken": { - "description": "information about the serviceAccountToken data to project", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountTokenProjection" - } - } - }, - "io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource": { - "description": "Represents a vSphere volume resource.", - "type": "object", - "required": [ - "volumePath" - ], - "properties": { - "fsType": { - "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", - "type": "string" - }, - "storagePolicyID": { - "description": "Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", - "type": "string" - }, - "storagePolicyName": { - "description": "Storage Policy Based Management (SPBM) profile name.", - "type": "string" - }, - "volumePath": { - "description": "Path that identifies vSphere volume vmdk", - "type": "string" - } - } - }, - "io.k8s.api.core.v1.WeightedPodAffinityTerm": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "type": "object", - "required": [ - "weight", - "podAffinityTerm" - ], - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.events.v1beta1.Event": { - "description": "Event is a report of an event somewhere in the cluster. It generally denotes some state change in the system.", - "type": "object", - "required": [ - "eventTime" - ], - "properties": { - "action": { - "description": "What action was taken/failed regarding to the regarding object.", - "type": "string" - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "deprecatedCount": { - "description": "Deprecated field assuring backward compatibility with core.v1 Event type", - "type": "integer", - "format": "int32" - }, - "deprecatedFirstTimestamp": { - "description": "Deprecated field assuring backward compatibility with core.v1 Event type", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "deprecatedLastTimestamp": { - "description": "Deprecated field assuring backward compatibility with core.v1 Event type", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "deprecatedSource": { - "description": "Deprecated field assuring backward compatibility with core.v1 Event type", - "$ref": "#/definitions/io.k8s.api.core.v1.EventSource" - }, - "eventTime": { - "description": "Required. Time when this Event was first observed.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "note": { - "description": "Optional. A human-readable description of the status of this operation. Maximal length of the note is 1kB, but libraries should be prepared to handle values up to 64kB.", - "type": "string" - }, - "reason": { - "description": "Why the action was taken.", - "type": "string" - }, - "regarding": { - "description": "The object this Event is about. In most cases it's an Object reporting controller implements. E.g. ReplicaSetController implements ReplicaSets and this event is emitted because it acts on some changes in a ReplicaSet object.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "related": { - "description": "Optional secondary object for more complex actions. E.g. when regarding object triggers a creation or deletion of related object.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "reportingController": { - "description": "Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.", - "type": "string" - }, - "reportingInstance": { - "description": "ID of the controller instance, e.g. `kubelet-xyzf`.", - "type": "string" - }, - "series": { - "description": "Data about the Event series this event represents or nil if it's a singleton Event.", - "$ref": "#/definitions/io.k8s.api.events.v1beta1.EventSeries" - }, - "type": { - "description": "Type of this event (Normal, Warning), new types could be added in the future.", - "type": "string" - } }, - "x-kubernetes-group-version-kind": [ - { - "group": "events.k8s.io", - "kind": "Event", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.events.v1beta1.EventList": { - "description": "EventList is a list of Event objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "events.k8s.io", - "kind": "EventList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.events.v1beta1.EventSeries": { - "description": "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.", - "type": "object", - "required": [ - "count", - "lastObservedTime", - "state" - ], - "properties": { - "count": { - "description": "Number of occurrences in this series up to the last heartbeat time", - "type": "integer", - "format": "int32" - }, - "lastObservedTime": { - "description": "Time when last Event from the series was seen before last heartbeat.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime" - }, - "state": { - "description": "Information whether this series is ongoing or finished.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.AllowedFlexVolume": { - "description": "AllowedFlexVolume represents a single Flexvolume that is allowed to be used. Deprecated: use AllowedFlexVolume from policy API Group instead.", - "type": "object", - "required": [ - "driver" - ], - "properties": { - "driver": { - "description": "driver is the name of the Flexvolume driver.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.AllowedHostPath": { - "description": "AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined. Deprecated: use AllowedHostPath from policy API Group instead.", - "type": "object", - "properties": { - "pathPrefix": { - "description": "pathPrefix is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`", - "type": "string" - }, - "readOnly": { - "description": "when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.", - "type": "boolean" - } - } - }, - "io.k8s.api.extensions.v1beta1.DaemonSet": { - "description": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetSpec" - }, - "status": { - "description": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "DaemonSet", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.DaemonSetCondition": { - "description": "DaemonSetCondition describes the state of a DaemonSet at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of DaemonSet condition.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.DaemonSetList": { - "description": "DaemonSetList is a collection of daemon sets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "A list of daemon sets.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "DaemonSetList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.DaemonSetSpec": { - "description": "DaemonSetSpec is the specification of a daemon set.", - "type": "object", - "required": [ - "template" - ], - "properties": { - "minReadySeconds": { - "description": "The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "A label query over pods that are managed by the daemon set. Must match in order to be controlled. If empty, defaulted to labels on Pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "template": { - "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "templateGeneration": { - "description": "DEPRECATED. A sequence number representing a specific generation of the template. Populated by the system. It can be set only during the creation.", - "type": "integer", - "format": "int64" - }, - "updateStrategy": { - "description": "An update strategy to replace existing DaemonSet pods with new pods.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy" - } - } - }, - "io.k8s.api.extensions.v1beta1.DaemonSetStatus": { - "description": "DaemonSetStatus represents the current status of a daemon set.", - "type": "object", - "required": [ - "currentNumberScheduled", - "numberMisscheduled", - "desiredNumberScheduled", - "numberReady" - ], - "properties": { - "collisionCount": { - "description": "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a DaemonSet's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetCondition" + "/api/v1/namespaces/{namespace}/configmaps": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ConfigMap", + "operationId": "deleteCoreV1CollectionNamespacedConfigMap", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "currentNumberScheduled": { - "description": "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "desiredNumberScheduled": { - "description": "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "numberAvailable": { - "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)", - "type": "integer", - "format": "int32" - }, - "numberMisscheduled": { - "description": "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", - "type": "integer", - "format": "int32" - }, - "numberReady": { - "description": "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.", - "type": "integer", - "format": "int32" - }, - "numberUnavailable": { - "description": "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "The most recent generation observed by the daemon set controller.", - "type": "integer", - "format": "int64" - }, - "updatedNumberScheduled": { - "description": "The total number of nodes that are running updated daemon pod", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy": { - "type": "object", - "properties": { - "rollingUpdate": { - "description": "Rolling update config params. Present only if type = \"RollingUpdate\".", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet" - }, - "type": { - "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is OnDelete.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.Deployment": { - "description": "DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the Deployment.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentSpec" - }, - "status": { - "description": "Most recently observed status of the Deployment.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "Deployment", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.DeploymentCondition": { - "description": "DeploymentCondition describes the state of a deployment at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "lastUpdateTime": { - "description": "The last time this condition was updated.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of deployment condition.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.DeploymentList": { - "description": "DeploymentList is a list of Deployments.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of Deployments.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "DeploymentList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.DeploymentRollback": { - "description": "DEPRECATED. DeploymentRollback stores the information required to rollback a deployment.", - "type": "object", - "required": [ - "name", - "rollbackTo" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "name": { - "description": "Required: This must match the Name of a deployment.", - "type": "string" - }, - "rollbackTo": { - "description": "The config of this deployment rollback.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollbackConfig" - }, - "updatedAnnotations": { - "description": "The annotations to be updated to a deployment", - "type": "object", - "additionalProperties": { - "type": "string" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "DeploymentRollback", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.DeploymentSpec": { - "description": "DeploymentSpec is the specification of the desired behavior of the Deployment.", - "type": "object", - "required": [ - "template" - ], - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "paused": { - "description": "Indicates that the deployment is paused and will not be processed by the deployment controller.", - "type": "boolean" - }, - "progressDeadlineSeconds": { - "description": "The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. This is set to the max value of int32 (i.e. 2147483647) by default, which means \"no deadline\".", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.", - "type": "integer", - "format": "int32" - }, - "revisionHistoryLimit": { - "description": "The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. This is set to the max value of int32 (i.e. 2147483647) by default, which means \"retaining all old RelicaSets\".", - "type": "integer", - "format": "int32" - }, - "rollbackTo": { - "description": "DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollbackConfig" - }, - "selector": { - "description": "Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "strategy": { - "description": "The deployment strategy to use to replace existing pods with new ones.", - "x-kubernetes-patch-strategy": "retainKeys", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStrategy" - }, - "template": { - "description": "Template describes the pods that will be created.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.extensions.v1beta1.DeploymentStatus": { - "description": "DeploymentStatus is the most recently observed status of the Deployment.", - "type": "object", - "properties": { - "availableReplicas": { - "description": "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "collisionCount": { - "description": "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a deployment's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentCondition" + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ConfigMap", + "operationId": "listCoreV1NamespacedConfigMap", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "observedGeneration": { - "description": "The generation observed by the deployment controller.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "Total number of ready pods targeted by this deployment.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Total number of non-terminated pods targeted by this deployment (their labels match the selector).", - "type": "integer", - "format": "int32" - }, - "unavailableReplicas": { - "description": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.", - "type": "integer", - "format": "int32" - }, - "updatedReplicas": { - "description": "Total number of non-terminated pods targeted by this deployment that have the desired template spec.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.extensions.v1beta1.DeploymentStrategy": { - "description": "DeploymentStrategy describes how to replace existing pods with new ones.", - "type": "object", - "properties": { - "rollingUpdate": { - "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDeployment" - }, - "type": { - "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions": { - "description": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use FSGroupStrategyOptions from policy API Group instead.", - "type": "object", - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ConfigMap", + "operationId": "createCoreV1NamespacedConfigMap", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } } - }, - "rule": { - "description": "rule is the strategy that will dictate what FSGroup is used in the SecurityContext.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.HTTPIngressPath": { - "description": "HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.", - "type": "object", - "required": [ - "backend" - ], - "properties": { - "backend": { - "description": "Backend defines the referenced service endpoint to which the traffic will be forwarded to.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressBackend" - }, - "path": { - "description": "Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue": { - "description": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http://\u003chost\u003e/\u003cpath\u003e?\u003csearchpart\u003e -\u003e backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", - "type": "object", - "required": [ - "paths" - ], - "properties": { - "paths": { - "description": "A collection of paths that map requests to backends.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressPath" - } - } - } - }, - "io.k8s.api.extensions.v1beta1.HostPortRange": { - "description": "HostPortRange defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined. Deprecated: use HostPortRange from policy API Group instead.", - "type": "object", - "required": [ - "min", - "max" - ], - "properties": { - "max": { - "description": "max is the end of the range, inclusive.", - "type": "integer", - "format": "int32" - }, - "min": { - "description": "min is the start of the range, inclusive.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.extensions.v1beta1.IDRange": { - "description": "IDRange provides a min/max of an allowed range of IDs. Deprecated: use IDRange from policy API Group instead.", - "type": "object", - "required": [ - "min", - "max" - ], - "properties": { - "max": { - "description": "max is the end of the range, inclusive.", - "type": "integer", - "format": "int64" - }, - "min": { - "description": "min is the start of the range, inclusive.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.extensions.v1beta1.IPBlock": { - "description": "DEPRECATED 1.9 - This group version of IPBlock is deprecated by networking/v1/IPBlock. IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.", - "type": "object", - "required": [ - "cidr" - ], - "properties": { - "cidr": { - "description": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"", - "type": "string" - }, - "except": { - "description": "Except is a slice of CIDRs that should not be included within an IP Block Valid examples are \"192.168.1.1/24\" Except values will be rejected if they are outside the CIDR range", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.extensions.v1beta1.Ingress": { - "description": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressSpec" - }, - "status": { - "description": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressStatus" - } }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "Ingress", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.IngressBackend": { - "description": "IngressBackend describes all endpoints for a given service and port.", - "type": "object", - "required": [ - "serviceName", - "servicePort" - ], - "properties": { - "serviceName": { - "description": "Specifies the name of the referenced service.", - "type": "string" - }, - "servicePort": { - "description": "Specifies the port of the referenced service.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.extensions.v1beta1.IngressList": { - "description": "IngressList is a collection of Ingress.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of Ingress.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "IngressList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.IngressRule": { - "description": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", - "type": "object", - "properties": { - "host": { - "description": "Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the\n\t IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.", - "type": "string" - }, - "http": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue" - } - } - }, - "io.k8s.api.extensions.v1beta1.IngressSpec": { - "description": "IngressSpec describes the Ingress the user wishes to exist.", - "type": "object", - "properties": { - "backend": { - "description": "A default backend capable of servicing requests that don't match any rule. At least one of 'backend' or 'rules' must be specified. This field is optional to allow the loadbalancer controller or defaulting logic to specify a global default.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressBackend" - }, - "rules": { - "description": "A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressRule" - } - }, - "tls": { - "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressTLS" - } - } - } - }, - "io.k8s.api.extensions.v1beta1.IngressStatus": { - "description": "IngressStatus describe the current state of the Ingress.", - "type": "object", - "properties": { - "loadBalancer": { - "description": "LoadBalancer contains the current status of the load-balancer.", - "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerStatus" - } - } - }, - "io.k8s.api.extensions.v1beta1.IngressTLS": { - "description": "IngressTLS describes the transport layer security associated with an Ingress.", - "type": "object", - "properties": { - "hosts": { - "description": "Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", - "type": "array", - "items": { - "type": "string" - } - }, - "secretName": { - "description": "SecretName is the name of the secret used to terminate SSL traffic on 443. Field is left optional to allow SSL routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.NetworkPolicy": { - "description": "DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy. NetworkPolicy describes what network traffic is allowed for a set of Pods", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior for this NetworkPolicy.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicySpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "NetworkPolicy", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.NetworkPolicyEgressRule": { - "description": "DEPRECATED 1.9 - This group version of NetworkPolicyEgressRule is deprecated by networking/v1/NetworkPolicyEgressRule. NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8", - "type": "object", - "properties": { - "ports": { - "description": "List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPort" - } - }, - "to": { - "description": "List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPeer" - } - } - } - }, - "io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule": { - "description": "DEPRECATED 1.9 - This group version of NetworkPolicyIngressRule is deprecated by networking/v1/NetworkPolicyIngressRule. This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.", - "type": "object", - "properties": { - "from": { - "description": "List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least on item, this rule allows traffic only if the traffic matches at least one item in the from list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPeer" - } - }, - "ports": { - "description": "List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPort" - } - } - } - }, - "io.k8s.api.extensions.v1beta1.NetworkPolicyList": { - "description": "DEPRECATED 1.9 - This group version of NetworkPolicyList is deprecated by networking/v1/NetworkPolicyList. Network Policy List is a list of NetworkPolicy objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "NetworkPolicyList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.NetworkPolicyPeer": { - "description": "DEPRECATED 1.9 - This group version of NetworkPolicyPeer is deprecated by networking/v1/NetworkPolicyPeer.", - "type": "object", - "properties": { - "ipBlock": { - "description": "IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IPBlock" - }, - "namespaceSelector": { - "description": "Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.\n\nIf PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "podSelector": { - "description": "This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.\n\nIf NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - }, - "io.k8s.api.extensions.v1beta1.NetworkPolicyPort": { - "description": "DEPRECATED 1.9 - This group version of NetworkPolicyPort is deprecated by networking/v1/NetworkPolicyPort.", - "type": "object", - "properties": { - "port": { - "description": "If specified, the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "protocol": { - "description": "Optional. The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.NetworkPolicySpec": { - "description": "DEPRECATED 1.9 - This group version of NetworkPolicySpec is deprecated by networking/v1/NetworkPolicySpec.", - "type": "object", - "required": [ - "podSelector" - ], - "properties": { - "egress": { - "description": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyEgressRule" - } - }, - "ingress": { - "description": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default).", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule" - } - }, - "podSelector": { - "description": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "policyTypes": { - "description": "List of rule types that the NetworkPolicy relates to. Valid options are Ingress, Egress, or Ingress,Egress. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.extensions.v1beta1.PodSecurityPolicy": { - "description": "PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container. Deprecated: use PodSecurityPolicy from policy API Group instead.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "spec defines the policy enforced.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.PodSecurityPolicyList": { - "description": "PodSecurityPolicyList is a list of PodSecurityPolicy objects. Deprecated: use PodSecurityPolicyList from policy API Group instead.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "PodSecurityPolicyList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec": { - "description": "PodSecurityPolicySpec defines the policy enforced. Deprecated: use PodSecurityPolicySpec from policy API Group instead.", - "type": "object", - "required": [ - "seLinux", - "runAsUser", - "supplementalGroups", - "fsGroup" - ], - "properties": { - "allowPrivilegeEscalation": { - "description": "allowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.", - "type": "boolean" - }, - "allowedCapabilities": { - "description": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both allowedCapabilities and requiredDropCapabilities.", - "type": "array", - "items": { - "type": "string" - } - }, - "allowedFlexVolumes": { - "description": "allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.AllowedFlexVolume" - } - }, - "allowedHostPaths": { - "description": "allowedHostPaths is a white list of allowed host paths. Empty indicates that all host paths may be used.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.AllowedHostPath" - } - }, - "allowedProcMountTypes": { - "description": "AllowedProcMountTypes is a whitelist of allowed ProcMountTypes. Empty or nil indicates that only the DefaultProcMountType may be used. This requires the ProcMountType feature flag to be enabled.", - "type": "array", - "items": { - "type": "string" - } - }, - "allowedUnsafeSysctls": { - "description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.", - "type": "array", - "items": { - "type": "string" - } - }, - "defaultAddCapabilities": { - "description": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.", - "type": "array", - "items": { - "type": "string" - } - }, - "defaultAllowPrivilegeEscalation": { - "description": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.", - "type": "boolean" - }, - "forbiddenSysctls": { - "description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.", - "type": "array", - "items": { - "type": "string" - } - }, - "fsGroup": { - "description": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions" - }, - "hostIPC": { - "description": "hostIPC determines if the policy allows the use of HostIPC in the pod spec.", - "type": "boolean" - }, - "hostNetwork": { - "description": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.", - "type": "boolean" - }, - "hostPID": { - "description": "hostPID determines if the policy allows the use of HostPID in the pod spec.", - "type": "boolean" - }, - "hostPorts": { - "description": "hostPorts determines which host port ranges are allowed to be exposed.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HostPortRange" - } - }, - "privileged": { - "description": "privileged determines if a pod can request to be run as privileged.", - "type": "boolean" - }, - "readOnlyRootFilesystem": { - "description": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", - "type": "boolean" - }, - "requiredDropCapabilities": { - "description": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", - "type": "array", - "items": { - "type": "string" - } - }, - "runAsGroup": { - "description": "RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set. If this field is omitted, the pod's RunAsGroup can take any value. This field requires the RunAsGroup feature gate to be enabled.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RunAsGroupStrategyOptions" - }, - "runAsUser": { - "description": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions" - }, - "seLinux": { - "description": "seLinux is the strategy that will dictate the allowable labels that may be set.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions" - }, - "supplementalGroups": { - "description": "supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions" - }, - "volumes": { - "description": "volumes is a white list of allowed volume plugins. Empty indicates that no volumes may be used. To allow all volumes you may use '*'.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.extensions.v1beta1.ReplicaSet": { - "description": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetSpec" - }, - "status": { - "description": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "ReplicaSet", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.ReplicaSetCondition": { - "description": "ReplicaSetCondition describes the state of a replica set at a certain point.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "The last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "A human readable message indicating details about the transition.", - "type": "string" - }, - "reason": { - "description": "The reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status of the condition, one of True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type of replica set condition.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.ReplicaSetList": { - "description": "ReplicaSetList is a collection of ReplicaSets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "ReplicaSetList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.ReplicaSetSpec": { - "description": "ReplicaSetSpec is the specification of a ReplicaSet.", - "type": "object", - "properties": { - "minReadySeconds": { - "description": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "Selector is a label query over pods that should match the replica count. If the selector is empty, it is defaulted to the labels present on the pod template. Label keys and values that must match in order to be controlled by this replica set. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "template": { - "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - } - } - }, - "io.k8s.api.extensions.v1beta1.ReplicaSetStatus": { - "description": "ReplicaSetStatus represents the current status of a ReplicaSet.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "availableReplicas": { - "description": "The number of available replicas (ready for at least minReadySeconds) for this replica set.", - "type": "integer", - "format": "int32" - }, - "conditions": { - "description": "Represents the latest available observations of a replica set's current state.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetCondition" + "/api/v1/namespaces/{namespace}/configmaps/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ConfigMap", + "operationId": "deleteCoreV1NamespacedConfigMap", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - }, - "fullyLabeledReplicas": { - "description": "The number of pods that have labels matching the labels of the pod template of the replicaset.", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.", - "type": "integer", - "format": "int64" - }, - "readyReplicas": { - "description": "The number of ready replicas for this replica set.", - "type": "integer", - "format": "int32" - }, - "replicas": { - "description": "Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.extensions.v1beta1.RollbackConfig": { - "description": "DEPRECATED.", - "type": "object", - "properties": { - "revision": { - "description": "The revision to rollback to. If set to 0, rollback to the last revision.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet": { - "description": "Spec to control the desired behavior of daemon set rolling update.", - "type": "object", - "properties": { - "maxUnavailable": { - "description": "The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.extensions.v1beta1.RollingUpdateDeployment": { - "description": "Spec to control the desired behavior of rolling update.", - "type": "object", - "properties": { - "maxSurge": { - "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default, a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "maxUnavailable": { - "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - } - } - }, - "io.k8s.api.extensions.v1beta1.RunAsGroupStrategyOptions": { - "description": "RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsGroupStrategyOptions from policy API Group instead.", - "type": "object", - "required": [ - "rule" - ], - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of gids that may be used. If you would like to force a single gid then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" - } - }, - "rule": { - "description": "rule is the strategy that will dictate the allowable RunAsGroup values that may be set.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions": { - "description": "RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use RunAsUserStrategyOptions from policy API Group instead.", - "type": "object", - "required": [ - "rule" - ], - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of uids that may be used. If you would like to force a single uid then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" - } - }, - "rule": { - "description": "rule is the strategy that will dictate the allowable RunAsUser values that may be set.", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions": { - "description": "SELinuxStrategyOptions defines the strategy type and any options used to create the strategy. Deprecated: use SELinuxStrategyOptions from policy API Group instead.", - "type": "object", - "required": [ - "rule" - ], - "properties": { - "rule": { - "description": "rule is the strategy that will dictate the allowable labels that may be set.", - "type": "string" - }, - "seLinuxOptions": { - "description": "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions" - } - } - }, - "io.k8s.api.extensions.v1beta1.Scale": { - "description": "represents a scaling request for a resource.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleSpec" - }, - "status": { - "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "extensions", - "kind": "Scale", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.extensions.v1beta1.ScaleSpec": { - "description": "describes the attributes of a scale subresource", - "type": "object", - "properties": { - "replicas": { - "description": "desired number of instances for the scaled object.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.extensions.v1beta1.ScaleStatus": { - "description": "represents the current status of a scale subresource.", - "type": "object", - "required": [ - "replicas" - ], - "properties": { - "replicas": { - "description": "actual number of observed instances of the scaled object.", - "type": "integer", - "format": "int32" - }, - "selector": { - "description": "label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "targetSelector": { - "description": "label selector for pods that should match the replicas count. This is a serializated version of both map-based and more expressive set-based selectors. This is done to avoid introspection in the clients. The string will be in the same format as the query-param syntax. If the target type only supports map-based selectors, both this field and map-based selector field are populated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors", - "type": "string" - } - } - }, - "io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions": { - "description": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy. Deprecated: use SupplementalGroupsStrategyOptions from policy API Group instead.", - "type": "object", - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" - } - }, - "rule": { - "description": "rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.", - "type": "string" - } - } - }, - "io.k8s.api.networking.v1.IPBlock": { - "description": "IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.", - "type": "object", - "required": [ - "cidr" - ], - "properties": { - "cidr": { - "description": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.1/24\"", - "type": "string" - }, - "except": { - "description": "Except is a slice of CIDRs that should not be included within an IP Block Valid examples are \"192.168.1.1/24\" Except values will be rejected if they are outside the CIDR range", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.networking.v1.NetworkPolicy": { - "description": "NetworkPolicy describes what network traffic is allowed for a set of Pods", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior for this NetworkPolicy.", - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicySpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "networking.k8s.io", - "kind": "NetworkPolicy", - "version": "v1" - } - ] - }, - "io.k8s.api.networking.v1.NetworkPolicyEgressRule": { - "description": "NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8", - "type": "object", - "properties": { - "ports": { - "description": "List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort" - } - }, - "to": { - "description": "List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer" - } - } - } - }, - "io.k8s.api.networking.v1.NetworkPolicyIngressRule": { - "description": "NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.", - "type": "object", - "properties": { - "from": { - "description": "List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least on item, this rule allows traffic only if the traffic matches at least one item in the from list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer" - } - }, - "ports": { - "description": "List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort" - } - } - } - }, - "io.k8s.api.networking.v1.NetworkPolicyList": { - "description": "NetworkPolicyList is a list of NetworkPolicy objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "networking.k8s.io", - "kind": "NetworkPolicyList", - "version": "v1" - } - ] - }, - "io.k8s.api.networking.v1.NetworkPolicyPeer": { - "description": "NetworkPolicyPeer describes a peer to allow traffic from. Only certain combinations of fields are allowed", - "type": "object", - "properties": { - "ipBlock": { - "description": "IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be.", - "$ref": "#/definitions/io.k8s.api.networking.v1.IPBlock" - }, - "namespaceSelector": { - "description": "Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.\n\nIf PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "podSelector": { - "description": "This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.\n\nIf NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - }, - "io.k8s.api.networking.v1.NetworkPolicyPort": { - "description": "NetworkPolicyPort describes a port to allow traffic on", - "type": "object", - "properties": { - "port": { - "description": "The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "protocol": { - "description": "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", - "type": "string" - } - } - }, - "io.k8s.api.networking.v1.NetworkPolicySpec": { - "description": "NetworkPolicySpec provides the specification of a NetworkPolicy", - "type": "object", - "required": [ - "podSelector" - ], - "properties": { - "egress": { - "description": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyEgressRule" - } - }, - "ingress": { - "description": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyIngressRule" - } - }, - "podSelector": { - "description": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "policyTypes": { - "description": "List of rule types that the NetworkPolicy relates to. Valid options are Ingress, Egress, or Ingress,Egress. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.policy.v1beta1.AllowedFlexVolume": { - "description": "AllowedFlexVolume represents a single Flexvolume that is allowed to be used.", - "type": "object", - "required": [ - "driver" - ], - "properties": { - "driver": { - "description": "driver is the name of the Flexvolume driver.", - "type": "string" - } - } - }, - "io.k8s.api.policy.v1beta1.AllowedHostPath": { - "description": "AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined.", - "type": "object", - "properties": { - "pathPrefix": { - "description": "pathPrefix is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`", - "type": "string" - }, - "readOnly": { - "description": "when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.", - "type": "boolean" - } - } - }, - "io.k8s.api.policy.v1beta1.Eviction": { - "description": "Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod. A request to cause such an eviction is created by POSTing to .../pods/\u003cpod name\u003e/evictions.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "deleteOptions": { - "description": "DeleteOptions may be provided", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "ObjectMeta describes the pod that is being evicted.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "policy", - "kind": "Eviction", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.policy.v1beta1.FSGroupStrategyOptions": { - "description": "FSGroupStrategyOptions defines the strategy type and options used to create the strategy.", - "type": "object", - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" - } - }, - "rule": { - "description": "rule is the strategy that will dictate what FSGroup is used in the SecurityContext.", - "type": "string" - } - } - }, - "io.k8s.api.policy.v1beta1.HostPortRange": { - "description": "HostPortRange defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined.", - "type": "object", - "required": [ - "min", - "max" - ], - "properties": { - "max": { - "description": "max is the end of the range, inclusive.", - "type": "integer", - "format": "int32" - }, - "min": { - "description": "min is the start of the range, inclusive.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.api.policy.v1beta1.IDRange": { - "description": "IDRange provides a min/max of an allowed range of IDs.", - "type": "object", - "required": [ - "min", - "max" - ], - "properties": { - "max": { - "description": "max is the end of the range, inclusive.", - "type": "integer", - "format": "int64" - }, - "min": { - "description": "min is the start of the range, inclusive.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.policy.v1beta1.PodDisruptionBudget": { - "description": "PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired behavior of the PodDisruptionBudget.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec" - }, - "status": { - "description": "Most recently observed status of the PodDisruptionBudget.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "policy", - "kind": "PodDisruptionBudget", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.policy.v1beta1.PodDisruptionBudgetList": { - "description": "PodDisruptionBudgetList is a collection of PodDisruptionBudgets.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "policy", - "kind": "PodDisruptionBudgetList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec": { - "description": "PodDisruptionBudgetSpec is a description of a PodDisruptionBudget.", - "type": "object", - "properties": { - "maxUnavailable": { - "description": "An eviction is allowed if at most \"maxUnavailable\" pods selected by \"selector\" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with \"minAvailable\".", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "minAvailable": { - "description": "An eviction is allowed if at least \"minAvailable\" pods selected by \"selector\" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying \"100%\".", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString" - }, - "selector": { - "description": "Label query over pods whose evictions are managed by the disruption budget.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - }, - "io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus": { - "description": "PodDisruptionBudgetStatus represents information about the status of a PodDisruptionBudget. Status may trail the actual state of a system.", - "type": "object", - "required": [ - "disruptionsAllowed", - "currentHealthy", - "desiredHealthy", - "expectedPods" - ], - "properties": { - "currentHealthy": { - "description": "current number of healthy pods", - "type": "integer", - "format": "int32" - }, - "desiredHealthy": { - "description": "minimum desired number of healthy pods", - "type": "integer", - "format": "int32" - }, - "disruptedPods": { - "description": "DisruptedPods contains information about pods whose eviction was processed by the API server eviction subresource handler but has not yet been observed by the PodDisruptionBudget controller. A pod will be in this map from the time when the API server processed the eviction request to the time when the pod is seen by PDB controller as having been marked for deletion (or after a timeout). The key in the map is the name of the pod and the value is the time when the API server processed the eviction request. If the deletion didn't occur and a pod is still there it will be removed from the list automatically by PodDisruptionBudget controller after some time. If everything goes smooth this map should be empty for the most of the time. Large number of entries in the map may indicate problems with pod deletions.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - }, - "disruptionsAllowed": { - "description": "Number of pod disruptions that are currently allowed.", - "type": "integer", - "format": "int32" - }, - "expectedPods": { - "description": "total number of pods counted by this disruption budget", - "type": "integer", - "format": "int32" - }, - "observedGeneration": { - "description": "Most recent generation observed when updating this PDB status. PodDisruptionsAllowed and other status informatio is valid only if observedGeneration equals to PDB's object generation.", - "type": "integer", - "format": "int64" - } - } - }, - "io.k8s.api.policy.v1beta1.PodSecurityPolicy": { - "description": "PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "spec defines the policy enforced.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicySpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "policy", - "kind": "PodSecurityPolicy", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.policy.v1beta1.PodSecurityPolicyList": { - "description": "PodSecurityPolicyList is a list of PodSecurityPolicy objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "policy", - "kind": "PodSecurityPolicyList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.policy.v1beta1.PodSecurityPolicySpec": { - "description": "PodSecurityPolicySpec defines the policy enforced.", - "type": "object", - "required": [ - "seLinux", - "runAsUser", - "supplementalGroups", - "fsGroup" - ], - "properties": { - "allowPrivilegeEscalation": { - "description": "allowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.", - "type": "boolean" - }, - "allowedCapabilities": { - "description": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both allowedCapabilities and requiredDropCapabilities.", - "type": "array", - "items": { - "type": "string" - } - }, - "allowedFlexVolumes": { - "description": "allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the \"volumes\" field.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.AllowedFlexVolume" - } - }, - "allowedHostPaths": { - "description": "allowedHostPaths is a white list of allowed host paths. Empty indicates that all host paths may be used.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.AllowedHostPath" - } - }, - "allowedProcMountTypes": { - "description": "AllowedProcMountTypes is a whitelist of allowed ProcMountTypes. Empty or nil indicates that only the DefaultProcMountType may be used. This requires the ProcMountType feature flag to be enabled.", - "type": "array", - "items": { - "type": "string" - } - }, - "allowedUnsafeSysctls": { - "description": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.", - "type": "array", - "items": { - "type": "string" - } - }, - "defaultAddCapabilities": { - "description": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the allowedCapabilities list.", - "type": "array", - "items": { - "type": "string" - } - }, - "defaultAllowPrivilegeEscalation": { - "description": "defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.", - "type": "boolean" - }, - "forbiddenSysctls": { - "description": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.", - "type": "array", - "items": { - "type": "string" - } - }, - "fsGroup": { - "description": "fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.FSGroupStrategyOptions" - }, - "hostIPC": { - "description": "hostIPC determines if the policy allows the use of HostIPC in the pod spec.", - "type": "boolean" - }, - "hostNetwork": { - "description": "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.", - "type": "boolean" - }, - "hostPID": { - "description": "hostPID determines if the policy allows the use of HostPID in the pod spec.", - "type": "boolean" - }, - "hostPorts": { - "description": "hostPorts determines which host port ranges are allowed to be exposed.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.HostPortRange" - } - }, - "privileged": { - "description": "privileged determines if a pod can request to be run as privileged.", - "type": "boolean" - }, - "readOnlyRootFilesystem": { - "description": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", - "type": "boolean" - }, - "requiredDropCapabilities": { - "description": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", - "type": "array", - "items": { - "type": "string" - } - }, - "runAsGroup": { - "description": "RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set. If this field is omitted, the pod's RunAsGroup can take any value. This field requires the RunAsGroup feature gate to be enabled.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.RunAsGroupStrategyOptions" - }, - "runAsUser": { - "description": "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.RunAsUserStrategyOptions" - }, - "seLinux": { - "description": "seLinux is the strategy that will dictate the allowable labels that may be set.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.SELinuxStrategyOptions" - }, - "supplementalGroups": { - "description": "supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.SupplementalGroupsStrategyOptions" - }, - "volumes": { - "description": "volumes is a white list of allowed volume plugins. Empty indicates that no volumes may be used. To allow all volumes you may use '*'.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.policy.v1beta1.RunAsGroupStrategyOptions": { - "description": "RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy.", - "type": "object", - "required": [ - "rule" - ], - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of gids that may be used. If you would like to force a single gid then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" - } - }, - "rule": { - "description": "rule is the strategy that will dictate the allowable RunAsGroup values that may be set.", - "type": "string" - } - } - }, - "io.k8s.api.policy.v1beta1.RunAsUserStrategyOptions": { - "description": "RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.", - "type": "object", - "required": [ - "rule" - ], - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of uids that may be used. If you would like to force a single uid then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" - } - }, - "rule": { - "description": "rule is the strategy that will dictate the allowable RunAsUser values that may be set.", - "type": "string" - } - } - }, - "io.k8s.api.policy.v1beta1.SELinuxStrategyOptions": { - "description": "SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.", - "type": "object", - "required": [ - "rule" - ], - "properties": { - "rule": { - "description": "rule is the strategy that will dictate the allowable labels that may be set.", - "type": "string" - }, - "seLinuxOptions": { - "description": "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", - "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions" - } - } - }, - "io.k8s.api.policy.v1beta1.SupplementalGroupsStrategyOptions": { - "description": "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.", - "type": "object", - "properties": { - "ranges": { - "description": "ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end. Required for MustRunAs.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.IDRange" - } - }, - "rule": { - "description": "rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.", - "type": "string" - } - } - }, - "io.k8s.api.rbac.v1.AggregationRule": { - "description": "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole", - "type": "object", - "properties": { - "clusterRoleSelectors": { - "description": "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - } - }, - "io.k8s.api.rbac.v1.ClusterRole": { - "description": "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.", - "type": "object", - "properties": { - "aggregationRule": { - "description": "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.", - "$ref": "#/definitions/io.k8s.api.rbac.v1.AggregationRule" - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "rules": { - "description": "Rules holds all the PolicyRules for this ClusterRole", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.PolicyRule" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.ClusterRoleBinding": { - "description": "ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.", - "type": "object", - "required": [ - "roleRef" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "roleRef": { - "description": "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.", - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleRef" - }, - "subjects": { - "description": "Subjects holds references to the objects the role applies to.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Subject" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.ClusterRoleBindingList": { - "description": "ClusterRoleBindingList is a collection of ClusterRoleBindings", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of ClusterRoleBindings", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBindingList", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.ClusterRoleList": { - "description": "ClusterRoleList is a collection of ClusterRoles", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of ClusterRoles", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleList", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.PolicyRule": { - "description": "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.", - "type": "object", - "required": [ - "verbs" - ], - "properties": { - "apiGroups": { - "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.", - "type": "array", - "items": { - "type": "string" - } - }, - "nonResourceURLs": { - "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both.", - "type": "array", - "items": { - "type": "string" - } - }, - "resourceNames": { - "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.", - "type": "array", - "items": { - "type": "string" - } - }, - "resources": { - "description": "Resources is a list of resources this rule applies to. ResourceAll represents all resources.", - "type": "array", - "items": { - "type": "string" - } - }, - "verbs": { - "description": "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.rbac.v1.Role": { - "description": "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "rules": { - "description": "Rules holds all the PolicyRules for this Role", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.PolicyRule" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.RoleBinding": { - "description": "RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.", - "type": "object", - "required": [ - "roleRef" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "roleRef": { - "description": "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.", - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleRef" - }, - "subjects": { - "description": "Subjects holds references to the objects the role applies to.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Subject" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.RoleBindingList": { - "description": "RoleBindingList is a collection of RoleBindings", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of RoleBindings", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBindingList", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.RoleList": { - "description": "RoleList is a collection of Roles", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of Roles", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleList", - "version": "v1" - } - ] - }, - "io.k8s.api.rbac.v1.RoleRef": { - "description": "RoleRef contains information that points to the role being used", - "type": "object", - "required": [ - "apiGroup", - "kind", - "name" - ], - "properties": { - "apiGroup": { - "description": "APIGroup is the group for the resource being referenced", - "type": "string" - }, - "kind": { - "description": "Kind is the type of resource being referenced", - "type": "string" - }, - "name": { - "description": "Name is the name of resource being referenced", - "type": "string" - } - } - }, - "io.k8s.api.rbac.v1.Subject": { - "description": "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.", - "type": "object", - "required": [ - "kind", - "name" - ], - "properties": { - "apiGroup": { - "description": "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.", - "type": "string" - }, - "kind": { - "description": "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.", - "type": "string" - }, - "name": { - "description": "Name of the object being referenced.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.", - "type": "string" - } - } - }, - "io.k8s.api.rbac.v1alpha1.AggregationRule": { - "description": "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole", - "type": "object", - "properties": { - "clusterRoleSelectors": { - "description": "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - } - }, - "io.k8s.api.rbac.v1alpha1.ClusterRole": { - "description": "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.", - "type": "object", - "properties": { - "aggregationRule": { - "description": "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.AggregationRule" - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "rules": { - "description": "Rules holds all the PolicyRules for this ClusterRole", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.PolicyRule" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.ClusterRoleBinding": { - "description": "ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.", - "type": "object", - "required": [ - "roleRef" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "roleRef": { - "description": "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleRef" - }, - "subjects": { - "description": "Subjects holds references to the objects the role applies to.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Subject" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList": { - "description": "ClusterRoleBindingList is a collection of ClusterRoleBindings", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of ClusterRoleBindings", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBindingList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.ClusterRoleList": { - "description": "ClusterRoleList is a collection of ClusterRoles", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of ClusterRoles", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.PolicyRule": { - "description": "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.", - "type": "object", - "required": [ - "verbs" - ], - "properties": { - "apiGroups": { - "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.", - "type": "array", - "items": { - "type": "string" - } - }, - "nonResourceURLs": { - "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path This name is intentionally different than the internal type so that the DefaultConvert works nicely and because the ordering may be different. Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both.", - "type": "array", - "items": { - "type": "string" - } - }, - "resourceNames": { - "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.", - "type": "array", - "items": { - "type": "string" - } - }, - "resources": { - "description": "Resources is a list of resources this rule applies to. ResourceAll represents all resources.", - "type": "array", - "items": { - "type": "string" - } - }, - "verbs": { - "description": "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.rbac.v1alpha1.Role": { - "description": "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "rules": { - "description": "Rules holds all the PolicyRules for this Role", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.PolicyRule" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.RoleBinding": { - "description": "RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.", - "type": "object", - "required": [ - "roleRef" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "roleRef": { - "description": "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleRef" - }, - "subjects": { - "description": "Subjects holds references to the objects the role applies to.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Subject" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.RoleBindingList": { - "description": "RoleBindingList is a collection of RoleBindings", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of RoleBindings", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBindingList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.RoleList": { - "description": "RoleList is a collection of Roles", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of Roles", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.rbac.v1alpha1.RoleRef": { - "description": "RoleRef contains information that points to the role being used", - "type": "object", - "required": [ - "apiGroup", - "kind", - "name" - ], - "properties": { - "apiGroup": { - "description": "APIGroup is the group for the resource being referenced", - "type": "string" - }, - "kind": { - "description": "Kind is the type of resource being referenced", - "type": "string" - }, - "name": { - "description": "Name is the name of resource being referenced", - "type": "string" - } - } - }, - "io.k8s.api.rbac.v1alpha1.Subject": { - "description": "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.", - "type": "object", - "required": [ - "kind", - "name" - ], - "properties": { - "apiVersion": { - "description": "APIVersion holds the API group and version of the referenced subject. Defaults to \"v1\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io/v1alpha1\" for User and Group subjects.", - "type": "string" - }, - "kind": { - "description": "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.", - "type": "string" - }, - "name": { - "description": "Name of the object being referenced.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.", - "type": "string" - } - } - }, - "io.k8s.api.rbac.v1beta1.AggregationRule": { - "description": "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole", - "type": "object", - "properties": { - "clusterRoleSelectors": { - "description": "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - } - } - } - }, - "io.k8s.api.rbac.v1beta1.ClusterRole": { - "description": "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.", - "type": "object", - "properties": { - "aggregationRule": { - "description": "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.AggregationRule" - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "rules": { - "description": "Rules holds all the PolicyRules for this ClusterRole", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.PolicyRule" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.ClusterRoleBinding": { - "description": "ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.", - "type": "object", - "required": [ - "roleRef" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "roleRef": { - "description": "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleRef" - }, - "subjects": { - "description": "Subjects holds references to the objects the role applies to.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Subject" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBinding", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.ClusterRoleBindingList": { - "description": "ClusterRoleBindingList is a collection of ClusterRoleBindings", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of ClusterRoleBindings", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleBindingList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.ClusterRoleList": { - "description": "ClusterRoleList is a collection of ClusterRoles", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of ClusterRoles", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "ClusterRoleList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.PolicyRule": { - "description": "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.", - "type": "object", - "required": [ - "verbs" - ], - "properties": { - "apiGroups": { - "description": "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.", - "type": "array", - "items": { - "type": "string" - } - }, - "nonResourceURLs": { - "description": "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both.", - "type": "array", - "items": { - "type": "string" - } - }, - "resourceNames": { - "description": "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.", - "type": "array", - "items": { - "type": "string" - } - }, - "resources": { - "description": "Resources is a list of resources this rule applies to. '*' represents all resources in the specified apiGroups. '*/foo' represents the subresource 'foo' for all resources in the specified apiGroups.", - "type": "array", - "items": { - "type": "string" - } - }, - "verbs": { - "description": "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule. VerbAll represents all kinds.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.api.rbac.v1beta1.Role": { - "description": "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "rules": { - "description": "Rules holds all the PolicyRules for this Role", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.PolicyRule" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "Role", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.RoleBinding": { - "description": "RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.", - "type": "object", - "required": [ - "roleRef" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "roleRef": { - "description": "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleRef" - }, - "subjects": { - "description": "Subjects holds references to the objects the role applies to.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Subject" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBinding", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.RoleBindingList": { - "description": "RoleBindingList is a collection of RoleBindings", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of RoleBindings", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleBindingList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.RoleList": { - "description": "RoleList is a collection of Roles", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of Roles", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "rbac.authorization.k8s.io", - "kind": "RoleList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.rbac.v1beta1.RoleRef": { - "description": "RoleRef contains information that points to the role being used", - "type": "object", - "required": [ - "apiGroup", - "kind", - "name" - ], - "properties": { - "apiGroup": { - "description": "APIGroup is the group for the resource being referenced", - "type": "string" - }, - "kind": { - "description": "Kind is the type of resource being referenced", - "type": "string" - }, - "name": { - "description": "Name is the name of resource being referenced", - "type": "string" - } - } - }, - "io.k8s.api.rbac.v1beta1.Subject": { - "description": "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.", - "type": "object", - "required": [ - "kind", - "name" - ], - "properties": { - "apiGroup": { - "description": "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.", - "type": "string" - }, - "kind": { - "description": "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.", - "type": "string" - }, - "name": { - "description": "Name of the object being referenced.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.", - "type": "string" - } - } - }, - "io.k8s.api.scheduling.v1alpha1.PriorityClass": { - "description": "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.", - "type": "object", - "required": [ - "value" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "description": { - "description": "description is an arbitrary string that usually provides guidelines on when this priority class should be used.", - "type": "string" - }, - "globalDefault": { - "description": "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.", - "type": "boolean" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "value": { - "description": "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.", - "type": "integer", - "format": "int32" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.scheduling.v1alpha1.PriorityClassList": { - "description": "PriorityClassList is a collection of priority classes.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of PriorityClasses", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "scheduling.k8s.io", - "kind": "PriorityClassList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.scheduling.v1beta1.PriorityClass": { - "description": "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.", - "type": "object", - "required": [ - "value" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "description": { - "description": "description is an arbitrary string that usually provides guidelines on when this priority class should be used.", - "type": "string" - }, - "globalDefault": { - "description": "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.", - "type": "boolean" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "value": { - "description": "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.", - "type": "integer", - "format": "int32" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "scheduling.k8s.io", - "kind": "PriorityClass", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.scheduling.v1beta1.PriorityClassList": { - "description": "PriorityClassList is a collection of priority classes.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "items is the list of PriorityClasses", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "scheduling.k8s.io", - "kind": "PriorityClassList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.settings.v1alpha1.PodPreset": { - "description": "PodPreset is a policy resource that defines additional runtime requirements for a Pod.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetSpec" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "settings.k8s.io", - "kind": "PodPreset", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.settings.v1alpha1.PodPresetList": { - "description": "PodPresetList is a list of PodPreset objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is a list of schema objects.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "settings.k8s.io", - "kind": "PodPresetList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.settings.v1alpha1.PodPresetSpec": { - "description": "PodPresetSpec is a description of a pod preset.", - "type": "object", - "properties": { - "env": { - "description": "Env defines the collection of EnvVar to inject into containers.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EnvVar" - } - }, - "envFrom": { - "description": "EnvFrom defines the collection of EnvFromSource to inject into containers.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.EnvFromSource" - } - }, - "selector": { - "description": "Selector is a label query over a set of resources, in this case pods. Required.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" - }, - "volumeMounts": { - "description": "VolumeMounts defines the collection of VolumeMount to inject into containers.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.VolumeMount" - } - }, - "volumes": { - "description": "Volumes defines the collection of Volume to inject into the pod.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.Volume" - } - } - } - }, - "io.k8s.api.storage.v1.StorageClass": { - "description": "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.", - "type": "object", - "required": [ - "provisioner" - ], - "properties": { - "allowVolumeExpansion": { - "description": "AllowVolumeExpansion shows whether the storage class allow volume expand", - "type": "boolean" - }, - "allowedTopologies": { - "description": "Restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.TopologySelectorTerm" - } - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "mountOptions": { - "description": "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", - "type": "array", - "items": { - "type": "string" - } - }, - "parameters": { - "description": "Parameters holds the parameters for the provisioner that should create volumes of this storage class.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "provisioner": { - "description": "Provisioner indicates the type of the provisioner.", - "type": "string" - }, - "reclaimPolicy": { - "description": "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.", - "type": "string" - }, - "volumeBindingMode": { - "description": "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.", - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1" - } - ] - }, - "io.k8s.api.storage.v1.StorageClassList": { - "description": "StorageClassList is a collection of storage classes.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of StorageClasses", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "StorageClassList", - "version": "v1" - } - ] - }, - "io.k8s.api.storage.v1.VolumeAttachment": { - "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.", - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentSpec" - }, - "status": { - "description": "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1" - } - ] - }, - "io.k8s.api.storage.v1.VolumeAttachmentList": { - "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of VolumeAttachments", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "VolumeAttachmentList", - "version": "v1" - } - ] - }, - "io.k8s.api.storage.v1.VolumeAttachmentSource": { - "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.", - "type": "object", - "properties": { - "persistentVolumeName": { - "description": "Name of the persistent volume to attach.", - "type": "string" - } - } - }, - "io.k8s.api.storage.v1.VolumeAttachmentSpec": { - "description": "VolumeAttachmentSpec is the specification of a VolumeAttachment request.", - "type": "object", - "required": [ - "attacher", - "source", - "nodeName" - ], - "properties": { - "attacher": { - "description": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", - "type": "string" - }, - "nodeName": { - "description": "The node that the volume should be attached to.", - "type": "string" - }, - "source": { - "description": "Source represents the volume that should be attached.", - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentSource" - } - } - }, - "io.k8s.api.storage.v1.VolumeAttachmentStatus": { - "description": "VolumeAttachmentStatus is the status of a VolumeAttachment request.", - "type": "object", - "required": [ - "attached" - ], - "properties": { - "attachError": { - "description": "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeError" - }, - "attached": { - "description": "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "type": "boolean" - }, - "attachmentMetadata": { - "description": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "detachError": { - "description": "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeError" - } - } - }, - "io.k8s.api.storage.v1.VolumeError": { - "description": "VolumeError captures an error encountered during a volume operation.", - "type": "object", - "properties": { - "message": { - "description": "String detailing the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.", - "type": "string" - }, - "time": { - "description": "Time the error was encountered.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.api.storage.v1alpha1.VolumeAttachment": { - "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.", - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentSpec" - }, - "status": { - "description": "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.storage.v1alpha1.VolumeAttachmentList": { - "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of VolumeAttachments", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "VolumeAttachmentList", - "version": "v1alpha1" - } - ] - }, - "io.k8s.api.storage.v1alpha1.VolumeAttachmentSource": { - "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.", - "type": "object", - "properties": { - "persistentVolumeName": { - "description": "Name of the persistent volume to attach.", - "type": "string" - } - } - }, - "io.k8s.api.storage.v1alpha1.VolumeAttachmentSpec": { - "description": "VolumeAttachmentSpec is the specification of a VolumeAttachment request.", - "type": "object", - "required": [ - "attacher", - "source", - "nodeName" - ], - "properties": { - "attacher": { - "description": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", - "type": "string" - }, - "nodeName": { - "description": "The node that the volume should be attached to.", - "type": "string" - }, - "source": { - "description": "Source represents the volume that should be attached.", - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentSource" - } - } - }, - "io.k8s.api.storage.v1alpha1.VolumeAttachmentStatus": { - "description": "VolumeAttachmentStatus is the status of a VolumeAttachment request.", - "type": "object", - "required": [ - "attached" - ], - "properties": { - "attachError": { - "description": "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeError" - }, - "attached": { - "description": "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "type": "boolean" - }, - "attachmentMetadata": { - "description": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "detachError": { - "description": "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeError" - } - } - }, - "io.k8s.api.storage.v1alpha1.VolumeError": { - "description": "VolumeError captures an error encountered during a volume operation.", - "type": "object", - "properties": { - "message": { - "description": "String detailing the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.", - "type": "string" - }, - "time": { - "description": "Time the error was encountered.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.api.storage.v1beta1.StorageClass": { - "description": "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.", - "type": "object", - "required": [ - "provisioner" - ], - "properties": { - "allowVolumeExpansion": { - "description": "AllowVolumeExpansion shows whether the storage class allow volume expand", - "type": "boolean" - }, - "allowedTopologies": { - "description": "Restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.core.v1.TopologySelectorTerm" - } - }, - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "mountOptions": { - "description": "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", - "type": "array", - "items": { - "type": "string" - } - }, - "parameters": { - "description": "Parameters holds the parameters for the provisioner that should create volumes of this storage class.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "provisioner": { - "description": "Provisioner indicates the type of the provisioner.", - "type": "string" - }, - "reclaimPolicy": { - "description": "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.", - "type": "string" - }, - "volumeBindingMode": { - "description": "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.", - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "StorageClass", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.storage.v1beta1.StorageClassList": { - "description": "StorageClassList is a collection of storage classes.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of StorageClasses", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "StorageClassList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.storage.v1beta1.VolumeAttachment": { - "description": "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.", - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentSpec" - }, - "status": { - "description": "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "VolumeAttachment", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.storage.v1beta1.VolumeAttachmentList": { - "description": "VolumeAttachmentList is a collection of VolumeAttachment objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of VolumeAttachments", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "VolumeAttachmentList", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.storage.v1beta1.VolumeAttachmentSource": { - "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.", - "type": "object", - "properties": { - "persistentVolumeName": { - "description": "Name of the persistent volume to attach.", - "type": "string" - } - } - }, - "io.k8s.api.storage.v1beta1.VolumeAttachmentSpec": { - "description": "VolumeAttachmentSpec is the specification of a VolumeAttachment request.", - "type": "object", - "required": [ - "attacher", - "source", - "nodeName" - ], - "properties": { - "attacher": { - "description": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", - "type": "string" - }, - "nodeName": { - "description": "The node that the volume should be attached to.", - "type": "string" - }, - "source": { - "description": "Source represents the volume that should be attached.", - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentSource" - } - } - }, - "io.k8s.api.storage.v1beta1.VolumeAttachmentStatus": { - "description": "VolumeAttachmentStatus is the status of a VolumeAttachment request.", - "type": "object", - "required": [ - "attached" - ], - "properties": { - "attachError": { - "description": "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeError" - }, - "attached": { - "description": "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "type": "boolean" - }, - "attachmentMetadata": { - "description": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "detachError": { - "description": "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.", - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeError" - } - } - }, - "io.k8s.api.storage.v1beta1.VolumeError": { - "description": "VolumeError captures an error encountered during a volume operation.", - "type": "object", - "properties": { - "message": { - "description": "String detailing the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.", - "type": "string" - }, - "time": { - "description": "Time the error was encountered.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceColumnDefinition": { - "description": "CustomResourceColumnDefinition specifies a column for server side printing.", - "type": "object", - "required": [ - "name", - "type", - "JSONPath" - ], - "properties": { - "JSONPath": { - "description": "JSONPath is a simple JSON path, i.e. with array notation.", - "type": "string" - }, - "description": { - "description": "description is a human readable description of this column.", - "type": "string" - }, - "format": { - "description": "format is an optional OpenAPI type definition for this column. The 'name' format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - "type": "string" - }, - "name": { - "description": "name is a human readable name for the column.", - "type": "string" - }, - "priority": { - "description": "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.", - "type": "integer", - "format": "int32" - }, - "type": { - "description": "type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.", - "type": "string" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceConversion": { - "description": "CustomResourceConversion describes how to convert different versions of a CR.", - "type": "object", - "required": [ - "strategy" - ], - "properties": { - "strategy": { - "description": "`strategy` specifies the conversion strategy. Allowed values are: - `None`: The converter only change the apiVersion and would not touch any other field in the CR. - `Webhook`: API Server will call to an external webhook to do the conversion. Additional information is needed for this option.", - "type": "string" - }, - "webhookClientConfig": { - "description": "`webhookClientConfig` is the instructions for how to call the webhook if strategy is `Webhook`. This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.WebhookClientConfig" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition": { - "description": "CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format \u003c.spec.name\u003e.\u003c.spec.group\u003e.", - "type": "object", - "required": [ - "spec" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec describes how the user wants the resources to appear", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionSpec" - }, - "status": { - "description": "Status indicates the actual state of the CustomResourceDefinition", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinition", - "version": "v1beta1" - } - ] - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionCondition": { - "description": "CustomResourceDefinitionCondition contains details for the current condition of this pod.", - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Human-readable message indicating details about last transition.", - "type": "string" - }, - "reason": { - "description": "Unique, one-word, CamelCase reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status is the status of the condition. Can be True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type is the type of the condition.", - "type": "string" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionList": { - "description": "CustomResourceDefinitionList is a list of CustomResourceDefinition objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items individual CustomResourceDefinitions", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apiextensions.k8s.io", - "kind": "CustomResourceDefinitionList", - "version": "v1beta1" - } - ] - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames": { - "description": "CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition", - "type": "object", - "required": [ - "plural", - "kind" - ], - "properties": { - "categories": { - "description": "Categories is a list of grouped resources custom resources belong to (e.g. 'all')", - "type": "array", - "items": { - "type": "string" - } - }, - "kind": { - "description": "Kind is the serialized kind of the resource. It is normally CamelCase and singular.", - "type": "string" - }, - "listKind": { - "description": "ListKind is the serialized kind of the list for this resource. Defaults to \u003ckind\u003eList.", - "type": "string" - }, - "plural": { - "description": "Plural is the plural name of the resource to serve. It must match the name of the CustomResourceDefinition-registration too: plural.group and it must be all lowercase.", - "type": "string" - }, - "shortNames": { - "description": "ShortNames are short names for the resource. It must be all lowercase.", - "type": "array", - "items": { - "type": "string" - } - }, - "singular": { - "description": "Singular is the singular name of the resource. It must be all lowercase Defaults to lowercased \u003ckind\u003e", - "type": "string" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionSpec": { - "description": "CustomResourceDefinitionSpec describes how a user wants their resource to appear", - "type": "object", - "required": [ - "group", - "names", - "scope" - ], - "properties": { - "additionalPrinterColumns": { - "description": "AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column. Optional, the global columns for all versions. Top-level and per-version columns are mutually exclusive.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceColumnDefinition" - } - }, - "conversion": { - "description": "`conversion` defines conversion settings for the CRD.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceConversion" - }, - "group": { - "description": "Group is the group this resource belongs in", - "type": "string" - }, - "names": { - "description": "Names are the names used to describe this custom resource", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames" - }, - "scope": { - "description": "Scope indicates whether this resource is cluster or namespace scoped. Default is namespaced", - "type": "string" - }, - "subresources": { - "description": "Subresources describes the subresources for CustomResource Optional, the global subresources for all versions. Top-level and per-version subresources are mutually exclusive.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresources" - }, - "validation": { - "description": "Validation describes the validation methods for CustomResources Optional, the global validation schema for all versions. Top-level and per-version schemas are mutually exclusive.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceValidation" - }, - "version": { - "description": "Version is the version this resource belongs in Should be always first item in Versions field if provided. Optional, but at least one of Version or Versions must be set. Deprecated: Please use `Versions`.", - "type": "string" - }, - "versions": { - "description": "Versions is the list of all supported versions for this resource. If Version field is provided, this field is optional. Validation: All versions must use the same validation schema for now. i.e., top level Validation field is applied to all of these versions. Order: The version name will be used to compute the order. If the version string is \"kube-like\", it will sort above non \"kube-like\" version strings, which are ordered lexicographically. \"Kube-like\" versions start with a \"v\", then are followed by a number (the major version), then optionally the string \"alpha\" or \"beta\" and another number (the minor version). These are sorted first by GA \u003e beta \u003e alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionVersion" - } - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionStatus": { - "description": "CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition", - "type": "object", - "required": [ - "conditions", - "acceptedNames", - "storedVersions" - ], - "properties": { - "acceptedNames": { - "description": "AcceptedNames are the names that are actually being used to serve discovery They may be different than the names in spec.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames" - }, - "conditions": { - "description": "Conditions indicate state for particular aspects of a CustomResourceDefinition", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionCondition" - } - }, - "storedVersions": { - "description": "StoredVersions are all versions of CustomResources that were ever persisted. Tracking these versions allows a migration path for stored versions in etcd. The field is mutable so the migration controller can first finish a migration to another version (i.e. that no old objects are left in the storage), and then remove the rest of the versions from this list. None of the versions in this list can be removed from the spec.Versions field.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionVersion": { - "description": "CustomResourceDefinitionVersion describes a version for CRD.", - "type": "object", - "required": [ - "name", - "served", - "storage" - ], - "properties": { - "additionalPrinterColumns": { - "description": "AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column. Top-level and per-version columns are mutually exclusive. Per-version columns must not all be set to identical values (top-level columns should be used instead) This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature. NOTE: CRDs created prior to 1.13 populated the top-level additionalPrinterColumns field by default. To apply an update that changes to per-version additionalPrinterColumns, the top-level additionalPrinterColumns field must be explicitly set to null", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceColumnDefinition" - } - }, - "name": { - "description": "Name is the version name, e.g. “v1”, “v2beta1”, etc.", - "type": "string" - }, - "schema": { - "description": "Schema describes the schema for CustomResource used in validation, pruning, and defaulting. Top-level and per-version schemas are mutually exclusive. Per-version schemas must not all be set to identical values (top-level validation schema should be used instead) This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceValidation" - }, - "served": { - "description": "Served is a flag enabling/disabling this version from being served via REST APIs", - "type": "boolean" - }, - "storage": { - "description": "Storage flags the version as storage version. There must be exactly one flagged as storage version.", - "type": "boolean" - }, - "subresources": { - "description": "Subresources describes the subresources for CustomResource Top-level and per-version subresources are mutually exclusive. Per-version subresources must not all be set to identical values (top-level subresources should be used instead) This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresources" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceScale": { - "description": "CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.", - "type": "object", - "required": [ - "specReplicasPath", - "statusReplicasPath" - ], - "properties": { - "labelSelectorPath": { - "description": "LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. Must be set to work with HPA. If there is no value under the given path in the CustomResource, the status label selector value in the /scale subresource will default to the empty string.", - "type": "string" - }, - "specReplicasPath": { - "description": "SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .spec. If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.", - "type": "string" - }, - "statusReplicasPath": { - "description": "StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource will default to 0.", - "type": "string" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceStatus": { - "description": "CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources. Status is represented by the `.status` JSON path inside of a CustomResource. When set, * exposes a /status subresource for the custom resource * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza", - "type": "object" - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresources": { - "description": "CustomResourceSubresources defines the status and scale subresources for CustomResources.", - "type": "object", - "properties": { - "scale": { - "description": "Scale denotes the scale subresource for CustomResources", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceScale" - }, - "status": { - "description": "Status denotes the status subresource for CustomResources", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceStatus" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceValidation": { - "description": "CustomResourceValidation is a list of validation methods for CustomResources.", - "type": "object", - "properties": { - "openAPIV3Schema": { - "description": "OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ExternalDocumentation": { - "description": "ExternalDocumentation allows referencing an external resource for extended documentation.", - "type": "object", - "properties": { - "description": { - "type": "string" - }, - "url": { - "type": "string" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON": { - "description": "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps": { - "description": "JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).", - "type": "object", - "properties": { - "$ref": { - "type": "string" - }, - "$schema": { - "type": "string" - }, - "additionalItems": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrBool" - }, - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrBool" - }, - "allOf": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - } - }, - "anyOf": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - } - }, - "default": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON" - }, - "definitions": { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - } - }, - "dependencies": { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrStringArray" - } - }, - "description": { - "type": "string" - }, - "enum": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON" - } - }, - "example": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSON" - }, - "exclusiveMaximum": { - "type": "boolean" - }, - "exclusiveMinimum": { - "type": "boolean" - }, - "externalDocs": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ExternalDocumentation" - }, - "format": { - "type": "string" - }, - "id": { - "type": "string" - }, - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrArray" - }, - "maxItems": { - "type": "integer", - "format": "int64" - }, - "maxLength": { - "type": "integer", - "format": "int64" - }, - "maxProperties": { - "type": "integer", - "format": "int64" - }, - "maximum": { - "type": "number", - "format": "double" - }, - "minItems": { - "type": "integer", - "format": "int64" - }, - "minLength": { - "type": "integer", - "format": "int64" - }, - "minProperties": { - "type": "integer", - "format": "int64" - }, - "minimum": { - "type": "number", - "format": "double" - }, - "multipleOf": { - "type": "number", - "format": "double" - }, - "not": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - }, - "oneOf": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - } - }, - "pattern": { - "type": "string" - }, - "patternProperties": { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - } - }, - "properties": { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaProps" - } - }, - "required": { - "type": "array", - "items": { - "type": "string" - } - }, - "title": { - "type": "string" - }, - "type": { - "type": "string" - }, - "uniqueItems": { - "type": "boolean" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrArray": { - "description": "JSONSchemaPropsOrArray represents a value that can either be a JSONSchemaProps or an array of JSONSchemaProps. Mainly here for serialization purposes." - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrBool": { - "description": "JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value. Defaults to true for the boolean property." - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.JSONSchemaPropsOrStringArray": { - "description": "JSONSchemaPropsOrStringArray represents a JSONSchemaProps or a string array." - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ServiceReference": { - "description": "ServiceReference holds a reference to Service.legacy.k8s.io", - "type": "object", - "required": [ - "namespace", - "name" - ], - "properties": { - "name": { - "description": "`name` is the name of the service. Required", - "type": "string" - }, - "namespace": { - "description": "`namespace` is the namespace of the service. Required", - "type": "string" - }, - "path": { - "description": "`path` is an optional URL path which will be sent in any request to this service.", - "type": "string" - } - } - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.WebhookClientConfig": { - "description": "WebhookClientConfig contains the information to make a TLS connection with the webhook. It has the same field as admissionregistration.v1beta1.WebhookClientConfig.", - "type": "object", - "properties": { - "caBundle": { - "description": "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.", - "type": "string", - "format": "byte" - }, - "service": { - "description": "`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`.\n\nPort 443 will be used if it is open, otherwise it is an error.", - "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ServiceReference" - }, - "url": { - "description": "`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.\n\nThe `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed, either.", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.api.resource.Quantity": { - "description": "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and Int64() accessors.\n\nThe serialization format is:\n\n\u003cquantity\u003e ::= \u003csignedNumber\u003e\u003csuffix\u003e\n (Note that \u003csuffix\u003e may be empty, from the \"\" case in \u003cdecimalSI\u003e.)\n\u003cdigit\u003e ::= 0 | 1 | ... | 9 \u003cdigits\u003e ::= \u003cdigit\u003e | \u003cdigit\u003e\u003cdigits\u003e \u003cnumber\u003e ::= \u003cdigits\u003e | \u003cdigits\u003e.\u003cdigits\u003e | \u003cdigits\u003e. | .\u003cdigits\u003e \u003csign\u003e ::= \"+\" | \"-\" \u003csignedNumber\u003e ::= \u003cnumber\u003e | \u003csign\u003e\u003cnumber\u003e \u003csuffix\u003e ::= \u003cbinarySI\u003e | \u003cdecimalExponent\u003e | \u003cdecimalSI\u003e \u003cbinarySI\u003e ::= Ki | Mi | Gi | Ti | Pi | Ei\n (International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\u003cdecimalSI\u003e ::= m | \"\" | k | M | G | T | P | E\n (Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\u003cdecimalExponent\u003e ::= \"e\" \u003csignedNumber\u003e | \"E\" \u003csignedNumber\u003e\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n a. No precision is lost\n b. No fractional digits will be emitted\n c. The exponent (or suffix) is as large as possible.\nThe sign will be omitted unless the number is negative.\n\nExamples:\n 1.5 will be serialized as \"1500m\"\n 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.", - "type": "string" - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup": { - "description": "APIGroup contains the name, the supported versions, and the preferred version of a group.", - "type": "object", - "required": [ - "name", - "versions" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "name": { - "description": "name is the name of the group.", - "type": "string" - }, - "preferredVersion": { - "description": "preferredVersion is the version preferred by the API server, which probably is the storage version.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery" - }, - "serverAddressByClientCIDRs": { - "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" - } - }, - "versions": { - "description": "versions are the versions supported in this group.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "APIGroup", - "version": "v1" - } - ] - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.APIGroupList": { - "description": "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.", - "type": "object", - "required": [ - "groups" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "groups": { - "description": "groups is a list of APIGroup.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "APIGroupList", - "version": "v1" - } - ] - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.APIResource": { - "description": "APIResource specifies the name of a resource and whether it is namespaced.", - "type": "object", - "required": [ - "name", - "singularName", - "namespaced", - "kind", - "verbs" - ], - "properties": { - "categories": { - "description": "categories is a list of the grouped resources this resource belongs to (e.g. 'all')", - "type": "array", - "items": { - "type": "string" - } - }, - "group": { - "description": "group is the preferred group of the resource. Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".", - "type": "string" - }, - "kind": { - "description": "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')", - "type": "string" - }, - "name": { - "description": "name is the plural name of the resource.", - "type": "string" - }, - "namespaced": { - "description": "namespaced indicates if a resource is namespaced or not.", - "type": "boolean" - }, - "shortNames": { - "description": "shortNames is a list of suggested short names of the resource.", - "type": "array", - "items": { - "type": "string" - } - }, - "singularName": { - "description": "singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.", - "type": "string" - }, - "storageVersionHash": { - "description": "The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates.", - "type": "string" - }, - "verbs": { - "description": "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)", - "type": "array", - "items": { - "type": "string" - } - }, - "version": { - "description": "version is the preferred version of the resource. Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList": { - "description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", - "type": "object", - "required": [ - "groupVersion", - "resources" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "groupVersion": { - "description": "groupVersion is the group and version this APIResourceList is for.", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "resources": { - "description": "resources contains the name of the resources and if they are namespaced.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResource" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "APIResourceList", - "version": "v1" - } - ] - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.APIVersions": { - "description": "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.", - "type": "object", - "required": [ - "versions", - "serverAddressByClientCIDRs" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "serverAddressByClientCIDRs": { - "description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR" - } - }, - "versions": { - "description": "versions are the api versions that are available.", - "type": "array", - "items": { - "type": "string" - } - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "APIVersions", - "version": "v1" - } - ] - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions": { - "description": "DeleteOptions may be provided when deleting an API object.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "dryRun": { - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "type": "array", - "items": { - "type": "string" - } - }, - "gracePeriodSeconds": { - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "type": "integer", - "format": "int64" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "orphanDependents": { - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "type": "boolean" - }, - "preconditions": { - "description": "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions" - }, - "propagationPolicy": { - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "admission.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "admissionregistration.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "apiextensions.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "apiregistration.k8s.io", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "apiregistration.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "apps", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "apps", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "apps", - "kind": "DeleteOptions", - "version": "v1beta2" - }, - { - "group": "auditregistration.k8s.io", - "kind": "DeleteOptions", - "version": "v1alpha1" - }, - { - "group": "authentication.k8s.io", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "authentication.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "authorization.k8s.io", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "authorization.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "autoscaling", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "autoscaling", - "kind": "DeleteOptions", - "version": "v2beta1" - }, - { - "group": "autoscaling", - "kind": "DeleteOptions", - "version": "v2beta2" - }, - { - "group": "batch", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "batch", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "batch", - "kind": "DeleteOptions", - "version": "v2alpha1" - }, - { - "group": "certificates.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "coordination.k8s.io", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "coordination.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "events.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "extensions", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "imagepolicy.k8s.io", - "kind": "DeleteOptions", - "version": "v1alpha1" - }, - { - "group": "networking.k8s.io", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "policy", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "rbac.authorization.k8s.io", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "rbac.authorization.k8s.io", - "kind": "DeleteOptions", - "version": "v1alpha1" - }, - { - "group": "rbac.authorization.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "scheduling.k8s.io", - "kind": "DeleteOptions", - "version": "v1alpha1" - }, - { - "group": "scheduling.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - }, - { - "group": "settings.k8s.io", - "kind": "DeleteOptions", - "version": "v1alpha1" - }, - { - "group": "storage.k8s.io", - "kind": "DeleteOptions", - "version": "v1" - }, - { - "group": "storage.k8s.io", - "kind": "DeleteOptions", - "version": "v1alpha1" - }, - { - "group": "storage.k8s.io", - "kind": "DeleteOptions", - "version": "v1beta1" - } - ] - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.Fields": { - "description": "Fields stores a set of fields in a data structure like a Trie. To understand how this is used, see: https://github.com/kubernetes-sigs/structured-merge-diff", - "type": "object" - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.GroupVersionForDiscovery": { - "description": "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.", - "type": "object", - "required": [ - "groupVersion", - "version" - ], - "properties": { - "groupVersion": { - "description": "groupVersion specifies the API group and version in the form \"group/version\"", - "type": "string" - }, - "version": { - "description": "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.Initializer": { - "description": "Initializer is information about an initializer that has not yet completed.", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "description": "name of the process that is responsible for initializing this object.", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.Initializers": { - "description": "Initializers tracks the progress of initialization.", - "type": "object", - "required": [ - "pending" - ], - "properties": { - "pending": { - "description": "Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Initializer" + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ConfigMap", + "operationId": "readCoreV1NamespacedConfigMap", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } }, - "x-kubernetes-patch-merge-key": "name", - "x-kubernetes-patch-strategy": "merge" - }, - "result": { - "description": "If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector": { - "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", - "type": "object", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement" - } - }, - "matchLabels": { - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", - "type": "object", - "required": [ - "key", - "operator" - ], - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string", - "x-kubernetes-patch-merge-key": "key", - "x-kubernetes-patch-strategy": "merge" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta": { - "description": "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.", - "type": "object", - "properties": { - "continue": { - "description": "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.", - "type": "string" - }, - "resourceVersion": { - "description": "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", - "type": "string" - }, - "selfLink": { - "description": "selfLink is a URL representing this object. Populated by the system. Read-only.", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry": { - "description": "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the version of this resource that this field set applies to. The format is \"group/version\" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.", - "type": "string" - }, - "fields": { - "description": "Fields identifies a set of fields.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Fields" - }, - "manager": { - "description": "Manager is an identifier of the workflow managing these fields.", - "type": "string" - }, - "operation": { - "description": "Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.", - "type": "string" - }, - "time": { - "description": "Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply'", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime": { - "description": "MicroTime is version of Time with microsecond level precision.", - "type": "string", - "format": "date-time" - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta": { - "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", - "type": "object", - "properties": { - "annotations": { - "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "clusterName": { - "description": "The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.", - "type": "string" - }, - "creationTimestamp": { - "description": "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "deletionGracePeriodSeconds": { - "description": "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.", - "type": "integer", - "format": "int64" - }, - "deletionTimestamp": { - "description": "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "finalizers": { - "description": "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.", - "type": "array", - "items": { - "type": "string" + "parameters": [ + { + "description": "name of the ConfigMap", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ConfigMap", + "operationId": "patchCoreV1NamespacedConfigMap", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } }, - "x-kubernetes-patch-strategy": "merge" - }, - "generateName": { - "description": "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency", - "type": "string" - }, - "generation": { - "description": "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.", - "type": "integer", - "format": "int64" - }, - "initializers": { - "description": "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.\n\nWhen an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.\n\nDEPRECATED - initializers are an alpha field and will be removed in v1.15.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Initializers" - }, - "labels": { - "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", - "type": "object", - "additionalProperties": { - "type": "string" + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ConfigMap", + "operationId": "replaceCoreV1NamespacedConfigMap", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } } - }, - "managedFields": { - "description": "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.\n\nThis field is alpha and can be changed or removed without notice.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry" - } - }, - "name": { - "description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names", - "type": "string" - }, - "namespace": { - "description": "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces", - "type": "string" - }, - "ownerReferences": { - "description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference" + }, + "/api/v1/namespaces/{namespace}/endpoints": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Endpoints", + "operationId": "deleteCoreV1CollectionNamespacedEndpoints", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } }, - "x-kubernetes-patch-merge-key": "uid", - "x-kubernetes-patch-strategy": "merge" - }, - "resourceVersion": { - "description": "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency", - "type": "string" - }, - "selfLink": { - "description": "SelfLink is a URL representing this object. Populated by the system. Read-only.", - "type": "string" - }, - "uid": { - "description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference": { - "description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", - "type": "object", - "required": [ - "apiVersion", - "kind", - "name", - "uid" - ], - "properties": { - "apiVersion": { - "description": "API version of the referent.", - "type": "string" - }, - "blockOwnerDeletion": { - "description": "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", - "type": "boolean" - }, - "controller": { - "description": "If true, this reference points to the managing controller.", - "type": "boolean" - }, - "kind": { - "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "name": { - "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names", - "type": "string" - }, - "uid": { - "description": "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.Patch": { - "description": "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.", - "type": "object" - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions": { - "description": "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.", - "type": "object", - "properties": { - "uid": { - "description": "Specifies the target UID.", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.ServerAddressByClientCIDR": { - "description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", - "type": "object", - "required": [ - "clientCIDR", - "serverAddress" - ], - "properties": { - "clientCIDR": { - "description": "The CIDR with which clients can match their IP to figure out the server address that they should use.", - "type": "string" - }, - "serverAddress": { - "description": "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.Status": { - "description": "Status is a return value for calls that don't return other objects.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "code": { - "description": "Suggested HTTP return code for this status, 0 if not set.", - "type": "integer", - "format": "int32" - }, - "details": { - "description": "Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.StatusDetails" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "message": { - "description": "A human-readable description of the status of this operation.", - "type": "string" - }, - "metadata": { - "description": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - }, - "reason": { - "description": "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.", - "type": "string" - }, - "status": { - "description": "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "Status", - "version": "v1" - } - ] - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.StatusCause": { - "description": "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.", - "type": "object", - "properties": { - "field": { - "description": "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n \"name\" - the field \"name\" on the current resource\n \"items[0].name\" - the field \"name\" on the first array entry in \"items\"", - "type": "string" - }, - "message": { - "description": "A human-readable description of the cause of the error. This field may be presented as-is to a reader.", - "type": "string" - }, - "reason": { - "description": "A machine-readable description of the cause of the error. If this value is empty there is no information available.", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.StatusDetails": { - "description": "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.", - "type": "object", - "properties": { - "causes": { - "description": "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.StatusCause" - } - }, - "group": { - "description": "The group attribute of the resource associated with the status StatusReason.", - "type": "string" - }, - "kind": { - "description": "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "name": { - "description": "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).", - "type": "string" - }, - "retryAfterSeconds": { - "description": "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.", - "type": "integer", - "format": "int32" - }, - "uid": { - "description": "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids", - "type": "string" - } - } - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.Time": { - "description": "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", - "type": "string", - "format": "date-time" - }, - "io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent": { - "description": "Event represents a single event to a watched resource.", - "type": "object", - "required": [ - "type", - "object" - ], - "properties": { - "object": { - "description": "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n depending on context.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.runtime.RawExtension" - }, - "type": { - "type": "string" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "admission.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "admissionregistration.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "apiextensions.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "apiregistration.k8s.io", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "apiregistration.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "apps", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "apps", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "apps", - "kind": "WatchEvent", - "version": "v1beta2" - }, - { - "group": "auditregistration.k8s.io", - "kind": "WatchEvent", - "version": "v1alpha1" - }, - { - "group": "authentication.k8s.io", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "authentication.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "authorization.k8s.io", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "authorization.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "autoscaling", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "autoscaling", - "kind": "WatchEvent", - "version": "v2beta1" - }, - { - "group": "autoscaling", - "kind": "WatchEvent", - "version": "v2beta2" - }, - { - "group": "batch", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "batch", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "batch", - "kind": "WatchEvent", - "version": "v2alpha1" - }, - { - "group": "certificates.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "coordination.k8s.io", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "coordination.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "events.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "extensions", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "imagepolicy.k8s.io", - "kind": "WatchEvent", - "version": "v1alpha1" - }, - { - "group": "networking.k8s.io", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "policy", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "rbac.authorization.k8s.io", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "rbac.authorization.k8s.io", - "kind": "WatchEvent", - "version": "v1alpha1" - }, - { - "group": "rbac.authorization.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "scheduling.k8s.io", - "kind": "WatchEvent", - "version": "v1alpha1" - }, - { - "group": "scheduling.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - }, - { - "group": "settings.k8s.io", - "kind": "WatchEvent", - "version": "v1alpha1" - }, - { - "group": "storage.k8s.io", - "kind": "WatchEvent", - "version": "v1" - }, - { - "group": "storage.k8s.io", - "kind": "WatchEvent", - "version": "v1alpha1" - }, - { - "group": "storage.k8s.io", - "kind": "WatchEvent", - "version": "v1beta1" - } - ] - }, - "io.k8s.apimachinery.pkg.runtime.RawExtension": { - "description": "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.Object `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// External package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// On the wire, the JSON will look something like this: {\n\t\"kind\":\"MyAPIObject\",\n\t\"apiVersion\":\"v1\",\n\t\"myPlugin\": {\n\t\t\"kind\":\"PluginA\",\n\t\t\"aOption\":\"foo\",\n\t},\n}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)", - "type": "object", - "required": [ - "Raw" - ], - "properties": { - "Raw": { - "description": "Raw is the underlying serialization of this object.", - "type": "string", - "format": "byte" - } - } - }, - "io.k8s.apimachinery.pkg.util.intstr.IntOrString": { - "description": "IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.", - "type": "string", - "format": "int-or-string" - }, - "io.k8s.apimachinery.pkg.version.Info": { - "description": "Info contains versioning information. how we'll want to distribute that information.", - "type": "object", - "required": [ - "major", - "minor", - "gitVersion", - "gitCommit", - "gitTreeState", - "buildDate", - "goVersion", - "compiler", - "platform" - ], - "properties": { - "buildDate": { - "type": "string" - }, - "compiler": { - "type": "string" - }, - "gitCommit": { - "type": "string" - }, - "gitTreeState": { - "type": "string" - }, - "gitVersion": { - "type": "string" - }, - "goVersion": { - "type": "string" - }, - "major": { - "type": "string" - }, - "minor": { - "type": "string" - }, - "platform": { - "type": "string" - } - } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService": { - "description": "APIService represents a server for a particular GroupVersion. Name must be \"version.group\".", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec contains information for locating and communicating with a server", - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceSpec" - }, - "status": { - "description": "Status contains derived information about an API server", - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1" - } - ] - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceCondition": { - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Human-readable message indicating details about last transition.", - "type": "string" - }, - "reason": { - "description": "Unique, one-word, CamelCase reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status is the status of the condition. Can be True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type is the type of the condition.", - "type": "string" - } - } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceList": { - "description": "APIServiceList is a list of APIService objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apiregistration.k8s.io", - "kind": "APIServiceList", - "version": "v1" - } - ] - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceSpec": { - "description": "APIServiceSpec contains information for locating and communicating with a server. Only https is supported, though you are able to disable certificate verification.", - "type": "object", - "required": [ - "service", - "groupPriorityMinimum", - "versionPriority" - ], - "properties": { - "caBundle": { - "description": "CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. If unspecified, system trust roots on the apiserver are used.", - "type": "string", - "format": "byte" - }, - "group": { - "description": "Group is the API group name this server hosts", - "type": "string" - }, - "groupPriorityMinimum": { - "description": "GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object. (v1.bar before v1.foo) We'd recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s", - "type": "integer", - "format": "int32" - }, - "insecureSkipTLSVerify": { - "description": "InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged. You should use the CABundle instead.", - "type": "boolean" - }, - "service": { - "description": "Service is a reference to the service for this API server. It must communicate on port 443 If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled.", - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.ServiceReference" - }, - "version": { - "description": "Version is the API version this server hosts. For example, \"v1\"", - "type": "string" - }, - "versionPriority": { - "description": "VersionPriority controls the ordering of this API version inside of its group. Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). Since it's inside of a group, the number can be small, probably in the 10s. In case of equal version priorities, the version string will be used to compute the order inside a group. If the version string is \"kube-like\", it will sort above non \"kube-like\" version strings, which are ordered lexicographically. \"Kube-like\" versions start with a \"v\", then are followed by a number (the major version), then optionally the string \"alpha\" or \"beta\" and another number (the minor version). These are sorted first by GA \u003e beta \u003e alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceStatus": { - "description": "APIServiceStatus contains derived information about an API server", - "type": "object", - "properties": { - "conditions": { - "description": "Current service state of apiService.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceCondition" + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Endpoints", + "operationId": "listCoreV1NamespacedEndpoints", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.EndpointsList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - } - } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.ServiceReference": { - "description": "ServiceReference holds a reference to Service.legacy.k8s.io", - "type": "object", - "properties": { - "name": { - "description": "Name is the name of the service", - "type": "string" - }, - "namespace": { - "description": "Namespace is the namespace of the service", - "type": "string" - } - } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService": { - "description": "APIService represents a server for a particular GroupVersion. Name must be \"version.group\".", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" - }, - "spec": { - "description": "Spec contains information for locating and communicating with a server", - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceSpec" - }, - "status": { - "description": "Status contains derived information about an API server", - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceStatus" - } - }, - "x-kubernetes-group-version-kind": [ - { - "group": "apiregistration.k8s.io", - "kind": "APIService", - "version": "v1beta1" - } - ] - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceCondition": { - "type": "object", - "required": [ - "type", - "status" - ], - "properties": { - "lastTransitionTime": { - "description": "Last time the condition transitioned from one status to another.", - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" - }, - "message": { - "description": "Human-readable message indicating details about last transition.", - "type": "string" - }, - "reason": { - "description": "Unique, one-word, CamelCase reason for the condition's last transition.", - "type": "string" - }, - "status": { - "description": "Status is the status of the condition. Can be True, False, Unknown.", - "type": "string" - }, - "type": { - "description": "Type is the type of the condition.", - "type": "string" - } - } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceList": { - "description": "APIServiceList is a list of APIService objects.", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create Endpoints", + "operationId": "createCoreV1NamespacedEndpoints", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta" - } }, - "x-kubernetes-group-version-kind": [ - { - "group": "apiregistration.k8s.io", - "kind": "APIServiceList", - "version": "v1beta1" - } - ] - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceSpec": { - "description": "APIServiceSpec contains information for locating and communicating with a server. Only https is supported, though you are able to disable certificate verification.", - "type": "object", - "required": [ - "service", - "groupPriorityMinimum", - "versionPriority" - ], - "properties": { - "caBundle": { - "description": "CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. If unspecified, system trust roots on the apiserver are used.", - "type": "string", - "format": "byte" - }, - "group": { - "description": "Group is the API group name this server hosts", - "type": "string" - }, - "groupPriorityMinimum": { - "description": "GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object. (v1.bar before v1.foo) We'd recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s", - "type": "integer", - "format": "int32" - }, - "insecureSkipTLSVerify": { - "description": "InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged. You should use the CABundle instead.", - "type": "boolean" - }, - "service": { - "description": "Service is a reference to the service for this API server. It must communicate on port 443 If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled.", - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.ServiceReference" - }, - "version": { - "description": "Version is the API version this server hosts. For example, \"v1\"", - "type": "string" - }, - "versionPriority": { - "description": "VersionPriority controls the ordering of this API version inside of its group. Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). Since it's inside of a group, the number can be small, probably in the 10s. In case of equal version priorities, the version string will be used to compute the order inside a group. If the version string is \"kube-like\", it will sort above non \"kube-like\" version strings, which are ordered lexicographically. \"Kube-like\" versions start with a \"v\", then are followed by a number (the major version), then optionally the string \"alpha\" or \"beta\" and another number (the minor version). These are sorted first by GA \u003e beta \u003e alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.", - "type": "integer", - "format": "int32" - } - } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceStatus": { - "description": "APIServiceStatus contains derived information about an API server", - "type": "object", - "properties": { - "conditions": { - "description": "Current service state of apiService.", - "type": "array", - "items": { - "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceCondition" + "/api/v1/namespaces/{namespace}/endpoints/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete Endpoints", + "operationId": "deleteCoreV1NamespacedEndpoints", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } }, - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge" - } + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Endpoints", + "operationId": "readCoreV1NamespacedEndpoints", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Endpoints", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Endpoints", + "operationId": "patchCoreV1NamespacedEndpoints", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Endpoints", + "operationId": "replaceCoreV1NamespacedEndpoints", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/events": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Event", + "operationId": "deleteCoreV1CollectionNamespacedEvent", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Event", + "operationId": "listCoreV1NamespacedEvent", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.EventList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an Event", + "operationId": "createCoreV1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/events/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an Event", + "operationId": "deleteCoreV1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Event", + "operationId": "readCoreV1NamespacedEvent", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Event", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Event", + "operationId": "patchCoreV1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Event", + "operationId": "replaceCoreV1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/limitranges": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of LimitRange", + "operationId": "deleteCoreV1CollectionNamespacedLimitRange", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind LimitRange", + "operationId": "listCoreV1NamespacedLimitRange", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a LimitRange", + "operationId": "createCoreV1NamespacedLimitRange", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/limitranges/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a LimitRange", + "operationId": "deleteCoreV1NamespacedLimitRange", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified LimitRange", + "operationId": "readCoreV1NamespacedLimitRange", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the LimitRange", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified LimitRange", + "operationId": "patchCoreV1NamespacedLimitRange", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified LimitRange", + "operationId": "replaceCoreV1NamespacedLimitRange", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/persistentvolumeclaims": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PersistentVolumeClaim", + "operationId": "deleteCoreV1CollectionNamespacedPersistentVolumeClaim", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PersistentVolumeClaim", + "operationId": "listCoreV1NamespacedPersistentVolumeClaim", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PersistentVolumeClaim", + "operationId": "createCoreV1NamespacedPersistentVolumeClaim", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PersistentVolumeClaim", + "operationId": "deleteCoreV1NamespacedPersistentVolumeClaim", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PersistentVolumeClaim", + "operationId": "readCoreV1NamespacedPersistentVolumeClaim", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PersistentVolumeClaim", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PersistentVolumeClaim", + "operationId": "patchCoreV1NamespacedPersistentVolumeClaim", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PersistentVolumeClaim", + "operationId": "replaceCoreV1NamespacedPersistentVolumeClaim", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified PersistentVolumeClaim", + "operationId": "readCoreV1NamespacedPersistentVolumeClaimStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PersistentVolumeClaim", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified PersistentVolumeClaim", + "operationId": "patchCoreV1NamespacedPersistentVolumeClaimStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified PersistentVolumeClaim", + "operationId": "replaceCoreV1NamespacedPersistentVolumeClaimStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Pod", + "operationId": "deleteCoreV1CollectionNamespacedPod", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Pod", + "operationId": "listCoreV1NamespacedPod", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Pod", + "operationId": "createCoreV1NamespacedPod", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Pod", + "operationId": "deleteCoreV1NamespacedPod", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Pod", + "operationId": "readCoreV1NamespacedPod", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Pod", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Pod", + "operationId": "patchCoreV1NamespacedPod", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Pod", + "operationId": "replaceCoreV1NamespacedPod", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/attach": { + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to attach of Pod", + "operationId": "connectCoreV1GetNamespacedPodAttach", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodAttachOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The container in which to execute the command. Defaults to only container if there is only one container in the pod.", + "in": "query", + "name": "container", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the PodAttachOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Stderr if true indicates that stderr is to be redirected for the attach call. Defaults to true.", + "in": "query", + "name": "stderr", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Stdin if true, redirects the standard input stream of the pod for this call. Defaults to false.", + "in": "query", + "name": "stdin", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Stdout if true indicates that stdout is to be redirected for the attach call. Defaults to true.", + "in": "query", + "name": "stdout", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "TTY if true indicates that a tty will be allocated for the attach call. This is passed through the container runtime so the tty is allocated on the worker node by the container runtime. Defaults to false.", + "in": "query", + "name": "tty", + "type": "boolean", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to attach of Pod", + "operationId": "connectCoreV1PostNamespacedPodAttach", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodAttachOptions", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/binding": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the Binding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create binding of a Pod", + "operationId": "createCoreV1NamespacedPodBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Binding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Binding", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/eviction": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the Eviction", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create eviction of a Pod", + "operationId": "createCoreV1NamespacedPodEviction", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "Eviction", + "version": "v1beta1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/exec": { + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to exec of Pod", + "operationId": "connectCoreV1GetNamespacedPodExec", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodExecOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "Command is the remote command to execute. argv array. Not executed within a shell.", + "in": "query", + "name": "command", + "type": "string", + "uniqueItems": true + }, + { + "description": "Container in which to execute the command. Defaults to only container if there is only one container in the pod.", + "in": "query", + "name": "container", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the PodExecOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Redirect the standard error stream of the pod for this call. Defaults to true.", + "in": "query", + "name": "stderr", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Redirect the standard input stream of the pod for this call. Defaults to false.", + "in": "query", + "name": "stdin", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Redirect the standard output stream of the pod for this call. Defaults to true.", + "in": "query", + "name": "stdout", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "TTY if true indicates that a tty will be allocated for the exec call. Defaults to false.", + "in": "query", + "name": "tty", + "type": "boolean", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to exec of Pod", + "operationId": "connectCoreV1PostNamespacedPodExec", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodExecOptions", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/log": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read log of the specified Pod", + "operationId": "readCoreV1NamespacedPodLog", + "produces": [ + "text/plain", + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The container for which to stream logs. Defaults to only container if there is one container in the pod.", + "in": "query", + "name": "container", + "type": "string", + "uniqueItems": true + }, + { + "description": "Follow the log stream of the pod. Defaults to false.", + "in": "query", + "name": "follow", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.", + "in": "query", + "name": "limitBytes", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Pod", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "Return previous terminated container logs. Defaults to false.", + "in": "query", + "name": "previous", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.", + "in": "query", + "name": "sinceSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime", + "in": "query", + "name": "tailLines", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false.", + "in": "query", + "name": "timestamps", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/namespaces/{namespace}/pods/{name}/portforward": { + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to portforward of Pod", + "operationId": "connectCoreV1GetNamespacedPodPortforward", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodPortForwardOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PodPortForwardOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "List of ports to forward Required when using WebSockets", + "in": "query", + "name": "ports", + "type": "integer", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to portforward of Pod", + "operationId": "connectCoreV1PostNamespacedPodPortforward", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodPortForwardOptions", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/proxy": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "connect DELETE requests to proxy of Pod", + "operationId": "connectCoreV1DeleteNamespacedPodProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to proxy of Pod", + "operationId": "connectCoreV1GetNamespacedPodProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "head": { + "consumes": [ + "*/*" + ], + "description": "connect HEAD requests to proxy of Pod", + "operationId": "connectCoreV1HeadNamespacedPodProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "options": { + "consumes": [ + "*/*" + ], + "description": "connect OPTIONS requests to proxy of Pod", + "operationId": "connectCoreV1OptionsNamespacedPodProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PodProxyOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Path is the URL path to use for the current proxy request to pod.", + "in": "query", + "name": "path", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "*/*" + ], + "description": "connect PATCH requests to proxy of Pod", + "operationId": "connectCoreV1PatchNamespacedPodProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to proxy of Pod", + "operationId": "connectCoreV1PostNamespacedPodProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "connect PUT requests to proxy of Pod", + "operationId": "connectCoreV1PutNamespacedPodProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/proxy/{path}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "connect DELETE requests to proxy of Pod", + "operationId": "connectCoreV1DeleteNamespacedPodProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to proxy of Pod", + "operationId": "connectCoreV1GetNamespacedPodProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "head": { + "consumes": [ + "*/*" + ], + "description": "connect HEAD requests to proxy of Pod", + "operationId": "connectCoreV1HeadNamespacedPodProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "options": { + "consumes": [ + "*/*" + ], + "description": "connect OPTIONS requests to proxy of Pod", + "operationId": "connectCoreV1OptionsNamespacedPodProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PodProxyOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "path to the resource", + "in": "path", + "name": "path", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Path is the URL path to use for the current proxy request to pod.", + "in": "query", + "name": "path", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "*/*" + ], + "description": "connect PATCH requests to proxy of Pod", + "operationId": "connectCoreV1PatchNamespacedPodProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to proxy of Pod", + "operationId": "connectCoreV1PostNamespacedPodProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "connect PUT requests to proxy of Pod", + "operationId": "connectCoreV1PutNamespacedPodProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodProxyOptions", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/pods/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Pod", + "operationId": "readCoreV1NamespacedPodStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Pod", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Pod", + "operationId": "patchCoreV1NamespacedPodStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Pod", + "operationId": "replaceCoreV1NamespacedPodStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Pod" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/podtemplates": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PodTemplate", + "operationId": "deleteCoreV1CollectionNamespacedPodTemplate", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodTemplate", + "operationId": "listCoreV1NamespacedPodTemplate", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PodTemplate", + "operationId": "createCoreV1NamespacedPodTemplate", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/podtemplates/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PodTemplate", + "operationId": "deleteCoreV1NamespacedPodTemplate", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PodTemplate", + "operationId": "readCoreV1NamespacedPodTemplate", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PodTemplate", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PodTemplate", + "operationId": "patchCoreV1NamespacedPodTemplate", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PodTemplate", + "operationId": "replaceCoreV1NamespacedPodTemplate", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/replicationcontrollers": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ReplicationController", + "operationId": "deleteCoreV1CollectionNamespacedReplicationController", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicationController", + "operationId": "listCoreV1NamespacedReplicationController", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ReplicationController", + "operationId": "createCoreV1NamespacedReplicationController", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/replicationcontrollers/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ReplicationController", + "operationId": "deleteCoreV1NamespacedReplicationController", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ReplicationController", + "operationId": "readCoreV1NamespacedReplicationController", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ReplicationController", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ReplicationController", + "operationId": "patchCoreV1NamespacedReplicationController", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ReplicationController", + "operationId": "replaceCoreV1NamespacedReplicationController", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/replicationcontrollers/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified ReplicationController", + "operationId": "readCoreV1NamespacedReplicationControllerScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified ReplicationController", + "operationId": "patchCoreV1NamespacedReplicationControllerScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified ReplicationController", + "operationId": "replaceCoreV1NamespacedReplicationControllerScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/replicationcontrollers/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified ReplicationController", + "operationId": "readCoreV1NamespacedReplicationControllerStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ReplicationController", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified ReplicationController", + "operationId": "patchCoreV1NamespacedReplicationControllerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified ReplicationController", + "operationId": "replaceCoreV1NamespacedReplicationControllerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/resourcequotas": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ResourceQuota", + "operationId": "deleteCoreV1CollectionNamespacedResourceQuota", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ResourceQuota", + "operationId": "listCoreV1NamespacedResourceQuota", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ResourceQuota", + "operationId": "createCoreV1NamespacedResourceQuota", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/resourcequotas/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ResourceQuota", + "operationId": "deleteCoreV1NamespacedResourceQuota", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ResourceQuota", + "operationId": "readCoreV1NamespacedResourceQuota", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ResourceQuota", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ResourceQuota", + "operationId": "patchCoreV1NamespacedResourceQuota", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ResourceQuota", + "operationId": "replaceCoreV1NamespacedResourceQuota", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/resourcequotas/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified ResourceQuota", + "operationId": "readCoreV1NamespacedResourceQuotaStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ResourceQuota", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified ResourceQuota", + "operationId": "patchCoreV1NamespacedResourceQuotaStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified ResourceQuota", + "operationId": "replaceCoreV1NamespacedResourceQuotaStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/secrets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Secret", + "operationId": "deleteCoreV1CollectionNamespacedSecret", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Secret", + "operationId": "listCoreV1NamespacedSecret", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Secret", + "operationId": "createCoreV1NamespacedSecret", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/secrets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Secret", + "operationId": "deleteCoreV1NamespacedSecret", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Secret", + "operationId": "readCoreV1NamespacedSecret", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Secret", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Secret", + "operationId": "patchCoreV1NamespacedSecret", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Secret", + "operationId": "replaceCoreV1NamespacedSecret", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Secret" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/serviceaccounts": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ServiceAccount", + "operationId": "deleteCoreV1CollectionNamespacedServiceAccount", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ServiceAccount", + "operationId": "listCoreV1NamespacedServiceAccount", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ServiceAccount", + "operationId": "createCoreV1NamespacedServiceAccount", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/serviceaccounts/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ServiceAccount", + "operationId": "deleteCoreV1NamespacedServiceAccount", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ServiceAccount", + "operationId": "readCoreV1NamespacedServiceAccount", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ServiceAccount", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ServiceAccount", + "operationId": "patchCoreV1NamespacedServiceAccount", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ServiceAccount", + "operationId": "replaceCoreV1NamespacedServiceAccount", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/services": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Service", + "operationId": "listCoreV1NamespacedService", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Service", + "operationId": "createCoreV1NamespacedService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/services/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Service", + "operationId": "deleteCoreV1NamespacedService", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Service", + "operationId": "readCoreV1NamespacedService", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Service", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Service", + "operationId": "patchCoreV1NamespacedService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Service", + "operationId": "replaceCoreV1NamespacedService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/services/{name}/proxy": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "connect DELETE requests to proxy of Service", + "operationId": "connectCoreV1DeleteNamespacedServiceProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to proxy of Service", + "operationId": "connectCoreV1GetNamespacedServiceProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "head": { + "consumes": [ + "*/*" + ], + "description": "connect HEAD requests to proxy of Service", + "operationId": "connectCoreV1HeadNamespacedServiceProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "options": { + "consumes": [ + "*/*" + ], + "description": "connect OPTIONS requests to proxy of Service", + "operationId": "connectCoreV1OptionsNamespacedServiceProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ServiceProxyOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.", + "in": "query", + "name": "path", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "*/*" + ], + "description": "connect PATCH requests to proxy of Service", + "operationId": "connectCoreV1PatchNamespacedServiceProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to proxy of Service", + "operationId": "connectCoreV1PostNamespacedServiceProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "connect PUT requests to proxy of Service", + "operationId": "connectCoreV1PutNamespacedServiceProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/services/{name}/proxy/{path}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "connect DELETE requests to proxy of Service", + "operationId": "connectCoreV1DeleteNamespacedServiceProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to proxy of Service", + "operationId": "connectCoreV1GetNamespacedServiceProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "head": { + "consumes": [ + "*/*" + ], + "description": "connect HEAD requests to proxy of Service", + "operationId": "connectCoreV1HeadNamespacedServiceProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "options": { + "consumes": [ + "*/*" + ], + "description": "connect OPTIONS requests to proxy of Service", + "operationId": "connectCoreV1OptionsNamespacedServiceProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ServiceProxyOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "path to the resource", + "in": "path", + "name": "path", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Path is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.", + "in": "query", + "name": "path", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "*/*" + ], + "description": "connect PATCH requests to proxy of Service", + "operationId": "connectCoreV1PatchNamespacedServiceProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to proxy of Service", + "operationId": "connectCoreV1PostNamespacedServiceProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "connect PUT requests to proxy of Service", + "operationId": "connectCoreV1PutNamespacedServiceProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceProxyOptions", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{namespace}/services/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Service", + "operationId": "readCoreV1NamespacedServiceStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Service", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Service", + "operationId": "patchCoreV1NamespacedServiceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Service", + "operationId": "replaceCoreV1NamespacedServiceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Service" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Namespace", + "operationId": "deleteCoreV1Namespace", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Namespace", + "operationId": "readCoreV1Namespace", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Namespace", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Namespace", + "operationId": "patchCoreV1Namespace", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Namespace", + "operationId": "replaceCoreV1Namespace", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{name}/finalize": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the Namespace", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "put": { + "consumes": [ + "*/*" + ], + "description": "replace finalize of the specified Namespace", + "operationId": "replaceCoreV1NamespaceFinalize", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + } + }, + "/api/v1/namespaces/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Namespace", + "operationId": "readCoreV1NamespaceStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Namespace", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Namespace", + "operationId": "patchCoreV1NamespaceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Namespace", + "operationId": "replaceCoreV1NamespaceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + } + }, + "/api/v1/nodes": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Node", + "operationId": "deleteCoreV1CollectionNode", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Node", + "operationId": "listCoreV1Node", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.NodeList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Node", + "operationId": "createCoreV1Node", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + } + }, + "/api/v1/nodes/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Node", + "operationId": "deleteCoreV1Node", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Node", + "operationId": "readCoreV1Node", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Node", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Node", + "operationId": "patchCoreV1Node", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Node", + "operationId": "replaceCoreV1Node", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + } + }, + "/api/v1/nodes/{name}/proxy": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "connect DELETE requests to proxy of Node", + "operationId": "connectCoreV1DeleteNodeProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to proxy of Node", + "operationId": "connectCoreV1GetNodeProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "head": { + "consumes": [ + "*/*" + ], + "description": "connect HEAD requests to proxy of Node", + "operationId": "connectCoreV1HeadNodeProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "options": { + "consumes": [ + "*/*" + ], + "description": "connect OPTIONS requests to proxy of Node", + "operationId": "connectCoreV1OptionsNodeProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the NodeProxyOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Path is the URL path to use for the current proxy request to node.", + "in": "query", + "name": "path", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "*/*" + ], + "description": "connect PATCH requests to proxy of Node", + "operationId": "connectCoreV1PatchNodeProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to proxy of Node", + "operationId": "connectCoreV1PostNodeProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "connect PUT requests to proxy of Node", + "operationId": "connectCoreV1PutNodeProxy", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + } + }, + "/api/v1/nodes/{name}/proxy/{path}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "connect DELETE requests to proxy of Node", + "operationId": "connectCoreV1DeleteNodeProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "connect GET requests to proxy of Node", + "operationId": "connectCoreV1GetNodeProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "head": { + "consumes": [ + "*/*" + ], + "description": "connect HEAD requests to proxy of Node", + "operationId": "connectCoreV1HeadNodeProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "options": { + "consumes": [ + "*/*" + ], + "description": "connect OPTIONS requests to proxy of Node", + "operationId": "connectCoreV1OptionsNodeProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the NodeProxyOptions", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "path to the resource", + "in": "path", + "name": "path", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "Path is the URL path to use for the current proxy request to node.", + "in": "query", + "name": "path", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "*/*" + ], + "description": "connect PATCH requests to proxy of Node", + "operationId": "connectCoreV1PatchNodeProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "post": { + "consumes": [ + "*/*" + ], + "description": "connect POST requests to proxy of Node", + "operationId": "connectCoreV1PostNodeProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "connect PUT requests to proxy of Node", + "operationId": "connectCoreV1PutNodeProxyWithPath", + "produces": [ + "*/*" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "type": "string" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "connect", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "NodeProxyOptions", + "version": "v1" + } + } + }, + "/api/v1/nodes/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Node", + "operationId": "readCoreV1NodeStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Node", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Node", + "operationId": "patchCoreV1NodeStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Node", + "operationId": "replaceCoreV1NodeStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.Node" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + } + }, + "/api/v1/persistentvolumeclaims": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PersistentVolumeClaim", + "operationId": "listCoreV1PersistentVolumeClaimForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/persistentvolumes": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PersistentVolume", + "operationId": "deleteCoreV1CollectionPersistentVolume", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PersistentVolume", + "operationId": "listCoreV1PersistentVolume", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PersistentVolume", + "operationId": "createCoreV1PersistentVolume", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + } + }, + "/api/v1/persistentvolumes/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PersistentVolume", + "operationId": "deleteCoreV1PersistentVolume", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PersistentVolume", + "operationId": "readCoreV1PersistentVolume", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PersistentVolume", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PersistentVolume", + "operationId": "patchCoreV1PersistentVolume", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PersistentVolume", + "operationId": "replaceCoreV1PersistentVolume", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + } + }, + "/api/v1/persistentvolumes/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified PersistentVolume", + "operationId": "readCoreV1PersistentVolumeStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the PersistentVolume", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified PersistentVolume", + "operationId": "patchCoreV1PersistentVolumeStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified PersistentVolume", + "operationId": "replaceCoreV1PersistentVolumeStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + } + }, + "/api/v1/pods": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Pod", + "operationId": "listCoreV1PodForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/podtemplates": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodTemplate", + "operationId": "listCoreV1PodTemplateForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/replicationcontrollers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicationController", + "operationId": "listCoreV1ReplicationControllerForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/resourcequotas": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ResourceQuota", + "operationId": "listCoreV1ResourceQuotaForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/secrets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Secret", + "operationId": "listCoreV1SecretForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.SecretList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/serviceaccounts": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ServiceAccount", + "operationId": "listCoreV1ServiceAccountForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/services": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Service", + "operationId": "listCoreV1ServiceForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.core.v1.ServiceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/configmaps": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ConfigMap. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1ConfigMapListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/endpoints": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1EndpointsListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/events": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1EventListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/limitranges": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1LimitRangeListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Namespace. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespaceList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/configmaps": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ConfigMap. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedConfigMapList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/configmaps/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ConfigMap. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedConfigMap", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ConfigMap", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ConfigMap", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/endpoints": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedEndpointsList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/endpoints/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Endpoints. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedEndpoints", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Endpoints", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Endpoints", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/events": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedEventList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/events/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Event. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedEvent", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Event", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Event", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/limitranges": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedLimitRangeList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/limitranges/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind LimitRange. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedLimitRange", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "LimitRange", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the LimitRange", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/persistentvolumeclaims": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedPersistentVolumeClaimList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/persistentvolumeclaims/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedPersistentVolumeClaim", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PersistentVolumeClaim", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/pods": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Pod. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedPodList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/pods/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Pod. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedPod", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Pod", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/podtemplates": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodTemplate. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedPodTemplateList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/podtemplates/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PodTemplate. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedPodTemplate", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PodTemplate", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/replicationcontrollers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicationController. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedReplicationControllerList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/replicationcontrollers/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ReplicationController. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedReplicationController", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ReplicationController", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/resourcequotas": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedResourceQuotaList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/resourcequotas/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedResourceQuota", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ResourceQuota", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/secrets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Secret. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedSecretList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/secrets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Secret. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedSecret", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Secret", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/serviceaccounts": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedServiceAccountList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/serviceaccounts/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedServiceAccount", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ServiceAccount", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/services": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NamespacedServiceList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{namespace}/services/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Service. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1NamespacedService", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Service", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/namespaces/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Namespace. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1Namespace", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Namespace", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Namespace", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/nodes": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Node. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1NodeList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/nodes/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Node. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1Node", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Node", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Node", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/persistentvolumeclaims": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1PersistentVolumeClaimListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolumeClaim", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/persistentvolumes": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PersistentVolume. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1PersistentVolumeList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/persistentvolumes/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PersistentVolume. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoreV1PersistentVolume", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PersistentVolume", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PersistentVolume", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/pods": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Pod. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1PodListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Pod", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/podtemplates": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodTemplate. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1PodTemplateListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "PodTemplate", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/replicationcontrollers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicationController. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1ReplicationControllerListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ReplicationController", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/resourcequotas": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1ResourceQuotaListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ResourceQuota", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/secrets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Secret. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1SecretListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Secret", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/serviceaccounts": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1ServiceAccountListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "ServiceAccount", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/api/v1/watch/services": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoreV1ServiceListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "core_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "", + "kind": "Service", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available API versions", + "operationId": "getAPIVersions", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroupList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apis" + ] + } + }, + "/apis/admissionregistration.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getAdmissionregistrationAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration" + ] + } + }, + "/apis/admissionregistration.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAdmissionregistrationV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ] + } + }, + "/apis/admissionregistration.k8s.io/v1beta1/mutatingwebhookconfigurations": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of MutatingWebhookConfiguration", + "operationId": "deleteAdmissionregistrationV1beta1CollectionMutatingWebhookConfiguration", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind MutatingWebhookConfiguration", + "operationId": "listAdmissionregistrationV1beta1MutatingWebhookConfiguration", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfigurationList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a MutatingWebhookConfiguration", + "operationId": "createAdmissionregistrationV1beta1MutatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + } + }, + "/apis/admissionregistration.k8s.io/v1beta1/mutatingwebhookconfigurations/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a MutatingWebhookConfiguration", + "operationId": "deleteAdmissionregistrationV1beta1MutatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified MutatingWebhookConfiguration", + "operationId": "readAdmissionregistrationV1beta1MutatingWebhookConfiguration", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the MutatingWebhookConfiguration", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified MutatingWebhookConfiguration", + "operationId": "patchAdmissionregistrationV1beta1MutatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified MutatingWebhookConfiguration", + "operationId": "replaceAdmissionregistrationV1beta1MutatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.MutatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + } + }, + "/apis/admissionregistration.k8s.io/v1beta1/validatingwebhookconfigurations": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ValidatingWebhookConfiguration", + "operationId": "deleteAdmissionregistrationV1beta1CollectionValidatingWebhookConfiguration", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ValidatingWebhookConfiguration", + "operationId": "listAdmissionregistrationV1beta1ValidatingWebhookConfiguration", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfigurationList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ValidatingWebhookConfiguration", + "operationId": "createAdmissionregistrationV1beta1ValidatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + } + }, + "/apis/admissionregistration.k8s.io/v1beta1/validatingwebhookconfigurations/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ValidatingWebhookConfiguration", + "operationId": "deleteAdmissionregistrationV1beta1ValidatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ValidatingWebhookConfiguration", + "operationId": "readAdmissionregistrationV1beta1ValidatingWebhookConfiguration", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the ValidatingWebhookConfiguration", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ValidatingWebhookConfiguration", + "operationId": "patchAdmissionregistrationV1beta1ValidatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ValidatingWebhookConfiguration", + "operationId": "replaceAdmissionregistrationV1beta1ValidatingWebhookConfiguration", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1beta1.ValidatingWebhookConfiguration" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + } + }, + "/apis/admissionregistration.k8s.io/v1beta1/watch/mutatingwebhookconfigurations": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of MutatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAdmissionregistrationV1beta1MutatingWebhookConfigurationList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/admissionregistration.k8s.io/v1beta1/watch/mutatingwebhookconfigurations/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind MutatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAdmissionregistrationV1beta1MutatingWebhookConfiguration", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "MutatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the MutatingWebhookConfiguration", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/admissionregistration.k8s.io/v1beta1/watch/validatingwebhookconfigurations": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ValidatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAdmissionregistrationV1beta1ValidatingWebhookConfigurationList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/admissionregistration.k8s.io/v1beta1/watch/validatingwebhookconfigurations/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ValidatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAdmissionregistrationV1beta1ValidatingWebhookConfiguration", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingWebhookConfiguration", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ValidatingWebhookConfiguration", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apiextensions.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getApiextensionsAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions" + ] + } + }, + "/apis/apiextensions.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getApiextensionsV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ] + } + }, + "/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of CustomResourceDefinition", + "operationId": "deleteApiextensionsV1beta1CollectionCustomResourceDefinition", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind CustomResourceDefinition", + "operationId": "listApiextensionsV1beta1CustomResourceDefinition", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a CustomResourceDefinition", + "operationId": "createApiextensionsV1beta1CustomResourceDefinition", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + } + }, + "/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a CustomResourceDefinition", + "operationId": "deleteApiextensionsV1beta1CustomResourceDefinition", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified CustomResourceDefinition", + "operationId": "readApiextensionsV1beta1CustomResourceDefinition", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the CustomResourceDefinition", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified CustomResourceDefinition", + "operationId": "patchApiextensionsV1beta1CustomResourceDefinition", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified CustomResourceDefinition", + "operationId": "replaceApiextensionsV1beta1CustomResourceDefinition", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + } + }, + "/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified CustomResourceDefinition", + "operationId": "readApiextensionsV1beta1CustomResourceDefinitionStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the CustomResourceDefinition", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified CustomResourceDefinition", + "operationId": "patchApiextensionsV1beta1CustomResourceDefinitionStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified CustomResourceDefinition", + "operationId": "replaceApiextensionsV1beta1CustomResourceDefinitionStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinition" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + } + }, + "/apis/apiextensions.k8s.io/v1beta1/watch/customresourcedefinitions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchApiextensionsV1beta1CustomResourceDefinitionList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apiextensions.k8s.io/v1beta1/watch/customresourcedefinitions/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchApiextensionsV1beta1CustomResourceDefinition", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiextensions_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apiextensions.k8s.io", + "kind": "CustomResourceDefinition", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the CustomResourceDefinition", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apiregistration.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getApiregistrationAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration" + ] + } + }, + "/apis/apiregistration.k8s.io/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getApiregistrationV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ] + } + }, + "/apis/apiregistration.k8s.io/v1/apiservices": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of APIService", + "operationId": "deleteApiregistrationV1CollectionAPIService", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind APIService", + "operationId": "listApiregistrationV1APIService", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIServiceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an APIService", + "operationId": "createApiregistrationV1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + } + }, + "/apis/apiregistration.k8s.io/v1/apiservices/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an APIService", + "operationId": "deleteApiregistrationV1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified APIService", + "operationId": "readApiregistrationV1APIService", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the APIService", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified APIService", + "operationId": "patchApiregistrationV1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified APIService", + "operationId": "replaceApiregistrationV1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + } + }, + "/apis/apiregistration.k8s.io/v1/apiservices/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified APIService", + "operationId": "readApiregistrationV1APIServiceStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the APIService", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified APIService", + "operationId": "patchApiregistrationV1APIServiceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified APIService", + "operationId": "replaceApiregistrationV1APIServiceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + } + }, + "/apis/apiregistration.k8s.io/v1/watch/apiservices": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of APIService. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchApiregistrationV1APIServiceList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apiregistration.k8s.io/v1/watch/apiservices/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind APIService. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchApiregistrationV1APIService", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the APIService", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apiregistration.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getApiregistrationV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ] + } + }, + "/apis/apiregistration.k8s.io/v1beta1/apiservices": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of APIService", + "operationId": "deleteApiregistrationV1beta1CollectionAPIService", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind APIService", + "operationId": "listApiregistrationV1beta1APIService", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIServiceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an APIService", + "operationId": "createApiregistrationV1beta1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + } + }, + "/apis/apiregistration.k8s.io/v1beta1/apiservices/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an APIService", + "operationId": "deleteApiregistrationV1beta1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified APIService", + "operationId": "readApiregistrationV1beta1APIService", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the APIService", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified APIService", + "operationId": "patchApiregistrationV1beta1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified APIService", + "operationId": "replaceApiregistrationV1beta1APIService", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + } + }, + "/apis/apiregistration.k8s.io/v1beta1/apiservices/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified APIService", + "operationId": "readApiregistrationV1beta1APIServiceStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the APIService", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified APIService", + "operationId": "patchApiregistrationV1beta1APIServiceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified APIService", + "operationId": "replaceApiregistrationV1beta1APIServiceStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.APIService" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + } + }, + "/apis/apiregistration.k8s.io/v1beta1/watch/apiservices": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of APIService. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchApiregistrationV1beta1APIServiceList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apiregistration.k8s.io/v1beta1/watch/apiservices/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind APIService. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchApiregistrationV1beta1APIService", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apiregistration_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apiregistration.k8s.io", + "kind": "APIService", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the APIService", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getAppsAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps" + ] + } + }, + "/apis/apps/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAppsV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ] + } + }, + "/apis/apps/v1/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ControllerRevision", + "operationId": "listAppsV1ControllerRevisionForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevisionList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind DaemonSet", + "operationId": "listAppsV1DaemonSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listAppsV1DeploymentForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/namespaces/{namespace}/controllerrevisions": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ControllerRevision", + "operationId": "deleteAppsV1CollectionNamespacedControllerRevision", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ControllerRevision", + "operationId": "listAppsV1NamespacedControllerRevision", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevisionList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ControllerRevision", + "operationId": "createAppsV1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/controllerrevisions/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ControllerRevision", + "operationId": "deleteAppsV1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ControllerRevision", + "operationId": "readAppsV1NamespacedControllerRevision", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ControllerRevision", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ControllerRevision", + "operationId": "patchAppsV1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ControllerRevision", + "operationId": "replaceAppsV1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/daemonsets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of DaemonSet", + "operationId": "deleteAppsV1CollectionNamespacedDaemonSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind DaemonSet", + "operationId": "listAppsV1NamespacedDaemonSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a DaemonSet", + "operationId": "createAppsV1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/daemonsets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a DaemonSet", + "operationId": "deleteAppsV1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified DaemonSet", + "operationId": "readAppsV1NamespacedDaemonSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified DaemonSet", + "operationId": "patchAppsV1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified DaemonSet", + "operationId": "replaceAppsV1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/daemonsets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified DaemonSet", + "operationId": "readAppsV1NamespacedDaemonSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified DaemonSet", + "operationId": "patchAppsV1NamespacedDaemonSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified DaemonSet", + "operationId": "replaceAppsV1NamespacedDaemonSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/deployments": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Deployment", + "operationId": "deleteAppsV1CollectionNamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listAppsV1NamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Deployment", + "operationId": "createAppsV1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/deployments/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Deployment", + "operationId": "deleteAppsV1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Deployment", + "operationId": "readAppsV1NamespacedDeployment", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Deployment", + "operationId": "patchAppsV1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Deployment", + "operationId": "replaceAppsV1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/deployments/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified Deployment", + "operationId": "readAppsV1NamespacedDeploymentScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified Deployment", + "operationId": "patchAppsV1NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified Deployment", + "operationId": "replaceAppsV1NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/deployments/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Deployment", + "operationId": "readAppsV1NamespacedDeploymentStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Deployment", + "operationId": "patchAppsV1NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Deployment", + "operationId": "replaceAppsV1NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/replicasets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ReplicaSet", + "operationId": "deleteAppsV1CollectionNamespacedReplicaSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicaSet", + "operationId": "listAppsV1NamespacedReplicaSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ReplicaSet", + "operationId": "createAppsV1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/replicasets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ReplicaSet", + "operationId": "deleteAppsV1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ReplicaSet", + "operationId": "readAppsV1NamespacedReplicaSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ReplicaSet", + "operationId": "patchAppsV1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ReplicaSet", + "operationId": "replaceAppsV1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/replicasets/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified ReplicaSet", + "operationId": "readAppsV1NamespacedReplicaSetScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified ReplicaSet", + "operationId": "patchAppsV1NamespacedReplicaSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified ReplicaSet", + "operationId": "replaceAppsV1NamespacedReplicaSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/replicasets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified ReplicaSet", + "operationId": "readAppsV1NamespacedReplicaSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified ReplicaSet", + "operationId": "patchAppsV1NamespacedReplicaSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified ReplicaSet", + "operationId": "replaceAppsV1NamespacedReplicaSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/statefulsets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of StatefulSet", + "operationId": "deleteAppsV1CollectionNamespacedStatefulSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StatefulSet", + "operationId": "listAppsV1NamespacedStatefulSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a StatefulSet", + "operationId": "createAppsV1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a StatefulSet", + "operationId": "deleteAppsV1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified StatefulSet", + "operationId": "readAppsV1NamespacedStatefulSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified StatefulSet", + "operationId": "patchAppsV1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified StatefulSet", + "operationId": "replaceAppsV1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified StatefulSet", + "operationId": "readAppsV1NamespacedStatefulSetScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified StatefulSet", + "operationId": "patchAppsV1NamespacedStatefulSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified StatefulSet", + "operationId": "replaceAppsV1NamespacedStatefulSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "Scale", + "version": "v1" + } + } + }, + "/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified StatefulSet", + "operationId": "readAppsV1NamespacedStatefulSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified StatefulSet", + "operationId": "patchAppsV1NamespacedStatefulSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified StatefulSet", + "operationId": "replaceAppsV1NamespacedStatefulSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + } + }, + "/apis/apps/v1/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicaSet", + "operationId": "listAppsV1ReplicaSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.ReplicaSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StatefulSet", + "operationId": "listAppsV1StatefulSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1ControllerRevisionListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1DaemonSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1DeploymentListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1NamespacedControllerRevisionList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/controllerrevisions/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1NamespacedControllerRevision", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ControllerRevision", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1NamespacedDaemonSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/daemonsets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind DaemonSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1NamespacedDaemonSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1NamespacedDeploymentList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/deployments/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1NamespacedDeployment", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1NamespacedReplicaSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/replicasets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1NamespacedReplicaSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1NamespacedStatefulSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/namespaces/{namespace}/statefulsets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind StatefulSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1NamespacedStatefulSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1ReplicaSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1/watch/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1StatefulSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAppsV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ] + } + }, + "/apis/apps/v1beta1/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ControllerRevision", + "operationId": "listAppsV1beta1ControllerRevisionForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevisionList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listAppsV1beta1DeploymentForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/namespaces/{namespace}/controllerrevisions": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ControllerRevision", + "operationId": "deleteAppsV1beta1CollectionNamespacedControllerRevision", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ControllerRevision", + "operationId": "listAppsV1beta1NamespacedControllerRevision", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevisionList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ControllerRevision", + "operationId": "createAppsV1beta1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/controllerrevisions/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ControllerRevision", + "operationId": "deleteAppsV1beta1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ControllerRevision", + "operationId": "readAppsV1beta1NamespacedControllerRevision", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the ControllerRevision", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ControllerRevision", + "operationId": "patchAppsV1beta1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ControllerRevision", + "operationId": "replaceAppsV1beta1NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/deployments": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Deployment", + "operationId": "deleteAppsV1beta1CollectionNamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listAppsV1beta1NamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Deployment", + "operationId": "createAppsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Deployment", + "operationId": "deleteAppsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Deployment", + "operationId": "readAppsV1beta1NamespacedDeployment", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Deployment", + "operationId": "patchAppsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Deployment", + "operationId": "replaceAppsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}/rollback": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the DeploymentRollback", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create rollback of a Deployment", + "operationId": "createAppsV1beta1NamespacedDeploymentRollback", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentRollback" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DeploymentRollback", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified Deployment", + "operationId": "readAppsV1beta1NamespacedDeploymentScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified Deployment", + "operationId": "patchAppsV1beta1NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified Deployment", + "operationId": "replaceAppsV1beta1NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/deployments/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Deployment", + "operationId": "readAppsV1beta1NamespacedDeploymentStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Deployment", + "operationId": "patchAppsV1beta1NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Deployment", + "operationId": "replaceAppsV1beta1NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of StatefulSet", + "operationId": "deleteAppsV1beta1CollectionNamespacedStatefulSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StatefulSet", + "operationId": "listAppsV1beta1NamespacedStatefulSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a StatefulSet", + "operationId": "createAppsV1beta1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a StatefulSet", + "operationId": "deleteAppsV1beta1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified StatefulSet", + "operationId": "readAppsV1beta1NamespacedStatefulSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified StatefulSet", + "operationId": "patchAppsV1beta1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified StatefulSet", + "operationId": "replaceAppsV1beta1NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified StatefulSet", + "operationId": "readAppsV1beta1NamespacedStatefulSetScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified StatefulSet", + "operationId": "patchAppsV1beta1NamespacedStatefulSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified StatefulSet", + "operationId": "replaceAppsV1beta1NamespacedStatefulSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/namespaces/{namespace}/statefulsets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified StatefulSet", + "operationId": "readAppsV1beta1NamespacedStatefulSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified StatefulSet", + "operationId": "patchAppsV1beta1NamespacedStatefulSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified StatefulSet", + "operationId": "replaceAppsV1beta1NamespacedStatefulSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + } + }, + "/apis/apps/v1beta1/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StatefulSet", + "operationId": "listAppsV1beta1StatefulSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta1ControllerRevisionListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta1DeploymentListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/namespaces/{namespace}/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta1NamespacedControllerRevisionList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/namespaces/{namespace}/controllerrevisions/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta1NamespacedControllerRevision", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ControllerRevision", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/namespaces/{namespace}/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta1NamespacedDeploymentList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/namespaces/{namespace}/deployments/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta1NamespacedDeployment", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/namespaces/{namespace}/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta1NamespacedStatefulSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/namespaces/{namespace}/statefulsets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind StatefulSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta1NamespacedStatefulSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta1/watch/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta1StatefulSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAppsV1beta2APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ] + } + }, + "/apis/apps/v1beta2/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ControllerRevision", + "operationId": "listAppsV1beta2ControllerRevisionForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevisionList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind DaemonSet", + "operationId": "listAppsV1beta2DaemonSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listAppsV1beta2DeploymentForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/namespaces/{namespace}/controllerrevisions": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ControllerRevision", + "operationId": "deleteAppsV1beta2CollectionNamespacedControllerRevision", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ControllerRevision", + "operationId": "listAppsV1beta2NamespacedControllerRevision", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevisionList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ControllerRevision", + "operationId": "createAppsV1beta2NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/controllerrevisions/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ControllerRevision", + "operationId": "deleteAppsV1beta2NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ControllerRevision", + "operationId": "readAppsV1beta2NamespacedControllerRevision", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the ControllerRevision", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ControllerRevision", + "operationId": "patchAppsV1beta2NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ControllerRevision", + "operationId": "replaceAppsV1beta2NamespacedControllerRevision", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ControllerRevision" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/daemonsets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of DaemonSet", + "operationId": "deleteAppsV1beta2CollectionNamespacedDaemonSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind DaemonSet", + "operationId": "listAppsV1beta2NamespacedDaemonSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a DaemonSet", + "operationId": "createAppsV1beta2NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/daemonsets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a DaemonSet", + "operationId": "deleteAppsV1beta2NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified DaemonSet", + "operationId": "readAppsV1beta2NamespacedDaemonSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified DaemonSet", + "operationId": "patchAppsV1beta2NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified DaemonSet", + "operationId": "replaceAppsV1beta2NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/daemonsets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified DaemonSet", + "operationId": "readAppsV1beta2NamespacedDaemonSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified DaemonSet", + "operationId": "patchAppsV1beta2NamespacedDaemonSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified DaemonSet", + "operationId": "replaceAppsV1beta2NamespacedDaemonSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/deployments": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Deployment", + "operationId": "deleteAppsV1beta2CollectionNamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listAppsV1beta2NamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Deployment", + "operationId": "createAppsV1beta2NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/deployments/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Deployment", + "operationId": "deleteAppsV1beta2NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Deployment", + "operationId": "readAppsV1beta2NamespacedDeployment", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Deployment", + "operationId": "patchAppsV1beta2NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Deployment", + "operationId": "replaceAppsV1beta2NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/deployments/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified Deployment", + "operationId": "readAppsV1beta2NamespacedDeploymentScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified Deployment", + "operationId": "patchAppsV1beta2NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified Deployment", + "operationId": "replaceAppsV1beta2NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/deployments/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Deployment", + "operationId": "readAppsV1beta2NamespacedDeploymentStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Deployment", + "operationId": "patchAppsV1beta2NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Deployment", + "operationId": "replaceAppsV1beta2NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/replicasets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ReplicaSet", + "operationId": "deleteAppsV1beta2CollectionNamespacedReplicaSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicaSet", + "operationId": "listAppsV1beta2NamespacedReplicaSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ReplicaSet", + "operationId": "createAppsV1beta2NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/replicasets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ReplicaSet", + "operationId": "deleteAppsV1beta2NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ReplicaSet", + "operationId": "readAppsV1beta2NamespacedReplicaSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ReplicaSet", + "operationId": "patchAppsV1beta2NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ReplicaSet", + "operationId": "replaceAppsV1beta2NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/replicasets/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified ReplicaSet", + "operationId": "readAppsV1beta2NamespacedReplicaSetScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified ReplicaSet", + "operationId": "patchAppsV1beta2NamespacedReplicaSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified ReplicaSet", + "operationId": "replaceAppsV1beta2NamespacedReplicaSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/replicasets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified ReplicaSet", + "operationId": "readAppsV1beta2NamespacedReplicaSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified ReplicaSet", + "operationId": "patchAppsV1beta2NamespacedReplicaSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified ReplicaSet", + "operationId": "replaceAppsV1beta2NamespacedReplicaSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of StatefulSet", + "operationId": "deleteAppsV1beta2CollectionNamespacedStatefulSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StatefulSet", + "operationId": "listAppsV1beta2NamespacedStatefulSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a StatefulSet", + "operationId": "createAppsV1beta2NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a StatefulSet", + "operationId": "deleteAppsV1beta2NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified StatefulSet", + "operationId": "readAppsV1beta2NamespacedStatefulSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified StatefulSet", + "operationId": "patchAppsV1beta2NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified StatefulSet", + "operationId": "replaceAppsV1beta2NamespacedStatefulSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified StatefulSet", + "operationId": "readAppsV1beta2NamespacedStatefulSetScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified StatefulSet", + "operationId": "patchAppsV1beta2NamespacedStatefulSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified StatefulSet", + "operationId": "replaceAppsV1beta2NamespacedStatefulSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Scale", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/namespaces/{namespace}/statefulsets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified StatefulSet", + "operationId": "readAppsV1beta2NamespacedStatefulSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified StatefulSet", + "operationId": "patchAppsV1beta2NamespacedStatefulSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified StatefulSet", + "operationId": "replaceAppsV1beta2NamespacedStatefulSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + } + }, + "/apis/apps/v1beta2/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicaSet", + "operationId": "listAppsV1beta2ReplicaSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.ReplicaSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StatefulSet", + "operationId": "listAppsV1beta2StatefulSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.apps.v1beta2.StatefulSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2ControllerRevisionListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2DaemonSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2DeploymentListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/controllerrevisions": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2NamespacedControllerRevisionList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/controllerrevisions/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta2NamespacedControllerRevision", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ControllerRevision", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ControllerRevision", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2NamespacedDaemonSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/daemonsets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind DaemonSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta2NamespacedDaemonSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "DaemonSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2NamespacedDeploymentList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/deployments/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta2NamespacedDeployment", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "Deployment", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2NamespacedReplicaSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/replicasets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta2NamespacedReplicaSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2NamespacedStatefulSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/namespaces/{namespace}/statefulsets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind StatefulSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAppsV1beta2NamespacedStatefulSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the StatefulSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2ReplicaSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "ReplicaSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/apps/v1beta2/watch/statefulsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAppsV1beta2StatefulSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "apps_v1beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "apps", + "kind": "StatefulSet", + "version": "v1beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/auditregistration.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getAuditregistrationAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration" + ] + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAuditregistrationV1alpha1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ] + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/auditsinks": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of AuditSink", + "operationId": "deleteAuditregistrationV1alpha1CollectionAuditSink", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind AuditSink", + "operationId": "listAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSinkList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an AuditSink", + "operationId": "createAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/auditsinks/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an AuditSink", + "operationId": "deleteAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified AuditSink", + "operationId": "readAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the AuditSink", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified AuditSink", + "operationId": "patchAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified AuditSink", + "operationId": "replaceAuditregistrationV1alpha1AuditSink", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.auditregistration.v1alpha1.AuditSink" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + } + }, + "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of AuditSink. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAuditregistrationV1alpha1AuditSinkList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/auditregistration.k8s.io/v1alpha1/watch/auditsinks/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind AuditSink. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAuditregistrationV1alpha1AuditSink", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "auditregistration_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "auditregistration.k8s.io", + "kind": "AuditSink", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the AuditSink", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/authentication.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getAuthenticationAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authentication" + ] + } + }, + "/apis/authentication.k8s.io/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAuthenticationV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authentication_v1" + ] + } + }, + "/apis/authentication.k8s.io/v1/tokenreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a TokenReview", + "operationId": "createAuthenticationV1TokenReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authentication_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authentication.k8s.io", + "kind": "TokenReview", + "version": "v1" + } + } + }, + "/apis/authentication.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAuthenticationV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authentication_v1beta1" + ] + } + }, + "/apis/authentication.k8s.io/v1beta1/tokenreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a TokenReview", + "operationId": "createAuthenticationV1beta1TokenReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authentication_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authentication.k8s.io", + "kind": "TokenReview", + "version": "v1beta1" + } + } + }, + "/apis/authorization.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getAuthorizationAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization" + ] + } + }, + "/apis/authorization.k8s.io/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAuthorizationV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1" + ] + } + }, + "/apis/authorization.k8s.io/v1/namespaces/{namespace}/localsubjectaccessreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a LocalSubjectAccessReview", + "operationId": "createAuthorizationV1NamespacedLocalSubjectAccessReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "LocalSubjectAccessReview", + "version": "v1" + } + } + }, + "/apis/authorization.k8s.io/v1/selfsubjectaccessreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a SelfSubjectAccessReview", + "operationId": "createAuthorizationV1SelfSubjectAccessReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "SelfSubjectAccessReview", + "version": "v1" + } + } + }, + "/apis/authorization.k8s.io/v1/selfsubjectrulesreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a SelfSubjectRulesReview", + "operationId": "createAuthorizationV1SelfSubjectRulesReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectRulesReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "SelfSubjectRulesReview", + "version": "v1" + } + } + }, + "/apis/authorization.k8s.io/v1/subjectaccessreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a SubjectAccessReview", + "operationId": "createAuthorizationV1SubjectAccessReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "SubjectAccessReview", + "version": "v1" + } + } + }, + "/apis/authorization.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAuthorizationV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1beta1" + ] + } + }, + "/apis/authorization.k8s.io/v1beta1/namespaces/{namespace}/localsubjectaccessreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a LocalSubjectAccessReview", + "operationId": "createAuthorizationV1beta1NamespacedLocalSubjectAccessReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "LocalSubjectAccessReview", + "version": "v1beta1" + } + } + }, + "/apis/authorization.k8s.io/v1beta1/selfsubjectaccessreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a SelfSubjectAccessReview", + "operationId": "createAuthorizationV1beta1SelfSubjectAccessReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "SelfSubjectAccessReview", + "version": "v1beta1" + } + } + }, + "/apis/authorization.k8s.io/v1beta1/selfsubjectrulesreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a SelfSubjectRulesReview", + "operationId": "createAuthorizationV1beta1SelfSubjectRulesReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectRulesReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "SelfSubjectRulesReview", + "version": "v1beta1" + } + } + }, + "/apis/authorization.k8s.io/v1beta1/subjectaccessreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a SubjectAccessReview", + "operationId": "createAuthorizationV1beta1SubjectAccessReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authorization.k8s.io", + "kind": "SubjectAccessReview", + "version": "v1beta1" + } + } + }, + "/apis/autoscaling/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getAutoscalingAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling" + ] + } + }, + "/apis/autoscaling/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAutoscalingV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ] + } + }, + "/apis/autoscaling/v1/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind HorizontalPodAutoscaler", + "operationId": "listAutoscalingV1HorizontalPodAutoscalerForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of HorizontalPodAutoscaler", + "operationId": "deleteAutoscalingV1CollectionNamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind HorizontalPodAutoscaler", + "operationId": "listAutoscalingV1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a HorizontalPodAutoscaler", + "operationId": "createAutoscalingV1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + } + }, + "/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a HorizontalPodAutoscaler", + "operationId": "deleteAutoscalingV1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified HorizontalPodAutoscaler", + "operationId": "readAutoscalingV1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified HorizontalPodAutoscaler", + "operationId": "patchAutoscalingV1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified HorizontalPodAutoscaler", + "operationId": "replaceAutoscalingV1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + } + }, + "/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified HorizontalPodAutoscaler", + "operationId": "readAutoscalingV1NamespacedHorizontalPodAutoscalerStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified HorizontalPodAutoscaler", + "operationId": "patchAutoscalingV1NamespacedHorizontalPodAutoscalerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified HorizontalPodAutoscaler", + "operationId": "replaceAutoscalingV1NamespacedHorizontalPodAutoscalerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + } + }, + "/apis/autoscaling/v1/watch/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAutoscalingV1HorizontalPodAutoscalerListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAutoscalingV1NamespacedHorizontalPodAutoscalerList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAutoscalingV1NamespacedHorizontalPodAutoscaler", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAutoscalingV2beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ] + } + }, + "/apis/autoscaling/v2beta1/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind HorizontalPodAutoscaler", + "operationId": "listAutoscalingV2beta1HorizontalPodAutoscalerForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta1/namespaces/{namespace}/horizontalpodautoscalers": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of HorizontalPodAutoscaler", + "operationId": "deleteAutoscalingV2beta1CollectionNamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind HorizontalPodAutoscaler", + "operationId": "listAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscalerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a HorizontalPodAutoscaler", + "operationId": "createAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + } + }, + "/apis/autoscaling/v2beta1/namespaces/{namespace}/horizontalpodautoscalers/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a HorizontalPodAutoscaler", + "operationId": "deleteAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified HorizontalPodAutoscaler", + "operationId": "readAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "parameters": [ + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified HorizontalPodAutoscaler", + "operationId": "patchAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified HorizontalPodAutoscaler", + "operationId": "replaceAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + } + }, + "/apis/autoscaling/v2beta1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified HorizontalPodAutoscaler", + "operationId": "readAutoscalingV2beta1NamespacedHorizontalPodAutoscalerStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "parameters": [ + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified HorizontalPodAutoscaler", + "operationId": "patchAutoscalingV2beta1NamespacedHorizontalPodAutoscalerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified HorizontalPodAutoscaler", + "operationId": "replaceAutoscalingV2beta1NamespacedHorizontalPodAutoscalerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta1.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + } + }, + "/apis/autoscaling/v2beta1/watch/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAutoscalingV2beta1HorizontalPodAutoscalerListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta1/watch/namespaces/{namespace}/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAutoscalingV2beta1NamespacedHorizontalPodAutoscalerList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAutoscalingV2beta1NamespacedHorizontalPodAutoscaler", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta2/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAutoscalingV2beta2APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ] + } + }, + "/apis/autoscaling/v2beta2/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind HorizontalPodAutoscaler", + "operationId": "listAutoscalingV2beta2HorizontalPodAutoscalerForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta2/namespaces/{namespace}/horizontalpodautoscalers": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of HorizontalPodAutoscaler", + "operationId": "deleteAutoscalingV2beta2CollectionNamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind HorizontalPodAutoscaler", + "operationId": "listAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscalerList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a HorizontalPodAutoscaler", + "operationId": "createAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + } + }, + "/apis/autoscaling/v2beta2/namespaces/{namespace}/horizontalpodautoscalers/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a HorizontalPodAutoscaler", + "operationId": "deleteAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified HorizontalPodAutoscaler", + "operationId": "readAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "parameters": [ + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified HorizontalPodAutoscaler", + "operationId": "patchAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified HorizontalPodAutoscaler", + "operationId": "replaceAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + } + }, + "/apis/autoscaling/v2beta2/namespaces/{namespace}/horizontalpodautoscalers/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified HorizontalPodAutoscaler", + "operationId": "readAutoscalingV2beta2NamespacedHorizontalPodAutoscalerStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "parameters": [ + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified HorizontalPodAutoscaler", + "operationId": "patchAutoscalingV2beta2NamespacedHorizontalPodAutoscalerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified HorizontalPodAutoscaler", + "operationId": "replaceAutoscalingV2beta2NamespacedHorizontalPodAutoscalerStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.autoscaling.v2beta2.HorizontalPodAutoscaler" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + } + }, + "/apis/autoscaling/v2beta2/watch/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAutoscalingV2beta2HorizontalPodAutoscalerListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta2/watch/namespaces/{namespace}/horizontalpodautoscalers": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchAutoscalingV2beta2NamespacedHorizontalPodAutoscalerList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/autoscaling/v2beta2/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchAutoscalingV2beta2NamespacedHorizontalPodAutoscaler", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "autoscaling_v2beta2" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "autoscaling", + "kind": "HorizontalPodAutoscaler", + "version": "v2beta2" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the HorizontalPodAutoscaler", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getBatchAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch" + ] + } + }, + "/apis/batch/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getBatchV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ] + } + }, + "/apis/batch/v1/jobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Job", + "operationId": "listBatchV1JobForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v1/namespaces/{namespace}/jobs": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Job", + "operationId": "deleteBatchV1CollectionNamespacedJob", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Job", + "operationId": "listBatchV1NamespacedJob", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.JobList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Job", + "operationId": "createBatchV1NamespacedJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + } + }, + "/apis/batch/v1/namespaces/{namespace}/jobs/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Job", + "operationId": "deleteBatchV1NamespacedJob", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Job", + "operationId": "readBatchV1NamespacedJob", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Job", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Job", + "operationId": "patchBatchV1NamespacedJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Job", + "operationId": "replaceBatchV1NamespacedJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + } + }, + "/apis/batch/v1/namespaces/{namespace}/jobs/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Job", + "operationId": "readBatchV1NamespacedJobStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Job", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Job", + "operationId": "patchBatchV1NamespacedJobStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Job", + "operationId": "replaceBatchV1NamespacedJobStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1.Job" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + } + }, + "/apis/batch/v1/watch/jobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Job. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchBatchV1JobListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v1/watch/namespaces/{namespace}/jobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Job. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchBatchV1NamespacedJobList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v1/watch/namespaces/{namespace}/jobs/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Job. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchBatchV1NamespacedJob", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "Job", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Job", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getBatchV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ] + } + }, + "/apis/batch/v1beta1/cronjobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind CronJob", + "operationId": "listBatchV1beta1CronJobForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v1beta1/namespaces/{namespace}/cronjobs": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of CronJob", + "operationId": "deleteBatchV1beta1CollectionNamespacedCronJob", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind CronJob", + "operationId": "listBatchV1beta1NamespacedCronJob", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJobList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a CronJob", + "operationId": "createBatchV1beta1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + } + }, + "/apis/batch/v1beta1/namespaces/{namespace}/cronjobs/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a CronJob", + "operationId": "deleteBatchV1beta1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified CronJob", + "operationId": "readBatchV1beta1NamespacedCronJob", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the CronJob", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified CronJob", + "operationId": "patchBatchV1beta1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified CronJob", + "operationId": "replaceBatchV1beta1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + } + }, + "/apis/batch/v1beta1/namespaces/{namespace}/cronjobs/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified CronJob", + "operationId": "readBatchV1beta1NamespacedCronJobStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the CronJob", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified CronJob", + "operationId": "patchBatchV1beta1NamespacedCronJobStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified CronJob", + "operationId": "replaceBatchV1beta1NamespacedCronJobStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v1beta1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + } + }, + "/apis/batch/v1beta1/watch/cronjobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchBatchV1beta1CronJobListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v1beta1/watch/namespaces/{namespace}/cronjobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchBatchV1beta1NamespacedCronJobList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v1beta1/watch/namespaces/{namespace}/cronjobs/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind CronJob. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchBatchV1beta1NamespacedCronJob", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the CronJob", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v2alpha1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getBatchV2alpha1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ] + } + }, + "/apis/batch/v2alpha1/cronjobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind CronJob", + "operationId": "listBatchV2alpha1CronJobForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v2alpha1/namespaces/{namespace}/cronjobs": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of CronJob", + "operationId": "deleteBatchV2alpha1CollectionNamespacedCronJob", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind CronJob", + "operationId": "listBatchV2alpha1NamespacedCronJob", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a CronJob", + "operationId": "createBatchV2alpha1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + } + }, + "/apis/batch/v2alpha1/namespaces/{namespace}/cronjobs/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a CronJob", + "operationId": "deleteBatchV2alpha1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified CronJob", + "operationId": "readBatchV2alpha1NamespacedCronJob", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "parameters": [ + { + "description": "name of the CronJob", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified CronJob", + "operationId": "patchBatchV2alpha1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified CronJob", + "operationId": "replaceBatchV2alpha1NamespacedCronJob", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + } + }, + "/apis/batch/v2alpha1/namespaces/{namespace}/cronjobs/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified CronJob", + "operationId": "readBatchV2alpha1NamespacedCronJobStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "parameters": [ + { + "description": "name of the CronJob", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified CronJob", + "operationId": "patchBatchV2alpha1NamespacedCronJobStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified CronJob", + "operationId": "replaceBatchV2alpha1NamespacedCronJobStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + } + }, + "/apis/batch/v2alpha1/watch/cronjobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchBatchV2alpha1CronJobListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v2alpha1/watch/namespaces/{namespace}/cronjobs": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchBatchV2alpha1NamespacedCronJobList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/batch/v2alpha1/watch/namespaces/{namespace}/cronjobs/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind CronJob. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchBatchV2alpha1NamespacedCronJob", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "batch_v2alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "batch", + "kind": "CronJob", + "version": "v2alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the CronJob", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/certificates.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getCertificatesAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates" + ] + } + }, + "/apis/certificates.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getCertificatesV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ] + } + }, + "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of CertificateSigningRequest", + "operationId": "deleteCertificatesV1beta1CollectionCertificateSigningRequest", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind CertificateSigningRequest", + "operationId": "listCertificatesV1beta1CertificateSigningRequest", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a CertificateSigningRequest", + "operationId": "createCertificatesV1beta1CertificateSigningRequest", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + } + }, + "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a CertificateSigningRequest", + "operationId": "deleteCertificatesV1beta1CertificateSigningRequest", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified CertificateSigningRequest", + "operationId": "readCertificatesV1beta1CertificateSigningRequest", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the CertificateSigningRequest", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified CertificateSigningRequest", + "operationId": "patchCertificatesV1beta1CertificateSigningRequest", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified CertificateSigningRequest", + "operationId": "replaceCertificatesV1beta1CertificateSigningRequest", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + } + }, + "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/{name}/approval": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the CertificateSigningRequest", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "put": { + "consumes": [ + "*/*" + ], + "description": "replace approval of the specified CertificateSigningRequest", + "operationId": "replaceCertificatesV1beta1CertificateSigningRequestApproval", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + } + }, + "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified CertificateSigningRequest", + "operationId": "readCertificatesV1beta1CertificateSigningRequestStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the CertificateSigningRequest", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified CertificateSigningRequest", + "operationId": "patchCertificatesV1beta1CertificateSigningRequestStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified CertificateSigningRequest", + "operationId": "replaceCertificatesV1beta1CertificateSigningRequestStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + } + }, + "/apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of CertificateSigningRequest. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCertificatesV1beta1CertificateSigningRequestList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/certificates.k8s.io/v1beta1/watch/certificatesigningrequests/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind CertificateSigningRequest. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCertificatesV1beta1CertificateSigningRequest", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "CertificateSigningRequest", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the CertificateSigningRequest", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getCoordinationAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination" + ] + } + }, + "/apis/coordination.k8s.io/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getCoordinationV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ] + } + }, + "/apis/coordination.k8s.io/v1/leases": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Lease", + "operationId": "listCoordinationV1LeaseForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.LeaseList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/v1/namespaces/{namespace}/leases": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Lease", + "operationId": "deleteCoordinationV1CollectionNamespacedLease", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Lease", + "operationId": "listCoordinationV1NamespacedLease", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.LeaseList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Lease", + "operationId": "createCoordinationV1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + } + }, + "/apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Lease", + "operationId": "deleteCoordinationV1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Lease", + "operationId": "readCoordinationV1NamespacedLease", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Lease", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Lease", + "operationId": "patchCoordinationV1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Lease", + "operationId": "replaceCoordinationV1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + } + }, + "/apis/coordination.k8s.io/v1/watch/leases": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoordinationV1LeaseListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/v1/watch/namespaces/{namespace}/leases": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoordinationV1NamespacedLeaseList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/v1/watch/namespaces/{namespace}/leases/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Lease. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoordinationV1NamespacedLease", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Lease", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getCoordinationV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ] + } + }, + "/apis/coordination.k8s.io/v1beta1/leases": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Lease", + "operationId": "listCoordinationV1beta1LeaseForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.LeaseList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/v1beta1/namespaces/{namespace}/leases": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Lease", + "operationId": "deleteCoordinationV1beta1CollectionNamespacedLease", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Lease", + "operationId": "listCoordinationV1beta1NamespacedLease", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.LeaseList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Lease", + "operationId": "createCoordinationV1beta1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + } + }, + "/apis/coordination.k8s.io/v1beta1/namespaces/{namespace}/leases/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Lease", + "operationId": "deleteCoordinationV1beta1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Lease", + "operationId": "readCoordinationV1beta1NamespacedLease", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Lease", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Lease", + "operationId": "patchCoordinationV1beta1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Lease", + "operationId": "replaceCoordinationV1beta1NamespacedLease", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.coordination.v1beta1.Lease" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + } + }, + "/apis/coordination.k8s.io/v1beta1/watch/leases": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoordinationV1beta1LeaseListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/v1beta1/watch/namespaces/{namespace}/leases": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCoordinationV1beta1NamespacedLeaseList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/coordination.k8s.io/v1beta1/watch/namespaces/{namespace}/leases/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Lease. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCoordinationV1beta1NamespacedLease", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "coordination_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "coordination.k8s.io", + "kind": "Lease", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Lease", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/events.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getEventsAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events" + ] + } + }, + "/apis/events.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getEventsV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ] + } + }, + "/apis/events.k8s.io/v1beta1/events": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Event", + "operationId": "listEventsV1beta1EventForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.EventList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/events.k8s.io/v1beta1/namespaces/{namespace}/events": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Event", + "operationId": "deleteEventsV1beta1CollectionNamespacedEvent", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Event", + "operationId": "listEventsV1beta1NamespacedEvent", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.EventList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an Event", + "operationId": "createEventsV1beta1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + } + }, + "/apis/events.k8s.io/v1beta1/namespaces/{namespace}/events/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an Event", + "operationId": "deleteEventsV1beta1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Event", + "operationId": "readEventsV1beta1NamespacedEvent", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Event", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Event", + "operationId": "patchEventsV1beta1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Event", + "operationId": "replaceEventsV1beta1NamespacedEvent", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.events.v1beta1.Event" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + } + }, + "/apis/events.k8s.io/v1beta1/watch/events": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchEventsV1beta1EventListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/events.k8s.io/v1beta1/watch/namespaces/{namespace}/events": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchEventsV1beta1NamespacedEventList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/events.k8s.io/v1beta1/watch/namespaces/{namespace}/events/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Event. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchEventsV1beta1NamespacedEvent", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "events_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "events.k8s.io", + "kind": "Event", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Event", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getExtensionsAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions" + ] + } + }, + "/apis/extensions/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getExtensionsV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ] + } + }, + "/apis/extensions/v1beta1/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind DaemonSet", + "operationId": "listExtensionsV1beta1DaemonSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listExtensionsV1beta1DeploymentForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/ingresses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Ingress", + "operationId": "listExtensionsV1beta1IngressForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/daemonsets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of DaemonSet", + "operationId": "deleteExtensionsV1beta1CollectionNamespacedDaemonSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind DaemonSet", + "operationId": "listExtensionsV1beta1NamespacedDaemonSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a DaemonSet", + "operationId": "createExtensionsV1beta1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/daemonsets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a DaemonSet", + "operationId": "deleteExtensionsV1beta1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified DaemonSet", + "operationId": "readExtensionsV1beta1NamespacedDaemonSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified DaemonSet", + "operationId": "patchExtensionsV1beta1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified DaemonSet", + "operationId": "replaceExtensionsV1beta1NamespacedDaemonSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/daemonsets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified DaemonSet", + "operationId": "readExtensionsV1beta1NamespacedDaemonSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified DaemonSet", + "operationId": "patchExtensionsV1beta1NamespacedDaemonSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified DaemonSet", + "operationId": "replaceExtensionsV1beta1NamespacedDaemonSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/deployments": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Deployment", + "operationId": "deleteExtensionsV1beta1CollectionNamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Deployment", + "operationId": "listExtensionsV1beta1NamespacedDeployment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Deployment", + "operationId": "createExtensionsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Deployment", + "operationId": "deleteExtensionsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Deployment", + "operationId": "readExtensionsV1beta1NamespacedDeployment", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Deployment", + "operationId": "patchExtensionsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Deployment", + "operationId": "replaceExtensionsV1beta1NamespacedDeployment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}/rollback": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "name of the DeploymentRollback", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create rollback of a Deployment", + "operationId": "createExtensionsV1beta1NamespacedDeploymentRollback", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentRollback" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DeploymentRollback", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified Deployment", + "operationId": "readExtensionsV1beta1NamespacedDeploymentScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified Deployment", + "operationId": "patchExtensionsV1beta1NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified Deployment", + "operationId": "replaceExtensionsV1beta1NamespacedDeploymentScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/deployments/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Deployment", + "operationId": "readExtensionsV1beta1NamespacedDeploymentStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Deployment", + "operationId": "patchExtensionsV1beta1NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Deployment", + "operationId": "replaceExtensionsV1beta1NamespacedDeploymentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/ingresses": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Ingress", + "operationId": "deleteExtensionsV1beta1CollectionNamespacedIngress", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Ingress", + "operationId": "listExtensionsV1beta1NamespacedIngress", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an Ingress", + "operationId": "createExtensionsV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/ingresses/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an Ingress", + "operationId": "deleteExtensionsV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Ingress", + "operationId": "readExtensionsV1beta1NamespacedIngress", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Ingress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Ingress", + "operationId": "patchExtensionsV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Ingress", + "operationId": "replaceExtensionsV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/ingresses/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Ingress", + "operationId": "readExtensionsV1beta1NamespacedIngressStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Ingress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Ingress", + "operationId": "patchExtensionsV1beta1NamespacedIngressStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Ingress", + "operationId": "replaceExtensionsV1beta1NamespacedIngressStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/networkpolicies": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of NetworkPolicy", + "operationId": "deleteExtensionsV1beta1CollectionNamespacedNetworkPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind NetworkPolicy", + "operationId": "listExtensionsV1beta1NamespacedNetworkPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a NetworkPolicy", + "operationId": "createExtensionsV1beta1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/networkpolicies/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a NetworkPolicy", + "operationId": "deleteExtensionsV1beta1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified NetworkPolicy", + "operationId": "readExtensionsV1beta1NamespacedNetworkPolicy", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the NetworkPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified NetworkPolicy", + "operationId": "patchExtensionsV1beta1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified NetworkPolicy", + "operationId": "replaceExtensionsV1beta1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ReplicaSet", + "operationId": "deleteExtensionsV1beta1CollectionNamespacedReplicaSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicaSet", + "operationId": "listExtensionsV1beta1NamespacedReplicaSet", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ReplicaSet", + "operationId": "createExtensionsV1beta1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ReplicaSet", + "operationId": "deleteExtensionsV1beta1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ReplicaSet", + "operationId": "readExtensionsV1beta1NamespacedReplicaSet", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ReplicaSet", + "operationId": "patchExtensionsV1beta1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ReplicaSet", + "operationId": "replaceExtensionsV1beta1NamespacedReplicaSet", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified ReplicaSet", + "operationId": "readExtensionsV1beta1NamespacedReplicaSetScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified ReplicaSet", + "operationId": "patchExtensionsV1beta1NamespacedReplicaSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified ReplicaSet", + "operationId": "replaceExtensionsV1beta1NamespacedReplicaSetScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/replicasets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified ReplicaSet", + "operationId": "readExtensionsV1beta1NamespacedReplicaSetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified ReplicaSet", + "operationId": "patchExtensionsV1beta1NamespacedReplicaSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified ReplicaSet", + "operationId": "replaceExtensionsV1beta1NamespacedReplicaSetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/namespaces/{namespace}/replicationcontrollers/{name}/scale": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read scale of the specified ReplicationControllerDummy", + "operationId": "readExtensionsV1beta1NamespacedReplicationControllerDummyScale", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Scale", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update scale of the specified ReplicationControllerDummy", + "operationId": "patchExtensionsV1beta1NamespacedReplicationControllerDummyScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace scale of the specified ReplicationControllerDummy", + "operationId": "replaceExtensionsV1beta1NamespacedReplicationControllerDummyScale", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Scale", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/networkpolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind NetworkPolicy", + "operationId": "listExtensionsV1beta1NetworkPolicyForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/podsecuritypolicies": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PodSecurityPolicy", + "operationId": "deleteExtensionsV1beta1CollectionPodSecurityPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodSecurityPolicy", + "operationId": "listExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicyList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PodSecurityPolicy", + "operationId": "createExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/podsecuritypolicies/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PodSecurityPolicy", + "operationId": "deleteExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PodSecurityPolicy", + "operationId": "readExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the PodSecurityPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PodSecurityPolicy", + "operationId": "patchExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PodSecurityPolicy", + "operationId": "replaceExtensionsV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + } + }, + "/apis/extensions/v1beta1/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ReplicaSet", + "operationId": "listExtensionsV1beta1ReplicaSetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1DaemonSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1DeploymentListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/ingresses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1IngressListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/daemonsets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1NamespacedDaemonSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/daemonsets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind DaemonSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchExtensionsV1beta1NamespacedDaemonSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "DaemonSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the DaemonSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/deployments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1NamespacedDeploymentList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/deployments/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchExtensionsV1beta1NamespacedDeployment", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Deployment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Deployment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/ingresses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1NamespacedIngressList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/ingresses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Ingress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchExtensionsV1beta1NamespacedIngress", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Ingress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/networkpolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1NamespacedNetworkPolicyList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/networkpolicies/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchExtensionsV1beta1NamespacedNetworkPolicy", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the NetworkPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1NamespacedReplicaSetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/namespaces/{namespace}/replicasets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchExtensionsV1beta1NamespacedReplicaSet", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ReplicaSet", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/networkpolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1NetworkPolicyListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "NetworkPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/podsecuritypolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1PodSecurityPolicyList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/podsecuritypolicies/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchExtensionsV1beta1PodSecurityPolicy", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PodSecurityPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/extensions/v1beta1/watch/replicasets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchExtensionsV1beta1ReplicaSetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "extensions_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "extensions", + "kind": "ReplicaSet", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getNetworkingAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking" + ] + } + }, + "/apis/networking.k8s.io/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getNetworkingV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ] + } + }, + "/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of NetworkPolicy", + "operationId": "deleteNetworkingV1CollectionNamespacedNetworkPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind NetworkPolicy", + "operationId": "listNetworkingV1NamespacedNetworkPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a NetworkPolicy", + "operationId": "createNetworkingV1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + } + }, + "/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a NetworkPolicy", + "operationId": "deleteNetworkingV1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified NetworkPolicy", + "operationId": "readNetworkingV1NamespacedNetworkPolicy", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the NetworkPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified NetworkPolicy", + "operationId": "patchNetworkingV1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified NetworkPolicy", + "operationId": "replaceNetworkingV1NamespacedNetworkPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + } + }, + "/apis/networking.k8s.io/v1/networkpolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind NetworkPolicy", + "operationId": "listNetworkingV1NetworkPolicyForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchNetworkingV1NamespacedNetworkPolicyList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchNetworkingV1NamespacedNetworkPolicy", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the NetworkPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1/watch/networkpolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchNetworkingV1NetworkPolicyListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "NetworkPolicy", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getNetworkingV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ] + } + }, + "/apis/networking.k8s.io/v1beta1/ingresses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Ingress", + "operationId": "listNetworkingV1beta1IngressForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1beta1/namespaces/{namespace}/ingresses": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Ingress", + "operationId": "deleteNetworkingV1beta1CollectionNamespacedIngress", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Ingress", + "operationId": "listNetworkingV1beta1NamespacedIngress", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.IngressList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an Ingress", + "operationId": "createNetworkingV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + } + }, + "/apis/networking.k8s.io/v1beta1/namespaces/{namespace}/ingresses/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an Ingress", + "operationId": "deleteNetworkingV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Ingress", + "operationId": "readNetworkingV1beta1NamespacedIngress", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Ingress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Ingress", + "operationId": "patchNetworkingV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Ingress", + "operationId": "replaceNetworkingV1beta1NamespacedIngress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + } + }, + "/apis/networking.k8s.io/v1beta1/namespaces/{namespace}/ingresses/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified Ingress", + "operationId": "readNetworkingV1beta1NamespacedIngressStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Ingress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified Ingress", + "operationId": "patchNetworkingV1beta1NamespacedIngressStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified Ingress", + "operationId": "replaceNetworkingV1beta1NamespacedIngressStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1beta1.Ingress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + } + }, + "/apis/networking.k8s.io/v1beta1/watch/ingresses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchNetworkingV1beta1IngressListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1beta1/watch/namespaces/{namespace}/ingresses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchNetworkingV1beta1NamespacedIngressList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1beta1/watch/namespaces/{namespace}/ingresses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Ingress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchNetworkingV1beta1NamespacedIngress", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "Ingress", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Ingress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/policy/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getPolicyAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy" + ] + } + }, + "/apis/policy/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getPolicyV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ] + } + }, + "/apis/policy/v1beta1/namespaces/{namespace}/poddisruptionbudgets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PodDisruptionBudget", + "operationId": "deletePolicyV1beta1CollectionNamespacedPodDisruptionBudget", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodDisruptionBudget", + "operationId": "listPolicyV1beta1NamespacedPodDisruptionBudget", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PodDisruptionBudget", + "operationId": "createPolicyV1beta1NamespacedPodDisruptionBudget", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + } + }, + "/apis/policy/v1beta1/namespaces/{namespace}/poddisruptionbudgets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PodDisruptionBudget", + "operationId": "deletePolicyV1beta1NamespacedPodDisruptionBudget", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PodDisruptionBudget", + "operationId": "readPolicyV1beta1NamespacedPodDisruptionBudget", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the PodDisruptionBudget", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PodDisruptionBudget", + "operationId": "patchPolicyV1beta1NamespacedPodDisruptionBudget", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PodDisruptionBudget", + "operationId": "replacePolicyV1beta1NamespacedPodDisruptionBudget", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + } + }, + "/apis/policy/v1beta1/namespaces/{namespace}/poddisruptionbudgets/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified PodDisruptionBudget", + "operationId": "readPolicyV1beta1NamespacedPodDisruptionBudgetStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the PodDisruptionBudget", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified PodDisruptionBudget", + "operationId": "patchPolicyV1beta1NamespacedPodDisruptionBudgetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified PodDisruptionBudget", + "operationId": "replacePolicyV1beta1NamespacedPodDisruptionBudgetStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + } + }, + "/apis/policy/v1beta1/poddisruptionbudgets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodDisruptionBudget", + "operationId": "listPolicyV1beta1PodDisruptionBudgetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/policy/v1beta1/podsecuritypolicies": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PodSecurityPolicy", + "operationId": "deletePolicyV1beta1CollectionPodSecurityPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodSecurityPolicy", + "operationId": "listPolicyV1beta1PodSecurityPolicy", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicyList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PodSecurityPolicy", + "operationId": "createPolicyV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + } + }, + "/apis/policy/v1beta1/podsecuritypolicies/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PodSecurityPolicy", + "operationId": "deletePolicyV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PodSecurityPolicy", + "operationId": "readPolicyV1beta1PodSecurityPolicy", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the PodSecurityPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PodSecurityPolicy", + "operationId": "patchPolicyV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PodSecurityPolicy", + "operationId": "replacePolicyV1beta1PodSecurityPolicy", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodSecurityPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + } + }, + "/apis/policy/v1beta1/watch/namespaces/{namespace}/poddisruptionbudgets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchPolicyV1beta1NamespacedPodDisruptionBudgetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/policy/v1beta1/watch/namespaces/{namespace}/poddisruptionbudgets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchPolicyV1beta1NamespacedPodDisruptionBudget", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PodDisruptionBudget", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/policy/v1beta1/watch/poddisruptionbudgets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchPolicyV1beta1PodDisruptionBudgetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodDisruptionBudget", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/policy/v1beta1/watch/podsecuritypolicies": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchPolicyV1beta1PodSecurityPolicyList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/policy/v1beta1/watch/podsecuritypolicies/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PodSecurityPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchPolicyV1beta1PodSecurityPolicy", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "policy_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "policy", + "kind": "PodSecurityPolicy", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PodSecurityPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getRbacAuthorizationAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization" + ] + } + }, + "/apis/rbac.authorization.k8s.io/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getRbacAuthorizationV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ] + } + }, + "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ClusterRoleBinding", + "operationId": "deleteRbacAuthorizationV1CollectionClusterRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ClusterRoleBinding", + "operationId": "listRbacAuthorizationV1ClusterRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ClusterRoleBinding", + "operationId": "createRbacAuthorizationV1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ClusterRoleBinding", + "operationId": "deleteRbacAuthorizationV1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ClusterRoleBinding", + "operationId": "readRbacAuthorizationV1ClusterRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ClusterRoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ClusterRoleBinding", + "operationId": "patchRbacAuthorizationV1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ClusterRoleBinding", + "operationId": "replaceRbacAuthorizationV1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/clusterroles": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ClusterRole", + "operationId": "deleteRbacAuthorizationV1CollectionClusterRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ClusterRole", + "operationId": "listRbacAuthorizationV1ClusterRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ClusterRole", + "operationId": "createRbacAuthorizationV1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/clusterroles/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ClusterRole", + "operationId": "deleteRbacAuthorizationV1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ClusterRole", + "operationId": "readRbacAuthorizationV1ClusterRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the ClusterRole", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ClusterRole", + "operationId": "patchRbacAuthorizationV1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ClusterRole", + "operationId": "replaceRbacAuthorizationV1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of RoleBinding", + "operationId": "deleteRbacAuthorizationV1CollectionNamespacedRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind RoleBinding", + "operationId": "listRbacAuthorizationV1NamespacedRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a RoleBinding", + "operationId": "createRbacAuthorizationV1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a RoleBinding", + "operationId": "deleteRbacAuthorizationV1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified RoleBinding", + "operationId": "readRbacAuthorizationV1NamespacedRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the RoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified RoleBinding", + "operationId": "patchRbacAuthorizationV1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified RoleBinding", + "operationId": "replaceRbacAuthorizationV1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Role", + "operationId": "deleteRbacAuthorizationV1CollectionNamespacedRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Role", + "operationId": "listRbacAuthorizationV1NamespacedRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Role", + "operationId": "createRbacAuthorizationV1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Role", + "operationId": "deleteRbacAuthorizationV1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Role", + "operationId": "readRbacAuthorizationV1NamespacedRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the Role", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Role", + "operationId": "patchRbacAuthorizationV1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Role", + "operationId": "replaceRbacAuthorizationV1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind RoleBinding", + "operationId": "listRbacAuthorizationV1RoleBindingForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Role", + "operationId": "listRbacAuthorizationV1RoleForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1.RoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/clusterrolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1ClusterRoleBindingList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/clusterrolebindings/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1ClusterRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ClusterRoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/clusterroles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ClusterRole. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1ClusterRoleList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/clusterroles/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ClusterRole. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1ClusterRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ClusterRole", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1NamespacedRoleBindingList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/rolebindings/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind RoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1NamespacedRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the RoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1NamespacedRoleList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/roles/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Role. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1NamespacedRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Role", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1RoleBindingListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1/watch/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1RoleListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getRbacAuthorizationV1alpha1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ] + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/clusterrolebindings": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ClusterRoleBinding", + "operationId": "deleteRbacAuthorizationV1alpha1CollectionClusterRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ClusterRoleBinding", + "operationId": "listRbacAuthorizationV1alpha1ClusterRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ClusterRoleBinding", + "operationId": "createRbacAuthorizationV1alpha1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/clusterrolebindings/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ClusterRoleBinding", + "operationId": "deleteRbacAuthorizationV1alpha1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ClusterRoleBinding", + "operationId": "readRbacAuthorizationV1alpha1ClusterRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the ClusterRoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ClusterRoleBinding", + "operationId": "patchRbacAuthorizationV1alpha1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ClusterRoleBinding", + "operationId": "replaceRbacAuthorizationV1alpha1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/clusterroles": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ClusterRole", + "operationId": "deleteRbacAuthorizationV1alpha1CollectionClusterRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ClusterRole", + "operationId": "listRbacAuthorizationV1alpha1ClusterRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ClusterRole", + "operationId": "createRbacAuthorizationV1alpha1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/clusterroles/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ClusterRole", + "operationId": "deleteRbacAuthorizationV1alpha1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ClusterRole", + "operationId": "readRbacAuthorizationV1alpha1ClusterRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the ClusterRole", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ClusterRole", + "operationId": "patchRbacAuthorizationV1alpha1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ClusterRole", + "operationId": "replaceRbacAuthorizationV1alpha1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/rolebindings": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of RoleBinding", + "operationId": "deleteRbacAuthorizationV1alpha1CollectionNamespacedRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind RoleBinding", + "operationId": "listRbacAuthorizationV1alpha1NamespacedRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a RoleBinding", + "operationId": "createRbacAuthorizationV1alpha1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/rolebindings/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a RoleBinding", + "operationId": "deleteRbacAuthorizationV1alpha1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified RoleBinding", + "operationId": "readRbacAuthorizationV1alpha1NamespacedRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the RoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified RoleBinding", + "operationId": "patchRbacAuthorizationV1alpha1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified RoleBinding", + "operationId": "replaceRbacAuthorizationV1alpha1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/roles": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Role", + "operationId": "deleteRbacAuthorizationV1alpha1CollectionNamespacedRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Role", + "operationId": "listRbacAuthorizationV1alpha1NamespacedRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Role", + "operationId": "createRbacAuthorizationV1alpha1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/namespaces/{namespace}/roles/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Role", + "operationId": "deleteRbacAuthorizationV1alpha1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Role", + "operationId": "readRbacAuthorizationV1alpha1NamespacedRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the Role", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Role", + "operationId": "patchRbacAuthorizationV1alpha1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Role", + "operationId": "replaceRbacAuthorizationV1alpha1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind RoleBinding", + "operationId": "listRbacAuthorizationV1alpha1RoleBindingForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Role", + "operationId": "listRbacAuthorizationV1alpha1RoleForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterrolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1alpha1ClusterRoleBindingList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterrolebindings/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1alpha1ClusterRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ClusterRoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterroles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ClusterRole. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1alpha1ClusterRoleList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/clusterroles/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ClusterRole. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1alpha1ClusterRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ClusterRole", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1alpha1NamespacedRoleBindingList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/rolebindings/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind RoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1alpha1NamespacedRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the RoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1alpha1NamespacedRoleList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/namespaces/{namespace}/roles/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Role. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1alpha1NamespacedRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Role", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1alpha1RoleBindingListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1alpha1/watch/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1alpha1RoleListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getRbacAuthorizationV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ] + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ClusterRoleBinding", + "operationId": "deleteRbacAuthorizationV1beta1CollectionClusterRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ClusterRoleBinding", + "operationId": "listRbacAuthorizationV1beta1ClusterRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ClusterRoleBinding", + "operationId": "createRbacAuthorizationV1beta1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ClusterRoleBinding", + "operationId": "deleteRbacAuthorizationV1beta1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ClusterRoleBinding", + "operationId": "readRbacAuthorizationV1beta1ClusterRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the ClusterRoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ClusterRoleBinding", + "operationId": "patchRbacAuthorizationV1beta1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ClusterRoleBinding", + "operationId": "replaceRbacAuthorizationV1beta1ClusterRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/clusterroles": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ClusterRole", + "operationId": "deleteRbacAuthorizationV1beta1CollectionClusterRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ClusterRole", + "operationId": "listRbacAuthorizationV1beta1ClusterRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ClusterRole", + "operationId": "createRbacAuthorizationV1beta1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/clusterroles/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ClusterRole", + "operationId": "deleteRbacAuthorizationV1beta1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ClusterRole", + "operationId": "readRbacAuthorizationV1beta1ClusterRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the ClusterRole", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified ClusterRole", + "operationId": "patchRbacAuthorizationV1beta1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ClusterRole", + "operationId": "replaceRbacAuthorizationV1beta1ClusterRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/rolebindings": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of RoleBinding", + "operationId": "deleteRbacAuthorizationV1beta1CollectionNamespacedRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind RoleBinding", + "operationId": "listRbacAuthorizationV1beta1NamespacedRoleBinding", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a RoleBinding", + "operationId": "createRbacAuthorizationV1beta1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/rolebindings/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a RoleBinding", + "operationId": "deleteRbacAuthorizationV1beta1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified RoleBinding", + "operationId": "readRbacAuthorizationV1beta1NamespacedRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the RoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified RoleBinding", + "operationId": "patchRbacAuthorizationV1beta1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified RoleBinding", + "operationId": "replaceRbacAuthorizationV1beta1NamespacedRoleBinding", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/roles": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of Role", + "operationId": "deleteRbacAuthorizationV1beta1CollectionNamespacedRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Role", + "operationId": "listRbacAuthorizationV1beta1NamespacedRole", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a Role", + "operationId": "createRbacAuthorizationV1beta1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/namespaces/{namespace}/roles/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a Role", + "operationId": "deleteRbacAuthorizationV1beta1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified Role", + "operationId": "readRbacAuthorizationV1beta1NamespacedRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the Role", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified Role", + "operationId": "patchRbacAuthorizationV1beta1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified Role", + "operationId": "replaceRbacAuthorizationV1beta1NamespacedRole", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + } + }, + "/apis/rbac.authorization.k8s.io/v1beta1/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind RoleBinding", + "operationId": "listRbacAuthorizationV1beta1RoleBindingForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBindingList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind Role", + "operationId": "listRbacAuthorizationV1beta1RoleForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1beta1ClusterRoleBindingList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterrolebindings/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1beta1ClusterRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ClusterRoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ClusterRole. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1beta1ClusterRoleList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/clusterroles/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ClusterRole. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1beta1ClusterRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "ClusterRole", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ClusterRole", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1beta1NamespacedRoleBindingList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/rolebindings/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind RoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1beta1NamespacedRoleBinding", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the RoleBinding", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1beta1NamespacedRoleList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/namespaces/{namespace}/roles/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind Role. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchRbacAuthorizationV1beta1NamespacedRole", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the Role", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/rolebindings": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1beta1RoleBindingListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "RoleBinding", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/rbac.authorization.k8s.io/v1beta1/watch/roles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchRbacAuthorizationV1beta1RoleListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "rbacAuthorization_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "rbac.authorization.k8s.io", + "kind": "Role", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/scheduling.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getSchedulingAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling" + ] + } + }, + "/apis/scheduling.k8s.io/v1alpha1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getSchedulingV1alpha1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ] + } + }, + "/apis/scheduling.k8s.io/v1alpha1/priorityclasses": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PriorityClass", + "operationId": "deleteSchedulingV1alpha1CollectionPriorityClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PriorityClass", + "operationId": "listSchedulingV1alpha1PriorityClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClassList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PriorityClass", + "operationId": "createSchedulingV1alpha1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + } + }, + "/apis/scheduling.k8s.io/v1alpha1/priorityclasses/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PriorityClass", + "operationId": "deleteSchedulingV1alpha1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PriorityClass", + "operationId": "readSchedulingV1alpha1PriorityClass", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the PriorityClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PriorityClass", + "operationId": "patchSchedulingV1alpha1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PriorityClass", + "operationId": "replaceSchedulingV1alpha1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1alpha1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + } + }, + "/apis/scheduling.k8s.io/v1alpha1/watch/priorityclasses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PriorityClass. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchSchedulingV1alpha1PriorityClassList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/scheduling.k8s.io/v1alpha1/watch/priorityclasses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PriorityClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchSchedulingV1alpha1PriorityClass", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PriorityClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/scheduling.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getSchedulingV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ] + } + }, + "/apis/scheduling.k8s.io/v1beta1/priorityclasses": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PriorityClass", + "operationId": "deleteSchedulingV1beta1CollectionPriorityClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PriorityClass", + "operationId": "listSchedulingV1beta1PriorityClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClassList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PriorityClass", + "operationId": "createSchedulingV1beta1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + } + }, + "/apis/scheduling.k8s.io/v1beta1/priorityclasses/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PriorityClass", + "operationId": "deleteSchedulingV1beta1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PriorityClass", + "operationId": "readSchedulingV1beta1PriorityClass", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the PriorityClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PriorityClass", + "operationId": "patchSchedulingV1beta1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PriorityClass", + "operationId": "replaceSchedulingV1beta1PriorityClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.scheduling.v1beta1.PriorityClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + } + }, + "/apis/scheduling.k8s.io/v1beta1/watch/priorityclasses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PriorityClass. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchSchedulingV1beta1PriorityClassList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/scheduling.k8s.io/v1beta1/watch/priorityclasses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PriorityClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchSchedulingV1beta1PriorityClass", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "scheduling_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "scheduling.k8s.io", + "kind": "PriorityClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PriorityClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/settings.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getSettingsAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings" + ] + } + }, + "/apis/settings.k8s.io/v1alpha1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getSettingsV1alpha1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ] + } + }, + "/apis/settings.k8s.io/v1alpha1/namespaces/{namespace}/podpresets": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of PodPreset", + "operationId": "deleteSettingsV1alpha1CollectionNamespacedPodPreset", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodPreset", + "operationId": "listSettingsV1alpha1NamespacedPodPreset", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a PodPreset", + "operationId": "createSettingsV1alpha1NamespacedPodPreset", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + } + }, + "/apis/settings.k8s.io/v1alpha1/namespaces/{namespace}/podpresets/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a PodPreset", + "operationId": "deleteSettingsV1alpha1NamespacedPodPreset", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified PodPreset", + "operationId": "readSettingsV1alpha1NamespacedPodPreset", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the PodPreset", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified PodPreset", + "operationId": "patchSettingsV1alpha1NamespacedPodPreset", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified PodPreset", + "operationId": "replaceSettingsV1alpha1NamespacedPodPreset", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + } + }, + "/apis/settings.k8s.io/v1alpha1/podpresets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind PodPreset", + "operationId": "listSettingsV1alpha1PodPresetForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/settings.k8s.io/v1alpha1/watch/namespaces/{namespace}/podpresets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodPreset. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchSettingsV1alpha1NamespacedPodPresetList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/settings.k8s.io/v1alpha1/watch/namespaces/{namespace}/podpresets/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind PodPreset. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchSettingsV1alpha1NamespacedPodPreset", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the PodPreset", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "object name and auth scope, such as for teams and projects", + "in": "path", + "name": "namespace", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/settings.k8s.io/v1alpha1/watch/podpresets": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of PodPreset. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchSettingsV1alpha1PodPresetListForAllNamespaces", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "settings_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "settings.k8s.io", + "kind": "PodPreset", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get information of a group", + "operationId": "getStorageAPIGroup", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIGroup" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage" + ] + } + }, + "/apis/storage.k8s.io/v1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getStorageV1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ] + } + }, + "/apis/storage.k8s.io/v1/storageclasses": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of StorageClass", + "operationId": "deleteStorageV1CollectionStorageClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StorageClass", + "operationId": "listStorageV1StorageClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClassList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a StorageClass", + "operationId": "createStorageV1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + } + }, + "/apis/storage.k8s.io/v1/storageclasses/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a StorageClass", + "operationId": "deleteStorageV1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified StorageClass", + "operationId": "readStorageV1StorageClass", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the StorageClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified StorageClass", + "operationId": "patchStorageV1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified StorageClass", + "operationId": "replaceStorageV1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + } + }, + "/apis/storage.k8s.io/v1/volumeattachments": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of VolumeAttachment", + "operationId": "deleteStorageV1CollectionVolumeAttachment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind VolumeAttachment", + "operationId": "listStorageV1VolumeAttachment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a VolumeAttachment", + "operationId": "createStorageV1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + } + }, + "/apis/storage.k8s.io/v1/volumeattachments/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a VolumeAttachment", + "operationId": "deleteStorageV1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified VolumeAttachment", + "operationId": "readStorageV1VolumeAttachment", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the VolumeAttachment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified VolumeAttachment", + "operationId": "patchStorageV1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified VolumeAttachment", + "operationId": "replaceStorageV1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + } + }, + "/apis/storage.k8s.io/v1/volumeattachments/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified VolumeAttachment", + "operationId": "readStorageV1VolumeAttachmentStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "name of the VolumeAttachment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update status of the specified VolumeAttachment", + "operationId": "patchStorageV1VolumeAttachmentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified VolumeAttachment", + "operationId": "replaceStorageV1VolumeAttachmentStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + } + }, + "/apis/storage.k8s.io/v1/watch/storageclasses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StorageClass. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchStorageV1StorageClassList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1/watch/storageclasses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind StorageClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchStorageV1StorageClass", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the StorageClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1/watch/volumeattachments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchStorageV1VolumeAttachmentList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1/watch/volumeattachments/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchStorageV1VolumeAttachment", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the VolumeAttachment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1alpha1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getStorageV1alpha1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ] + } + }, + "/apis/storage.k8s.io/v1alpha1/volumeattachments": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of VolumeAttachment", + "operationId": "deleteStorageV1alpha1CollectionVolumeAttachment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind VolumeAttachment", + "operationId": "listStorageV1alpha1VolumeAttachment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachmentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a VolumeAttachment", + "operationId": "createStorageV1alpha1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + } + }, + "/apis/storage.k8s.io/v1alpha1/volumeattachments/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a VolumeAttachment", + "operationId": "deleteStorageV1alpha1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified VolumeAttachment", + "operationId": "readStorageV1alpha1VolumeAttachment", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the VolumeAttachment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified VolumeAttachment", + "operationId": "patchStorageV1alpha1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified VolumeAttachment", + "operationId": "replaceStorageV1alpha1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1alpha1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + } + }, + "/apis/storage.k8s.io/v1alpha1/watch/volumeattachments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchStorageV1alpha1VolumeAttachmentList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1alpha1/watch/volumeattachments/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchStorageV1alpha1VolumeAttachment", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the VolumeAttachment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getStorageV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ] + } + }, + "/apis/storage.k8s.io/v1beta1/storageclasses": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of StorageClass", + "operationId": "deleteStorageV1beta1CollectionStorageClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind StorageClass", + "operationId": "listStorageV1beta1StorageClass", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClassList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a StorageClass", + "operationId": "createStorageV1beta1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + } + }, + "/apis/storage.k8s.io/v1beta1/storageclasses/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a StorageClass", + "operationId": "deleteStorageV1beta1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified StorageClass", + "operationId": "readStorageV1beta1StorageClass", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the StorageClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified StorageClass", + "operationId": "patchStorageV1beta1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified StorageClass", + "operationId": "replaceStorageV1beta1StorageClass", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + } + }, + "/apis/storage.k8s.io/v1beta1/volumeattachments": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of VolumeAttachment", + "operationId": "deleteStorageV1beta1CollectionVolumeAttachment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind VolumeAttachment", + "operationId": "listStorageV1beta1VolumeAttachment", + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachmentList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a VolumeAttachment", + "operationId": "createStorageV1beta1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + } + }, + "/apis/storage.k8s.io/v1beta1/volumeattachments/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a VolumeAttachment", + "operationId": "deleteStorageV1beta1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified VolumeAttachment", + "operationId": "readStorageV1beta1VolumeAttachment", + "parameters": [ + { + "description": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "exact", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "in": "query", + "name": "export", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "name of the VolumeAttachment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json" + ], + "description": "partially update the specified VolumeAttachment", + "operationId": "patchStorageV1beta1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified VolumeAttachment", + "operationId": "replaceStorageV1beta1VolumeAttachment", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.storage.v1beta1.VolumeAttachment" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + } + }, + "/apis/storage.k8s.io/v1beta1/watch/storageclasses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of StorageClass. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchStorageV1beta1StorageClassList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1beta1/watch/storageclasses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind StorageClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchStorageV1beta1StorageClass", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "StorageClass", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the StorageClass", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1beta1/watch/volumeattachments": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchStorageV1beta1VolumeAttachmentList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/storage.k8s.io/v1beta1/watch/volumeattachments/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchStorageV1beta1VolumeAttachment", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "storage_v1beta1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "storage.k8s.io", + "kind": "VolumeAttachment", + "version": "v1beta1" + } + }, + "parameters": [ + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the VolumeAttachment", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/logs/": { + "get": { + "operationId": "logFileListHandler", + "responses": { + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "logs" + ] + } + }, + "/logs/{logpath}": { + "get": { + "operationId": "logFileHandler", + "responses": { + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "logs" + ] + }, + "parameters": [ + { + "description": "path to the log", + "in": "path", + "name": "logpath", + "required": true, + "type": "string", + "uniqueItems": true + } + ] + }, + "/version/": { + "get": { + "consumes": [ + "application/json" + ], + "description": "get the code version", + "operationId": "getCodeVersion", + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.version.Info" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "version" + ] + } } - }, - "io.k8s.kube-aggregator.pkg.apis.apiregistration.v1beta1.ServiceReference": { - "description": "ServiceReference holds a reference to Service.legacy.k8s.io", - "type": "object", - "properties": { - "name": { - "description": "Name is the name of the service", - "type": "string" - }, - "namespace": { - "description": "Namespace is the namespace of the service", - "type": "string" - } - } - }, - "io.k8s.kubernetes.pkg.api.v1.AWSElasticBlockStoreVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.Affinity": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Affinity instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Affinity" - }, - "io.k8s.kubernetes.pkg.api.v1.AttachedVolume": { - "description": "Deprecated. Please use io.k8s.api.core.v1.AttachedVolume instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.AttachedVolume" - }, - "io.k8s.kubernetes.pkg.api.v1.AzureDiskVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.AzureDiskVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.AzureDiskVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.AzureFileVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.AzureFileVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.AzureFileVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.Binding": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Binding instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Binding" - }, - "io.k8s.kubernetes.pkg.api.v1.Capabilities": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Capabilities instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Capabilities" - }, - "io.k8s.kubernetes.pkg.api.v1.CephFSVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.CephFSVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.CephFSVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.CinderVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.CinderVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.CinderVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.ComponentCondition": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ComponentCondition instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ComponentCondition" - }, - "io.k8s.kubernetes.pkg.api.v1.ComponentStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ComponentStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.ComponentStatusList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ComponentStatusList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ComponentStatusList" - }, - "io.k8s.kubernetes.pkg.api.v1.ConfigMap": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMap instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMap" - }, - "io.k8s.kubernetes.pkg.api.v1.ConfigMapEnvSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapEnvSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapEnvSource" - }, - "io.k8s.kubernetes.pkg.api.v1.ConfigMapKeySelector": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapKeySelector instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapKeySelector" - }, - "io.k8s.kubernetes.pkg.api.v1.ConfigMapList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapList" - }, - "io.k8s.kubernetes.pkg.api.v1.ConfigMapProjection": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapProjection instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapProjection" - }, - "io.k8s.kubernetes.pkg.api.v1.ConfigMapVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ConfigMapVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ConfigMapVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.Container": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Container instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Container" - }, - "io.k8s.kubernetes.pkg.api.v1.ContainerImage": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerImage instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerImage" - }, - "io.k8s.kubernetes.pkg.api.v1.ContainerPort": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerPort instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerPort" - }, - "io.k8s.kubernetes.pkg.api.v1.ContainerState": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerState instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState" - }, - "io.k8s.kubernetes.pkg.api.v1.ContainerStateRunning": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStateRunning instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateRunning" - }, - "io.k8s.kubernetes.pkg.api.v1.ContainerStateTerminated": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStateTerminated instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateTerminated" - }, - "io.k8s.kubernetes.pkg.api.v1.ContainerStateWaiting": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStateWaiting instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStateWaiting" - }, - "io.k8s.kubernetes.pkg.api.v1.ContainerStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ContainerStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.DaemonEndpoint": { - "description": "Deprecated. Please use io.k8s.api.core.v1.DaemonEndpoint instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.DaemonEndpoint" - }, - "io.k8s.kubernetes.pkg.api.v1.DownwardAPIProjection": { - "description": "Deprecated. Please use io.k8s.api.core.v1.DownwardAPIProjection instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIProjection" - }, - "io.k8s.kubernetes.pkg.api.v1.DownwardAPIVolumeFile": { - "description": "Deprecated. Please use io.k8s.api.core.v1.DownwardAPIVolumeFile instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeFile" - }, - "io.k8s.kubernetes.pkg.api.v1.DownwardAPIVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.DownwardAPIVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.DownwardAPIVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.EmptyDirVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EmptyDirVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EmptyDirVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.EndpointAddress": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointAddress instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointAddress" - }, - "io.k8s.kubernetes.pkg.api.v1.EndpointPort": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointPort instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointPort" - }, - "io.k8s.kubernetes.pkg.api.v1.EndpointSubset": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointSubset instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointSubset" - }, - "io.k8s.kubernetes.pkg.api.v1.Endpoints": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Endpoints instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Endpoints" - }, - "io.k8s.kubernetes.pkg.api.v1.EndpointsList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EndpointsList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EndpointsList" - }, - "io.k8s.kubernetes.pkg.api.v1.EnvFromSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EnvFromSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EnvFromSource" - }, - "io.k8s.kubernetes.pkg.api.v1.EnvVar": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EnvVar instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EnvVar" - }, - "io.k8s.kubernetes.pkg.api.v1.EnvVarSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EnvVarSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EnvVarSource" - }, - "io.k8s.kubernetes.pkg.api.v1.Event": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Event instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Event" - }, - "io.k8s.kubernetes.pkg.api.v1.EventList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EventList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EventList" - }, - "io.k8s.kubernetes.pkg.api.v1.EventSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.EventSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.EventSource" - }, - "io.k8s.kubernetes.pkg.api.v1.ExecAction": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ExecAction instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ExecAction" - }, - "io.k8s.kubernetes.pkg.api.v1.FCVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.FCVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.FCVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.FlexVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.FlexVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.FlexVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.FlockerVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.FlockerVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.FlockerVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.GCEPersistentDiskVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.GCEPersistentDiskVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.GCEPersistentDiskVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.GitRepoVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.GitRepoVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.GitRepoVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.GlusterfsVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.GlusterfsVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.GlusterfsVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.HTTPGetAction": { - "description": "Deprecated. Please use io.k8s.api.core.v1.HTTPGetAction instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.HTTPGetAction" - }, - "io.k8s.kubernetes.pkg.api.v1.HTTPHeader": { - "description": "Deprecated. Please use io.k8s.api.core.v1.HTTPHeader instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.HTTPHeader" - }, - "io.k8s.kubernetes.pkg.api.v1.Handler": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Handler instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Handler" - }, - "io.k8s.kubernetes.pkg.api.v1.HostAlias": { - "description": "Deprecated. Please use io.k8s.api.core.v1.HostAlias instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.HostAlias" - }, - "io.k8s.kubernetes.pkg.api.v1.HostPathVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.HostPathVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.ISCSIVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ISCSIVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.KeyToPath": { - "description": "Deprecated. Please use io.k8s.api.core.v1.KeyToPath instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.KeyToPath" - }, - "io.k8s.kubernetes.pkg.api.v1.Lifecycle": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Lifecycle instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Lifecycle" - }, - "io.k8s.kubernetes.pkg.api.v1.LimitRange": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRange instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRange" - }, - "io.k8s.kubernetes.pkg.api.v1.LimitRangeItem": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRangeItem instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeItem" - }, - "io.k8s.kubernetes.pkg.api.v1.LimitRangeList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRangeList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeList" - }, - "io.k8s.kubernetes.pkg.api.v1.LimitRangeSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LimitRangeSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LimitRangeSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.LoadBalancerIngress": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LoadBalancerIngress instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerIngress" - }, - "io.k8s.kubernetes.pkg.api.v1.LoadBalancerStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LoadBalancerStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LoadBalancerStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.LocalObjectReference": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LocalObjectReference instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference" - }, - "io.k8s.kubernetes.pkg.api.v1.LocalVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.LocalVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.LocalVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.NFSVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NFSVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NFSVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.Namespace": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Namespace instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Namespace" - }, - "io.k8s.kubernetes.pkg.api.v1.NamespaceList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NamespaceList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceList" - }, - "io.k8s.kubernetes.pkg.api.v1.NamespaceSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NamespaceSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.NamespaceStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NamespaceStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NamespaceStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.Node": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Node instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Node" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeAddress": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeAddress instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeAddress" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeAffinity": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeAffinity instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeAffinity" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeCondition": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeCondition instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeCondition" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeDaemonEndpoints": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeDaemonEndpoints instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeDaemonEndpoints" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeList" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeSelector": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSelector instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeSelectorRequirement": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSelectorRequirement instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorRequirement" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeSelectorTerm": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSelectorTerm instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelectorTerm" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.NodeSystemInfo": { - "description": "Deprecated. Please use io.k8s.api.core.v1.NodeSystemInfo instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.NodeSystemInfo" - }, - "io.k8s.kubernetes.pkg.api.v1.ObjectFieldSelector": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ObjectFieldSelector instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectFieldSelector" - }, - "io.k8s.kubernetes.pkg.api.v1.ObjectReference": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ObjectReference instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ObjectReference" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolume": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolume instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolume" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaim": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaim instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaim" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimList" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeClaimVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeList" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.PersistentVolumeStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PersistentVolumeStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.PhotonPersistentDiskVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.Pod": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Pod instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Pod" - }, - "io.k8s.kubernetes.pkg.api.v1.PodAffinity": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodAffinity instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinity" - }, - "io.k8s.kubernetes.pkg.api.v1.PodAffinityTerm": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodAffinityTerm instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodAffinityTerm" - }, - "io.k8s.kubernetes.pkg.api.v1.PodAntiAffinity": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodAntiAffinity instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodAntiAffinity" - }, - "io.k8s.kubernetes.pkg.api.v1.PodCondition": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodCondition instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodCondition" - }, - "io.k8s.kubernetes.pkg.api.v1.PodList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodList" - }, - "io.k8s.kubernetes.pkg.api.v1.PodSecurityContext": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodSecurityContext instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodSecurityContext" - }, - "io.k8s.kubernetes.pkg.api.v1.PodSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.PodStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.PodTemplate": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodTemplate instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplate" - }, - "io.k8s.kubernetes.pkg.api.v1.PodTemplateList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodTemplateList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateList" - }, - "io.k8s.kubernetes.pkg.api.v1.PodTemplateSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PodTemplateSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.PortworxVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PortworxVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PortworxVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.PreferredSchedulingTerm": { - "description": "Deprecated. Please use io.k8s.api.core.v1.PreferredSchedulingTerm instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.PreferredSchedulingTerm" - }, - "io.k8s.kubernetes.pkg.api.v1.Probe": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Probe instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Probe" - }, - "io.k8s.kubernetes.pkg.api.v1.ProjectedVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ProjectedVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ProjectedVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.QuobyteVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.QuobyteVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.QuobyteVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.RBDVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.RBDVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.RBDVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.ReplicationController": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationController instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationController" - }, - "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerCondition": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerCondition instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerCondition" - }, - "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerList" - }, - "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.ReplicationControllerStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ReplicationControllerStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ReplicationControllerStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.ResourceFieldSelector": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceFieldSelector instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceFieldSelector" - }, - "io.k8s.kubernetes.pkg.api.v1.ResourceQuota": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuota instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuota" - }, - "io.k8s.kubernetes.pkg.api.v1.ResourceQuotaList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuotaList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaList" - }, - "io.k8s.kubernetes.pkg.api.v1.ResourceQuotaSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuotaSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.ResourceQuotaStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceQuotaStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceQuotaStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.ResourceRequirements": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ResourceRequirements instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements" - }, - "io.k8s.kubernetes.pkg.api.v1.SELinuxOptions": { - "description": "Deprecated. Please use io.k8s.api.core.v1.SELinuxOptions instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.SELinuxOptions" - }, - "io.k8s.kubernetes.pkg.api.v1.ScaleIOVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ScaleIOVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ScaleIOVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.Secret": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Secret instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Secret" - }, - "io.k8s.kubernetes.pkg.api.v1.SecretEnvSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.SecretEnvSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretEnvSource" - }, - "io.k8s.kubernetes.pkg.api.v1.SecretKeySelector": { - "description": "Deprecated. Please use io.k8s.api.core.v1.SecretKeySelector instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector" - }, - "io.k8s.kubernetes.pkg.api.v1.SecretList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.SecretList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretList" - }, - "io.k8s.kubernetes.pkg.api.v1.SecretProjection": { - "description": "Deprecated. Please use io.k8s.api.core.v1.SecretProjection instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretProjection" - }, - "io.k8s.kubernetes.pkg.api.v1.SecretVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.SecretVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecretVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.SecurityContext": { - "description": "Deprecated. Please use io.k8s.api.core.v1.SecurityContext instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.SecurityContext" - }, - "io.k8s.kubernetes.pkg.api.v1.Service": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Service instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Service" - }, - "io.k8s.kubernetes.pkg.api.v1.ServiceAccount": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceAccount instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccount" - }, - "io.k8s.kubernetes.pkg.api.v1.ServiceAccountList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceAccountList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceAccountList" - }, - "io.k8s.kubernetes.pkg.api.v1.ServiceList": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceList instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceList" - }, - "io.k8s.kubernetes.pkg.api.v1.ServicePort": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ServicePort instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ServicePort" - }, - "io.k8s.kubernetes.pkg.api.v1.ServiceSpec": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceSpec instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceSpec" - }, - "io.k8s.kubernetes.pkg.api.v1.ServiceStatus": { - "description": "Deprecated. Please use io.k8s.api.core.v1.ServiceStatus instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.ServiceStatus" - }, - "io.k8s.kubernetes.pkg.api.v1.StorageOSPersistentVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.StorageOSPersistentVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSPersistentVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.StorageOSVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.StorageOSVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.StorageOSVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.TCPSocketAction": { - "description": "Deprecated. Please use io.k8s.api.core.v1.TCPSocketAction instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.TCPSocketAction" - }, - "io.k8s.kubernetes.pkg.api.v1.Taint": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Taint instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Taint" - }, - "io.k8s.kubernetes.pkg.api.v1.Toleration": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Toleration instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Toleration" - }, - "io.k8s.kubernetes.pkg.api.v1.Volume": { - "description": "Deprecated. Please use io.k8s.api.core.v1.Volume instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.Volume" - }, - "io.k8s.kubernetes.pkg.api.v1.VolumeMount": { - "description": "Deprecated. Please use io.k8s.api.core.v1.VolumeMount instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.VolumeMount" - }, - "io.k8s.kubernetes.pkg.api.v1.VolumeProjection": { - "description": "Deprecated. Please use io.k8s.api.core.v1.VolumeProjection instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.VolumeProjection" - }, - "io.k8s.kubernetes.pkg.api.v1.VsphereVirtualDiskVolumeSource": { - "description": "Deprecated. Please use io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource" - }, - "io.k8s.kubernetes.pkg.api.v1.WeightedPodAffinityTerm": { - "description": "Deprecated. Please use io.k8s.api.core.v1.WeightedPodAffinityTerm instead.", - "$ref": "#/definitions/io.k8s.api.core.v1.WeightedPodAffinityTerm" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ControllerRevision": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ControllerRevision instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevision" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ControllerRevisionList": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ControllerRevisionList instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ControllerRevisionList" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.Deployment": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.Deployment instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Deployment" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentCondition": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentCondition instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentCondition" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentList": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentList instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentList" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentRollback": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentRollback instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentRollback" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentSpec": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentSpec instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentSpec" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentStatus": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentStatus instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStatus" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.DeploymentStrategy": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.DeploymentStrategy instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.DeploymentStrategy" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.RollbackConfig": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.RollbackConfig instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollbackConfig" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.RollingUpdateDeployment": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.RollingUpdateDeployment instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateDeployment" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.RollingUpdateStatefulSetStrategy": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.RollingUpdateStatefulSetStrategy" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.Scale": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.Scale instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.Scale" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ScaleSpec": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ScaleSpec instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleSpec" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.ScaleStatus": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.ScaleStatus instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.ScaleStatus" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSet": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSet instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSet" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetList": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetList instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetList" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetSpec": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetSpec instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetSpec" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetStatus": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetStatus instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetStatus" - }, - "io.k8s.kubernetes.pkg.apis.apps.v1beta1.StatefulSetUpdateStrategy": { - "description": "Deprecated. Please use io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy instead.", - "$ref": "#/definitions/io.k8s.api.apps.v1beta1.StatefulSetUpdateStrategy" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1.TokenReview": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1.TokenReview instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReview" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1.TokenReviewSpec": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1.TokenReviewSpec instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewSpec" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1.TokenReviewStatus": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1.TokenReviewStatus instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1.TokenReviewStatus" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1.UserInfo": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1.UserInfo instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1.UserInfo" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.TokenReview": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.TokenReview instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReview" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.TokenReviewSpec": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.TokenReviewSpec instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewSpec" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.TokenReviewStatus": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.TokenReviewStatus instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.TokenReviewStatus" - }, - "io.k8s.kubernetes.pkg.apis.authentication.v1beta1.UserInfo": { - "description": "Deprecated. Please use io.k8s.api.authentication.v1beta1.UserInfo instead.", - "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.UserInfo" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.LocalSubjectAccessReview": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.LocalSubjectAccessReview instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.LocalSubjectAccessReview" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.NonResourceAttributes": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.NonResourceAttributes instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.NonResourceAttributes" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.ResourceAttributes": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.ResourceAttributes instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.SelfSubjectAccessReview": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.SelfSubjectAccessReview instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReview" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.SelfSubjectAccessReviewSpec": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SelfSubjectAccessReviewSpec" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.SubjectAccessReview": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.SubjectAccessReview instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReview" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.SubjectAccessReviewSpec": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.SubjectAccessReviewSpec instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewSpec" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1.SubjectAccessReviewStatus": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1.SubjectAccessReviewStatus instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1.SubjectAccessReviewStatus" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.LocalSubjectAccessReview": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.LocalSubjectAccessReview" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.NonResourceAttributes": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.NonResourceAttributes instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.NonResourceAttributes" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.ResourceAttributes": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.ResourceAttributes instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SelfSubjectAccessReview": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReview" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SelfSubjectAccessReviewSpec": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SelfSubjectAccessReviewSpec" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SubjectAccessReview": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SubjectAccessReview instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReview" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SubjectAccessReviewSpec": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewSpec" - }, - "io.k8s.kubernetes.pkg.apis.authorization.v1beta1.SubjectAccessReviewStatus": { - "description": "Deprecated. Please use io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus instead.", - "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.SubjectAccessReviewStatus" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.CrossVersionObjectReference": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.CrossVersionObjectReference instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.CrossVersionObjectReference" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscaler": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscalerList": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscalerSpec": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.HorizontalPodAutoscalerStatus": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.Scale": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.Scale instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.Scale" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.ScaleSpec": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.ScaleSpec instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleSpec" - }, - "io.k8s.kubernetes.pkg.apis.autoscaling.v1.ScaleStatus": { - "description": "Deprecated. Please use io.k8s.api.autoscaling.v1.ScaleStatus instead.", - "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleStatus" - }, - "io.k8s.kubernetes.pkg.apis.batch.v1.Job": { - "description": "Deprecated. Please use io.k8s.api.batch.v1.Job instead.", - "$ref": "#/definitions/io.k8s.api.batch.v1.Job" - }, - "io.k8s.kubernetes.pkg.apis.batch.v1.JobCondition": { - "description": "Deprecated. Please use io.k8s.api.batch.v1.JobCondition instead.", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobCondition" - }, - "io.k8s.kubernetes.pkg.apis.batch.v1.JobList": { - "description": "Deprecated. Please use io.k8s.api.batch.v1.JobList instead.", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobList" - }, - "io.k8s.kubernetes.pkg.apis.batch.v1.JobSpec": { - "description": "Deprecated. Please use io.k8s.api.batch.v1.JobSpec instead.", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobSpec" - }, - "io.k8s.kubernetes.pkg.apis.batch.v1.JobStatus": { - "description": "Deprecated. Please use io.k8s.api.batch.v1.JobStatus instead.", - "$ref": "#/definitions/io.k8s.api.batch.v1.JobStatus" - }, - "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJob": { - "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJob instead.", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJob" - }, - "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJobList": { - "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJobList instead.", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobList" - }, - "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJobSpec": { - "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJobSpec instead.", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobSpec" - }, - "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.CronJobStatus": { - "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.CronJobStatus instead.", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.CronJobStatus" - }, - "io.k8s.kubernetes.pkg.apis.batch.v2alpha1.JobTemplateSpec": { - "description": "Deprecated. Please use io.k8s.api.batch.v2alpha1.JobTemplateSpec instead.", - "$ref": "#/definitions/io.k8s.api.batch.v2alpha1.JobTemplateSpec" - }, - "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequest": { - "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequest instead.", - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequest" - }, - "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestCondition": { - "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition instead.", - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestCondition" - }, - "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestList": { - "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestList instead.", - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestList" - }, - "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestSpec": { - "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec instead.", - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec" - }, - "io.k8s.kubernetes.pkg.apis.certificates.v1beta1.CertificateSigningRequestStatus": { - "description": "Deprecated. Please use io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus instead.", - "$ref": "#/definitions/io.k8s.api.certificates.v1beta1.CertificateSigningRequestStatus" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSet": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSet instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSet" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetList": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetList instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetList" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetSpec": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetSpec instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetSpec" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetStatus": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetStatus instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetStatus" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DaemonSetUpdateStrategy": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DaemonSetUpdateStrategy" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.Deployment": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.Deployment instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Deployment" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentCondition": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentCondition instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentCondition" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentList": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentList instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentList" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentRollback": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentRollback instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentRollback" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentSpec": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentSpec instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentSpec" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentStatus": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentStatus instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStatus" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.DeploymentStrategy": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.DeploymentStrategy instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.DeploymentStrategy" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.FSGroupStrategyOptions": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.FSGroupStrategyOptions" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.HTTPIngressPath": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.HTTPIngressPath instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressPath" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.HTTPIngressRuleValue": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HTTPIngressRuleValue" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.HostPortRange": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.HostPortRange instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.HostPortRange" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IDRange": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IDRange instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IDRange" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.Ingress": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.Ingress instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Ingress" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressBackend": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressBackend instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressBackend" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressList": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressList instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressList" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressRule": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressRule instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressRule" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressSpec": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressSpec instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressSpec" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressStatus": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressStatus instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressStatus" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.IngressTLS": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.IngressTLS instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.IngressTLS" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicy": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicy instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicy" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyIngressRule": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyIngressRule" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyList": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyList instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyList" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyPeer": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyPeer instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPeer" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicyPort": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicyPort instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicyPort" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.NetworkPolicySpec": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.NetworkPolicySpec instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.NetworkPolicySpec" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.PodSecurityPolicy": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.PodSecurityPolicy instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicy" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.PodSecurityPolicyList": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.PodSecurityPolicyList instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicyList" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.PodSecurityPolicySpec": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.PodSecurityPolicySpec" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSet": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSet instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSet" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetCondition": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetCondition instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetCondition" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetList": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetList instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetList" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetSpec": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetSpec instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetSpec" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ReplicaSetStatus": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ReplicaSetStatus instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ReplicaSetStatus" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RollbackConfig": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RollbackConfig instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollbackConfig" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RollingUpdateDaemonSet": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDaemonSet" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RollingUpdateDeployment": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RollingUpdateDeployment instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RollingUpdateDeployment" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.RunAsUserStrategyOptions": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.RunAsUserStrategyOptions" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.SELinuxStrategyOptions": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SELinuxStrategyOptions" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.Scale": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.Scale instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.Scale" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ScaleSpec": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ScaleSpec instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleSpec" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.ScaleStatus": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.ScaleStatus instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.ScaleStatus" - }, - "io.k8s.kubernetes.pkg.apis.extensions.v1beta1.SupplementalGroupsStrategyOptions": { - "description": "Deprecated. Please use io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions instead.", - "$ref": "#/definitions/io.k8s.api.extensions.v1beta1.SupplementalGroupsStrategyOptions" - }, - "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicy": { - "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicy instead.", - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" - }, - "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyIngressRule": { - "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyIngressRule instead.", - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyIngressRule" - }, - "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyList": { - "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyList instead.", - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyList" - }, - "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyPeer": { - "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyPeer instead.", - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer" - }, - "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicyPort": { - "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicyPort instead.", - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort" - }, - "io.k8s.kubernetes.pkg.apis.networking.v1.NetworkPolicySpec": { - "description": "Deprecated. Please use io.k8s.api.networking.v1.NetworkPolicySpec instead.", - "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicySpec" - }, - "io.k8s.kubernetes.pkg.apis.policy.v1beta1.Eviction": { - "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.Eviction instead.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.Eviction" - }, - "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudget": { - "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudget instead.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudget" - }, - "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudgetList": { - "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudgetList instead.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetList" - }, - "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudgetSpec": { - "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec instead.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetSpec" - }, - "io.k8s.kubernetes.pkg.apis.policy.v1beta1.PodDisruptionBudgetStatus": { - "description": "Deprecated. Please use io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus instead.", - "$ref": "#/definitions/io.k8s.api.policy.v1beta1.PodDisruptionBudgetStatus" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRole": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRole instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRole" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRoleBinding": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRoleBinding instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBinding" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRoleBindingList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleBindingList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.ClusterRoleList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.ClusterRoleList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.ClusterRoleList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.PolicyRule": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.PolicyRule instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.PolicyRule" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.Role": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.Role instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Role" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleBinding": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleBinding instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBinding" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleBindingList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleBindingList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleBindingList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.RoleRef": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.RoleRef instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.RoleRef" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1alpha1.Subject": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1alpha1.Subject instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1alpha1.Subject" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRole": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRole instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRole" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRoleBinding": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRoleBinding instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBinding" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRoleBindingList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRoleBindingList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleBindingList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.ClusterRoleList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.ClusterRoleList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.ClusterRoleList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.PolicyRule": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.PolicyRule instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.PolicyRule" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.Role": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.Role instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Role" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleBinding": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleBinding instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBinding" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleBindingList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleBindingList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleBindingList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleList": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleList instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleList" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.RoleRef": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.RoleRef instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.RoleRef" - }, - "io.k8s.kubernetes.pkg.apis.rbac.v1beta1.Subject": { - "description": "Deprecated. Please use io.k8s.api.rbac.v1beta1.Subject instead.", - "$ref": "#/definitions/io.k8s.api.rbac.v1beta1.Subject" - }, - "io.k8s.kubernetes.pkg.apis.settings.v1alpha1.PodPreset": { - "description": "Deprecated. Please use io.k8s.api.settings.v1alpha1.PodPreset instead.", - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPreset" - }, - "io.k8s.kubernetes.pkg.apis.settings.v1alpha1.PodPresetList": { - "description": "Deprecated. Please use io.k8s.api.settings.v1alpha1.PodPresetList instead.", - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetList" - }, - "io.k8s.kubernetes.pkg.apis.settings.v1alpha1.PodPresetSpec": { - "description": "Deprecated. Please use io.k8s.api.settings.v1alpha1.PodPresetSpec instead.", - "$ref": "#/definitions/io.k8s.api.settings.v1alpha1.PodPresetSpec" - }, - "io.k8s.kubernetes.pkg.apis.storage.v1.StorageClass": { - "description": "Deprecated. Please use io.k8s.api.storage.v1.StorageClass instead.", - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" - }, - "io.k8s.kubernetes.pkg.apis.storage.v1.StorageClassList": { - "description": "Deprecated. Please use io.k8s.api.storage.v1.StorageClassList instead.", - "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClassList" - }, - "io.k8s.kubernetes.pkg.apis.storage.v1beta1.StorageClass": { - "description": "Deprecated. Please use io.k8s.api.storage.v1beta1.StorageClass instead.", - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClass" - }, - "io.k8s.kubernetes.pkg.apis.storage.v1beta1.StorageClassList": { - "description": "Deprecated. Please use io.k8s.api.storage.v1beta1.StorageClassList instead.", - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.StorageClassList" - } - }, - "securityDefinitions": { - "BearerToken": { - "description": "Bearer Token authentication", - "type": "apiKey", - "name": "authorization", - "in": "header" - } }, "security": [ - { - "BearerToken": [] - } - ] - } + { + "BearerToken": [] + } + ], + "securityDefinitions": { + "BearerToken": { + "description": "Bearer Token authentication", + "in": "header", + "name": "authorization", + "type": "apiKey" + } + }, + "swagger": "2.0" +} diff --git a/build/BUILD b/build/BUILD index 4230e5e86cc..340f9236b6c 100644 --- a/build/BUILD +++ b/build/BUILD @@ -1,7 +1,7 @@ package(default_visibility = ["//visibility:public"]) load("@io_bazel_rules_docker//container:container.bzl", "container_bundle", "container_image") -load("@io_kubernetes_build//defs:build.bzl", "release_filegroup") +load("@io_k8s_repo_infra//defs:build.bzl", "release_filegroup") load(":code_generation_test.bzl", "code_generation_test_suite") code_generation_test_suite( @@ -71,7 +71,6 @@ DOCKERIZED_BINARIES = { images = { "k8s.gcr.io/%s:{STABLE_DOCKER_TAG}" % binary: binary + "-internal", }, - stamp = True, ) for binary in DOCKERIZED_BINARIES.keys()] [genrule( diff --git a/build/OWNERS b/build/OWNERS index 725d8464be0..376d7a0a680 100644 --- a/build/OWNERS +++ b/build/OWNERS @@ -1,4 +1,7 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: + - bentheelder - cblecker - ixdy - jbeda diff --git a/build/code_generation.bzl b/build/code_generation.bzl index 86efa8cc1d4..b398de8653b 100644 --- a/build/code_generation.bzl +++ b/build/code_generation.bzl @@ -14,7 +14,7 @@ load("//build:kazel_generated.bzl", "go_prefix", "tags_values_pkgs") load("//build:openapi.bzl", "openapi_vendor_prefix") -load("@io_kubernetes_build//defs:go.bzl", "go_genrule") +load("@io_k8s_repo_infra//defs:go.bzl", "go_genrule") def bazel_go_library(pkg): """Returns the Bazel label for the Go library for the provided package. diff --git a/build/code_generation_test.bzl b/build/code_generation_test.bzl index 5d4298f6ac6..04a89e06bbc 100644 --- a/build/code_generation_test.bzl +++ b/build/code_generation_test.bzl @@ -13,7 +13,7 @@ # limitations under the License. load(":code_generation.bzl", "bazel_go_library", "go_pkg") -load("@bazel_skylib//:lib.bzl", "asserts", "unittest") +load("@bazel_skylib//lib:unittest.bzl", "asserts", "unittest") def _bazel_go_library_test_impl(ctx): env = unittest.begin(ctx) diff --git a/build/common.sh b/build/common.sh index 54538303e8b..8aa2a62746d 100755 --- a/build/common.sh +++ b/build/common.sh @@ -89,8 +89,8 @@ readonly KUBE_CONTAINER_RSYNC_PORT=8730 # $1 - server architecture kube::build::get_docker_wrapped_binaries() { local arch=$1 - local debian_base_version=0.4.0 - local debian_iptables_version=v11.0 + local debian_base_version=0.4.1 + local debian_iptables_version=v11.0.1 ### If you change any of these lists, please also update DOCKERIZED_BINARIES ### in build/BUILD. And kube::golang::server_image_targets local targets=( diff --git a/build/debian-hyperkube-base/OWNERS b/build/debian-hyperkube-base/OWNERS index 0c4ba8e2f18..c28de235565 100644 --- a/build/debian-hyperkube-base/OWNERS +++ b/build/debian-hyperkube-base/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + labels: - sig/release diff --git a/build/debs/BUILD b/build/debs/BUILD index e1cbfeccebe..f4163dfb862 100644 --- a/build/debs/BUILD +++ b/build/debs/BUILD @@ -1,8 +1,8 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:deb.bzl", "k8s_deb", "deb_data") -load("@io_kubernetes_build//defs:build.bzl", "release_filegroup") -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:deb.bzl", "k8s_deb", "deb_data") +load("@io_k8s_repo_infra//defs:build.bzl", "release_filegroup") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") load("//build:workspace.bzl", "CNI_VERSION", "CRI_TOOLS_VERSION") # We do not include kube-scheduler, kube-controller-manager, diff --git a/build/debs/OWNERS b/build/debs/OWNERS index fac1c2ed97a..65a818e18ce 100644 --- a/build/debs/OWNERS +++ b/build/debs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - luxas - jbeda diff --git a/build/kazel_generated.bzl b/build/kazel_generated.bzl index 9924953bbe6..b66c7d6a7a4 100644 --- a/build/kazel_generated.bzl +++ b/build/kazel_generated.bzl @@ -62,6 +62,7 @@ tags_values_pkgs = {"openapi-gen": { "staging/src/k8s.io/api/extensions/v1beta1", "staging/src/k8s.io/api/imagepolicy/v1alpha1", "staging/src/k8s.io/api/networking/v1", + "staging/src/k8s.io/api/networking/v1beta1", "staging/src/k8s.io/api/policy/v1beta1", "staging/src/k8s.io/api/rbac/v1", "staging/src/k8s.io/api/rbac/v1alpha1", @@ -135,6 +136,7 @@ tags_pkgs_values = {"openapi-gen": { "staging/src/k8s.io/api/extensions/v1beta1": ["true"], "staging/src/k8s.io/api/imagepolicy/v1alpha1": ["true"], "staging/src/k8s.io/api/networking/v1": ["true"], + "staging/src/k8s.io/api/networking/v1beta1": ["true"], "staging/src/k8s.io/api/policy/v1beta1": ["true"], "staging/src/k8s.io/api/rbac/v1": ["true"], "staging/src/k8s.io/api/rbac/v1alpha1": ["true"], diff --git a/build/release-tars/BUILD b/build/release-tars/BUILD index e9f379a7ddd..cc79f4de78e 100644 --- a/build/release-tars/BUILD +++ b/build/release-tars/BUILD @@ -1,7 +1,7 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:build.bzl", "release_filegroup") -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:build.bzl", "release_filegroup") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") filegroup( name = "package-srcs", diff --git a/build/root/BUILD.root b/build/root/BUILD.root index d4bb831a07d..d0238420d51 100644 --- a/build/root/BUILD.root +++ b/build/root/BUILD.root @@ -13,7 +13,7 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:build.bzl", "gcs_upload") +load("@io_k8s_repo_infra//defs:build.bzl", "gcs_upload") filegroup( name = "_binary-artifacts-and-hashes", diff --git a/build/root/WORKSPACE b/build/root/WORKSPACE index 15904309038..ea1c6481927 100644 --- a/build/root/WORKSPACE +++ b/build/root/WORKSPACE @@ -2,24 +2,22 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive", "http_file" load("//build:workspace_mirror.bzl", "mirror") load("//build:workspace.bzl", "CNI_VERSION", "CRI_TOOLS_VERSION") -http_archive( - name = "io_bazel_rules_go", - sha256 = "ade51a315fa17347e5c31201fdc55aa5ffb913377aa315dceb56ee9725e620ee", - urls = mirror("https://github.com/bazelbuild/rules_go/releases/download/0.16.6/rules_go-0.16.6.tar.gz"), -) - -http_archive( - name = "io_kubernetes_build", - sha256 = "21160531ea8a9a4001610223ad815622bf60671d308988c7057168a495a7e2e8", - strip_prefix = "repo-infra-b4bc4f1552c7fc1d4654753ca9b0e5e13883429f", - urls = mirror("https://github.com/kubernetes/repo-infra/archive/b4bc4f1552c7fc1d4654753ca9b0e5e13883429f.tar.gz"), -) - http_archive( name = "bazel_skylib", - sha256 = "bbccf674aa441c266df9894182d80de104cabd19be98be002f6d478aaa31574d", - strip_prefix = "bazel-skylib-2169ae1c374aab4a09aa90e65efe1a3aad4e279b", - urls = mirror("https://github.com/bazelbuild/bazel-skylib/archive/2169ae1c374aab4a09aa90e65efe1a3aad4e279b.tar.gz"), + sha256 = "eb5c57e4c12e68c0c20bc774bfbc60a568e800d025557bc4ea022c6479acc867", + strip_prefix = "bazel-skylib-0.6.0", + urls = mirror("https://github.com/bazelbuild/bazel-skylib/archive/0.6.0.tar.gz"), +) + +load("@bazel_skylib//lib:versions.bzl", "versions") + +versions.check(minimum_bazel_version = "0.18.0") + +http_archive( + name = "io_k8s_repo_infra", + sha256 = "4ce2d8576e786c8fb8bc4f7ed79f5fda543568d78c09306d16cc8d1b7d5621f0", + strip_prefix = "repo-infra-8a5707674e76b825bfd9a8624bae045bc6e5f24d", + urls = mirror("https://github.com/kubernetes/repo-infra/archive/8a5707674e76b825bfd9a8624bae045bc6e5f24d.tar.gz"), ) ETCD_VERSION = "3.3.10" @@ -33,18 +31,12 @@ http_archive( ) http_archive( - name = "io_bazel_rules_docker", - sha256 = "29d109605e0d6f9c892584f07275b8c9260803bf0c6fcb7de2623b2bedc910bd", - strip_prefix = "rules_docker-0.5.1", - urls = mirror("https://github.com/bazelbuild/rules_docker/archive/v0.5.1.tar.gz"), + name = "io_bazel_rules_go", + sha256 = "492c3ac68ed9dcf527a07e6a1b2dcbf199c6bf8b35517951467ac32e421c06c1", + urls = mirror("https://github.com/bazelbuild/rules_go/releases/download/0.17.0/rules_go-0.17.0.tar.gz"), ) -load("@bazel_skylib//:lib.bzl", "versions") - -versions.check(minimum_bazel_version = "0.17.2") - -load("@io_bazel_rules_go//go:def.bzl", "go_download_sdk", "go_register_toolchains", "go_rules_dependencies") -load("@io_bazel_rules_docker//docker:docker.bzl", "docker_pull", "docker_repositories") +load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies") go_rules_dependencies() @@ -52,7 +44,21 @@ go_register_toolchains( go_version = "1.11.5", ) -docker_repositories() +http_archive( + name = "io_bazel_rules_docker", + sha256 = "aed1c249d4ec8f703edddf35cbe9dfaca0b5f5ea6e4cd9e83e99f3b0d1136c3d", + strip_prefix = "rules_docker-0.7.0", + urls = mirror("https://github.com/bazelbuild/rules_docker/archive/v0.7.0.tar.gz"), +) + +load( + "@io_bazel_rules_docker//repositories:repositories.bzl", + container_repositories = "repositories", +) + +container_repositories() + +load("@io_bazel_rules_docker//container:container.bzl", "container_pull") http_file( name = "kubernetes_cni", @@ -68,31 +74,31 @@ http_file( urls = mirror("https://github.com/kubernetes-incubator/cri-tools/releases/download/v%s/crictl-v%s-linux-amd64.tar.gz" % (CRI_TOOLS_VERSION, CRI_TOOLS_VERSION)), ) -docker_pull( +container_pull( name = "debian-base-amd64", - digest = "sha256:86176bc8ccdc4d8ea7fbf6ba4b57fcefc2cb61ff7413114630940474ff9bf751", + digest = "sha256:8ccb65cd2dd7e0c24193d0742a20e4a673dbd11af5a33f16fcd471a31486866c", registry = "k8s.gcr.io", repository = "debian-base-amd64", - tag = "0.4.0", # ignored, but kept here for documentation + tag = "0.4.1", # ignored, but kept here for documentation ) -docker_pull( +container_pull( name = "debian-iptables-amd64", - digest = "sha256:d4ff8136b9037694a3165a7fff6a91e7fc828741b8ea1eda226d4d9ea5d23abb", + digest = "sha256:9c41b4c326304b94eb96fdd2e181aa6e9995cc4642fcdfb570cedd73a419ba39", registry = "k8s.gcr.io", repository = "debian-iptables-amd64", - tag = "v11.0", # ignored, but kept here for documentation + tag = "v11.0.1", # ignored, but kept here for documentation ) -docker_pull( +container_pull( name = "debian-hyperkube-base-amd64", - digest = "sha256:4a77bc882f7d629c088a11ff144a2e86660268fddf63b61f52b6a93d16ab83f0", + digest = "sha256:5d4ea2fb5fbe9a9a9da74f67cf2faefc881968bc39f2ac5d62d9167e575812a1", registry = "k8s.gcr.io", repository = "debian-hyperkube-base-amd64", - tag = "0.12.0", # ignored, but kept here for documentation + tag = "0.12.1", # ignored, but kept here for documentation ) -docker_pull( +container_pull( name = "official_busybox", digest = "sha256:cb63aa0641a885f54de20f61d152187419e8f6b159ed11a251a09d115fdff9bd", registry = "index.docker.io", diff --git a/build/rpms/OWNERS b/build/rpms/OWNERS index fac1c2ed97a..65a818e18ce 100644 --- a/build/rpms/OWNERS +++ b/build/rpms/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - luxas - jbeda diff --git a/build/visible_to/BUILD b/build/visible_to/BUILD index baf30d938aa..02d5f80657a 100644 --- a/build/visible_to/BUILD +++ b/build/visible_to/BUILD @@ -193,6 +193,7 @@ package_group( "//pkg/kubectl/cmd/expose", "//pkg/kubectl/cmd/get", "//pkg/kubectl/cmd/help", + "//pkg/kubectl/cmd/kustomize", "//pkg/kubectl/cmd/label", "//pkg/kubectl/cmd/logs", "//pkg/kubectl/cmd/options", diff --git a/build/visible_to/OWNERS b/build/visible_to/OWNERS index 8bc54f89e4e..81ee135ce12 100644 --- a/build/visible_to/OWNERS +++ b/build/visible_to/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - brendandburns - dchen1107 diff --git a/build/visible_to/README.md b/build/visible_to/README.md index 3caf0a14b2a..1aae8771dae 100644 --- a/build/visible_to/README.md +++ b/build/visible_to/README.md @@ -157,7 +157,7 @@ q=//cmd/kubectl:kubectl bazel query "buildfiles(deps($q))" | \ grep -v @bazel_tools | \ grep -v @io_bazel_rules | \ - grep -v @io_kubernetes_build | \ + grep -v @io_k8s_repo_infra | \ grep -v @local_config | \ grep -v @local_jdk | \ grep -v //visible_to: | \ diff --git a/cluster/BUILD b/cluster/BUILD index 650b5df7cb9..9b2ba53952a 100644 --- a/cluster/BUILD +++ b/cluster/BUILD @@ -1,6 +1,6 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") filegroup( name = "package-srcs", diff --git a/cluster/OWNERS b/cluster/OWNERS index 1c7ea50d616..247beaffc20 100644 --- a/cluster/OWNERS +++ b/cluster/OWNERS @@ -1,4 +1,7 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: + - bentheelder - eparis - jbeda - mikedanese diff --git a/cluster/addons/BUILD b/cluster/addons/BUILD index 4ea2703d767..f98396c7baf 100644 --- a/cluster/addons/BUILD +++ b/cluster/addons/BUILD @@ -1,6 +1,6 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") filegroup( name = "addon-srcs", diff --git a/cluster/addons/addon-manager/Makefile b/cluster/addons/addon-manager/Makefile index 8fc4a57b711..e2fc2988e25 100644 --- a/cluster/addons/addon-manager/Makefile +++ b/cluster/addons/addon-manager/Makefile @@ -18,7 +18,7 @@ TEMP_DIR:=$(shell mktemp -d) VERSION=v9.0 KUBECTL_VERSION?=v1.13.2 -BASEIMAGE=k8s.gcr.io/debian-base-$(ARCH):0.4.0 +BASEIMAGE=k8s.gcr.io/debian-base-$(ARCH):0.4.1 SUDO=$(if $(filter 0,$(shell id -u)),,sudo) diff --git a/cluster/addons/addon-manager/OWNERS b/cluster/addons/addon-manager/OWNERS index 162598a14d3..5d6db99705e 100644 --- a/cluster/addons/addon-manager/OWNERS +++ b/cluster/addons/addon-manager/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - mrhohn diff --git a/cluster/addons/calico-policy-controller/OWNERS b/cluster/addons/calico-policy-controller/OWNERS index 04667f7de28..50502aede0b 100644 --- a/cluster/addons/calico-policy-controller/OWNERS +++ b/cluster/addons/calico-policy-controller/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bowei - caseydavenport diff --git a/cluster/addons/cluster-loadbalancing/MAINTAINERS.md b/cluster/addons/cluster-loadbalancing/MAINTAINERS.md deleted file mode 100644 index 12a16b2004e..00000000000 --- a/cluster/addons/cluster-loadbalancing/MAINTAINERS.md +++ /dev/null @@ -1,6 +0,0 @@ -# Maintainers - -Prashanth.B - - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/cluster-loadbalancing/MAINTAINERS.md?pixel)]() diff --git a/cluster/addons/cluster-loadbalancing/OWNERS b/cluster/addons/cluster-loadbalancing/OWNERS index 42800db7267..2eb9412f35a 100644 --- a/cluster/addons/cluster-loadbalancing/OWNERS +++ b/cluster/addons/cluster-loadbalancing/OWNERS @@ -2,7 +2,9 @@ approvers: - bowei - rramkumar1 - mrhohn +- freehan reviewers: - bowei - rramkumar1 - mrhohn +- freehan diff --git a/cluster/addons/cluster-loadbalancing/glbc/README.md b/cluster/addons/cluster-loadbalancing/glbc/README.md index 0d9685d3496..d1a1d93f03c 100644 --- a/cluster/addons/cluster-loadbalancing/glbc/README.md +++ b/cluster/addons/cluster-loadbalancing/glbc/README.md @@ -1,112 +1,9 @@ # GCE Load-Balancer Controller (GLBC) Cluster Addon -This cluster addon is composed of: -* A [Google L7 LoadBalancer Controller](https://github.com/kubernetes/contrib/tree/master/ingress/controllers/gce) -* A [404 default backend](https://github.com/kubernetes/contrib/tree/master/404-server) Service + RC +This cluster addon is composed of a 404 default backend service and deployment. +On GCE, this 404 service is used in conjunction with the +[Ingress-GCE](https://github.com/kubernetes/ingress-gce) controller. -It relies on the [Ingress resource](https://kubernetes.io/docs/user-guide/ingress.md) only available in Kubernetes version 1.1 and beyond. +See the Ingress-GCE docs for more information. -## Prerequisites -Before you can receive traffic through the GCE L7 Loadbalancer Controller you need: -* A Working Kubernetes 1.1 cluster -* At least 1 Kubernetes [NodePort Service](https://kubernetes.io/docs/user-guide/services.md#type-nodeport) (this is the endpoint for your Ingress) -* Firewall-rules that allow traffic to the NodePort service, as indicated by `kubectl` at Service creation time -* Adequate quota, as mentioned in the next section -* A single instance of the L7 Loadbalancer Controller pod (if you're using the default GCE setup, this should already be running in the `kube-system` namespace) - -## Quota - -GLBC is not aware of your GCE quota. As of this writing users get 3 [GCE Backend Services](https://cloud.google.com/compute/docs/load-balancing/http/backend-service) by default. If you plan on creating Ingresses for multiple Kubernetes Services, remember that each one requires a backend service, and request quota. Should you fail to do so the controller will poll periodically and grab the first free backend service slot it finds. You can view your quota: - -```console -$ gcloud compute project-info describe --project myproject -``` -See [GCE documentation](https://cloud.google.com/compute/docs/resource-quotas#checking_your_quota) for how to request more. - -## Latency - -It takes ~1m to spin up a loadbalancer (this includes acquiring the public ip), and ~5-6m before the GCE api starts healthchecking backends. So as far as latency goes, here's what to expect: - -Assume one creates the following simple Ingress: -```yaml -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: test-ingress -spec: - backend: - # This will just loopback to the default backend of GLBC - serviceName: default-http-backend - servicePort: 80 -``` - -* time, t=0 - ```console - $ kubectl get ing - NAME RULE BACKEND ADDRESS - test-ingress - default-http-backend:80 - $ kubectl describe ing - No events. - ``` - -* time, t=1m - ```console - $ kubectl get ing - NAME RULE BACKEND ADDRESS - test-ingress - default-http-backend:80 130.211.5.27 - - $ kubectl describe ing - target-proxy: k8s-tp-default-test-ingress - url-map: k8s-um-default-test-ingress - backends: {"k8s-be-32342":"UNKNOWN"} - forwarding-rule: k8s-fw-default-test-ingress - Events: - FirstSeen LastSeen Count From SubobjectPath Reason Message - ───────── ──────── ───── ──── ───────────── ────── ─────── - 46s 46s 1 {loadbalancer-controller } Success Created loadbalancer 130.211.5.27 - ``` - -* time, t=5m - ```console - $ kubectl describe ing - target-proxy: k8s-tp-default-test-ingress - url-map: k8s-um-default-test-ingress - backends: {"k8s-be-32342":"HEALTHY"} - forwarding-rule: k8s-fw-default-test-ingress - Events: - FirstSeen LastSeen Count From SubobjectPath Reason Message - ───────── ──────── ───── ──── ───────────── ────── ─────── - 46s 46s 1 {loadbalancer-controller } Success Created loadbalancer 130.211.5.27 - ``` - -## Disabling GLBC - -Since GLBC runs as a cluster addon, you cannot simply delete the RC. The easiest way to disable it is to do as follows: - -* IFF you want to tear down existing L7 loadbalancers, hit the /delete-all-and-quit endpoint on the pod: - - ```console - $ kubectl get pods --namespace=kube-system - NAME READY STATUS RESTARTS AGE - l7-lb-controller-7bb21 1/1 Running 0 1h - $ kubectl exec l7-lb-controller-7bb21 -c l7-lb-controller curl http://localhost:8081/delete-all-and-quit --namespace=kube-system - $ kubectl logs l7-lb-controller-7b221 -c l7-lb-controller --follow - ... - I1007 00:30:00.322528 1 main.go:160] Handled quit, awaiting pod deletion. - ``` - -* Nullify the RC (but don't delete it or the addon controller will "fix" it for you) - ```console - $ kubectl scale rc l7-lb-controller --replicas=0 --namespace=kube-system - ``` - -## Limitations - -* This cluster addon is still in the Beta phase. It behooves you to read through the GLBC documentation mentioned above and make sure there are no surprises. -* The recommended way to tear down a cluster with active Ingresses is to either delete each Ingress, or hit the /delete-all-and-quit endpoint on GLBC as described below, before invoking a cluster teardown script (eg: kube-down.sh). You will have to manually cleanup GCE resources through the [cloud console](https://cloud.google.com/compute/docs/console#access) or [gcloud CLI](https://cloud.google.com/compute/docs/gcloud-compute/) if you simply tear down the cluster with active Ingresses. -* All L7 Loadbalancers created by GLBC have a default backend. If you don't specify one in your Ingress, GLBC will assign the 404 default backend mentioned above. -* All Kubernetes services must serve a 200 page on '/', or whatever custom value you've specified through GLBC's `--health-check-path argument`. -* GLBC is not built for performance. Creating many Ingresses at a time can overwhelm it. It won't fall over, but will take its own time to churn through the Ingress queue. It doesn't understand concepts like fairness or backoff just yet. - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/cluster-loadbalancing/glbc/README.md?pixel)]() diff --git a/cluster/addons/cluster-monitoring/OWNERS b/cluster/addons/cluster-monitoring/OWNERS index 1e5a14c89df..ab9394bdc59 100644 --- a/cluster/addons/cluster-monitoring/OWNERS +++ b/cluster/addons/cluster-monitoring/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - DirectXMan12 - kawych diff --git a/cluster/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml b/cluster/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml index 7c83907edfe..355b30743c3 100644 --- a/cluster/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml +++ b/cluster/addons/cluster-monitoring/influxdb/influxdb-grafana-controller.yaml @@ -49,7 +49,6 @@ spec: mountPath: /data - name: grafana image: k8s.gcr.io/heapster-grafana-amd64:v4.4.3 - env: resources: # keep request = limit to keep this container in guaranteed class limits: diff --git a/cluster/addons/dashboard/OWNERS b/cluster/addons/dashboard/OWNERS index 04353ada135..afacff0e92c 100644 --- a/cluster/addons/dashboard/OWNERS +++ b/cluster/addons/dashboard/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bryk reviewers: diff --git a/cluster/addons/dns-horizontal-autoscaler/OWNERS b/cluster/addons/dns-horizontal-autoscaler/OWNERS index b9e1c0e506f..9ca7075b571 100644 --- a/cluster/addons/dns-horizontal-autoscaler/OWNERS +++ b/cluster/addons/dns-horizontal-autoscaler/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bowei - mrhohn diff --git a/cluster/addons/dns/OWNERS b/cluster/addons/dns/OWNERS index b9e1c0e506f..9ca7075b571 100644 --- a/cluster/addons/dns/OWNERS +++ b/cluster/addons/dns/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bowei - mrhohn diff --git a/cluster/addons/dns/coredns/coredns.yaml.base b/cluster/addons/dns/coredns/coredns.yaml.base index 6ab48da032c..6936dc79215 100644 --- a/cluster/addons/dns/coredns/coredns.yaml.base +++ b/cluster/addons/dns/coredns/coredns.yaml.base @@ -106,6 +106,7 @@ spec: annotations: seccomp.security.alpha.kubernetes.io/pod: 'docker/default' spec: + priorityClassName: system-cluster-critical serviceAccountName: coredns tolerations: - key: "CriticalAddonsOnly" @@ -146,6 +147,11 @@ spec: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 + readinessProbe: + httpGet: + path: /health + port: 8080 + scheme: HTTP securityContext: allowPrivilegeEscalation: false capabilities: diff --git a/cluster/addons/dns/coredns/coredns.yaml.in b/cluster/addons/dns/coredns/coredns.yaml.in index 2431c30568a..0821820fd2a 100644 --- a/cluster/addons/dns/coredns/coredns.yaml.in +++ b/cluster/addons/dns/coredns/coredns.yaml.in @@ -106,6 +106,7 @@ spec: annotations: seccomp.security.alpha.kubernetes.io/pod: 'docker/default' spec: + priorityClassName: system-cluster-critical serviceAccountName: coredns tolerations: - key: "CriticalAddonsOnly" @@ -146,6 +147,11 @@ spec: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 + readinessProbe: + httpGet: + path: /health + port: 8080 + scheme: HTTP securityContext: allowPrivilegeEscalation: false capabilities: diff --git a/cluster/addons/dns/coredns/coredns.yaml.sed b/cluster/addons/dns/coredns/coredns.yaml.sed index d7999ba9297..38688ced306 100644 --- a/cluster/addons/dns/coredns/coredns.yaml.sed +++ b/cluster/addons/dns/coredns/coredns.yaml.sed @@ -106,6 +106,7 @@ spec: annotations: seccomp.security.alpha.kubernetes.io/pod: 'docker/default' spec: + priorityClassName: system-cluster-critical serviceAccountName: coredns tolerations: - key: "CriticalAddonsOnly" @@ -146,6 +147,11 @@ spec: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 + readinessProbe: + httpGet: + path: /health + port: 8080 + scheme: HTTP securityContext: allowPrivilegeEscalation: false capabilities: diff --git a/cluster/addons/dns/nodelocaldns/README.md b/cluster/addons/dns/nodelocaldns/README.md index fc84f783789..3b3daed9979 100644 --- a/cluster/addons/dns/nodelocaldns/README.md +++ b/cluster/addons/dns/nodelocaldns/README.md @@ -2,7 +2,7 @@ This addon runs a node-local-dns pod on all cluster nodes. The pod runs CoreDNS as the dns cache. It runs with `hostNetwork:True` and creates a dedicated dummy interface with a link local ip(169.254.20.10/32 by default) to listen for DNS queries. The cache instances connect to clusterDNS in case of cache misses. -Design details [here](https://github.com/kubernetes/community/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md) +Design details [here](https://git.k8s.io/enhancements/keps/sig-network/0030-nodelocal-dns-cache.md) ## nodelocaldns addon template diff --git a/cluster/addons/fluentd-elasticsearch/OWNERS b/cluster/addons/fluentd-elasticsearch/OWNERS index 8637ca6100c..09052b69891 100644 --- a/cluster/addons/fluentd-elasticsearch/OWNERS +++ b/cluster/addons/fluentd-elasticsearch/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - coffeepac - monotek diff --git a/cluster/addons/fluentd-gcp/OWNERS b/cluster/addons/fluentd-gcp/OWNERS index e70b51eb68d..8b041cb8b95 100644 --- a/cluster/addons/fluentd-gcp/OWNERS +++ b/cluster/addons/fluentd-gcp/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - piosz - x13n diff --git a/cluster/addons/ip-masq-agent/OWNERS b/cluster/addons/ip-masq-agent/OWNERS index ddd12a032ae..77cd5c29f17 100644 --- a/cluster/addons/ip-masq-agent/OWNERS +++ b/cluster/addons/ip-masq-agent/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bowei - dnardo diff --git a/cluster/addons/kube-proxy/OWNERS b/cluster/addons/kube-proxy/OWNERS index 422a458239c..6e69538bd31 100644 --- a/cluster/addons/kube-proxy/OWNERS +++ b/cluster/addons/kube-proxy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bowei - freehan diff --git a/cluster/addons/metadata-agent/OWNERS b/cluster/addons/metadata-agent/OWNERS index 8914d0792a0..ad42831c082 100644 --- a/cluster/addons/metadata-agent/OWNERS +++ b/cluster/addons/metadata-agent/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - kawych - piosz diff --git a/cluster/addons/metadata-proxy/OWNERS b/cluster/addons/metadata-proxy/OWNERS index bfa927212c5..f4f51960a31 100644 --- a/cluster/addons/metadata-proxy/OWNERS +++ b/cluster/addons/metadata-proxy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - q-lee - cjcullen diff --git a/cluster/addons/metrics-server/OWNERS b/cluster/addons/metrics-server/OWNERS index 1e5a14c89df..ab9394bdc59 100644 --- a/cluster/addons/metrics-server/OWNERS +++ b/cluster/addons/metrics-server/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - DirectXMan12 - kawych diff --git a/cluster/addons/prometheus/OWNERS b/cluster/addons/prometheus/OWNERS index ac100efc9c7..f4401a08dca 100644 --- a/cluster/addons/prometheus/OWNERS +++ b/cluster/addons/prometheus/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - kawych - piosz diff --git a/cluster/addons/runtimeclass/OWNERS b/cluster/addons/runtimeclass/OWNERS index bea017842ed..3130fed0adc 100644 --- a/cluster/addons/runtimeclass/OWNERS +++ b/cluster/addons/runtimeclass/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - tallclair - dchen1107 diff --git a/cluster/addons/runtimeclass/README.md b/cluster/addons/runtimeclass/README.md index bcb6aaec394..01e8e43ee5f 100644 --- a/cluster/addons/runtimeclass/README.md +++ b/cluster/addons/runtimeclass/README.md @@ -7,6 +7,6 @@ To enable RuntimeClass, set the feature gate `RuntimeClass=true`, and ensure the directory is installed. For more information, see: -https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md +https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/runtimeclass/README.md?pixel)]() diff --git a/cluster/addons/storage-crds/OWNERS b/cluster/addons/storage-crds/OWNERS index 852f35cac61..a03fb701285 100644 --- a/cluster/addons/storage-crds/OWNERS +++ b/cluster/addons/storage-crds/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - jsafrane diff --git a/cluster/centos/OWNERS b/cluster/centos/OWNERS index 0edb92d5f9c..3a91eff1417 100644 --- a/cluster/centos/OWNERS +++ b/cluster/centos/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - zouyee diff --git a/cluster/common.sh b/cluster/common.sh index 04050449aa3..851113e42a3 100755 --- a/cluster/common.sh +++ b/cluster/common.sh @@ -299,6 +299,7 @@ function set_binary_version() { function find-tar() { local -r tarball=$1 locations=( + "${KUBE_ROOT}/node/${tarball}" "${KUBE_ROOT}/server/${tarball}" "${KUBE_ROOT}/_output/release-tars/${tarball}" "${KUBE_ROOT}/bazel-bin/build/release-tars/${tarball}" @@ -317,6 +318,7 @@ function find-tar() { # Assumed vars: # KUBE_ROOT # Vars set: +# NODE_BINARY_TAR # SERVER_BINARY_TAR # KUBE_MANIFESTS_TAR function find-release-tars() { diff --git a/cluster/gce/BUILD b/cluster/gce/BUILD index 37b3f97e0fa..f61070528f9 100644 --- a/cluster/gce/BUILD +++ b/cluster/gce/BUILD @@ -1,7 +1,7 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:build.bzl", "release_filegroup") -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:build.bzl", "release_filegroup") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") filegroup( name = "package-srcs", diff --git a/cluster/gce/OWNERS b/cluster/gce/OWNERS index 6e431bae64a..eef8316838b 100644 --- a/cluster/gce/OWNERS +++ b/cluster/gce/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - bowei - gmarek diff --git a/cluster/gce/addons/BUILD b/cluster/gce/addons/BUILD index 3c6512a3706..cf028ca0bf3 100644 --- a/cluster/gce/addons/BUILD +++ b/cluster/gce/addons/BUILD @@ -1,6 +1,6 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") filegroup( name = "addon-srcs", diff --git a/cluster/gce/config-test.sh b/cluster/gce/config-test.sh index a601399b3f5..4bac9cedfe6 100755 --- a/cluster/gce/config-test.sh +++ b/cluster/gce/config-test.sh @@ -368,7 +368,7 @@ if [[ -n "${GCE_GLBC_IMAGE:-}" ]]; then fi if [[ -z "${KUBE_ADMISSION_CONTROL:-}" ]]; then - ADMISSION_CONTROL="NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,PodPreset,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,Priority,StorageObjectInUseProtection" + ADMISSION_CONTROL="NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,PodPreset,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,Priority,StorageObjectInUseProtection,PersistentVolumeClaimResize" if [[ "${ENABLE_POD_SECURITY_POLICY:-}" == "true" ]]; then ADMISSION_CONTROL="${ADMISSION_CONTROL},PodSecurityPolicy" fi diff --git a/cluster/gce/delete-stranded-load-balancers.sh b/cluster/gce/delete-stranded-load-balancers.sh index b03a7bba0b7..9c978f48255 100755 --- a/cluster/gce/delete-stranded-load-balancers.sh +++ b/cluster/gce/delete-stranded-load-balancers.sh @@ -18,16 +18,16 @@ PROJECT=${PROJECT:-kubernetes-jenkins} REGION=${REGION:-us-central1} -LIST=$(gcloud --project=${PROJECT} compute target-pools list --format='value(name)') +LIST=$(gcloud --project="${PROJECT}" compute target-pools list --format='value(name)') result=0 for x in ${LIST}; do - if ! gcloud compute --project=${PROJECT} target-pools get-health "${x}" --region=${REGION} 2>/dev/null >/dev/null; then + if ! gcloud compute --project="${PROJECT}" target-pools get-health "${x}" --region="${REGION}" 2>/dev/null >/dev/null; then echo DELETING "${x}" - gcloud compute --project=${PROJECT} firewall-rules delete "k8s-fw-${x}" -q - gcloud compute --project=${PROJECT} forwarding-rules delete "${x}" --region=${REGION} -q - gcloud compute --project=${PROJECT} addresses delete "${x}" --region=${REGION} -q - gcloud compute --project=${PROJECT} target-pools delete "${x}" --region=${REGION} -q + gcloud compute --project="${PROJECT}" firewall-rules delete "k8s-fw-${x}" -q + gcloud compute --project="${PROJECT}" forwarding-rules delete "${x}" --region="${REGION}" -q + gcloud compute --project="${PROJECT}" addresses delete "${x}" --region="${REGION}" -q + gcloud compute --project="${PROJECT}" target-pools delete "${x}" --region="${REGION}" -q result=1 fi done diff --git a/cluster/gce/gci/BUILD b/cluster/gce/gci/BUILD index ad59454ac02..9c205985e7a 100644 --- a/cluster/gce/gci/BUILD +++ b/cluster/gce/gci/BUILD @@ -1,6 +1,6 @@ load("@io_bazel_rules_go//go:def.bzl", "go_test") -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") -load("@io_kubernetes_build//defs:build.bzl", "release_filegroup") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:build.bzl", "release_filegroup") go_test( name = "go_default_test", diff --git a/cluster/gce/gci/OWNERS b/cluster/gce/gci/OWNERS index eddec20f8e3..652ffcee310 100644 --- a/cluster/gce/gci/OWNERS +++ b/cluster/gce/gci/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dchen1107 - filbranden diff --git a/cluster/gce/gci/configure.sh b/cluster/gce/gci/configure.sh index 3050e9d5791..643e7ce45a9 100644 --- a/cluster/gce/gci/configure.sh +++ b/cluster/gce/gci/configure.sh @@ -123,6 +123,12 @@ function validate-hash { fi } +# Get default service account credentials of the VM. +function get-credentials { + curl "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token" -H "Metadata-Flavor: Google" -s | python -c \ + 'import sys; import json; print(json.loads(sys.stdin.read())["access_token"])' +} + # Retry a download until we get it. Takes a hash and a set of URLs. # # $1 is the sha1 of the URL. Can be "" if the sha1 is unknown. @@ -136,7 +142,12 @@ function download-or-bust { for url in "${urls[@]}"; do local file="${url##*/}" rm -f "${file}" - if ! curl -f --ipv4 -Lo "${file}" --connect-timeout 20 --max-time 300 --retry 6 --retry-delay 10 ${CURL_RETRY_CONNREFUSED} "${url}"; then + # if the url belongs to GCS API we should use oauth2_token in the headers + local curl_headers="" + if [[ "$url" =~ ^https://storage.googleapis.com.* ]]; then + curl_headers="Authorization: Bearer $(get-credentials)" + fi + if ! curl ${curl_headers:+-H "${curl_headers}"} -f --ipv4 -Lo "${file}" --connect-timeout 20 --max-time 300 --retry 6 --retry-delay 10 ${CURL_RETRY_CONNREFUSED} "${url}"; then echo "== Failed to download ${url}. Retrying. ==" elif [[ -n "${hash}" ]] && ! validate-hash "${file}" "${hash}"; then echo "== Hash validation of ${url} failed. Retrying. ==" diff --git a/cluster/gce/manifests/BUILD b/cluster/gce/manifests/BUILD index 011bf7acfaa..2af9c9b46d8 100644 --- a/cluster/gce/manifests/BUILD +++ b/cluster/gce/manifests/BUILD @@ -1,7 +1,7 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:build.bzl", "release_filegroup") -load("@io_kubernetes_build//defs:pkg.bzl", "pkg_tar") +load("@io_k8s_repo_infra//defs:build.bzl", "release_filegroup") +load("@io_k8s_repo_infra//defs:pkg.bzl", "pkg_tar") pkg_tar( name = "gce-master-manifests", diff --git a/cluster/gce/manifests/kube-apiserver.manifest b/cluster/gce/manifests/kube-apiserver.manifest index 4be27c81b20..d045c844c47 100644 --- a/cluster/gce/manifests/kube-apiserver.manifest +++ b/cluster/gce/manifests/kube-apiserver.manifest @@ -45,6 +45,7 @@ "port": 8080, "path": "/healthz" }, + "periodSeconds": 1, "timeoutSeconds": 15 }, "ports":[ diff --git a/cluster/gce/upgrade.sh b/cluster/gce/upgrade.sh index ad311e45519..94225487996 100755 --- a/cluster/gce/upgrade.sh +++ b/cluster/gce/upgrade.sh @@ -213,7 +213,7 @@ function setup-base-image() { source "${KUBE_ROOT}/cluster/gce/${NODE_OS_DISTRIBUTION}/node-helper.sh" # Reset the node image based on current os distro - set-node-image + set-linux-node-image fi } @@ -263,12 +263,12 @@ function prepare-node-upgrade() { # TODO(zmerlynn): How do we ensure kube-env is written in a ${version}- # compatible way? - write-node-env + write-linux-node-env # TODO(zmerlynn): Get configure-vm script from ${version}. (Must plumb this - # through all create-node-instance-template implementations). + # through all create-linux-node-instance-template implementations). local template_name=$(get-template-name-from-version ${SANITIZED_VERSION}) - create-node-instance-template "${template_name}" + create-linux-node-instance-template "${template_name}" # The following is echo'd so that callers can get the template name. echo "Instance template name: ${template_name}" echo "== Finished preparing node upgrade (to ${KUBE_VERSION}). ==" >&2 diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh index ab93b90e2bc..7603ef93f1a 100755 --- a/cluster/gce/util.sh +++ b/cluster/gce/util.sh @@ -2247,6 +2247,7 @@ function delete-all-firewall-rules() { fi } +# Ignores firewall rule arguments that do not exist in NETWORK_PROJECT. function delete-firewall-rules() { for fw in $@; do if [[ -n $(gcloud compute firewall-rules --project "${NETWORK_PROJECT}" describe "${fw}" --format='value(name)' 2>/dev/null || true) ]]; then @@ -3139,6 +3140,7 @@ function kube-down() { "${CLUSTER_NAME}-default-internal-master" \ "${CLUSTER_NAME}-default-internal-node" \ "${NETWORK}-default-ssh" \ + "${NETWORK}-default-rdp" \ "${NETWORK}-default-internal" # Pre-1.5 clusters if [[ "${KUBE_DELETE_NETWORK}" == "true" ]]; then diff --git a/cluster/gce/win1803/common.psm1 b/cluster/gce/win1803/common.psm1 index 46bf53eeaf1..f345ac2d3ae 100644 --- a/cluster/gce/win1803/common.psm1 +++ b/cluster/gce/win1803/common.psm1 @@ -18,6 +18,9 @@ and scripts for configuring Windows nodes. #> +# Disable progress bar to increase download speed. +$ProgressPreference = 'SilentlyContinue' + # REDO_STEPS affects the behavior of a node that is rebooted after initial # bringup. When true, on a reboot the scripts will redo steps that were # determined to have already been completed once (e.g. to overwrite @@ -86,5 +89,62 @@ function Get-InstanceMetadataValue { } } +function Validate-SHA1 { + param( + [parameter(Mandatory=$true)] [string]$Hash, + [parameter(Mandatory=$true)] [string]$Path + ) + $actual = Get-FileHash -Path $Path -Algorithm SHA1 + # Note: Powershell string comparisons are case-insensitive by default, and this + # is important here because Linux shell scripts produce lowercase hashes but + # Powershell Get-FileHash produces uppercase hashes. This must be case-insensitive + # to work. + if ($actual.Hash -ne $Hash) { + Log-Output "$Path corrupted, sha1 $actual doesn't match expected $Hash" + Throw ("$Path corrupted, sha1 $actual doesn't match expected $Hash") + } +} + +# Attempts to download the file from URLs, trying each URL until it succeeds. +# It will loop through the URLs list forever until it has a success. +# If successful, it will write the file to OutFile. You can optionally provide a SHA1 Hash +# argument, in which case it will attempt to validate the downloaded file against the hash. +function MustDownload-File { + param ( + [parameter(Mandatory=$false)] [string]$Hash, + [parameter(Mandatory=$true)] [string]$OutFile, + [parameter(Mandatory=$true)] [System.Collections.Generic.List[String]]$URLs + ) + + While($true) { + ForEach($url in $URLs) { + # Attempt to download the file + Try { + # TODO(mtaufen): When we finally get a Windows version that has Powershell 6 + # installed we can set `-MaximumRetryCount 6 -RetryIntervalSec 10` to make this even more robust. + Invoke-WebRequest $url -OutFile $OutFile -TimeoutSec 300 + } Catch { + $message = $_.Exception.ToString() + Log-Output "Failed to download file from $url. Will retry. Error: $message" + continue + } + # Attempt to validate the hash + if ($Hash) { + Try { + Validate-SHA1 -Hash $Hash -Path $OutFile + } Catch { + $message = $_.Exception.ToString() + Log-Output "Hash validation of $url failed. Will retry. Error: $message" + continue + } + Log-Output "Downloaded $url (SHA1 = $Hash)" + return + } + Log-Output "Downloaded $url" + return + } + } +} + # Export all public functions: Export-ModuleMember -Function *-* diff --git a/cluster/gce/win1803/k8s-node-setup.psm1 b/cluster/gce/win1803/k8s-node-setup.psm1 index 561c075779b..a23fe3d57f4 100644 --- a/cluster/gce/win1803/k8s-node-setup.psm1 +++ b/cluster/gce/win1803/k8s-node-setup.psm1 @@ -254,9 +254,8 @@ function Download-HelperScripts { if (-not (ShouldWrite-File ${env:K8S_DIR}\hns.psm1)) { return } - Invoke-WebRequest ` - https://github.com/Microsoft/SDN/raw/master/Kubernetes/windows/hns.psm1 ` - -OutFile ${env:K8S_DIR}\hns.psm1 + MustDownload-File -OutFile ${env:K8S_DIR}\hns.psm1 ` + -URLs "https://github.com/Microsoft/SDN/raw/master/Kubernetes/windows/hns.psm1" } # Takes the Windows version string from the cluster bash scripts (e.g. @@ -318,14 +317,13 @@ function DownloadAndInstall-KubernetesBinaries { $tmp_dir = 'C:\k8s_tmp' New-Item -Force -ItemType 'directory' $tmp_dir | Out-Null - $uri = ${kube_env}['NODE_BINARY_TAR_URL'] - $filename = Split-Path -leaf $uri - - # Disable progress bar to increase download speed. - $ProgressPreference = 'SilentlyContinue' - Invoke-WebRequest $uri -OutFile ${tmp_dir}\${filename} - - # TODO(yujuhong): Verify hash of the tarball. + $urls = ${kube_env}['NODE_BINARY_TAR_URL'].Split(",") + $filename = Split-Path -leaf $urls[0] + $hash = $null + if ($kube_env.ContainsKey('NODE_BINARY_TAR_HASH')) { + $hash = ${kube_env}['NODE_BINARY_TAR_HASH'] + } + MustDownload-File -Hash $hash -OutFile ${tmp_dir}\${filename} -URLs $urls # Change the directory to the parent directory of ${env:K8S_DIR} and untar. # This (over-)writes ${dest_dir}/kubernetes/node/bin/*.exe files. @@ -791,9 +789,8 @@ function Configure-HostNetworkingService { function Configure-CniNetworking { if ((ShouldWrite-File ${env:CNI_DIR}\win-bridge.exe) -or (ShouldWrite-File ${env:CNI_DIR}\host-local.exe)) { - Invoke-WebRequest ` - https://github.com/yujuhong/gce-k8s-windows-testing/raw/master/windows-cni-plugins.zip ` - -OutFile ${env:CNI_DIR}\windows-cni-plugins.zip + MustDownload-File -OutFile ${env:CNI_DIR}\windows-cni-plugins.zip ` + -URLs "https://github.com/yujuhong/gce-k8s-windows-testing/raw/master/windows-cni-plugins.zip" rm ${env:CNI_DIR}\*.exe Expand-Archive ${env:CNI_DIR}\windows-cni-plugins.zip ${env:CNI_DIR} mv ${env:CNI_DIR}\bin\*.exe ${env:CNI_DIR}\ diff --git a/cluster/gce/win1803/smoke-test.sh b/cluster/gce/win1803/smoke-test.sh index bd128ed9250..3b4079f852d 100755 --- a/cluster/gce/win1803/smoke-test.sh +++ b/cluster/gce/win1803/smoke-test.sh @@ -22,8 +22,7 @@ # pods, Windows pods, K8s services, and the Internet. # 4) Verifying that basic DNS resolution works in Windows pods. # -# This script assumes that it is run from the root of the kubernetes repository -# and that kubectl is present at client/bin/kubectl. +# This script assumes that it is run from the root of the kubernetes repository. # # TODOs: # - Implement the node-to-pod checks. @@ -41,7 +40,7 @@ # Override this to use a different kubectl binary. kubectl=kubectl linux_deployment_timeout=60 -windows_deployment_timeout=240 +windows_deployment_timeout=120 output_file=/tmp/k8s-smoke-test.out function check_windows_nodes_are_ready { @@ -59,6 +58,15 @@ function check_windows_nodes_are_ready { echo "Verified that all Windows nodes have status Ready" } +function untaint_windows_nodes { + # Untaint the windows nodes to allow test workloads without tolerations to be + # scheduled onto them. + WINDOWS_NODES=$(${kubectl} get nodes -l beta.kubernetes.io/os=windows -o name) + for node in $WINDOWS_NODES; do + ${kubectl} taint node "$node" node.kubernetes.io/os:NoSchedule- + done +} + function check_no_system_pods_on_windows_nodes { windows_system_pods=$(${kubectl} get pods --namespace kube-system \ -o wide | grep -E "Pending|windows" | wc -w) @@ -73,6 +81,7 @@ function check_no_system_pods_on_windows_nodes { linux_webserver_deployment=linux-nginx linux_webserver_pod_label=nginx +linux_webserver_replicas=1 function deploy_linux_webserver_pod { echo "Writing example deployment to $linux_webserver_deployment.yaml" @@ -84,7 +93,7 @@ metadata: labels: app: $linux_webserver_pod_label spec: - replicas: 1 + replicas: $linux_webserver_replicas selector: matchLabels: app: $linux_webserver_pod_label @@ -107,11 +116,11 @@ EOF timeout=$linux_deployment_timeout while [[ $timeout -gt 0 ]]; do - echo "Waiting for Linux $linux_webserver_pod_label pods to become Ready" + echo "Waiting for $linux_webserver_replicas Linux $linux_webserver_pod_label pods to become Ready" statuses=$(${kubectl} get pods -l app=$linux_webserver_pod_label \ -o jsonpath='{.items[*].status.conditions[?(@.type=="Ready")].status}' \ - | grep "False" | wc -w) - if [[ $statuses -eq 0 ]]; then + | grep "True" | wc -w) + if [[ $statuses -eq $linux_webserver_replicas ]]; then break else sleep 10 @@ -148,6 +157,7 @@ function undeploy_linux_webserver_pod { linux_command_deployment=linux-ubuntu linux_command_pod_label=ubuntu +linux_command_replicas=1 function deploy_linux_command_pod { echo "Writing example deployment to $linux_command_deployment.yaml" @@ -159,7 +169,7 @@ metadata: labels: app: $linux_command_pod_label spec: - replicas: 1 + replicas: $linux_command_replicas selector: matchLabels: app: $linux_command_pod_label @@ -183,11 +193,11 @@ EOF timeout=$linux_deployment_timeout while [[ $timeout -gt 0 ]]; do - echo "Waiting for Linux $linux_command_pod_label pods to become Ready" + echo "Waiting for $linux_command_replicas Linux $linux_command_pod_label pods to become Ready" statuses=$(${kubectl} get pods -l app=$linux_command_pod_label \ -o jsonpath='{.items[*].status.conditions[?(@.type=="Ready")].status}' \ - | grep "False" | wc -w) - if [[ $statuses -eq 0 ]]; then + | grep "True" | wc -w) + if [[ $statuses -eq $linux_command_replicas ]]; then break else sleep 10 @@ -237,6 +247,7 @@ function undeploy_linux_command_pod { windows_webserver_deployment=windows-nettest windows_webserver_pod_label=nettest +windows_webserver_replicas=1 function deploy_windows_webserver_pod { echo "Writing example deployment to $windows_webserver_deployment.yaml" @@ -252,7 +263,7 @@ metadata: labels: app: $windows_webserver_pod_label spec: - replicas: 1 + replicas: $windows_webserver_replicas selector: matchLabels: app: $windows_webserver_pod_label @@ -280,11 +291,11 @@ EOF timeout=$windows_deployment_timeout while [[ $timeout -gt 0 ]]; do - echo "Waiting for Windows $windows_webserver_pod_label pods to become Ready" + echo "Waiting for $windows_webserver_replicas Windows $windows_webserver_pod_label pods to become Ready" statuses=$(${kubectl} get pods -l app=$windows_webserver_pod_label \ -o jsonpath='{.items[*].status.conditions[?(@.type=="Ready")].status}' \ - | grep "False" | wc -w) - if [[ $statuses -eq 0 ]]; then + | grep "True" | wc -w) + if [[ $statuses -eq $windows_webserver_replicas ]]; then break else sleep 10 @@ -319,6 +330,7 @@ function undeploy_windows_webserver_pod { windows_command_deployment=windows-powershell windows_command_pod_label=powershell +windows_command_replicas=1 function deploy_windows_command_pod { echo "Writing example deployment to $windows_command_deployment.yaml" @@ -330,7 +342,7 @@ metadata: labels: app: $windows_command_pod_label spec: - replicas: 1 + replicas: $windows_command_replicas selector: matchLabels: app: $windows_command_pod_label @@ -358,11 +370,11 @@ EOF timeout=$windows_deployment_timeout while [[ $timeout -gt 0 ]]; do - echo "Waiting for Windows $windows_command_pod_label pods to become Ready" + echo "Waiting for $windows_command_replicas Windows $windows_command_pod_label pods to become Ready" statuses=$(${kubectl} get pods -l app=$windows_command_pod_label \ -o jsonpath='{.items[*].status.conditions[?(@.type=="Ready")].status}' \ - | grep "False" | wc -w) - if [[ $statuses -eq 0 ]]; then + | grep "True" | wc -w) + if [[ $statuses -eq $windows_command_replicas ]]; then break else sleep 10 @@ -640,6 +652,7 @@ function cleanup_deployments { } check_windows_nodes_are_ready +untaint_windows_nodes check_no_system_pods_on_windows_nodes deploy_linux_webserver_pod diff --git a/cluster/get-kube-binaries.sh b/cluster/get-kube-binaries.sh index 435decd9be9..251b8f49d6e 100755 --- a/cluster/get-kube-binaries.sh +++ b/cluster/get-kube-binaries.sh @@ -164,8 +164,8 @@ SERVER_PLATFORM="linux" SERVER_ARCH="${KUBERNETES_SERVER_ARCH:-amd64}" SERVER_TAR="kubernetes-server-${SERVER_PLATFORM}-${SERVER_ARCH}.tar.gz" if [[ -n "${KUBERNETES_NODE_PLATFORM-}" || -n "${KUBERNETES_NODE_ARCH-}" ]]; then - NODE_PLATFORM="${KUBERNETES_NODE_PLATFORM:${SERVER_PLATFORM}}" - NODE_ARCH="${KUBERNETES_NODE_ARCH:${SERVER_ARCH}}" + NODE_PLATFORM="${KUBERNETES_NODE_PLATFORM:-${SERVER_PLATFORM}}" + NODE_ARCH="${KUBERNETES_NODE_ARCH:-${SERVER_ARCH}}" NODE_TAR="kubernetes-node-${NODE_PLATFORM}-${NODE_ARCH}.tar.gz" fi diff --git a/cluster/images/conformance/BUILD b/cluster/images/conformance/BUILD index 4da3c25d416..5968c20b1ca 100644 --- a/cluster/images/conformance/BUILD +++ b/cluster/images/conformance/BUILD @@ -47,7 +47,6 @@ container_image( container_bundle( name = "conformance", images = {"k8s.gcr.io/conformance-amd64:{STABLE_DOCKER_TAG}": "conformance-internal"}, - stamp = True, ) filegroup( diff --git a/cluster/images/conformance/Makefile b/cluster/images/conformance/Makefile index 43f61ddf53d..d6177aaac32 100644 --- a/cluster/images/conformance/Makefile +++ b/cluster/images/conformance/Makefile @@ -25,7 +25,7 @@ KUBECTL_BIN?=$(shell pwd)/../../../$(OUT_DIR)/dockerized/bin/linux/$(ARCH)/kubec E2E_TEST_BIN?=$(shell pwd)/../../../$(OUT_DIR)/dockerized/bin/linux/$(ARCH)/e2e.test CLUSTER_DIR?=$(shell pwd)/../../../cluster/ -BASEIMAGE=k8s.gcr.io/debian-hyperkube-base-$(ARCH):0.12.0 +BASEIMAGE=k8s.gcr.io/debian-hyperkube-base-$(ARCH):0.12.1 TEMP_DIR:=$(shell mktemp -d -t conformanceXXXXXX) all: build diff --git a/cluster/images/conformance/OWNERS b/cluster/images/conformance/OWNERS index 8d877d4346c..83f029e3d93 100644 --- a/cluster/images/conformance/OWNERS +++ b/cluster/images/conformance/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - timothysc - dims diff --git a/cluster/images/conformance/run_e2e.sh b/cluster/images/conformance/run_e2e.sh index 843b0fd13b3..ee8597f276b 100755 --- a/cluster/images/conformance/run_e2e.sh +++ b/cluster/images/conformance/run_e2e.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # Copyright 2018 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/cluster/images/etcd-empty-dir-cleanup/etcd-empty-dir-cleanup.sh b/cluster/images/etcd-empty-dir-cleanup/etcd-empty-dir-cleanup.sh index e714cabf4ca..37da93f7e00 100644 --- a/cluster/images/etcd-empty-dir-cleanup/etcd-empty-dir-cleanup.sh +++ b/cluster/images/etcd-empty-dir-cleanup/etcd-empty-dir-cleanup.sh @@ -17,14 +17,14 @@ echo "Removing empty directories from etcd..." cleanup_empty_dirs () { - if [ "$(${ETCDCTL} ls $1)" ]; then - for SUBDIR in $(${ETCDCTL} ls -p $1 | grep "/$") + if [ "$("${ETCDCTL}" ls "${1}")" ]; then + for SUBDIR in $("${ETCDCTL}" ls -p "${1}" | grep "/$") do - cleanup_empty_dirs ${SUBDIR} + cleanup_empty_dirs "${SUBDIR}" done else echo "Removing empty key $1 ..." - ${ETCDCTL} rmdir $1 + "${ETCDCTL}" rmdir "${1}" fi } @@ -33,5 +33,5 @@ do echo "Starting cleanup..." cleanup_empty_dirs "/registry" echo "Done with cleanup." - sleep ${SLEEP_SECOND} + sleep "${SLEEP_SECOND}" done diff --git a/cluster/images/etcd-version-monitor/etcd-version-monitor.go b/cluster/images/etcd-version-monitor/etcd-version-monitor.go index eb52da046fe..2b0436c0201 100644 --- a/cluster/images/etcd-version-monitor/etcd-version-monitor.go +++ b/cluster/images/etcd-version-monitor/etcd-version-monitor.go @@ -19,6 +19,7 @@ package main import ( "bytes" "encoding/json" + "errors" goflag "flag" "fmt" "net/http" @@ -202,21 +203,21 @@ func getVersion(lastSeenBinaryVersion *string) error { // Create the get request for the etcd version endpoint. req, err := http.NewRequest("GET", etcdVersionScrapeURI, nil) if err != nil { - return fmt.Errorf("Failed to create GET request for etcd version: %v", err) + return fmt.Errorf("failed to create GET request for etcd version: %v", err) } // Send the get request and receive a response. client := &http.Client{} resp, err := client.Do(req) if err != nil { - return fmt.Errorf("Failed to receive GET response for etcd version: %v", err) + return fmt.Errorf("failed to receive GET response for etcd version: %v", err) } defer resp.Body.Close() // Obtain EtcdVersion from the JSON response. var version EtcdVersion if err := json.NewDecoder(resp.Body).Decode(&version); err != nil { - return fmt.Errorf("Failed to decode etcd version JSON: %v", err) + return fmt.Errorf("failed to decode etcd version JSON: %v", err) } // Return without updating the version if it stayed the same since last time. @@ -228,7 +229,7 @@ func getVersion(lastSeenBinaryVersion *string) error { if *lastSeenBinaryVersion != "" { deleted := etcdVersion.Delete(prometheus.Labels{"binary_version": *lastSeenBinaryVersion}) if !deleted { - return fmt.Errorf("Failed to delete previous version's metric") + return errors.New("failed to delete previous version's metric") } } @@ -259,14 +260,14 @@ func getVersionPeriodically(stopCh <-chan struct{}) { func scrapeMetrics() (map[string]*dto.MetricFamily, error) { req, err := http.NewRequest("GET", etcdMetricsScrapeURI, nil) if err != nil { - return nil, fmt.Errorf("Failed to create GET request for etcd metrics: %v", err) + return nil, fmt.Errorf("failed to create GET request for etcd metrics: %v", err) } // Send the get request and receive a response. client := &http.Client{} resp, err := client.Do(req) if err != nil { - return nil, fmt.Errorf("Failed to receive GET response for etcd metrics: %v", err) + return nil, fmt.Errorf("failed to receive GET response for etcd metrics: %v", err) } defer resp.Body.Close() diff --git a/cluster/images/etcd/OWNERS b/cluster/images/etcd/OWNERS index b0dc4dae4de..068071b0525 100644 --- a/cluster/images/etcd/OWNERS +++ b/cluster/images/etcd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - jpbetz - wenjiaswe diff --git a/cluster/images/hyperkube/BUILD b/cluster/images/hyperkube/BUILD index 48270a5f7b6..19c0c752183 100644 --- a/cluster/images/hyperkube/BUILD +++ b/cluster/images/hyperkube/BUILD @@ -12,7 +12,6 @@ container_image( container_bundle( name = "hyperkube", images = {"k8s.gcr.io/hyperkube-amd64:{STABLE_DOCKER_TAG}": "hyperkube-internal"}, - stamp = True, ) filegroup( diff --git a/cluster/images/hyperkube/Makefile b/cluster/images/hyperkube/Makefile index 2bd17d3416c..340f85e82e9 100644 --- a/cluster/images/hyperkube/Makefile +++ b/cluster/images/hyperkube/Makefile @@ -22,7 +22,7 @@ ARCH?=amd64 OUT_DIR?=_output HYPERKUBE_BIN?=$(shell pwd)/../../../$(OUT_DIR)/dockerized/bin/linux/$(ARCH)/hyperkube -BASEIMAGE=k8s.gcr.io/debian-hyperkube-base-$(ARCH):0.12.0 +BASEIMAGE=k8s.gcr.io/debian-hyperkube-base-$(ARCH):0.12.1 TEMP_DIR:=$(shell mktemp -d -t hyperkubeXXXXXX) all: build diff --git a/cluster/images/hyperkube/OWNERS b/cluster/images/hyperkube/OWNERS index 7c458af2394..75dacf650f9 100644 --- a/cluster/images/hyperkube/OWNERS +++ b/cluster/images/hyperkube/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - ixdy - luxas diff --git a/cluster/images/kubemark/OWNERS b/cluster/images/kubemark/OWNERS index cf2f885df34..329e8801dc9 100644 --- a/cluster/images/kubemark/OWNERS +++ b/cluster/images/kubemark/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - gmarek - shyamjvs diff --git a/cluster/juju/OWNERS b/cluster/juju/OWNERS index 636213ef8c0..678108351f3 100644 --- a/cluster/juju/OWNERS +++ b/cluster/juju/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - Cynerva - ktsakalozos diff --git a/cluster/juju/bundles/OWNERS b/cluster/juju/bundles/OWNERS old mode 100755 new mode 100644 index 60e18ed68af..1b8211edecb --- a/cluster/juju/bundles/OWNERS +++ b/cluster/juju/bundles/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - jlowdermilk diff --git a/cluster/juju/layers/kubernetes-e2e/README.md b/cluster/juju/layers/kubernetes-e2e/README.md index 2abaa9ed731..906f3ece663 100644 --- a/cluster/juju/layers/kubernetes-e2e/README.md +++ b/cluster/juju/layers/kubernetes-e2e/README.md @@ -83,13 +83,13 @@ To see the different types of tests the Kubernetes end-to-end charm has access to, we encourage you to see the upstream documentation on the different types of tests, and to strongly understand what subsets of the tests you are running. -[Kinds of tests](https://github.com/kubernetes/community/blob/master/contributors/devel/e2e-tests.md#kinds-of-tests) +[Kinds of tests](https://git.k8s.io/community/contributors/devel/sig-testing/e2e-tests.md#kinds-of-tests) ### More information on end-to-end testing Along with the above descriptions, end-to-end testing is a much larger subject than this readme can encapsulate. There is far more information in the -[end-to-end testing guide](https://github.com/kubernetes/community/blob/master/contributors/devel/e2e-tests.md). +[end-to-end testing guide](https://git.k8s.io/community/contributors/devel/sig-testing/e2e-tests.md). ### Evaluating end-to-end results diff --git a/cluster/juju/prereqs/OWNERS b/cluster/juju/prereqs/OWNERS old mode 100755 new mode 100644 index 76cf62a15e3..a30810befa1 --- a/cluster/juju/prereqs/OWNERS +++ b/cluster/juju/prereqs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - eparis - david-mcmahon diff --git a/cluster/kube-down.sh b/cluster/kube-down.sh index 7c183c6eeb1..da7a3b23fe3 100755 --- a/cluster/kube-down.sh +++ b/cluster/kube-down.sh @@ -20,7 +20,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. if [ -f "${KUBE_ROOT}/cluster/env.sh" ]; then source "${KUBE_ROOT}/cluster/env.sh" diff --git a/cluster/kubeadm.sh b/cluster/kubeadm.sh index bf41090209e..3035e6c17e2 100755 --- a/cluster/kubeadm.sh +++ b/cluster/kubeadm.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=${KUBE_ROOT:-$(dirname "${BASH_SOURCE}")/..} +KUBE_ROOT=${KUBE_ROOT:-$(dirname "${BASH_SOURCE[0]}")/..} source "${KUBE_ROOT}/cluster/clientbin.sh" # If KUBEADM_PATH isn't set, gather up the list of likely places and use ls diff --git a/cluster/kubemark/OWNERS b/cluster/kubemark/OWNERS index cf2f885df34..329e8801dc9 100644 --- a/cluster/kubemark/OWNERS +++ b/cluster/kubemark/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - gmarek - shyamjvs diff --git a/cluster/kubemark/gce/config-default.sh b/cluster/kubemark/gce/config-default.sh index 5f15ee866c5..6e66cd73e08 100644 --- a/cluster/kubemark/gce/config-default.sh +++ b/cluster/kubemark/gce/config-default.sh @@ -25,6 +25,7 @@ GCLOUD=gcloud ZONE=${KUBE_GCE_ZONE:-us-central1-b} REGION=${ZONE%-*} NUM_NODES=${KUBEMARK_NUM_NODES:-10} +NUM_WINDOWS_NODES=${KUBEMARK_NUM_WINDOWS_NODES:-0} MASTER_SIZE=${KUBEMARK_MASTER_SIZE:-n1-standard-$(get-master-size)} MASTER_DISK_TYPE=pd-ssd MASTER_DISK_SIZE=${MASTER_DISK_SIZE:-$(get-master-disk-size)} diff --git a/cluster/log-dump/log-dump.sh b/cluster/log-dump/log-dump.sh index 7e2e3dd372f..4dc16c6ae2a 100755 --- a/cluster/log-dump/log-dump.sh +++ b/cluster/log-dump/log-dump.sh @@ -329,8 +329,13 @@ function find_non_logexported_nodes() { } function dump_nodes_with_logexporter() { - echo "Detecting nodes in the cluster" - detect-node-names &> /dev/null + if [[ -n "${use_custom_instance_list}" ]]; then + echo "Dumping logs for nodes provided by log_dump_custom_get_instances() function" + NODE_NAMES=( $(log_dump_custom_get_instances node) ) + else + echo "Detecting nodes in the cluster" + detect-node-names &> /dev/null + fi if [[ -z "${NODE_NAMES:-}" ]]; then echo "No nodes found!" @@ -349,6 +354,7 @@ function dump_nodes_with_logexporter() { sed -i'' -e "s@{{.CloudProvider}}@${cloud_provider}@g" "${KUBE_ROOT}/cluster/log-dump/logexporter-daemonset.yaml" sed -i'' -e "s@{{.GCSPath}}@${gcs_artifacts_dir}@g" "${KUBE_ROOT}/cluster/log-dump/logexporter-daemonset.yaml" sed -i'' -e "s@{{.EnableHollowNodeLogs}}@${enable_hollow_node_logs}@g" "${KUBE_ROOT}/cluster/log-dump/logexporter-daemonset.yaml" + sed -i'' -e "s@{{.DumpSystemdJournal}}@${dump_systemd_journal}@g" "${KUBE_ROOT}/cluster/log-dump/logexporter-daemonset.yaml" # Create the logexporter namespace, service-account secret and the logexporter daemonset within that namespace. KUBECTL="${KUBE_ROOT}/cluster/kubectl.sh" diff --git a/cluster/log-dump/logexporter-daemonset.yaml b/cluster/log-dump/logexporter-daemonset.yaml index 69a0d91fcda..c9c575445eb 100644 --- a/cluster/log-dump/logexporter-daemonset.yaml +++ b/cluster/log-dump/logexporter-daemonset.yaml @@ -36,7 +36,7 @@ spec: spec: containers: - name: logexporter-test - image: gcr.io/k8s-testimages/logexporter:v0.1.3 + image: gcr.io/k8s-testimages/logexporter:v0.1.5 env: - name: NODE_NAME valueFrom: @@ -49,6 +49,7 @@ spec: - --gcs-path={{.GCSPath}} - --gcloud-auth-file-path=/etc/service-account/service-account.json - --enable-hollow-node-logs={{.EnableHollowNodeLogs}} + - --dump-systemd-journal={{.DumpSystemdJournal}} - --sleep-duration=24h - --alsologtostderr volumeMounts: diff --git a/cmd/OWNERS b/cmd/OWNERS index 82e379f36b1..02130504f9d 100644 --- a/cmd/OWNERS +++ b/cmd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - dchen1107 - lavalamp diff --git a/cmd/clicheck/OWNERS b/cmd/clicheck/OWNERS index ce699e9679a..d3e63eb0d8a 100644 --- a/cmd/clicheck/OWNERS +++ b/cmd/clicheck/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/cmd/cloud-controller-manager/OWNERS b/cmd/cloud-controller-manager/OWNERS index eacd4ab9ec6..a4b174946c9 100644 --- a/cmd/cloud-controller-manager/OWNERS +++ b/cmd/cloud-controller-manager/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin - luxas diff --git a/cmd/cloud-controller-manager/app/BUILD b/cmd/cloud-controller-manager/app/BUILD index 3070601fd91..815b2c21e37 100644 --- a/cmd/cloud-controller-manager/app/BUILD +++ b/cmd/cloud-controller-manager/app/BUILD @@ -25,11 +25,12 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/healthz:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/util/term:go_default_library", "//staging/src/k8s.io/client-go/tools/leaderelection:go_default_library", "//staging/src/k8s.io/client-go/tools/leaderelection/resourcelock:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], diff --git a/cmd/cloud-controller-manager/app/controllermanager.go b/cmd/cloud-controller-manager/app/controllermanager.go index 8bd26c82404..ce14f2f00ac 100644 --- a/cmd/cloud-controller-manager/app/controllermanager.go +++ b/cmd/cloud-controller-manager/app/controllermanager.go @@ -30,11 +30,12 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/server" "k8s.io/apiserver/pkg/server/healthz" - apiserverflag "k8s.io/apiserver/pkg/util/flag" - "k8s.io/apiserver/pkg/util/globalflag" + "k8s.io/apiserver/pkg/util/term" "k8s.io/client-go/tools/leaderelection" "k8s.io/client-go/tools/leaderelection/resourcelock" cloudprovider "k8s.io/cloud-provider" + cliflag "k8s.io/component-base/cli/flag" + "k8s.io/component-base/cli/globalflag" "k8s.io/klog" cloudcontrollerconfig "k8s.io/kubernetes/cmd/cloud-controller-manager/app/config" "k8s.io/kubernetes/cmd/cloud-controller-manager/app/options" @@ -91,15 +92,15 @@ the cloud specific control loops shipped with Kubernetes.`, fs.AddFlagSet(f) } usageFmt := "Usage:\n %s\n" - cols, _, _ := apiserverflag.TerminalSize(cmd.OutOrStdout()) + cols, _, _ := term.TerminalSize(cmd.OutOrStdout()) cmd.SetUsageFunc(func(cmd *cobra.Command) error { fmt.Fprintf(cmd.OutOrStderr(), usageFmt, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) return nil }) cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) { fmt.Fprintf(cmd.OutOrStdout(), "%s\n\n"+usageFmt, cmd.Long, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) }) return cmd diff --git a/cmd/cloud-controller-manager/app/options/BUILD b/cmd/cloud-controller-manager/app/options/BUILD index 71f168b5613..8656bfe04e8 100644 --- a/cmd/cloud-controller-manager/app/options/BUILD +++ b/cmd/cloud-controller-manager/app/options/BUILD @@ -25,13 +25,13 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) diff --git a/cmd/cloud-controller-manager/app/options/options.go b/cmd/cloud-controller-manager/app/options/options.go index e10491c298f..205e5da99b3 100644 --- a/cmd/cloud-controller-manager/app/options/options.go +++ b/cmd/cloud-controller-manager/app/options/options.go @@ -22,18 +22,18 @@ import ( "net" "time" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilerrors "k8s.io/apimachinery/pkg/util/errors" apiserveroptions "k8s.io/apiserver/pkg/server/options" utilfeature "k8s.io/apiserver/pkg/util/feature" - apiserverflag "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/informers" clientset "k8s.io/client-go/kubernetes" v1core "k8s.io/client-go/kubernetes/typed/core/v1" restclient "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/tools/record" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/klog" ccmconfig "k8s.io/kubernetes/cmd/cloud-controller-manager/app/apis/config" ccmconfigscheme "k8s.io/kubernetes/cmd/cloud-controller-manager/app/apis/config/scheme" @@ -124,8 +124,8 @@ func NewDefaultComponentConfig(insecurePort int32) (*ccmconfig.CloudControllerMa } // Flags returns flags for a specific APIServer by section name -func (o *CloudControllerManagerOptions) Flags(allControllers, disabledByDefaultControllers []string) apiserverflag.NamedFlagSets { - fss := apiserverflag.NamedFlagSets{} +func (o *CloudControllerManagerOptions) Flags(allControllers, disabledByDefaultControllers []string) cliflag.NamedFlagSets { + fss := cliflag.NamedFlagSets{} o.Generic.AddFlags(&fss, allControllers, disabledByDefaultControllers) o.KubeCloudShared.AddFlags(fss.FlagSet("generic")) o.ServiceController.AddFlags(fss.FlagSet("service controller")) diff --git a/cmd/controller-manager/OWNERS b/cmd/controller-manager/OWNERS index f6339f17866..9027934ca08 100644 --- a/cmd/controller-manager/OWNERS +++ b/cmd/controller-manager/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - cheftako diff --git a/cmd/controller-manager/app/options/BUILD b/cmd/controller-manager/app/options/BUILD index 4c977042513..a784cd3a800 100644 --- a/cmd/controller-manager/app/options/BUILD +++ b/cmd/controller-manager/app/options/BUILD @@ -17,8 +17,8 @@ go_library( "//pkg/cloudprovider/providers:go_default_library", "//pkg/controller/apis/config:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//staging/src/k8s.io/component-base/config:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], @@ -43,8 +43,8 @@ go_test( srcs = ["globalflags_test.go"], embed = [":go_default_library"], deps = [ - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], ) diff --git a/cmd/controller-manager/app/options/generic.go b/cmd/controller-manager/app/options/generic.go index d5ffd1d1676..9491ec0a745 100644 --- a/cmd/controller-manager/app/options/generic.go +++ b/cmd/controller-manager/app/options/generic.go @@ -21,7 +21,7 @@ import ( "strings" "k8s.io/apimachinery/pkg/util/sets" - apiserverflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" componentbaseconfig "k8s.io/component-base/config" "k8s.io/kubernetes/pkg/client/leaderelectionconfig" kubectrlmgrconfig "k8s.io/kubernetes/pkg/controller/apis/config" @@ -48,7 +48,7 @@ func NewGenericControllerManagerConfigurationOptions(cfg *kubectrlmgrconfig.Gene } // AddFlags adds flags related to generic for controller manager to the specified FlagSet. -func (o *GenericControllerManagerConfigurationOptions) AddFlags(fss *apiserverflag.NamedFlagSets, allControllers, disabledByDefaultControllers []string) { +func (o *GenericControllerManagerConfigurationOptions) AddFlags(fss *cliflag.NamedFlagSets, allControllers, disabledByDefaultControllers []string) { if o == nil { return } diff --git a/cmd/controller-manager/app/options/globalflags.go b/cmd/controller-manager/app/options/globalflags.go index b7a05ee2b06..e4eda652ebf 100644 --- a/cmd/controller-manager/app/options/globalflags.go +++ b/cmd/controller-manager/app/options/globalflags.go @@ -19,7 +19,7 @@ package options import ( "github.com/spf13/pflag" - "k8s.io/apiserver/pkg/util/globalflag" + "k8s.io/component-base/cli/globalflag" // ensure libs have a chance to globally register their flags _ "k8s.io/kubernetes/pkg/cloudprovider/providers" diff --git a/cmd/controller-manager/app/options/globalflags_test.go b/cmd/controller-manager/app/options/globalflags_test.go index 4c27d0223f7..75e8665cd55 100644 --- a/cmd/controller-manager/app/options/globalflags_test.go +++ b/cmd/controller-manager/app/options/globalflags_test.go @@ -25,12 +25,12 @@ import ( "github.com/spf13/pflag" - apiserverflag "k8s.io/apiserver/pkg/util/flag" - "k8s.io/apiserver/pkg/util/globalflag" + cliflag "k8s.io/component-base/cli/flag" + "k8s.io/component-base/cli/globalflag" ) func TestAddCustomGlobalFlags(t *testing.T) { - namedFlagSets := &apiserverflag.NamedFlagSets{} + namedFlagSets := &cliflag.NamedFlagSets{} // Note that we will register all flags (including klog flags) into the same // flag set. This allows us to test against all global flags from // flags.CommandLine. @@ -45,7 +45,7 @@ func TestAddCustomGlobalFlags(t *testing.T) { // Get all flags from flags.CommandLine, except flag `test.*`. wantedFlag := []string{"help"} - pflag.CommandLine.SetNormalizeFunc(apiserverflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) pflag.CommandLine.AddGoFlagSet(flag.CommandLine) pflag.VisitAll(func(flag *pflag.Flag) { if !strings.Contains(flag.Name, "test.") { diff --git a/cmd/genkubedocs/postprocessing_test.go b/cmd/genkubedocs/postprocessing_test.go index 57afedf05a2..66ef3c76fdb 100644 --- a/cmd/genkubedocs/postprocessing_test.go +++ b/cmd/genkubedocs/postprocessing_test.go @@ -26,7 +26,7 @@ func TestCleanupForInclude(t *testing.T) { markdown, expectedMarkdown string }{ { // first line is removed - // Nb. fist line is the title of the document, and by removing it you get + // Nb. first line is the title of the document, and by removing it you get // more flexibility for include, e.g. include in tabs markdown: "line 1\n" + "line 2\n" + @@ -34,7 +34,7 @@ func TestCleanupForInclude(t *testing.T) { expectedMarkdown: "line 2\n" + "line 3", }, - { // evething after ###SEE ALSO is removed + { // everything after ###SEE ALSO is removed // Nb. see also, that assumes file will be used as a main page (does not apply to includes) markdown: "line 1\n" + "line 2\n" + diff --git a/cmd/hyperkube/BUILD b/cmd/hyperkube/BUILD index 077dfa08018..22f9f3d4330 100644 --- a/cmd/hyperkube/BUILD +++ b/cmd/hyperkube/BUILD @@ -28,7 +28,7 @@ go_library( "//pkg/kubectl/cmd:go_default_library", "//pkg/version/prometheus:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", diff --git a/cmd/hyperkube/OWNERS b/cmd/hyperkube/OWNERS index 0c4ba8e2f18..c28de235565 100644 --- a/cmd/hyperkube/OWNERS +++ b/cmd/hyperkube/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + labels: - sig/release diff --git a/cmd/hyperkube/main.go b/cmd/hyperkube/main.go index a5bfb2ad382..b3ff9ea5c67 100644 --- a/cmd/hyperkube/main.go +++ b/cmd/hyperkube/main.go @@ -33,7 +33,7 @@ import ( "github.com/spf13/pflag" "k8s.io/apiserver/pkg/server" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/component-base/logs" cloudcontrollermanager "k8s.io/kubernetes/cmd/cloud-controller-manager/app" kubeapiserver "k8s.io/kubernetes/cmd/kube-apiserver/app" @@ -52,11 +52,11 @@ func main() { hyperkubeCommand, allCommandFns := NewHyperKubeCommand(server.SetupSignalHandler()) // TODO: once we switch everything over to Cobra commands, we can go back to calling - // utilflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the + // cliflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the // normalize func and add the go flag set by hand. - pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) pflag.CommandLine.AddGoFlagSet(goflag.CommandLine) - // utilflag.InitFlags() + // cliflag.InitFlags() logs.InitLogs() defer logs.FlushLogs() diff --git a/cmd/importverifier/OWNERS b/cmd/importverifier/OWNERS index 44fce8b6eab..7610b982ae9 100644 --- a/cmd/importverifier/OWNERS +++ b/cmd/importverifier/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - stevekuznetsov - deads2k diff --git a/cmd/kube-apiserver/OWNERS b/cmd/kube-apiserver/OWNERS index 02d03e318fe..8ad6ecf8ff3 100644 --- a/cmd/kube-apiserver/OWNERS +++ b/cmd/kube-apiserver/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - caesarxuchao - deads2k diff --git a/cmd/kube-apiserver/app/BUILD b/cmd/kube-apiserver/app/BUILD index a2098f5b418..d210309f9ae 100644 --- a/cmd/kube-apiserver/app/BUILD +++ b/cmd/kube-apiserver/app/BUILD @@ -56,14 +56,15 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/etcd3/preflight:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/util/term:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/webhook:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/client-go/util/cert:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1:go_default_library", diff --git a/cmd/kube-apiserver/app/aggregator.go b/cmd/kube-apiserver/app/aggregator.go index ee42f6a5a6c..c962ddfe4e7 100644 --- a/cmd/kube-apiserver/app/aggregator.go +++ b/cmd/kube-apiserver/app/aggregator.go @@ -70,7 +70,6 @@ func createAggregatorConfig( &genericConfig, externalInformers, genericConfig.LoopbackClientConfig, - aggregatorscheme.Scheme, pluginInitializers...) if err != nil { return nil, err @@ -131,7 +130,7 @@ func createAggregatorServer(aggregatorConfig *aggregatorapiserver.Config, delega } autoRegistrationController := autoregister.NewAutoRegisterController(aggregatorServer.APIRegistrationInformers.Apiregistration().InternalVersion().APIServices(), apiRegistrationClient) apiServices := apiServicesToRegister(delegateAPIServer, autoRegistrationController) - crdRegistrationController := crdregistration.NewAutoRegistrationController( + crdRegistrationController := crdregistration.NewCRDRegistrationController( apiExtensionInformers.Apiextensions().InternalVersion().CustomResourceDefinitions(), autoRegistrationController) @@ -259,6 +258,7 @@ var apiVersionPriorities = map[schema.GroupVersion]priority{ {Group: "batch", Version: "v2alpha1"}: {group: 17400, version: 9}, {Group: "certificates.k8s.io", Version: "v1beta1"}: {group: 17300, version: 9}, {Group: "networking.k8s.io", Version: "v1"}: {group: 17200, version: 15}, + {Group: "networking.k8s.io", Version: "v1beta1"}: {group: 17200, version: 9}, {Group: "policy", Version: "v1beta1"}: {group: 17100, version: 9}, {Group: "rbac.authorization.k8s.io", Version: "v1"}: {group: 17000, version: 15}, {Group: "rbac.authorization.k8s.io", Version: "v1beta1"}: {group: 17000, version: 12}, diff --git a/cmd/kube-apiserver/app/apiextensions.go b/cmd/kube-apiserver/app/apiextensions.go index 181ca715858..2db21153cd0 100644 --- a/cmd/kube-apiserver/app/apiextensions.go +++ b/cmd/kube-apiserver/app/apiextensions.go @@ -52,7 +52,6 @@ func createAPIExtensionsConfig( &genericConfig, externalInformers, genericConfig.LoopbackClientConfig, - apiextensionsapiserver.Scheme, pluginInitializers...) if err != nil { return nil, err diff --git a/cmd/kube-apiserver/app/options/BUILD b/cmd/kube-apiserver/app/options/BUILD index a6d11a840e4..2112ade4780 100644 --- a/cmd/kube-apiserver/app/options/BUILD +++ b/cmd/kube-apiserver/app/options/BUILD @@ -30,8 +30,8 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/apiserver/scheme:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], @@ -45,7 +45,6 @@ go_test( ], embed = [":go_default_library"], deps = [ - "//pkg/api/legacyscheme:go_default_library", "//pkg/apis/core:go_default_library", "//pkg/kubeapiserver/options:go_default_library", "//pkg/kubelet/client:go_default_library", @@ -53,12 +52,12 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", "//staging/src/k8s.io/apiserver/plugin/pkg/audit/buffered:go_default_library", "//staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic:go_default_library", "//staging/src/k8s.io/apiserver/plugin/pkg/audit/truncate:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], ) diff --git a/cmd/kube-apiserver/app/options/globalflags.go b/cmd/kube-apiserver/app/options/globalflags.go index 96c955ac0bd..70ce6492ed9 100644 --- a/cmd/kube-apiserver/app/options/globalflags.go +++ b/cmd/kube-apiserver/app/options/globalflags.go @@ -19,7 +19,7 @@ package options import ( "github.com/spf13/pflag" - "k8s.io/apiserver/pkg/util/globalflag" + "k8s.io/component-base/cli/globalflag" // ensure libs have a chance to globally register their flags _ "k8s.io/apiserver/pkg/admission" diff --git a/cmd/kube-apiserver/app/options/globalflags_test.go b/cmd/kube-apiserver/app/options/globalflags_test.go index 0c3c1b843b3..7510efc74e4 100644 --- a/cmd/kube-apiserver/app/options/globalflags_test.go +++ b/cmd/kube-apiserver/app/options/globalflags_test.go @@ -25,12 +25,12 @@ import ( "github.com/spf13/pflag" - apiserverflag "k8s.io/apiserver/pkg/util/flag" - "k8s.io/apiserver/pkg/util/globalflag" + cliflag "k8s.io/component-base/cli/flag" + "k8s.io/component-base/cli/globalflag" ) func TestAddCustomGlobalFlags(t *testing.T) { - namedFlagSets := &apiserverflag.NamedFlagSets{} + namedFlagSets := &cliflag.NamedFlagSets{} // Note that we will register all flags (including klog flags) into the same // flag set. This allows us to test against all global flags from @@ -46,7 +46,7 @@ func TestAddCustomGlobalFlags(t *testing.T) { // Get all flags from flags.CommandLine, except flag `test.*`. wantedFlag := []string{"help"} - pflag.CommandLine.SetNormalizeFunc(apiserverflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) pflag.CommandLine.AddGoFlagSet(flag.CommandLine) pflag.VisitAll(func(flag *pflag.Flag) { if !strings.Contains(flag.Name, "test.") { diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go index df1f4be6005..1ba2092f0f4 100644 --- a/cmd/kube-apiserver/app/options/options.go +++ b/cmd/kube-apiserver/app/options/options.go @@ -25,7 +25,7 @@ import ( utilnet "k8s.io/apimachinery/pkg/util/net" genericoptions "k8s.io/apiserver/pkg/server/options" "k8s.io/apiserver/pkg/storage/storagebackend" - apiserverflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" api "k8s.io/kubernetes/pkg/apis/core" _ "k8s.io/kubernetes/pkg/features" // add the kubernetes feature gates kubeoptions "k8s.io/kubernetes/pkg/kubeapiserver/options" @@ -47,7 +47,6 @@ type ServerRunOptions struct { Authentication *kubeoptions.BuiltInAuthenticationOptions Authorization *kubeoptions.BuiltInAuthorizationOptions CloudProvider *kubeoptions.CloudProviderOptions - StorageSerialization *kubeoptions.StorageSerializationOptions APIEnablement *genericoptions.APIEnablementOptions AllowPrivileged bool @@ -87,7 +86,6 @@ func NewServerRunOptions() *ServerRunOptions { Authentication: kubeoptions.NewBuiltInAuthenticationOptions().WithAll(), Authorization: kubeoptions.NewBuiltInAuthorizationOptions(), CloudProvider: kubeoptions.NewCloudProviderOptions(), - StorageSerialization: kubeoptions.NewStorageSerializationOptions(), APIEnablement: genericoptions.NewAPIEnablementOptions(), EnableLogsHandler: true, @@ -123,7 +121,7 @@ func NewServerRunOptions() *ServerRunOptions { } // Flags returns flags for a specific APIServer by section name -func (s *ServerRunOptions) Flags() (fss apiserverflag.NamedFlagSets) { +func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) { // Add the generic flags. s.GenericServerRunOptions.AddUniversalFlags(fss.FlagSet("generic")) s.Etcd.AddFlags(fss.FlagSet("etcd")) @@ -135,7 +133,6 @@ func (s *ServerRunOptions) Flags() (fss apiserverflag.NamedFlagSets) { s.Authentication.AddFlags(fss.FlagSet("authentication")) s.Authorization.AddFlags(fss.FlagSet("authorization")) s.CloudProvider.AddFlags(fss.FlagSet("cloud provider")) - s.StorageSerialization.AddFlags(fss.FlagSet("storage")) s.APIEnablement.AddFlags(fss.FlagSet("api enablement")) s.Admission.AddFlags(fss.FlagSet("admission")) diff --git a/cmd/kube-apiserver/app/options/options_test.go b/cmd/kube-apiserver/app/options/options_test.go index e4173130a3b..a37ebf8a069 100644 --- a/cmd/kube-apiserver/app/options/options_test.go +++ b/cmd/kube-apiserver/app/options/options_test.go @@ -27,12 +27,11 @@ import ( "k8s.io/apimachinery/pkg/util/diff" apiserveroptions "k8s.io/apiserver/pkg/server/options" "k8s.io/apiserver/pkg/storage/storagebackend" - utilflag "k8s.io/apiserver/pkg/util/flag" auditbuffered "k8s.io/apiserver/plugin/pkg/audit/buffered" auditdynamic "k8s.io/apiserver/plugin/pkg/audit/dynamic" audittruncate "k8s.io/apiserver/plugin/pkg/audit/truncate" restclient "k8s.io/client-go/rest" - "k8s.io/kubernetes/pkg/api/legacyscheme" + cliflag "k8s.io/component-base/cli/flag" kapi "k8s.io/kubernetes/pkg/apis/core" kubeoptions "k8s.io/kubernetes/pkg/kubeapiserver/options" kubeletclient "k8s.io/kubernetes/pkg/kubelet/client" @@ -129,6 +128,8 @@ func TestAddFlags(t *testing.T) { MaxMutatingRequestsInFlight: 200, RequestTimeout: time.Duration(2) * time.Minute, MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: int64(100 * 1024 * 1024), + MaxRequestBodyBytes: int64(100 * 1024 * 1024), }, Admission: &kubeoptions.AdmissionOptions{ GenericAdmission: &apiserveroptions.AdmissionOptions{ @@ -137,6 +138,7 @@ func TestAddFlags(t *testing.T) { EnablePlugins: []string{"AlwaysDeny"}, ConfigFile: "/admission-control-config", Plugins: s.Admission.GenericAdmission.Plugins, + Decorators: s.Admission.GenericAdmission.Decorators, }, }, Etcd: &apiserveroptions.EtcdOptions{ @@ -287,12 +289,8 @@ func TestAddFlags(t *testing.T) { CloudConfigFile: "/cloud-config", CloudProvider: "azure", }, - StorageSerialization: &kubeoptions.StorageSerializationOptions{ - StorageVersions: kubeoptions.ToPreferredVersionString(legacyscheme.Scheme.PreferredVersionAllGroups()), - DefaultStorageVersions: kubeoptions.ToPreferredVersionString(legacyscheme.Scheme.PreferredVersionAllGroups()), - }, APIEnablement: &apiserveroptions.APIEnablementOptions{ - RuntimeConfig: utilflag.ConfigurationMap{}, + RuntimeConfig: cliflag.ConfigurationMap{}, }, EnableLogsHandler: false, EnableAggregatorRouting: true, diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index 50bf1fe8898..7daab88ceb9 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -35,7 +35,7 @@ import ( "github.com/spf13/cobra" extensionsapiserver "k8s.io/apiextensions-apiserver/pkg/apiserver" - "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilerrors "k8s.io/apimachinery/pkg/util/errors" utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/sets" @@ -49,13 +49,14 @@ import ( serveroptions "k8s.io/apiserver/pkg/server/options" serverstorage "k8s.io/apiserver/pkg/server/storage" "k8s.io/apiserver/pkg/storage/etcd3/preflight" - apiserverflag "k8s.io/apiserver/pkg/util/flag" - "k8s.io/apiserver/pkg/util/globalflag" + "k8s.io/apiserver/pkg/util/term" "k8s.io/apiserver/pkg/util/webhook" clientgoinformers "k8s.io/client-go/informers" clientgoclientset "k8s.io/client-go/kubernetes" certutil "k8s.io/client-go/util/cert" cloudprovider "k8s.io/cloud-provider" + cliflag "k8s.io/component-base/cli/flag" + "k8s.io/component-base/cli/globalflag" "k8s.io/klog" aggregatorapiserver "k8s.io/kube-aggregator/pkg/apiserver" aggregatorscheme "k8s.io/kube-aggregator/pkg/apiserver/scheme" @@ -126,15 +127,15 @@ cluster's shared state through which all other components interact.`, } usageFmt := "Usage:\n %s\n" - cols, _, _ := apiserverflag.TerminalSize(cmd.OutOrStdout()) + cols, _, _ := term.TerminalSize(cmd.OutOrStdout()) cmd.SetUsageFunc(func(cmd *cobra.Command) error { fmt.Fprintf(cmd.OutOrStderr(), usageFmt, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) return nil }) cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) { fmt.Fprintf(cmd.OutOrStdout(), "%s\n\n"+usageFmt, cmd.Long, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) }) return cmd @@ -415,7 +416,7 @@ func buildGenericConfig( storageFactoryConfig := kubeapiserver.NewStorageFactoryConfig() storageFactoryConfig.ApiResourceConfig = genericConfig.MergedResourceConfig - completedStorageFactoryConfig, err := storageFactoryConfig.Complete(s.Etcd, s.StorageSerialization) + completedStorageFactoryConfig, err := storageFactoryConfig.Complete(s.Etcd) if err != nil { lastErr = err return @@ -490,7 +491,6 @@ func buildGenericConfig( genericConfig, versionedInformers, kubeClientConfig, - legacyscheme.Scheme, pluginInitializers...) if err != nil { lastErr = fmt.Errorf("failed to initialize admission: %v", err) diff --git a/cmd/kube-controller-manager/OWNERS b/cmd/kube-controller-manager/OWNERS index b3260a6d225..bb69b78297e 100644 --- a/cmd/kube-controller-manager/OWNERS +++ b/cmd/kube-controller-manager/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - lavalamp diff --git a/cmd/kube-controller-manager/app/BUILD b/cmd/kube-controller-manager/app/BUILD index debbcdd2100..749e20dc900 100644 --- a/cmd/kube-controller-manager/app/BUILD +++ b/cmd/kube-controller-manager/app/BUILD @@ -118,9 +118,9 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/server/healthz:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/mux:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/util/term:go_default_library", "//staging/src/k8s.io/client-go/discovery/cached:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", @@ -132,6 +132,8 @@ go_library( "//staging/src/k8s.io/client-go/util/cert:go_default_library", "//staging/src/k8s.io/client-go/util/flowcontrol:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//staging/src/k8s.io/csi-api/pkg/client/clientset/versioned:go_default_library", "//staging/src/k8s.io/metrics/pkg/client/clientset/versioned/typed/metrics/v1beta1:go_default_library", "//staging/src/k8s.io/metrics/pkg/client/custom_metrics:go_default_library", diff --git a/cmd/kube-controller-manager/app/controllermanager.go b/cmd/kube-controller-manager/app/controllermanager.go index 935c8651f26..86a0febe1f1 100644 --- a/cmd/kube-controller-manager/app/controllermanager.go +++ b/cmd/kube-controller-manager/app/controllermanager.go @@ -39,8 +39,7 @@ import ( "k8s.io/apiserver/pkg/server" "k8s.io/apiserver/pkg/server/healthz" "k8s.io/apiserver/pkg/server/mux" - apiserverflag "k8s.io/apiserver/pkg/util/flag" - "k8s.io/apiserver/pkg/util/globalflag" + "k8s.io/apiserver/pkg/util/term" cacheddiscovery "k8s.io/client-go/discovery/cached" "k8s.io/client-go/informers" restclient "k8s.io/client-go/rest" @@ -49,6 +48,8 @@ import ( "k8s.io/client-go/tools/leaderelection/resourcelock" certutil "k8s.io/client-go/util/cert" cloudprovider "k8s.io/cloud-provider" + cliflag "k8s.io/component-base/cli/flag" + "k8s.io/component-base/cli/globalflag" "k8s.io/klog" genericcontrollermanager "k8s.io/kubernetes/cmd/controller-manager/app" cmoptions "k8s.io/kubernetes/cmd/controller-manager/app/options" @@ -121,15 +122,15 @@ controller, and serviceaccounts controller.`, fs.AddFlagSet(f) } usageFmt := "Usage:\n %s\n" - cols, _, _ := apiserverflag.TerminalSize(cmd.OutOrStdout()) + cols, _, _ := term.TerminalSize(cmd.OutOrStdout()) cmd.SetUsageFunc(func(cmd *cobra.Command) error { fmt.Fprintf(cmd.OutOrStderr(), usageFmt, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) return nil }) cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) { fmt.Fprintf(cmd.OutOrStdout(), "%s\n\n"+usageFmt, cmd.Long, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) }) return cmd diff --git a/cmd/kube-controller-manager/app/core.go b/cmd/kube-controller-manager/app/core.go index 81ba2eed4ee..deea6911370 100644 --- a/cmd/kube-controller-manager/app/core.go +++ b/cmd/kube-controller-manager/app/core.go @@ -33,7 +33,7 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime/schema" utilfeature "k8s.io/apiserver/pkg/util/feature" - cacheddiscovery "k8s.io/client-go/discovery/cached" + cacheddiscovery "k8s.io/client-go/discovery/cached/memory" "k8s.io/client-go/dynamic" clientset "k8s.io/client-go/kubernetes" restclient "k8s.io/client-go/rest" diff --git a/cmd/kube-controller-manager/app/options/BUILD b/cmd/kube-controller-manager/app/options/BUILD index 1a0fbc130aa..dfcaf0183dc 100644 --- a/cmd/kube-controller-manager/app/options/BUILD +++ b/cmd/kube-controller-manager/app/options/BUILD @@ -43,13 +43,13 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/kube-controller-manager/config/v1alpha1:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/cmd/kube-controller-manager/app/options/options.go b/cmd/kube-controller-manager/app/options/options.go index a80a43bdb11..211e03262a9 100644 --- a/cmd/kube-controller-manager/app/options/options.go +++ b/cmd/kube-controller-manager/app/options/options.go @@ -22,17 +22,17 @@ import ( "fmt" "net" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" utilerrors "k8s.io/apimachinery/pkg/util/errors" apiserveroptions "k8s.io/apiserver/pkg/server/options" utilfeature "k8s.io/apiserver/pkg/util/feature" - apiserverflag "k8s.io/apiserver/pkg/util/flag" clientset "k8s.io/client-go/kubernetes" clientgokubescheme "k8s.io/client-go/kubernetes/scheme" v1core "k8s.io/client-go/kubernetes/typed/core/v1" restclient "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/tools/record" + cliflag "k8s.io/component-base/cli/flag" kubectrlmgrconfigv1alpha1 "k8s.io/kube-controller-manager/config/v1alpha1" cmoptions "k8s.io/kubernetes/cmd/controller-manager/app/options" kubecontrollerconfig "k8s.io/kubernetes/cmd/kube-controller-manager/app/config" @@ -201,8 +201,8 @@ func NewDefaultComponentConfig(insecurePort int32) (kubectrlmgrconfig.KubeContro } // Flags returns flags for a specific APIServer by section name -func (s *KubeControllerManagerOptions) Flags(allControllers []string, disabledByDefaultControllers []string) apiserverflag.NamedFlagSets { - fss := apiserverflag.NamedFlagSets{} +func (s *KubeControllerManagerOptions) Flags(allControllers []string, disabledByDefaultControllers []string) cliflag.NamedFlagSets { + fss := cliflag.NamedFlagSets{} s.Generic.AddFlags(&fss, allControllers, disabledByDefaultControllers) s.KubeCloudShared.AddFlags(fss.FlagSet("generic")) s.ServiceController.AddFlags(fss.FlagSet("service controller")) diff --git a/cmd/kube-proxy/BUILD b/cmd/kube-proxy/BUILD index 3bc47886c61..29e5743beb1 100644 --- a/cmd/kube-proxy/BUILD +++ b/cmd/kube-proxy/BUILD @@ -22,7 +22,7 @@ go_library( "//cmd/kube-proxy/app:go_default_library", "//pkg/client/metrics/prometheus:go_default_library", "//pkg/version/prometheus:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], diff --git a/cmd/kube-proxy/app/BUILD b/cmd/kube-proxy/app/BUILD index 75052c2dedf..d30c4dcc118 100644 --- a/cmd/kube-proxy/app/BUILD +++ b/cmd/kube-proxy/app/BUILD @@ -54,7 +54,6 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/server/mux:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/routes:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library", @@ -62,6 +61,7 @@ go_library( "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd/api:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/config:go_default_library", "//staging/src/k8s.io/kube-proxy/config/v1alpha1:go_default_library", "//vendor/github.com/fsnotify/fsnotify:go_default_library", diff --git a/cmd/kube-proxy/app/init_windows.go b/cmd/kube-proxy/app/init_windows.go index 85cafcda53b..5db0b703f40 100644 --- a/cmd/kube-proxy/app/init_windows.go +++ b/cmd/kube-proxy/app/init_windows.go @@ -37,4 +37,7 @@ func initForOS(windowsService bool) error { func (o *Options) addOSFlags(fs *pflag.FlagSet) { fs.BoolVar(&o.WindowsService, "windows-service", o.WindowsService, "Enable Windows Service Control Manager API integration") + fs.StringVar(&o.config.Winkernel.SourceVip, "source-vip", o.config.Winkernel.SourceVip, "The IP address of the source VIP for non-DSR.") + fs.StringVar(&o.config.Winkernel.NetworkName, "network-name", o.config.Winkernel.NetworkName, "The name of the cluster network.") + fs.BoolVar(&o.config.Winkernel.EnableDSR, "enable-dsr", o.config.Winkernel.EnableDSR, "If true make kube-proxy apply DSR policies for service VIP") } diff --git a/cmd/kube-proxy/app/server.go b/cmd/kube-proxy/app/server.go index 9312001f0a9..b30d9b3b74c 100644 --- a/cmd/kube-proxy/app/server.go +++ b/cmd/kube-proxy/app/server.go @@ -39,7 +39,6 @@ import ( "k8s.io/apiserver/pkg/server/mux" "k8s.io/apiserver/pkg/server/routes" utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/apiserver/pkg/util/flag" informers "k8s.io/client-go/informers" clientset "k8s.io/client-go/kubernetes" v1core "k8s.io/client-go/kubernetes/typed/core/v1" @@ -47,6 +46,7 @@ import ( "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" "k8s.io/client-go/tools/record" + cliflag "k8s.io/component-base/cli/flag" componentbaseconfig "k8s.io/component-base/config" "k8s.io/kube-proxy/config/v1alpha1" api "k8s.io/kubernetes/pkg/apis/core" @@ -192,7 +192,7 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) { fs.StringVar(&o.config.IPVS.Scheduler, "ipvs-scheduler", o.config.IPVS.Scheduler, "The ipvs scheduler type when proxy mode is ipvs") fs.StringSliceVar(&o.config.NodePortAddresses, "nodeport-addresses", o.config.NodePortAddresses, "A string slice of values which specify the addresses to use for NodePorts. Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32). The default empty string slice ([]) means to use all local addresses.") - fs.Var(flag.NewMapStringBool(&o.config.FeatureGates), "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features. "+ + fs.Var(cliflag.NewMapStringBool(&o.config.FeatureGates), "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features. "+ "Options are:\n"+strings.Join(utilfeature.DefaultFeatureGate.KnownFeatures(), "\n")) } diff --git a/cmd/kube-proxy/app/server_test.go b/cmd/kube-proxy/app/server_test.go index e07cd18b4b5..345e783cf20 100644 --- a/cmd/kube-proxy/app/server_test.go +++ b/cmd/kube-proxy/app/server_test.go @@ -20,6 +20,7 @@ import ( "fmt" "io/ioutil" "os" + "path/filepath" "reflect" "runtime" "strings" @@ -415,8 +416,12 @@ func TestProcessHostnameOverrideFlag(t *testing.T) { func TestConfigChange(t *testing.T) { setUp := func() (*os.File, string, error) { - tempDir := os.TempDir() - file, err := ioutil.TempFile(tempDir, "kube-proxy-config-") + tempDir, err := ioutil.TempDir("", "kubeproxy-config-change") + if err != nil { + return nil, "", fmt.Errorf("Unable to create temporary directory: %v", err) + } + fullPath := filepath.Join(tempDir, "kube-proxy-config") + file, err := os.Create(fullPath) if err != nil { return nil, "", fmt.Errorf("unexpected error when creating temp file: %v", err) } diff --git a/cmd/kube-proxy/app/server_windows.go b/cmd/kube-proxy/app/server_windows.go index 5ef2ce16182..5aba6cf665a 100644 --- a/cmd/kube-proxy/app/server_windows.go +++ b/cmd/kube-proxy/app/server_windows.go @@ -110,6 +110,7 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi utilnode.GetNodeIP(client, hostname), recorder, healthzUpdater, + config.Winkernel, ) if err != nil { return nil, fmt.Errorf("unable to create proxier: %v", err) diff --git a/cmd/kube-proxy/proxy.go b/cmd/kube-proxy/proxy.go index 95b2073a736..9b0e31d9ba7 100644 --- a/cmd/kube-proxy/proxy.go +++ b/cmd/kube-proxy/proxy.go @@ -25,7 +25,7 @@ import ( "github.com/spf13/pflag" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/component-base/logs" "k8s.io/kubernetes/cmd/kube-proxy/app" _ "k8s.io/kubernetes/pkg/client/metrics/prometheus" // for client metric registration @@ -40,7 +40,7 @@ func main() { // TODO: once we switch everything over to Cobra commands, we can go back to calling // utilflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the // normalize func and add the go flag set by hand. - pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) pflag.CommandLine.AddGoFlagSet(goflag.CommandLine) // utilflag.InitFlags() logs.InitLogs() diff --git a/cmd/kube-scheduler/BUILD b/cmd/kube-scheduler/BUILD index 601dce330f3..42aa06ed0f2 100644 --- a/cmd/kube-scheduler/BUILD +++ b/cmd/kube-scheduler/BUILD @@ -22,7 +22,7 @@ go_library( "//cmd/kube-scheduler/app:go_default_library", "//pkg/util/prometheusclientgo:go_default_library", "//pkg/version/prometheus:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], diff --git a/cmd/kube-scheduler/OWNERS b/cmd/kube-scheduler/OWNERS index fe768eadb54..e6772b3d810 100644 --- a/cmd/kube-scheduler/OWNERS +++ b/cmd/kube-scheduler/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-scheduling-maintainers reviewers: diff --git a/cmd/kube-scheduler/app/BUILD b/cmd/kube-scheduler/app/BUILD index 2872cf4f90e..c1d924b4051 100644 --- a/cmd/kube-scheduler/app/BUILD +++ b/cmd/kube-scheduler/app/BUILD @@ -32,10 +32,11 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/server/healthz:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/mux:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/routes:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/util/term:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library", "//staging/src/k8s.io/client-go/tools/leaderelection:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/globalflag:go_default_library", "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/cmd/kube-scheduler/app/options/BUILD b/cmd/kube-scheduler/app/options/BUILD index a2460f4a4f2..c681c3e4e91 100644 --- a/cmd/kube-scheduler/app/options/BUILD +++ b/cmd/kube-scheduler/app/options/BUILD @@ -28,7 +28,6 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library", @@ -38,6 +37,7 @@ go_library( "//staging/src/k8s.io/client-go/tools/leaderelection:go_default_library", "//staging/src/k8s.io/client-go/tools/leaderelection/resourcelock:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/config:go_default_library", "//staging/src/k8s.io/kube-scheduler/config/v1alpha1:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", diff --git a/cmd/kube-scheduler/app/options/options.go b/cmd/kube-scheduler/app/options/options.go index 62bb3580be5..02e3b435190 100644 --- a/cmd/kube-scheduler/app/options/options.go +++ b/cmd/kube-scheduler/app/options/options.go @@ -28,7 +28,6 @@ import ( "k8s.io/apimachinery/pkg/util/uuid" apiserveroptions "k8s.io/apiserver/pkg/server/options" utilfeature "k8s.io/apiserver/pkg/util/feature" - apiserverflag "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/informers" clientset "k8s.io/client-go/kubernetes" v1core "k8s.io/client-go/kubernetes/typed/core/v1" @@ -38,6 +37,7 @@ import ( "k8s.io/client-go/tools/leaderelection" "k8s.io/client-go/tools/leaderelection/resourcelock" "k8s.io/client-go/tools/record" + cliflag "k8s.io/component-base/cli/flag" componentbaseconfig "k8s.io/component-base/config" "k8s.io/klog" kubeschedulerconfigv1alpha1 "k8s.io/kube-scheduler/config/v1alpha1" @@ -140,7 +140,7 @@ func newDefaultComponentConfig() (*kubeschedulerconfig.KubeSchedulerConfiguratio } // Flags returns flags for a specific scheduler by section name -func (o *Options) Flags() (nfs apiserverflag.NamedFlagSets) { +func (o *Options) Flags() (nfs cliflag.NamedFlagSets) { fs := nfs.FlagSet("misc") fs.StringVar(&o.ConfigFile, "config", o.ConfigFile, "The path to the configuration file. Flags override values in this file.") fs.StringVar(&o.WriteConfigTo, "write-config-to", o.WriteConfigTo, "If set, write the configuration values to this file and exit.") diff --git a/cmd/kube-scheduler/app/server.go b/cmd/kube-scheduler/app/server.go index d4f1905d23b..48a30d74cae 100644 --- a/cmd/kube-scheduler/app/server.go +++ b/cmd/kube-scheduler/app/server.go @@ -35,10 +35,11 @@ import ( "k8s.io/apiserver/pkg/server/healthz" "k8s.io/apiserver/pkg/server/mux" "k8s.io/apiserver/pkg/server/routes" - apiserverflag "k8s.io/apiserver/pkg/util/flag" - "k8s.io/apiserver/pkg/util/globalflag" + "k8s.io/apiserver/pkg/util/term" v1core "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/client-go/tools/leaderelection" + cliflag "k8s.io/component-base/cli/flag" + "k8s.io/component-base/cli/globalflag" schedulerserverconfig "k8s.io/kubernetes/cmd/kube-scheduler/app/config" "k8s.io/kubernetes/cmd/kube-scheduler/app/options" "k8s.io/kubernetes/pkg/api/legacyscheme" @@ -89,15 +90,15 @@ through the API as necessary.`, } usageFmt := "Usage:\n %s\n" - cols, _, _ := apiserverflag.TerminalSize(cmd.OutOrStdout()) + cols, _, _ := term.TerminalSize(cmd.OutOrStdout()) cmd.SetUsageFunc(func(cmd *cobra.Command) error { fmt.Fprintf(cmd.OutOrStderr(), usageFmt, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) return nil }) cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) { fmt.Fprintf(cmd.OutOrStdout(), "%s\n\n"+usageFmt, cmd.Long, cmd.UseLine()) - apiserverflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) + cliflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) }) cmd.MarkFlagFilename("config", "yaml", "yml", "json") @@ -214,7 +215,7 @@ func Run(cc schedulerserverconfig.CompletedConfig, stopCh <-chan struct{}) error // TODO: handle stoppedCh returned by c.SecureServing.Serve if _, err := cc.SecureServing.Serve(handler, 0, stopCh); err != nil { // fail early for secure handlers, removing the old error loop from above - return fmt.Errorf("failed to start healthz server: %v", err) + return fmt.Errorf("failed to start secure server: %v", err) } } @@ -306,7 +307,7 @@ func newMetricsHandler(config *kubeschedulerconfig.KubeSchedulerConfiguration) h return pathRecorderMux } -// newHealthzServer creates a healthz server from the config, and will also +// newHealthzHandler creates a healthz server from the config, and will also // embed the metrics handler if the healthz and metrics address configurations // are the same. func newHealthzHandler(config *kubeschedulerconfig.KubeSchedulerConfiguration, separateMetrics bool, checks ...healthz.HealthzChecker) http.Handler { diff --git a/cmd/kube-scheduler/scheduler.go b/cmd/kube-scheduler/scheduler.go index d35cbd3615e..5f4af458dc6 100644 --- a/cmd/kube-scheduler/scheduler.go +++ b/cmd/kube-scheduler/scheduler.go @@ -24,7 +24,7 @@ import ( "github.com/spf13/pflag" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/component-base/logs" "k8s.io/kubernetes/cmd/kube-scheduler/app" _ "k8s.io/kubernetes/pkg/util/prometheusclientgo" // load all the prometheus client-go plugins @@ -39,7 +39,7 @@ func main() { // TODO: once we switch everything over to Cobra commands, we can go back to calling // utilflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the // normalize func and add the go flag set by hand. - pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) // utilflag.InitFlags() logs.InitLogs() defer logs.FlushLogs() diff --git a/cmd/kubeadm/.import-restrictions b/cmd/kubeadm/.import-restrictions index ccb06bb3996..17d0203174a 100644 --- a/cmd/kubeadm/.import-restrictions +++ b/cmd/kubeadm/.import-restrictions @@ -54,9 +54,6 @@ "k8s.io/kubernetes/pkg/apis/core", "k8s.io/kubernetes/pkg/api/service", "k8s.io/kubernetes/pkg/apis/apps", - "k8s.io/kubernetes/pkg/apis/extensions", - "k8s.io/kubernetes/pkg/apis/networking", - "k8s.io/kubernetes/pkg/apis/policy", "k8s.io/kubernetes/pkg/apis/rbac", "k8s.io/kubernetes/pkg/apis/scheduling", "k8s.io/kubernetes/pkg/api/v1/pod", @@ -72,11 +69,6 @@ "k8s.io/kubernetes/pkg/proxy/apis/config", "k8s.io/kubernetes/pkg/registry/core/service/allocator", "k8s.io/kubernetes/pkg/registry/core/service/ipallocator", - "k8s.io/kubernetes/pkg/scheduler/algorithm", - "k8s.io/kubernetes/pkg/scheduler/api", - "k8s.io/kubernetes/pkg/scheduler/nodeinfo", - "k8s.io/kubernetes/pkg/scheduler/internal/cache", - "k8s.io/kubernetes/pkg/scheduler/util", "k8s.io/kubernetes/pkg/security/apparmor", "k8s.io/kubernetes/pkg/serviceaccount", "k8s.io/kubernetes/pkg/util/hash", @@ -89,9 +81,7 @@ "k8s.io/kubernetes/pkg/util/procfs", "k8s.io/kubernetes/pkg/util/taints", "k8s.io/kubernetes/pkg/util/ipvs", - "k8s.io/kubernetes/pkg/version", - "k8s.io/kubernetes/pkg/volume", - "k8s.io/kubernetes/pkg/volume/util" + "k8s.io/kubernetes/pkg/version" ], "ForbiddenPrefixes": [ "k8s.io/kubernetes/pkg/cloudprovider/providers", @@ -130,12 +120,10 @@ "github.com/docker/go-connections/tlsconfig", "github.com/docker/go-units", "github.com/docker/libnetwork/ipvs", - "github.com/ghodss/yaml", "github.com/gogo/protobuf/proto", "github.com/gogo/protobuf/sortkeys", "github.com/golang/groupcache/lru", "github.com/golang/protobuf/proto", - "github.com/golang/protobuf/protoc-gen-go/descriptor", "github.com/golang/protobuf/ptypes", "github.com/googleapis/gnostic/compiler", "github.com/googleapis/gnostic/extensions", @@ -167,11 +155,8 @@ "github.com/lithammer/dedent", "github.com/russross/blackfriday", "github.com/shurcooL/sanitized_anchor_name", - "github.com/sirupsen/logrus", "github.com/spf13/cobra", - "github.com/spf13/pflag", - "github.com/vishvananda/netlink/nl", - "github.com/vishvananda/netns" + "github.com/spf13/pflag" ] }, { @@ -204,7 +189,6 @@ { "SelectorRegexp": "google[.]golang[.]org", "AllowedPrefixes": [ - "google.golang.org/genproto/googleapis/api/annotations", "google.golang.org/genproto/googleapis/rpc/status", "google.golang.org/grpc" ] diff --git a/cmd/kubeadm/OWNERS b/cmd/kubeadm/OWNERS index 7a6ea030db8..9922e34defa 100644 --- a/cmd/kubeadm/OWNERS +++ b/cmd/kubeadm/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - luxas - timothysc diff --git a/cmd/kubeadm/app/BUILD b/cmd/kubeadm/app/BUILD index f7fad736978..3f3441f41e8 100644 --- a/cmd/kubeadm/app/BUILD +++ b/cmd/kubeadm/app/BUILD @@ -11,7 +11,7 @@ go_library( importpath = "k8s.io/kubernetes/cmd/kubeadm/app", deps = [ "//cmd/kubeadm/app/cmd:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], @@ -48,6 +48,7 @@ filegroup( "//cmd/kubeadm/app/phases/patchnode:all-srcs", "//cmd/kubeadm/app/phases/selfhosting:all-srcs", "//cmd/kubeadm/app/phases/upgrade:all-srcs", + "//cmd/kubeadm/app/phases/uploadcerts:all-srcs", "//cmd/kubeadm/app/phases/uploadconfig:all-srcs", "//cmd/kubeadm/app/preflight:all-srcs", "//cmd/kubeadm/app/util:all-srcs", diff --git a/cmd/kubeadm/app/apis/kubeadm/types.go b/cmd/kubeadm/app/apis/kubeadm/types.go index ebbd20d025e..ca41d418c0f 100644 --- a/cmd/kubeadm/app/apis/kubeadm/types.go +++ b/cmd/kubeadm/app/apis/kubeadm/types.go @@ -43,7 +43,7 @@ type InitConfiguration struct { // BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. BootstrapTokens []BootstrapToken - // NodeRegistration holds fields that relate to registering the new master node to the cluster + // NodeRegistration holds fields that relate to registering the new control-plane node to the cluster NodeRegistration NodeRegistrationOptions // LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node @@ -208,7 +208,7 @@ type APIEndpoint struct { BindPort int32 } -// NodeRegistrationOptions holds fields that relate to registering a new master or node to the cluster, either via "kubeadm init" or "kubeadm join" +// NodeRegistrationOptions holds fields that relate to registering a new control-plane or node to the cluster, either via "kubeadm init" or "kubeadm join" type NodeRegistrationOptions struct { // Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm joiń` operation. @@ -220,7 +220,7 @@ type NodeRegistrationOptions struct { CRISocket string // Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process - // it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your master node, set this field to an + // it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an // empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. Taints []v1.Taint @@ -244,7 +244,7 @@ type Networking struct { // TODO: The BootstrapToken object should move out to either k8s.io/client-go or k8s.io/api in the future // (probably as part of Bootstrap Tokens going GA). It should not be staged under the kubeadm API as it is now. type BootstrapToken struct { - // Token is used for establishing bidirectional trust between nodes and masters. + // Token is used for establishing bidirectional trust between nodes and control-planes. // Used for joining nodes in the cluster. Token *BootstrapTokenString // Description sets a human-friendly message why this token exists and what it's used @@ -315,11 +315,11 @@ type ExternalEtcd struct { type JoinConfiguration struct { metav1.TypeMeta - // NodeRegistration holds fields that relate to registering the new master node to the cluster + // NodeRegistration holds fields that relate to registering the new control-plane node to the cluster NodeRegistration NodeRegistrationOptions // CACertPath is the path to the SSL certificate authority used to - // secure comunications between node and master. + // secure comunications between node and control-plane. // Defaults to "/etc/kubernetes/pki/ca.crt". CACertPath string @@ -359,7 +359,7 @@ type Discovery struct { // BootstrapTokenDiscovery is used to set the options for bootstrap token based discovery type BootstrapTokenDiscovery struct { // Token is a token used to validate cluster information - // fetched from the master. + // fetched from the control-plane. Token string // APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. @@ -377,7 +377,7 @@ type BootstrapTokenDiscovery struct { // UnsafeSkipCAVerification allows token-based discovery // without CA verification via CACertHashes. This can weaken - // the security of kubeadm since other nodes can impersonate the master. + // the security of kubeadm since other nodes can impersonate the control-plane. UnsafeSkipCAVerification bool } diff --git a/cmd/kubeadm/app/apis/kubeadm/v1alpha3/types.go b/cmd/kubeadm/app/apis/kubeadm/v1alpha3/types.go index d86270840df..56d9c280fb5 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1alpha3/types.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1alpha3/types.go @@ -42,7 +42,7 @@ type InitConfiguration struct { // This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature BootstrapTokens []BootstrapToken `json:"bootstrapTokens,omitempty"` - // NodeRegistration holds fields that relate to registering the new master node to the cluster + // NodeRegistration holds fields that relate to registering the new control-plane node to the cluster NodeRegistration NodeRegistrationOptions `json:"nodeRegistration,omitempty"` // APIEndpoint represents the endpoint of the instance of the API server to be deployed on this node. @@ -144,7 +144,7 @@ type APIEndpoint struct { BindPort int32 `json:"bindPort"` } -// NodeRegistrationOptions holds fields that relate to registering a new master or node to the cluster, either via "kubeadm init" or "kubeadm join" +// NodeRegistrationOptions holds fields that relate to registering a new control-plane or node to the cluster, either via "kubeadm init" or "kubeadm join" type NodeRegistrationOptions struct { // Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm joiń` operation. @@ -156,7 +156,7 @@ type NodeRegistrationOptions struct { CRISocket string `json:"criSocket,omitempty"` // Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process - // it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your master node, set this field to an + // it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an // empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. Taints []v1.Taint `json:"taints,omitempty"` @@ -178,7 +178,7 @@ type Networking struct { // BootstrapToken describes one bootstrap token, stored as a Secret in the cluster type BootstrapToken struct { - // Token is used for establishing bidirectional trust between nodes and masters. + // Token is used for establishing bidirectional trust between nodes and control-planes. // Used for joining nodes in the cluster. Token *BootstrapTokenString `json:"token"` // Description sets a human-friendly message why this token exists and what it's used @@ -251,18 +251,18 @@ type ExternalEtcd struct { type JoinConfiguration struct { metav1.TypeMeta `json:",inline"` - // NodeRegistration holds fields that relate to registering the new master node to the cluster + // NodeRegistration holds fields that relate to registering the new control-plane node to the cluster NodeRegistration NodeRegistrationOptions `json:"nodeRegistration"` // CACertPath is the path to the SSL certificate authority used to - // secure comunications between node and master. + // secure comunications between node and control-plane. // Defaults to "/etc/kubernetes/pki/ca.crt". CACertPath string `json:"caCertPath"` // DiscoveryFile is a file or url to a kubeconfig file from which to // load cluster information. DiscoveryFile string `json:"discoveryFile"` // DiscoveryToken is a token used to validate cluster information - // fetched from the master. + // fetched from the control-plane. DiscoveryToken string `json:"discoveryToken"` // DiscoveryTokenAPIServers is a set of IPs to API servers from which info // will be fetched. Currently we only pay attention to one API server but @@ -291,7 +291,7 @@ type JoinConfiguration struct { // DiscoveryTokenUnsafeSkipCAVerification allows token-based discovery // without CA verification via DiscoveryTokenCACertHashes. This can weaken - // the security of kubeadm since other nodes can impersonate the master. + // the security of kubeadm since other nodes can impersonate the control-plane. DiscoveryTokenUnsafeSkipCAVerification bool `json:"discoveryTokenUnsafeSkipCAVerification"` // ControlPlane flag specifies that the joining node should host an additional diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go b/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go index 9daf711450a..87c19ab1a7b 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go @@ -42,7 +42,7 @@ type InitConfiguration struct { // This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature BootstrapTokens []BootstrapToken `json:"bootstrapTokens,omitempty"` - // NodeRegistration holds fields that relate to registering the new master node to the cluster + // NodeRegistration holds fields that relate to registering the new control-plane node to the cluster NodeRegistration NodeRegistrationOptions `json:"nodeRegistration,omitempty"` // LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node @@ -191,7 +191,7 @@ type APIEndpoint struct { BindPort int32 `json:"bindPort"` } -// NodeRegistrationOptions holds fields that relate to registering a new master or node to the cluster, either via "kubeadm init" or "kubeadm join" +// NodeRegistrationOptions holds fields that relate to registering a new control-plane or node to the cluster, either via "kubeadm init" or "kubeadm join" type NodeRegistrationOptions struct { // Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm joiń` operation. @@ -203,7 +203,7 @@ type NodeRegistrationOptions struct { CRISocket string `json:"criSocket,omitempty"` // Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process - // it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your master node, set this field to an + // it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an // empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration. Taints []v1.Taint `json:"taints,omitempty"` @@ -225,7 +225,7 @@ type Networking struct { // BootstrapToken describes one bootstrap token, stored as a Secret in the cluster type BootstrapToken struct { - // Token is used for establishing bidirectional trust between nodes and masters. + // Token is used for establishing bidirectional trust between nodes and control-planes. // Used for joining nodes in the cluster. Token *BootstrapTokenString `json:"token"` // Description sets a human-friendly message why this token exists and what it's used @@ -301,11 +301,11 @@ type ExternalEtcd struct { type JoinConfiguration struct { metav1.TypeMeta `json:",inline"` - // NodeRegistration holds fields that relate to registering the new master node to the cluster + // NodeRegistration holds fields that relate to registering the new control-plane node to the cluster NodeRegistration NodeRegistrationOptions `json:"nodeRegistration"` // CACertPath is the path to the SSL certificate authority used to - // secure comunications between node and master. + // secure comunications between node and control-plane. // Defaults to "/etc/kubernetes/pki/ca.crt". CACertPath string `json:"caCertPath"` @@ -345,7 +345,7 @@ type Discovery struct { // BootstrapTokenDiscovery is used to set the options for bootstrap token based discovery type BootstrapTokenDiscovery struct { // Token is a token used to validate cluster information - // fetched from the master. + // fetched from the control-plane. Token string `json:"token"` // APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. @@ -363,7 +363,7 @@ type BootstrapTokenDiscovery struct { // UnsafeSkipCAVerification allows token-based discovery // without CA verification via CACertHashes. This can weaken - // the security of kubeadm since other nodes can impersonate the master. + // the security of kubeadm since other nodes can impersonate the control-plane. UnsafeSkipCAVerification bool `json:"unsafeSkipCAVerification"` } diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go index ac0465eb3bf..c85d35348d6 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go @@ -1,5 +1,5 @@ /* -Copyright 2016 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -402,8 +402,8 @@ func ValidateMixedArguments(flag *pflag.FlagSet) error { mixedInvalidFlags := []string{} flag.Visit(func(f *pflag.Flag) { - if f.Name == "config" || f.Name == "ignore-preflight-errors" || strings.HasPrefix(f.Name, "skip-") || f.Name == "dry-run" || f.Name == "kubeconfig" || f.Name == "v" || f.Name == "rootfs" || f.Name == "print-join-command" || f.Name == "node-name" || f.Name == "cri-socket" { - // "--skip-*" flags or other whitelisted flags can be set with --config + if isAllowedFlag(f.Name) { + // "--skip-*" flags or other allowed flags can be set with --config return } mixedInvalidFlags = append(mixedInvalidFlags, f.Name) @@ -415,6 +415,22 @@ func ValidateMixedArguments(flag *pflag.FlagSet) error { return nil } +func isAllowedFlag(flagName string) bool { + knownFlags := sets.NewString(kubeadmcmdoptions.CfgPath, + kubeadmcmdoptions.IgnorePreflightErrors, + kubeadmcmdoptions.DryRun, + kubeadmcmdoptions.KubeconfigPath, + kubeadmcmdoptions.NodeName, + kubeadmcmdoptions.NodeCRISocket, + kubeadmcmdoptions.KubeconfigDir, + kubeadmcmdoptions.UploadCerts, + "print-join-command", "rootfs", "v") + if knownFlags.Has(flagName) { + return true + } + return strings.HasPrefix(flagName, "skip-") +} + // ValidateFeatureGates validates provided feature gates func ValidateFeatureGates(featureGates map[string]bool, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go index 5e7c058681a..790ebb956dd 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go @@ -354,7 +354,7 @@ func TestValidateInitConfiguration(t *testing.T) { s *kubeadm.InitConfiguration expected bool }{ - {"invalid missing master configuration", + {"invalid missing InitConfiguration", &kubeadm.InitConfiguration{}, false}, {"invalid missing token with IPv4 service subnet", &kubeadm.InitConfiguration{ @@ -400,7 +400,7 @@ func TestValidateInitConfiguration(t *testing.T) { CertificatesDir: "/some/other/cert/dir", }, }, false}, - {"valid master configuration with incorrect IPv4 pod subnet", + {"valid InitConfiguration with incorrect IPv4 pod subnet", &kubeadm.InitConfiguration{ LocalAPIEndpoint: kubeadm.APIEndpoint{ AdvertiseAddress: "1.2.3.4", @@ -416,7 +416,7 @@ func TestValidateInitConfiguration(t *testing.T) { }, NodeRegistration: kubeadm.NodeRegistrationOptions{Name: nodename, CRISocket: "/some/path"}, }, false}, - {"valid master configuration with IPv4 service subnet", + {"valid InitConfiguration with IPv4 service subnet", &kubeadm.InitConfiguration{ LocalAPIEndpoint: kubeadm.APIEndpoint{ AdvertiseAddress: "1.2.3.4", @@ -463,7 +463,7 @@ func TestValidateInitConfiguration(t *testing.T) { }, NodeRegistration: kubeadm.NodeRegistrationOptions{Name: nodename, CRISocket: "/some/path"}, }, true}, - {"valid master configuration using IPv6 service subnet", + {"valid InitConfiguration using IPv6 service subnet", &kubeadm.InitConfiguration{ LocalAPIEndpoint: kubeadm.APIEndpoint{ AdvertiseAddress: "1:2:3::4", diff --git a/cmd/kubeadm/app/cmd/BUILD b/cmd/kubeadm/app/cmd/BUILD index 97cdbf1c563..772da2d909d 100644 --- a/cmd/kubeadm/app/cmd/BUILD +++ b/cmd/kubeadm/app/cmd/BUILD @@ -40,11 +40,7 @@ go_library( "//cmd/kubeadm/app/images:go_default_library", "//cmd/kubeadm/app/phases/bootstraptoken/node:go_default_library", "//cmd/kubeadm/app/phases/certs:go_default_library", - "//cmd/kubeadm/app/phases/etcd:go_default_library", "//cmd/kubeadm/app/phases/kubeconfig:go_default_library", - "//cmd/kubeadm/app/phases/kubelet:go_default_library", - "//cmd/kubeadm/app/phases/markcontrolplane:go_default_library", - "//cmd/kubeadm/app/phases/patchnode:go_default_library", "//cmd/kubeadm/app/phases/uploadconfig:go_default_library", "//cmd/kubeadm/app/preflight:go_default_library", "//cmd/kubeadm/app/util:go_default_library", @@ -59,11 +55,9 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/fields:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/duration:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/version:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd/api:go_default_library", - "//staging/src/k8s.io/client-go/util/cert:go_default_library", "//staging/src/k8s.io/cluster-bootstrap/token/api:go_default_library", "//staging/src/k8s.io/cluster-bootstrap/token/util:go_default_library", "//vendor/github.com/lithammer/dedent:go_default_library", diff --git a/cmd/kubeadm/app/cmd/alpha/certs.go b/cmd/kubeadm/app/cmd/alpha/certs.go index dfba33209d1..0c6b65ed47a 100644 --- a/cmd/kubeadm/app/cmd/alpha/certs.go +++ b/cmd/kubeadm/app/cmd/alpha/certs.go @@ -135,7 +135,7 @@ func addFlags(cmd *cobra.Command, cfg *renewConfig) { func generateRenewalFunction(cert *certsphase.KubeadmCert, caCert *certsphase.KubeadmCert, cfg *renewConfig) func() { return func() { - internalcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(cfg.cfgPath, &cfg.cfg) + internalcfg, err := configutil.LoadOrDefaultInitConfiguration(cfg.cfgPath, &cfg.cfg) kubeadmutil.CheckErr(err) if cfg.useCSR { diff --git a/cmd/kubeadm/app/cmd/alpha/kubeconfig.go b/cmd/kubeadm/app/cmd/alpha/kubeconfig.go index 0c25c368a23..6d28a2d5387 100644 --- a/cmd/kubeadm/app/cmd/alpha/kubeconfig.go +++ b/cmd/kubeadm/app/cmd/alpha/kubeconfig.go @@ -79,8 +79,8 @@ func newCmdUserKubeConfig(out io.Writer) *cobra.Command { kubeadmutil.CheckErr(errors.New("missing required argument --client-name")) } - // This call returns the ready-to-use configuration based on the configuration file that might or might not exist and the default cfg populated by flags - internalcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig("", cfg) + // This call returns the ready-to-use configuration based on the default cfg populated by flags + internalcfg, err := configutil.DefaultedInitConfiguration(cfg) kubeadmutil.CheckErr(err) // if the kubeconfig file for an additional user has to use a token, use it diff --git a/cmd/kubeadm/app/cmd/alpha/selfhosting.go b/cmd/kubeadm/app/cmd/alpha/selfhosting.go index 31329bb4cb6..26ba71a42e8 100644 --- a/cmd/kubeadm/app/cmd/alpha/selfhosting.go +++ b/cmd/kubeadm/app/cmd/alpha/selfhosting.go @@ -124,11 +124,11 @@ func getSelfhostingSubCommand(in io.Reader) *cobra.Command { kubeadmutil.CheckErr(err) // KubernetesVersion is not used, but we set it explicitly to avoid the lookup - // of the version from the internet when executing ConfigFileAndDefaultsToInternalConfig + // of the version from the internet when executing LoadOrDefaultInitConfiguration phases.SetKubernetesVersion(&cfg.ClusterConfiguration) // This call returns the ready-to-use configuration based on the configuration file that might or might not exist and the default cfg populated by flags - internalcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(cfgPath, cfg) + internalcfg, err := configutil.LoadOrDefaultInitConfiguration(cfgPath, cfg) kubeadmutil.CheckErr(err) // Converts the Static Pod-hosted control plane into a self-hosted one diff --git a/cmd/kubeadm/app/cmd/config.go b/cmd/kubeadm/app/cmd/config.go index 5fa6acbde45..b846d2eb33b 100644 --- a/cmd/kubeadm/app/cmd/config.go +++ b/cmd/kubeadm/app/cmd/config.go @@ -178,7 +178,7 @@ func getSupportedComponentConfigAPIObjects() []string { } func getDefaultedInitConfig() (*kubeadmapi.InitConfiguration, error) { - return configutil.ConfigFileAndDefaultsToInternalConfig("", &kubeadmapiv1beta1.InitConfiguration{ + return configutil.DefaultedInitConfiguration(&kubeadmapiv1beta1.InitConfiguration{ // TODO: Probably move to getDefaultedClusterConfig? LocalAPIEndpoint: kubeadmapiv1beta1.APIEndpoint{AdvertiseAddress: "1.2.3.4"}, ClusterConfiguration: kubeadmapiv1beta1.ClusterConfiguration{ @@ -201,7 +201,7 @@ func getDefaultInitConfigBytes() ([]byte, error) { } func getDefaultNodeConfigBytes() ([]byte, error) { - internalcfg, err := configutil.JoinConfigFileAndDefaultsToInternalConfig("", &kubeadmapiv1beta1.JoinConfiguration{ + internalcfg, err := configutil.DefaultedJoinConfiguration(&kubeadmapiv1beta1.JoinConfiguration{ Discovery: kubeadmapiv1beta1.Discovery{ BootstrapToken: &kubeadmapiv1beta1.BootstrapTokenDiscovery{ Token: placeholderToken.Token.String(), @@ -246,7 +246,10 @@ func NewCmdConfigMigrate(out io.Writer) *cobra.Command { kubeadmutil.CheckErr(errors.New("The --old-config flag is mandatory")) } - outputBytes, err := configutil.MigrateOldConfigFromFile(oldCfgPath) + oldCfgBytes, err := ioutil.ReadFile(oldCfgPath) + kubeadmutil.CheckErr(err) + + outputBytes, err := configutil.MigrateOldConfig(oldCfgBytes) kubeadmutil.CheckErr(err) if newCfgPath == "" { @@ -320,12 +323,13 @@ func NewCmdConfigUploadFromFile(out io.Writer, kubeConfigFile *string) *cobra.Co client, err := kubeconfigutil.ClientSetFromFile(*kubeConfigFile) kubeadmutil.CheckErr(err) - // The default configuration is empty; everything should come from the file on disk - klog.V(1).Infoln("[config] creating empty default configuration") - defaultcfg := &kubeadmapiv1beta1.InitConfiguration{} - // Upload the configuration using the file; don't care about the defaultcfg really + // Default both statically and dynamically, convert to internal API type, and validate everything + internalcfg, err := configutil.LoadInitConfigurationFromFile(cfgPath) + kubeadmutil.CheckErr(err) + + // Upload the configuration using the file klog.V(1).Infof("[config] uploading configuration") - err = uploadConfiguration(client, cfgPath, defaultcfg) + err = uploadconfig.UploadConfiguration(internalcfg, client) kubeadmutil.CheckErr(err) }, } @@ -360,10 +364,18 @@ func NewCmdConfigUploadFromFlags(out io.Writer, kubeConfigFile *string) *cobra.C client, err := kubeconfigutil.ClientSetFromFile(*kubeConfigFile) kubeadmutil.CheckErr(err) + // KubernetesVersion is not used, but we set it explicitly to avoid the lookup + // of the version from the internet when executing DefaultedInitConfiguration + phaseutil.SetKubernetesVersion(&cfg.ClusterConfiguration) + // Default both statically and dynamically, convert to internal API type, and validate everything - // The cfgPath argument is unset here as we shouldn't load a config file from disk, just go with cfg + klog.V(1).Infoln("[config] converting to internal API type") + internalcfg, err := configutil.DefaultedInitConfiguration(cfg) + kubeadmutil.CheckErr(err) + + // Finally, upload the configuration klog.V(1).Infof("[config] uploading configuration") - err = uploadConfiguration(client, "", cfg) + err = uploadconfig.UploadConfiguration(internalcfg, client) kubeadmutil.CheckErr(err) }, } @@ -384,24 +396,6 @@ func RunConfigView(out io.Writer, client clientset.Interface) error { return nil } -// uploadConfiguration handles the uploading of the configuration internally -func uploadConfiguration(client clientset.Interface, cfgPath string, defaultcfg *kubeadmapiv1beta1.InitConfiguration) error { - // KubernetesVersion is not used, but we set it explicitly to avoid the lookup - // of the version from the internet when executing ConfigFileAndDefaultsToInternalConfig - phaseutil.SetKubernetesVersion(&defaultcfg.ClusterConfiguration) - - // Default both statically and dynamically, convert to internal API type, and validate everything - // First argument is unset here as we shouldn't load a config file from disk - klog.V(1).Infoln("[config] converting to internal API type") - internalcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(cfgPath, defaultcfg) - if err != nil { - return err - } - - // Then just call the uploadconfig phase to do the rest of the work - return uploadconfig.UploadConfiguration(internalcfg, client) -} - // NewCmdConfigImages returns the "kubeadm config images" command func NewCmdConfigImages(out io.Writer) *cobra.Command { cmd := &cobra.Command{ @@ -427,7 +421,7 @@ func NewCmdConfigImagesPull() *cobra.Command { Run: func(_ *cobra.Command, _ []string) { externalcfg.ClusterConfiguration.FeatureGates, err = features.NewFeatureGate(&features.InitFeatureGates, featureGatesString) kubeadmutil.CheckErr(err) - internalcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(cfgPath, externalcfg) + internalcfg, err := configutil.LoadOrDefaultInitConfiguration(cfgPath, externalcfg) kubeadmutil.CheckErr(err) containerRuntime, err := utilruntime.NewContainerRuntime(utilsexec.New(), internalcfg.GetCRISocket()) kubeadmutil.CheckErr(err) @@ -496,7 +490,7 @@ func NewCmdConfigImagesList(out io.Writer, mockK8sVersion *string) *cobra.Comman // NewImagesList returns the underlying struct for the "kubeadm config images list" command func NewImagesList(cfgPath string, cfg *kubeadmapiv1beta1.InitConfiguration) (*ImagesList, error) { - initcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(cfgPath, cfg) + initcfg, err := configutil.LoadOrDefaultInitConfiguration(cfgPath, cfg) if err != nil { return nil, errors.Wrap(err, "could not convert cfg to an internal cfg") } diff --git a/cmd/kubeadm/app/cmd/config_test.go b/cmd/kubeadm/app/cmd/config_test.go index 5fb5777c30a..7445b982f58 100644 --- a/cmd/kubeadm/app/cmd/config_test.go +++ b/cmd/kubeadm/app/cmd/config_test.go @@ -275,7 +275,7 @@ func TestMigrate(t *testing.T) { t.Fatalf("failed to set new-config flag") } command.Run(nil, nil) - if _, err := configutil.ConfigFileAndDefaultsToInternalConfig(newConfigPath, &kubeadmapiv1beta1.InitConfiguration{}); err != nil { + if _, err := configutil.LoadInitConfigurationFromFile(newConfigPath); err != nil { t.Fatalf("Could not read output back into internal type: %v", err) } } diff --git a/cmd/kubeadm/app/cmd/init.go b/cmd/kubeadm/app/cmd/init.go index b73df6179c5..b1c345ca921 100644 --- a/cmd/kubeadm/app/cmd/init.go +++ b/cmd/kubeadm/app/cmd/init.go @@ -1,5 +1,5 @@ /* -Copyright 2018 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -51,7 +51,7 @@ import ( var ( initDoneTempl = template.Must(template.New("init").Parse(dedent.Dedent(` - Your Kubernetes master has initialized successfully! + Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: @@ -69,26 +69,6 @@ var ( {{.joinCommand}} `))) - - kubeletFailTempl = template.Must(template.New("init").Parse(dedent.Dedent(` - Unfortunately, an error has occurred: - {{ .Error }} - - This error is likely caused by: - - The kubelet is not running - - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled) - - If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands: - - 'systemctl status kubelet' - - 'journalctl -xeu kubelet' - - Additionally, a control plane component may have crashed or exited when started by the container runtime. - To troubleshoot, list all containers using your preferred container runtimes CLI, e.g. docker. - Here is one example how you may list all Kubernetes containers running in docker: - - 'docker ps -a | grep kube | grep -v pause' - Once you have found the failing container, you can inspect its logs with: - - 'docker logs CONTAINERID' - `))) ) // initOptions defines all the init options exposed via flags by kubeadm init. @@ -104,9 +84,10 @@ type initOptions struct { ignorePreflightErrors []string bto *options.BootstrapTokenOptions externalcfg *kubeadmapiv1beta1.InitConfiguration + uploadCerts bool } -// initData defines all the runtime information used when running the kubeadm init worklow; +// initData defines all the runtime information used when running the kubeadm init workflow; // this data is shared across all the phases that are included in the workflow. type initData struct { cfg *kubeadmapi.InitConfiguration @@ -121,6 +102,8 @@ type initData struct { client clientset.Interface waiter apiclient.Waiter outputWriter io.Writer + uploadCerts bool + certificateKey string } // NewCmdInit returns "kubeadm init" command. @@ -154,7 +137,7 @@ func NewCmdInit(out io.Writer, initOptions *initOptions) *cobra.Command { // adds flags to the init command // init command local flags could be eventually inherited by the sub-commands automatically generated for phases AddInitConfigFlags(cmd.Flags(), initOptions.externalcfg, &initOptions.featureGatesString) - AddInitOtherFlags(cmd.Flags(), &initOptions.cfgPath, &initOptions.skipTokenPrint, &initOptions.dryRun, &initOptions.ignorePreflightErrors) + AddInitOtherFlags(cmd.Flags(), &initOptions.cfgPath, &initOptions.skipTokenPrint, &initOptions.dryRun, &initOptions.uploadCerts, &initOptions.ignorePreflightErrors) initOptions.bto.AddTokenFlag(cmd.Flags()) initOptions.bto.AddTTLFlag(cmd.Flags()) options.AddImageMetaFlags(cmd.Flags(), &initOptions.externalcfg.ImageRepository) @@ -176,6 +159,7 @@ func NewCmdInit(out io.Writer, initOptions *initOptions) *cobra.Command { initRunner.AppendPhase(phases.NewEtcdPhase()) initRunner.AppendPhase(phases.NewWaitControlPlanePhase()) initRunner.AppendPhase(phases.NewUploadConfigPhase()) + initRunner.AppendPhase(phases.NewUploadCertsPhase()) initRunner.AppendPhase(phases.NewMarkControlPlanePhase()) initRunner.AppendPhase(phases.NewBootstrapTokenPhase()) initRunner.AppendPhase(phases.NewAddonPhase()) @@ -237,27 +221,35 @@ func AddInitConfigFlags(flagSet *flag.FlagSet, cfg *kubeadmapiv1beta1.InitConfig } // AddInitOtherFlags adds init flags that are not bound to a configuration file to the given flagset -func AddInitOtherFlags(flagSet *flag.FlagSet, cfgPath *string, skipTokenPrint, dryRun *bool, ignorePreflightErrors *[]string) { +// Note: All flags that are not bound to the cfg object should be allowed in cmd/kubeadm/app/apis/kubeadm/validation/validation.go +func AddInitOtherFlags( + flagSet *flag.FlagSet, + cfgPath *string, + skipTokenPrint, dryRun, uploadCerts *bool, + ignorePreflightErrors *[]string, +) { options.AddConfigFlag(flagSet, cfgPath) flagSet.StringSliceVar( ignorePreflightErrors, options.IgnorePreflightErrors, *ignorePreflightErrors, "A list of checks whose errors will be shown as warnings. Example: 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks.", ) - // Note: All flags that are not bound to the cfg object should be whitelisted in cmd/kubeadm/app/apis/kubeadm/validation/validation.go flagSet.BoolVar( skipTokenPrint, options.SkipTokenPrint, *skipTokenPrint, "Skip printing of the default bootstrap token generated by 'kubeadm init'.", ) - // Note: All flags that are not bound to the cfg object should be whitelisted in cmd/kubeadm/app/apis/kubeadm/validation/validation.go flagSet.BoolVar( dryRun, options.DryRun, *dryRun, "Don't apply any changes; just output what would be done.", ) + flagSet.BoolVar( + uploadCerts, options.UploadCerts, *uploadCerts, + "Upload certfificates to kubeadm-certs secret.", + ) } // newInitOptions returns a struct ready for being used for creating cmd init flags. func newInitOptions() *initOptions { - // initialize the public kubeadm config API by appling defaults + // initialize the public kubeadm config API by applying defaults externalcfg := &kubeadmapiv1beta1.InitConfiguration{} kubeadmscheme.Scheme.Default(externalcfg) @@ -270,6 +262,7 @@ func newInitOptions() *initOptions { bto: bto, kubeconfigDir: kubeadmconstants.KubernetesDir, kubeconfigPath: kubeadmconstants.GetAdminKubeConfigPath(), + uploadCerts: false, } } @@ -302,7 +295,7 @@ func newInitData(cmd *cobra.Command, args []string, options *initOptions, out io // Either use the config file if specified, or convert public kubeadm API to the internal InitConfiguration // and validates InitConfiguration - cfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(options.cfgPath, options.externalcfg) + cfg, err := configutil.LoadOrDefaultInitConfiguration(options.cfgPath, options.externalcfg) if err != nil { return nil, err } @@ -333,13 +326,16 @@ func newInitData(cmd *cobra.Command, args []string, options *initOptions, out io // Checks if an external CA is provided by the user. externalCA, _ := certsphase.UsingExternalCA(&cfg.ClusterConfiguration) if externalCA { - kubeconfigDir := kubeadmconstants.KubernetesDir + kubeconfigDir := options.kubeconfigDir if options.dryRun { kubeconfigDir = dryRunDir } if err := kubeconfigphase.ValidateKubeconfigsForExternalCA(kubeconfigDir, cfg); err != nil { return nil, err } + if options.uploadCerts { + return nil, errors.New("can't use externalCA mode and upload-certs") + } } return &initData{ @@ -353,9 +349,25 @@ func newInitData(cmd *cobra.Command, args []string, options *initOptions, out io ignorePreflightErrors: ignorePreflightErrorsSet, externalCA: externalCA, outputWriter: out, + uploadCerts: options.uploadCerts, }, nil } +// UploadCerts returns Uploadcerts flag. +func (d *initData) UploadCerts() bool { + return d.uploadCerts +} + +// CertificateKey returns the key used to encrypt the certs. +func (d *initData) CertificateKey() string { + return d.certificateKey +} + +// SetCertificateKey set the key used to encrypt the certs. +func (d *initData) SetCertificateKey(key string) { + d.certificateKey = key +} + // Cfg returns initConfiguration. func (d *initData) Cfg() *kubeadmapi.InitConfiguration { return d.cfg @@ -437,7 +449,7 @@ func (d *initData) OutputWriter() io.Writer { func (d *initData) Client() (clientset.Interface, error) { if d.client == nil { if d.dryRun { - // If we're dry-running; we should create a faked client that answers some GETs in order to be able to do the full init flow and just logs the rest of requests + // If we're dry-running, we should create a faked client that answers some GETs in order to be able to do the full init flow and just logs the rest of requests dryRunGetter := apiclient.NewInitDryRunGetter(d.cfg.NodeRegistration.Name, d.cfg.Networking.ServiceSubnet) d.client = apiclient.NewDryRunClient(dryRunGetter, os.Stdout) } else { @@ -461,8 +473,8 @@ func (d *initData) Tokens() []string { return tokens } -func printJoinCommand(out io.Writer, adminKubeConfigPath, token string, skipTokenPrint bool) error { - joinCommand, err := cmdutil.GetJoinCommand(adminKubeConfigPath, token, skipTokenPrint) +func printJoinCommand(out io.Writer, adminKubeConfigPath, token, key string, skipTokenPrint, uploadCerts bool) error { + joinCommand, err := cmdutil.GetJoinCommand(adminKubeConfigPath, token, key, skipTokenPrint, uploadCerts) if err != nil { return err } @@ -492,7 +504,7 @@ func showJoinCommand(i *initData, out io.Writer) error { // Prints the join command, multiple times in case the user has multiple tokens for _, token := range i.Tokens() { - if err := printJoinCommand(out, adminKubeConfigPath, token, i.skipTokenPrint); err != nil { + if err := printJoinCommand(out, adminKubeConfigPath, token, i.certificateKey, i.skipTokenPrint, i.uploadCerts); err != nil { return errors.Wrap(err, "failed to print join command") } } diff --git a/cmd/kubeadm/app/cmd/join.go b/cmd/kubeadm/app/cmd/join.go index 92bc369c64d..fdb44537c2f 100644 --- a/cmd/kubeadm/app/cmd/join.go +++ b/cmd/kubeadm/app/cmd/join.go @@ -1,5 +1,5 @@ /* -Copyright 2016 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -20,7 +20,6 @@ import ( "fmt" "io" "os" - "path/filepath" "text/template" "github.com/lithammer/dedent" @@ -28,10 +27,8 @@ import ( "github.com/spf13/cobra" flag "github.com/spf13/pflag" "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" - certutil "k8s.io/client-go/util/cert" "k8s.io/klog" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmscheme "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/scheme" @@ -43,17 +40,9 @@ import ( cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" "k8s.io/kubernetes/cmd/kubeadm/app/discovery" - etcdphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/etcd" - kubeletphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubelet" - markcontrolplanephase "k8s.io/kubernetes/cmd/kubeadm/app/phases/markcontrolplane" - patchnodephase "k8s.io/kubernetes/cmd/kubeadm/app/phases/patchnode" - uploadconfigphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/uploadconfig" - "k8s.io/kubernetes/cmd/kubeadm/app/preflight" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" - "k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient" configutil "k8s.io/kubernetes/cmd/kubeadm/app/util/config" kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig" - utilsexec "k8s.io/utils/exec" ) var ( @@ -62,7 +51,7 @@ var ( * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. - Run 'kubectl get nodes' on the master to see this node join the cluster. + Run 'kubectl get nodes' on the control-plane to see this node join the cluster. `) @@ -71,7 +60,7 @@ var ( * Certificate signing request was sent to apiserver and approval was received. * The Kubelet was informed of the new secure connection details. - * Master label and taint were applied to the new node. + * Control plane (master) label and taint were applied to the new node. * The Kubernetes control plane instances scaled up. {{.etcdMessage}} @@ -88,8 +77,8 @@ var ( joinLongDescription = dedent.Dedent(` When joining a kubeadm initialized cluster, we need to establish bidirectional trust. This is split into discovery (having the Node - trust the Kubernetes Master) and TLS bootstrap (having the Kubernetes - Master trust the Node). + trust the Kubernetes Control Plane) and TLS bootstrap (having the + Kubernetes Control Plane trust the Node). There are 2 main schemes for discovery. The first is to use a shared token along with the IP address of the API server. The second is to @@ -104,8 +93,8 @@ var ( If you use a shared token for discovery, you should also pass the --discovery-token-ca-cert-hash flag to validate the public key of the - root certificate authority (CA) presented by the Kubernetes Master. The - value of this flag is specified as ":", + root certificate authority (CA) presented by the Kubernetes Control Plane. + The value of this flag is specified as ":", where the supported hash type is "sha256". The hash is calculated over the bytes of the Subject Public Key Info (SPKI) object (as in RFC7469). This value is available in the output of "kubeadm init" or can be @@ -115,31 +104,18 @@ var ( If you cannot know the CA public key hash ahead of time, you can pass the --discovery-token-unsafe-skip-ca-verification flag to disable this verification. This weakens the kubeadm security model since other nodes - can potentially impersonate the Kubernetes Master. + can potentially impersonate the Kubernetes Control Plane. The TLS bootstrap mechanism is also driven via a shared token. This is - used to temporarily authenticate with the Kubernetes Master to submit a + used to temporarily authenticate with the Kubernetes Control Plane to submit a certificate signing request (CSR) for a locally created key pair. By - default, kubeadm will set up the Kubernetes Master to automatically + default, kubeadm will set up the Kubernetes Control Plane to automatically approve these signing requests. This token is passed in with the --tls-bootstrap-token abcdef.1234567890abcdef flag. Often times the same token is used for both parts. In this case, the --token flag can be used instead of specifying each token individually. `) - - kubeadmJoinFailMsg = dedent.Dedent(` - Unfortunately, an error has occurred: - %v - - This error is likely caused by: - - The kubelet is not running - - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled) - - If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands: - - 'systemctl status kubelet' - - 'journalctl -xeu kubelet' - `) ) // joinOptions defines all the options exposed via flags by kubeadm join. @@ -157,6 +133,7 @@ type joinOptions struct { // this data is shared across all the phases that are included in the workflow. type joinData struct { cfg *kubeadmapi.JoinConfiguration + skipTokenPrint bool initCfg *kubeadmapi.InitConfiguration tlsBootstrapCfg *clientcmdapi.Config clientSets map[string]*clientset.Clientset @@ -182,16 +159,32 @@ func NewCmdJoin(out io.Writer, joinOptions *joinOptions) *cobra.Command { c, err := joinRunner.InitData(args) kubeadmutil.CheckErr(err) + data := c.(*joinData) + err = joinRunner.Run(args) kubeadmutil.CheckErr(err) - // TODO: remove this once we have all phases in place. - // the method joinData.Run() itself should be removed too. - data := c.(*joinData) - err = data.Run() - kubeadmutil.CheckErr(err) + // if the node is hosting a new control plane instance + if data.cfg.ControlPlane != nil { + // outputs the join control plane done message and exit + etcdMessage := "" + if data.initCfg.Etcd.External == nil { + etcdMessage = "* A new etcd member was added to the local/stacked etcd cluster." + } + + ctx := map[string]string{ + "KubeConfigPath": data.KubeConfigPath(), + "etcdMessage": etcdMessage, + } + joinControPlaneDoneTemp.Execute(data.outputWriter, ctx) + + } else { + // otherwise, if the node joined as a worker node; + // outputs the join done message and exit + fmt.Fprintf(data.outputWriter, joinWorkerNodeDoneMsg) + } }, - // We accept the master location as an optional positional argument + // We accept the control-plane location as an optional positional argument Args: cobra.MaximumNArgs(1), } @@ -201,6 +194,8 @@ func NewCmdJoin(out io.Writer, joinOptions *joinOptions) *cobra.Command { joinRunner.AppendPhase(phases.NewPreflightPhase()) joinRunner.AppendPhase(phases.NewControlPlanePreparePhase()) joinRunner.AppendPhase(phases.NewCheckEtcdPhase()) + joinRunner.AppendPhase(phases.NewKubeletStartPhase()) + joinRunner.AppendPhase(phases.NewControlPlaneJoinPhase()) // sets the data builder function, that will be used by the runner // both when running the entire workflow or single phases @@ -250,7 +245,7 @@ func addJoinConfigFlags(flagSet *flag.FlagSet, cfg *kubeadmapiv1beta1.JoinConfig ) flagSet.StringVar( &cfg.Discovery.TLSBootstrapToken, options.TLSBootstrapToken, cfg.Discovery.TLSBootstrapToken, - `Specify the token used to temporarily authenticate with the Kubernetes Master while joining the node.`, + `Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.`, ) cmdutil.AddCRISocketFlag(flagSet, &cfg.NodeRegistration.CRISocket) } @@ -353,7 +348,7 @@ func newJoinData(cmd *cobra.Command, args []string, options *joinOptions, out io klog.V(1).Infoln("[join] found advertiseAddress empty; using default interface's IP address as advertiseAddress") } - cfg, err := configutil.JoinConfigFileAndDefaultsToInternalConfig(options.cfgPath, options.externalcfg) + cfg, err := configutil.LoadOrDefaultJoinConfiguration(options.cfgPath, options.externalcfg) if err != nil { return nil, err } @@ -385,6 +380,11 @@ func (j *joinData) Cfg() *kubeadmapi.JoinConfiguration { return j.cfg } +// KubeConfigPath returns the default kubeconfig path. +func (j *joinData) KubeConfigPath() string { + return kubeadmconstants.GetAdminKubeConfigPath() +} + // TLSBootstrapCfg returns the cluster-info (kubeconfig). func (j *joinData) TLSBootstrapCfg() (*clientcmdapi.Config, error) { if j.tlsBootstrapCfg != nil { @@ -432,187 +432,6 @@ func (j *joinData) OutputWriter() io.Writer { return j.outputWriter } -// Run executes worker node provisioning and tries to join an existing cluster. -func (j *joinData) Run() error { - // Fetch the init configuration based on the join configuration. - // TODO: individual phases should call these: - // - phases that need initCfg should call joinData.InitCfg(). - // - phases that need tlsBootstrapCfg should call joinData.TLSBootstrapCfg(). - tlsBootstrapCfg, err := j.TLSBootstrapCfg() - if err != nil { - return err - } - initCfg, err := j.InitCfg() - if err != nil { - return err - } - - // Executes the kubelet TLS bootstrap process, that completes with the node - // joining the cluster with a dedicates set of credentials as required by - // the node authorizer. - // if the node is hosting a new control plane instance, since it uses static pods for the control plane, - // as soon as the kubelet starts it will take charge of creating control plane - // components on the node. - if err := j.BootstrapKubelet(tlsBootstrapCfg, initCfg); err != nil { - return err - } - - // if the node is hosting a new control plane instance - if j.cfg.ControlPlane != nil { - // Completes the control plane setup - if err := j.PostInstallControlPlane(initCfg); err != nil { - return err - } - - // outputs the join control plane done template and exits - etcdMessage := "" - // in case of local etcd - if initCfg.Etcd.External == nil { - etcdMessage = "* A new etcd member was added to the local/stacked etcd cluster." - } - - ctx := map[string]string{ - "KubeConfigPath": kubeadmconstants.GetAdminKubeConfigPath(), - "etcdMessage": etcdMessage, - } - joinControPlaneDoneTemp.Execute(j.outputWriter, ctx) - return nil - } - - // otherwise, if the node joined as a worker node; - // outputs the join done message and exits - fmt.Fprintf(j.outputWriter, joinWorkerNodeDoneMsg) - return nil -} - -// BootstrapKubelet executes the kubelet TLS bootstrap process. -// This process is executed by the kubelet and completes with the node joining the cluster -// with a dedicates set of credentials as required by the node authorizer -func (j *joinData) BootstrapKubelet(tlsBootstrapCfg *clientcmdapi.Config, initConfiguration *kubeadmapi.InitConfiguration) error { - bootstrapKubeConfigFile := kubeadmconstants.GetBootstrapKubeletKubeConfigPath() - - // Write the bootstrap kubelet config file or the TLS-Boostrapped kubelet config file down to disk - klog.V(1).Infoln("[join] writing bootstrap kubelet config file at", bootstrapKubeConfigFile) - if err := kubeconfigutil.WriteToDisk(bootstrapKubeConfigFile, tlsBootstrapCfg); err != nil { - return errors.Wrap(err, "couldn't save bootstrap-kubelet.conf to disk") - } - - // Write the ca certificate to disk so kubelet can use it for authentication - cluster := tlsBootstrapCfg.Contexts[tlsBootstrapCfg.CurrentContext].Cluster - if _, err := os.Stat(j.cfg.CACertPath); os.IsNotExist(err) { - if err := certutil.WriteCert(j.cfg.CACertPath, tlsBootstrapCfg.Clusters[cluster].CertificateAuthorityData); err != nil { - return errors.Wrap(err, "couldn't save the CA certificate to disk") - } - } - - kubeletVersion, err := preflight.GetKubeletVersion(utilsexec.New()) - if err != nil { - return err - } - - bootstrapClient, err := kubeconfigutil.ClientSetFromFile(bootstrapKubeConfigFile) - if err != nil { - return errors.Errorf("couldn't create client from kubeconfig file %q", bootstrapKubeConfigFile) - } - - // Configure the kubelet. In this short timeframe, kubeadm is trying to stop/restart the kubelet - // Try to stop the kubelet service so no race conditions occur when configuring it - klog.V(1).Infof("Stopping the kubelet") - kubeletphase.TryStopKubelet() - - // Write the configuration for the kubelet (using the bootstrap token credentials) to disk so the kubelet can start - if err := kubeletphase.DownloadConfig(bootstrapClient, kubeletVersion, kubeadmconstants.KubeletRunDirectory); err != nil { - return err - } - - // Write env file with flags for the kubelet to use. We only want to - // register the joining node with the specified taints if the node - // is not a master. The markmaster phase will register the taints otherwise. - registerTaintsUsingFlags := j.cfg.ControlPlane == nil - if err := kubeletphase.WriteKubeletDynamicEnvFile(&initConfiguration.ClusterConfiguration, &initConfiguration.NodeRegistration, registerTaintsUsingFlags, kubeadmconstants.KubeletRunDirectory); err != nil { - return err - } - - // Try to start the kubelet service in case it's inactive - klog.V(1).Infof("Starting the kubelet") - kubeletphase.TryStartKubelet() - - // Now the kubelet will perform the TLS Bootstrap, transforming /etc/kubernetes/bootstrap-kubelet.conf to /etc/kubernetes/kubelet.conf - // Wait for the kubelet to create the /etc/kubernetes/kubelet.conf kubeconfig file. If this process - // times out, display a somewhat user-friendly message. - waiter := apiclient.NewKubeWaiter(nil, kubeadmconstants.TLSBootstrapTimeout, os.Stdout) - if err := waiter.WaitForKubeletAndFunc(waitForTLSBootstrappedClient); err != nil { - fmt.Printf(kubeadmJoinFailMsg, err) - return err - } - - // When we know the /etc/kubernetes/kubelet.conf file is available, get the client - client, err := kubeconfigutil.ClientSetFromFile(kubeadmconstants.GetKubeletKubeConfigPath()) - if err != nil { - return err - } - - klog.V(1).Infof("[join] preserving the crisocket information for the node") - if err := patchnodephase.AnnotateCRISocket(client, j.cfg.NodeRegistration.Name, j.cfg.NodeRegistration.CRISocket); err != nil { - return errors.Wrap(err, "error uploading crisocket") - } - - return nil -} - -// PostInstallControlPlane marks the new node as master and update the cluster status with information about current node -func (j *joinData) PostInstallControlPlane(initConfiguration *kubeadmapi.InitConfiguration) error { - kubeConfigFile := filepath.Join(kubeadmconstants.KubernetesDir, kubeadmconstants.AdminKubeConfigFileName) - - client, err := kubeconfigutil.ClientSetFromFile(kubeConfigFile) - if err != nil { - return errors.Wrap(err, "couldn't create Kubernetes client") - } - - // in case of local etcd - if initConfiguration.Etcd.External == nil { - // Adds a new etcd instance; in order to do this the new etcd instance should be "announced" to - // the existing etcd members before being created. - // This operation must be executed after kubelet is already started in order to minimize the time - // between the new etcd member is announced and the start of the static pod running the new etcd member, because during - // this time frame etcd gets temporary not available (only when moving from 1 to 2 members in the etcd cluster). - // From https://coreos.com/etcd/docs/latest/v2/runtime-configuration.html - // "If you add a new member to a 1-node cluster, the cluster cannot make progress before the new member starts - // because it needs two members as majority to agree on the consensus. You will only see this behavior between the time - // etcdctl member add informs the cluster about the new member and the new member successfully establishing a connection to the existing one." - klog.V(1).Info("[join] adding etcd") - if err := etcdphase.CreateStackedEtcdStaticPodManifestFile(client, kubeadmconstants.GetStaticPodDirectory(), initConfiguration.NodeRegistration.Name, &initConfiguration.ClusterConfiguration, &initConfiguration.LocalAPIEndpoint); err != nil { - return errors.Wrap(err, "error creating local etcd static pod manifest file") - } - } - - klog.V(1).Info("[join] uploading currently used configuration to the cluster") - if err := uploadconfigphase.UploadConfiguration(initConfiguration, client); err != nil { - return errors.Wrap(err, "error uploading configuration") - } - - klog.V(1).Info("[join] marking the control-plane with right label") - if err = markcontrolplanephase.MarkControlPlane(client, initConfiguration.NodeRegistration.Name, initConfiguration.NodeRegistration.Taints); err != nil { - return errors.Wrap(err, "error applying control-plane label and taints") - } - - return nil -} - -// waitForTLSBootstrappedClient waits for the /etc/kubernetes/kubelet.conf file to be available -func waitForTLSBootstrappedClient() error { - fmt.Println("[tlsbootstrap] Waiting for the kubelet to perform the TLS Bootstrap...") - - // Loop on every falsy return. Return with an error if raised. Exit successfully if true is returned. - return wait.PollImmediate(kubeadmconstants.APICallRetryInterval, kubeadmconstants.TLSBootstrapTimeout, func() (bool, error) { - // Check that we can create a client set out of the kubelet kubeconfig. This ensures not - // only that the kubeconfig file exists, but that other files required by it also exist (like - // client certificate and key) - _, err := kubeconfigutil.ClientSetFromFile(kubeadmconstants.GetKubeletKubeConfigPath()) - return (err == nil), nil - }) -} - // fetchInitConfigurationFromJoinConfiguration retrieves the init configuration from a join configuration, performing the discovery func fetchInitConfigurationFromJoinConfiguration(cfg *kubeadmapi.JoinConfiguration, tlsBootstrapCfg *clientcmdapi.Config) (*kubeadmapi.InitConfiguration, error) { // Retrieves the kubeadm configuration @@ -647,7 +466,7 @@ func fetchInitConfiguration(tlsBootstrapCfg *clientcmdapi.Config) (*kubeadmapi.I } // Fetches the init configuration - initConfiguration, err := configutil.FetchConfigFromFileOrCluster(tlsClient, os.Stdout, "join", "", true) + initConfiguration, err := configutil.FetchInitConfigurationFromCluster(tlsClient, os.Stdout, "join", true) if err != nil { return nil, errors.Wrap(err, "unable to fetch the kubeadm-config ConfigMap") } diff --git a/cmd/kubeadm/app/cmd/options/BUILD b/cmd/kubeadm/app/cmd/options/BUILD index 8f8248b32cc..500837b313a 100644 --- a/cmd/kubeadm/app/cmd/options/BUILD +++ b/cmd/kubeadm/app/cmd/options/BUILD @@ -14,8 +14,8 @@ go_library( deps = [ "//cmd/kubeadm/app/apis/kubeadm/v1beta1:go_default_library", "//cmd/kubeadm/app/constants:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/cluster-bootstrap/token/api:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], ) diff --git a/cmd/kubeadm/app/cmd/options/constant.go b/cmd/kubeadm/app/cmd/options/constant.go index dd47f66f171..2386a20edd6 100644 --- a/cmd/kubeadm/app/cmd/options/constant.go +++ b/cmd/kubeadm/app/cmd/options/constant.go @@ -1,5 +1,5 @@ /* -Copyright 2018 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -16,104 +16,109 @@ limitations under the License. package options -// APIServerAdvertiseAddress flag sets the IP address the API Server will advertise it's listening on. Specify '0.0.0.0' to use the address of the default network interface. -const APIServerAdvertiseAddress = "apiserver-advertise-address" +const ( + // APIServerAdvertiseAddress flag sets the IP address the API Server will advertise it's listening on. Specify '0.0.0.0' to use the address of the default network interface. + APIServerAdvertiseAddress = "apiserver-advertise-address" -// APIServerBindPort flag sets the port for the API Server to bind to. -const APIServerBindPort = "apiserver-bind-port" + // APIServerBindPort flag sets the port for the API Server to bind to. + APIServerBindPort = "apiserver-bind-port" -// APIServerCertSANs flag sets extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names. -const APIServerCertSANs = "apiserver-cert-extra-sans" + // APIServerCertSANs flag sets extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names. + APIServerCertSANs = "apiserver-cert-extra-sans" -// APIServerExtraArgs flag sets a extra flags to pass to the API Server or override default ones in form of =. -const APIServerExtraArgs = "apiserver-extra-args" + // APIServerExtraArgs flag sets a extra flags to pass to the API Server or override default ones in form of =. + APIServerExtraArgs = "apiserver-extra-args" -// CertificatesDir flag sets the path where to save and read the certificates. -const CertificatesDir = "cert-dir" + // CertificatesDir flag sets the path where to save and read the certificates. + CertificatesDir = "cert-dir" -// CfgPath flag sets the path to kubeadm config file. -const CfgPath = "config" + // CfgPath flag sets the path to kubeadm config file. + CfgPath = "config" -// ControllerManagerExtraArgs flag sets extra flags to pass to the Controller Manager or override default ones in form of =. -const ControllerManagerExtraArgs = "controller-manager-extra-args" + // ControllerManagerExtraArgs flag sets extra flags to pass to the Controller Manager or override default ones in form of =. + ControllerManagerExtraArgs = "controller-manager-extra-args" -// DryRun flag instruct kubeadm to don't apply any changes; just output what would be done. -const DryRun = "dry-run" + // DryRun flag instruct kubeadm to don't apply any changes; just output what would be done. + DryRun = "dry-run" -// FeatureGatesString flag sets key=value pairs that describe feature gates for various features. -const FeatureGatesString = "feature-gates" + // FeatureGatesString flag sets key=value pairs that describe feature gates for various features. + FeatureGatesString = "feature-gates" -// IgnorePreflightErrors sets the path a list of checks whose errors will be shown as warnings. Example: 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks. -const IgnorePreflightErrors = "ignore-preflight-errors" + // IgnorePreflightErrors sets the path a list of checks whose errors will be shown as warnings. Example: 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks. + IgnorePreflightErrors = "ignore-preflight-errors" -// ImageRepository sets the container registry to pull control plane images from. -const ImageRepository = "image-repository" + // ImageRepository sets the container registry to pull control plane images from. + ImageRepository = "image-repository" -// KubeconfigDir flag sets the path where to save the kubeconfig file. -const KubeconfigDir = "kubeconfig-dir" + // KubeconfigDir flag sets the path where to save the kubeconfig file. + KubeconfigDir = "kubeconfig-dir" -// KubeconfigPath flag sets the kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations are searched for an existing KubeConfig file. -const KubeconfigPath = "kubeconfig" + // KubeconfigPath flag sets the kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations are searched for an existing KubeConfig file. + KubeconfigPath = "kubeconfig" -// KubernetesVersion flag sets the Kubernetes version for the control plane. -const KubernetesVersion = "kubernetes-version" + // KubernetesVersion flag sets the Kubernetes version for the control plane. + KubernetesVersion = "kubernetes-version" -// NetworkingDNSDomain flag sets the domain for services, e.g. "myorg.internal". -const NetworkingDNSDomain = "service-dns-domain" + // NetworkingDNSDomain flag sets the domain for services, e.g. "myorg.internal". + NetworkingDNSDomain = "service-dns-domain" -// NetworkingServiceSubnet flag sets the range of IP address for service VIPs. -const NetworkingServiceSubnet = "service-cidr" + // NetworkingServiceSubnet flag sets the range of IP address for service VIPs. + NetworkingServiceSubnet = "service-cidr" -// NetworkingPodSubnet flag sets the range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. -const NetworkingPodSubnet = "pod-network-cidr" + // NetworkingPodSubnet flag sets the range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. + NetworkingPodSubnet = "pod-network-cidr" -// NodeCRISocket flag sets the CRI socket to connect to. -const NodeCRISocket = "cri-socket" + // NodeCRISocket flag sets the CRI socket to connect to. + NodeCRISocket = "cri-socket" -// NodeName flag sets the node name. -const NodeName = "node-name" + // NodeName flag sets the node name. + NodeName = "node-name" -// SchedulerExtraArgs flag sets extra flags to pass to the Scheduler or override default ones in form of =". -const SchedulerExtraArgs = "scheduler-extra-args" + // SchedulerExtraArgs flag sets extra flags to pass to the Scheduler or override default ones in form of =". + SchedulerExtraArgs = "scheduler-extra-args" -// SkipTokenPrint flag instruct kubeadm to skip printing of the default bootstrap token generated by 'kubeadm init'. -const SkipTokenPrint = "skip-token-print" + // SkipTokenPrint flag instruct kubeadm to skip printing of the default bootstrap token generated by 'kubeadm init'. + SkipTokenPrint = "skip-token-print" -// CSROnly flag instructs kubeadm to create CSRs instead of automatically creating or renewing certs -const CSROnly = "csr-only" + // CSROnly flag instructs kubeadm to create CSRs instead of automatically creating or renewing certs + CSROnly = "csr-only" -// CSRDir flag sets the location for CSRs and flags to be output -const CSRDir = "csr-dir" + // CSRDir flag sets the location for CSRs and flags to be output + CSRDir = "csr-dir" -// TokenStr flags sets both the discovery-token and the tls-bootstrap-token when those values are not provided -const TokenStr = "token" + // TokenStr flags sets both the discovery-token and the tls-bootstrap-token when those values are not provided + TokenStr = "token" -// TokenTTL flag sets the time to live for token -const TokenTTL = "token-ttl" + // TokenTTL flag sets the time to live for token + TokenTTL = "token-ttl" -// TokenUsages flag sets the usages of the token -const TokenUsages = "usages" + // TokenUsages flag sets the usages of the token + TokenUsages = "usages" -// TokenGroups flag sets the authentication groups of the token -const TokenGroups = "groups" + // TokenGroups flag sets the authentication groups of the token + TokenGroups = "groups" -// TokenDescription flag sets the description of the token -const TokenDescription = "description" + // TokenDescription flag sets the description of the token + TokenDescription = "description" -// TLSBootstrapToken flag sets the token used to temporarily authenticate with the Kubernetes Master to submit a certificate signing request (CSR) for a locally created key pair -const TLSBootstrapToken = "tls-bootstrap-token" + // TLSBootstrapToken flag sets the token used to temporarily authenticate with the Kubernetes Control Plane to submit a certificate signing request (CSR) for a locally created key pair + TLSBootstrapToken = "tls-bootstrap-token" -// TokenDiscovery flag sets the token used to validate cluster information fetched from the API server (for token-based discovery) -const TokenDiscovery = "discovery-token" + // TokenDiscovery flag sets the token used to validate cluster information fetched from the API server (for token-based discovery) + TokenDiscovery = "discovery-token" -// TokenDiscoveryCAHash flag instruct kubeadm to validate that the root CA public key matches this hash (for token-based discovery) -const TokenDiscoveryCAHash = "discovery-token-ca-cert-hash" + // TokenDiscoveryCAHash flag instruct kubeadm to validate that the root CA public key matches this hash (for token-based discovery) + TokenDiscoveryCAHash = "discovery-token-ca-cert-hash" -// TokenDiscoverySkipCAHash flag instruct kubeadm to skip CA hash verification (for token-based discovery) -const TokenDiscoverySkipCAHash = "discovery-token-unsafe-skip-ca-verification" + // TokenDiscoverySkipCAHash flag instruct kubeadm to skip CA hash verification (for token-based discovery) + TokenDiscoverySkipCAHash = "discovery-token-unsafe-skip-ca-verification" -// FileDiscovery flag sets the file or URL from which to load cluster information (for file-based discovery) -const FileDiscovery = "discovery-file" + // FileDiscovery flag sets the file or URL from which to load cluster information (for file-based discovery) + FileDiscovery = "discovery-file" -// ControlPlane flag instruct kubeadm to create a new control plane instance on this node -const ControlPlane = "experimental-control-plane" + // ControlPlane flag instruct kubeadm to create a new control plane instance on this node + ControlPlane = "experimental-control-plane" + + // UploadCerts flag instruct kubeadm to upload certificates + UploadCerts = "experimental-upload-certs" +) diff --git a/cmd/kubeadm/app/cmd/options/generic.go b/cmd/kubeadm/app/cmd/options/generic.go index 16f8f0c7aae..9fac2a4aed7 100644 --- a/cmd/kubeadm/app/cmd/options/generic.go +++ b/cmd/kubeadm/app/cmd/options/generic.go @@ -18,7 +18,7 @@ package options import ( "github.com/spf13/pflag" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" ) // AddKubeConfigFlag adds the --kubeconfig flag to the given flagset @@ -46,9 +46,9 @@ func AddIgnorePreflightErrorsFlag(fs *pflag.FlagSet, ignorePreflightErrors *[]st // AddControlPlanExtraArgsFlags adds the ExtraArgs flags for control plane components func AddControlPlanExtraArgsFlags(fs *pflag.FlagSet, apiServerExtraArgs, controllerManagerExtraArgs, schedulerExtraArgs *map[string]string) { - fs.Var(utilflag.NewMapStringString(apiServerExtraArgs), APIServerExtraArgs, "A set of extra flags to pass to the API Server or override default ones in form of =") - fs.Var(utilflag.NewMapStringString(controllerManagerExtraArgs), ControllerManagerExtraArgs, "A set of extra flags to pass to the Controller Manager or override default ones in form of =") - fs.Var(utilflag.NewMapStringString(schedulerExtraArgs), SchedulerExtraArgs, "A set of extra flags to pass to the Scheduler or override default ones in form of =") + fs.Var(cliflag.NewMapStringString(apiServerExtraArgs), APIServerExtraArgs, "A set of extra flags to pass to the API Server or override default ones in form of =") + fs.Var(cliflag.NewMapStringString(controllerManagerExtraArgs), ControllerManagerExtraArgs, "A set of extra flags to pass to the Controller Manager or override default ones in form of =") + fs.Var(cliflag.NewMapStringString(schedulerExtraArgs), SchedulerExtraArgs, "A set of extra flags to pass to the Scheduler or override default ones in form of =") } // AddImageMetaFlags adds the --image-repository flag to the given flagset diff --git a/cmd/kubeadm/app/cmd/options/token.go b/cmd/kubeadm/app/cmd/options/token.go index d4b44eeb778..f2f6d8b10d0 100644 --- a/cmd/kubeadm/app/cmd/options/token.go +++ b/cmd/kubeadm/app/cmd/options/token.go @@ -46,7 +46,7 @@ type BootstrapTokenOptions struct { func (bto *BootstrapTokenOptions) AddTokenFlag(fs *pflag.FlagSet) { fs.StringVar( &bto.TokenStr, TokenStr, "", - "The token to use for establishing bidirectional trust between nodes and masters. The format is [a-z0-9]{6}\\.[a-z0-9]{16} - e.g. abcdef.0123456789abcdef", + "The token to use for establishing bidirectional trust between nodes and control-plane nodes. The format is [a-z0-9]{6}\\.[a-z0-9]{16} - e.g. abcdef.0123456789abcdef", ) } diff --git a/cmd/kubeadm/app/cmd/phases/init/BUILD b/cmd/kubeadm/app/cmd/phases/init/BUILD index 8840cd1600d..df4b683d69c 100644 --- a/cmd/kubeadm/app/cmd/phases/init/BUILD +++ b/cmd/kubeadm/app/cmd/phases/init/BUILD @@ -12,6 +12,7 @@ go_library( "kubelet.go", "markcontrolplane.go", "preflight.go", + "uploadcerts.go", "uploadconfig.go", "waitcontrolplane.go", ], @@ -36,6 +37,7 @@ go_library( "//cmd/kubeadm/app/phases/kubelet:go_default_library", "//cmd/kubeadm/app/phases/markcontrolplane:go_default_library", "//cmd/kubeadm/app/phases/patchnode:go_default_library", + "//cmd/kubeadm/app/phases/uploadcerts:go_default_library", "//cmd/kubeadm/app/phases/uploadconfig:go_default_library", "//cmd/kubeadm/app/preflight:go_default_library", "//cmd/kubeadm/app/util:go_default_library", diff --git a/cmd/kubeadm/app/cmd/phases/init/certs.go b/cmd/kubeadm/app/cmd/phases/init/certs.go index c3b951f4f19..a04be51b73e 100644 --- a/cmd/kubeadm/app/cmd/phases/init/certs.go +++ b/cmd/kubeadm/app/cmd/phases/init/certs.go @@ -225,7 +225,6 @@ func runCAPhase(ca *certsphase.KubeadmCert) func(c workflow.RunData) error { return errors.New("certs phase invoked with an invalid data struct") } - // TODO(EKF): can we avoid loading these certificates every time? if _, err := pkiutil.TryLoadCertFromDisk(data.CertificateDir(), ca.BaseName); err == nil { if _, err := pkiutil.TryLoadKeyFromDisk(data.CertificateDir(), ca.BaseName); err == nil { fmt.Printf("[certs] Using existing %s certificate authority\n", ca.BaseName) @@ -258,7 +257,6 @@ func runCertPhase(cert *certsphase.KubeadmCert, caCert *certsphase.KubeadmCert) return errors.New("certs phase invoked with an invalid data struct") } - // TODO(EKF): can we avoid loading these certificates every time? if certData, _, err := pkiutil.TryLoadCertAndKeyFromDisk(data.CertificateDir(), cert.BaseName); err == nil { caCertData, err := pkiutil.TryLoadCertFromDisk(data.CertificateDir(), caCert.BaseName) if err != nil { diff --git a/cmd/kubeadm/app/cmd/phases/init/etcd.go b/cmd/kubeadm/app/cmd/phases/init/etcd.go index 92fce50ce39..f531ee90415 100644 --- a/cmd/kubeadm/app/cmd/phases/init/etcd.go +++ b/cmd/kubeadm/app/cmd/phases/init/etcd.go @@ -18,6 +18,7 @@ package phases import ( "fmt" + "os" "github.com/pkg/errors" "k8s.io/klog" @@ -31,7 +32,7 @@ import ( var ( etcdLocalExample = normalizer.Examples(` - # Generates the static Pod manifest file for etcd, functionally + # Generates the static Pod manifest file for etcd, functionally # equivalent to what is generated by kubeadm init. kubeadm init phase etcd local @@ -43,6 +44,7 @@ var ( type etcdData interface { Cfg() *kubeadmapi.InitConfiguration + DryRun() bool ManifestDir() string } @@ -89,6 +91,14 @@ func runEtcdPhaseLocal() func(c workflow.RunData) error { // Add etcd static pod spec only if external etcd is not configured if cfg.Etcd.External == nil { + // creates target folder if doesn't exist already + if !data.DryRun() { + if err := os.MkdirAll(cfg.Etcd.Local.DataDir, 0700); err != nil { + return errors.Wrapf(err, "failed to create etcd directory %q", cfg.Etcd.Local.DataDir) + } + } else { + fmt.Printf("[dryrun] Would ensure that %q directory is present\n", cfg.Etcd.Local.DataDir) + } fmt.Printf("[etcd] Creating static Pod manifest for local etcd in %q\n", data.ManifestDir()) if err := etcdphase.CreateLocalEtcdStaticPodManifestFile(data.ManifestDir(), cfg.NodeRegistration.Name, &cfg.ClusterConfiguration, &cfg.LocalAPIEndpoint); err != nil { return errors.Wrap(err, "error creating local etcd static pod manifest file") diff --git a/cmd/kubeadm/app/cmd/phases/init/kubelet.go b/cmd/kubeadm/app/cmd/phases/init/kubelet.go index 74ec307dc47..b8456a2696d 100644 --- a/cmd/kubeadm/app/cmd/phases/init/kubelet.go +++ b/cmd/kubeadm/app/cmd/phases/init/kubelet.go @@ -1,5 +1,5 @@ /* -Copyright 2018 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -29,7 +29,7 @@ import ( var ( kubeletStartPhaseExample = normalizer.Examples(` # Writes a dynamic environment file with kubelet flags from a InitConfiguration file. - kubeadm init phase kubelet-start --config masterconfig.yaml + kubeadm init phase kubelet-start --config config.yaml `) ) @@ -72,9 +72,9 @@ func runKubeletStart(c workflow.RunData) error { kubeletphase.TryStopKubelet() } - // Write env file with flags for the kubelet to use. We do not need to write the --register-with-taints for the master, - // as we handle that ourselves in the markmaster phase - // TODO: Maybe we want to do that some time in the future, in order to remove some logic from the markmaster phase? + // Write env file with flags for the kubelet to use. We do not need to write the --register-with-taints for the control-plane, + // as we handle that ourselves in the mark-control-plane phase + // TODO: Maybe we want to do that some time in the future, in order to remove some logic from the mark-control-plane phase? if err := kubeletphase.WriteKubeletDynamicEnvFile(&data.Cfg().ClusterConfiguration, &data.Cfg().NodeRegistration, false, data.KubeletDir()); err != nil { return errors.Wrap(err, "error writing a dynamic environment file for the kubelet") } diff --git a/cmd/kubeadm/app/cmd/phases/init/markcontrolplane.go b/cmd/kubeadm/app/cmd/phases/init/markcontrolplane.go index cf5f26778b8..d65187f8393 100644 --- a/cmd/kubeadm/app/cmd/phases/init/markcontrolplane.go +++ b/cmd/kubeadm/app/cmd/phases/init/markcontrolplane.go @@ -56,7 +56,7 @@ func NewMarkControlPlanePhase() workflow.Phase { } } -// runMarkControlPlane executes markcontrolplane checks logic. +// runMarkControlPlane executes mark-control-plane checks logic. func runMarkControlPlane(c workflow.RunData) error { data, ok := c.(markControlPlaneData) if !ok { diff --git a/cmd/kubeadm/app/cmd/phases/init/uploadcerts.go b/cmd/kubeadm/app/cmd/phases/init/uploadcerts.go new file mode 100644 index 00000000000..c9d388e53ca --- /dev/null +++ b/cmd/kubeadm/app/cmd/phases/init/uploadcerts.go @@ -0,0 +1,83 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package phases + +import ( + "fmt" + + "github.com/pkg/errors" + + clientset "k8s.io/client-go/kubernetes" + "k8s.io/klog" + kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" + "k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow" + cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util" + kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" + "k8s.io/kubernetes/cmd/kubeadm/app/phases/uploadcerts" +) + +type uploadCertsData interface { + Client() (clientset.Interface, error) + UploadCerts() bool + Cfg() *kubeadmapi.InitConfiguration + CertificateKey() string + SetCertificateKey(key string) +} + +// NewUploadCertsPhase returns the uploadCerts phase +func NewUploadCertsPhase() workflow.Phase { + return workflow.Phase{ + Name: "upload-certs", + Short: fmt.Sprintf("Upload certificates to %s", kubeadmconstants.KubeadmCertsSecret), + Long: cmdutil.MacroCommandLongDescription, + Run: runUploadCerts, + InheritFlags: []string{ + options.CfgPath, + options.UploadCerts, + }, + } +} + +func runUploadCerts(c workflow.RunData) error { + data, ok := c.(uploadCertsData) + if !ok { + return errors.New("upload-certs phase invoked with an invalid data struct") + } + + if !data.UploadCerts() { + klog.V(1).Infof("[upload-certs] Skipping certs upload") + return nil + } + client, err := data.Client() + if err != nil { + return err + } + + if len(data.CertificateKey()) == 0 { + certificateKey, err := uploadcerts.CreateCertificateKey() + if err != nil { + return err + } + data.SetCertificateKey(certificateKey) + } + + if err := uploadcerts.UploadCerts(client, data.Cfg(), data.CertificateKey()); err != nil { + return errors.Wrap(err, "error uploading certs") + } + return nil +} diff --git a/cmd/kubeadm/app/cmd/phases/join/BUILD b/cmd/kubeadm/app/cmd/phases/join/BUILD index 82dcff2919d..957d1ec4e09 100644 --- a/cmd/kubeadm/app/cmd/phases/join/BUILD +++ b/cmd/kubeadm/app/cmd/phases/join/BUILD @@ -4,7 +4,9 @@ go_library( name = "go_default_library", srcs = [ "checketcd.go", - "controlplane.go", + "controlplanejoin.go", + "controlplaneprepare.go", + "kubelet.go", "preflight.go", ], importpath = "k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/join", @@ -19,10 +21,19 @@ go_library( "//cmd/kubeadm/app/phases/controlplane:go_default_library", "//cmd/kubeadm/app/phases/etcd:go_default_library", "//cmd/kubeadm/app/phases/kubeconfig:go_default_library", + "//cmd/kubeadm/app/phases/kubelet:go_default_library", + "//cmd/kubeadm/app/phases/markcontrolplane:go_default_library", + "//cmd/kubeadm/app/phases/patchnode:go_default_library", + "//cmd/kubeadm/app/phases/uploadconfig:go_default_library", "//cmd/kubeadm/app/preflight:go_default_library", + "//cmd/kubeadm/app/util/apiclient:go_default_library", + "//cmd/kubeadm/app/util/kubeconfig:go_default_library", "//pkg/util/normalizer:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/client-go/tools/clientcmd/api:go_default_library", + "//staging/src/k8s.io/client-go/util/cert:go_default_library", "//vendor/github.com/lithammer/dedent:go_default_library", "//vendor/github.com/pkg/errors:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/cmd/kubeadm/app/cmd/phases/join/controlplanejoin.go b/cmd/kubeadm/app/cmd/phases/join/controlplanejoin.go new file mode 100644 index 00000000000..2c0166da754 --- /dev/null +++ b/cmd/kubeadm/app/cmd/phases/join/controlplanejoin.go @@ -0,0 +1,206 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package phases + +import ( + "fmt" + + "github.com/pkg/errors" + clientset "k8s.io/client-go/kubernetes" + kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" + "k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow" + cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util" + kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" + etcdphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/etcd" + markcontrolplanephase "k8s.io/kubernetes/cmd/kubeadm/app/phases/markcontrolplane" + uploadconfigphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/uploadconfig" + "k8s.io/kubernetes/pkg/util/normalizer" +) + +var ( + controlPlaneJoinExample = normalizer.Examples(` + # Joins a machine as a control plane instance + kubeadm join phase control-plane-join all + `) +) + +type controlPlaneJoinData interface { + Cfg() *kubeadmapi.JoinConfiguration + ClientSetFromFile(string) (*clientset.Clientset, error) + InitCfg() (*kubeadmapi.InitConfiguration, error) + KubeConfigPath() string +} + +func getControlPlaneJoinPhaseFlags() []string { + return []string{ + options.APIServerAdvertiseAddress, + options.APIServerBindPort, + options.CfgPath, + options.ControlPlane, + options.NodeName, + options.TokenDiscovery, + options.TokenDiscoveryCAHash, + options.TokenDiscoverySkipCAHash, + options.KubeconfigPath, + } +} + +// NewControlPlaneJoinPhase creates a kubeadm workflow phase that implements joining a machine as a control plane instance +func NewControlPlaneJoinPhase() workflow.Phase { + return workflow.Phase{ + Name: "control-plane-join", + Short: "Joins a machine as a control plane instance", + Long: cmdutil.MacroCommandLongDescription, + Phases: []workflow.Phase{ + { + Name: "all", + Short: "Joins a machine as a control plane instance", + InheritFlags: getControlPlaneJoinPhaseFlags(), + RunAllSiblings: true, + }, + newEtcdLocalSubphase(), + newUploadConfigSubphase(), + newMarkControlPlaneSubphase(), + }, + } +} + +func newEtcdLocalSubphase() workflow.Phase { + return workflow.Phase{ + Name: "etcd", + Short: "Generates the static Pod manifest file for a local etcd member", + Run: runEtcdPhase, + InheritFlags: getControlPlaneJoinPhaseFlags(), + } +} + +func newUploadConfigSubphase() workflow.Phase { + return workflow.Phase{ + Name: "upload-config", + Short: "Upload the currently used configuration to the cluster", + Run: runUploadConfigPhase, + InheritFlags: getControlPlaneJoinPhaseFlags(), + } +} + +func newMarkControlPlaneSubphase() workflow.Phase { + return workflow.Phase{ + Name: "mark-control-plane", + Short: "Mark a node as a control-plane", + Run: runMarkControlPlanePhase, + InheritFlags: getControlPlaneJoinPhaseFlags(), + } +} + +func runEtcdPhase(c workflow.RunData) error { + data, ok := c.(controlPlaneJoinData) + if !ok { + return errors.New("control-plane-join phase invoked with an invalid data struct") + } + + if data.Cfg().ControlPlane == nil { + return nil + } + + kubeConfigFile := data.KubeConfigPath() + + client, err := data.ClientSetFromFile(kubeConfigFile) + if err != nil { + return errors.Wrap(err, "couldn't create Kubernetes client") + } + cfg, err := data.InitCfg() + if err != nil { + return err + } + // in case of local etcd + if cfg.Etcd.External != nil { + fmt.Println("[control-plane-join] using external etcd - no local stacked instance added") + return nil + } + + // Adds a new etcd instance; in order to do this the new etcd instance should be "announced" to + // the existing etcd members before being created. + // This operation must be executed after kubelet is already started in order to minimize the time + // between the new etcd member is announced and the start of the static pod running the new etcd member, because during + // this time frame etcd gets temporary not available (only when moving from 1 to 2 members in the etcd cluster). + // From https://coreos.com/etcd/docs/latest/v2/runtime-configuration.html + // "If you add a new member to a 1-node cluster, the cluster cannot make progress before the new member starts + // because it needs two members as majority to agree on the consensus. You will only see this behavior between the time + // etcdctl member add informs the cluster about the new member and the new member successfully establishing a connection to the // existing one." + if err := etcdphase.CreateStackedEtcdStaticPodManifestFile(client, kubeadmconstants.GetStaticPodDirectory(), cfg.NodeRegistration.Name, &cfg.ClusterConfiguration, &cfg.LocalAPIEndpoint); err != nil { + return errors.Wrap(err, "error creating local etcd static pod manifest file") + } + + return nil +} + +func runUploadConfigPhase(c workflow.RunData) error { + data, ok := c.(controlPlaneJoinData) + if !ok { + return errors.New("control-plane-join phase invoked with an invalid data struct") + } + + if data.Cfg().ControlPlane == nil { + return nil + } + + kubeConfigFile := data.KubeConfigPath() + + client, err := data.ClientSetFromFile(kubeConfigFile) + if err != nil { + return errors.Wrap(err, "couldn't create Kubernetes client") + } + cfg, err := data.InitCfg() + if err != nil { + return err + } + + if err := uploadconfigphase.UploadConfiguration(cfg, client); err != nil { + return errors.Wrap(err, "error uploading configuration") + } + + return nil +} + +func runMarkControlPlanePhase(c workflow.RunData) error { + data, ok := c.(controlPlaneJoinData) + if !ok { + return errors.New("control-plane-join phase invoked with an invalid data struct") + } + + if data.Cfg().ControlPlane == nil { + return nil + } + + kubeConfigFile := data.KubeConfigPath() + + client, err := data.ClientSetFromFile(kubeConfigFile) + if err != nil { + return errors.Wrap(err, "couldn't create Kubernetes client") + } + cfg, err := data.InitCfg() + if err != nil { + return err + } + + if err := markcontrolplanephase.MarkControlPlane(client, cfg.NodeRegistration.Name, cfg.NodeRegistration.Taints); err != nil { + return errors.Wrap(err, "error applying control-plane label and taints") + } + + return nil +} diff --git a/cmd/kubeadm/app/cmd/phases/join/controlplane.go b/cmd/kubeadm/app/cmd/phases/join/controlplaneprepare.go similarity index 98% rename from cmd/kubeadm/app/cmd/phases/join/controlplane.go rename to cmd/kubeadm/app/cmd/phases/join/controlplaneprepare.go index b98b337584b..d4b97cf5ed0 100644 --- a/cmd/kubeadm/app/cmd/phases/join/controlplane.go +++ b/cmd/kubeadm/app/cmd/phases/join/controlplaneprepare.go @@ -21,7 +21,6 @@ import ( "github.com/pkg/errors" - clientset "k8s.io/client-go/kubernetes" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow" @@ -34,7 +33,6 @@ import ( type controlPlanePrepareData interface { Cfg() *kubeadmapi.JoinConfiguration - ClientSetFromFile(string) (*clientset.Clientset, error) InitCfg() (*kubeadmapi.InitConfiguration, error) } diff --git a/cmd/kubeadm/app/cmd/phases/join/kubelet.go b/cmd/kubeadm/app/cmd/phases/join/kubelet.go new file mode 100644 index 00000000000..adc2b3edd50 --- /dev/null +++ b/cmd/kubeadm/app/cmd/phases/join/kubelet.go @@ -0,0 +1,192 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package phases + +import ( + "fmt" + "os" + + "github.com/lithammer/dedent" + "github.com/pkg/errors" + "k8s.io/apimachinery/pkg/util/wait" + clientset "k8s.io/client-go/kubernetes" + clientcmdapi "k8s.io/client-go/tools/clientcmd/api" + certutil "k8s.io/client-go/util/cert" + "k8s.io/klog" + kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" + "k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow" + kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" + kubeletphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubelet" + patchnodephase "k8s.io/kubernetes/cmd/kubeadm/app/phases/patchnode" + "k8s.io/kubernetes/cmd/kubeadm/app/preflight" + "k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient" + kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig" + utilsexec "k8s.io/utils/exec" +) + +var ( + kubeadmJoinFailMsg = dedent.Dedent(` + Unfortunately, an error has occurred: + %v + + This error is likely caused by: + - The kubelet is not running + - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled) + + If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands: + - 'systemctl status kubelet' + - 'journalctl -xeu kubelet' + `) +) + +type kubeletStartData interface { + Cfg() *kubeadmapi.JoinConfiguration + ClientSetFromFile(path string) (*clientset.Clientset, error) + InitCfg() (*kubeadmapi.InitConfiguration, error) + TLSBootstrapCfg() (*clientcmdapi.Config, error) +} + +// NewKubeletStartPhase creates a kubeadm workflow phase that start kubelet on a node. +func NewKubeletStartPhase() workflow.Phase { + return workflow.Phase{ + Name: "kubelet-start", + Short: "Writes kubelet settings, certificates and (re)starts the kubelet", + Long: "Writes a file with KubeletConfiguration and an environment file with node specific kubelet settings, and then (re)starts kubelet.", + Run: runKubeletStartJoinPhase, + InheritFlags: []string{ + options.CfgPath, + options.NodeCRISocket, + options.NodeName, + options.TLSBootstrapToken, + options.TokenDiscovery, + options.TokenDiscoveryCAHash, + options.TokenDiscoverySkipCAHash, + options.TokenStr, + }, + } +} + +func getKubeletStartJoinData(c workflow.RunData) (kubeletStartData, *kubeadmapi.JoinConfiguration, *kubeadmapi.InitConfiguration, *clientcmdapi.Config, error) { + data, ok := c.(kubeletStartData) + if !ok { + return nil, nil, nil, nil, errors.New("kubelet-start phase invoked with an invalid data struct") + } + cfg := data.Cfg() + initCfg, err := data.InitCfg() + if err != nil { + return nil, nil, nil, nil, err + } + tlsBootstrapCfg, err := data.TLSBootstrapCfg() + if err != nil { + return nil, nil, nil, nil, err + } + return data, cfg, initCfg, tlsBootstrapCfg, nil +} + +// runKubeletStartJoinPhase executes the kubelet TLS bootstrap process. +// This process is executed by the kubelet and completes with the node joining the cluster +// with a dedicates set of credentials as required by the node authorizer +func runKubeletStartJoinPhase(c workflow.RunData) error { + data, cfg, initCfg, tlsBootstrapCfg, err := getKubeletStartJoinData(c) + if err != nil { + return err + } + bootstrapKubeConfigFile := kubeadmconstants.GetBootstrapKubeletKubeConfigPath() + + // Write the bootstrap kubelet config file or the TLS-Boostrapped kubelet config file down to disk + klog.V(1).Infoln("[join] writing bootstrap kubelet config file at", bootstrapKubeConfigFile) + if err := kubeconfigutil.WriteToDisk(bootstrapKubeConfigFile, tlsBootstrapCfg); err != nil { + return errors.Wrap(err, "couldn't save bootstrap-kubelet.conf to disk") + } + + // Write the ca certificate to disk so kubelet can use it for authentication + cluster := tlsBootstrapCfg.Contexts[tlsBootstrapCfg.CurrentContext].Cluster + if _, err := os.Stat(cfg.CACertPath); os.IsNotExist(err) { + if err := certutil.WriteCert(cfg.CACertPath, tlsBootstrapCfg.Clusters[cluster].CertificateAuthorityData); err != nil { + return errors.Wrap(err, "couldn't save the CA certificate to disk") + } + } + + kubeletVersion, err := preflight.GetKubeletVersion(utilsexec.New()) + if err != nil { + return err + } + + bootstrapClient, err := data.ClientSetFromFile(bootstrapKubeConfigFile) + if err != nil { + return errors.Errorf("couldn't create client from kubeconfig file %q", bootstrapKubeConfigFile) + } + + // Configure the kubelet. In this short timeframe, kubeadm is trying to stop/restart the kubelet + // Try to stop the kubelet service so no race conditions occur when configuring it + klog.V(1).Infof("[kubelet-start] Stopping the kubelet") + kubeletphase.TryStopKubelet() + + // Write the configuration for the kubelet (using the bootstrap token credentials) to disk so the kubelet can start + if err := kubeletphase.DownloadConfig(bootstrapClient, kubeletVersion, kubeadmconstants.KubeletRunDirectory); err != nil { + return err + } + + // Write env file with flags for the kubelet to use. We only want to + // register the joining node with the specified taints if the node + // is not a control-plane. The mark-control-plane phase will register the taints otherwise. + registerTaintsUsingFlags := cfg.ControlPlane == nil + if err := kubeletphase.WriteKubeletDynamicEnvFile(&initCfg.ClusterConfiguration, &initCfg.NodeRegistration, registerTaintsUsingFlags, kubeadmconstants.KubeletRunDirectory); err != nil { + return err + } + + // Try to start the kubelet service in case it's inactive + klog.V(1).Infof("[kubelet-start] Starting the kubelet") + kubeletphase.TryStartKubelet() + + // Now the kubelet will perform the TLS Bootstrap, transforming /etc/kubernetes/bootstrap-kubelet.conf to /etc/kubernetes/kubelet.conf + // Wait for the kubelet to create the /etc/kubernetes/kubelet.conf kubeconfig file. If this process + // times out, display a somewhat user-friendly message. + waiter := apiclient.NewKubeWaiter(nil, kubeadmconstants.TLSBootstrapTimeout, os.Stdout) + if err := waiter.WaitForKubeletAndFunc(waitForTLSBootstrappedClient); err != nil { + fmt.Printf(kubeadmJoinFailMsg, err) + return err + } + + // When we know the /etc/kubernetes/kubelet.conf file is available, get the client + client, err := data.ClientSetFromFile(kubeadmconstants.GetKubeletKubeConfigPath()) + if err != nil { + return err + } + + klog.V(1).Infof("[kubelet-start] preserving the crisocket information for the node") + if err := patchnodephase.AnnotateCRISocket(client, cfg.NodeRegistration.Name, cfg.NodeRegistration.CRISocket); err != nil { + return errors.Wrap(err, "error uploading crisocket") + } + + return nil +} + +// waitForTLSBootstrappedClient waits for the /etc/kubernetes/kubelet.conf file to be available +func waitForTLSBootstrappedClient() error { + fmt.Println("[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...") + + // Loop on every falsy return. Return with an error if raised. Exit successfully if true is returned. + return wait.PollImmediate(kubeadmconstants.APICallRetryInterval, kubeadmconstants.TLSBootstrapTimeout, func() (bool, error) { + // Check that we can create a client set out of the kubelet kubeconfig. This ensures not + // only that the kubeconfig file exists, but that other files required by it also exist (like + // client certificate and key) + _, err := kubeconfigutil.ClientSetFromFile(kubeadmconstants.GetKubeletKubeConfigPath()) + return (err == nil), nil + }) +} diff --git a/cmd/kubeadm/app/cmd/phases/workflow/doc.go b/cmd/kubeadm/app/cmd/phases/workflow/doc.go index 1dd69e315e6..a5bd5871b74 100644 --- a/cmd/kubeadm/app/cmd/phases/workflow/doc.go +++ b/cmd/kubeadm/app/cmd/phases/workflow/doc.go @@ -22,7 +22,7 @@ Composable kubeadm workflows are built by an ordered sequence of phases; each phase can have it's own, nested, ordered sequence of sub phases. For instance - preflight Run master pre-flight checks + preflight Run control-plane pre-flight checks certs Generates all PKI assets necessary to establish the control plane /ca Generates a self-signed Kubernetes CA to provision identities for Kubernetes components /apiserver Generates an API server serving certificate and key diff --git a/cmd/kubeadm/app/cmd/reset.go b/cmd/kubeadm/app/cmd/reset.go index ebb780ef512..eeb8f8c5e36 100644 --- a/cmd/kubeadm/app/cmd/reset.go +++ b/cmd/kubeadm/app/cmd/reset.go @@ -62,8 +62,10 @@ func NewCmdReset(in io.Reader, out io.Writer) *cobra.Command { kubeadmutil.CheckErr(err) kubeConfigFile = cmdutil.FindExistingKubeConfig(kubeConfigFile) - client, err = getClientset(kubeConfigFile, false) - kubeadmutil.CheckErr(err) + if _, err := os.Stat(kubeConfigFile); !os.IsNotExist(err) { + client, err = getClientset(kubeConfigFile, false) + kubeadmutil.CheckErr(err) + } if criSocketPath == "" { criSocketPath, err = resetDetectCRISocket(client) @@ -168,7 +170,7 @@ func (r *Reset) Run(out io.Writer, client clientset.Interface) error { klog.V(1).Info("[reset] removing Kubernetes-managed containers") if err := removeContainers(utilsexec.New(), r.criSocketPath); err != nil { - klog.Errorf("[reset] failed to remove containers: %+v", err) + klog.Errorf("[reset] failed to remove containers: %v", err) } dirsToClean = append(dirsToClean, []string{kubeadmconstants.KubeletRunDirectory, "/etc/cni/net.d", "/var/lib/dockershim", "/var/run/kubernetes"}...) @@ -208,7 +210,7 @@ func getEtcdDataDir(manifestPath string, client clientset.Interface) (string, er var dataDir string if client != nil { - cfg, err := configutil.FetchConfigFromFileOrCluster(client, os.Stdout, "reset", "", false) + cfg, err := configutil.FetchInitConfigurationFromCluster(client, os.Stdout, "reset", false) if err == nil && cfg.Etcd.Local != nil { return cfg.Etcd.Local.DataDir, nil } @@ -298,10 +300,12 @@ func resetConfigDir(configPathDir, pkiPathDir string) { } func resetDetectCRISocket(client clientset.Interface) (string, error) { - // first try to connect to the cluster for the CRI socket - cfg, err := configutil.FetchConfigFromFileOrCluster(client, os.Stdout, "reset", "", false) - if err == nil { - return cfg.NodeRegistration.CRISocket, nil + if client != nil { + // first try to connect to the cluster for the CRI socket + cfg, err := configutil.FetchInitConfigurationFromCluster(client, os.Stdout, "reset", false) + if err == nil { + return cfg.NodeRegistration.CRISocket, nil + } } // if this fails, try to detect it diff --git a/cmd/kubeadm/app/cmd/token.go b/cmd/kubeadm/app/cmd/token.go index 4c3933f4de6..3541f8f48ee 100644 --- a/cmd/kubeadm/app/cmd/token.go +++ b/cmd/kubeadm/app/cmd/token.go @@ -1,5 +1,5 @@ /* -Copyright 2016 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -211,12 +211,12 @@ func NewCmdTokenGenerate(out io.Writer) *cobra.Command { // RunCreateToken generates a new bootstrap token and stores it as a secret on the server. func RunCreateToken(out io.Writer, client clientset.Interface, cfgPath string, cfg *kubeadmapiv1beta1.InitConfiguration, printJoinCommand bool, kubeConfigFile string) error { // KubernetesVersion is not used, but we set it explicitly to avoid the lookup - // of the version from the internet when executing ConfigFileAndDefaultsToInternalConfig + // of the version from the internet when executing LoadOrDefaultInitConfiguration phaseutil.SetKubernetesVersion(&cfg.ClusterConfiguration) // This call returns the ready-to-use configuration based on the configuration file that might or might not exist and the default cfg populated by flags klog.V(1).Infoln("[token] loading configurations") - internalcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(cfgPath, cfg) + internalcfg, err := configutil.LoadOrDefaultInitConfiguration(cfgPath, cfg) if err != nil { return err } @@ -229,7 +229,10 @@ func RunCreateToken(out io.Writer, client clientset.Interface, cfgPath string, c // if --print-join-command was specified, print the full `kubeadm join` command // otherwise, just print the token if printJoinCommand { - joinCommand, err := cmdutil.GetJoinCommand(kubeConfigFile, internalcfg.BootstrapTokens[0].Token.String(), false) + key := "" + skipTokenPrint := false + uploadCerts := false + joinCommand, err := cmdutil.GetJoinCommand(kubeConfigFile, internalcfg.BootstrapTokens[0].Token.String(), key, skipTokenPrint, uploadCerts) if err != nil { return errors.Wrap(err, "failed to get join command") } diff --git a/cmd/kubeadm/app/cmd/token_test.go b/cmd/kubeadm/app/cmd/token_test.go index ba2b654f7c2..34df0574240 100644 --- a/cmd/kubeadm/app/cmd/token_test.go +++ b/cmd/kubeadm/app/cmd/token_test.go @@ -176,7 +176,7 @@ func TestRunCreateToken(t *testing.T) { cfg := &kubeadmapiv1beta1.InitConfiguration{ ClusterConfiguration: kubeadmapiv1beta1.ClusterConfiguration{ // KubernetesVersion is not used, but we set this explicitly to avoid - // the lookup of the version from the internet when executing ConfigFileAndDefaultsToInternalConfig + // the lookup of the version from the internet when executing LoadOrDefaultInitConfiguration KubernetesVersion: constants.MinimumControlPlaneVersion.String(), }, BootstrapTokens: []kubeadmapiv1beta1.BootstrapToken{ diff --git a/cmd/kubeadm/app/cmd/upgrade/BUILD b/cmd/kubeadm/app/cmd/upgrade/BUILD index fa0e144a6f8..c1b47c849a3 100644 --- a/cmd/kubeadm/app/cmd/upgrade/BUILD +++ b/cmd/kubeadm/app/cmd/upgrade/BUILD @@ -14,7 +14,6 @@ go_library( visibility = ["//visibility:public"], deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", - "//cmd/kubeadm/app/apis/kubeadm/v1beta1:go_default_library", "//cmd/kubeadm/app/apis/kubeadm/validation:go_default_library", "//cmd/kubeadm/app/cmd/options:go_default_library", "//cmd/kubeadm/app/cmd/util:go_default_library", diff --git a/cmd/kubeadm/app/cmd/upgrade/apply.go b/cmd/kubeadm/app/cmd/upgrade/apply.go index b2188aa8fbc..d4ce6b5a1a2 100644 --- a/cmd/kubeadm/app/cmd/upgrade/apply.go +++ b/cmd/kubeadm/app/cmd/upgrade/apply.go @@ -27,7 +27,6 @@ import ( clientset "k8s.io/client-go/kubernetes" "k8s.io/klog" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" - kubeadmapiv1beta1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1" "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/validation" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util" @@ -55,14 +54,12 @@ type applyFlags struct { dryRun bool etcdUpgrade bool criSocket string - newK8sVersionStr string - newK8sVersion *version.Version imagePullTimeout time.Duration } -// SessionIsInteractive returns true if the session is of an interactive type (the default, can be opted out of with -y, -f or --dry-run) -func (f *applyFlags) SessionIsInteractive() bool { - return !f.nonInteractiveMode +// sessionIsInteractive returns true if the session is of an interactive type (the default, can be opted out of with -y, -f or --dry-run) +func (f *applyFlags) sessionIsInteractive() bool { + return !(f.nonInteractiveMode || f.dryRun || f.force) } // NewCmdApply returns the cobra command for `kubeadm upgrade apply` @@ -79,6 +76,7 @@ func NewCmdApply(apf *applyPlanFlags) *cobra.Command { DisableFlagsInUseLine: true, Short: "Upgrade your Kubernetes cluster to the specified version.", Run: func(cmd *cobra.Command, args []string) { + var userVersion string var err error flags.ignorePreflightErrorsSet, err = validation.ValidateIgnorePreflightErrors(flags.ignorePreflightErrors) kubeadmutil.CheckErr(err) @@ -90,32 +88,30 @@ func NewCmdApply(apf *applyPlanFlags) *cobra.Command { // If the version is specified in config file, pick up that value. if flags.cfgPath != "" { - klog.V(1).Infof("fetching configuration from file %s", flags.cfgPath) - // Note that cfg isn't preserved here, it's just an one-off to populate flags.newK8sVersionStr based on --config - cfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(flags.cfgPath, &kubeadmapiv1beta1.InitConfiguration{}) + // Note that cfg isn't preserved here, it's just an one-off to populate userVersion based on --config + cfg, err := configutil.LoadInitConfigurationFromFile(flags.cfgPath) kubeadmutil.CheckErr(err) if cfg.KubernetesVersion != "" { - flags.newK8sVersionStr = cfg.KubernetesVersion + userVersion = cfg.KubernetesVersion } } // If the new version is already specified in config file, version arg is optional. - if flags.newK8sVersionStr == "" { + if userVersion == "" { err = cmdutil.ValidateExactArgNumber(args, []string{"version"}) kubeadmutil.CheckErr(err) } // If option was specified in both args and config file, args will overwrite the config file. if len(args) == 1 { - flags.newK8sVersionStr = args[0] + userVersion = args[0] } - // Default the flags dynamically, based on each others' value - err = SetImplicitFlags(flags) + err = assertVersionStringIsEmpty(userVersion) kubeadmutil.CheckErr(err) - err = runApply(flags) + err = runApply(flags, userVersion) kubeadmutil.CheckErr(err) }, } @@ -142,64 +138,64 @@ func NewCmdApply(apf *applyPlanFlags) *cobra.Command { // - Gets the configuration from the kubeadm-config ConfigMap in the cluster // - Enforces all version skew policies // - Asks the user if they really want to upgrade -// - Makes sure the control plane images are available locally on the master(s) +// - Makes sure the control plane images are available locally on the control-plane(s) // - Upgrades the control plane components // - Applies the other resources that'd be created with kubeadm init as well, like // - Creating the RBAC rules for the bootstrap tokens and the cluster-info ConfigMap // - Applying new kube-dns and kube-proxy manifests // - Uploads the newly used configuration to the cluster ConfigMap -func runApply(flags *applyFlags) error { +func runApply(flags *applyFlags, userVersion string) error { // Start with the basics, verify that the cluster is healthy and get the configuration from the cluster (using the ConfigMap) klog.V(1).Infof("[upgrade/apply] verifying health of cluster") klog.V(1).Infof("[upgrade/apply] retrieving configuration from cluster") - upgradeVars, err := enforceRequirements(flags.applyPlanFlags, flags.dryRun, flags.newK8sVersionStr) + client, versionGetter, cfg, err := enforceRequirements(flags.applyPlanFlags, flags.dryRun, userVersion) if err != nil { return err } if len(flags.criSocket) != 0 { fmt.Println("[upgrade/apply] Respecting the --cri-socket flag that is set with higher priority than the config file.") - upgradeVars.cfg.NodeRegistration.CRISocket = flags.criSocket + cfg.NodeRegistration.CRISocket = flags.criSocket } // Validate requested and validate actual version klog.V(1).Infof("[upgrade/apply] validating requested and actual version") - if err := configutil.NormalizeKubernetesVersion(&upgradeVars.cfg.ClusterConfiguration); err != nil { + if err := configutil.NormalizeKubernetesVersion(&cfg.ClusterConfiguration); err != nil { return err } // Use normalized version string in all following code. - flags.newK8sVersionStr = upgradeVars.cfg.KubernetesVersion - k8sVer, err := version.ParseSemantic(flags.newK8sVersionStr) + newK8sVersion, err := version.ParseSemantic(cfg.KubernetesVersion) if err != nil { - return errors.Errorf("unable to parse normalized version %q as a semantic version", flags.newK8sVersionStr) + return errors.Errorf("unable to parse normalized version %q as a semantic version", cfg.KubernetesVersion) } - flags.newK8sVersion = k8sVer - if err := features.ValidateVersion(features.InitFeatureGates, upgradeVars.cfg.FeatureGates, upgradeVars.cfg.KubernetesVersion); err != nil { + if err := features.ValidateVersion(features.InitFeatureGates, cfg.FeatureGates, cfg.KubernetesVersion); err != nil { return err } // Enforce the version skew policies klog.V(1).Infof("[upgrade/version] enforcing version skew policies") - if err := EnforceVersionPolicies(flags, upgradeVars.versionGetter); err != nil { + if err := EnforceVersionPolicies(cfg.KubernetesVersion, newK8sVersion, flags, versionGetter); err != nil { return errors.Wrap(err, "[upgrade/version] FATAL") } - // If the current session is interactive, ask the user whether they really want to upgrade - if flags.SessionIsInteractive() { + // If the current session is interactive, ask the user whether they really want to upgrade. + if flags.sessionIsInteractive() { if err := InteractivelyConfirmUpgrade("Are you sure you want to proceed with the upgrade?"); err != nil { return err } } + waiter := getWaiter(flags.dryRun, client) + // Use a prepuller implementation based on creating DaemonSets // and block until all DaemonSets are ready; then we know for sure that all control plane images are cached locally klog.V(1).Infof("[upgrade/apply] creating prepuller") - prepuller := upgrade.NewDaemonSetPrepuller(upgradeVars.client, upgradeVars.waiter, &upgradeVars.cfg.ClusterConfiguration) + prepuller := upgrade.NewDaemonSetPrepuller(client, waiter, &cfg.ClusterConfiguration) componentsToPrepull := constants.MasterComponents - if upgradeVars.cfg.Etcd.External == nil && flags.etcdUpgrade { + if cfg.Etcd.External == nil && flags.etcdUpgrade { componentsToPrepull = append(componentsToPrepull, constants.Etcd) } if err := upgrade.PrepullImagesInParallel(prepuller, flags.imagePullTimeout, componentsToPrepull); err != nil { @@ -208,13 +204,13 @@ func runApply(flags *applyFlags) error { // Now; perform the upgrade procedure klog.V(1).Infof("[upgrade/apply] performing upgrade") - if err := PerformControlPlaneUpgrade(flags, upgradeVars.client, upgradeVars.waiter, upgradeVars.cfg); err != nil { + if err := PerformControlPlaneUpgrade(flags, client, waiter, cfg); err != nil { return errors.Wrap(err, "[upgrade/apply] FATAL") } // Upgrade RBAC rules and addons. klog.V(1).Infof("[upgrade/postupgrade] upgrading RBAC rules and addons") - if err := upgrade.PerformPostUpgradeTasks(upgradeVars.client, upgradeVars.cfg, flags.newK8sVersion, flags.dryRun); err != nil { + if err := upgrade.PerformPostUpgradeTasks(client, cfg, newK8sVersion, flags.dryRun); err != nil { return errors.Wrap(err, "[upgrade/postupgrade] FATAL post-upgrade error") } @@ -224,21 +220,15 @@ func runApply(flags *applyFlags) error { } fmt.Println("") - fmt.Printf("[upgrade/successful] SUCCESS! Your cluster was upgraded to %q. Enjoy!\n", flags.newK8sVersionStr) + fmt.Printf("[upgrade/successful] SUCCESS! Your cluster was upgraded to %q. Enjoy!\n", cfg.KubernetesVersion) fmt.Println("") fmt.Println("[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.") return nil } -// SetImplicitFlags handles dynamically defaulting flags based on each other's value -func SetImplicitFlags(flags *applyFlags) error { - // If we are in dry-run or force mode; we should automatically execute this command non-interactively - if flags.dryRun || flags.force { - flags.nonInteractiveMode = true - } - - if len(flags.newK8sVersionStr) == 0 { +func assertVersionStringIsEmpty(version string) error { + if len(version) == 0 { return errors.New("version string can't be empty") } @@ -247,10 +237,10 @@ func SetImplicitFlags(flags *applyFlags) error { // EnforceVersionPolicies makes sure that the version the user specified is valid to upgrade to // There are both fatal and skippable (with --force) errors -func EnforceVersionPolicies(flags *applyFlags, versionGetter upgrade.VersionGetter) error { - fmt.Printf("[upgrade/version] You have chosen to change the cluster version to %q\n", flags.newK8sVersionStr) +func EnforceVersionPolicies(newK8sVersionStr string, newK8sVersion *version.Version, flags *applyFlags, versionGetter upgrade.VersionGetter) error { + fmt.Printf("[upgrade/version] You have chosen to change the cluster version to %q\n", newK8sVersionStr) - versionSkewErrs := upgrade.EnforceVersionPolicies(versionGetter, flags.newK8sVersionStr, flags.newK8sVersion, flags.allowExperimentalUpgrades, flags.allowRCUpgrades) + versionSkewErrs := upgrade.EnforceVersionPolicies(versionGetter, newK8sVersionStr, newK8sVersion, flags.allowExperimentalUpgrades, flags.allowRCUpgrades) if versionSkewErrs != nil { if len(versionSkewErrs.Mandatory) > 0 { @@ -275,7 +265,7 @@ func EnforceVersionPolicies(flags *applyFlags, versionGetter upgrade.VersionGett func PerformControlPlaneUpgrade(flags *applyFlags, client clientset.Interface, waiter apiclient.Waiter, internalcfg *kubeadmapi.InitConfiguration) error { // OK, the cluster is hosted using static pods. Upgrade a static-pod hosted cluster - fmt.Printf("[upgrade/apply] Upgrading your Static Pod-hosted control plane to version %q...\n", flags.newK8sVersionStr) + fmt.Printf("[upgrade/apply] Upgrading your Static Pod-hosted control plane to version %q...\n", internalcfg.KubernetesVersion) if flags.dryRun { return DryRunStaticPodUpgrade(internalcfg) diff --git a/cmd/kubeadm/app/cmd/upgrade/apply_test.go b/cmd/kubeadm/app/cmd/upgrade/apply_test.go index 2a820efdcfe..36b0cb168f9 100644 --- a/cmd/kubeadm/app/cmd/upgrade/apply_test.go +++ b/cmd/kubeadm/app/cmd/upgrade/apply_test.go @@ -19,143 +19,73 @@ package upgrade import ( "io/ioutil" "os" - "reflect" "testing" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" "k8s.io/kubernetes/cmd/kubeadm/app/constants" ) -func TestSetImplicitFlags(t *testing.T) { - var tests = []struct { - name string - flags *applyFlags - expectedFlags applyFlags - errExpected bool +func TestAssertVersionStringIsEmpty(t *testing.T) { + var tcases = []struct { + name string + version string + expectedErr bool }{ { - name: "if not dryRun or force is set; the nonInteractiveMode field should not be touched", - flags: &applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: false, - force: false, - nonInteractiveMode: false, - }, - expectedFlags: applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: false, - force: false, - nonInteractiveMode: false, - }, + name: "Version string is not empty", + version: "some string", }, { - name: "if not dryRun or force is set; the nonInteractiveMode field should not be touched", - flags: &applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: false, - force: false, - nonInteractiveMode: true, - }, - expectedFlags: applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: false, - force: false, - nonInteractiveMode: true, - }, - }, - { - name: "if dryRun or force is set; the nonInteractiveMode field should be set to true", - flags: &applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: true, - force: false, - nonInteractiveMode: false, - }, - expectedFlags: applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: true, - force: false, - nonInteractiveMode: true, - }, - }, - { - name: "if dryRun or force is set; the nonInteractiveMode field should be set to true", - flags: &applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: false, - force: true, - nonInteractiveMode: false, - }, - expectedFlags: applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: false, - force: true, - nonInteractiveMode: true, - }, - }, - { - name: "if dryRun or force is set; the nonInteractiveMode field should be set to true", - flags: &applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: true, - force: true, - nonInteractiveMode: false, - }, - expectedFlags: applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: true, - force: true, - nonInteractiveMode: true, - }, - }, - { - name: "if dryRun or force is set; the nonInteractiveMode field should be set to true", - flags: &applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: true, - force: true, - nonInteractiveMode: true, - }, - expectedFlags: applyFlags{ - newK8sVersionStr: "v1.8.0", - dryRun: true, - force: true, - nonInteractiveMode: true, - }, - }, - { - name: "if the new version is empty; it should error out", - flags: &applyFlags{ - newK8sVersionStr: "", - }, - expectedFlags: applyFlags{ - newK8sVersionStr: "", - }, - errExpected: true, + name: "Version string is empty", + expectedErr: true, }, } - for _, rt := range tests { - t.Run(rt.name, func(t *testing.T) { - actualErr := SetImplicitFlags(rt.flags) - - // If an error was returned; make newK8sVersion nil so it's easy to match using reflect.DeepEqual later (instead of a random pointer) - if actualErr != nil { - rt.flags.newK8sVersion = nil + for _, tt := range tcases { + t.Run(tt.name, func(t *testing.T) { + if assertVersionStringIsEmpty(tt.version) == nil && tt.expectedErr { + t.Errorf("No error triggered for string '%s'", tt.version) } + }) + } +} - if !reflect.DeepEqual(*rt.flags, rt.expectedFlags) { - t.Errorf( - "failed SetImplicitFlags:\n\texpected flags: %v\n\t actual: %v", - rt.expectedFlags, - *rt.flags, - ) - } - if (actualErr != nil) != rt.errExpected { - t.Errorf( - "failed SetImplicitFlags:\n\texpected error: %t\n\t actual: %t", - rt.errExpected, - (actualErr != nil), - ) +func TestSessionIsInteractive(t *testing.T) { + var tcases = []struct { + name string + flags *applyFlags + expected bool + }{ + { + name: "Explicitly non-interactive", + flags: &applyFlags{ + nonInteractiveMode: true, + }, + expected: false, + }, + { + name: "Implicitly non-interactive since --dryRun is used", + flags: &applyFlags{ + dryRun: true, + }, + expected: false, + }, + { + name: "Implicitly non-interactive since --force is used", + flags: &applyFlags{ + force: true, + }, + expected: false, + }, + { + name: "Interactive session", + flags: &applyFlags{}, + expected: true, + }, + } + for _, tt := range tcases { + t.Run(tt.name, func(t *testing.T) { + if tt.flags.sessionIsInteractive() != tt.expected { + t.Error("unexpected result") } }) } diff --git a/cmd/kubeadm/app/cmd/upgrade/common.go b/cmd/kubeadm/app/cmd/upgrade/common.go index e70a8c0ceaa..0b99a4b854c 100644 --- a/cmd/kubeadm/app/cmd/upgrade/common.go +++ b/cmd/kubeadm/app/cmd/upgrade/common.go @@ -42,49 +42,47 @@ import ( kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig" ) -// upgradeVariables holds variables needed for performing an upgrade or planning to do so -// TODO - Restructure or rename upgradeVariables -type upgradeVariables struct { - client clientset.Interface - cfg *kubeadmapi.InitConfiguration - versionGetter upgrade.VersionGetter - waiter apiclient.Waiter -} - // enforceRequirements verifies that it's okay to upgrade and then returns the variables needed for the rest of the procedure -func enforceRequirements(flags *applyPlanFlags, dryRun bool, newK8sVersion string) (*upgradeVariables, error) { +func enforceRequirements(flags *applyPlanFlags, dryRun bool, newK8sVersion string) (clientset.Interface, upgrade.VersionGetter, *kubeadmapi.InitConfiguration, error) { client, err := getClient(flags.kubeConfigPath, dryRun) if err != nil { - return nil, errors.Wrapf(err, "couldn't create a Kubernetes client from file %q", flags.kubeConfigPath) + return nil, nil, nil, errors.Wrapf(err, "couldn't create a Kubernetes client from file %q", flags.kubeConfigPath) } // Check if the cluster is self-hosted if upgrade.IsControlPlaneSelfHosted(client) { - return nil, errors.Errorf("cannot upgrade a self-hosted control plane") + return nil, nil, nil, errors.New("cannot upgrade a self-hosted control plane") } // Run healthchecks against the cluster if err := upgrade.CheckClusterHealth(client, flags.ignorePreflightErrorsSet); err != nil { - return nil, errors.Wrap(err, "[upgrade/health] FATAL") + return nil, nil, nil, errors.Wrap(err, "[upgrade/health] FATAL") } // Fetch the configuration from a file or ConfigMap and validate it fmt.Println("[upgrade/config] Making sure the configuration is correct:") - cfg, err := configutil.FetchConfigFromFileOrCluster(client, os.Stdout, "upgrade/config", flags.cfgPath, false) + + var cfg *kubeadmapi.InitConfiguration + if flags.cfgPath != "" { + cfg, err = configutil.LoadInitConfigurationFromFile(flags.cfgPath) + } else { + cfg, err = configutil.FetchInitConfigurationFromCluster(client, os.Stdout, "upgrade/config", false) + } + if err != nil { if apierrors.IsNotFound(err) { fmt.Printf("[upgrade/config] In order to upgrade, a ConfigMap called %q in the %s namespace must exist.\n", constants.KubeadmConfigConfigMap, metav1.NamespaceSystem) fmt.Println("[upgrade/config] Without this information, 'kubeadm upgrade' won't know how to configure your upgraded cluster.") fmt.Println("") fmt.Println("[upgrade/config] Next steps:") - fmt.Printf("\t- OPTION 1: Run 'kubeadm config upload from-flags' and specify the same CLI arguments you passed to 'kubeadm init' when you created your master.\n") - fmt.Printf("\t- OPTION 2: Run 'kubeadm config upload from-file' and specify the same config file you passed to 'kubeadm init' when you created your master.\n") + fmt.Printf("\t- OPTION 1: Run 'kubeadm config upload from-flags' and specify the same CLI arguments you passed to 'kubeadm init' when you created your control-plane.\n") + fmt.Printf("\t- OPTION 2: Run 'kubeadm config upload from-file' and specify the same config file you passed to 'kubeadm init' when you created your control-plane.\n") fmt.Printf("\t- OPTION 3: Pass a config file to 'kubeadm upgrade' using the --config flag.\n") fmt.Println("") err = errors.Errorf("the ConfigMap %q in the %s namespace used for getting configuration information was not found", constants.KubeadmConfigConfigMap, metav1.NamespaceSystem) } - return nil, errors.Wrap(err, "[upgrade/config] FATAL") + return nil, nil, nil, errors.Wrap(err, "[upgrade/config] FATAL") } // If a new k8s version should be set, apply the change before printing the config @@ -96,7 +94,7 @@ func enforceRequirements(flags *applyPlanFlags, dryRun bool, newK8sVersion strin if flags.featureGatesString != "" { cfg.FeatureGates, err = features.NewFeatureGate(&features.InitFeatureGates, flags.featureGatesString) if err != nil { - return nil, errors.Wrap(err, "[upgrade/config] FATAL") + return nil, nil, nil, errors.Wrap(err, "[upgrade/config] FATAL") } } @@ -105,7 +103,7 @@ func enforceRequirements(flags *applyPlanFlags, dryRun bool, newK8sVersion strin for _, m := range msg { fmt.Printf("[upgrade/config] %s\n", m) } - return nil, errors.New("[upgrade/config] FATAL. Unable to upgrade a cluster using deprecated feature-gate flags. Please see the release notes") + return nil, nil, nil, errors.New("[upgrade/config] FATAL. Unable to upgrade a cluster using deprecated feature-gate flags. Please see the release notes") } // If the user told us to print this information out; do it! @@ -113,14 +111,8 @@ func enforceRequirements(flags *applyPlanFlags, dryRun bool, newK8sVersion strin printConfiguration(&cfg.ClusterConfiguration, os.Stdout) } - return &upgradeVariables{ - client: client, - cfg: cfg, - // Use a real version getter interface that queries the API server, the kubeadm client and the Kubernetes CI system for latest versions - versionGetter: upgrade.NewOfflineVersionGetter(upgrade.NewKubeVersionGetter(client, os.Stdout), newK8sVersion), - // Use the waiter conditionally based on the dryrunning variable - waiter: getWaiter(dryRun, client), - }, nil + // Use a real version getter interface that queries the API server, the kubeadm client and the Kubernetes CI system for latest versions + return client, upgrade.NewOfflineVersionGetter(upgrade.NewKubeVersionGetter(client, os.Stdout), cfg.KubernetesVersion), cfg, nil } // printConfiguration prints the external version of the API to yaml diff --git a/cmd/kubeadm/app/cmd/upgrade/diff.go b/cmd/kubeadm/app/cmd/upgrade/diff.go index 8c55c253352..7d3f3d14ab4 100644 --- a/cmd/kubeadm/app/cmd/upgrade/diff.go +++ b/cmd/kubeadm/app/cmd/upgrade/diff.go @@ -26,7 +26,6 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/version" "k8s.io/klog" - kubeadmapiv1beta1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util" "k8s.io/kubernetes/cmd/kubeadm/app/constants" @@ -78,8 +77,7 @@ func NewCmdDiff(out io.Writer) *cobra.Command { func runDiff(flags *diffFlags, args []string) error { // If the version is specified in config file, pick up that value. - klog.V(1).Infof("fetching configuration from file %s", flags.cfgPath) - cfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(flags.cfgPath, &kubeadmapiv1beta1.InitConfiguration{}) + cfg, err := configutil.LoadInitConfigurationFromFile(flags.cfgPath) if err != nil { return err } diff --git a/cmd/kubeadm/app/cmd/upgrade/node.go b/cmd/kubeadm/app/cmd/upgrade/node.go index f7d25d735ac..34d578bf834 100644 --- a/cmd/kubeadm/app/cmd/upgrade/node.go +++ b/cmd/kubeadm/app/cmd/upgrade/node.go @@ -229,7 +229,7 @@ func RunUpgradeControlPlane(flags *controlplaneUpgradeFlags) error { waiter := apiclient.NewKubeWaiter(client, upgrade.UpgradeManifestTimeout, os.Stdout) // Fetches the cluster configuration - cfg, err := configutil.FetchConfigFromFileOrCluster(client, os.Stdout, "upgrade", "", false) + cfg, err := configutil.FetchInitConfigurationFromCluster(client, os.Stdout, "upgrade", false) if err != nil { return errors.Wrap(err, "unable to fetch the kubeadm-config ConfigMap") } diff --git a/cmd/kubeadm/app/cmd/upgrade/plan.go b/cmd/kubeadm/app/cmd/upgrade/plan.go index 1b047b5dce1..1e671ec198b 100644 --- a/cmd/kubeadm/app/cmd/upgrade/plan.go +++ b/cmd/kubeadm/app/cmd/upgrade/plan.go @@ -29,7 +29,6 @@ import ( "k8s.io/apimachinery/pkg/util/version" "k8s.io/klog" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" - kubeadmapiv1beta1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1" "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/validation" "k8s.io/kubernetes/cmd/kubeadm/app/phases/upgrade" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" @@ -39,8 +38,6 @@ import ( type planFlags struct { *applyPlanFlags - - newK8sVersionStr string } // NewCmdPlan returns the cobra command for `kubeadm upgrade plan` @@ -53,6 +50,7 @@ func NewCmdPlan(apf *applyPlanFlags) *cobra.Command { Use: "plan [version] [flags]", Short: "Check which versions are available to upgrade to and validate whether your current cluster is upgradeable. To skip the internet check, pass in the optional [version] parameter.", Run: func(_ *cobra.Command, args []string) { + var userVersion string var err error flags.ignorePreflightErrorsSet, err = validation.ValidateIgnorePreflightErrors(flags.ignorePreflightErrors) kubeadmutil.CheckErr(err) @@ -62,20 +60,19 @@ func NewCmdPlan(apf *applyPlanFlags) *cobra.Command { // If the version is specified in config file, pick up that value. if flags.cfgPath != "" { - klog.V(1).Infof("fetching configuration from file %s", flags.cfgPath) - cfg, err := configutil.ConfigFileAndDefaultsToInternalConfig(flags.cfgPath, &kubeadmapiv1beta1.InitConfiguration{}) + cfg, err := configutil.LoadInitConfigurationFromFile(flags.cfgPath) kubeadmutil.CheckErr(err) if cfg.KubernetesVersion != "" { - flags.newK8sVersionStr = cfg.KubernetesVersion + userVersion = cfg.KubernetesVersion } } // If option was specified in both args and config file, args will overwrite the config file. if len(args) == 1 { - flags.newK8sVersionStr = args[0] + userVersion = args[0] } - err = runPlan(flags) + err = runPlan(flags, userVersion) kubeadmutil.CheckErr(err) }, } @@ -86,11 +83,11 @@ func NewCmdPlan(apf *applyPlanFlags) *cobra.Command { } // runPlan takes care of outputting available versions to upgrade to for the user -func runPlan(flags *planFlags) error { +func runPlan(flags *planFlags, userVersion string) error { // Start with the basics, verify that the cluster is healthy, build a client and a versionGetter. Never dry-run when planning. klog.V(1).Infof("[upgrade/plan] verifying health of cluster") klog.V(1).Infof("[upgrade/plan] retrieving configuration from cluster") - upgradeVars, err := enforceRequirements(flags.applyPlanFlags, false, flags.newK8sVersionStr) + client, versionGetter, cfg, err := enforceRequirements(flags.applyPlanFlags, false, userVersion) if err != nil { return err } @@ -99,20 +96,20 @@ func runPlan(flags *planFlags) error { // Currently this is the only method we have for distinguishing // external etcd vs static pod etcd - isExternalEtcd := upgradeVars.cfg.Etcd.External != nil + isExternalEtcd := cfg.Etcd.External != nil if isExternalEtcd { client, err := etcdutil.New( - upgradeVars.cfg.Etcd.External.Endpoints, - upgradeVars.cfg.Etcd.External.CAFile, - upgradeVars.cfg.Etcd.External.CertFile, - upgradeVars.cfg.Etcd.External.KeyFile) + cfg.Etcd.External.Endpoints, + cfg.Etcd.External.CAFile, + cfg.Etcd.External.CertFile, + cfg.Etcd.External.KeyFile) if err != nil { return err } etcdClient = client } else { // Connects to local/stacked etcd existing in the cluster - client, err := etcdutil.NewFromCluster(upgradeVars.client, upgradeVars.cfg.CertificatesDir) + client, err := etcdutil.NewFromCluster(client, cfg.CertificatesDir) if err != nil { return err } @@ -121,7 +118,7 @@ func runPlan(flags *planFlags) error { // Compute which upgrade possibilities there are klog.V(1).Infof("[upgrade/plan] computing upgrade possibilities") - availUpgrades, err := upgrade.GetAvailableUpgrades(upgradeVars.versionGetter, flags.allowExperimentalUpgrades, flags.allowRCUpgrades, etcdClient, upgradeVars.cfg.DNS.Type, upgradeVars.client) + availUpgrades, err := upgrade.GetAvailableUpgrades(versionGetter, flags.allowExperimentalUpgrades, flags.allowRCUpgrades, etcdClient, cfg.DNS.Type, client) if err != nil { return errors.Wrap(err, "[upgrade/versions] FATAL") } diff --git a/cmd/kubeadm/app/cmd/upgrade/testdata/diff_master_config.yaml b/cmd/kubeadm/app/cmd/upgrade/testdata/diff_master_config.yaml index c9ae6e2bd36..7fc1180cfc9 100644 --- a/cmd/kubeadm/app/cmd/upgrade/testdata/diff_master_config.yaml +++ b/cmd/kubeadm/app/cmd/upgrade/testdata/diff_master_config.yaml @@ -1,3 +1,3 @@ -apiVersion: kubeadm.k8s.io/v1alpha3 +apiVersion: kubeadm.k8s.io/v1beta1 kind: ClusterConfiguration -kubernetesVersion: 1.12.0 +kubernetesVersion: 1.13.0 diff --git a/cmd/kubeadm/app/cmd/util/join.go b/cmd/kubeadm/app/cmd/util/join.go index 02408dae303..c05bc7e1ac7 100644 --- a/cmd/kubeadm/app/cmd/util/join.go +++ b/cmd/kubeadm/app/cmd/util/join.go @@ -1,5 +1,5 @@ /* -Copyright 2018 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -30,12 +30,12 @@ import ( ) var joinCommandTemplate = template.Must(template.New("join").Parse(`` + - `kubeadm join {{.MasterHostPort}} --token {{.Token}}{{range $h := .CAPubKeyPins}} --discovery-token-ca-cert-hash {{$h}}{{end}}`, + `kubeadm join {{.MasterHostPort}} --token {{.Token}}{{range $h := .CAPubKeyPins}} --discovery-token-ca-cert-hash {{$h}}{{end}}{{if .UploadCerts}} --certificate-key {{.CertificateKey}}{{end}}`, )) // GetJoinCommand returns the kubeadm join command for a given token and // and Kubernetes cluster (the current cluster in the kubeconfig file) -func GetJoinCommand(kubeConfigFile string, token string, skipTokenPrint bool) (string, error) { +func GetJoinCommand(kubeConfigFile, token, key string, skipTokenPrint, uploadCerts bool) (string, error) { // load the kubeconfig file to get the CA certificate and endpoint config, err := clientcmd.LoadFromFile(kubeConfigFile) if err != nil { @@ -74,6 +74,8 @@ func GetJoinCommand(kubeConfigFile string, token string, skipTokenPrint bool) (s "Token": token, "CAPubKeyPins": publicKeyPins, "MasterHostPort": strings.Replace(clusterConfig.Server, "https://", "", -1), + "UploadCerts": uploadCerts, + "CertificateKey": key, } if skipTokenPrint { diff --git a/cmd/kubeadm/app/constants/constants.go b/cmd/kubeadm/app/constants/constants.go index 3e8a647bdc8..8aef0600a37 100644 --- a/cmd/kubeadm/app/constants/constants.go +++ b/cmd/kubeadm/app/constants/constants.go @@ -1,5 +1,5 @@ /* -Copyright 2016 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -26,7 +26,7 @@ import ( "time" "github.com/pkg/errors" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/version" bootstrapapi "k8s.io/cluster-bootstrap/token/api" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" @@ -191,6 +191,13 @@ const ( // Default behaviour is 24 hours DefaultTokenDuration = 24 * time.Hour + // DefaultCertTokenDuration specifies the default amount of time that the token used by upload certs will be valid + // Default behaviour is 2 hours + DefaultCertTokenDuration = 2 * time.Hour + + // CertificateKeySize specifies the size of the key used to encrypt certificates on uploadcerts phase + CertificateKeySize = 32 + // LabelNodeRoleMaster specifies that a node is a master // This is a duplicate definition of the constant in pkg/controller/service/service_controller.go LabelNodeRoleMaster = "node-role.kubernetes.io/master" @@ -352,6 +359,9 @@ const ( // MasterNumCPU is the number of CPUs required on master MasterNumCPU = 2 + + // KubeadmCertsSecret specifies in what Secret in the kube-system namespace the certificates should be stored + KubeadmCertsSecret = "kubeadm-certs" ) var ( @@ -393,6 +403,10 @@ var ( 13: "3.2.24", 14: "3.3.10", } + + // KubeadmCertsClusterRoleName sets the name for the ClusterRole that allows + // the bootstrap tokens to access the kubeadm-certs Secret during the join of a new control-plane + KubeadmCertsClusterRoleName = fmt.Sprintf("kubeadm:%s", KubeadmCertsSecret) ) // EtcdSupportedVersion returns officially supported version of etcd for a specific Kubernetes release diff --git a/cmd/kubeadm/app/discovery/token/token.go b/cmd/kubeadm/app/discovery/token/token.go index f3ca46830e2..3f5b0c0116d 100644 --- a/cmd/kubeadm/app/discovery/token/token.go +++ b/cmd/kubeadm/app/discovery/token/token.go @@ -93,7 +93,7 @@ func RetrieveValidatedConfigInfo(cfg *kubeadmapi.JoinConfiguration) (*clientcmda } detachedJWSToken, ok := insecureClusterInfo.Data[bootstrapapi.JWSSignatureKeyPrefix+token.ID] if !ok || len(detachedJWSToken) == 0 { - return nil, errors.Errorf("token id %q is invalid for this cluster or it has expired. Use \"kubeadm token create\" on the master node to creating a new valid token", token.ID) + return nil, errors.Errorf("token id %q is invalid for this cluster or it has expired. Use \"kubeadm token create\" on the control-plane node to create a new valid token", token.ID) } if !bootstrap.DetachedTokenIsValid(detachedJWSToken, insecureKubeconfigString, token.ID, token.Secret) { return nil, errors.New("failed to verify JWS signature of received cluster info object, can't trust this API Server") diff --git a/cmd/kubeadm/app/kubeadm.go b/cmd/kubeadm/app/kubeadm.go index 030abca5d94..34165f4727f 100644 --- a/cmd/kubeadm/app/kubeadm.go +++ b/cmd/kubeadm/app/kubeadm.go @@ -21,15 +21,17 @@ import ( "os" "github.com/spf13/pflag" + + // ensure libs have a chance to globally register their flags _ "k8s.io/klog" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/kubernetes/cmd/kubeadm/app/cmd" ) // Run creates and executes new kubeadm command func Run() error { - pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) pflag.CommandLine.AddGoFlagSet(flag.CommandLine) pflag.Set("logtostderr", "true") diff --git a/cmd/kubeadm/app/phases/addons/dns/BUILD b/cmd/kubeadm/app/phases/addons/dns/BUILD index aea83df8f4b..4464196728c 100644 --- a/cmd/kubeadm/app/phases/addons/dns/BUILD +++ b/cmd/kubeadm/app/phases/addons/dns/BUILD @@ -14,11 +14,13 @@ go_test( "//cmd/kubeadm/app/constants:go_default_library", "//cmd/kubeadm/app/util:go_default_library", "//pkg/apis/core:go_default_library", + "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", "//staging/src/k8s.io/client-go/testing:go_default_library", ], ) diff --git a/cmd/kubeadm/app/phases/addons/dns/dns_test.go b/cmd/kubeadm/app/phases/addons/dns/dns_test.go index f22a4ec7ca8..bd8c27db819 100644 --- a/cmd/kubeadm/app/phases/addons/dns/dns_test.go +++ b/cmd/kubeadm/app/phases/addons/dns/dns_test.go @@ -20,11 +20,14 @@ import ( "strings" "testing" + apps "k8s.io/api/apps/v1" "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + kuberuntime "k8s.io/apimachinery/pkg/runtime" clientsetfake "k8s.io/client-go/kubernetes/fake" + clientsetscheme "k8s.io/client-go/kubernetes/scheme" core "k8s.io/client-go/testing" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" @@ -425,3 +428,42 @@ func TestTranslateFederationKubeDNSToCoreDNS(t *testing.T) { } } } + +func TestDeploymentsHaveSystemClusterCriticalPriorityClassName(t *testing.T) { + testCases := []struct { + manifest string + data interface{} + }{ + { + manifest: KubeDNSDeployment, + data: struct{ DeploymentName, KubeDNSImage, DNSMasqImage, SidecarImage, DNSBindAddr, DNSProbeAddr, DNSDomain, MasterTaintKey string }{ + DeploymentName: "foo", + KubeDNSImage: "foo", + DNSMasqImage: "foo", + SidecarImage: "foo", + DNSBindAddr: "foo", + DNSProbeAddr: "foo", + DNSDomain: "foo", + MasterTaintKey: "foo", + }, + }, + { + manifest: CoreDNSDeployment, + data: struct{ DeploymentName, Image, MasterTaintKey string }{ + DeploymentName: "foo", + Image: "foo", + MasterTaintKey: "foo", + }, + }, + } + for _, testCase := range testCases { + deploymentBytes, _ := kubeadmutil.ParseTemplate(testCase.manifest, testCase.data) + deployment := &apps.Deployment{} + if err := kuberuntime.DecodeInto(clientsetscheme.Codecs.UniversalDecoder(), deploymentBytes, deployment); err != nil { + t.Errorf("unexpected error: %v", err) + } + if deployment.Spec.Template.Spec.PriorityClassName != "system-cluster-critical" { + t.Errorf("expected to see system-cluster-critical priority class name. Got %q instead", deployment.Spec.Template.Spec.PriorityClassName) + } + } +} diff --git a/cmd/kubeadm/app/phases/addons/dns/manifests.go b/cmd/kubeadm/app/phases/addons/dns/manifests.go index 0b361d604f2..74375c57447 100644 --- a/cmd/kubeadm/app/phases/addons/dns/manifests.go +++ b/cmd/kubeadm/app/phases/addons/dns/manifests.go @@ -43,6 +43,7 @@ spec: labels: k8s-app: kube-dns spec: + priorityClassName: system-cluster-critical volumes: - name: kube-dns-config configMap: @@ -235,6 +236,7 @@ spec: labels: k8s-app: kube-dns spec: + priorityClassName: system-cluster-critical serviceAccountName: coredns tolerations: - key: CriticalAddonsOnly @@ -277,6 +279,11 @@ spec: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 + readinessProbe: + httpGet: + path: /health + port: 8080 + scheme: HTTP securityContext: allowPrivilegeEscalation: false capabilities: diff --git a/cmd/kubeadm/app/phases/addons/proxy/BUILD b/cmd/kubeadm/app/phases/addons/proxy/BUILD index 455ffc16b82..874f75d124f 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/BUILD +++ b/cmd/kubeadm/app/phases/addons/proxy/BUILD @@ -17,10 +17,12 @@ go_test( "//cmd/kubeadm/app/util/config:go_default_library", "//pkg/apis/core:go_default_library", "//pkg/proxy/apis/config:go_default_library", + "//staging/src/k8s.io/api/apps/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", "//staging/src/k8s.io/client-go/testing:go_default_library", "//vendor/k8s.io/utils/pointer:go_default_library", ], diff --git a/cmd/kubeadm/app/phases/addons/proxy/manifests.go b/cmd/kubeadm/app/phases/addons/proxy/manifests.go index c47e6a7eaae..dbaf6eed621 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/manifests.go +++ b/cmd/kubeadm/app/phases/addons/proxy/manifests.go @@ -69,8 +69,6 @@ spec: metadata: labels: k8s-app: kube-proxy - annotations: - scheduler.alpha.kubernetes.io/critical-pod: "" spec: priorityClassName: system-node-critical containers: diff --git a/cmd/kubeadm/app/phases/addons/proxy/proxy_test.go b/cmd/kubeadm/app/phases/addons/proxy/proxy_test.go index a3d1beb42df..af24b474080 100644 --- a/cmd/kubeadm/app/phases/addons/proxy/proxy_test.go +++ b/cmd/kubeadm/app/phases/addons/proxy/proxy_test.go @@ -21,10 +21,13 @@ import ( "testing" "time" + apps "k8s.io/api/apps/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + kuberuntime "k8s.io/apimachinery/pkg/runtime" clientsetfake "k8s.io/client-go/kubernetes/fake" + clientsetscheme "k8s.io/client-go/kubernetes/scheme" core "k8s.io/client-go/testing" kubeadmapiv1beta1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1" "k8s.io/kubernetes/cmd/kubeadm/app/constants" @@ -201,7 +204,7 @@ func TestEnsureProxyAddon(t *testing.T) { masterConfig.Networking.PodSubnet = "2001:101::/96" } - intMaster, err := configutil.ConfigFileAndDefaultsToInternalConfig("", masterConfig) + intMaster, err := configutil.DefaultedInitConfiguration(masterConfig) if err != nil { t.Errorf("test failed to convert external to internal version") break @@ -255,3 +258,29 @@ func TestEnsureProxyAddon(t *testing.T) { } } } + +func TestDaemonSetsHaveSystemNodeCriticalPriorityClassName(t *testing.T) { + testCases := []struct { + manifest string + data interface{} + }{ + { + manifest: KubeProxyDaemonSet19, + data: struct{ Image, ProxyConfigMap, ProxyConfigMapKey string }{ + Image: "foo", + ProxyConfigMap: "foo", + ProxyConfigMapKey: "foo", + }, + }, + } + for _, testCase := range testCases { + daemonSetBytes, _ := kubeadmutil.ParseTemplate(testCase.manifest, testCase.data) + daemonSet := &apps.DaemonSet{} + if err := kuberuntime.DecodeInto(clientsetscheme.Codecs.UniversalDecoder(), daemonSetBytes, daemonSet); err != nil { + t.Errorf("unexpected error: %v", err) + } + if daemonSet.Spec.Template.Spec.PriorityClassName != "system-node-critical" { + t.Errorf("expected to see system-node-critical priority class name. Got %q instead", daemonSet.Spec.Template.Spec.PriorityClassName) + } + } +} diff --git a/cmd/kubeadm/app/phases/certs/certs.go b/cmd/kubeadm/app/phases/certs/certs.go index f620c22b5ec..de8a29e27d6 100644 --- a/cmd/kubeadm/app/phases/certs/certs.go +++ b/cmd/kubeadm/app/phases/certs/certs.go @@ -328,7 +328,7 @@ type certKeyLocation struct { } // SharedCertificateExists verifies if the shared certificates - the certificates that must be -// equal across masters: ca.key, ca.crt, sa.key, sa.pub + etcd/ca.key, etcd/ca.crt if local/stacked etcd +// equal across control-plane nodes: ca.key, ca.crt, sa.key, sa.pub + etcd/ca.key, etcd/ca.crt if local/stacked etcd func SharedCertificateExists(cfg *kubeadmapi.ClusterConfiguration) (bool, error) { if err := validateCACertAndKey(certKeyLocation{cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName, "", "CA"}); err != nil { diff --git a/cmd/kubeadm/app/phases/etcd/local.go b/cmd/kubeadm/app/phases/etcd/local.go index e912feef60e..5d5f5e4a6d4 100644 --- a/cmd/kubeadm/app/phases/etcd/local.go +++ b/cmd/kubeadm/app/phases/etcd/local.go @@ -18,7 +18,6 @@ package etcd import ( "fmt" - "os" "path/filepath" "strings" "time" @@ -51,14 +50,8 @@ func CreateLocalEtcdStaticPodManifestFile(manifestDir string, nodeName string, c return errors.New("etcd static pod manifest cannot be generated for cluster using external etcd") } // gets etcd StaticPodSpec - emptyInitialCluster := []etcdutil.Member{} + spec := GetEtcdPodSpec(cfg, endpoint, nodeName, []etcdutil.Member{}) - // creates target folder if not already exists - if err := os.MkdirAll(cfg.Etcd.Local.DataDir, 0700); err != nil { - return errors.Wrapf(err, "failed to create etcd directory %q", cfg.Etcd.Local.DataDir) - } - - spec := GetEtcdPodSpec(cfg, endpoint, nodeName, emptyInitialCluster) // writes etcd StaticPod to disk if err := staticpodutil.WriteStaticPodToDisk(kubeadmconstants.Etcd, manifestDir, spec); err != nil { return err @@ -110,11 +103,6 @@ func CreateStackedEtcdStaticPodManifestFile(client clientset.Interface, manifest fmt.Println("[etcd] Announced new etcd member joining to the existing etcd cluster") klog.V(1).Infof("Updated etcd member list: %v", initialCluster) - // creates target folder if not already exists - if err := os.MkdirAll(cfg.Etcd.Local.DataDir, 0700); err != nil { - return errors.Wrapf(err, "failed to create etcd directory %q", cfg.Etcd.Local.DataDir) - } - klog.V(1).Info("Creating local etcd static pod manifest file") // gets etcd StaticPodSpec, actualized for the current InitConfiguration and the new list of etcd members spec := GetEtcdPodSpec(cfg, endpoint, nodeName, initialCluster) diff --git a/cmd/kubeadm/app/phases/etcd/local_test.go b/cmd/kubeadm/app/phases/etcd/local_test.go index c5474088a63..aac26a7ea9d 100644 --- a/cmd/kubeadm/app/phases/etcd/local_test.go +++ b/cmd/kubeadm/app/phases/etcd/local_test.go @@ -31,7 +31,7 @@ import ( ) func TestGetEtcdPodSpec(t *testing.T) { - // Creates a Master Configuration + // Creates a ClusterConfiguration cfg := &kubeadmapi.ClusterConfiguration{ KubernetesVersion: "v1.7.0", Etcd: kubeadmapi.Etcd{ diff --git a/cmd/kubeadm/app/phases/kubeconfig/doc.go b/cmd/kubeadm/app/phases/kubeconfig/doc.go index 3389ab78acb..f8d5afa12f5 100644 --- a/cmd/kubeadm/app/phases/kubeconfig/doc.go +++ b/cmd/kubeadm/app/phases/kubeconfig/doc.go @@ -22,7 +22,7 @@ package kubeconfig INPUTS: From InitConfiguration - The Master API Server endpoint (AdvertiseAddress + BindPort) is required so the kubeconfig file knows where to find the master + The API Server endpoint (AdvertiseAddress + BindPort) is required so the kubeconfig file knows where to find the control-plane The KubernetesDir path is required for knowing where to put the kubeconfig files The PKIPath is required for knowing where all certificates should be stored diff --git a/cmd/kubeadm/app/phases/kubeconfig/kubeconfig.go b/cmd/kubeadm/app/phases/kubeconfig/kubeconfig.go index 9b8493d553b..63ebe94fd2b 100644 --- a/cmd/kubeadm/app/phases/kubeconfig/kubeconfig.go +++ b/cmd/kubeadm/app/phases/kubeconfig/kubeconfig.go @@ -271,7 +271,7 @@ func createKubeConfigFileIfNotExists(outDir, filename string, config *clientcmda // kubeadm doesn't validate the existing kubeconfig file more than this (kubeadm trusts the client certs to be valid) // Basically, if we find a kubeconfig file with the same path; the same CA cert and the same server URL; // kubeadm thinks those files are equal and doesn't bother writing a new file - fmt.Printf("[kubeconfig] Using existing up-to-date kubeconfig file: %q\n", kubeConfigFilePath) + fmt.Printf("[kubeconfig] Using existing kubeconfig file: %q\n", kubeConfigFilePath) return nil } diff --git a/cmd/kubeadm/app/phases/kubeconfig/kubeconfig_test.go b/cmd/kubeadm/app/phases/kubeconfig/kubeconfig_test.go index 83d159a3036..f48e3db90cb 100644 --- a/cmd/kubeadm/app/phases/kubeconfig/kubeconfig_test.go +++ b/cmd/kubeadm/app/phases/kubeconfig/kubeconfig_test.go @@ -45,7 +45,7 @@ func TestGetKubeConfigSpecsFailsIfCADoesntExists(t *testing.T) { tmpdir := testutil.SetupTempDir(t) defer os.RemoveAll(tmpdir) - // Creates a Master Configuration pointing to the pkidir folder + // Creates an InitConfiguration pointing to the pkidir folder cfg := &kubeadmapi.InitConfiguration{ ClusterConfiguration: kubeadmapi.ClusterConfiguration{ CertificatesDir: tmpdir, @@ -66,7 +66,7 @@ func TestGetKubeConfigSpecs(t *testing.T) { // Adds a pki folder with a ca certs to the temp folder pkidir := testutil.SetupPkiDirWithCertificateAuthorithy(t, tmpdir) - // Creates Master Configurations pointing to the pkidir folder + // Creates InitConfigurations pointing to the pkidir folder cfgs := []*kubeadmapi.InitConfiguration{ { LocalAPIEndpoint: kubeadmapi.APIEndpoint{AdvertiseAddress: "1.2.3.4", BindPort: 1234}, @@ -305,7 +305,7 @@ func TestCreateKubeconfigFilesAndWrappers(t *testing.T) { // Adds a pki folder with a ca certs to the temp folder pkidir := testutil.SetupPkiDirWithCertificateAuthorithy(t, tmpdir) - // Creates a Master Configuration pointing to the pkidir folder + // Creates an InitConfiguration pointing to the pkidir folder cfg := &kubeadmapi.InitConfiguration{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{AdvertiseAddress: "1.2.3.4", BindPort: 1234}, ClusterConfiguration: kubeadmapi.ClusterConfiguration{ @@ -335,7 +335,7 @@ func TestWriteKubeConfigFailsIfCADoesntExists(t *testing.T) { tmpdir := testutil.SetupTempDir(t) defer os.RemoveAll(tmpdir) - // Creates a Master Configuration pointing to the tmpdir folder + // Creates an InitConfiguration pointing to the tmpdir folder cfg := &kubeadmapi.InitConfiguration{ ClusterConfiguration: kubeadmapi.ClusterConfiguration{ CertificatesDir: tmpdir, @@ -382,7 +382,7 @@ func TestWriteKubeConfig(t *testing.T) { t.Fatalf("couldn't retrieve ca cert: %v", err) } - // Creates a Master Configuration pointing to the pkidir folder + // Creates an InitConfiguration pointing to the pkidir folder cfg := &kubeadmapi.InitConfiguration{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{AdvertiseAddress: "1.2.3.4", BindPort: 1234}, ClusterConfiguration: kubeadmapi.ClusterConfiguration{ diff --git a/cmd/kubeadm/app/phases/kubelet/BUILD b/cmd/kubeadm/app/phases/kubelet/BUILD index 2d639a8c001..6215de46da0 100644 --- a/cmd/kubeadm/app/phases/kubelet/BUILD +++ b/cmd/kubeadm/app/phases/kubelet/BUILD @@ -45,7 +45,6 @@ go_test( deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", "//cmd/kubeadm/app/constants:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/kubelet/apis/config:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/cmd/kubeadm/app/phases/kubelet/dynamic_test.go b/cmd/kubeadm/app/phases/kubelet/dynamic_test.go index c9d11e0629b..36ab695557e 100644 --- a/cmd/kubeadm/app/phases/kubelet/dynamic_test.go +++ b/cmd/kubeadm/app/phases/kubelet/dynamic_test.go @@ -25,7 +25,6 @@ import ( "k8s.io/apimachinery/pkg/util/version" "k8s.io/client-go/kubernetes/fake" core "k8s.io/client-go/testing" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) func TestEnableDynamicConfigForNode(t *testing.T) { @@ -35,7 +34,7 @@ func TestEnableDynamicConfigForNode(t *testing.T) { return true, &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: nodeName, - Labels: map[string]string{kubeletapis.LabelHostname: nodeName}, + Labels: map[string]string{v1.LabelHostname: nodeName}, }, Spec: v1.NodeSpec{ ConfigSource: &v1.NodeConfigSource{ diff --git a/cmd/kubeadm/app/phases/markcontrolplane/BUILD b/cmd/kubeadm/app/phases/markcontrolplane/BUILD index 039975f049d..9c42626dd89 100644 --- a/cmd/kubeadm/app/phases/markcontrolplane/BUILD +++ b/cmd/kubeadm/app/phases/markcontrolplane/BUILD @@ -12,7 +12,6 @@ go_test( embed = [":go_default_library"], deps = [ "//cmd/kubeadm/app/constants:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/util/node:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go b/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go index ab26bddd651..eb8f3b27c61 100644 --- a/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go +++ b/cmd/kubeadm/app/phases/markcontrolplane/markcontrolplane_test.go @@ -29,7 +29,6 @@ import ( clientset "k8s.io/client-go/kubernetes" restclient "k8s.io/client-go/rest" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/util/node" ) @@ -116,7 +115,7 @@ func TestMarkControlPlane(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: hostname, Labels: map[string]string{ - kubeletapis.LabelHostname: hostname, + v1.LabelHostname: hostname, }, }, } diff --git a/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go b/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go index 645573a00f9..5b8a4d0e169 100644 --- a/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go +++ b/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go @@ -34,8 +34,6 @@ const ( apiVersion: v1 kind: Pod metadata: - annotations: - scheduler.alpha.kubernetes.io/critical-pod: "" creationTimestamp: null name: kube-apiserver namespace: kube-system @@ -90,6 +88,7 @@ spec: name: ca-certs-etc-pki readOnly: true hostNetwork: true + priorityClassName: system-cluster-critical volumes: - hostPath: path: /etc/kubernetes/pki @@ -179,6 +178,7 @@ spec: hostNetwork: true nodeSelector: node-role.kubernetes.io/master: "" + priorityClassName: system-cluster-critical tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master @@ -205,8 +205,6 @@ status: apiVersion: v1 kind: Pod metadata: - annotations: - scheduler.alpha.kubernetes.io/critical-pod: "" creationTimestamp: null name: kube-controller-manager namespace: kube-system @@ -252,6 +250,7 @@ spec: name: ca-certs-etc-pki readOnly: true hostNetwork: true + priorityClassName: system-cluster-critical volumes: - hostPath: path: /etc/kubernetes/pki @@ -331,6 +330,7 @@ spec: hostNetwork: true nodeSelector: node-role.kubernetes.io/master: "" + priorityClassName: system-cluster-critical tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master @@ -361,8 +361,6 @@ status: apiVersion: v1 kind: Pod metadata: - annotations: - scheduler.alpha.kubernetes.io/critical-pod: "" creationTimestamp: null name: kube-scheduler namespace: kube-system @@ -392,6 +390,7 @@ spec: name: kubeconfig readOnly: true hostNetwork: true + priorityClassName: system-cluster-critical volumes: - hostPath: path: /etc/kubernetes/scheduler.conf @@ -446,6 +445,7 @@ spec: hostNetwork: true nodeSelector: node-role.kubernetes.io/master: "" + priorityClassName: system-cluster-critical tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master diff --git a/cmd/kubeadm/app/phases/upgrade/BUILD b/cmd/kubeadm/app/phases/upgrade/BUILD index ffaae1e84c2..484a6a0465c 100644 --- a/cmd/kubeadm/app/phases/upgrade/BUILD +++ b/cmd/kubeadm/app/phases/upgrade/BUILD @@ -76,7 +76,6 @@ go_test( embed = [":go_default_library"], deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", - "//cmd/kubeadm/app/apis/kubeadm/validation:go_default_library", "//cmd/kubeadm/app/constants:go_default_library", "//cmd/kubeadm/app/phases/certs:go_default_library", "//cmd/kubeadm/app/phases/controlplane:go_default_library", diff --git a/cmd/kubeadm/app/phases/upgrade/health.go b/cmd/kubeadm/app/phases/upgrade/health.go index 30169e8146f..975b319ca03 100644 --- a/cmd/kubeadm/app/phases/upgrade/health.go +++ b/cmd/kubeadm/app/phases/upgrade/health.go @@ -109,16 +109,16 @@ func masterNodesReady(client clientset.Interface) error { LabelSelector: selector.String(), }) if err != nil { - return errors.Wrap(err, "couldn't list masters in cluster") + return errors.Wrap(err, "couldn't list control-planes in cluster") } if len(masters.Items) == 0 { - return errors.New("failed to find any nodes with master role") + return errors.New("failed to find any nodes with a control-plane role") } notReadyMasters := getNotReadyNodes(masters.Items) if len(notReadyMasters) != 0 { - return errors.Errorf("there are NotReady masters in the cluster: %v", notReadyMasters) + return errors.Errorf("there are NotReady control-planes in the cluster: %v", notReadyMasters) } return nil } diff --git a/cmd/kubeadm/app/phases/upgrade/staticpods_test.go b/cmd/kubeadm/app/phases/upgrade/staticpods_test.go index 5689814e2a3..b98b2b9a655 100644 --- a/cmd/kubeadm/app/phases/upgrade/staticpods_test.go +++ b/cmd/kubeadm/app/phases/upgrade/staticpods_test.go @@ -32,7 +32,6 @@ import ( "github.com/pkg/errors" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" - "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/validation" "k8s.io/kubernetes/cmd/kubeadm/app/constants" certsphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/certs" controlplanephase "k8s.io/kubernetes/cmd/kubeadm/app/phases/controlplane" @@ -541,22 +540,7 @@ func getConfig(version, certsDir, etcdDataDir string) (*kubeadmapi.InitConfigura configBytes := []byte(fmt.Sprintf(testConfiguration, certsDir, etcdDataDir, version)) // Unmarshal the config - cfg, err := configutil.BytesToInternalConfig(configBytes) - if err != nil { - return nil, err - } - - // Applies dynamic defaults to settings not provided with flags - if err = configutil.SetInitDynamicDefaults(cfg); err != nil { - return nil, err - } - - // Validates cfg (flags/configs + defaults + dynamic defaults) - if err = validation.ValidateInitConfiguration(cfg).ToAggregate(); err != nil { - return nil, err - } - - return cfg, nil + return configutil.BytesToInitConfiguration(configBytes) } func getTempDir(t *testing.T, name string) (string, func()) { diff --git a/cmd/kubeadm/app/phases/uploadcerts/BUILD b/cmd/kubeadm/app/phases/uploadcerts/BUILD new file mode 100644 index 00000000000..89d6cbc0384 --- /dev/null +++ b/cmd/kubeadm/app/phases/uploadcerts/BUILD @@ -0,0 +1,50 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["uploadcerts.go"], + importpath = "k8s.io/kubernetes/cmd/kubeadm/app/phases/uploadcerts", + visibility = ["//visibility:public"], + deps = [ + "//cmd/kubeadm/app/apis/kubeadm:go_default_library", + "//cmd/kubeadm/app/constants:go_default_library", + "//cmd/kubeadm/app/phases/bootstraptoken/node:go_default_library", + "//cmd/kubeadm/app/util/apiclient:go_default_library", + "//cmd/kubeadm/app/util/crypto:go_default_library", + "//pkg/apis/rbac/v1:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/api/rbac/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/cluster-bootstrap/token/util:go_default_library", + "//vendor/github.com/pkg/errors:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) + +go_test( + name = "go_default_test", + srcs = ["uploadcerts_test.go"], + embed = [":go_default_library"], + deps = [ + "//cmd/kubeadm/app/apis/kubeadm:go_default_library", + "//cmd/kubeadm/app/constants:go_default_library", + "//cmd/kubeadm/app/util/crypto:go_default_library", + "//cmd/kubeadm/test:go_default_library", + "//vendor/github.com/lithammer/dedent:go_default_library", + ], +) diff --git a/cmd/kubeadm/app/phases/uploadcerts/uploadcerts.go b/cmd/kubeadm/app/phases/uploadcerts/uploadcerts.go new file mode 100644 index 00000000000..9e5b1f0e1da --- /dev/null +++ b/cmd/kubeadm/app/phases/uploadcerts/uploadcerts.go @@ -0,0 +1,205 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package uploadcerts + +import ( + "encoding/hex" + "fmt" + "io/ioutil" + "os" + "path" + "strings" + + "github.com/pkg/errors" + + v1 "k8s.io/api/core/v1" + rbac "k8s.io/api/rbac/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + clientset "k8s.io/client-go/kubernetes" + bootstraputil "k8s.io/cluster-bootstrap/token/util" + kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" + nodebootstraptokenphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/bootstraptoken/node" + "k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient" + cryptoutil "k8s.io/kubernetes/cmd/kubeadm/app/util/crypto" + rbachelper "k8s.io/kubernetes/pkg/apis/rbac/v1" +) + +const ( + externalEtcdCA = "external-etcd-ca.crt" + externalEtcdCert = "external-etcd.crt" + externalEtcdKey = "external-etcd.key" +) + +// createShortLivedBootstrapToken creates the token used to manager kubeadm-certs +// and return the tokenID +func createShortLivedBootstrapToken(client clientset.Interface) (string, error) { + tokenStr, err := bootstraputil.GenerateBootstrapToken() + if err != nil { + return "", errors.Wrap(err, "error generating token to upload certs") + } + token, err := kubeadmapi.NewBootstrapTokenString(tokenStr) + if err != nil { + return "", errors.Wrap(err, "error creating upload certs token") + } + tokens := []kubeadmapi.BootstrapToken{{ + Token: token, + Description: "Proxy for managing TTL for the kubeadm-certs secret", + TTL: &metav1.Duration{ + Duration: kubeadmconstants.DefaultCertTokenDuration, + }, + }} + + if err := nodebootstraptokenphase.CreateNewTokens(client, tokens); err != nil { + return "", errors.Wrap(err, "error creating token") + } + return tokens[0].Token.ID, nil +} + +//CreateCertificateKey returns a cryptographically secure random key +func CreateCertificateKey() (string, error) { + randBytes, err := cryptoutil.CreateRandBytes(kubeadmconstants.CertificateKeySize) + if err != nil { + return "", err + } + return hex.EncodeToString(randBytes), nil +} + +//UploadCerts save certs needs to join a new control-plane on kubeadm-certs sercret. +func UploadCerts(client clientset.Interface, cfg *kubeadmapi.InitConfiguration, key string) error { + fmt.Printf("[upload-certs] storing the certificates in ConfigMap %q in the %q Namespace\n", kubeadmconstants.KubeadmCertsSecret, metav1.NamespaceSystem) + decodedKey, err := hex.DecodeString(key) + if err != nil { + return err + } + tokenID, err := createShortLivedBootstrapToken(client) + if err != nil { + return err + } + + secretData, err := getSecretData(cfg, decodedKey) + if err != nil { + return err + } + ref, err := getSecretOwnerRef(client, tokenID) + if err != nil { + return err + } + + err = apiclient.CreateOrUpdateSecret(client, &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: kubeadmconstants.KubeadmCertsSecret, + Namespace: metav1.NamespaceSystem, + OwnerReferences: ref, + }, + Data: secretData, + }) + if err != nil { + return err + } + + return createRBAC(client) +} + +func createRBAC(client clientset.Interface) error { + err := apiclient.CreateOrUpdateRole(client, &rbac.Role{ + ObjectMeta: metav1.ObjectMeta{ + Name: kubeadmconstants.KubeadmCertsClusterRoleName, + Namespace: metav1.NamespaceSystem, + }, + Rules: []rbac.PolicyRule{ + rbachelper.NewRule("get").Groups("").Resources("secrets").Names(kubeadmconstants.KubeadmCertsSecret).RuleOrDie(), + }, + }) + if err != nil { + return err + } + + return apiclient.CreateOrUpdateRoleBinding(client, &rbac.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: kubeadmconstants.KubeadmCertsClusterRoleName, + Namespace: metav1.NamespaceSystem, + }, + RoleRef: rbac.RoleRef{ + APIGroup: rbac.GroupName, + Kind: "Role", + Name: kubeadmconstants.KubeadmCertsClusterRoleName, + }, + Subjects: []rbac.Subject{ + { + Kind: rbac.GroupKind, + Name: kubeadmconstants.NodeBootstrapTokenAuthGroup, + }, + }, + }) +} + +func getSecretOwnerRef(client clientset.Interface, tokenID string) ([]metav1.OwnerReference, error) { + secretName := bootstraputil.BootstrapTokenSecretName(tokenID) + secret, err := client.CoreV1().Secrets(metav1.NamespaceSystem).Get(secretName, metav1.GetOptions{}) + if err != nil { + return nil, errors.Wrap(err, "error to get token reference") + } + + gvk := schema.GroupVersionKind{Version: "v1", Kind: "Secret"} + ref := metav1.NewControllerRef(secret, gvk) + return []metav1.OwnerReference{*ref}, nil +} + +func loadAndEncryptCert(certPath string, key []byte) ([]byte, error) { + cert, err := ioutil.ReadFile(certPath) + if err != nil { + return nil, err + } + return cryptoutil.EncryptBytes(cert, key) +} + +func certsToUpload(cfg *kubeadmapi.InitConfiguration) map[string]string { + certsDir := cfg.CertificatesDir + certs := map[string]string{ + kubeadmconstants.CACertName: path.Join(certsDir, kubeadmconstants.CACertName), + kubeadmconstants.CAKeyName: path.Join(certsDir, kubeadmconstants.CAKeyName), + kubeadmconstants.FrontProxyCACertName: path.Join(certsDir, kubeadmconstants.FrontProxyCACertName), + kubeadmconstants.FrontProxyCAKeyName: path.Join(certsDir, kubeadmconstants.FrontProxyCAKeyName), + kubeadmconstants.ServiceAccountPublicKeyName: path.Join(certsDir, kubeadmconstants.ServiceAccountPublicKeyName), + kubeadmconstants.ServiceAccountPrivateKeyName: path.Join(certsDir, kubeadmconstants.ServiceAccountPrivateKeyName), + } + + if cfg.Etcd.External == nil { + certs[kubeadmconstants.EtcdCACertName] = path.Join(certsDir, kubeadmconstants.EtcdCACertName) + certs[kubeadmconstants.EtcdCAKeyName] = path.Join(certsDir, kubeadmconstants.EtcdCAKeyName) + } else { + certs[externalEtcdCA] = cfg.Etcd.External.CAFile + certs[externalEtcdCert] = cfg.Etcd.External.CertFile + certs[externalEtcdKey] = cfg.Etcd.External.KeyFile + } + return certs +} + +func getSecretData(cfg *kubeadmapi.InitConfiguration, key []byte) (map[string][]byte, error) { + secretData := map[string][]byte{} + for certName, certPath := range certsToUpload(cfg) { + cert, err := loadAndEncryptCert(certPath, key) + if err == nil || (err != nil && os.IsNotExist(err)) { + secretData[strings.Replace(certName, "/", "-", -1)] = cert + } else { + return nil, err + } + } + return secretData, nil +} diff --git a/cmd/kubeadm/app/phases/uploadcerts/uploadcerts_test.go b/cmd/kubeadm/app/phases/uploadcerts/uploadcerts_test.go new file mode 100644 index 00000000000..a8d2faf2504 --- /dev/null +++ b/cmd/kubeadm/app/phases/uploadcerts/uploadcerts_test.go @@ -0,0 +1,116 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package uploadcerts + +import ( + "encoding/hex" + "io/ioutil" + "os" + "path" + "regexp" + "testing" + + "github.com/lithammer/dedent" + kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" + cryptoutil "k8s.io/kubernetes/cmd/kubeadm/app/util/crypto" + testutil "k8s.io/kubernetes/cmd/kubeadm/test" +) + +func TestUploadCerts(t *testing.T) { + tmpdir := testutil.SetupTempDir(t) + defer os.RemoveAll(tmpdir) + +} + +//teste cert name, teste cert can be decrypted +func TestGetSecretData(t *testing.T) { + certData := []byte("cert-data") + tmpdir := testutil.SetupTempDir(t) + defer os.RemoveAll(tmpdir) + cfg := &kubeadmapi.InitConfiguration{} + cfg.CertificatesDir = tmpdir + + key, err := CreateCertificateKey() + if err != nil { + t.Fatalf(dedent.Dedent("failed to create key.\nfatal error: %v"), err) + } + decodedKey, err := hex.DecodeString(key) + if err != nil { + t.Fatalf(dedent.Dedent("failed to decode key.\nfatal error: %v"), err) + } + + if err := os.Mkdir(path.Join(tmpdir, "etcd"), 0755); err != nil { + t.Fatalf(dedent.Dedent("failed to create etcd cert dir.\nfatal error: %v"), err) + } + + certs := certsToUpload(cfg) + for name, path := range certs { + if err := ioutil.WriteFile(path, certData, 0644); err != nil { + t.Fatalf(dedent.Dedent("failed to write cert: %s\nfatal error: %v"), name, err) + } + } + + secretData, err := getSecretData(cfg, decodedKey) + if err != nil { + t.Fatalf("failed to get secret data. fatal error: %v", err) + } + + re := regexp.MustCompile(`[-._a-zA-Z0-9]+`) + for name, data := range secretData { + if !re.MatchString(name) { + t.Fatalf(dedent.Dedent("failed to validate secretData\n %s isn't a valid secret key"), name) + } + + decryptedData, err := cryptoutil.DecryptBytes(data, decodedKey) + if string(certData) != string(decryptedData) { + t.Fatalf(dedent.Dedent("can't decript cert: %s\nfatal error: %v"), name, err) + } + } +} + +func TestCertsToUpload(t *testing.T) { + localEtcdCfg := &kubeadmapi.InitConfiguration{} + externalEtcdCfg := &kubeadmapi.InitConfiguration{} + externalEtcdCfg.Etcd = kubeadmapi.Etcd{} + externalEtcdCfg.Etcd.External = &kubeadmapi.ExternalEtcd{} + + tests := map[string]struct { + config *kubeadmapi.InitConfiguration + expectedCerts []string + }{ + "local etcd": { + config: localEtcdCfg, + expectedCerts: []string{kubeadmconstants.EtcdCACertName, kubeadmconstants.EtcdCAKeyName}, + }, + "external etcd": { + config: externalEtcdCfg, + expectedCerts: []string{externalEtcdCA, externalEtcdCert, externalEtcdKey}, + }, + } + + for name, test := range tests { + t.Run(name, func(t2 *testing.T) { + certList := certsToUpload(test.config) + for _, cert := range test.expectedCerts { + if _, found := certList[cert]; !found { + t2.Fatalf(dedent.Dedent("failed to get list of certs to upload\ncert %s not found"), cert) + } + } + }) + } +} diff --git a/cmd/kubeadm/app/phases/uploadconfig/uploadconfig_test.go b/cmd/kubeadm/app/phases/uploadconfig/uploadconfig_test.go index c10a57376af..1d25bcdb2e2 100644 --- a/cmd/kubeadm/app/phases/uploadconfig/uploadconfig_test.go +++ b/cmd/kubeadm/app/phases/uploadconfig/uploadconfig_test.go @@ -84,7 +84,7 @@ func TestUploadConfiguration(t *testing.T) { CRISocket: "/var/run/custom-cri.sock", }, } - cfg, err := configutil.ConfigFileAndDefaultsToInternalConfig("", initialcfg) + cfg, err := configutil.DefaultedInitConfiguration(initialcfg) // cleans up component config to make cfg and decodedcfg comparable (now component config are not stored anymore in kubeadm-config config map) cfg.ComponentConfigs = kubeadmapi.ComponentConfigs{} diff --git a/cmd/kubeadm/app/preflight/BUILD b/cmd/kubeadm/app/preflight/BUILD index e362cb3c4bb..88c7dd9b69e 100644 --- a/cmd/kubeadm/app/preflight/BUILD +++ b/cmd/kubeadm/app/preflight/BUILD @@ -10,6 +10,8 @@ go_library( name = "go_default_library", srcs = [ "checks.go", + "checks_darwin.go", + "checks_linux.go", "checks_unix.go", "checks_windows.go", "utils.go", @@ -33,7 +35,12 @@ go_library( "//vendor/github.com/pkg/errors:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/exec:go_default_library", - ], + ] + select({ + "@io_bazel_rules_go//go/platform:linux": [ + "//cmd/kubeadm/app/util:go_default_library", + ], + "//conditions:default": [], + }), ) go_test( diff --git a/cmd/kubeadm/app/preflight/checks.go b/cmd/kubeadm/app/preflight/checks.go index 3f468767c29..e0f7283b87a 100644 --- a/cmd/kubeadm/app/preflight/checks.go +++ b/cmd/kubeadm/app/preflight/checks.go @@ -226,6 +226,14 @@ func (IsPrivilegedUserCheck) Name() string { return "IsPrivilegedUser" } +// IsDockerSystemdCheck verifies if Docker is setup to use systemd as the cgroup driver. +type IsDockerSystemdCheck struct{} + +// Name returns name for IsDockerSystemdCheck +func (IsDockerSystemdCheck) Name() string { + return "IsDockerSystemdCheck" +} + // DirAvailableCheck checks if the given directory either does not exist, or is empty. type DirAvailableCheck struct { Path string @@ -998,6 +1006,10 @@ func addCommonChecks(execer utilsexec.Interface, cfg kubeadmapi.CommonConfigurat if containerRuntime.IsDocker() { isDocker = true checks = append(checks, ServiceCheck{Service: "docker", CheckIfActive: true}) + // Linux only + // TODO: support other CRIs for this check eventually + // https://github.com/kubernetes/kubeadm/issues/874 + checks = append(checks, IsDockerSystemdCheck{}) } } diff --git a/cmd/kubeadm/app/preflight/checks_darwin.go b/cmd/kubeadm/app/preflight/checks_darwin.go new file mode 100644 index 00000000000..d4cb02628a4 --- /dev/null +++ b/cmd/kubeadm/app/preflight/checks_darwin.go @@ -0,0 +1,27 @@ +// +build darwin + +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package preflight + +// This is a MacOS stub + +// Check validates if Docker is setup to use systemd as the cgroup driver. +// No-op for Darwin (MacOS). +func (idsc IsDockerSystemdCheck) Check() (warnings, errorList []error) { + return nil, nil +} diff --git a/cmd/kubeadm/app/preflight/checks_linux.go b/cmd/kubeadm/app/preflight/checks_linux.go new file mode 100644 index 00000000000..12828815ce0 --- /dev/null +++ b/cmd/kubeadm/app/preflight/checks_linux.go @@ -0,0 +1,44 @@ +// +build linux + +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package preflight + +import ( + "github.com/pkg/errors" + "k8s.io/kubernetes/cmd/kubeadm/app/util" + "k8s.io/utils/exec" +) + +// Check validates if Docker is setup to use systemd as the cgroup driver. +func (idsc IsDockerSystemdCheck) Check() (warnings, errorList []error) { + warnings = []error{} + driver, err := util.GetCgroupDriverDocker(exec.New()) + if err != nil { + errorList = append(errorList, err) + return nil, errorList + } + if driver != util.CgroupDriverSystemd { + err = errors.Errorf("detected %q as the Docker cgroup driver. "+ + "The recommended driver is %q. "+ + "Please follow the guide at https://kubernetes.io/docs/setup/cri/", + driver, + util.CgroupDriverSystemd) + warnings = append(warnings, err) + } + return warnings, nil +} diff --git a/cmd/kubeadm/app/preflight/checks_windows.go b/cmd/kubeadm/app/preflight/checks_windows.go index 1477204248d..85bae087cca 100644 --- a/cmd/kubeadm/app/preflight/checks_windows.go +++ b/cmd/kubeadm/app/preflight/checks_windows.go @@ -43,3 +43,9 @@ func (ipuc IsPrivilegedUserCheck) Check() (warnings, errorList []error) { return nil, errorList } + +// Check validates if Docker is setup to use systemd as the cgroup driver. +// No-op for Windows. +func (idsc IsDockerSystemdCheck) Check() (warnings, errorList []error) { + return nil, nil +} diff --git a/cmd/kubeadm/app/util/BUILD b/cmd/kubeadm/app/util/BUILD index 7356f887c09..259e1d97caa 100644 --- a/cmd/kubeadm/app/util/BUILD +++ b/cmd/kubeadm/app/util/BUILD @@ -82,6 +82,7 @@ filegroup( "//cmd/kubeadm/app/util/audit:all-srcs", "//cmd/kubeadm/app/util/certs:all-srcs", "//cmd/kubeadm/app/util/config:all-srcs", + "//cmd/kubeadm/app/util/crypto:all-srcs", "//cmd/kubeadm/app/util/dryrun:all-srcs", "//cmd/kubeadm/app/util/etcd:all-srcs", "//cmd/kubeadm/app/util/kubeconfig:all-srcs", diff --git a/cmd/kubeadm/app/util/apiclient/BUILD b/cmd/kubeadm/app/util/apiclient/BUILD index 666c2bada99..c16c612c4fc 100644 --- a/cmd/kubeadm/app/util/apiclient/BUILD +++ b/cmd/kubeadm/app/util/apiclient/BUILD @@ -19,7 +19,6 @@ go_library( deps = [ "//cmd/kubeadm/app/constants:go_default_library", "//cmd/kubeadm/app/util:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/kubelet/types:go_default_library", "//pkg/registry/core/service/ipallocator:go_default_library", "//staging/src/k8s.io/api/apps/v1:go_default_library", @@ -67,7 +66,6 @@ go_test( ], embed = [":go_default_library"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/rbac/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/cmd/kubeadm/app/util/apiclient/idempotency.go b/cmd/kubeadm/app/util/apiclient/idempotency.go index 02727c5a54c..cb8635a8403 100644 --- a/cmd/kubeadm/app/util/apiclient/idempotency.go +++ b/cmd/kubeadm/app/util/apiclient/idempotency.go @@ -32,7 +32,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/cmd/kubeadm/app/constants" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) // TODO: We should invent a dynamic mechanism for this using the dynamic client instead of hard-coding these functions per-type @@ -210,7 +209,7 @@ func PatchNodeOnce(client clientset.Interface, nodeName string, patchFn func(*v1 // The node may appear to have no labels at first, // so we wait for it to get hostname label. - if _, found := n.ObjectMeta.Labels[kubeletapis.LabelHostname]; !found { + if _, found := n.ObjectMeta.Labels[v1.LabelHostname]; !found { return false, nil } diff --git a/cmd/kubeadm/app/util/apiclient/idempotency_test.go b/cmd/kubeadm/app/util/apiclient/idempotency_test.go index 1564c7bcc29..b4ac6a43631 100644 --- a/cmd/kubeadm/app/util/apiclient/idempotency_test.go +++ b/cmd/kubeadm/app/util/apiclient/idempotency_test.go @@ -22,7 +22,6 @@ import ( "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes/fake" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) func TestPatchNodeNonErrorCases(t *testing.T) { @@ -38,7 +37,7 @@ func TestPatchNodeNonErrorCases(t *testing.T) { node: v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "testnode", - Labels: map[string]string{kubeletapis.LabelHostname: ""}, + Labels: map[string]string{v1.LabelHostname: ""}, }, }, success: true, diff --git a/cmd/kubeadm/app/util/cgroupdriver.go b/cmd/kubeadm/app/util/cgroupdriver.go index 2d1e4506898..602f6c3f6f3 100644 --- a/cmd/kubeadm/app/util/cgroupdriver.go +++ b/cmd/kubeadm/app/util/cgroupdriver.go @@ -24,6 +24,13 @@ import ( utilsexec "k8s.io/utils/exec" ) +const ( + // CgroupDriverSystemd holds the systemd driver type + CgroupDriverSystemd = "systemd" + // CgroupDriverCgroupfs holds the cgroupfs driver type + CgroupDriverCgroupfs = "cgroupfs" +) + // TODO: add support for detecting the cgroup driver for CRI other than // Docker. Currently only Docker driver detection is supported: // Discussion: @@ -39,7 +46,7 @@ func GetCgroupDriverDocker(execer utilsexec.Interface) (string, error) { } func validateCgroupDriver(driver string) error { - if driver != "cgroupfs" && driver != "systemd" { + if driver != CgroupDriverCgroupfs && driver != CgroupDriverSystemd { return errors.Errorf("unknown cgroup driver %q", driver) } return nil diff --git a/cmd/kubeadm/app/util/config/cluster.go b/cmd/kubeadm/app/util/config/cluster.go index 22147cf7eec..5ff954e1088 100644 --- a/cmd/kubeadm/app/util/config/cluster.go +++ b/cmd/kubeadm/app/util/config/cluster.go @@ -20,7 +20,6 @@ import ( "crypto/x509" "fmt" "io" - "io/ioutil" "path/filepath" "strings" @@ -39,54 +38,26 @@ import ( "k8s.io/kubernetes/cmd/kubeadm/app/constants" ) -// FetchConfigFromFileOrCluster fetches configuration required for upgrading your cluster from a file (which has precedence) or a ConfigMap in the cluster -func FetchConfigFromFileOrCluster(client clientset.Interface, w io.Writer, logPrefix, cfgPath string, newControlPlane bool) (*kubeadmapi.InitConfiguration, error) { - // Load the configuration from a file or the cluster - initcfg, err := loadConfiguration(client, w, logPrefix, cfgPath, newControlPlane) +// FetchInitConfigurationFromCluster fetches configuration from a ConfigMap in the cluster +func FetchInitConfigurationFromCluster(client clientset.Interface, w io.Writer, logPrefix string, newControlPlane bool) (*kubeadmapi.InitConfiguration, error) { + fmt.Fprintf(w, "[%s] Reading configuration from the cluster...\n", logPrefix) + fmt.Fprintf(w, "[%s] FYI: You can look at this config file with 'kubectl -n %s get cm %s -oyaml'\n", logPrefix, metav1.NamespaceSystem, constants.KubeadmConfigConfigMap) + + // Fetch the actual config from cluster + cfg, err := getInitConfigurationFromCluster(constants.KubernetesDir, client, newControlPlane) if err != nil { return nil, err } // Apply dynamic defaults - if err := SetInitDynamicDefaults(initcfg); err != nil { - return nil, err - } - return initcfg, err -} - -// loadConfiguration loads the configuration byte slice from either a file or the cluster ConfigMap -func loadConfiguration(client clientset.Interface, w io.Writer, logPrefix, cfgPath string, newControlPlane bool) (*kubeadmapi.InitConfiguration, error) { - // The config file has the highest priority - if cfgPath != "" { - fmt.Fprintf(w, "[%s] Reading configuration options from a file: %s\n", logPrefix, cfgPath) - return loadInitConfigurationFromFile(cfgPath) - } - - fmt.Fprintf(w, "[%s] Reading configuration from the cluster...\n", logPrefix) - fmt.Fprintf(w, "[%s] FYI: You can look at this config file with 'kubectl -n %s get cm %s -oyaml'\n", logPrefix, metav1.NamespaceSystem, constants.KubeadmConfigConfigMap) - return getInitConfigurationFromCluster(constants.KubernetesDir, client, newControlPlane) -} - -func loadInitConfigurationFromFile(cfgPath string) (*kubeadmapi.InitConfiguration, error) { - configBytes, err := ioutil.ReadFile(cfgPath) - if err != nil { + if err := SetInitDynamicDefaults(cfg); err != nil { return nil, err } - // Unmarshal the versioned configuration populated from the file, - // convert it to the internal API types, then default and validate - // NB the file contains multiple YAML, with a combination of - // - a YAML with a InitConfiguration object - // - a YAML with a ClusterConfiguration object (without embedded component configs) - // - separated YAML for components configs - initcfg, err := BytesToInternalConfig(configBytes) - if err != nil { - return nil, err - } - - return initcfg, nil + return cfg, nil } +// getInitConfigurationFromCluster is separate only for testing purposes, don't call it directly, use FetchInitConfigurationFromCluster instead func getInitConfigurationFromCluster(kubeconfigDir string, client clientset.Interface, newControlPlane bool) (*kubeadmapi.InitConfiguration, error) { // TODO: This code should support reading the MasterConfiguration key as well for backwards-compat // Also, the config map really should be KubeadmConfigConfigMap... @@ -124,7 +95,6 @@ func getInitConfigurationFromCluster(kubeconfigDir string, client clientset.Inte return nil, errors.Wrap(err, "failed to getAPIEndpoint") } } - return initcfg, nil } diff --git a/cmd/kubeadm/app/util/config/cluster_test.go b/cmd/kubeadm/app/util/config/cluster_test.go index 1fcc7c72c58..eebc7fe15cc 100644 --- a/cmd/kubeadm/app/util/config/cluster_test.go +++ b/cmd/kubeadm/app/util/config/cluster_test.go @@ -17,7 +17,6 @@ limitations under the License. package config import ( - "bytes" "io/ioutil" "os" "path/filepath" @@ -172,76 +171,6 @@ G+2/lm8TaVjoU7Fi5Ka5G5HY2GLaR7P+IxYcrMHCl62Y7Rqcrnc= `), } -func TestLoadInitConfigurationFromFile(t *testing.T) { - // Create temp folder for the test case - tmpdir, err := ioutil.TempDir("", "") - if err != nil { - t.Fatalf("Couldn't create tmpdir") - } - defer os.RemoveAll(tmpdir) - - var tests = []struct { - name string - fileContents []byte - }{ - { - name: "v1beta1.partial1", - fileContents: cfgFiles["InitConfiguration_v1beta1"], - }, - { - name: "v1beta1.partial2", - fileContents: cfgFiles["ClusterConfiguration_v1beta1"], - }, - { - name: "v1beta1.full", - fileContents: bytes.Join([][]byte{ - cfgFiles["InitConfiguration_v1beta1"], - cfgFiles["ClusterConfiguration_v1beta1"], - cfgFiles["Kube-proxy_componentconfig"], - cfgFiles["Kubelet_componentconfig"], - }, []byte(kubeadmconstants.YAMLDocumentSeparator)), - }, - { - name: "v1alpha3.partial1", - fileContents: cfgFiles["InitConfiguration_v1alpha3"], - }, - { - name: "v1alpha3.partial2", - fileContents: cfgFiles["ClusterConfiguration_v1alpha3"], - }, - { - name: "v1alpha3.full", - fileContents: bytes.Join([][]byte{ - cfgFiles["InitConfiguration_v1alpha3"], - cfgFiles["ClusterConfiguration_v1alpha3"], - cfgFiles["Kube-proxy_componentconfig"], - cfgFiles["Kubelet_componentconfig"], - }, []byte(kubeadmconstants.YAMLDocumentSeparator)), - }, - } - - for _, rt := range tests { - t.Run(rt.name, func(t2 *testing.T) { - cfgPath := filepath.Join(tmpdir, rt.name) - err := ioutil.WriteFile(cfgPath, rt.fileContents, 0644) - if err != nil { - t.Errorf("Couldn't create file") - return - } - - obj, err := loadInitConfigurationFromFile(cfgPath) - if err != nil { - t.Errorf("Error reading file: %v", err) - return - } - - if obj == nil { - t.Errorf("Unexpected nil return value") - } - }) - } -} - func TestGetNodeNameFromKubeletConfig(t *testing.T) { tmpdir, err := ioutil.TempDir("", "") if err != nil { diff --git a/cmd/kubeadm/app/util/config/common.go b/cmd/kubeadm/app/util/config/common.go index 9a8f4c0cab7..a153d252584 100644 --- a/cmd/kubeadm/app/util/config/common.go +++ b/cmd/kubeadm/app/util/config/common.go @@ -18,7 +18,6 @@ package config import ( "bytes" - "io/ioutil" "net" "reflect" "strings" @@ -49,20 +48,35 @@ func MarshalKubeadmConfigObject(obj runtime.Object) ([]byte, error) { } } -// ValidateSupportedVersion checks if a supplied GroupVersion is not on the list of unsupported GVs. If it is, an error is returned. -func ValidateSupportedVersion(gv schema.GroupVersion) error { +// validateSupportedVersion checks if the supplied GroupVersion is not on the lists of old unsupported or deprecated GVs. +// If it is, an error is returned. +func validateSupportedVersion(gv schema.GroupVersion, allowDeprecated bool) error { // The support matrix will look something like this now and in the future: // v1.10 and earlier: v1alpha1 // v1.11: v1alpha1 read-only, writes only v1alpha2 config - // v1.12: v1alpha2 read-only, writes only v1alpha3 config. Warns if the user tries to use v1alpha1 - // v1.13: v1alpha3 read-only, writes only v1beta1 config. Warns if the user tries to use v1alpha1 or v1alpha2 + // v1.12: v1alpha2 read-only, writes only v1alpha3 config. Errors if the user tries to use v1alpha1 + // v1.13: v1alpha3 read-only, writes only v1beta1 config. Errors if the user tries to use v1alpha1 or v1alpha2 + // v1.14: v1alpha3 convert only, writes only v1beta1 config. Errors if the user tries to use v1alpha1 or v1alpha2 oldKnownAPIVersions := map[string]string{ "kubeadm.k8s.io/v1alpha1": "v1.11", "kubeadm.k8s.io/v1alpha2": "v1.12", } - if useKubeadmVersion := oldKnownAPIVersions[gv.String()]; useKubeadmVersion != "" { + + // Deprecated API versions are supported by us, but can only be used for migration. + deprecatedAPIVersions := map[string]struct{}{ + "kubeadm.k8s.io/v1alpha3": {}, // Can be migrated with kubeadm 1.13+ + } + + gvString := gv.String() + + if useKubeadmVersion := oldKnownAPIVersions[gvString]; useKubeadmVersion != "" { return errors.Errorf("your configuration file uses an old API spec: %q. Please use kubeadm %s instead and run 'kubeadm config migrate --old-config old.yaml --new-config new.yaml', which will write the new, similar spec using a newer API version.", gv.String(), useKubeadmVersion) } + + if _, present := deprecatedAPIVersions[gvString]; present && !allowDeprecated { + return errors.Errorf("your configuration file uses a deprecated API spec: %q. Please use 'kubeadm config migrate --old-config old.yaml --new-config new.yaml', which will write the new, similar spec using a newer API version.", gv.String()) + } + return nil } @@ -138,23 +152,24 @@ func ChooseAPIServerBindAddress(bindAddress net.IP) (net.IP, error) { return ip, nil } -// MigrateOldConfigFromFile migrates an old configuration from a file into a new one (returned as a byte slice). Only kubeadm kinds are migrated. Others are silently ignored. -func MigrateOldConfigFromFile(cfgPath string) ([]byte, error) { +// MigrateOldConfig migrates an old configuration from a byte slice into a new one (returned again as a byte slice). +// Only kubeadm kinds are migrated. Others are silently ignored. +func MigrateOldConfig(oldConfig []byte) ([]byte, error) { newConfig := [][]byte{} - cfgBytes, err := ioutil.ReadFile(cfgPath) + gvkmap, err := kubeadmutil.SplitYAMLDocuments(oldConfig) if err != nil { return []byte{}, err } - gvks, err := kubeadmutil.GroupVersionKindsFromBytes(cfgBytes) - if err != nil { - return []byte{}, err + gvks := []schema.GroupVersionKind{} + for gvk := range gvkmap { + gvks = append(gvks, gvk) } // Migrate InitConfiguration and ClusterConfiguration if there are any in the config if kubeadmutil.GroupVersionKindsHasInitConfiguration(gvks...) || kubeadmutil.GroupVersionKindsHasClusterConfiguration(gvks...) { - o, err := ConfigFileAndDefaultsToInternalConfig(cfgPath, &kubeadmapiv1beta1.InitConfiguration{}) + o, err := documentMapToInitConfiguration(gvkmap, true) if err != nil { return []byte{}, err } @@ -167,7 +182,7 @@ func MigrateOldConfigFromFile(cfgPath string) ([]byte, error) { // Migrate JoinConfiguration if there is any if kubeadmutil.GroupVersionKindsHasJoinConfiguration(gvks...) { - o, err := JoinConfigFileAndDefaultsToInternalConfig(cfgPath, &kubeadmapiv1beta1.JoinConfiguration{}) + o, err := documentMapToJoinConfiguration(gvkmap, true) if err != nil { return []byte{}, err } diff --git a/cmd/kubeadm/app/util/config/common_test.go b/cmd/kubeadm/app/util/config/common_test.go index e0d18dda997..501a8d602b3 100644 --- a/cmd/kubeadm/app/util/config/common_test.go +++ b/cmd/kubeadm/app/util/config/common_test.go @@ -17,8 +17,7 @@ limitations under the License. package config import ( - "io/ioutil" - "os" + "fmt" "testing" "github.com/lithammer/dedent" @@ -29,12 +28,13 @@ import ( kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" ) -func TestValidateSupportedVersion(t *testing.T) { - const KubeadmGroupName = "kubeadm.k8s.io" +const KubeadmGroupName = "kubeadm.k8s.io" +func TestValidateSupportedVersion(t *testing.T) { tests := []struct { - gv schema.GroupVersion - expectedErr bool + gv schema.GroupVersion + allowDeprecated bool + expectedErr bool }{ { gv: schema.GroupVersion{ @@ -55,6 +55,14 @@ func TestValidateSupportedVersion(t *testing.T) { Group: KubeadmGroupName, Version: "v1alpha3", }, + expectedErr: true, + }, + { + gv: schema.GroupVersion{ + Group: KubeadmGroupName, + Version: "v1alpha3", + }, + allowDeprecated: true, }, { gv: schema.GroupVersion{ @@ -71,8 +79,8 @@ func TestValidateSupportedVersion(t *testing.T) { } for _, rt := range tests { - t.Run(rt.gv.String(), func(t *testing.T) { - err := ValidateSupportedVersion(rt.gv) + t.Run(fmt.Sprintf("%s/allowDeprecated:%t", rt.gv, rt.allowDeprecated), func(t *testing.T) { + err := validateSupportedVersion(rt.gv, rt.allowDeprecated) if rt.expectedErr && err == nil { t.Error("unexpected success") } else if !rt.expectedErr && err != nil { @@ -352,20 +360,7 @@ func TestMigrateOldConfigFromFile(t *testing.T) { for _, test := range tests { t.Run(test.desc, func(t *testing.T) { - file, err := ioutil.TempFile("", "") - if err != nil { - t.Fatalf("could not create temporary test file: %v", err) - } - fileName := file.Name() - defer os.Remove(fileName) - - _, err = file.WriteString(test.oldCfg) - file.Close() - if err != nil { - t.Fatalf("could not write contents of old config: %v", err) - } - - b, err := MigrateOldConfigFromFile(fileName) + b, err := MigrateOldConfig([]byte(test.oldCfg)) if test.expectErr { if err == nil { t.Fatalf("unexpected success:\n%s", b) diff --git a/cmd/kubeadm/app/util/config/initconfiguration.go b/cmd/kubeadm/app/util/config/initconfiguration.go index 31d9ae74616..035015d624f 100644 --- a/cmd/kubeadm/app/util/config/initconfiguration.go +++ b/cmd/kubeadm/app/util/config/initconfiguration.go @@ -161,33 +161,14 @@ func SetClusterDynamicDefaults(cfg *kubeadmapi.ClusterConfiguration, advertiseAd return nil } -// ConfigFileAndDefaultsToInternalConfig takes a path to a config file and a versioned configuration that can serve as the default config -// If cfgPath is specified, defaultversionedcfg will always get overridden. Otherwise, the default config (often populated by flags) will be used. -// Then the external, versioned configuration is defaulted and converted to the internal type. -// Right thereafter, the configuration is defaulted again with dynamic values (like IP addresses of a machine, etc) -// Lastly, the internal config is validated and returned. -func ConfigFileAndDefaultsToInternalConfig(cfgPath string, defaultversionedcfg *kubeadmapiv1beta1.InitConfiguration) (*kubeadmapi.InitConfiguration, error) { +// DefaultedInitConfiguration takes a versioned init config (often populated by flags), defaults it and converts it into internal InitConfiguration +func DefaultedInitConfiguration(defaultversionedcfg *kubeadmapiv1beta1.InitConfiguration) (*kubeadmapi.InitConfiguration, error) { internalcfg := &kubeadmapi.InitConfiguration{} - if cfgPath != "" { - // Loads configuration from config file, if provided - // Nb. --config overrides command line flags - klog.V(1).Infoln("loading configuration from the given file") - - b, err := ioutil.ReadFile(cfgPath) - if err != nil { - return nil, errors.Wrapf(err, "unable to read config from %q ", cfgPath) - } - internalcfg, err = BytesToInternalConfig(b) - if err != nil { - return nil, err - } - } else { - // Takes passed flags into account; the defaulting is executed once again enforcing assignment of - // static default values to cfg only for values not provided with flags - kubeadmscheme.Scheme.Default(defaultversionedcfg) - kubeadmscheme.Scheme.Convert(defaultversionedcfg, internalcfg, nil) - } + // Takes passed flags into account; the defaulting is executed once again enforcing assignment of + // static default values to cfg only for values not provided with flags + kubeadmscheme.Scheme.Default(defaultversionedcfg) + kubeadmscheme.Scheme.Convert(defaultversionedcfg, internalcfg, nil) // Applies dynamic defaults to settings not provided with flags if err := SetInitDynamicDefaults(internalcfg); err != nil { @@ -200,22 +181,55 @@ func ConfigFileAndDefaultsToInternalConfig(cfgPath string, defaultversionedcfg * return internalcfg, nil } -// BytesToInternalConfig converts a byte slice to an internal, defaulted and validated configuration object. -// The byte slice may contain one or many different YAML documents. These YAML documents are parsed one-by-one -// and well-known ComponentConfig GroupVersionKinds are stored inside of the internal InitConfiguration struct -func BytesToInternalConfig(b []byte) (*kubeadmapi.InitConfiguration, error) { - var initcfg *kubeadmapi.InitConfiguration - var clustercfg *kubeadmapi.ClusterConfiguration - decodedComponentConfigObjects := map[componentconfigs.RegistrationKind]runtime.Object{} +// LoadInitConfigurationFromFile loads a supported versioned InitConfiguration from a file, converts it into internal config, defaults it and verifies it. +func LoadInitConfigurationFromFile(cfgPath string) (*kubeadmapi.InitConfiguration, error) { + klog.V(1).Infof("loading configuration from %q", cfgPath) + b, err := ioutil.ReadFile(cfgPath) + if err != nil { + return nil, errors.Wrapf(err, "unable to read config from %q ", cfgPath) + } + + return BytesToInitConfiguration(b) +} + +// LoadOrDefaultInitConfiguration takes a path to a config file and a versioned configuration that can serve as the default config +// If cfgPath is specified, defaultversionedcfg will always get overridden. Otherwise, the default config (often populated by flags) will be used. +// Then the external, versioned configuration is defaulted and converted to the internal type. +// Right thereafter, the configuration is defaulted again with dynamic values (like IP addresses of a machine, etc) +// Lastly, the internal config is validated and returned. +func LoadOrDefaultInitConfiguration(cfgPath string, defaultversionedcfg *kubeadmapiv1beta1.InitConfiguration) (*kubeadmapi.InitConfiguration, error) { + if cfgPath != "" { + // Loads configuration from config file, if provided + // Nb. --config overrides command line flags + return LoadInitConfigurationFromFile(cfgPath) + } + + return DefaultedInitConfiguration(defaultversionedcfg) +} + +// BytesToInitConfiguration converts a byte slice to an internal, defaulted and validated InitConfiguration object. +// The map may contain many different YAML documents. These YAML documents are parsed one-by-one +// and well-known ComponentConfig GroupVersionKinds are stored inside of the internal InitConfiguration struct. +// The resulting InitConfiguration is then dynamically defaulted and validated prior to return. +func BytesToInitConfiguration(b []byte) (*kubeadmapi.InitConfiguration, error) { gvkmap, err := kubeadmutil.SplitYAMLDocuments(b) if err != nil { return nil, err } + return documentMapToInitConfiguration(gvkmap, false) +} + +// documentMapToInitConfiguration converts a map of GVKs and YAML documents to defaulted and validated configuration object. +func documentMapToInitConfiguration(gvkmap map[schema.GroupVersionKind][]byte, allowDeprecated bool) (*kubeadmapi.InitConfiguration, error) { + var initcfg *kubeadmapi.InitConfiguration + var clustercfg *kubeadmapi.ClusterConfiguration + decodedComponentConfigObjects := map[componentconfigs.RegistrationKind]runtime.Object{} + for gvk, fileContent := range gvkmap { - // first, check if this GVK is supported one - if err := ValidateSupportedVersion(gvk.GroupVersion()); err != nil { + // first, check if this GVK is supported and possibly not deprecated + if err := validateSupportedVersion(gvk.GroupVersion(), allowDeprecated); err != nil { return nil, err } @@ -287,6 +301,17 @@ func BytesToInternalConfig(b []byte) (*kubeadmapi.InitConfiguration, error) { fmt.Printf("[config] WARNING: Decoded a kind that couldn't be saved to the internal configuration: %q\n", string(kind)) } } + + // Applies dynamic defaults to settings not provided with flags + if err := SetInitDynamicDefaults(initcfg); err != nil { + return nil, err + } + + // Validates cfg (flags/configs + defaults + dynamic defaults) + if err := validation.ValidateInitConfiguration(initcfg).ToAggregate(); err != nil { + return nil, err + } + return initcfg, nil } diff --git a/cmd/kubeadm/app/util/config/initconfiguration_test.go b/cmd/kubeadm/app/util/config/initconfiguration_test.go index 307d2f1e603..cc11b97921b 100644 --- a/cmd/kubeadm/app/util/config/initconfiguration_test.go +++ b/cmd/kubeadm/app/util/config/initconfiguration_test.go @@ -19,7 +19,10 @@ package config import ( "bytes" "io/ioutil" + "os" + "path/filepath" "reflect" + "runtime" "testing" "github.com/pmezard/go-difflib/difflib" @@ -27,15 +30,20 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapiv1beta1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1" + "k8s.io/kubernetes/cmd/kubeadm/app/constants" ) const ( - master_v1alpha3YAML = "testdata/conversion/master/v1alpha3.yaml" - master_v1beta1YAML = "testdata/conversion/master/v1beta1.yaml" - master_internalYAML = "testdata/conversion/master/internal.yaml" - master_incompleteYAML = "testdata/defaulting/master/incomplete.yaml" - master_defaultedYAML = "testdata/defaulting/master/defaulted.yaml" - master_invalidYAML = "testdata/validation/invalid_mastercfg.yaml" + masterV1alpha3YAML = "testdata/conversion/master/v1alpha3.yaml" + masterV1alpha3YAMLNonLinux = "testdata/conversion/master/v1alpha3_non_linux.yaml" + masterV1beta1YAML = "testdata/conversion/master/v1beta1.yaml" + masterV1beta1YAMLNonLinux = "testdata/conversion/master/v1beta1_non_linux.yaml" + masterInternalYAML = "testdata/conversion/master/internal.yaml" + masterInternalYAMLNonLinux = "testdata/conversion/master/internal_non_linux.yaml" + masterIncompleteYAML = "testdata/defaulting/master/incomplete.yaml" + masterDefaultedYAML = "testdata/defaulting/master/defaulted.yaml" + masterDefaultedYAMLNonLinux = "testdata/defaulting/master/defaulted_non_linux.yaml" + masterInvalidYAML = "testdata/validation/invalid_mastercfg.yaml" ) func diff(expected, actual []byte) string { @@ -51,49 +59,134 @@ func diff(expected, actual []byte) string { return diffBytes.String() } -func TestConfigFileAndDefaultsToInternalConfig(t *testing.T) { +func TestLoadInitConfigurationFromFile(t *testing.T) { + // Create temp folder for the test case + tmpdir, err := ioutil.TempDir("", "") + if err != nil { + t.Fatalf("Couldn't create tmpdir") + } + defer os.RemoveAll(tmpdir) + + // cfgFiles is in cluster_test.go + var tests = []struct { + name string + fileContents []byte + expectErr bool + }{ + { + name: "v1beta1.partial1", + fileContents: cfgFiles["InitConfiguration_v1beta1"], + }, + { + name: "v1beta1.partial2", + fileContents: cfgFiles["ClusterConfiguration_v1beta1"], + }, + { + name: "v1beta1.full", + fileContents: bytes.Join([][]byte{ + cfgFiles["InitConfiguration_v1beta1"], + cfgFiles["ClusterConfiguration_v1beta1"], + cfgFiles["Kube-proxy_componentconfig"], + cfgFiles["Kubelet_componentconfig"], + }, []byte(constants.YAMLDocumentSeparator)), + }, + { + name: "v1alpha3.partial1", + fileContents: cfgFiles["InitConfiguration_v1alpha3"], + expectErr: true, + }, + { + name: "v1alpha3.partial2", + fileContents: cfgFiles["ClusterConfiguration_v1alpha3"], + expectErr: true, + }, + { + name: "v1alpha3.full", + fileContents: bytes.Join([][]byte{ + cfgFiles["InitConfiguration_v1alpha3"], + cfgFiles["ClusterConfiguration_v1alpha3"], + cfgFiles["Kube-proxy_componentconfig"], + cfgFiles["Kubelet_componentconfig"], + }, []byte(constants.YAMLDocumentSeparator)), + expectErr: true, + }, + } + + for _, rt := range tests { + t.Run(rt.name, func(t2 *testing.T) { + cfgPath := filepath.Join(tmpdir, rt.name) + err := ioutil.WriteFile(cfgPath, rt.fileContents, 0644) + if err != nil { + t.Errorf("Couldn't create file") + return + } + + obj, err := LoadInitConfigurationFromFile(cfgPath) + if rt.expectErr { + if err == nil { + t.Error("Unexpected success") + } + } else { + if err != nil { + t.Errorf("Error reading file: %v", err) + return + } + + if obj == nil { + t.Errorf("Unexpected nil return value") + } + } + }) + } +} + +func TestInitConfigurationMarshallingFromFile(t *testing.T) { + masterV1alpha3YAMLAbstracted := masterV1alpha3YAML + masterV1beta1YAMLAbstracted := masterV1beta1YAML + masterInternalYAMLAbstracted := masterInternalYAML + masterDefaultedYAMLAbstracted := masterDefaultedYAML + if runtime.GOOS != "linux" { + masterV1alpha3YAMLAbstracted = masterV1alpha3YAMLNonLinux + masterV1beta1YAMLAbstracted = masterV1beta1YAMLNonLinux + masterInternalYAMLAbstracted = masterInternalYAMLNonLinux + masterDefaultedYAMLAbstracted = masterDefaultedYAMLNonLinux + } + var tests = []struct { name, in, out string groupVersion schema.GroupVersion expectedErr bool }{ - // These tests are reading one file, loading it using ConfigFileAndDefaultsToInternalConfig that all of kubeadm is using for unmarshal of our API types, + // These tests are reading one file, loading it using LoadInitConfigurationFromFile that all of kubeadm is using for unmarshal of our API types, // and then marshals the internal object to the expected groupVersion { // v1alpha3 -> internal - name: "v1alpha3ToInternal", - in: master_v1alpha3YAML, - out: master_internalYAML, - groupVersion: kubeadm.SchemeGroupVersion, + name: "v1alpha3IsDeprecated", + in: masterV1alpha3YAMLAbstracted, + expectedErr: true, }, { // v1beta1 -> internal name: "v1beta1ToInternal", - in: master_v1beta1YAML, - out: master_internalYAML, + in: masterV1beta1YAMLAbstracted, + out: masterInternalYAMLAbstracted, groupVersion: kubeadm.SchemeGroupVersion, }, - { // v1alpha3 -> internal -> v1beta1 - name: "v1alpha3Tov1beta1", - in: master_v1alpha3YAML, - out: master_v1beta1YAML, - groupVersion: kubeadmapiv1beta1.SchemeGroupVersion, - }, { // v1beta1 -> internal -> v1beta1 name: "v1beta1Tov1beta1", - in: master_v1beta1YAML, - out: master_v1beta1YAML, + in: masterV1beta1YAMLAbstracted, + out: masterV1beta1YAMLAbstracted, groupVersion: kubeadmapiv1beta1.SchemeGroupVersion, }, - // These tests are reading one file that has only a subset of the fields populated, loading it using ConfigFileAndDefaultsToInternalConfig, + // These tests are reading one file that has only a subset of the fields populated, loading it using LoadInitConfigurationFromFile, // and then marshals the internal object to the expected groupVersion { // v1beta1 -> default -> validate -> internal -> v1beta1 name: "incompleteYAMLToDefaultedv1beta1", - in: master_incompleteYAML, - out: master_defaultedYAML, + in: masterIncompleteYAML, + out: masterDefaultedYAMLAbstracted, groupVersion: kubeadmapiv1beta1.SchemeGroupVersion, }, - { // v1alpha3 -> validation should fail + { // v1beta1 -> validation should fail name: "invalidYAMLShouldFail", - in: master_invalidYAML, + in: masterInvalidYAML, expectedErr: true, }, } @@ -101,7 +194,7 @@ func TestConfigFileAndDefaultsToInternalConfig(t *testing.T) { for _, rt := range tests { t.Run(rt.name, func(t2 *testing.T) { - internalcfg, err := ConfigFileAndDefaultsToInternalConfig(rt.in, &kubeadmapiv1beta1.InitConfiguration{}) + internalcfg, err := LoadInitConfigurationFromFile(rt.in) if err != nil { if rt.expectedErr { return diff --git a/cmd/kubeadm/app/util/config/joinconfiguration.go b/cmd/kubeadm/app/util/config/joinconfiguration.go index 34ad12ba358..9de0d1acd0a 100644 --- a/cmd/kubeadm/app/util/config/joinconfiguration.go +++ b/cmd/kubeadm/app/util/config/joinconfiguration.go @@ -21,6 +21,7 @@ import ( "github.com/pkg/errors" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/klog" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmscheme "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/scheme" @@ -54,59 +55,66 @@ func SetJoinControlPlaneDefaults(cfg *kubeadmapi.JoinControlPlane) error { return nil } -// JoinConfigFileAndDefaultsToInternalConfig takes a path to a config file and a versioned configuration that can serve as the default config +// LoadOrDefaultJoinConfiguration takes a path to a config file and a versioned configuration that can serve as the default config // If cfgPath is specified, defaultversionedcfg will always get overridden. Otherwise, the default config (often populated by flags) will be used. // Then the external, versioned configuration is defaulted and converted to the internal type. // Right thereafter, the configuration is defaulted again with dynamic values (like IP addresses of a machine, etc) // Lastly, the internal config is validated and returned. -func JoinConfigFileAndDefaultsToInternalConfig(cfgPath string, defaultversionedcfg *kubeadmapiv1beta1.JoinConfiguration) (*kubeadmapi.JoinConfiguration, error) { - internalcfg := &kubeadmapi.JoinConfiguration{} - +func LoadOrDefaultJoinConfiguration(cfgPath string, defaultversionedcfg *kubeadmapiv1beta1.JoinConfiguration) (*kubeadmapi.JoinConfiguration, error) { if cfgPath != "" { // Loads configuration from config file, if provided // Nb. --config overrides command line flags, TODO: fix this - klog.V(1).Infoln("loading configuration from the given file") + return LoadJoinConfigurationFromFile(cfgPath) + } - b, err := ioutil.ReadFile(cfgPath) - if err != nil { - return nil, errors.Wrapf(err, "unable to read config from %q ", cfgPath) + return DefaultedJoinConfiguration(defaultversionedcfg) +} + +// LoadJoinConfigurationFromFile loads versioned JoinConfiguration from file, converts it to internal, defaults and validates it +func LoadJoinConfigurationFromFile(cfgPath string) (*kubeadmapi.JoinConfiguration, error) { + klog.V(1).Infof("loading configuration from %q", cfgPath) + + b, err := ioutil.ReadFile(cfgPath) + if err != nil { + return nil, errors.Wrapf(err, "unable to read config from %q ", cfgPath) + } + + gvkmap, err := kubeadmutil.SplitYAMLDocuments(b) + if err != nil { + return nil, err + } + + return documentMapToJoinConfiguration(gvkmap, false) +} + +// documentMapToJoinConfiguration takes a map between GVKs and YAML documents (as returned by SplitYAMLDocuments), +// finds a JoinConfiguration, decodes it, dynamically defaults it and then validates it prior to return. +func documentMapToJoinConfiguration(gvkmap map[schema.GroupVersionKind][]byte, allowDeprecated bool) (*kubeadmapi.JoinConfiguration, error) { + joinBytes := []byte{} + for gvk, bytes := range gvkmap { + // not interested in anything other than JoinConfiguration + if gvk.Kind != constants.JoinConfigurationKind { + continue } - gvkmap, err := kubeadmutil.SplitYAMLDocuments(b) - if err != nil { + // check if this version is supported and possibly not deprecated + if err := validateSupportedVersion(gvk.GroupVersion(), allowDeprecated); err != nil { return nil, err } - joinBytes := []byte{} - for gvk, bytes := range gvkmap { - // not interested in anything other than JoinConfiguration - if gvk.Kind != constants.JoinConfigurationKind { - continue - } + // verify the validity of the YAML + strict.VerifyUnmarshalStrict(bytes, gvk) - // check if this version is supported one - if err := ValidateSupportedVersion(gvk.GroupVersion()); err != nil { - return nil, err - } + joinBytes = bytes + } - // verify the validity of the YAML - strict.VerifyUnmarshalStrict(bytes, gvk) + if len(joinBytes) == 0 { + return nil, errors.Errorf("no %s found in the supplied config", constants.JoinConfigurationKind) + } - joinBytes = bytes - } - - if len(joinBytes) == 0 { - return nil, errors.Errorf("no %s found in config file %q", constants.JoinConfigurationKind, cfgPath) - } - - if err := runtime.DecodeInto(kubeadmscheme.Codecs.UniversalDecoder(), joinBytes, internalcfg); err != nil { - return nil, err - } - } else { - // Takes passed flags into account; the defaulting is executed once again enforcing assignement of - // static default values to cfg only for values not provided with flags - kubeadmscheme.Scheme.Default(defaultversionedcfg) - kubeadmscheme.Scheme.Convert(defaultversionedcfg, internalcfg, nil) + internalcfg := &kubeadmapi.JoinConfiguration{} + if err := runtime.DecodeInto(kubeadmscheme.Codecs.UniversalDecoder(), joinBytes, internalcfg); err != nil { + return nil, err } // Applies dynamic defaults to settings not provided with flags @@ -120,3 +128,24 @@ func JoinConfigFileAndDefaultsToInternalConfig(cfgPath string, defaultversionedc return internalcfg, nil } + +// DefaultedJoinConfiguration takes a versioned JoinConfiguration (usually filled in by command line parameters), defaults it, converts it to internal and validates it +func DefaultedJoinConfiguration(defaultversionedcfg *kubeadmapiv1beta1.JoinConfiguration) (*kubeadmapi.JoinConfiguration, error) { + internalcfg := &kubeadmapi.JoinConfiguration{} + + // Takes passed flags into account; the defaulting is executed once again enforcing assignment of + // static default values to cfg only for values not provided with flags + kubeadmscheme.Scheme.Default(defaultversionedcfg) + kubeadmscheme.Scheme.Convert(defaultversionedcfg, internalcfg, nil) + + // Applies dynamic defaults to settings not provided with flags + if err := SetJoinDynamicDefaults(internalcfg); err != nil { + return nil, err + } + // Validates cfg (flags/configs + defaults) + if err := validation.ValidateJoinConfiguration(internalcfg).ToAggregate(); err != nil { + return nil, err + } + + return internalcfg, nil +} diff --git a/cmd/kubeadm/app/util/config/joinconfiguration_test.go b/cmd/kubeadm/app/util/config/joinconfiguration_test.go index 5ce23dbff37..5fac3fa9c3c 100644 --- a/cmd/kubeadm/app/util/config/joinconfiguration_test.go +++ b/cmd/kubeadm/app/util/config/joinconfiguration_test.go @@ -29,57 +29,50 @@ import ( ) const ( - node_v1alpha3YAML = "testdata/conversion/node/v1alpha3.yaml" - node_v1beta1YAML = "testdata/conversion/node/v1beta1.yaml" - node_internalYAML = "testdata/conversion/node/internal.yaml" - node_incompleteYAML = "testdata/defaulting/node/incomplete.yaml" - node_defaultedYAML = "testdata/defaulting/node/defaulted.yaml" - node_invalidYAML = "testdata/validation/invalid_nodecfg.yaml" + nodeV1alpha3YAML = "testdata/conversion/node/v1alpha3.yaml" + nodeV1beta1YAML = "testdata/conversion/node/v1beta1.yaml" + nodeInternalYAML = "testdata/conversion/node/internal.yaml" + nodeIncompleteYAML = "testdata/defaulting/node/incomplete.yaml" + nodeDefaultedYAML = "testdata/defaulting/node/defaulted.yaml" + nodeInvalidYAML = "testdata/validation/invalid_nodecfg.yaml" ) -func TestJoinConfigFileAndDefaultsToInternalConfig(t *testing.T) { +func TestLoadJoinConfigurationFromFile(t *testing.T) { var tests = []struct { name, in, out string groupVersion schema.GroupVersion expectedErr bool }{ - // These tests are reading one file, loading it using JoinConfigFileAndDefaultsToInternalConfig that all of kubeadm is using for unmarshal of our API types, + // These tests are reading one file, loading it using LoadJoinConfigurationFromFile that all of kubeadm is using for unmarshal of our API types, // and then marshals the internal object to the expected groupVersion { // v1alpha3 -> internal - name: "v1alpha3ToInternal", - in: node_v1alpha3YAML, - out: node_internalYAML, - groupVersion: kubeadm.SchemeGroupVersion, + name: "v1alpha3IsDeprecated", + in: nodeV1alpha3YAML, + expectedErr: true, }, { // v1beta1 -> internal name: "v1beta1ToInternal", - in: node_v1beta1YAML, - out: node_internalYAML, + in: nodeV1beta1YAML, + out: nodeInternalYAML, groupVersion: kubeadm.SchemeGroupVersion, }, - { // v1alpha3 -> internal -> v1beta1 - name: "v1alpha3Tov1beta1", - in: node_v1alpha3YAML, - out: node_v1beta1YAML, - groupVersion: kubeadmapiv1beta1.SchemeGroupVersion, - }, { // v1beta1 -> internal -> v1beta1 name: "v1beta1Tov1beta1", - in: node_v1beta1YAML, - out: node_v1beta1YAML, + in: nodeV1beta1YAML, + out: nodeV1beta1YAML, groupVersion: kubeadmapiv1beta1.SchemeGroupVersion, }, - // These tests are reading one file that has only a subset of the fields populated, loading it using JoinConfigFileAndDefaultsToInternalConfig, + // These tests are reading one file that has only a subset of the fields populated, loading it using LoadJoinConfigurationFromFile, // and then marshals the internal object to the expected groupVersion { // v1beta1 -> default -> validate -> internal -> v1beta1 name: "incompleteYAMLToDefaultedv1beta1", - in: node_incompleteYAML, - out: node_defaultedYAML, + in: nodeIncompleteYAML, + out: nodeDefaultedYAML, groupVersion: kubeadmapiv1beta1.SchemeGroupVersion, }, - { // v1alpha3 -> validation should fail + { // v1beta1 -> validation should fail name: "invalidYAMLShouldFail", - in: node_invalidYAML, + in: nodeInvalidYAML, expectedErr: true, }, } @@ -87,7 +80,7 @@ func TestJoinConfigFileAndDefaultsToInternalConfig(t *testing.T) { for _, rt := range tests { t.Run(rt.name, func(t2 *testing.T) { - internalcfg, err := JoinConfigFileAndDefaultsToInternalConfig(rt.in, &kubeadmapiv1beta1.JoinConfiguration{}) + internalcfg, err := LoadJoinConfigurationFromFile(rt.in) if err != nil { if rt.expectedErr { return diff --git a/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml b/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml index 8e8f095f815..1753225c3a7 100644 --- a/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml +++ b/cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml @@ -67,6 +67,10 @@ ComponentConfigs: PortRange: "" ResourceContainer: /kube-proxy UDPIdleTimeout: 250ms + Winkernel: + EnableDSR: false + NetworkName: "" + SourceVip: "" Kubelet: Address: 1.2.3.4 Authentication: diff --git a/cmd/kubeadm/app/util/config/testdata/conversion/master/internal_non_linux.yaml b/cmd/kubeadm/app/util/config/testdata/conversion/master/internal_non_linux.yaml new file mode 100644 index 00000000000..e070df6031b --- /dev/null +++ b/cmd/kubeadm/app/util/config/testdata/conversion/master/internal_non_linux.yaml @@ -0,0 +1,203 @@ +APIServer: + CertSANs: null + ExtraArgs: + authorization-mode: Node,RBAC,Webhook + ExtraVolumes: + - HostPath: /host/read-only + MountPath: /mount/read-only + Name: ReadOnlyVolume + PathType: "" + ReadOnly: true + - HostPath: /host/writable + MountPath: /mount/writable + Name: WritableVolume + PathType: "" + ReadOnly: false + TimeoutForControlPlane: 4m0s +BootstrapTokens: +- Description: "" + Expires: null + Groups: + - system:bootstrappers:kubeadm:default-node-token + TTL: 24h0m0s + Token: s73ybu.6tw6wnqgp5z0wb77 + Usages: + - signing + - authentication +CIImageRepository: "" +CertificatesDir: /etc/kubernetes/pki +ClusterName: kubernetes +ComponentConfigs: + KubeProxy: + BindAddress: 0.0.0.0 + ClientConnection: + AcceptContentTypes: "" + Burst: 10 + ContentType: application/vnd.kubernetes.protobuf + Kubeconfig: /var/lib/kube-proxy/kubeconfig.conf + QPS: 5 + ClusterCIDR: "" + ConfigSyncPeriod: 15m0s + Conntrack: + Max: null + MaxPerCore: 32768 + Min: 131072 + TCPCloseWaitTimeout: 1h0m0s + TCPEstablishedTimeout: 24h0m0s + EnableProfiling: false + FeatureGates: + ServiceNodeExclusion: true + SupportIPVSProxyMode: true + HealthzBindAddress: 0.0.0.0:10256 + HostnameOverride: "" + IPTables: + MasqueradeAll: false + MasqueradeBit: 14 + MinSyncPeriod: 0s + SyncPeriod: 30s + IPVS: + ExcludeCIDRs: null + MinSyncPeriod: 0s + Scheduler: "" + SyncPeriod: 30s + MetricsBindAddress: 127.0.0.1:10249 + Mode: iptables + NodePortAddresses: null + OOMScoreAdj: -999 + PortRange: "" + ResourceContainer: /kube-proxy + UDPIdleTimeout: 250ms + Kubelet: + Address: 1.2.3.4 + Authentication: + Anonymous: + Enabled: false + Webhook: + CacheTTL: 2m0s + Enabled: true + X509: + ClientCAFile: /etc/kubernetes/pki/ca.crt + Authorization: + Mode: Webhook + Webhook: + CacheAuthorizedTTL: 5m0s + CacheUnauthorizedTTL: 30s + CPUCFSQuota: true + CPUCFSQuotaPeriod: 0s + CPUManagerPolicy: none + CPUManagerReconcilePeriod: 10s + CgroupDriver: cgroupfs + CgroupRoot: "" + CgroupsPerQOS: true + ClusterDNS: + - 10.96.0.10 + ClusterDomain: cluster.local + ConfigMapAndSecretChangeDetectionStrategy: Watch + ContainerLogMaxFiles: 5 + ContainerLogMaxSize: 10Mi + ContentType: application/vnd.kubernetes.protobuf + EnableContentionProfiling: false + EnableControllerAttachDetach: true + EnableDebuggingHandlers: true + EnforceNodeAllocatable: + - pods + EventBurst: 10 + EventRecordQPS: 5 + EvictionHard: + imagefs.available: 15% + memory.available: 100Mi + nodefs.available: 10% + EvictionMaxPodGracePeriod: 0 + EvictionMinimumReclaim: null + EvictionPressureTransitionPeriod: 5m0s + EvictionSoft: null + EvictionSoftGracePeriod: null + FailSwapOn: true + FeatureGates: null + FileCheckFrequency: 20s + HTTPCheckFrequency: 20s + HairpinMode: promiscuous-bridge + HealthzBindAddress: 127.0.0.1 + HealthzPort: 10248 + IPTablesDropBit: 15 + IPTablesMasqueradeBit: 14 + ImageGCHighThresholdPercent: 85 + ImageGCLowThresholdPercent: 80 + ImageMinimumGCAge: 2m0s + KubeAPIBurst: 10 + KubeAPIQPS: 5 + KubeReserved: null + KubeReservedCgroup: "" + KubeletCgroups: "" + MakeIPTablesUtilChains: true + MaxOpenFiles: 1000000 + MaxPods: 110 + NodeLeaseDurationSeconds: 40 + NodeStatusReportFrequency: 1m0s + NodeStatusUpdateFrequency: 10s + OOMScoreAdj: -999 + PodCIDR: "" + PodPidsLimit: -1 + PodsPerCore: 0 + Port: 10250 + ProtectKernelDefaults: false + QOSReserved: null + ReadOnlyPort: 0 + RegistryBurst: 10 + RegistryPullQPS: 5 + ResolverConfig: /etc/resolv.conf + RotateCertificates: true + RuntimeRequestTimeout: 2m0s + SerializeImagePulls: true + ServerTLSBootstrap: false + StaticPodPath: /etc/kubernetes/manifests + StaticPodURL: "" + StaticPodURLHeader: null + StreamingConnectionIdleTimeout: 4h0m0s + SyncFrequency: 1m0s + SystemCgroups: "" + SystemReserved: null + SystemReservedCgroup: "" + TLSCertFile: "" + TLSCipherSuites: null + TLSMinVersion: "" + TLSPrivateKeyFile: "" + VolumeStatsAggPeriod: 1m0s +ControlPlaneEndpoint: "" +ControllerManager: + ExtraArgs: null + ExtraVolumes: null +DNS: + ImageRepository: "" + ImageTag: "" + Type: CoreDNS +Etcd: + External: null + Local: + DataDir: /var/lib/etcd + ExtraArgs: null + ImageRepository: "" + ImageTag: "" + PeerCertSANs: null + ServerCertSANs: null +FeatureGates: null +ImageRepository: k8s.gcr.io +KubernetesVersion: v1.12.2 +LocalAPIEndpoint: + AdvertiseAddress: 192.168.2.2 + BindPort: 6443 +Networking: + DNSDomain: cluster.local + PodSubnet: "" + ServiceSubnet: 10.96.0.0/12 +NodeRegistration: + CRISocket: /var/run/dockershim.sock + KubeletExtraArgs: null + Name: master-1 + Taints: + - effect: NoSchedule + key: node-role.kubernetes.io/master +Scheduler: + ExtraArgs: null + ExtraVolumes: null +UseHyperKubeImage: true diff --git a/cmd/kubeadm/app/util/config/testdata/conversion/master/v1alpha3_non_linux.yaml b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1alpha3_non_linux.yaml new file mode 100644 index 00000000000..7666f3202bb --- /dev/null +++ b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1alpha3_non_linux.yaml @@ -0,0 +1,164 @@ +apiEndpoint: + advertiseAddress: 192.168.2.2 + bindPort: 6443 +apiVersion: kubeadm.k8s.io/v1alpha3 +bootstrapTokens: +- groups: + - system:bootstrappers:kubeadm:default-node-token + token: s73ybu.6tw6wnqgp5z0wb77 + ttl: 24h0m0s + usages: + - signing + - authentication +kind: InitConfiguration +nodeRegistration: + criSocket: /var/run/dockershim.sock + name: master-1 + taints: + - effect: NoSchedule + key: node-role.kubernetes.io/master +--- +apiServerExtraArgs: + authorization-mode: Node,RBAC,Webhook +apiServerExtraVolumes: +- hostPath: /host/read-only + mountPath: /mount/read-only + name: ReadOnlyVolume +- hostPath: /host/writable + mountPath: /mount/writable + name: WritableVolume + writable: true +apiVersion: kubeadm.k8s.io/v1alpha3 +auditPolicy: + logDir: /var/log/kubernetes/audit + logMaxAge: 2 + path: "" +certificatesDir: /etc/kubernetes/pki +clusterName: kubernetes +controlPlaneEndpoint: "" +etcd: + local: + dataDir: /var/lib/etcd + image: "" +imageRepository: k8s.gcr.io +kind: ClusterConfiguration +kubernetesVersion: v1.12.2 +networking: + dnsDomain: cluster.local + podSubnet: "" + serviceSubnet: 10.96.0.0/12 +unifiedControlPlaneImage: "k8s.gcr.io/hyperkube:v1.12.2" +--- +apiVersion: kubeproxy.config.k8s.io/v1alpha1 +bindAddress: 0.0.0.0 +clientConnection: + acceptContentTypes: "" + burst: 10 + contentType: application/vnd.kubernetes.protobuf + kubeconfig: /var/lib/kube-proxy/kubeconfig.conf + qps: 5 +clusterCIDR: "" +configSyncPeriod: 15m0s +conntrack: + max: null + maxPerCore: 32768 + min: 131072 + tcpCloseWaitTimeout: 1h0m0s + tcpEstablishedTimeout: 24h0m0s +enableProfiling: false +featureGates: + ServiceNodeExclusion: true + SupportIPVSProxyMode: true +healthzBindAddress: 0.0.0.0:10256 +hostnameOverride: "" +iptables: + masqueradeAll: false + masqueradeBit: 14 + minSyncPeriod: 0s + syncPeriod: 30s +ipvs: + excludeCIDRs: null + minSyncPeriod: 0s + scheduler: "" + syncPeriod: 30s +kind: KubeProxyConfiguration +metricsBindAddress: 127.0.0.1:10249 +mode: iptables +nodePortAddresses: null +oomScoreAdj: -999 +portRange: "" +resourceContainer: /kube-proxy +udpIdleTimeout: 250ms +--- +address: 1.2.3.4 +apiVersion: kubelet.config.k8s.io/v1beta1 +authentication: + anonymous: + enabled: false + webhook: + cacheTTL: 2m0s + enabled: true + x509: + clientCAFile: /etc/kubernetes/pki/ca.crt +authorization: + mode: Webhook + webhook: + cacheAuthorizedTTL: 5m0s + cacheUnauthorizedTTL: 30s +cgroupDriver: cgroupfs +cgroupsPerQOS: true +clusterDNS: +- 10.96.0.10 +clusterDomain: cluster.local +configMapAndSecretChangeDetectionStrategy: Watch +containerLogMaxFiles: 5 +containerLogMaxSize: 10Mi +contentType: application/vnd.kubernetes.protobuf +cpuCFSQuota: true +cpuCFSQuotaPeriod: 0s +cpuManagerPolicy: none +cpuManagerReconcilePeriod: 10s +enableControllerAttachDetach: true +enableDebuggingHandlers: true +enforceNodeAllocatable: +- pods +eventBurst: 10 +eventRecordQPS: 5 +evictionHard: + imagefs.available: 15% + memory.available: 100Mi + nodefs.available: 10% +evictionPressureTransitionPeriod: 5m0s +failSwapOn: true +fileCheckFrequency: 20s +hairpinMode: promiscuous-bridge +healthzBindAddress: 127.0.0.1 +healthzPort: 10248 +httpCheckFrequency: 20s +imageGCHighThresholdPercent: 85 +imageGCLowThresholdPercent: 80 +imageMinimumGCAge: 2m0s +iptablesDropBit: 15 +iptablesMasqueradeBit: 14 +kind: KubeletConfiguration +kubeAPIBurst: 10 +kubeAPIQPS: 5 +makeIPTablesUtilChains: true +maxOpenFiles: 1000000 +maxPods: 110 +nodeLeaseDurationSeconds: 40 +nodeStatusReportFrequency: 1m0s +nodeStatusUpdateFrequency: 10s +oomScoreAdj: -999 +podPidsLimit: -1 +port: 10250 +registryBurst: 10 +registryPullQPS: 5 +resolvConf: /etc/resolv.conf +rotateCertificates: true +runtimeRequestTimeout: 2m0s +serializeImagePulls: true +staticPodPath: /etc/kubernetes/manifests +streamingConnectionIdleTimeout: 4h0m0s +syncFrequency: 1m0s +volumeStatsAggPeriod: 1m0s diff --git a/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml index 7e04fad462c..91d521cb89d 100644 --- a/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml +++ b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml @@ -90,6 +90,10 @@ oomScoreAdj: -999 portRange: "" resourceContainer: /kube-proxy udpIdleTimeout: 250ms +winkernel: + enableDSR: false + networkName: "" + sourceVip: "" --- address: 1.2.3.4 apiVersion: kubelet.config.k8s.io/v1beta1 diff --git a/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1_non_linux.yaml b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1_non_linux.yaml new file mode 100644 index 00000000000..4000e587df1 --- /dev/null +++ b/cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1_non_linux.yaml @@ -0,0 +1,165 @@ +apiVersion: kubeadm.k8s.io/v1beta1 +bootstrapTokens: +- groups: + - system:bootstrappers:kubeadm:default-node-token + token: s73ybu.6tw6wnqgp5z0wb77 + ttl: 24h0m0s + usages: + - signing + - authentication +kind: InitConfiguration +localAPIEndpoint: + advertiseAddress: 192.168.2.2 + bindPort: 6443 +nodeRegistration: + criSocket: /var/run/dockershim.sock + name: master-1 + taints: + - effect: NoSchedule + key: node-role.kubernetes.io/master +--- +apiServer: + extraArgs: + authorization-mode: Node,RBAC,Webhook + extraVolumes: + - hostPath: /host/read-only + mountPath: /mount/read-only + name: ReadOnlyVolume + readOnly: true + - hostPath: /host/writable + mountPath: /mount/writable + name: WritableVolume + timeoutForControlPlane: 4m0s +apiVersion: kubeadm.k8s.io/v1beta1 +certificatesDir: /etc/kubernetes/pki +clusterName: kubernetes +controlPlaneEndpoint: "" +controllerManager: {} +dns: + type: CoreDNS +etcd: + local: + dataDir: /var/lib/etcd +imageRepository: k8s.gcr.io +kind: ClusterConfiguration +kubernetesVersion: v1.12.2 +networking: + dnsDomain: cluster.local + podSubnet: "" + serviceSubnet: 10.96.0.0/12 +scheduler: {} +useHyperKubeImage: true +--- +apiVersion: kubeproxy.config.k8s.io/v1alpha1 +bindAddress: 0.0.0.0 +clientConnection: + acceptContentTypes: "" + burst: 10 + contentType: application/vnd.kubernetes.protobuf + kubeconfig: /var/lib/kube-proxy/kubeconfig.conf + qps: 5 +clusterCIDR: "" +configSyncPeriod: 15m0s +conntrack: + max: null + maxPerCore: 32768 + min: 131072 + tcpCloseWaitTimeout: 1h0m0s + tcpEstablishedTimeout: 24h0m0s +enableProfiling: false +featureGates: + ServiceNodeExclusion: true + SupportIPVSProxyMode: true +healthzBindAddress: 0.0.0.0:10256 +hostnameOverride: "" +iptables: + masqueradeAll: false + masqueradeBit: 14 + minSyncPeriod: 0s + syncPeriod: 30s +ipvs: + excludeCIDRs: null + minSyncPeriod: 0s + scheduler: "" + syncPeriod: 30s +kind: KubeProxyConfiguration +metricsBindAddress: 127.0.0.1:10249 +mode: iptables +nodePortAddresses: null +oomScoreAdj: -999 +portRange: "" +resourceContainer: /kube-proxy +udpIdleTimeout: 250ms +--- +address: 1.2.3.4 +apiVersion: kubelet.config.k8s.io/v1beta1 +authentication: + anonymous: + enabled: false + webhook: + cacheTTL: 2m0s + enabled: true + x509: + clientCAFile: /etc/kubernetes/pki/ca.crt +authorization: + mode: Webhook + webhook: + cacheAuthorizedTTL: 5m0s + cacheUnauthorizedTTL: 30s +cgroupDriver: cgroupfs +cgroupsPerQOS: true +clusterDNS: +- 10.96.0.10 +clusterDomain: cluster.local +configMapAndSecretChangeDetectionStrategy: Watch +containerLogMaxFiles: 5 +containerLogMaxSize: 10Mi +contentType: application/vnd.kubernetes.protobuf +cpuCFSQuota: true +cpuCFSQuotaPeriod: 0s +cpuManagerPolicy: none +cpuManagerReconcilePeriod: 10s +enableControllerAttachDetach: true +enableDebuggingHandlers: true +enforceNodeAllocatable: +- pods +eventBurst: 10 +eventRecordQPS: 5 +evictionHard: + imagefs.available: 15% + memory.available: 100Mi + nodefs.available: 10% +evictionPressureTransitionPeriod: 5m0s +failSwapOn: true +fileCheckFrequency: 20s +hairpinMode: promiscuous-bridge +healthzBindAddress: 127.0.0.1 +healthzPort: 10248 +httpCheckFrequency: 20s +imageGCHighThresholdPercent: 85 +imageGCLowThresholdPercent: 80 +imageMinimumGCAge: 2m0s +iptablesDropBit: 15 +iptablesMasqueradeBit: 14 +kind: KubeletConfiguration +kubeAPIBurst: 10 +kubeAPIQPS: 5 +makeIPTablesUtilChains: true +maxOpenFiles: 1000000 +maxPods: 110 +nodeLeaseDurationSeconds: 40 +nodeStatusReportFrequency: 1m0s +nodeStatusUpdateFrequency: 10s +oomScoreAdj: -999 +podPidsLimit: -1 +port: 10250 +registryBurst: 10 +registryPullQPS: 5 +resolvConf: /etc/resolv.conf +rotateCertificates: true +runtimeRequestTimeout: 2m0s +serializeImagePulls: true +staticPodPath: /etc/kubernetes/manifests +streamingConnectionIdleTimeout: 4h0m0s +syncFrequency: 1m0s +volumeStatsAggPeriod: 1m0s diff --git a/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml b/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml index 0eac60cec3e..459029bf30d 100644 --- a/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml +++ b/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml @@ -76,6 +76,10 @@ oomScoreAdj: -999 portRange: "" resourceContainer: /kube-proxy udpIdleTimeout: 250ms +winkernel: + enableDSR: false + networkName: "" + sourceVip: "" --- address: 0.0.0.0 apiVersion: kubelet.config.k8s.io/v1beta1 diff --git a/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted_non_linux.yaml b/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted_non_linux.yaml new file mode 100644 index 00000000000..ba7d7808a04 --- /dev/null +++ b/cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted_non_linux.yaml @@ -0,0 +1,151 @@ +apiVersion: kubeadm.k8s.io/v1beta1 +bootstrapTokens: +- groups: + - system:bootstrappers:kubeadm:default-node-token + token: s73ybu.6tw6wnqgp5z0wb77 + ttl: 24h0m0s + usages: + - signing + - authentication +kind: InitConfiguration +localAPIEndpoint: + advertiseAddress: 192.168.2.2 + bindPort: 6443 +nodeRegistration: + criSocket: /var/run/criruntime.sock + name: master-1 + taints: + - effect: NoSchedule + key: node-role.kubernetes.io/master +--- +apiServer: + timeoutForControlPlane: 4m0s +apiVersion: kubeadm.k8s.io/v1beta1 +certificatesDir: /var/lib/kubernetes/pki +clusterName: kubernetes +controlPlaneEndpoint: "" +controllerManager: {} +dns: + type: CoreDNS +etcd: + local: + dataDir: /var/lib/etcd +imageRepository: my-company.com +kind: ClusterConfiguration +kubernetesVersion: v1.13.0 +networking: + dnsDomain: cluster.global + podSubnet: 10.148.0.0/16 + serviceSubnet: 10.196.0.0/12 +scheduler: {} +--- +apiVersion: kubeproxy.config.k8s.io/v1alpha1 +bindAddress: 0.0.0.0 +clientConnection: + acceptContentTypes: "" + burst: 10 + contentType: application/vnd.kubernetes.protobuf + kubeconfig: /var/lib/kube-proxy/kubeconfig.conf + qps: 5 +clusterCIDR: 10.148.0.0/16 +configSyncPeriod: 15m0s +conntrack: + max: null + maxPerCore: 32768 + min: 131072 + tcpCloseWaitTimeout: 1h0m0s + tcpEstablishedTimeout: 24h0m0s +enableProfiling: false +healthzBindAddress: 0.0.0.0:10256 +hostnameOverride: "" +iptables: + masqueradeAll: false + masqueradeBit: 14 + minSyncPeriod: 0s + syncPeriod: 30s +ipvs: + excludeCIDRs: null + minSyncPeriod: 0s + scheduler: "" + syncPeriod: 30s +kind: KubeProxyConfiguration +metricsBindAddress: 127.0.0.1:10249 +mode: "" +nodePortAddresses: null +oomScoreAdj: -999 +portRange: "" +resourceContainer: /kube-proxy +udpIdleTimeout: 250ms +--- +address: 0.0.0.0 +apiVersion: kubelet.config.k8s.io/v1beta1 +authentication: + anonymous: + enabled: false + webhook: + cacheTTL: 2m0s + enabled: true + x509: + clientCAFile: /etc/kubernetes/pki/ca.crt +authorization: + mode: Webhook + webhook: + cacheAuthorizedTTL: 5m0s + cacheUnauthorizedTTL: 30s +cgroupDriver: cgroupfs +cgroupsPerQOS: true +clusterDNS: +- 10.192.0.10 +clusterDomain: cluster.global +configMapAndSecretChangeDetectionStrategy: Watch +containerLogMaxFiles: 5 +containerLogMaxSize: 10Mi +contentType: application/vnd.kubernetes.protobuf +cpuCFSQuota: true +cpuCFSQuotaPeriod: 100ms +cpuManagerPolicy: none +cpuManagerReconcilePeriod: 10s +enableControllerAttachDetach: true +enableDebuggingHandlers: true +enforceNodeAllocatable: +- pods +eventBurst: 10 +eventRecordQPS: 5 +evictionHard: + imagefs.available: 15% + memory.available: 100Mi + nodefs.available: 10% +evictionPressureTransitionPeriod: 5m0s +failSwapOn: true +fileCheckFrequency: 20s +hairpinMode: promiscuous-bridge +healthzBindAddress: 127.0.0.1 +healthzPort: 10248 +httpCheckFrequency: 20s +imageGCHighThresholdPercent: 85 +imageGCLowThresholdPercent: 80 +imageMinimumGCAge: 2m0s +iptablesDropBit: 15 +iptablesMasqueradeBit: 14 +kind: KubeletConfiguration +kubeAPIBurst: 10 +kubeAPIQPS: 5 +makeIPTablesUtilChains: true +maxOpenFiles: 1000000 +maxPods: 110 +nodeLeaseDurationSeconds: 40 +nodeStatusReportFrequency: 1m0s +nodeStatusUpdateFrequency: 10s +oomScoreAdj: -999 +podPidsLimit: -1 +port: 10250 +registryBurst: 10 +registryPullQPS: 5 +resolvConf: /etc/resolv.conf +rotateCertificates: true +runtimeRequestTimeout: 2m0s +serializeImagePulls: true +staticPodPath: /etc/kubernetes/manifests +streamingConnectionIdleTimeout: 4h0m0s +syncFrequency: 1m0s +volumeStatsAggPeriod: 1m0s diff --git a/cmd/kubeadm/app/util/config/testdata/defaulting/node/incomplete.yaml b/cmd/kubeadm/app/util/config/testdata/defaulting/node/incomplete.yaml index ff990c1a70c..870a79e5be0 100644 --- a/cmd/kubeadm/app/util/config/testdata/defaulting/node/incomplete.yaml +++ b/cmd/kubeadm/app/util/config/testdata/defaulting/node/incomplete.yaml @@ -1,11 +1,11 @@ -apiVersion: kubeadm.k8s.io/v1alpha3 -discoveryToken: abcdef.0123456789abcdef -discoveryTokenAPIServers: -- kube-apiserver:6443 -discoveryTokenUnsafeSkipCAVerification: true +apiVersion: kubeadm.k8s.io/v1beta1 +discovery: + bootstrapToken: + apiServerEndpoint: kube-apiserver:6443 + token: abcdef.0123456789abcdef + unsafeSkipCAVerification: true + tlsBootstrapToken: abcdef.0123456789abcdef kind: JoinConfiguration nodeRegistration: criSocket: /var/run/dockershim.sock name: thegopher -tlsBootstrapToken: abcdef.0123456789abcdef -token: abcdef.0123456789abcdef diff --git a/cmd/kubeadm/app/util/crypto/BUILD b/cmd/kubeadm/app/util/crypto/BUILD new file mode 100644 index 00000000000..8993845f279 --- /dev/null +++ b/cmd/kubeadm/app/util/crypto/BUILD @@ -0,0 +1,33 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["crypto.go"], + importpath = "k8s.io/kubernetes/cmd/kubeadm/app/util/crypto", + visibility = ["//visibility:public"], + deps = ["//vendor/github.com/pkg/errors:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) + +go_test( + name = "go_default_test", + srcs = ["crypto_test.go"], + embed = [":go_default_library"], + deps = [ + "//cmd/kubeadm/app/constants:go_default_library", + "//vendor/github.com/lithammer/dedent:go_default_library", + ], +) diff --git a/cmd/kubeadm/app/util/crypto/crypto.go b/cmd/kubeadm/app/util/crypto/crypto.go new file mode 100644 index 00000000000..c3b866bee2f --- /dev/null +++ b/cmd/kubeadm/app/util/crypto/crypto.go @@ -0,0 +1,76 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package crypto + +import ( + "github.com/pkg/errors" + + "crypto/aes" + "crypto/cipher" + "crypto/rand" +) + +// CreateRandBytes returns a cryptographically secure slice of random bytes with a given size +func CreateRandBytes(size uint32) ([]byte, error) { + bytes := make([]byte, size) + if _, err := rand.Read(bytes); err != nil { + return nil, err + } + return bytes, nil +} + +// EncryptBytes takes a byte slice of raw data and an encryption key and returns an encrypted byte slice of data. +// The key must be an AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256 +func EncryptBytes(data, key []byte) ([]byte, error) { + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + gcm, err := cipher.NewGCM(block) + if err != nil { + return nil, err + } + nonce, err := CreateRandBytes(uint32(gcm.NonceSize())) + if err != nil { + return nil, err + } + return gcm.Seal(nonce, nonce, data, nil), nil +} + +// DecryptBytes takes a byte slice of encrypted data and an encryption key and returns a decrypted byte slice of data. +// The key must be an AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256 +func DecryptBytes(data, key []byte) ([]byte, error) { + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + gcm, err := cipher.NewGCM(block) + if err != nil { + return nil, err + } + nonceSize := gcm.NonceSize() + if len(data) < nonceSize { + return nil, errors.New("size of data is less than the nonce") + } + + nonce, out := data[:nonceSize], data[nonceSize:] + out, err = gcm.Open(nil, nonce, out, nil) + if err != nil { + return nil, err + } + return out, nil +} diff --git a/cmd/kubeadm/app/util/crypto/crypto_test.go b/cmd/kubeadm/app/util/crypto/crypto_test.go new file mode 100644 index 00000000000..40fd2959545 --- /dev/null +++ b/cmd/kubeadm/app/util/crypto/crypto_test.go @@ -0,0 +1,93 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package crypto + +import ( + "testing" + + "github.com/lithammer/dedent" + + kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" +) + +func TestEncryptAndDecryptData(t *testing.T) { + key1, err := CreateRandBytes(kubeadmconstants.CertificateKeySize) + if err != nil { + t.Fatal(err) + } + key2, err := CreateRandBytes(kubeadmconstants.CertificateKeySize) + if err != nil { + t.Fatal(err) + } + testData := []byte("Lorem ipsum dolor sit amet, consectetur adipiscing elit.") + + tests := map[string]struct { + encryptKey []byte + decryptKey []byte + data []byte + expectDecryptErr bool + }{ + "can decrypt using the correct key": { + encryptKey: key1, + decryptKey: key1, + data: testData, + expectDecryptErr: false, + }, + "can't decrypt using incorrect key": { + encryptKey: key1, + decryptKey: key2, + data: testData, + expectDecryptErr: true, + }, + "can't decrypt without a key": { + encryptKey: key1, + decryptKey: []byte{}, + data: testData, + expectDecryptErr: true, + }, + } + + for name, test := range tests { + t.Run(name, func(t2 *testing.T) { + encryptedData, err := EncryptBytes(test.data, test.encryptKey) + if err != nil { + t2.Fatalf(dedent.Dedent( + "EncryptBytes failed\nerror: %v"), + err, + ) + } + + decryptedData, err := DecryptBytes(encryptedData, test.decryptKey) + if (err != nil) != test.expectDecryptErr { + t2.Fatalf(dedent.Dedent( + "DecryptBytes failed\nexpected error: %t\n\tgot: %t\nerror: %v"), + test.expectDecryptErr, + (err != nil), + err, + ) + } + + if (string(decryptedData) != string(test.data)) && !test.expectDecryptErr { + t2.Fatalf(dedent.Dedent( + "EncryptDecryptBytes failed\nexpected decryptedData equal to data\n\tgot: data=%q decryptedData=%q"), + test.data, + string(decryptedData), + ) + } + }) + } +} diff --git a/cmd/kubeadm/app/util/staticpod/BUILD b/cmd/kubeadm/app/util/staticpod/BUILD index 2875438c3a0..0af544da422 100644 --- a/cmd/kubeadm/app/util/staticpod/BUILD +++ b/cmd/kubeadm/app/util/staticpod/BUILD @@ -26,7 +26,6 @@ go_library( "//cmd/kubeadm/app/apis/kubeadm:go_default_library", "//cmd/kubeadm/app/constants:go_default_library", "//cmd/kubeadm/app/util:go_default_library", - "//pkg/kubelet/types:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/cmd/kubeadm/app/util/staticpod/utils.go b/cmd/kubeadm/app/util/staticpod/utils.go index 9685742e872..c7cc66041ac 100644 --- a/cmd/kubeadm/app/util/staticpod/utils.go +++ b/cmd/kubeadm/app/util/staticpod/utils.go @@ -34,7 +34,6 @@ import ( kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" "k8s.io/kubernetes/cmd/kubeadm/app/util" - kubetypes "k8s.io/kubernetes/pkg/kubelet/types" ) const ( @@ -56,9 +55,8 @@ func ComponentPod(container v1.Container, volumes map[string]v1.Volume) v1.Pod { Kind: "Pod", }, ObjectMeta: metav1.ObjectMeta{ - Name: container.Name, - Namespace: metav1.NamespaceSystem, - Annotations: map[string]string{kubetypes.CriticalPodAnnotationKey: ""}, + Name: container.Name, + Namespace: metav1.NamespaceSystem, // The component and tier labels are useful for quickly identifying the control plane Pods when doing a .List() // against Pods in the kube-system namespace. Can for example be used together with the WaitForPodsWithLabel function Labels: map[string]string{"component": container.Name, "tier": "control-plane"}, diff --git a/cmd/kubeadm/app/util/staticpod/utils_test.go b/cmd/kubeadm/app/util/staticpod/utils_test.go index de90accdca2..125a496b682 100644 --- a/cmd/kubeadm/app/util/staticpod/utils_test.go +++ b/cmd/kubeadm/app/util/staticpod/utils_test.go @@ -254,10 +254,9 @@ func TestComponentPod(t *testing.T) { Kind: "Pod", }, ObjectMeta: metav1.ObjectMeta{ - Name: "foo", - Namespace: "kube-system", - Annotations: map[string]string{"scheduler.alpha.kubernetes.io/critical-pod": ""}, - Labels: map[string]string{"component": "foo", "tier": "control-plane"}, + Name: "foo", + Namespace: "kube-system", + Labels: map[string]string{"component": "foo", "tier": "control-plane"}, }, Spec: v1.PodSpec{ Containers: []v1.Container{ diff --git a/cmd/kubeadm/test/cmd/init_test.go b/cmd/kubeadm/test/cmd/init_test.go index c96a21e3e52..68e30332d90 100644 --- a/cmd/kubeadm/test/cmd/init_test.go +++ b/cmd/kubeadm/test/cmd/init_test.go @@ -146,19 +146,19 @@ func TestCmdInitConfig(t *testing.T) { expected: false, }, { - name: "can't load v1alpha1 config", + name: "can't load old v1alpha1 config", args: "--config=testdata/init/v1alpha1.yaml", expected: false, }, { - name: "can't load v1alpha2 config", + name: "can't load old v1alpha2 config", args: "--config=testdata/init/v1alpha2.yaml", expected: false, }, { - name: "can load v1alpha3 config", + name: "can't load deprecated v1alpha3 config", args: "--config=testdata/init/v1alpha3.yaml", - expected: true, + expected: false, }, { name: "can load v1beta1 config", diff --git a/cmd/kubeadm/test/util.go b/cmd/kubeadm/test/util.go index 6425fa9c530..3ece1d9a0cd 100644 --- a/cmd/kubeadm/test/util.go +++ b/cmd/kubeadm/test/util.go @@ -157,7 +157,7 @@ func AssertError(t *testing.T, err error, expected string) { // GetDefaultInternalConfig returns a defaulted kubeadmapi.InitConfiguration func GetDefaultInternalConfig(t *testing.T) *kubeadmapi.InitConfiguration { - internalcfg, err := configutil.ConfigFileAndDefaultsToInternalConfig("", &kubeadmapiv1beta1.InitConfiguration{}) + internalcfg, err := configutil.DefaultedInitConfiguration(&kubeadmapiv1beta1.InitConfiguration{}) if err != nil { t.Fatalf("unexpected error getting default config: %v", err) } diff --git a/cmd/kubectl/BUILD b/cmd/kubectl/BUILD index eb60490cfdd..ff8fe387fe1 100644 --- a/cmd/kubectl/BUILD +++ b/cmd/kubectl/BUILD @@ -21,8 +21,8 @@ go_library( deps = [ "//pkg/kubectl/cmd:go_default_library", "//pkg/kubectl/util/logs:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/plugin/pkg/client/auth:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], ) diff --git a/cmd/kubectl/OWNERS b/cmd/kubectl/OWNERS index 4ac9429057e..a1f6b7eee30 100644 --- a/cmd/kubectl/OWNERS +++ b/cmd/kubectl/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/cmd/kubectl/kubectl.go b/cmd/kubectl/kubectl.go index 35149cc8c82..dff1143b017 100644 --- a/cmd/kubectl/kubectl.go +++ b/cmd/kubectl/kubectl.go @@ -25,7 +25,7 @@ import ( "github.com/spf13/pflag" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/kubernetes/pkg/kubectl/cmd" "k8s.io/kubernetes/pkg/kubectl/util/logs" @@ -39,11 +39,11 @@ func main() { command := cmd.NewDefaultKubectlCommand() // TODO: once we switch everything over to Cobra commands, we can go back to calling - // utilflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the + // cliflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the // normalize func and add the go flag set by hand. - pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) pflag.CommandLine.AddGoFlagSet(goflag.CommandLine) - // utilflag.InitFlags() + // cliflag.InitFlags() logs.InitLogs() defer logs.FlushLogs() diff --git a/cmd/kubelet/OWNERS b/cmd/kubelet/OWNERS index 31df1d8d4ea..0031c93d289 100644 --- a/cmd/kubelet/OWNERS +++ b/cmd/kubelet/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dchen1107 - derekwaynecarr diff --git a/cmd/kubelet/app/BUILD b/cmd/kubelet/app/BUILD index 6a9a8b2a4a7..43211aeb286 100644 --- a/cmd/kubelet/app/BUILD +++ b/cmd/kubelet/app/BUILD @@ -68,6 +68,7 @@ go_library( "//pkg/kubelet/kubeletconfig/configfiles:go_default_library", "//pkg/kubelet/server:go_default_library", "//pkg/kubelet/server/streaming:go_default_library", + "//pkg/kubelet/stats/pidlimit:go_default_library", "//pkg/kubelet/types:go_default_library", "//pkg/util/configz:go_default_library", "//pkg/util/filesystem:go_default_library", @@ -121,7 +122,6 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/authorization/authorizerfactory:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/healthz:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authentication/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/authorization/v1beta1:go_default_library", @@ -133,6 +133,7 @@ go_library( "//staging/src/k8s.io/client-go/util/cert:go_default_library", "//staging/src/k8s.io/client-go/util/certificate:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/csi-api/pkg/client/clientset/versioned:go_default_library", "//staging/src/k8s.io/kubelet/config/v1beta1:go_default_library", "//staging/src/k8s.io/node-api/pkg/client/clientset/versioned:go_default_library", diff --git a/cmd/kubelet/app/OWNERS b/cmd/kubelet/app/OWNERS old mode 100755 new mode 100644 index 9c8026c51e6..d7211290337 --- a/cmd/kubelet/app/OWNERS +++ b/cmd/kubelet/app/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sig-node-reviewers diff --git a/cmd/kubelet/app/options/BUILD b/cmd/kubelet/app/options/BUILD index e4de58aac34..e76c2e10898 100644 --- a/cmd/kubelet/app/options/BUILD +++ b/cmd/kubelet/app/options/BUILD @@ -36,7 +36,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", "//staging/src/k8s.io/kubelet/config/v1beta1:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", @@ -74,7 +74,7 @@ go_test( embed = [":go_default_library"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], ) diff --git a/cmd/kubelet/app/options/options.go b/cmd/kubelet/app/options/options.go index f435215bd0d..8c386bbdc06 100644 --- a/cmd/kubelet/app/options/options.go +++ b/cmd/kubelet/app/options/options.go @@ -19,7 +19,7 @@ package options import ( "fmt" - _ "net/http/pprof" + _ "net/http/pprof" // Enable pprof HTTP handlers. "path/filepath" "runtime" "strings" @@ -29,7 +29,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/klog" "k8s.io/kubelet/config/v1beta1" "k8s.io/kubernetes/pkg/apis/core" @@ -47,10 +47,11 @@ import ( const defaultRootDir = "/var/lib/kubelet" +// KubeletFlags contains configuration flags for the Kubelet. // A configuration field should go in KubeletFlags instead of KubeletConfiguration if any of these are true: -// - its value will never, or cannot safely be changed during the lifetime of a node -// - its value cannot be safely shared between nodes at the same time (e.g. a hostname) -// KubeletConfiguration is intended to be shared between nodes +// - its value will never, or cannot safely be changed during the lifetime of a node, or +// - its value cannot be safely shared between nodes at the same time (e.g. a hostname); +// KubeletConfiguration is intended to be shared between nodes. // In general, please try to avoid adding flags or configuration fields, // we already have a confusingly large amount of them. type KubeletFlags struct { @@ -108,7 +109,7 @@ type KubeletFlags struct { // The path may be absolute or relative; relative paths are under the Kubelet's current working directory. // Providing this flag enables dynamic kubelet configuration. // To use this flag, the DynamicKubeletConfig feature gate must be enabled. - DynamicConfigDir flag.StringFlag + DynamicConfigDir cliflag.StringFlag // The Kubelet will load its initial configuration from this file. // The path may be absolute or relative; relative paths are under the Kubelet's current working directory. @@ -147,7 +148,7 @@ type KubeletFlags struct { // and fails the mount operation fails. ExperimentalCheckNodeCapabilitiesBeforeMount bool // This flag, if set, will avoid including `EvictionHard` limits while computing Node Allocatable. - // Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node-allocatable.md) doc for more information. + // Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information. ExperimentalNodeAllocatableIgnoreEvictionThreshold bool // Node Labels are the node labels to add when registering the node in the cluster NodeLabels map[string]string @@ -245,6 +246,7 @@ func NewKubeletFlags() *KubeletFlags { } } +// ValidateKubeletFlags validates Kubelet's configuration flags and returns an error if they are invalid. func ValidateKubeletFlags(f *KubeletFlags) error { // ensure that nobody sets DynamicConfigDir if the dynamic config feature gate is turned off if f.DynamicConfigDir.Provided() && !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) { @@ -336,7 +338,7 @@ func NewKubeletServer() (*KubeletServer, error) { }, nil } -// validateKubeletServer validates configuration of KubeletServer and returns an error if the input configuration is invalid +// ValidateKubeletServer validates configuration of KubeletServer and returns an error if the input configuration is invalid. func ValidateKubeletServer(s *KubeletServer) error { // please add any KubeletConfiguration validation to the kubeletconfigvalidation.ValidateKubeletConfiguration function if err := kubeletconfigvalidation.ValidateKubeletConfiguration(&s.KubeletConfiguration); err != nil { @@ -404,7 +406,6 @@ func (f *KubeletFlags) AddFlags(mainfs *pflag.FlagSet) { fs.BoolVar(&f.RegisterNode, "register-node", f.RegisterNode, "Register the node with the apiserver. If --kubeconfig is not provided, this flag is irrelevant, as the Kubelet won't have an apiserver to register with.") fs.Var(utiltaints.NewTaintsVar(&f.RegisterWithTaints), "register-with-taints", "Register the node with the given list of taints (comma separated \"=:\"). No-op if register-node is false.") - fs.BoolVar(&f.Containerized, "containerized", f.Containerized, "Running kubelet in a container.") // EXPERIMENTAL FLAGS fs.StringVar(&f.ExperimentalMounterPath, "experimental-mounter-path", f.ExperimentalMounterPath, "[Experimental] Path of mounter binary. Leave empty to use the default mount.") @@ -414,7 +415,7 @@ func (f *KubeletFlags) AddFlags(mainfs *pflag.FlagSet) { fs.StringVar(&f.RemoteImageEndpoint, "image-service-endpoint", f.RemoteImageEndpoint, "[Experimental] The endpoint of remote image service. If not specified, it will be the same with container-runtime-endpoint by default. Currently unix socket and tcp endpoints are supported on Linux, while npipe and tcp endpoints are supported on windows. Examples:'unix:///var/run/dockershim.sock', 'npipe:////./pipe/dockershim'") fs.BoolVar(&f.ExperimentalCheckNodeCapabilitiesBeforeMount, "experimental-check-node-capabilities-before-mount", f.ExperimentalCheckNodeCapabilitiesBeforeMount, "[Experimental] if set true, the kubelet will check the underlying node for required components (binaries, etc.) before performing the mount") fs.BoolVar(&f.ExperimentalNodeAllocatableIgnoreEvictionThreshold, "experimental-allocatable-ignore-eviction", f.ExperimentalNodeAllocatableIgnoreEvictionThreshold, "When set to 'true', Hard Eviction Thresholds will be ignored while calculating Node Allocatable. See https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for more details. [default=false]") - bindableNodeLabels := flag.ConfigurationMap(f.NodeLabels) + bindableNodeLabels := cliflag.ConfigurationMap(f.NodeLabels) fs.Var(&bindableNodeLabels, "node-labels", fmt.Sprintf(" Labels to add when registering the node in the cluster. Labels must be key=value pairs separated by ','. Labels in the 'kubernetes.io' namespace must begin with an allowed prefix (%s) or be in the specifically allowed set (%s)", strings.Join(kubeletapis.KubeletLabelNamespaces(), ", "), strings.Join(kubeletapis.KubeletLabels(), ", "))) fs.StringVar(&f.VolumePluginDir, "volume-plugin-dir", f.VolumePluginDir, "The full path of the directory in which to search for additional third party volume plugins") fs.StringVar(&f.LockFilePath, "lock-file", f.LockFilePath, " The path to file for kubelet to use as a lock file.") @@ -424,6 +425,8 @@ func (f *KubeletFlags) AddFlags(mainfs *pflag.FlagSet) { fs.Int32Var(&f.NodeStatusMaxImages, "node-status-max-images", f.NodeStatusMaxImages, " The maximum number of images to report in Node.Status.Images. If -1 is specified, no cap will be applied.") // DEPRECATED FLAGS + fs.BoolVar(&f.Containerized, "containerized", f.Containerized, "Running kubelet in a container.") + fs.MarkDeprecated("containerized", "This feature will be removed in a later release.") fs.StringVar(&f.BootstrapKubeconfig, "experimental-bootstrap-kubeconfig", f.BootstrapKubeconfig, "") fs.MarkDeprecated("experimental-bootstrap-kubeconfig", "Use --bootstrap-kubeconfig") fs.DurationVar(&f.MinimumGCAge.Duration, "minimum-container-ttl-duration", f.MinimumGCAge.Duration, "Minimum age for a finished container before it is garbage collected. Examples: '300ms', '10s' or '2h45m'") @@ -478,7 +481,7 @@ func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfig fs.DurationVar(&c.FileCheckFrequency.Duration, "file-check-frequency", c.FileCheckFrequency.Duration, "Duration between checking config files for new data") fs.DurationVar(&c.HTTPCheckFrequency.Duration, "http-check-frequency", c.HTTPCheckFrequency.Duration, "Duration between checking http for new data") fs.StringVar(&c.StaticPodURL, "manifest-url", c.StaticPodURL, "URL for accessing additional Pod specifications to run") - fs.Var(flag.NewColonSeparatedMultimapStringString(&c.StaticPodURLHeader), "manifest-url-header", "Comma-separated list of HTTP headers to use when accessing the url provided to --manifest-url. Multiple headers with the same name will be added in the same order provided. This flag can be repeatedly invoked. For example: `--manifest-url-header 'a:hello,b:again,c:world' --manifest-url-header 'b:beautiful'`") + fs.Var(cliflag.NewColonSeparatedMultimapStringString(&c.StaticPodURLHeader), "manifest-url-header", "Comma-separated list of HTTP headers to use when accessing the url provided to --manifest-url. Multiple headers with the same name will be added in the same order provided. This flag can be repeatedly invoked. For example: `--manifest-url-header 'a:hello,b:again,c:world' --manifest-url-header 'b:beautiful'`") fs.Var(utilflag.IPVar{Val: &c.Address}, "address", "The IP address for the Kubelet to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)") fs.Int32Var(&c.Port, "port", c.Port, "The port for the Kubelet to serve on.") fs.Int32Var(&c.ReadOnlyPort, "read-only-port", c.ReadOnlyPort, "The read-only port for the Kubelet to serve on with no authentication/authorization (set to 0 to disable)") @@ -512,12 +515,12 @@ func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfig fs.StringVar(&c.TLSPrivateKeyFile, "tls-private-key-file", c.TLSPrivateKeyFile, "File containing x509 private key matching --tls-cert-file.") fs.BoolVar(&c.ServerTLSBootstrap, "rotate-server-certificates", c.ServerTLSBootstrap, "Auto-request and rotate the kubelet serving certificates by requesting new certificates from the kube-apiserver when the certificate expiration approaches. Requires the RotateKubeletServerCertificate feature gate to be enabled, and approval of the submitted CertificateSigningRequest objects.") - tlsCipherPossibleValues := flag.TLSCipherPossibleValues() + tlsCipherPossibleValues := cliflag.TLSCipherPossibleValues() fs.StringSliceVar(&c.TLSCipherSuites, "tls-cipher-suites", c.TLSCipherSuites, "Comma-separated list of cipher suites for the server. "+ "If omitted, the default Go cipher suites will be used. "+ "Possible values: "+strings.Join(tlsCipherPossibleValues, ",")) - tlsPossibleVersions := flag.TLSPossibleVersions() + tlsPossibleVersions := cliflag.TLSPossibleVersions() fs.StringVar(&c.TLSMinVersion, "tls-min-version", c.TLSMinVersion, "Minimum TLS version supported. "+ "Possible values: "+strings.Join(tlsPossibleVersions, ", ")) @@ -542,7 +545,7 @@ func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfig fs.Int32Var(&c.ImageGCHighThresholdPercent, "image-gc-high-threshold", c.ImageGCHighThresholdPercent, "The percent of disk usage after which image garbage collection is always run. Values must be within the range [0, 100], To disable image garbage collection, set to 100. ") fs.Int32Var(&c.ImageGCLowThresholdPercent, "image-gc-low-threshold", c.ImageGCLowThresholdPercent, "The percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. Values must be within the range [0, 100] and should not be larger than that of --image-gc-high-threshold.") fs.DurationVar(&c.VolumeStatsAggPeriod.Duration, "volume-stats-agg-period", c.VolumeStatsAggPeriod.Duration, "Specifies interval for kubelet to calculate and cache the volume disk usage for all pods and volumes. To disable volume calculations, set to 0.") - fs.Var(flag.NewMapStringBool(&c.FeatureGates), "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features. "+ + fs.Var(cliflag.NewMapStringBool(&c.FeatureGates), "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features. "+ "Options are:\n"+strings.Join(utilfeature.DefaultFeatureGate.KnownFeatures(), "\n")) fs.StringVar(&c.KubeletCgroups, "kubelet-cgroups", c.KubeletCgroups, "Optional absolute name of cgroups to create and run the Kubelet in.") fs.StringVar(&c.SystemCgroups, "system-cgroups", c.SystemCgroups, "Optional absolute name of cgroups in which to place all non-kernel processes that are not already inside a cgroup under `/`. Empty for no container. Rolling back the flag requires a reboot.") @@ -552,7 +555,7 @@ func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfig fs.StringVar(&c.CgroupRoot, "cgroup-root", c.CgroupRoot, "Optional root cgroup to use for pods. This is handled by the container runtime on a best effort basis. Default: '', which means use the container runtime default.") fs.StringVar(&c.CPUManagerPolicy, "cpu-manager-policy", c.CPUManagerPolicy, "CPU Manager policy to use. Possible values: 'none', 'static'. Default: 'none'") fs.DurationVar(&c.CPUManagerReconcilePeriod.Duration, "cpu-manager-reconcile-period", c.CPUManagerReconcilePeriod.Duration, " CPU Manager reconciliation period. Examples: '10s', or '1m'. If not supplied, defaults to `NodeStatusUpdateFrequency`") - fs.Var(flag.NewMapStringString(&c.QOSReserved), "qos-reserved", " A set of ResourceName=Percentage (e.g. memory=50%) pairs that describe how pod resource requests are reserved at the QoS level. Currently only memory is supported. Requires the QOSReserved feature gate to be enabled.") + fs.Var(cliflag.NewMapStringString(&c.QOSReserved), "qos-reserved", " A set of ResourceName=Percentage (e.g. memory=50%) pairs that describe how pod resource requests are reserved at the QoS level. Currently only memory is supported. Requires the QOSReserved feature gate to be enabled.") fs.DurationVar(&c.RuntimeRequestTimeout.Duration, "runtime-request-timeout", c.RuntimeRequestTimeout.Duration, "Timeout of all runtime requests except long running request - pull, logs, exec and attach. When timeout exceeded, kubelet will cancel the request, throw out an error and retry later.") fs.StringVar(&c.HairpinMode, "hairpin-mode", c.HairpinMode, "How should the kubelet setup hairpin NAT. This allows endpoints of a Service to loadbalance back to themselves if they should try to access their own Service. Valid values are \"promiscuous-bridge\", \"hairpin-veth\" and \"none\".") fs.Int32Var(&c.MaxPods, "max-pods", c.MaxPods, "Number of Pods that can run on this Kubelet.") @@ -578,18 +581,18 @@ func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfig fs.Int32Var(&c.KubeAPIBurst, "kube-api-burst", c.KubeAPIBurst, "Burst to use while talking with kubernetes apiserver") fs.BoolVar(&c.SerializeImagePulls, "serialize-image-pulls", c.SerializeImagePulls, "Pull images one at a time. We recommend *not* changing the default value on nodes that run docker daemon with version < 1.9 or an Aufs storage backend. Issue #10959 has more details.") - fs.Var(flag.NewLangleSeparatedMapStringString(&c.EvictionHard), "eviction-hard", "A set of eviction thresholds (e.g. memory.available<1Gi) that if met would trigger a pod eviction.") - fs.Var(flag.NewLangleSeparatedMapStringString(&c.EvictionSoft), "eviction-soft", "A set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a pod eviction.") - fs.Var(flag.NewMapStringString(&c.EvictionSoftGracePeriod), "eviction-soft-grace-period", "A set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a pod eviction.") + fs.Var(cliflag.NewLangleSeparatedMapStringString(&c.EvictionHard), "eviction-hard", "A set of eviction thresholds (e.g. memory.available<1Gi) that if met would trigger a pod eviction.") + fs.Var(cliflag.NewLangleSeparatedMapStringString(&c.EvictionSoft), "eviction-soft", "A set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a pod eviction.") + fs.Var(cliflag.NewMapStringString(&c.EvictionSoftGracePeriod), "eviction-soft-grace-period", "A set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a pod eviction.") fs.DurationVar(&c.EvictionPressureTransitionPeriod.Duration, "eviction-pressure-transition-period", c.EvictionPressureTransitionPeriod.Duration, "Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.") fs.Int32Var(&c.EvictionMaxPodGracePeriod, "eviction-max-pod-grace-period", c.EvictionMaxPodGracePeriod, "Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. If negative, defer to pod specified value.") - fs.Var(flag.NewMapStringString(&c.EvictionMinimumReclaim), "eviction-minimum-reclaim", "A set of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure.") + fs.Var(cliflag.NewMapStringString(&c.EvictionMinimumReclaim), "eviction-minimum-reclaim", "A set of minimum reclaims (e.g. imagefs.available=2Gi) that describes the minimum amount of resource the kubelet will reclaim when performing a pod eviction if that resource is under pressure.") fs.Int32Var(&c.PodsPerCore, "pods-per-core", c.PodsPerCore, "Number of Pods per core that can run on this Kubelet. The total number of Pods on this Kubelet cannot exceed max-pods, so max-pods will be used if this calculation results in a larger number of Pods allowed on the Kubelet. A value of 0 disables this limit.") fs.BoolVar(&c.ProtectKernelDefaults, "protect-kernel-defaults", c.ProtectKernelDefaults, "Default kubelet behaviour for kernel tuning. If set, kubelet errors if any of kernel tunables is different than kubelet defaults.") // Node Allocatable Flags - fs.Var(flag.NewMapStringString(&c.SystemReserved), "system-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=500Mi,ephemeral-storage=1Gi) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]") - fs.Var(flag.NewMapStringString(&c.KubeReserved), "kube-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=500Mi,ephemeral-storage=1Gi) pairs that describe resources reserved for kubernetes system components. Currently cpu, memory and local ephemeral storage for root file system are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]") + fs.Var(cliflag.NewMapStringString(&c.SystemReserved), "system-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=500Mi,ephemeral-storage=1Gi) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]") + fs.Var(cliflag.NewMapStringString(&c.KubeReserved), "kube-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=500Mi,ephemeral-storage=1Gi) pairs that describe resources reserved for kubernetes system components. Currently cpu, memory and local ephemeral storage for root file system are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]") fs.StringSliceVar(&c.EnforceNodeAllocatable, "enforce-node-allocatable", c.EnforceNodeAllocatable, "A comma separated list of levels of node allocatable enforcement to be enforced by kubelet. Acceptable options are 'none', 'pods', 'system-reserved', and 'kube-reserved'. If the latter two options are specified, '--system-reserved-cgroup' and '--kube-reserved-cgroup' must also be set, respectively. If 'none' is specified, no additional options should be set. See https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for more details.") fs.StringVar(&c.SystemReservedCgroup, "system-reserved-cgroup", c.SystemReservedCgroup, "Absolute name of the top level cgroup that is used to manage non-kubernetes components for which compute resources were reserved via '--system-reserved' flag. Ex. '/system-reserved'. [default='']") fs.StringVar(&c.KubeReservedCgroup, "kube-reserved-cgroup", c.KubeReservedCgroup, "Absolute name of the top level cgroup that is used to manage kubernetes components for which compute resources were reserved via '--kube-reserved' flag. Ex. '/kube-reserved'. [default='']") diff --git a/cmd/kubelet/app/options/options_test.go b/cmd/kubelet/app/options/options_test.go index dae48969e00..1c976658129 100644 --- a/cmd/kubelet/app/options/options_test.go +++ b/cmd/kubelet/app/options/options_test.go @@ -24,7 +24,7 @@ import ( "github.com/spf13/pflag" "k8s.io/apimachinery/pkg/util/diff" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" ) func newKubeletServerOrDie() *KubeletServer { @@ -36,7 +36,7 @@ func newKubeletServerOrDie() *KubeletServer { } func cleanFlags(s *KubeletServer) { - s.DynamicConfigDir = utilflag.NewStringFlag(s.DynamicConfigDir.Value()) + s.DynamicConfigDir = cliflag.NewStringFlag(s.DynamicConfigDir.Value()) } // TestRoundTrip ensures that flag values from the Kubelet can be serialized @@ -118,8 +118,8 @@ func asArgs(fn, defaultFn func(*pflag.FlagSet)) []string { defaultFn(defaults) var args []string fs.VisitAll(func(flag *pflag.Flag) { - // if the flag implements utilflag.OmitEmpty and the value is Empty, then just omit it from the command line - if omit, ok := flag.Value.(utilflag.OmitEmpty); ok && omit.Empty() { + // if the flag implements cliflag.OmitEmpty and the value is Empty, then just omit it from the command line + if omit, ok := flag.Value.(cliflag.OmitEmpty); ok && omit.Empty() { return } s := flag.Value.String() diff --git a/cmd/kubelet/app/server.go b/cmd/kubelet/app/server.go index dbe21a3b005..1118076723c 100644 --- a/cmd/kubelet/app/server.go +++ b/cmd/kubelet/app/server.go @@ -25,7 +25,6 @@ import ( "math/rand" "net" "net/http" - _ "net/http/pprof" "net/url" "os" "path" @@ -38,7 +37,7 @@ import ( "github.com/spf13/pflag" "k8s.io/klog" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" @@ -47,7 +46,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/server/healthz" utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/apiserver/pkg/util/flag" clientset "k8s.io/client-go/kubernetes" certificatesclient "k8s.io/client-go/kubernetes/typed/certificates/v1beta1" v1core "k8s.io/client-go/kubernetes/typed/core/v1" @@ -57,6 +55,7 @@ import ( certutil "k8s.io/client-go/util/cert" "k8s.io/client-go/util/certificate" cloudprovider "k8s.io/cloud-provider" + cliflag "k8s.io/component-base/cli/flag" csiclientset "k8s.io/csi-api/pkg/client/clientset/versioned" kubeletconfigv1beta1 "k8s.io/kubelet/config/v1beta1" "k8s.io/kubernetes/cmd/kubelet/app/options" @@ -83,6 +82,7 @@ import ( "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles" "k8s.io/kubernetes/pkg/kubelet/server" "k8s.io/kubernetes/pkg/kubelet/server/streaming" + "k8s.io/kubernetes/pkg/kubelet/stats/pidlimit" kubetypes "k8s.io/kubernetes/pkg/kubelet/types" "k8s.io/kubernetes/pkg/util/configz" utilfs "k8s.io/kubernetes/pkg/util/filesystem" @@ -107,7 +107,7 @@ const ( // NewKubeletCommand creates a *cobra.Command object with default parameters func NewKubeletCommand(stopCh <-chan struct{}) *cobra.Command { cleanFlagSet := pflag.NewFlagSet(componentKubelet, pflag.ContinueOnError) - cleanFlagSet.SetNormalizeFunc(flag.WordSepNormalizeFunc) + cleanFlagSet.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) kubeletFlags := options.NewKubeletFlags() kubeletConfig, err := options.NewKubeletConfiguration() // programmer error @@ -118,7 +118,10 @@ func NewKubeletCommand(stopCh <-chan struct{}) *cobra.Command { cmd := &cobra.Command{ Use: componentKubelet, Long: `The kubelet is the primary "node agent" that runs on each -node. The kubelet works in terms of a PodSpec. A PodSpec is a YAML or JSON object +node. It can register the node with the apiserver using one of: the hostname; a flag to +override the hostname; or specific logic for a cloud provider. + +The kubelet works in terms of a PodSpec. A PodSpec is a YAML or JSON object that describes a pod. The kubelet takes a set of PodSpecs that are provided through various mechanisms (primarily through the apiserver) and ensures that the containers described in those PodSpecs are running and healthy. The kubelet doesn't manage @@ -287,8 +290,8 @@ HTTP server: The kubelet can also listen for HTTP and respond to a simple API // on it. func newFlagSetWithGlobals() *pflag.FlagSet { fs := pflag.NewFlagSet("", pflag.ExitOnError) - // set the normalize func, similar to k8s.io/apiserver/pkg/util/flag/flags.go:InitFlags - fs.SetNormalizeFunc(flag.WordSepNormalizeFunc) + // set the normalize func, similar to k8s.io/component-base/cli//flags.go:InitFlags + fs.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) // explicitly add flags from libs that register global flags options.AddGlobalFlags(fs) return fs @@ -300,7 +303,7 @@ func newFakeFlagSet(fs *pflag.FlagSet) *pflag.FlagSet { ret := pflag.NewFlagSet("", pflag.ExitOnError) ret.SetNormalizeFunc(fs.GetNormalizeFunc()) fs.VisitAll(func(f *pflag.Flag) { - ret.VarP(flag.NoOp{}, f.Name, f.Shorthand, f.Usage) + ret.VarP(cliflag.NoOp{}, f.Name, f.Shorthand, f.Usage) }) return ret } @@ -904,12 +907,12 @@ func InitializeTLS(kf *options.KubeletFlags, kc *kubeletconfiginternal.KubeletCo } } - tlsCipherSuites, err := flag.TLSCipherSuites(kc.TLSCipherSuites) + tlsCipherSuites, err := cliflag.TLSCipherSuites(kc.TLSCipherSuites) if err != nil { return nil, err } - minTLSVersion, err := flag.TLSVersion(kc.TLSMinVersion) + minTLSVersion, err := cliflag.TLSVersion(kc.TLSMinVersion) if err != nil { return nil, err } @@ -989,7 +992,7 @@ func RunKubelet(kubeServer *options.KubeletServer, kubeDeps *kubelet.Dependencie kubeDeps.OSInterface = kubecontainer.RealOS{} } - k, err := CreateAndInitKubelet(&kubeServer.KubeletConfiguration, + k, err := createAndInitKubelet(&kubeServer.KubeletConfiguration, kubeDeps, &kubeServer.ContainerRuntimeOptions, kubeServer.ContainerRuntime, @@ -1065,7 +1068,7 @@ func startKubelet(k kubelet.Bootstrap, podCfg *config.PodConfig, kubeCfg *kubele } } -func CreateAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, +func createAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *kubelet.Dependencies, crOptions *config.ContainerRuntimeOptions, containerRuntime string, @@ -1150,16 +1153,18 @@ func parseResourceList(m map[string]string) (v1.ResourceList, error) { rl := make(v1.ResourceList) for k, v := range m { switch v1.ResourceName(k) { - // CPU, memory and local storage resources are supported. - case v1.ResourceCPU, v1.ResourceMemory, v1.ResourceEphemeralStorage: - q, err := resource.ParseQuantity(v) - if err != nil { - return nil, err + // CPU, memory, local storage, and PID resources are supported. + case v1.ResourceCPU, v1.ResourceMemory, v1.ResourceEphemeralStorage, pidlimit.PIDs: + if v1.ResourceName(k) != pidlimit.PIDs || utilfeature.DefaultFeatureGate.Enabled(features.SupportNodePidsLimit) { + q, err := resource.ParseQuantity(v) + if err != nil { + return nil, err + } + if q.Sign() == -1 { + return nil, fmt.Errorf("resource quantity for %q cannot be negative: %v", k, v) + } + rl[v1.ResourceName(k)] = q } - if q.Sign() == -1 { - return nil, fmt.Errorf("resource quantity for %q cannot be negative: %v", k, v) - } - rl[v1.ResourceName(k)] = q default: return nil, fmt.Errorf("cannot reserve %q resource", k) } diff --git a/cmd/kubelet/app/server_bootstrap_test.go b/cmd/kubelet/app/server_bootstrap_test.go index c59029fae86..42175501258 100644 --- a/cmd/kubelet/app/server_bootstrap_test.go +++ b/cmd/kubelet/app/server_bootstrap_test.go @@ -254,7 +254,13 @@ func (s *csrSimulator) ServeHTTP(w http.ResponseWriter, req *http.Request) { defer s.lock.Unlock() t := s.t - t.Logf("Request %s %s %s", req.Method, req.URL, req.UserAgent()) + // filter out timeouts as csrSimulator don't support them + q := req.URL.Query() + q.Del("timeout") + q.Del("timeoutSeconds") + req.URL.RawQuery = q.Encode() + + t.Logf("Request %q %q %q", req.Method, req.URL, req.UserAgent()) if len(s.expectUserAgent) > 0 && req.UserAgent() != s.expectUserAgent { t.Errorf("Unexpected user agent: %s", req.UserAgent()) @@ -305,7 +311,7 @@ func (s *csrSimulator) ServeHTTP(w http.ResponseWriter, req *http.Request) { } s.csr = csr - case req.Method == "GET" && req.URL.Path == "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests" && req.URL.RawQuery == "fieldSelector=metadata.name%3Dtest-csr&limit=500": + case req.Method == "GET" && req.URL.Path == "/apis/certificates.k8s.io/v1beta1/certificatesigningrequests" && req.URL.RawQuery == "fieldSelector=metadata.name%3Dtest-csr&limit=500&resourceVersion=0": if s.csr == nil { t.Fatalf("no csr") } diff --git a/cmd/kubemark/BUILD b/cmd/kubemark/BUILD index 287798b05f4..7dedb9587f0 100644 --- a/cmd/kubemark/BUILD +++ b/cmd/kubemark/BUILD @@ -29,11 +29,11 @@ go_library( "//pkg/version/verflag:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", diff --git a/cmd/kubemark/OWNERS b/cmd/kubemark/OWNERS index cf2f885df34..329e8801dc9 100644 --- a/cmd/kubemark/OWNERS +++ b/cmd/kubemark/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - gmarek - shyamjvs diff --git a/cmd/kubemark/hollow-node.go b/cmd/kubemark/hollow-node.go index bd7888f40cc..5309b16005f 100644 --- a/cmd/kubemark/hollow-node.go +++ b/cmd/kubemark/hollow-node.go @@ -29,11 +29,11 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" - utilflag "k8s.io/apiserver/pkg/util/flag" clientset "k8s.io/client-go/kubernetes" restclient "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/tools/record" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/component-base/logs" "k8s.io/kubernetes/pkg/api/legacyscheme" _ "k8s.io/kubernetes/pkg/client/metrics/prometheus" // for client metric registration @@ -49,7 +49,7 @@ import ( fakeexec "k8s.io/utils/exec/testing" ) -type HollowNodeConfig struct { +type hollowNodeConfig struct { KubeconfigPath string KubeletPort int KubeletReadOnlyPort int @@ -71,7 +71,7 @@ const ( // and make the config driven. var knownMorphs = sets.NewString("kubelet", "proxy") -func (c *HollowNodeConfig) addFlags(fs *pflag.FlagSet) { +func (c *hollowNodeConfig) addFlags(fs *pflag.FlagSet) { fs.StringVar(&c.KubeconfigPath, "kubeconfig", "/kubeconfig/kubeconfig", "Path to kubeconfig file.") fs.IntVar(&c.KubeletPort, "kubelet-port", 10250, "Port on which HollowKubelet should be listening.") fs.IntVar(&c.KubeletReadOnlyPort, "kubelet-read-only-port", 10255, "Read-only port on which Kubelet is listening.") @@ -84,7 +84,7 @@ func (c *HollowNodeConfig) addFlags(fs *pflag.FlagSet) { fs.DurationVar(&c.ProxierMinSyncPeriod, "proxier-min-sync-period", 0, "Minimum period that proxy rules are refreshed in hollow-proxy.") } -func (c *HollowNodeConfig) createClientConfigFromFile() (*restclient.Config, error) { +func (c *hollowNodeConfig) createClientConfigFromFile() (*restclient.Config, error) { clientConfig, err := clientcmd.LoadFromFile(c.KubeconfigPath) if err != nil { return nil, fmt.Errorf("error while loading kubeconfig from file %v: %v", c.KubeconfigPath, err) @@ -105,11 +105,11 @@ func main() { command := newHollowNodeCommand() // TODO: once we switch everything over to Cobra commands, we can go back to calling - // utilflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the + // cliflag.InitFlags() (by removing its pflag.Parse() call). For now, we have to set the // normalize func and add the go flag set by hand. - pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc) + pflag.CommandLine.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) pflag.CommandLine.AddGoFlagSet(goflag.CommandLine) - // utilflag.InitFlags() + // cliflag.InitFlags() logs.InitLogs() defer logs.FlushLogs() @@ -121,7 +121,7 @@ func main() { // newControllerManagerCommand creates a *cobra.Command object with default parameters func newHollowNodeCommand() *cobra.Command { - s := &HollowNodeConfig{} + s := &hollowNodeConfig{} cmd := &cobra.Command{ Use: "kubemark", @@ -136,7 +136,7 @@ func newHollowNodeCommand() *cobra.Command { return cmd } -func run(config *HollowNodeConfig) { +func run(config *hollowNodeConfig) { if !knownMorphs.Has(config.Morph) { klog.Fatalf("Unknown morph: %v. Allowed values: %v", config.Morph, knownMorphs.List()) } diff --git a/docs/OWNERS b/docs/OWNERS index 0f42f79ac8c..67de05a37e9 100644 --- a/docs/OWNERS +++ b/docs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - brendandburns - smarterclayton diff --git a/hack/.golint_failures b/hack/.golint_failures index 171a726ab89..5a2f2e20d37 100644 --- a/hack/.golint_failures +++ b/hack/.golint_failures @@ -2,14 +2,9 @@ cmd/cloud-controller-manager/app/apis/config/v1alpha1 cmd/kube-apiserver/app cmd/kube-controller-manager/app cmd/kube-proxy/app -cmd/kubeadm/app cmd/kubeadm/app/apis/kubeadm/v1alpha3 cmd/kubeadm/app/apis/kubeadm/v1beta1 -cmd/kubeadm/app/util/config cmd/kubeadm/app/util/system -cmd/kubelet/app -cmd/kubelet/app/options -cmd/kubemark pkg/apis/abac/latest pkg/apis/admission pkg/apis/admission/v1beta1 @@ -57,7 +52,6 @@ pkg/apis/events pkg/apis/events/v1beta1 pkg/apis/extensions pkg/apis/extensions/v1beta1 -pkg/apis/extensions/validation pkg/apis/imagepolicy pkg/apis/imagepolicy/v1alpha1 pkg/apis/networking @@ -220,7 +214,6 @@ pkg/kubelet/remote pkg/kubelet/secret pkg/kubelet/server pkg/kubelet/server/portforward -pkg/kubelet/server/remotecommand pkg/kubelet/server/stats pkg/kubelet/server/streaming pkg/kubelet/stats @@ -229,10 +222,7 @@ pkg/kubelet/status/testing pkg/kubelet/sysctl pkg/kubelet/types pkg/kubelet/util -pkg/kubelet/util/cache pkg/kubelet/util/pluginwatcher -pkg/kubelet/util/queue -pkg/kubelet/util/sliceutils pkg/kubemark pkg/master pkg/master/controller/crdregistration @@ -313,8 +303,6 @@ pkg/registry/core/service/storage pkg/registry/core/serviceaccount/storage pkg/registry/events/rest pkg/registry/extensions/controller/storage -pkg/registry/extensions/ingress -pkg/registry/extensions/ingress/storage pkg/registry/extensions/rest pkg/registry/networking/networkpolicy/storage pkg/registry/networking/rest @@ -339,7 +327,6 @@ pkg/registry/settings/rest pkg/registry/storage/rest pkg/registry/storage/storageclass pkg/registry/storage/storageclass/storage -pkg/routes pkg/scheduler/apis/config/v1alpha1 pkg/security/apparmor pkg/security/podsecuritypolicy @@ -542,7 +529,6 @@ staging/src/k8s.io/apiserver/pkg/endpoints staging/src/k8s.io/apiserver/pkg/endpoints/discovery staging/src/k8s.io/apiserver/pkg/endpoints/filters staging/src/k8s.io/apiserver/pkg/endpoints/handlers -staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation staging/src/k8s.io/apiserver/pkg/endpoints/metrics staging/src/k8s.io/apiserver/pkg/endpoints/openapi/testing staging/src/k8s.io/apiserver/pkg/endpoints/request @@ -572,7 +558,6 @@ staging/src/k8s.io/apiserver/pkg/storage/testing staging/src/k8s.io/apiserver/pkg/storage/tests staging/src/k8s.io/apiserver/pkg/storage/value staging/src/k8s.io/apiserver/pkg/util/feature -staging/src/k8s.io/apiserver/pkg/util/flag staging/src/k8s.io/apiserver/pkg/util/proxy staging/src/k8s.io/apiserver/pkg/util/webhook staging/src/k8s.io/apiserver/pkg/util/wsstream @@ -647,17 +632,9 @@ staging/src/k8s.io/code-generator/cmd/client-gen/types staging/src/k8s.io/code-generator/cmd/conversion-gen/generators staging/src/k8s.io/code-generator/cmd/go-to-protobuf/protobuf staging/src/k8s.io/code-generator/cmd/lister-gen/generators +staging/src/k8s.io/component-base/cli/flag staging/src/k8s.io/component-base/config/v1alpha1 -staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration -staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1 -staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1 -staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/validation -staging/src/k8s.io/kube-aggregator/pkg/apiserver -staging/src/k8s.io/kube-aggregator/pkg/cmd/server staging/src/k8s.io/kube-aggregator/pkg/controllers/autoregister -staging/src/k8s.io/kube-aggregator/pkg/controllers/status -staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice -staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd staging/src/k8s.io/kube-proxy/config/v1alpha1 staging/src/k8s.io/kubelet/config/v1beta1 staging/src/k8s.io/metrics/pkg/apis/custom_metrics @@ -694,12 +671,8 @@ test/e2e/cloud test/e2e/common test/e2e/framework test/e2e/framework/ingress -test/e2e/framework/metrics -test/e2e/framework/providers/aws -test/e2e/framework/providers/azure test/e2e/framework/providers/gce test/e2e/framework/providers/kubemark -test/e2e/framework/timer test/e2e/instrumentation test/e2e/instrumentation/logging test/e2e/instrumentation/monitoring diff --git a/hack/.shellcheck_failures b/hack/.shellcheck_failures index d963a006b11..c2c36a25aaa 100644 --- a/hack/.shellcheck_failures +++ b/hack/.shellcheck_failures @@ -7,7 +7,6 @@ ./cluster/gce/config-common.sh ./cluster/gce/config-default.sh ./cluster/gce/config-test.sh -./cluster/gce/delete-stranded-load-balancers.sh ./cluster/gce/gci/configure-helper.sh ./cluster/gce/gci/configure.sh ./cluster/gce/gci/flexvolume_node_setup.sh @@ -21,13 +20,10 @@ ./cluster/gce/upgrade.sh ./cluster/gce/util.sh ./cluster/images/conformance/run_e2e.sh -./cluster/images/etcd-empty-dir-cleanup/etcd-empty-dir-cleanup.sh ./cluster/juju/prereqs/ubuntu-juju.sh ./cluster/juju/util.sh -./cluster/kube-down.sh ./cluster/kube-up.sh ./cluster/kube-util.sh -./cluster/kubeadm.sh ./cluster/kubectl.sh ./cluster/kubemark/gce/config-default.sh ./cluster/kubemark/iks/config-default.sh @@ -41,20 +37,9 @@ ./cluster/test-smoke.sh ./cluster/update-storage-objects.sh ./cluster/validate-cluster.sh -./hack/benchmark-go.sh -./hack/build-cross.sh -./hack/build-go.sh ./hack/cherry_pick_pull.sh -./hack/e2e-internal/e2e-cluster-size.sh -./hack/e2e-internal/e2e-down.sh -./hack/e2e-internal/e2e-grow-cluster.sh -./hack/e2e-internal/e2e-shrink-cluster.sh -./hack/e2e-internal/e2e-status.sh -./hack/e2e-internal/e2e-up.sh -./hack/e2e-node-test.sh ./hack/generate-bindata.sh ./hack/generate-docs.sh -./hack/get-build.sh ./hack/ginkgo-e2e.sh ./hack/godep-restore.sh ./hack/godep-save.sh @@ -88,25 +73,12 @@ ./hack/make-rules/update.sh ./hack/make-rules/verify.sh ./hack/make-rules/vet.sh -./hack/print-workspace-status.sh -./hack/run-in-gopath.sh -./hack/test-go.sh ./hack/test-integration.sh ./hack/test-update-storage-objects.sh -./hack/update-all.sh ./hack/update-bazel.sh ./hack/update-codegen.sh -./hack/update-generated-device-plugin-dockerized.sh -./hack/update-generated-device-plugin.sh -./hack/update-generated-docs.sh ./hack/update-generated-kms-dockerized.sh -./hack/update-generated-kms.sh -./hack/update-generated-kubelet-plugin-registration-dockerized.sh -./hack/update-generated-kubelet-plugin-registration.sh -./hack/update-generated-pod-resources-dockerized.sh -./hack/update-generated-pod-resources.sh ./hack/update-generated-protobuf-dockerized.sh -./hack/update-generated-protobuf.sh ./hack/update-generated-runtime-dockerized.sh ./hack/update-generated-runtime.sh ./hack/update-generated-swagger-docs.sh @@ -117,16 +89,13 @@ ./hack/update-staging-godeps.sh ./hack/update-translations.sh ./hack/update-workspace-mirror.sh -./hack/verify-all.sh ./hack/verify-api-groups.sh -./hack/verify-bazel.sh ./hack/verify-boilerplate.sh ./hack/verify-cli-conventions.sh ./hack/verify-codegen.sh ./hack/verify-description.sh ./hack/verify-generated-device-plugin.sh ./hack/verify-generated-docs.sh -./hack/verify-generated-files-remake.sh ./hack/verify-generated-files.sh ./hack/verify-generated-kms.sh ./hack/verify-generated-kubelet-plugin-registration.sh @@ -134,13 +103,9 @@ ./hack/verify-generated-protobuf.sh ./hack/verify-generated-runtime.sh ./hack/verify-generated-swagger-docs.sh -./hack/verify-godep-licenses.sh -./hack/verify-godeps.sh -./hack/verify-gofmt.sh ./hack/verify-golint.sh ./hack/verify-govet.sh ./hack/verify-import-boss.sh -./hack/verify-imports.sh ./hack/verify-linkcheck.sh ./hack/verify-no-vendor-cycles.sh ./hack/verify-openapi-spec.sh @@ -157,17 +122,8 @@ ./pkg/kubectl/cmd/edit/testdata/record_testcase.sh ./pkg/util/verify-util-pkg.sh ./plugin/pkg/admission/imagepolicy/gencerts.sh -./staging/src/k8s.io/csi-api/hack/update-codegen.sh -./staging/src/k8s.io/csi-api/hack/verify-codegen.sh -./staging/src/k8s.io/kube-aggregator/hack/build-image.sh -./staging/src/k8s.io/kube-aggregator/hack/local-up-kube-aggregator.sh -./staging/src/k8s.io/kube-aggregator/hack/register-all-apis-from.sh -./staging/src/k8s.io/kube-aggregator/hack/update-codegen.sh -./staging/src/k8s.io/kube-aggregator/hack/verify-codegen.sh ./staging/src/k8s.io/metrics/hack/update-codegen.sh ./staging/src/k8s.io/metrics/hack/verify-codegen.sh -./staging/src/k8s.io/node-api/hack/update-codegen.sh -./staging/src/k8s.io/node-api/hack/verify-codegen.sh ./test/cmd/apply.sh ./test/cmd/apps.sh ./test/cmd/authorization.sh @@ -210,16 +166,12 @@ ./test/images/volume/rbd/create_block.sh ./test/images/volume/rbd/mon.sh ./test/images/volume/rbd/osd.sh -./test/integration/ipamperf/test-performance.sh -./test/integration/scheduler_perf/test-performance.sh ./test/kubemark/common/util.sh -./test/kubemark/configure-kubectl.sh ./test/kubemark/gce/util.sh ./test/kubemark/iks/shutdown.sh ./test/kubemark/iks/startup.sh ./test/kubemark/iks/util.sh ./test/kubemark/master-log-dump.sh -./test/kubemark/pre-existing/util.sh ./test/kubemark/resources/start-kubemark-master.sh ./test/kubemark/run-e2e-tests.sh ./test/kubemark/start-kubemark.sh diff --git a/hack/OWNERS b/hack/OWNERS index 1f2903c2ac7..24c584bfff7 100644 --- a/hack/OWNERS +++ b/hack/OWNERS @@ -1,4 +1,7 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: + - bentheelder - cblecker - eparis - fejta diff --git a/hack/benchmark-go.sh b/hack/benchmark-go.sh index 17aa8c56faf..7a16d68f9aa 100755 --- a/hack/benchmark-go.sh +++ b/hack/benchmark-go.sh @@ -18,8 +18,6 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. - make test \ WHAT="$*" \ KUBE_COVER="" \ diff --git a/hack/build-cross.sh b/hack/build-cross.sh index 00199528c83..ce14beed7e4 100755 --- a/hack/build-cross.sh +++ b/hack/build-cross.sh @@ -20,7 +20,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. echo "NOTE: $0 has been replaced by 'make cross'" echo diff --git a/hack/build-go.sh b/hack/build-go.sh index a2ff893998d..bd709266146 100755 --- a/hack/build-go.sh +++ b/hack/build-go.sh @@ -20,12 +20,12 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # For help output ARGHELP="" if [[ "$#" -gt 0 ]]; then - ARGHELP="WHAT='$@'" + ARGHELP="WHAT='$*'" fi echo "NOTE: $0 has been replaced by 'make' or 'make all'" diff --git a/hack/e2e-internal/e2e-cluster-size.sh b/hack/e2e-internal/e2e-cluster-size.sh index 8e604b9e37a..817bd76caa9 100755 --- a/hack/e2e-internal/e2e-cluster-size.sh +++ b/hack/e2e-internal/e2e-cluster-size.sh @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -: ${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh} -: ${KUBE_CONFIG_FILE:="config-test.sh"} +: "${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh}" +: "${KUBE_CONFIG_FILE:="config-test.sh"}" export KUBECTL KUBE_CONFIG_FILE diff --git a/hack/e2e-internal/e2e-down.sh b/hack/e2e-internal/e2e-down.sh index 87bcb9a41e9..ed318b65514 100755 --- a/hack/e2e-internal/e2e-down.sh +++ b/hack/e2e-internal/e2e-down.sh @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -: ${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh} -: ${KUBE_CONFIG_FILE:="config-test.sh"} +: "${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh}" +: "${KUBE_CONFIG_FILE:="config-test.sh"}" export KUBECTL KUBE_CONFIG_FILE diff --git a/hack/e2e-internal/e2e-grow-cluster.sh b/hack/e2e-internal/e2e-grow-cluster.sh index 67b8603d26d..65c7926e7e3 100755 --- a/hack/e2e-internal/e2e-grow-cluster.sh +++ b/hack/e2e-internal/e2e-grow-cluster.sh @@ -14,18 +14,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -if [[ ! -z "${1:-}" ]]; then +if [[ -n "${1:-}" ]]; then export KUBE_GCE_ZONE="${1}" fi -if [[ ! -z "${2:-}" ]]; then +if [[ -n "${2:-}" ]]; then export MULTIZONE="${2}" fi -if [[ ! -z "${3:-}" ]]; then +if [[ -n "${3:-}" ]]; then export KUBE_REPLICATE_EXISTING_MASTER="${3}" fi -if [[ ! -z "${4:-}" ]]; then +if [[ -n "${4:-}" ]]; then export KUBE_USE_EXISTING_MASTER="${4}" fi if [[ -z "${NUM_NODES:-}" ]]; then diff --git a/hack/e2e-internal/e2e-shrink-cluster.sh b/hack/e2e-internal/e2e-shrink-cluster.sh index 4e67b9813c5..f94d57cc28c 100755 --- a/hack/e2e-internal/e2e-shrink-cluster.sh +++ b/hack/e2e-internal/e2e-shrink-cluster.sh @@ -14,18 +14,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -if [[ ! -z "${1:-}" ]]; then +if [[ -n "${1:-}" ]]; then export KUBE_GCE_ZONE="${1}" fi -if [[ ! -z "${2:-}" ]]; then +if [[ -n "${2:-}" ]]; then export MULTIZONE="${2}" fi -if [[ ! -z "${3:-}" ]]; then +if [[ -n "${3:-}" ]]; then export KUBE_DELETE_NODES="${3}" fi -if [[ ! -z "${4:-}" ]]; then +if [[ -n "${4:-}" ]]; then export KUBE_USE_EXISTING_MASTER="${4}" fi diff --git a/hack/e2e-internal/e2e-status.sh b/hack/e2e-internal/e2e-status.sh index 59a4559e9e0..5e70929d76b 100755 --- a/hack/e2e-internal/e2e-status.sh +++ b/hack/e2e-internal/e2e-status.sh @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -: ${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh} -: ${KUBE_CONFIG_FILE:="config-test.sh"} +: "${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh}" +: "${KUBE_CONFIG_FILE:="config-test.sh"}" export KUBECTL KUBE_CONFIG_FILE diff --git a/hack/e2e-internal/e2e-up.sh b/hack/e2e-internal/e2e-up.sh index 24f4f6a587f..eea6b94f196 100755 --- a/hack/e2e-internal/e2e-up.sh +++ b/hack/e2e-internal/e2e-up.sh @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -: ${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh} -: ${KUBE_CONFIG_FILE:="config-test.sh"} +: "${KUBECTL:=${KUBE_ROOT}/cluster/kubectl.sh}" +: "${KUBE_CONFIG_FILE:="config-test.sh"}" export KUBECTL KUBE_CONFIG_FILE diff --git a/hack/e2e-node-test.sh b/hack/e2e-node-test.sh index 4d697602fff..4a8bf6d66d7 100755 --- a/hack/e2e-node-test.sh +++ b/hack/e2e-node-test.sh @@ -20,7 +20,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # For help output ARGHELP="" @@ -40,4 +40,4 @@ echo "The equivalent of this invocation is: " echo " make test-e2e-node ${ARGHELP}" echo echo -make --no-print-directory -C "${KUBE_ROOT}" test-e2e-node FOCUS=${FOCUS:-} SKIP=${SKIP:-} +make --no-print-directory -C "${KUBE_ROOT}" test-e2e-node FOCUS="${FOCUS:-}" SKIP="${SKIP:-}" diff --git a/hack/get-build.sh b/hack/get-build.sh index f1fbe0289a6..69ee76fe157 100755 --- a/hack/get-build.sh +++ b/hack/get-build.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/cluster/common.sh" diff --git a/hack/godep-save.sh b/hack/godep-save.sh index 71a76dcd5d3..452b102dd75 100755 --- a/hack/godep-save.sh +++ b/hack/godep-save.sh @@ -56,6 +56,7 @@ fi # won't pick them up. REQUIRED_BINS=( "github.com/bazelbuild/bazel-gazelle/cmd/gazelle" + "github.com/bazelbuild/buildtools/buildozer" "github.com/cespare/prettybench" "github.com/client9/misspell/cmd/misspell" "github.com/cloudflare/cfssl/cmd/cfssl" @@ -101,6 +102,8 @@ hack/update-godep-licenses.sh >/dev/null kube::log::status "Creating OWNERS file" rm -f "Godeps/OWNERS" "vendor/OWNERS" cat <<__EOF__ > "Godeps/OWNERS" +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers __EOF__ diff --git a/hack/jenkins/OWNERS b/hack/jenkins/OWNERS index 2c73e9efa2b..5a6535c8d2c 100644 --- a/hack/jenkins/OWNERS +++ b/hack/jenkins/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-testing-approvers reviewers: diff --git a/hack/jenkins/benchmark-dockerized.sh b/hack/jenkins/benchmark-dockerized.sh index 2a4848176bd..22627ebd20e 100755 --- a/hack/jenkins/benchmark-dockerized.sh +++ b/hack/jenkins/benchmark-dockerized.sh @@ -34,12 +34,14 @@ retry() { export PATH=${GOPATH}/bin:${PWD}/third_party/etcd:/usr/local/go/bin:${PATH} go install k8s.io/kubernetes/vendor/github.com/cespare/prettybench +go install k8s.io/kubernetes/vendor/github.com/jstemmer/go-junit-report # Disable the Go race detector. export KUBE_RACE=" " # Disable coverage report export KUBE_COVER="n" export ARTIFACTS=${ARTIFACTS:-"${WORKSPACE}/artifacts"} +export FULL_LOG="true" mkdir -p "${ARTIFACTS}" cd /go/src/k8s.io/kubernetes diff --git a/hack/jenkins/test-dockerized.sh b/hack/jenkins/test-dockerized.sh index 171de79238f..39162a76e6f 100755 --- a/hack/jenkins/test-dockerized.sh +++ b/hack/jenkins/test-dockerized.sh @@ -56,4 +56,3 @@ go install ./cmd/... make test-cmd make test-integration -./hack/test-update-storage-objects.sh diff --git a/hack/lib/etcd.sh b/hack/lib/etcd.sh index e807e199e9d..17f55810019 100755 --- a/hack/lib/etcd.sh +++ b/hack/lib/etcd.sh @@ -105,11 +105,18 @@ kube::etcd::cleanup() { kube::etcd::install() { ( local os + local arch + + os=$(kube::util::host_os) + arch=$(kube::util::host_arch) + cd "${KUBE_ROOT}/third_party" - os=$(uname | tr "[:upper:]" "[:lower:]") if [[ $(readlink etcd) == etcd-v${ETCD_VERSION}-${os}-* ]]; then + kube::log::info "etcd v${ETCD_VERSION} already installed at path:" + kube::log::info "$(pwd)/$(readlink etcd)" return # already installed fi + if [[ ${os} == "darwin" ]]; then download_file="etcd-v${ETCD_VERSION}-darwin-amd64.zip" url="https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/${download_file}" @@ -118,11 +125,11 @@ kube::etcd::install() { ln -fns "etcd-v${ETCD_VERSION}-darwin-amd64" etcd rm "${download_file}" else - url="https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-amd64.tar.gz" - download_file="etcd-v${ETCD_VERSION}-linux-amd64.tar.gz" + url="https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-${arch}.tar.gz" + download_file="etcd-v${ETCD_VERSION}-linux-${arch}.tar.gz" kube::util::download_file "${url}" "${download_file}" tar xzf "${download_file}" - ln -fns "etcd-v${ETCD_VERSION}-linux-amd64" etcd + ln -fns "etcd-v${ETCD_VERSION}-linux-${arch}" etcd rm "${download_file}" fi kube::log::info "etcd v${ETCD_VERSION} installed. To use:" diff --git a/hack/lib/init.sh b/hack/lib/init.sh index e1bf1c8b18b..cf753465feb 100755 --- a/hack/lib/init.sh +++ b/hack/lib/init.sh @@ -79,6 +79,7 @@ extensions/v1beta1 \ events.k8s.io/v1beta1 \ imagepolicy.k8s.io/v1alpha1 \ networking.k8s.io/v1 \ +networking.k8s.io/v1beta1 \ policy/v1beta1 \ rbac.authorization.k8s.io/v1 \ rbac.authorization.k8s.io/v1beta1 \ diff --git a/hack/lib/util.sh b/hack/lib/util.sh index 642b7c5e316..9d058c205ee 100755 --- a/hack/lib/util.sh +++ b/hack/lib/util.sh @@ -339,10 +339,9 @@ kube::util::create-fake-git-tree() { kube::util::godep_restored() { local -r godeps_json=${1:-Godeps/Godeps.json} local -r gopath=${2:-${GOPATH%:*}} - if ! which jq &>/dev/null; then - echo "jq not found. Please install." 1>&2 - return 1 - fi + + kube::util::require-jq + local root local old_rev="" while read path rev; do @@ -461,7 +460,7 @@ kube::util::base_ref() { fi full_branch="$(kube::util::git_upstream_remote_name)/${git_branch}" - + # make sure the branch is valid, otherwise the check will pass erroneously. if ! git describe "${full_branch}" >/dev/null; then # abort! @@ -479,7 +478,7 @@ kube::util::has_changes() { local -r git_branch=$1 local -r pattern=$2 local -r not_pattern=${3:-totallyimpossiblepattern} - + local base_ref=$(kube::util::base_ref "${git_branch}") echo "Checking for '${pattern}' changes against '${base_ref}'" @@ -775,6 +774,32 @@ function kube::util::ensure-gnu-sed { fi } +# kube::util::check-file-in-alphabetical-order +# Check that the file is in alphabetical order +# +function kube::util::check-file-in-alphabetical-order { + local failure_file="$1" + if ! diff -u "${failure_file}" <(LC_ALL=C sort "${failure_file}"); then + { + echo + echo "${failure_file} is not in alphabetical order. Please sort it:" + echo + echo " LC_ALL=C sort -o ${failure_file} ${failure_file}" + echo + } >&2 + false + fi +} + +# kube::util::require-jq +# Checks whether jq is installed. +function kube::util::require-jq { + if ! which jq &>/dev/null; then + echo "jq not found. Please install." 1>&2 + return 1 + fi +} + # Some useful colors. if [[ -z "${color_start-}" ]]; then declare -r color_start="\033[" diff --git a/hack/local-up-cluster.sh b/hack/local-up-cluster.sh index 0ba8ef21006..dd9e5a664ba 100755 --- a/hack/local-up-cluster.sh +++ b/hack/local-up-cluster.sh @@ -116,6 +116,9 @@ START_MODE=${START_MODE:-"all"} # A list of controllers to enable KUBE_CONTROLLERS="${KUBE_CONTROLLERS:-"*"}" +# Audit policy +AUDIT_POLICY_FILE=${AUDIT_POLICY_FILE:-""} + # sanity check for OpenStack provider if [ "${CLOUD_PROVIDER}" == "openstack" ]; then if [ "${CLOUD_CONFIG}" == "" ]; then @@ -552,6 +555,17 @@ function start_apiserver { cloud_config_arg="--cloud-provider=external" fi + if [[ -n "${AUDIT_POLICY_FILE}" ]]; then + cat < /tmp/kube-audit-policy-file +# Log all requests at the Metadata level. +apiVersion: audit.k8s.io/v1 +kind: Policy +rules: +- level: Metadata +EOF + AUDIT_POLICY_FILE="/tmp/kube-audit-policy-file" + fi + APISERVER_LOG=${LOG_DIR}/kube-apiserver.log ${CONTROLPLANE_SUDO} "${GO_OUT}/hyperkube" apiserver ${authorizer_arg} ${priv_arg} ${runtime_config} \ ${cloud_config_arg} \ @@ -559,6 +573,8 @@ function start_apiserver { ${node_port_range} \ --v=${LOG_LEVEL} \ --vmodule="${LOG_SPEC}" \ + --audit-policy-file="${AUDIT_POLICY_FILE}" \ + --audit-log-path=${LOG_DIR}/kube-apiserver-audit.log \ --cert-dir="${CERT_DIR}" \ --client-ca-file="${CERT_DIR}/client-ca.crt" \ --kubelet-client-certificate="${CERT_DIR}/client-kube-apiserver.crt" \ diff --git a/hack/make-rules/test-cmd.sh b/hack/make-rules/test-cmd.sh index 40133432d5b..ff058b891f8 100755 --- a/hack/make-rules/test-cmd.sh +++ b/hack/make-rules/test-cmd.sh @@ -41,7 +41,7 @@ function run_kube_apiserver() { AUTHORIZATION_MODE="RBAC,AlwaysAllow" # Enable features - ENABLE_FEATURE_GATES="DryRun=true" + ENABLE_FEATURE_GATES="ServerSideApply=true" "${KUBE_OUTPUT_HOSTBIN}/kube-apiserver" \ --insecure-bind-address="127.0.0.1" \ diff --git a/hack/make-rules/test-integration.sh b/hack/make-rules/test-integration.sh index 47ef4937801..1991e2edb34 100755 --- a/hack/make-rules/test-integration.sh +++ b/hack/make-rules/test-integration.sh @@ -83,7 +83,7 @@ checkEtcdOnPath() { kube::log::status "Checking etcd is on PATH" which etcd && return kube::log::status "Cannot find etcd, cannot run integration tests." - kube::log::status "Please see https://github.com/kubernetes/community/blob/master/contributors/devel/testing.md#install-etcd-dependency for instructions." + kube::log::status "Please see https://git.k8s.io/community/contributors/devel/sig-testing/testing.md#install-etcd-dependency for instructions." kube::log::usage "You can use 'hack/install-etcd.sh' to install a copy in third_party/." return 1 } diff --git a/hack/make-rules/test.sh b/hack/make-rules/test.sh index 4d380c34092..2ced45589e9 100755 --- a/hack/make-rules/test.sh +++ b/hack/make-rules/test.sh @@ -188,6 +188,10 @@ if [[ -n "${KUBE_JUNIT_REPORT_DIR}" ]] ; then go_test_grep_pattern="^[^[:space:]]\+[[:space:]]\+[^[:space:]]\+/[^[[:space:]]\+" fi +if [[ -n "${FULL_LOG:-}" ]] ; then + go_test_grep_pattern=".*" +fi + # Filter out arguments that start with "-" and move them to goflags. testcases=() for arg; do @@ -223,6 +227,10 @@ verifyAndSuggestPackagePath() { local original_package_path="$3" local suggestion_package_path="$4" + if [[ "${specified_package_path}" =~ '/...'$ ]]; then + specified_package_path=${specified_package_path::-4} + fi + if ! [ -d "${specified_package_path}" ]; then # Because k8s sets a localized $GOPATH for testing, seeing the actual # directory can be confusing. Instead, just show $GOPATH if it exists in the diff --git a/hack/print-workspace-status.sh b/hack/print-workspace-status.sh index 3484730447d..1d334f88a13 100755 --- a/hack/print-workspace-status.sh +++ b/hack/print-workspace-status.sh @@ -20,7 +20,7 @@ set -o errexit set -o nounset set -o pipefail -export KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/version.sh" kube::version::get_version_vars diff --git a/hack/run-in-gopath.sh b/hack/run-in-gopath.sh index e83dc2cd6ed..e29bb175f58 100755 --- a/hack/run-in-gopath.sh +++ b/hack/run-in-gopath.sh @@ -23,7 +23,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" # This sets up a clean GOPATH and makes sure we are currently in it. diff --git a/hack/test-go.sh b/hack/test-go.sh index 380e8d18d40..d13946d8602 100755 --- a/hack/test-go.sh +++ b/hack/test-go.sh @@ -20,12 +20,12 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # For help output ARGHELP="" if [[ "$#" -gt 0 ]]; then - ARGHELP="WHAT='$@'" + ARGHELP="WHAT='$*'" fi echo "NOTE: $0 has been replaced by 'make test'" diff --git a/hack/testdata/OWNERS b/hack/testdata/OWNERS index ce699e9679a..d3e63eb0d8a 100644 --- a/hack/testdata/OWNERS +++ b/hack/testdata/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/hack/update-all.sh b/hack/update-all.sh index ba4311f1c8c..073311424f9 100755 --- a/hack/update-all.sh +++ b/hack/update-all.sh @@ -21,7 +21,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. echo "NOTE: $0 has been replaced by 'make update'" echo diff --git a/hack/update-bazel.sh b/hack/update-bazel.sh index 7ee5131105b..b6ae73146bf 100755 --- a/hack/update-bazel.sh +++ b/hack/update-bazel.sh @@ -26,6 +26,7 @@ PATH="${GOBIN}:${PATH}" # Install tools we need, but only from vendor/... go install k8s.io/kubernetes/vendor/github.com/bazelbuild/bazel-gazelle/cmd/gazelle +go install k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/buildozer go install k8s.io/kubernetes/vendor/k8s.io/repo-infra/kazel touch "${KUBE_ROOT}/vendor/BUILD" @@ -43,3 +44,11 @@ gazelle fix \ "${KUBE_ROOT}" kazel + +# make targets in vendor manual +# buildozer exits 3 when no changes are made ¯\_(ツ)_/¯ +# https://github.com/bazelbuild/buildtools/tree/master/buildozer#error-code +buildozer -quiet 'add tags manual' '//vendor/...:%go_binary' '//vendor/...:%go_test' && ret=$? || ret=$? +if [[ $ret != 0 && $ret != 3 ]]; then + exit 1 +fi diff --git a/hack/update-generated-device-plugin-dockerized.sh b/hack/update-generated-device-plugin-dockerized.sh index 62c5fb34d0d..4812baeebd6 100755 --- a/hack/update-generated-device-plugin-dockerized.sh +++ b/hack/update-generated-device-plugin-dockerized.sh @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT="$(cd "$(dirname "${BASH_SOURCE}")/../" && pwd -P)" +KUBE_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../" && pwd -P)" DEVICE_PLUGIN_ALPHA="${KUBE_ROOT}/pkg/kubelet/apis/deviceplugin/v1alpha/" DEVICE_PLUGIN_V1BETA1="${KUBE_ROOT}/pkg/kubelet/apis/deviceplugin/v1beta1/" source "${KUBE_ROOT}/hack/lib/protoc.sh" -kube::protoc::generate_proto ${DEVICE_PLUGIN_ALPHA} -kube::protoc::generate_proto ${DEVICE_PLUGIN_V1BETA1} +kube::protoc::generate_proto "${DEVICE_PLUGIN_ALPHA}" +kube::protoc::generate_proto "${DEVICE_PLUGIN_V1BETA1}" diff --git a/hack/update-generated-device-plugin.sh b/hack/update-generated-device-plugin.sh index bfd63d8659e..6652500887f 100755 --- a/hack/update-generated-device-plugin.sh +++ b/hack/update-generated-device-plugin.sh @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # NOTE: All output from this script needs to be copied back to the calling # source tree. This is managed in kube::build::copy_output in build/common.sh. # If the output set is changed update that function. -${KUBE_ROOT}/build/run.sh hack/update-generated-device-plugin-dockerized.sh "$@" +"${KUBE_ROOT}/build/run.sh" hack/update-generated-device-plugin-dockerized.sh "$@" diff --git a/hack/update-generated-docs.sh b/hack/update-generated-docs.sh index e1d621085bd..220c2dc3daa 100755 --- a/hack/update-generated-docs.sh +++ b/hack/update-generated-docs.sh @@ -22,7 +22,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" kube::golang::setup_env diff --git a/hack/update-generated-kms.sh b/hack/update-generated-kms.sh index 431b1bf41b4..6ae29450d0c 100755 --- a/hack/update-generated-kms.sh +++ b/hack/update-generated-kms.sh @@ -18,12 +18,12 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # NOTE: All output from this script needs to be copied back to the calling # source tree. This is managed in kube::build::copy_output in build/common.sh. # If the output set is changed update that function. -${KUBE_ROOT}/build/run.sh hack/update-generated-kms-dockerized.sh "$@" +"${KUBE_ROOT}/build/run.sh" hack/update-generated-kms-dockerized.sh "$@" # ex: ts=2 sw=2 et filetype=sh diff --git a/hack/update-generated-kubelet-plugin-registration-dockerized.sh b/hack/update-generated-kubelet-plugin-registration-dockerized.sh index 18b4f0c7266..3176a16f85f 100755 --- a/hack/update-generated-kubelet-plugin-registration-dockerized.sh +++ b/hack/update-generated-kubelet-plugin-registration-dockerized.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # Copyright 2018 The Kubernetes Authors. # @@ -18,14 +18,14 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT="$(cd "$(dirname "${BASH_SOURCE}")/../" && pwd -P)" +KUBE_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../" && pwd -P)" KUBELET_PLUGIN_REGISTRATION_V1ALPHA="${KUBE_ROOT}/pkg/kubelet/apis/pluginregistration/v1alpha1/" KUBELET_PLUGIN_REGISTRATION_V1BETA="${KUBE_ROOT}/pkg/kubelet/apis/pluginregistration/v1beta1/" KUBELET_EXAMPLE_PLUGIN_V1BETA1="${KUBE_ROOT}/pkg/kubelet/util/pluginwatcher/example_plugin_apis/v1beta1/" KUBELET_EXAMPLE_PLUGIN_V1BETA2="${KUBE_ROOT}/pkg/kubelet/util/pluginwatcher/example_plugin_apis/v1beta2/" source "${KUBE_ROOT}/hack/lib/protoc.sh" -kube::protoc::generate_proto ${KUBELET_PLUGIN_REGISTRATION_V1ALPHA} -kube::protoc::generate_proto ${KUBELET_PLUGIN_REGISTRATION_V1BETA} -kube::protoc::generate_proto ${KUBELET_EXAMPLE_PLUGIN_V1BETA1} -kube::protoc::generate_proto ${KUBELET_EXAMPLE_PLUGIN_V1BETA2} +kube::protoc::generate_proto "${KUBELET_PLUGIN_REGISTRATION_V1ALPHA}" +kube::protoc::generate_proto "${KUBELET_PLUGIN_REGISTRATION_V1BETA}" +kube::protoc::generate_proto "${KUBELET_EXAMPLE_PLUGIN_V1BETA1}" +kube::protoc::generate_proto "${KUBELET_EXAMPLE_PLUGIN_V1BETA2}" diff --git a/hack/update-generated-kubelet-plugin-registration.sh b/hack/update-generated-kubelet-plugin-registration.sh index 308733c0246..46e3d1f8c83 100755 --- a/hack/update-generated-kubelet-plugin-registration.sh +++ b/hack/update-generated-kubelet-plugin-registration.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # Copyright 2018 The Kubernetes Authors. # @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # NOTE: All output from this script needs to be copied back to the calling # source tree. This is managed in kube::build::copy_output in build/common.sh. # If the output set is changed update that function. -${KUBE_ROOT}/build/run.sh hack/update-generated-kubelet-plugin-registration-dockerized.sh "$@" +"${KUBE_ROOT}/build/run.sh" hack/update-generated-kubelet-plugin-registration-dockerized.sh "$@" diff --git a/hack/update-generated-pod-resources-dockerized.sh b/hack/update-generated-pod-resources-dockerized.sh index d11b136b59f..8dcc2b5757e 100755 --- a/hack/update-generated-pod-resources-dockerized.sh +++ b/hack/update-generated-pod-resources-dockerized.sh @@ -18,8 +18,8 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT="$(cd "$(dirname "${BASH_SOURCE}")/../" && pwd -P)" +KUBE_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../" && pwd -P)" POD_RESOURCES_ALPHA="${KUBE_ROOT}/pkg/kubelet/apis/podresources/v1alpha1/" source "${KUBE_ROOT}/hack/lib/protoc.sh" -kube::protoc::generate_proto ${POD_RESOURCES_ALPHA} +kube::protoc::generate_proto "${POD_RESOURCES_ALPHA}" diff --git a/hack/update-generated-pod-resources.sh b/hack/update-generated-pod-resources.sh index bdf8c584c0e..6fa2b1d4465 100755 --- a/hack/update-generated-pod-resources.sh +++ b/hack/update-generated-pod-resources.sh @@ -18,10 +18,10 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # NOTE: All output from this script needs to be copied back to the calling # source tree. This is managed in kube::build::copy_output in build/common.sh. # If the output set is changed update that function. -${KUBE_ROOT}/build/run.sh hack/update-generated-pod-resources-dockerized.sh "$@" +"${KUBE_ROOT}/build/run.sh" hack/update-generated-pod-resources-dockerized.sh "$@" diff --git a/hack/update-generated-protobuf-dockerized.sh b/hack/update-generated-protobuf-dockerized.sh index bb592b1a56b..052e6619b7f 100755 --- a/hack/update-generated-protobuf-dockerized.sh +++ b/hack/update-generated-protobuf-dockerized.sh @@ -79,6 +79,7 @@ PACKAGES=( k8s.io/api/admissionregistration/v1beta1 k8s.io/api/admission/v1beta1 k8s.io/api/auditregistration/v1alpha1 + k8s.io/api/networking/v1beta1 k8s.io/api/networking/v1 k8s.io/metrics/pkg/apis/metrics/v1alpha1 k8s.io/metrics/pkg/apis/metrics/v1beta1 diff --git a/hack/update-generated-protobuf.sh b/hack/update-generated-protobuf.sh index bf8c5d4002f..2077320cc7e 100755 --- a/hack/update-generated-protobuf.sh +++ b/hack/update-generated-protobuf.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # NOTE: All output from this script needs to be copied back to the calling # source tree. This is managed in kube::build::copy_output in build/common.sh. diff --git a/hack/update-openapi-spec.sh b/hack/update-openapi-spec.sh index 9fd67e960de..2127910c1c5 100755 --- a/hack/update-openapi-spec.sh +++ b/hack/update-openapi-spec.sh @@ -25,6 +25,7 @@ KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. OPENAPI_ROOT_DIR="${KUBE_ROOT}/api/openapi-spec" source "${KUBE_ROOT}/hack/lib/init.sh" +kube::util::require-jq kube::golang::setup_env make -C "${KUBE_ROOT}" WHAT=cmd/kube-apiserver @@ -83,7 +84,7 @@ fi kube::log::status "Updating " ${OPENAPI_ROOT_DIR} -curl -w "\n" -fs "${API_HOST}:${API_PORT}/openapi/v2" > "${OPENAPI_ROOT_DIR}/swagger.json" +curl -w "\n" -fs "${API_HOST}:${API_PORT}/openapi/v2" | jq -S . > "${OPENAPI_ROOT_DIR}/swagger.json" kube::log::status "SUCCESS" diff --git a/hack/verify-all.sh b/hack/verify-all.sh index 75ab1e9e927..c66f23e6838 100755 --- a/hack/verify-all.sh +++ b/hack/verify-all.sh @@ -20,7 +20,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. # For help output ARGHELP="" diff --git a/hack/verify-bazel.sh b/hack/verify-bazel.sh index 4e49cdf2ab3..47912b9d921 100755 --- a/hack/verify-bazel.sh +++ b/hack/verify-bazel.sh @@ -17,7 +17,8 @@ set -o errexit set -o nounset set -o pipefail -export KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +export KUBE_ROOT source "${KUBE_ROOT}/hack/lib/init.sh" if [[ ! -f "${KUBE_ROOT}/vendor/BUILD" ]]; then @@ -31,7 +32,7 @@ fi # TODO(spxtr): Remove this line once Bazel is the only way to build. rm -f "${KUBE_ROOT}/pkg/generated/openapi/zz_generated.openapi.go" -_tmpdir="$(kube::realpath $(mktemp -d -t verify-bazel.XXXXXX))" +_tmpdir="$(kube::realpath "$(mktemp -d -t verify-bazel.XXXXXX)")" kube::util::trap_add "rm -rf ${_tmpdir}" EXIT _tmp_gopath="${_tmpdir}/go" diff --git a/hack/verify-flags/OWNERS b/hack/verify-flags/OWNERS index ce699e9679a..d3e63eb0d8a 100644 --- a/hack/verify-flags/OWNERS +++ b/hack/verify-flags/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/hack/verify-generated-files-remake.sh b/hack/verify-generated-files-remake.sh index b3f57b125d2..ea08b741565 100755 --- a/hack/verify-generated-files-remake.sh +++ b/hack/verify-generated-files-remake.sh @@ -18,12 +18,12 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" kube::util::ensure_clean_working_dir -_tmpdir="$(kube::realpath $(mktemp -d -t verify-generated-files.XXXXXX))" +_tmpdir="$(kube::realpath "$(mktemp -d -t verify-generated-files.XXXXXX)")" kube::util::trap_add "rm -rf ${_tmpdir}" EXIT _tmp_gopath="${_tmpdir}/go" @@ -73,10 +73,11 @@ function assert_clean() { make generated_files >/dev/null touch "${STAMP}" make generated_files >/dev/null - X=($(newer deepcopy "${STAMP}")) - if [[ "${#X[*]}" != 0 ]]; then + X="$(newer deepcopy "${STAMP}")" + if [[ -n "${X}" ]]; then echo "Generated files changed on back-to-back 'make' runs:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" return 1 fi true @@ -91,25 +92,28 @@ STAMP=/tmp/stamp.$RANDOM assert_clean DIR=staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1 -touch "$DIR/types.go" +touch "${DIR}/types.go" touch "${STAMP}" make generated_files >/dev/null -X=($(newer deepcopy "${STAMP}")) -if [[ "${#X[*]}" != 1 || ! ( "${X[0]}" =~ "${DIR}/zz_generated.deepcopy.go" ) ]]; then +X="$(newer deepcopy "${STAMP}")" +if [[ -z "${X}" || ${X} != "./${DIR}/zz_generated.deepcopy.go" ]]; then echo "Wrong generated deepcopy files changed after touching src file:" - echo " ${X[*]:-(none)}" + echo " ${X:-(none)}" | tr '\n' ' ' + echo "" exit 1 fi -X=($(newer defaults "${STAMP}")) -if [[ "${#X[*]}" != 1 || ! ( "${X[0]}" =~ "${DIR}/zz_generated.defaults.go" ) ]]; then +X="$(newer defaults "${STAMP}")" +if [[ -z "${X}" || ${X} != "./${DIR}/zz_generated.defaults.go" ]]; then echo "Wrong generated defaults files changed after touching src file:" - echo " ${X[*]:-(none)}" + echo " ${X:-(none)}" | tr '\n' ' ' + echo "" exit 1 fi -X=($(newer conversion "${STAMP}")) -if [[ "${#X[*]}" != 1 || ! ( "${X[0]}" =~ "${DIR}/zz_generated.conversion.go" ) ]]; then +X="$(newer conversion "${STAMP}")" +if [[ -z "${X}" || ${X} != "./${DIR}/zz_generated.conversion.go" ]]; then echo "Wrong generated conversion files changed after touching src file:" - echo " ${X[*]:-(none)}" + echo " ${X:-(none)}" | tr '\n' ' ' + echo "" exit 1 fi @@ -122,10 +126,11 @@ assert_clean touch staging/src/k8s.io/code-generator/cmd/deepcopy-gen/main.go touch "${STAMP}" make generated_files >/dev/null -X=($(older deepcopy "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older deepcopy "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated deepcopy files did not change after touching code-generator file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -134,10 +139,11 @@ assert_clean touch staging/src/k8s.io/code-generator/cmd/deepcopy-gen/ touch "${STAMP}" make generated_files >/dev/null -X=($(older deepcopy "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older deepcopy "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated deepcopy files did not change after touching code-generator dir:" - echo " ${X[*]}:-(none)" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -146,10 +152,11 @@ assert_clean touch vendor/k8s.io/gengo/examples/deepcopy-gen/generators/deepcopy.go touch "${STAMP}" make generated_files >/dev/null -X=($(older deepcopy "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older deepcopy "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated deepcopy files did not change after touching code-generator dep file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -158,10 +165,11 @@ assert_clean touch vendor/k8s.io/gengo/examples/deepcopy-gen/generators/ touch "${STAMP}" make generated_files >/dev/null -X=($(older deepcopy "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older deepcopy "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated deepcopy files did not change after touching code-generator dep dir:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -174,10 +182,11 @@ assert_clean touch staging/src/k8s.io/code-generator/cmd/defaulter-gen/main.go touch "${STAMP}" make generated_files >/dev/null -X=($(older defaults "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older defaults "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated defaults files did not change after touching code-generator file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -186,10 +195,11 @@ assert_clean touch staging/src/k8s.io/code-generator/cmd/defaulter-gen/ touch "${STAMP}" make generated_files >/dev/null -X=($(older defaults "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older defaults "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated defaults files did not change after touching code-generator dir:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -198,10 +208,11 @@ assert_clean touch vendor/k8s.io/gengo/examples/defaulter-gen/generators/defaulter.go touch "${STAMP}" make generated_files >/dev/null -X=($(older defaults "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older defaults "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated defaults files did not change after touching code-generator dep file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -210,10 +221,11 @@ assert_clean touch vendor/k8s.io/gengo/examples/defaulter-gen/generators/ touch "${STAMP}" make generated_files >/dev/null -X=($(older defaults "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older defaults "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated defaults files did not change after touching code-generator dep dir:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -226,10 +238,11 @@ assert_clean touch staging/src/k8s.io/code-generator/cmd/conversion-gen/main.go touch "${STAMP}" make generated_files >/dev/null -X=($(older conversion "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older conversion "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated conversion files did not change after touching code-generator file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -238,10 +251,11 @@ assert_clean touch staging/src/k8s.io/code-generator/cmd/conversion-gen/ touch "${STAMP}" make generated_files >/dev/null -X=($(older conversion "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older conversion "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated conversion files did not change after touching code-generator dir:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -250,10 +264,11 @@ assert_clean touch vendor/k8s.io/code-generator/cmd/conversion-gen/generators/conversion.go touch "${STAMP}" make generated_files >/dev/null -X=($(older conversion "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older conversion "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated conversion files did not change after touching code-generator dep file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -262,10 +277,11 @@ assert_clean touch vendor/k8s.io/code-generator/cmd/conversion-gen/generators/ touch "${STAMP}" make generated_files >/dev/null -X=($(older conversion "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older conversion "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated conversion files did not change after touching code-generator dep dir:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -278,10 +294,11 @@ assert_clean touch "staging/src/k8s.io/api/core/v1/types.go" touch "${STAMP}" make generated_files >/dev/null -X=($(newer openapi "${STAMP}")) -if [[ "${#X[*]}" != 1 || ! ( "${X[0]}" =~ "pkg/generated/openapi/zz_generated.openapi.go" ) ]]; then +X="$(newer openapi "${STAMP}")" +if [[ -z "${X}" || ${X} != "./pkg/generated/openapi/zz_generated.openapi.go" ]]; then echo "Wrong generated openapi files changed after touching src file:" - echo "${X[*]:-(none)}" + echo " ${X:-(none)}" | tr '\n' ' ' + echo "" exit 1 fi @@ -294,10 +311,11 @@ assert_clean touch vendor/k8s.io/kube-openapi/cmd/openapi-gen/openapi-gen.go touch "${STAMP}" make generated_files >/dev/null -X=($(older openapi "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older openapi "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated openapi files did not change after touching code-generator file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -306,10 +324,11 @@ assert_clean touch vendor/k8s.io/kube-openapi/cmd/openapi-gen/ touch "${STAMP}" make generated_files >/dev/null -X=($(older openapi "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older openapi "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated openapi files did not change after touching code-generator dir:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -318,10 +337,11 @@ assert_clean touch vendor/k8s.io/kube-openapi/pkg/generators/openapi.go touch "${STAMP}" make generated_files >/dev/null -X=($(older openapi "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older openapi "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated openapi files did not change after touching code-generator dep file:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi @@ -330,9 +350,10 @@ assert_clean touch vendor/k8s.io/kube-openapi/pkg/generators touch "${STAMP}" make generated_files >/dev/null -X=($(older openapi "${STAMP}")) -if [[ "${#X[*]}" != 0 ]]; then +X="$(older openapi "${STAMP}")" +if [[ -n "${X}" ]]; then echo "Generated openapi files did not change after touching code-generator dep dir:" - echo " ${X[*]:-(none)}" + echo " ${X}" | tr '\n' ' ' + echo "" exit 1 fi diff --git a/hack/verify-generated-kubelet-plugin-registration.sh b/hack/verify-generated-kubelet-plugin-registration.sh index b8b7018bcfe..44472894c7f 100755 --- a/hack/verify-generated-kubelet-plugin-registration.sh +++ b/hack/verify-generated-kubelet-plugin-registration.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # Copyright 2018 The Kubernetes Authors. # diff --git a/hack/verify-godep-licenses.sh b/hack/verify-godep-licenses.sh index 8e49d6f96ea..76f33662f11 100755 --- a/hack/verify-godep-licenses.sh +++ b/hack/verify-godep-licenses.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" readonly branch=${1:-${KUBE_VERIFY_GIT_BRANCH:-master}} @@ -48,7 +48,7 @@ ln -s "${KUBE_ROOT}/vendor" "${_tmpdir}" LICENSE_ROOT="${_tmpdir}" "${KUBE_ROOT}/hack/update-godep-licenses.sh" # Compare Godep Licenses -if ! _out="$(diff -Naupr ${KUBE_ROOT}/Godeps/LICENSES ${_tmpdir}/Godeps/LICENSES)"; then +if ! _out="$(diff -Naupr "${KUBE_ROOT}/Godeps/LICENSES" "${_tmpdir}/Godeps/LICENSES")"; then echo "Your godep licenses file is out of date. Run hack/update-godep-licenses.sh and commit the results." >&2 echo "${_out}" >&2 exit 1 diff --git a/hack/verify-godeps.sh b/hack/verify-godeps.sh index 8760c7649da..b565274a1d5 100755 --- a/hack/verify-godeps.sh +++ b/hack/verify-godeps.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" readonly branch=${1:-${KUBE_VERIFY_GIT_BRANCH:-master}} @@ -35,7 +35,7 @@ kube::util::ensure_godep_version if [[ -z ${TMP_GOPATH:-} ]]; then # Create a nice clean place to put our new godeps - _tmpdir="$(kube::realpath $(mktemp -d -t gopath.XXXXXX))" + _tmpdir="$(kube::realpath "$(mktemp -d -t gopath.XXXXXX)")" else # reuse what we might have saved previously _tmpdir="${TMP_GOPATH}" @@ -58,7 +58,7 @@ trap cleanup EXIT _kubetmp="${_tmpdir}/src/k8s.io" mkdir -p "${_kubetmp}" # should create ${_kubectmp}/kubernetes -git archive --format=tar --prefix=kubernetes/ $(git write-tree) | (cd "${_kubetmp}" && tar xf -) +git archive --format=tar --prefix=kubernetes/ "$(git write-tree)" | (cd "${_kubetmp}" && tar xf -) _kubetmp="${_kubetmp}/kubernetes" # Do all our work in the new GOPATH @@ -84,7 +84,7 @@ ret=0 pushd "${KUBE_ROOT}" > /dev/null 2>&1 # Test for diffs - if ! _out="$(diff -Naupr --ignore-matching-lines='^\s*\"GoVersion\":' Godeps/Godeps.json ${_kubetmp}/Godeps/Godeps.json)"; then + if ! _out="$(diff -Naupr --ignore-matching-lines='^\s*\"GoVersion\":' Godeps/Godeps.json "${_kubetmp}/Godeps/Godeps.json")"; then echo "Your Godeps.json is different:" >&2 echo "${_out}" >&2 echo "Godeps Verify failed." >&2 @@ -101,7 +101,7 @@ pushd "${KUBE_ROOT}" > /dev/null 2>&1 ret=1 fi - if ! _out="$(diff -Naupr -x "BUILD" -x "AUTHORS*" -x "CONTRIBUTORS*" vendor ${_kubetmp}/vendor)"; then + if ! _out="$(diff -Naupr -x "BUILD" -x "AUTHORS*" -x "CONTRIBUTORS*" vendor "${_kubetmp}/vendor")"; then echo "Your vendored results are different:" >&2 echo "${_out}" >&2 echo "Godeps Verify failed." >&2 diff --git a/hack/verify-gofmt.sh b/hack/verify-gofmt.sh index 9dd47884437..af597e1cc96 100755 --- a/hack/verify-gofmt.sh +++ b/hack/verify-gofmt.sh @@ -20,7 +20,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" cd "${KUBE_ROOT}" @@ -53,7 +53,7 @@ find_files() { # formatting (e.g., a file does not parse correctly). Without "|| true" this # would have led to no useful error message from gofmt, because the script would # have failed before getting to the "echo" in the block below. -diff=$(find_files | xargs ${gofmt} -d -s 2>&1) || true +diff=$(find_files | xargs "${gofmt}" -d -s 2>&1) || true if [[ -n "${diff}" ]]; then echo "${diff}" >&2 echo >&2 diff --git a/hack/verify-golint.sh b/hack/verify-golint.sh index d8c981f85b6..a4cbbb5b31f 100755 --- a/hack/verify-golint.sh +++ b/hack/verify-golint.sh @@ -20,6 +20,7 @@ set -o pipefail KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" +source "${KUBE_ROOT}/hack/lib/util.sh" kube::golang::verify_go_version @@ -49,16 +50,7 @@ array_contains () { # Check that the file is in alphabetical order failure_file="${KUBE_ROOT}/hack/.golint_failures" -if ! diff -u "${failure_file}" <(LC_ALL=C sort "${failure_file}"); then - { - echo - echo "hack/.golint_failures is not in alphabetical order. Please sort it:" - echo - echo " LC_ALL=C sort -o hack/.golint_failures hack/.golint_failures" - echo - } >&2 - false -fi +kube::util::check-file-in-alphabetical-order "${failure_file}" export IFS=$'\n' # NOTE: when "go list -e ./..." is run within GOPATH, it turns the k8s.io/kubernetes diff --git a/hack/verify-imports.sh b/hack/verify-imports.sh index 0f24b896807..40bbca4a45f 100755 --- a/hack/verify-imports.sh +++ b/hack/verify-imports.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" kube::golang::setup_env diff --git a/hack/verify-shellcheck.sh b/hack/verify-shellcheck.sh index b13694ce8f3..9a0c7a7f28e 100755 --- a/hack/verify-shellcheck.sh +++ b/hack/verify-shellcheck.sh @@ -20,6 +20,7 @@ set -o pipefail KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. source "${KUBE_ROOT}/hack/lib/init.sh" +source "${KUBE_ROOT}/hack/lib/util.sh" # required version for this script, if not installed on the host we will # use the official docker image instead. keep this in sync with SHELLCHECK_IMAGE @@ -79,16 +80,7 @@ done < <(find . -name "*.sh" \ # make sure known failures are sorted failure_file="${KUBE_ROOT}/hack/.shellcheck_failures" -if ! diff -u "${failure_file}" <(LC_ALL=C sort "${failure_file}"); then - { - echo - echo "hack/.shellcheck_failures is not in alphabetical order. Please sort it:" - echo - echo " LC_ALL=C sort -o hack/.shellcheck_failures hack/.shellcheck_failures" - echo - } >&2 - false -fi +kube::util::check-file-in-alphabetical-order "${failure_file}" # load known failure files failing_files=() diff --git a/logo/OWNERS b/logo/OWNERS index 82fc53c3465..4a4d3d6dd2d 100644 --- a/logo/OWNERS +++ b/logo/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin approvers: diff --git a/pkg/OWNERS b/pkg/OWNERS index 1b48f841405..c252622e2a8 100644 --- a/pkg/OWNERS +++ b/pkg/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - brendandburns - dchen1107 diff --git a/pkg/api/OWNERS b/pkg/api/OWNERS index 3e0361498b5..5758adee267 100644 --- a/pkg/api/OWNERS +++ b/pkg/api/OWNERS @@ -1,4 +1,5 @@ # See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/pkg/api/endpoints/OWNERS b/pkg/api/endpoints/OWNERS old mode 100755 new mode 100644 index 2a757e77b66..7dffe5f276a --- a/pkg/api/endpoints/OWNERS +++ b/pkg/api/endpoints/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - smarterclayton diff --git a/pkg/api/persistentvolume/OWNERS b/pkg/api/persistentvolume/OWNERS old mode 100755 new mode 100644 index 8575aa9767a..bf52d0cb873 --- a/pkg/api/persistentvolume/OWNERS +++ b/pkg/api/persistentvolume/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - jsafrane diff --git a/pkg/api/persistentvolumeclaim/OWNERS b/pkg/api/persistentvolumeclaim/OWNERS old mode 100755 new mode 100644 index 8575aa9767a..bf52d0cb873 --- a/pkg/api/persistentvolumeclaim/OWNERS +++ b/pkg/api/persistentvolumeclaim/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - jsafrane diff --git a/pkg/api/pod/OWNERS b/pkg/api/pod/OWNERS old mode 100755 new mode 100644 index bead0f8a8ec..67330094b05 --- a/pkg/api/pod/OWNERS +++ b/pkg/api/pod/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - thockin diff --git a/pkg/api/pod/util.go b/pkg/api/pod/util.go index 35905824873..a1d536a28be 100644 --- a/pkg/api/pod/util.go +++ b/pkg/api/pod/util.go @@ -350,6 +350,20 @@ func dropDisabledFields( } } + if (!utilfeature.DefaultFeatureGate.Enabled(features.VolumeSubpath) || !utilfeature.DefaultFeatureGate.Enabled(features.VolumeSubpathEnvExpansion)) && !subpathExprInUse(oldPodSpec) { + // drop subpath env expansion from the pod if either of the subpath features is disabled and the old spec did not specify subpath env expansion + for i := range podSpec.Containers { + for j := range podSpec.Containers[i].VolumeMounts { + podSpec.Containers[i].VolumeMounts[j].SubPathExpr = "" + } + } + for i := range podSpec.InitContainers { + for j := range podSpec.InitContainers[i].VolumeMounts { + podSpec.InitContainers[i].VolumeMounts[j].SubPathExpr = "" + } + } + } + dropDisabledVolumeDevicesFields(podSpec, oldPodSpec) dropDisabledRunAsGroupField(podSpec, oldPodSpec) @@ -595,3 +609,25 @@ func runAsGroupInUse(podSpec *api.PodSpec) bool { } return false } + +// subpathExprInUse returns true if the pod spec is non-nil and has a volume mount that makes use of the subPathExpr feature +func subpathExprInUse(podSpec *api.PodSpec) bool { + if podSpec == nil { + return false + } + for i := range podSpec.Containers { + for j := range podSpec.Containers[i].VolumeMounts { + if len(podSpec.Containers[i].VolumeMounts[j].SubPathExpr) > 0 { + return true + } + } + } + for i := range podSpec.InitContainers { + for j := range podSpec.InitContainers[i].VolumeMounts { + if len(podSpec.InitContainers[i].VolumeMounts[j].SubPathExpr) > 0 { + return true + } + } + } + return false +} diff --git a/pkg/api/pod/util_test.go b/pkg/api/pod/util_test.go index 0f0696c9cda..81402b6bf47 100644 --- a/pkg/api/pod/util_test.go +++ b/pkg/api/pod/util_test.go @@ -1549,3 +1549,97 @@ func TestDropPodSysctls(t *testing.T) { } } } + +func TestDropSubPathExpr(t *testing.T) { + podWithSubpaths := func() *api.Pod { + return &api.Pod{ + Spec: api.PodSpec{ + RestartPolicy: api.RestartPolicyNever, + Containers: []api.Container{{Name: "container1", Image: "testimage", VolumeMounts: []api.VolumeMount{{Name: "a", SubPathExpr: "foo"}, {Name: "a", SubPathExpr: "foo2"}, {Name: "a", SubPathExpr: "foo3"}}}}, + InitContainers: []api.Container{{Name: "container1", Image: "testimage", VolumeMounts: []api.VolumeMount{{Name: "a", SubPathExpr: "foo"}, {Name: "a", SubPathExpr: "foo2"}}}}, + Volumes: []api.Volume{{Name: "a", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/dev/xvdc"}}}}, + }, + } + } + podWithoutSubpaths := func() *api.Pod { + return &api.Pod{ + Spec: api.PodSpec{ + RestartPolicy: api.RestartPolicyNever, + Containers: []api.Container{{Name: "container1", Image: "testimage", VolumeMounts: []api.VolumeMount{{Name: "a", SubPathExpr: ""}, {Name: "a", SubPathExpr: ""}, {Name: "a", SubPathExpr: ""}}}}, + InitContainers: []api.Container{{Name: "container1", Image: "testimage", VolumeMounts: []api.VolumeMount{{Name: "a", SubPathExpr: ""}, {Name: "a", SubPathExpr: ""}}}}, + Volumes: []api.Volume{{Name: "a", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/dev/xvdc"}}}}, + }, + } + } + + podInfo := []struct { + description string + hasSubpaths bool + pod func() *api.Pod + }{ + { + description: "has subpaths", + hasSubpaths: true, + pod: podWithSubpaths, + }, + { + description: "does not have subpaths", + hasSubpaths: false, + pod: podWithoutSubpaths, + }, + { + description: "is nil", + hasSubpaths: false, + pod: func() *api.Pod { return nil }, + }, + } + + for _, enabled := range []bool{true, false} { + for _, oldPodInfo := range podInfo { + for _, newPodInfo := range podInfo { + oldPodHasSubpaths, oldPod := oldPodInfo.hasSubpaths, oldPodInfo.pod() + newPodHasSubpaths, newPod := newPodInfo.hasSubpaths, newPodInfo.pod() + if newPod == nil { + continue + } + + t.Run(fmt.Sprintf("feature enabled=%v, old pod %v, new pod %v", enabled, oldPodInfo.description, newPodInfo.description), func(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeSubpathEnvExpansion, enabled)() + + var oldPodSpec *api.PodSpec + if oldPod != nil { + oldPodSpec = &oldPod.Spec + } + dropDisabledFields(&newPod.Spec, nil, oldPodSpec, nil) + + // old pod should never be changed + if !reflect.DeepEqual(oldPod, oldPodInfo.pod()) { + t.Errorf("old pod changed: %v", diff.ObjectReflectDiff(oldPod, oldPodInfo.pod())) + } + + switch { + case enabled || oldPodHasSubpaths: + // new pod should not be changed if the feature is enabled, or if the old pod had subpaths + if !reflect.DeepEqual(newPod, newPodInfo.pod()) { + t.Errorf("new pod changed: %v", diff.ObjectReflectDiff(newPod, newPodInfo.pod())) + } + case newPodHasSubpaths: + // new pod should be changed + if reflect.DeepEqual(newPod, newPodInfo.pod()) { + t.Errorf("new pod was not changed") + } + // new pod should not have subpaths + if !reflect.DeepEqual(newPod, podWithoutSubpaths()) { + t.Errorf("new pod had subpaths: %v", diff.ObjectReflectDiff(newPod, podWithoutSubpaths())) + } + default: + // new pod should not need to be changed + if !reflect.DeepEqual(newPod, newPodInfo.pod()) { + t.Errorf("new pod changed: %v", diff.ObjectReflectDiff(newPod, newPodInfo.pod())) + } + } + }) + } + } + } +} diff --git a/pkg/api/podsecuritypolicy/OWNERS b/pkg/api/podsecuritypolicy/OWNERS old mode 100755 new mode 100644 index 652fc4cefab..cb59b2cfa31 --- a/pkg/api/podsecuritypolicy/OWNERS +++ b/pkg/api/podsecuritypolicy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - jessfraz diff --git a/pkg/api/service/OWNERS b/pkg/api/service/OWNERS old mode 100755 new mode 100644 index f9627e5f732..6c0aa0e1831 --- a/pkg/api/service/OWNERS +++ b/pkg/api/service/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - justinsb - freehan diff --git a/pkg/api/testapi/OWNERS b/pkg/api/testapi/OWNERS old mode 100755 new mode 100644 index 74b25f3aafe..672e9f3c192 --- a/pkg/api/testapi/OWNERS +++ b/pkg/api/testapi/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/api/testing/OWNERS b/pkg/api/testing/OWNERS old mode 100755 new mode 100644 index 2ee0a449ca9..fedb569f60b --- a/pkg/api/testing/OWNERS +++ b/pkg/api/testing/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/api/testing/unstructured_test.go b/pkg/api/testing/unstructured_test.go index 6d352b48bf7..33d7d480b65 100644 --- a/pkg/api/testing/unstructured_test.go +++ b/pkg/api/testing/unstructured_test.go @@ -19,11 +19,13 @@ package testing import ( "math/rand" "reflect" + "sort" "testing" - "github.com/google/gofuzz" + fuzz "github.com/google/gofuzz" + jsoniter "github.com/json-iterator/go" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/apitesting/fuzzer" apiequality "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/meta" @@ -99,7 +101,7 @@ func doRoundTrip(t *testing.T, internalVersion schema.GroupVersion, externalVers return } - newUnstr, err := runtime.NewTestUnstructuredConverter(apiequality.Semantic).ToUnstructured(item) + newUnstr, err := runtime.DefaultUnstructuredConverter.ToUnstructured(item) if err != nil { t.Errorf("ToUnstructured failed: %v", err) return @@ -163,7 +165,7 @@ func TestRoundTripWithEmptyCreationTimestamp(t *testing.T) { // attempt to re-convert unstructured object - conversion should not fail // based on empty metadata fields, such as creationTimestamp newObj := reflect.New(reflect.TypeOf(item).Elem()).Interface().(runtime.Object) - err = runtime.NewTestUnstructuredConverter(apiequality.Semantic).FromUnstructured(unstructObj.Object, newObj) + err = runtime.DefaultUnstructuredConverter.FromUnstructured(unstructObj.Object, newObj) if err != nil { t.Fatalf("FromUnstructured failed: %v", err) } @@ -171,44 +173,160 @@ func TestRoundTripWithEmptyCreationTimestamp(t *testing.T) { } } -func BenchmarkToFromUnstructured(b *testing.B) { +func BenchmarkToUnstructured(b *testing.B) { items := benchmarkItems(b) size := len(items) + convertor := runtime.DefaultUnstructuredConverter b.ResetTimer() for i := 0; i < b.N; i++ { - unstr, err := runtime.NewTestUnstructuredConverter(apiequality.Semantic).ToUnstructured(&items[i%size]) - if err != nil { - b.Fatalf("unexpected error: %v", err) - } - obj := v1.Pod{} - if err := runtime.NewTestUnstructuredConverter(apiequality.Semantic).FromUnstructured(unstr, &obj); err != nil { + unstr, err := convertor.ToUnstructured(&items[i%size]) + if err != nil || unstr == nil { b.Fatalf("unexpected error: %v", err) } } b.StopTimer() } -func BenchmarkToFromUnstructuredViaJSON(b *testing.B) { +func BenchmarkFromUnstructured(b *testing.B) { items := benchmarkItems(b) + convertor := runtime.DefaultUnstructuredConverter + var unstr []map[string]interface{} + for i := range items { + item, err := convertor.ToUnstructured(&items[i]) + if err != nil || item == nil { + b.Fatalf("unexpected error: %v", err) + } + unstr = append(unstr, item) + } size := len(items) b.ResetTimer() for i := 0; i < b.N; i++ { - data, err := json.Marshal(&items[i%size]) - if err != nil { - b.Fatalf("unexpected error: %v", err) - } - unstr := map[string]interface{}{} - if err := json.Unmarshal(data, &unstr); err != nil { - b.Fatalf("unexpected error: %v", err) - } - data, err = json.Marshal(unstr) - if err != nil { - b.Fatalf("unexpected error: %v", err) - } obj := v1.Pod{} - if err := json.Unmarshal(data, &obj); err != nil { + if err := convertor.FromUnstructured(unstr[i%size], &obj); err != nil { b.Fatalf("unexpected error: %v", err) } } b.StopTimer() } + +func BenchmarkToUnstructuredViaJSON(b *testing.B) { + items := benchmarkItems(b) + var data [][]byte + for i := range items { + item, err := json.Marshal(&items[i]) + if err != nil { + b.Fatalf("unexpected error: %v", err) + } + data = append(data, item) + } + size := len(items) + b.ResetTimer() + for i := 0; i < b.N; i++ { + unstr := map[string]interface{}{} + if err := json.Unmarshal(data[i%size], &unstr); err != nil { + b.Fatalf("unexpected error: %v", err) + } + } + b.StopTimer() +} + +func BenchmarkFromUnstructuredViaJSON(b *testing.B) { + items := benchmarkItems(b) + var unstr []map[string]interface{} + for i := range items { + data, err := json.Marshal(&items[i]) + if err != nil { + b.Fatalf("unexpected error: %v", err) + } + item := map[string]interface{}{} + if err := json.Unmarshal(data, &item); err != nil { + b.Fatalf("unexpected error: %v", err) + } + unstr = append(unstr, item) + } + size := len(items) + b.ResetTimer() + for i := 0; i < b.N; i++ { + item, err := json.Marshal(unstr[i%size]) + if err != nil { + b.Fatalf("unexpected error: %v", err) + } + obj := v1.Pod{} + if err := json.Unmarshal(item, &obj); err != nil { + b.Fatalf("unexpected error: %v", err) + } + } + b.StopTimer() +} + +func BenchmarkToUnstructuredViaJSONIter(b *testing.B) { + items := benchmarkItems(b) + size := len(items) + var keys []string + for k := range jsonIterConfig { + keys = append(keys, k) + } + sort.Strings(keys) + for _, name := range keys { + c := jsonIterConfig[name] + b.Run(name, func(b *testing.B) { + b.ResetTimer() + for i := 0; i < b.N; i++ { + data, err := c.Marshal(&items[i%size]) + if err != nil { + b.Fatalf("unexpected error: %v", err) + } + unstr := map[string]interface{}{} + if err := c.Unmarshal(data, &unstr); err != nil { + b.Fatalf("unexpected error: %v", err) + } + } + b.StopTimer() + }) + } +} + +var jsonIterConfig = map[string]jsoniter.API{ + "default": jsoniter.ConfigDefault, + "fastest": jsoniter.ConfigFastest, + "compat": jsoniter.ConfigCompatibleWithStandardLibrary, +} + +func BenchmarkFromUnstructuredViaJSONIter(b *testing.B) { + items := benchmarkItems(b) + var unstr []map[string]interface{} + for i := range items { + data, err := jsoniter.Marshal(&items[i]) + if err != nil { + b.Fatalf("unexpected error: %v", err) + } + item := map[string]interface{}{} + if err := json.Unmarshal(data, &item); err != nil { + b.Fatalf("unexpected error: %v", err) + } + unstr = append(unstr, item) + } + size := len(items) + var keys []string + for k := range jsonIterConfig { + keys = append(keys, k) + } + sort.Strings(keys) + for _, name := range keys { + c := jsonIterConfig[name] + b.Run(name, func(b *testing.B) { + b.ResetTimer() + for i := 0; i < b.N; i++ { + item, err := c.Marshal(unstr[i%size]) + if err != nil { + b.Fatalf("unexpected error: %v", err) + } + obj := v1.Pod{} + if err := c.Unmarshal(item, &obj); err != nil { + b.Fatalf("unexpected error: %v", err) + } + } + b.StopTimer() + }) + } +} diff --git a/pkg/api/v1/OWNERS b/pkg/api/v1/OWNERS old mode 100755 new mode 100644 index ba0d083cedc..a3c68b33064 --- a/pkg/api/v1/OWNERS +++ b/pkg/api/v1/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/apis/abac/OWNERS b/pkg/apis/abac/OWNERS old mode 100755 new mode 100644 index 6da8cef9f1a..9dde2493eca --- a/pkg/apis/abac/OWNERS +++ b/pkg/apis/abac/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - lavalamp - smarterclayton diff --git a/pkg/apis/admissionregistration/validation/validation.go b/pkg/apis/admissionregistration/validation/validation.go index fcba295cac4..09200fb2bc7 100644 --- a/pkg/apis/admissionregistration/validation/validation.go +++ b/pkg/apis/admissionregistration/validation/validation.go @@ -47,7 +47,7 @@ func validateResources(resources []string, fldPath *field.Path) field.ErrorList // */x resourcesWithWildcardSubresoures := sets.String{} // x/* - subResoucesWithWildcardResource := sets.String{} + subResourcesWithWildcardResource := sets.String{} // */* hasDoubleWildcard := false // * @@ -75,14 +75,14 @@ func validateResources(resources []string, fldPath *field.Path) field.ErrorList if _, ok := resourcesWithWildcardSubresoures[res]; ok { allErrors = append(allErrors, field.Invalid(fldPath.Index(i), resSub, fmt.Sprintf("if '%s/*' is present, must not specify %s", res, resSub))) } - if _, ok := subResoucesWithWildcardResource[sub]; ok { + if _, ok := subResourcesWithWildcardResource[sub]; ok { allErrors = append(allErrors, field.Invalid(fldPath.Index(i), resSub, fmt.Sprintf("if '*/%s' is present, must not specify %s", sub, resSub))) } if sub == "*" { resourcesWithWildcardSubresoures[res] = struct{}{} } if res == "*" { - subResoucesWithWildcardResource[sub] = struct{}{} + subResourcesWithWildcardResource[sub] = struct{}{} } } if len(resources) > 1 && hasDoubleWildcard { diff --git a/pkg/apis/apps/OWNERS b/pkg/apis/apps/OWNERS old mode 100755 new mode 100644 index 9fc48015cc3..1ed2b1cd1d6 --- a/pkg/apis/apps/OWNERS +++ b/pkg/apis/apps/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/apis/apps/types.go b/pkg/apis/apps/types.go index 65ca4f62abb..8e40891b852 100644 --- a/pkg/apis/apps/types.go +++ b/pkg/apis/apps/types.go @@ -59,7 +59,7 @@ const ( // ParallelPodManagement will create and delete pods as soon as the stateful set // replica count is changed, and will not wait for pods to be ready or complete // termination. - ParallelPodManagement = "Parallel" + ParallelPodManagement PodManagementPolicyType = "Parallel" ) // StatefulSetUpdateStrategy indicates the strategy that the StatefulSet @@ -407,7 +407,7 @@ type RollingUpdateDeployment struct { // Example: when this is set to 30%, the new RC can be scaled up by 30% // immediately when the rolling update starts. Once old pods have been killed, // new RC can be scaled up further, ensuring that total number of pods running - // at any time during the update is atmost 130% of original pods. + // at any time during the update is at most 130% of original pods. // +optional MaxSurge intstr.IntOrString } diff --git a/pkg/apis/authentication/OWNERS b/pkg/apis/authentication/OWNERS old mode 100755 new mode 100644 index 3b7ea1b131f..e0ec62deb2b --- a/pkg/apis/authentication/OWNERS +++ b/pkg/apis/authentication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-authenticators-approvers diff --git a/pkg/apis/authorization/OWNERS b/pkg/apis/authorization/OWNERS old mode 100755 new mode 100644 index ff4a7f4bf9a..dbc9a28c6f2 --- a/pkg/apis/authorization/OWNERS +++ b/pkg/apis/authorization/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-authorizers-approvers diff --git a/pkg/apis/autoscaling/OWNERS b/pkg/apis/autoscaling/OWNERS old mode 100755 new mode 100644 index 4a495ec2532..dbc1e02356f --- a/pkg/apis/autoscaling/OWNERS +++ b/pkg/apis/autoscaling/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/apis/batch/OWNERS b/pkg/apis/batch/OWNERS old mode 100755 new mode 100644 index 8a500cb9e0e..badef1377a0 --- a/pkg/apis/batch/OWNERS +++ b/pkg/apis/batch/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/apis/certificates/OWNERS b/pkg/apis/certificates/OWNERS old mode 100755 new mode 100644 index 796d862bd9c..9e866a52dcc --- a/pkg/apis/certificates/OWNERS +++ b/pkg/apis/certificates/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-certificates-approvers diff --git a/pkg/apis/core/OWNERS b/pkg/apis/core/OWNERS index 7e195eca389..f062ebd6b89 100644 --- a/pkg/apis/core/OWNERS +++ b/pkg/apis/core/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - erictune - lavalamp diff --git a/pkg/apis/core/install/OWNERS b/pkg/apis/core/install/OWNERS old mode 100755 new mode 100644 index 46b9cbbd3fe..c06f07bdcc9 --- a/pkg/apis/core/install/OWNERS +++ b/pkg/apis/core/install/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - lavalamp - smarterclayton diff --git a/pkg/apis/core/types.go b/pkg/apis/core/types.go index d577b2d2e12..22a8847d2a6 100644 --- a/pkg/apis/core/types.go +++ b/pkg/apis/core/types.go @@ -1644,6 +1644,13 @@ type VolumeMount struct { // This field is beta in 1.10. // +optional MountPropagation *MountPropagationMode + // Expanded path within the volume from which the container's volume should be mounted. + // Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + // Defaults to "" (volume's root). + // SubPathExpr and SubPath are mutually exclusive. + // This field is alpha in 1.14. + // +optional + SubPathExpr string } // MountPropagationMode describes mount propagation. @@ -2615,14 +2622,14 @@ type PodSpec struct { // If specified, all readiness gates will be evaluated for pod readiness. // A pod is ready when all its containers are ready AND // all conditions specified in the readiness gates have status equal to "True" - // More info: https://github.com/kubernetes/community/blob/master/keps/sig-network/0007-pod-ready%2B%2B.md + // More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md // +optional ReadinessGates []PodReadinessGate // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an // empty definition that uses the default runtime handler. - // More info: https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md + // More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md // This is an alpha feature and may change in the future. // +optional RuntimeClassName *string diff --git a/pkg/apis/core/v1/OWNERS b/pkg/apis/core/v1/OWNERS old mode 100755 new mode 100644 index ba0d083cedc..a3c68b33064 --- a/pkg/apis/core/v1/OWNERS +++ b/pkg/apis/core/v1/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/apis/core/v1/zz_generated.conversion.go b/pkg/apis/core/v1/zz_generated.conversion.go index 53e2d888411..83f150884ea 100644 --- a/pkg/apis/core/v1/zz_generated.conversion.go +++ b/pkg/apis/core/v1/zz_generated.conversion.go @@ -7372,6 +7372,7 @@ func autoConvert_v1_VolumeMount_To_core_VolumeMount(in *v1.VolumeMount, out *cor out.MountPath = in.MountPath out.SubPath = in.SubPath out.MountPropagation = (*core.MountPropagationMode)(unsafe.Pointer(in.MountPropagation)) + out.SubPathExpr = in.SubPathExpr return nil } @@ -7386,6 +7387,7 @@ func autoConvert_core_VolumeMount_To_v1_VolumeMount(in *core.VolumeMount, out *v out.MountPath = in.MountPath out.SubPath = in.SubPath out.MountPropagation = (*v1.MountPropagationMode)(unsafe.Pointer(in.MountPropagation)) + out.SubPathExpr = in.SubPathExpr return nil } diff --git a/pkg/apis/core/validation/BUILD b/pkg/apis/core/validation/BUILD index ed546217cf6..bbdd8b7a32d 100644 --- a/pkg/apis/core/validation/BUILD +++ b/pkg/apis/core/validation/BUILD @@ -7,6 +7,7 @@ load( go_library( name = "go_default_library", srcs = [ + "conditional_validation.go", "doc.go", "events.go", "validation.go", @@ -46,6 +47,7 @@ go_library( go_test( name = "go_default_test", srcs = [ + "conditional_validation_test.go", "events_test.go", "validation_test.go", ], @@ -59,6 +61,7 @@ go_test( "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", diff --git a/pkg/apis/core/validation/OWNERS b/pkg/apis/core/validation/OWNERS old mode 100755 new mode 100644 index e87de15ad0b..d3b431ea27d --- a/pkg/apis/core/validation/OWNERS +++ b/pkg/apis/core/validation/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/apis/core/validation/conditional_validation.go b/pkg/apis/core/validation/conditional_validation.go new file mode 100644 index 00000000000..e11731686bb --- /dev/null +++ b/pkg/apis/core/validation/conditional_validation.go @@ -0,0 +1,148 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "k8s.io/apimachinery/pkg/util/validation/field" + utilfeature "k8s.io/apiserver/pkg/util/feature" + api "k8s.io/kubernetes/pkg/apis/core" + "k8s.io/kubernetes/pkg/features" +) + +// ValidateConditionalService validates conditionally valid fields. +func ValidateConditionalService(service, oldService *api.Service) field.ErrorList { + var errs field.ErrorList + // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it + if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(serviceSCTPFields(oldService)) == 0 { + for _, f := range serviceSCTPFields(service) { + errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) + } + } + return errs +} + +func serviceSCTPFields(service *api.Service) []*field.Path { + if service == nil { + return nil + } + fields := []*field.Path{} + for pIndex, p := range service.Spec.Ports { + if p.Protocol == api.ProtocolSCTP { + fields = append(fields, field.NewPath("spec.ports").Index(pIndex).Child("protocol")) + } + } + return fields +} + +// ValidateConditionalEndpoints validates conditionally valid fields. +func ValidateConditionalEndpoints(endpoints, oldEndpoints *api.Endpoints) field.ErrorList { + var errs field.ErrorList + // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it + if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(endpointsSCTPFields(oldEndpoints)) == 0 { + for _, f := range endpointsSCTPFields(endpoints) { + errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) + } + } + return errs +} + +func endpointsSCTPFields(endpoints *api.Endpoints) []*field.Path { + if endpoints == nil { + return nil + } + fields := []*field.Path{} + for sIndex, s := range endpoints.Subsets { + for pIndex, p := range s.Ports { + if p.Protocol == api.ProtocolSCTP { + fields = append(fields, field.NewPath("subsets").Index(sIndex).Child("ports").Index(pIndex).Child("protocol")) + } + } + } + return fields +} + +// ValidateConditionalPodTemplate validates conditionally valid fields. +// This should be called from Validate/ValidateUpdate for all resources containing a PodTemplateSpec +func ValidateConditionalPodTemplate(podTemplate, oldPodTemplate *api.PodTemplateSpec, fldPath *field.Path) field.ErrorList { + var ( + podSpec *api.PodSpec + oldPodSpec *api.PodSpec + ) + if podTemplate != nil { + podSpec = &podTemplate.Spec + } + if oldPodTemplate != nil { + oldPodSpec = &oldPodTemplate.Spec + } + return validateConditionalPodSpec(podSpec, oldPodSpec, fldPath.Child("spec")) +} + +// ValidateConditionalPod validates conditionally valid fields. +// This should be called from Validate/ValidateUpdate for all resources containing a Pod +func ValidateConditionalPod(pod, oldPod *api.Pod, fldPath *field.Path) field.ErrorList { + var ( + podSpec *api.PodSpec + oldPodSpec *api.PodSpec + ) + if pod != nil { + podSpec = &pod.Spec + } + if oldPod != nil { + oldPodSpec = &oldPod.Spec + } + return validateConditionalPodSpec(podSpec, oldPodSpec, fldPath.Child("spec")) +} + +func validateConditionalPodSpec(podSpec, oldPodSpec *api.PodSpec, fldPath *field.Path) field.ErrorList { + // Always make sure we have a non-nil current pod spec + if podSpec == nil { + podSpec = &api.PodSpec{} + } + + errs := field.ErrorList{} + + // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it + if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(podSCTPFields(oldPodSpec, nil)) == 0 { + for _, f := range podSCTPFields(podSpec, fldPath) { + errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) + } + } + + return errs +} + +func podSCTPFields(podSpec *api.PodSpec, fldPath *field.Path) []*field.Path { + if podSpec == nil { + return nil + } + fields := []*field.Path{} + for cIndex, c := range podSpec.InitContainers { + for pIndex, p := range c.Ports { + if p.Protocol == api.ProtocolSCTP { + fields = append(fields, fldPath.Child("initContainers").Index(cIndex).Child("ports").Index(pIndex).Child("protocol")) + } + } + } + for cIndex, c := range podSpec.Containers { + for pIndex, p := range c.Ports { + if p.Protocol == api.ProtocolSCTP { + fields = append(fields, fldPath.Child("containers").Index(cIndex).Child("ports").Index(pIndex).Child("protocol")) + } + } + } + return fields +} diff --git a/pkg/apis/core/validation/conditional_validation_test.go b/pkg/apis/core/validation/conditional_validation_test.go new file mode 100644 index 00000000000..e33cd07f002 --- /dev/null +++ b/pkg/apis/core/validation/conditional_validation_test.go @@ -0,0 +1,253 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "fmt" + "reflect" + "testing" + + "k8s.io/apimachinery/pkg/util/diff" + utilfeature "k8s.io/apiserver/pkg/util/feature" + utilfeaturetesting "k8s.io/apiserver/pkg/util/feature/testing" + api "k8s.io/kubernetes/pkg/apis/core" + "k8s.io/kubernetes/pkg/features" +) + +func TestValidatePodSCTP(t *testing.T) { + objectWithValue := func() *api.Pod { + return &api.Pod{ + Spec: api.PodSpec{ + Containers: []api.Container{{Name: "container1", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 80, Protocol: api.ProtocolSCTP}}}}, + InitContainers: []api.Container{{Name: "container2", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 90, Protocol: api.ProtocolSCTP}}}}, + }, + } + } + objectWithoutValue := func() *api.Pod { + return &api.Pod{ + Spec: api.PodSpec{ + Containers: []api.Container{{Name: "container1", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 80, Protocol: api.ProtocolTCP}}}}, + InitContainers: []api.Container{{Name: "container2", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 90, Protocol: api.ProtocolTCP}}}}, + }, + } + } + + objectInfo := []struct { + description string + hasValue bool + object func() *api.Pod + }{ + { + description: "has value", + hasValue: true, + object: objectWithValue, + }, + { + description: "does not have value", + hasValue: false, + object: objectWithoutValue, + }, + { + description: "is nil", + hasValue: false, + object: func() *api.Pod { return nil }, + }, + } + + for _, enabled := range []bool{true, false} { + for _, oldPodInfo := range objectInfo { + for _, newPodInfo := range objectInfo { + oldPodHasValue, oldPod := oldPodInfo.hasValue, oldPodInfo.object() + newPodHasValue, newPod := newPodInfo.hasValue, newPodInfo.object() + if newPod == nil { + continue + } + + t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldPodInfo.description, newPodInfo.description), func(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() + errs := ValidateConditionalPod(newPod, oldPod, nil) + // objects should never be changed + if !reflect.DeepEqual(oldPod, oldPodInfo.object()) { + t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldPod, oldPodInfo.object())) + } + if !reflect.DeepEqual(newPod, newPodInfo.object()) { + t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newPod, newPodInfo.object())) + } + + switch { + case enabled || oldPodHasValue || !newPodHasValue: + if len(errs) > 0 { + t.Errorf("unexpected errors: %v", errs) + } + default: + if len(errs) != 2 { + t.Errorf("expected 2 errors, got %v", errs) + } + } + }) + } + } + } +} + +func TestValidateServiceSCTP(t *testing.T) { + objectWithValue := func() *api.Service { + return &api.Service{ + Spec: api.ServiceSpec{ + Ports: []api.ServicePort{{Protocol: api.ProtocolSCTP}}, + }, + } + } + objectWithoutValue := func() *api.Service { + return &api.Service{ + Spec: api.ServiceSpec{ + Ports: []api.ServicePort{{Protocol: api.ProtocolTCP}}, + }, + } + } + + objectInfo := []struct { + description string + hasValue bool + object func() *api.Service + }{ + { + description: "has value", + hasValue: true, + object: objectWithValue, + }, + { + description: "does not have value", + hasValue: false, + object: objectWithoutValue, + }, + { + description: "is nil", + hasValue: false, + object: func() *api.Service { return nil }, + }, + } + + for _, enabled := range []bool{true, false} { + for _, oldServiceInfo := range objectInfo { + for _, newServiceInfo := range objectInfo { + oldServiceHasValue, oldService := oldServiceInfo.hasValue, oldServiceInfo.object() + newServiceHasValue, newService := newServiceInfo.hasValue, newServiceInfo.object() + if newService == nil { + continue + } + + t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldServiceInfo.description, newServiceInfo.description), func(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() + errs := ValidateConditionalService(newService, oldService) + // objects should never be changed + if !reflect.DeepEqual(oldService, oldServiceInfo.object()) { + t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldService, oldServiceInfo.object())) + } + if !reflect.DeepEqual(newService, newServiceInfo.object()) { + t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newService, newServiceInfo.object())) + } + + switch { + case enabled || oldServiceHasValue || !newServiceHasValue: + if len(errs) > 0 { + t.Errorf("unexpected errors: %v", errs) + } + default: + if len(errs) != 1 { + t.Errorf("expected 1 error, got %v", errs) + } + } + }) + } + } + } +} + +func TestValidateEndpointsSCTP(t *testing.T) { + objectWithValue := func() *api.Endpoints { + return &api.Endpoints{ + Subsets: []api.EndpointSubset{ + {Ports: []api.EndpointPort{{Protocol: api.ProtocolSCTP}}}, + }, + } + } + objectWithoutValue := func() *api.Endpoints { + return &api.Endpoints{ + Subsets: []api.EndpointSubset{ + {Ports: []api.EndpointPort{{Protocol: api.ProtocolTCP}}}, + }, + } + } + + objectInfo := []struct { + description string + hasValue bool + object func() *api.Endpoints + }{ + { + description: "has value", + hasValue: true, + object: objectWithValue, + }, + { + description: "does not have value", + hasValue: false, + object: objectWithoutValue, + }, + { + description: "is nil", + hasValue: false, + object: func() *api.Endpoints { return nil }, + }, + } + + for _, enabled := range []bool{true, false} { + for _, oldEndpointsInfo := range objectInfo { + for _, newEndpointsInfo := range objectInfo { + oldEndpointsHasValue, oldEndpoints := oldEndpointsInfo.hasValue, oldEndpointsInfo.object() + newEndpointsHasValue, newEndpoints := newEndpointsInfo.hasValue, newEndpointsInfo.object() + if newEndpoints == nil { + continue + } + + t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldEndpointsInfo.description, newEndpointsInfo.description), func(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() + errs := ValidateConditionalEndpoints(newEndpoints, oldEndpoints) + // objects should never be changed + if !reflect.DeepEqual(oldEndpoints, oldEndpointsInfo.object()) { + t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldEndpoints, oldEndpointsInfo.object())) + } + if !reflect.DeepEqual(newEndpoints, newEndpointsInfo.object()) { + t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newEndpoints, newEndpointsInfo.object())) + } + + switch { + case enabled || oldEndpointsHasValue || !newEndpointsHasValue: + if len(errs) > 0 { + t.Errorf("unexpected errors: %v", errs) + } + default: + if len(errs) != 1 { + t.Errorf("expected 1 error, got %v", errs) + } + } + }) + } + } + } +} diff --git a/pkg/apis/core/validation/validation.go b/pkg/apis/core/validation/validation.go index deb75265fd1..f7ba935ff8e 100644 --- a/pkg/apis/core/validation/validation.go +++ b/pkg/apis/core/validation/validation.go @@ -1969,8 +1969,6 @@ func validateContainerPorts(ports []core.ContainerPort, fldPath *field.Path) fie } if len(port.Protocol) == 0 { allErrs = append(allErrs, field.Required(idxPath.Child("protocol"), "")) - } else if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && port.Protocol == core.ProtocolSCTP { - allErrs = append(allErrs, field.NotSupported(idxPath.Child("protocol"), port.Protocol, []string{string(core.ProtocolTCP), string(core.ProtocolUDP)})) } else if !supportedPortProtocols.Has(string(port.Protocol)) { allErrs = append(allErrs, field.NotSupported(idxPath.Child("protocol"), port.Protocol, supportedPortProtocols.List())) } @@ -2084,13 +2082,6 @@ func validateObjectFieldSelector(fs *core.ObjectFieldSelector, expressions *sets return allErrs } -func fsResourceIsEphemeralStorage(resource string) bool { - if resource == "limits.ephemeral-storage" || resource == "requests.ephemeral-storage" { - return true - } - return false -} - func validateContainerResourceFieldSelector(fs *core.ResourceFieldSelector, expressions *sets.String, fldPath *field.Path, volume bool) field.ErrorList { allErrs := field.ErrorList{} @@ -2273,6 +2264,14 @@ func ValidateVolumeMounts(mounts []core.VolumeMount, voldevices map[string]strin allErrs = append(allErrs, validateLocalDescendingPath(mnt.SubPath, fldPath.Child("subPath"))...) } + if len(mnt.SubPathExpr) > 0 { + if len(mnt.SubPath) > 0 { + allErrs = append(allErrs, field.Invalid(idxPath.Child("subPathExpr"), mnt.SubPathExpr, "subPathExpr and subPath are mutually exclusive")) + } + + allErrs = append(allErrs, validateLocalDescendingPath(mnt.SubPathExpr, fldPath.Child("subPathExpr"))...) + } + if mnt.MountPropagation != nil { allErrs = append(allErrs, validateMountPropagation(mnt.MountPropagation, container, fldPath.Child("mountPropagation"))...) } @@ -3724,9 +3723,7 @@ func ValidateService(service *core.Service) field.ErrorList { includeProtocols := sets.NewString() for i := range service.Spec.Ports { portPath := portsPath.Index(i) - if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && service.Spec.Ports[i].Protocol == core.ProtocolSCTP { - allErrs = append(allErrs, field.NotSupported(portPath.Child("protocol"), service.Spec.Ports[i].Protocol, []string{string(core.ProtocolTCP), string(core.ProtocolUDP)})) - } else if !supportedPortProtocols.Has(string(service.Spec.Ports[i].Protocol)) { + if !supportedPortProtocols.Has(string(service.Spec.Ports[i].Protocol)) { allErrs = append(allErrs, field.Invalid(portPath.Child("protocol"), service.Spec.Ports[i].Protocol, "cannot create an external load balancer with non-TCP/UDP/SCTP ports")) } else { includeProtocols.Insert(string(service.Spec.Ports[i].Protocol)) @@ -3825,8 +3822,6 @@ func validateServicePort(sp *core.ServicePort, requireName, isHeadlessService bo if len(sp.Protocol) == 0 { allErrs = append(allErrs, field.Required(fldPath.Child("protocol"), "")) - } else if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && sp.Protocol == core.ProtocolSCTP { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("protocol"), sp.Protocol, []string{string(core.ProtocolTCP), string(core.ProtocolUDP)})) } else if !supportedPortProtocols.Has(string(sp.Protocol)) { allErrs = append(allErrs, field.NotSupported(fldPath.Child("protocol"), sp.Protocol, supportedPortProtocols.List())) } @@ -4020,7 +4015,7 @@ func ValidateReadOnlyPersistentDisks(volumes []core.Volume, fldPath *field.Path) vol := &volumes[i] idxPath := fldPath.Index(i) if vol.GCEPersistentDisk != nil { - if vol.GCEPersistentDisk.ReadOnly == false { + if !vol.GCEPersistentDisk.ReadOnly { allErrs = append(allErrs, field.Invalid(idxPath.Child("gcePersistentDisk", "readOnly"), false, "must be true for replicated pods > 1; GCE PD can only be mounted on multiple machines if it is read-only")) } } @@ -4366,15 +4361,6 @@ func validateContainerResourceName(value string, fldPath *field.Path) field.Erro return allErrs } -// isLocalStorageResource checks whether the resource is local ephemeral storage -func isLocalStorageResource(name string) bool { - if name == string(core.ResourceEphemeralStorage) || name == string(core.ResourceRequestsEphemeralStorage) || - name == string(core.ResourceLimitsEphemeralStorage) { - return true - } - return false -} - // Validate resource names that can go in a resource quota // Refer to docs/design/resources.md for more details. func ValidateResourceQuotaResourceName(value string, fldPath *field.Path) field.ErrorList { @@ -4981,10 +4967,7 @@ func ValidateNamespace(namespace *core.Namespace) field.ErrorList { // Validate finalizer names func validateFinalizerName(stringValue string, fldPath *field.Path) field.ErrorList { allErrs := apimachineryvalidation.ValidateFinalizerName(stringValue, fldPath) - for _, err := range validateKubeFinalizerName(stringValue, fldPath) { - allErrs = append(allErrs, err) - } - + allErrs = append(allErrs, validateKubeFinalizerName(stringValue, fldPath)...) return allErrs } @@ -5129,8 +5112,6 @@ func validateEndpointPort(port *core.EndpointPort, requireName bool, fldPath *fi } if len(port.Protocol) == 0 { allErrs = append(allErrs, field.Required(fldPath.Child("protocol"), "")) - } else if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && port.Protocol == core.ProtocolSCTP { - allErrs = append(allErrs, field.NotSupported(fldPath.Child("protocol"), port.Protocol, []string{string(core.ProtocolTCP), string(core.ProtocolUDP)})) } else if !supportedPortProtocols.Has(string(port.Protocol)) { allErrs = append(allErrs, field.NotSupported(fldPath.Child("protocol"), port.Protocol, supportedPortProtocols.List())) } diff --git a/pkg/apis/core/validation/validation_test.go b/pkg/apis/core/validation/validation_test.go index a00cf848097..45ec2c359c1 100644 --- a/pkg/apis/core/validation/validation_test.go +++ b/pkg/apis/core/validation/validation_test.go @@ -4816,6 +4816,230 @@ func TestValidateDisabledSubpath(t *testing.T) { } } +func TestValidateSubpathMutuallyExclusive(t *testing.T) { + // Enable feature VolumeSubpathEnvExpansion and VolumeSubpath + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeSubpathEnvExpansion, true)() + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeSubpath, true)() + + volumes := []core.Volume{ + {Name: "abc", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim1"}}}, + {Name: "abc-123", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim2"}}}, + {Name: "123", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}}, + } + vols, v1err := ValidateVolumes(volumes, field.NewPath("field")) + if len(v1err) > 0 { + t.Errorf("Invalid test volume - expected success %v", v1err) + return + } + + container := core.Container{ + SecurityContext: nil, + } + + goodVolumeDevices := []core.VolumeDevice{ + {Name: "xyz", DevicePath: "/foofoo"}, + {Name: "uvw", DevicePath: "/foofoo/share/test"}, + } + + cases := map[string]struct { + mounts []core.VolumeMount + expectError bool + }{ + "subpath and subpathexpr not specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + }, + }, + false, + }, + "subpath expr specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + SubPathExpr: "$(POD_NAME)", + }, + }, + false, + }, + "subpath specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + SubPath: "baz", + }, + }, + false, + }, + "subpath and subpathexpr specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + SubPath: "baz", + SubPathExpr: "$(POD_NAME)", + }, + }, + true, + }, + } + + for name, test := range cases { + errs := ValidateVolumeMounts(test.mounts, GetVolumeDeviceMap(goodVolumeDevices), vols, &container, field.NewPath("field")) + + if len(errs) != 0 && !test.expectError { + t.Errorf("test %v failed: %+v", name, errs) + } + + if len(errs) == 0 && test.expectError { + t.Errorf("test %v failed, expected error", name) + } + } +} + +func TestValidateDisabledSubpathExpr(t *testing.T) { + // Enable feature VolumeSubpathEnvExpansion + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeSubpathEnvExpansion, true)() + + volumes := []core.Volume{ + {Name: "abc", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim1"}}}, + {Name: "abc-123", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim2"}}}, + {Name: "123", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}}, + } + vols, v1err := ValidateVolumes(volumes, field.NewPath("field")) + if len(v1err) > 0 { + t.Errorf("Invalid test volume - expected success %v", v1err) + return + } + + container := core.Container{ + SecurityContext: nil, + } + + goodVolumeDevices := []core.VolumeDevice{ + {Name: "xyz", DevicePath: "/foofoo"}, + {Name: "uvw", DevicePath: "/foofoo/share/test"}, + } + + cases := map[string]struct { + mounts []core.VolumeMount + expectError bool + }{ + "subpath expr not specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + }, + }, + false, + }, + "subpath expr specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + SubPathExpr: "$(POD_NAME)", + }, + }, + false, + }, + } + + for name, test := range cases { + errs := ValidateVolumeMounts(test.mounts, GetVolumeDeviceMap(goodVolumeDevices), vols, &container, field.NewPath("field")) + + if len(errs) != 0 && !test.expectError { + t.Errorf("test %v failed: %+v", name, errs) + } + + if len(errs) == 0 && test.expectError { + t.Errorf("test %v failed, expected error", name) + } + } + + // Repeat with feature gate off + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeSubpathEnvExpansion, false)() + cases = map[string]struct { + mounts []core.VolumeMount + expectError bool + }{ + "subpath expr not specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + }, + }, + false, + }, + "subpath expr specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + SubPathExpr: "$(POD_NAME)", + }, + }, + false, // validation should not fail, dropping the field is handled in PrepareForCreate/PrepareForUpdate + }, + } + + for name, test := range cases { + errs := ValidateVolumeMounts(test.mounts, GetVolumeDeviceMap(goodVolumeDevices), vols, &container, field.NewPath("field")) + + if len(errs) != 0 && !test.expectError { + t.Errorf("test %v failed: %+v", name, errs) + } + + if len(errs) == 0 && test.expectError { + t.Errorf("test %v failed, expected error", name) + } + } + + // Repeat with subpath feature gate off + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeSubpath, false)() + cases = map[string]struct { + mounts []core.VolumeMount + expectError bool + }{ + "subpath expr not specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + }, + }, + false, + }, + "subpath expr specified": { + []core.VolumeMount{ + { + Name: "abc-123", + MountPath: "/bab", + SubPathExpr: "$(POD_NAME)", + }, + }, + false, // validation should not fail, dropping the field is handled in PrepareForCreate/PrepareForUpdate + }, + } + + for name, test := range cases { + errs := ValidateVolumeMounts(test.mounts, GetVolumeDeviceMap(goodVolumeDevices), vols, &container, field.NewPath("field")) + + if len(errs) != 0 && !test.expectError { + t.Errorf("test %v failed: %+v", name, errs) + } + + if len(errs) == 0 && test.expectError { + t.Errorf("test %v failed, expected error", name) + } + } +} + func TestValidateMountPropagation(t *testing.T) { bTrue := true bFalse := false diff --git a/pkg/apis/extensions/BUILD b/pkg/apis/extensions/BUILD index d1d43ed5a1b..ee1f99ae342 100644 --- a/pkg/apis/extensions/BUILD +++ b/pkg/apis/extensions/BUILD @@ -17,13 +17,11 @@ go_library( deps = [ "//pkg/apis/apps:go_default_library", "//pkg/apis/autoscaling:go_default_library", - "//pkg/apis/core:go_default_library", "//pkg/apis/networking:go_default_library", "//pkg/apis/policy:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", ], ) diff --git a/pkg/apis/extensions/OWNERS b/pkg/apis/extensions/OWNERS old mode 100755 new mode 100644 index fc2bfc6f10f..165db06c75a --- a/pkg/apis/extensions/OWNERS +++ b/pkg/apis/extensions/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/apis/extensions/register.go b/pkg/apis/extensions/register.go index d4644ffaee3..14f59753071 100644 --- a/pkg/apis/extensions/register.go +++ b/pkg/apis/extensions/register.go @@ -56,8 +56,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ReplicationControllerDummy{}, &apps.DaemonSetList{}, &apps.DaemonSet{}, - &Ingress{}, - &IngressList{}, + &networking.Ingress{}, + &networking.IngressList{}, &apps.ReplicaSet{}, &apps.ReplicaSetList{}, &policy.PodSecurityPolicy{}, diff --git a/pkg/apis/extensions/types.go b/pkg/apis/extensions/types.go index 20637e74e46..472ed99dabc 100644 --- a/pkg/apis/extensions/types.go +++ b/pkg/apis/extensions/types.go @@ -30,8 +30,6 @@ package extensions import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/intstr" - api "k8s.io/kubernetes/pkg/apis/core" ) // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -40,172 +38,3 @@ import ( type ReplicationControllerDummy struct { metav1.TypeMeta } - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Ingress is a collection of rules that allow inbound connections to reach the -// endpoints defined by a backend. An Ingress can be configured to give services -// externally-reachable urls, load balance traffic, terminate SSL, offer name -// based virtual hosting etc. -type Ingress struct { - metav1.TypeMeta - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata - // +optional - metav1.ObjectMeta - - // Spec is the desired state of the Ingress. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status - // +optional - Spec IngressSpec - - // Status is the current state of the Ingress. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status - // +optional - Status IngressStatus -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// IngressList is a collection of Ingress. -type IngressList struct { - metav1.TypeMeta - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata - // +optional - metav1.ListMeta - - // Items is the list of Ingress. - Items []Ingress -} - -// IngressSpec describes the Ingress the user wishes to exist. -type IngressSpec struct { - // A default backend capable of servicing requests that don't match any - // rule. At least one of 'backend' or 'rules' must be specified. This field - // is optional to allow the loadbalancer controller or defaulting logic to - // specify a global default. - // +optional - Backend *IngressBackend - - // TLS configuration. Currently the Ingress only supports a single TLS - // port, 443. If multiple members of this list specify different hosts, they - // will be multiplexed on the same port according to the hostname specified - // through the SNI TLS extension, if the ingress controller fulfilling the - // ingress supports SNI. - // +optional - TLS []IngressTLS - - // A list of host rules used to configure the Ingress. If unspecified, or - // no rule matches, all traffic is sent to the default backend. - // +optional - Rules []IngressRule - // TODO: Add the ability to specify load-balancer IP through claims -} - -// IngressTLS describes the transport layer security associated with an Ingress. -type IngressTLS struct { - // Hosts are a list of hosts included in the TLS certificate. The values in - // this list must match the name/s used in the tlsSecret. Defaults to the - // wildcard host setting for the loadbalancer controller fulfilling this - // Ingress, if left unspecified. - // +optional - Hosts []string - // SecretName is the name of the secret used to terminate SSL traffic on 443. - // Field is left optional to allow SSL routing based on SNI hostname alone. - // If the SNI host in a listener conflicts with the "Host" header field used - // by an IngressRule, the SNI host is used for termination and value of the - // Host header is used for routing. - // +optional - SecretName string - // TODO: Consider specifying different modes of termination, protocols etc. -} - -// IngressStatus describe the current state of the Ingress. -type IngressStatus struct { - // LoadBalancer contains the current status of the load-balancer. - // +optional - LoadBalancer api.LoadBalancerStatus -} - -// IngressRule represents the rules mapping the paths under a specified host to -// the related backend services. Incoming requests are first evaluated for a host -// match, then routed to the backend associated with the matching IngressRuleValue. -type IngressRule struct { - // Host is the fully qualified domain name of a network host, as defined - // by RFC 3986. Note the following deviations from the "host" part of the - // URI as defined in the RFC: - // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the - // IP in the Spec of the parent Ingress. - // 2. The `:` delimiter is not respected because ports are not allowed. - // Currently the port of an Ingress is implicitly :80 for http and - // :443 for https. - // Both these may change in the future. - // Incoming requests are matched against the host before the IngressRuleValue. - // If the host is unspecified, the Ingress routes all traffic based on the - // specified IngressRuleValue. - // +optional - Host string - // IngressRuleValue represents a rule to route requests for this IngressRule. - // If unspecified, the rule defaults to a http catch-all. Whether that sends - // just traffic matching the host to the default backend or all traffic to the - // default backend, is left to the controller fulfilling the Ingress. Http is - // currently the only supported IngressRuleValue. - // +optional - IngressRuleValue -} - -// IngressRuleValue represents a rule to apply against incoming requests. If the -// rule is satisfied, the request is routed to the specified backend. Currently -// mixing different types of rules in a single Ingress is disallowed, so exactly -// one of the following must be set. -type IngressRuleValue struct { - //TODO: - // 1. Consider renaming this resource and the associated rules so they - // aren't tied to Ingress. They can be used to route intra-cluster traffic. - // 2. Consider adding fields for ingress-type specific global options - // usable by a loadbalancer, like http keep-alive. - - // +optional - HTTP *HTTPIngressRuleValue -} - -// HTTPIngressRuleValue is a list of http selectors pointing to backends. -// In the example: http:///? -> backend where -// where parts of the url correspond to RFC 3986, this resource will be used -// to match against everything after the last '/' and before the first '?' -// or '#'. -type HTTPIngressRuleValue struct { - // A collection of paths that map requests to backends. - Paths []HTTPIngressPath - // TODO: Consider adding fields for ingress-type specific global - // options usable by a loadbalancer, like http keep-alive. -} - -// HTTPIngressPath associates a path regex with a backend. Incoming urls matching -// the path are forwarded to the backend. -type HTTPIngressPath struct { - // Path is an extended POSIX regex as defined by IEEE Std 1003.1, - // (i.e this follows the egrep/unix syntax, not the perl syntax) - // matched against the path of an incoming request. Currently it can - // contain characters disallowed from the conventional "path" - // part of a URL as defined by RFC 3986. Paths must begin with - // a '/'. If unspecified, the path defaults to a catch all sending - // traffic to the backend. - // +optional - Path string - - // Backend defines the referenced service endpoint to which the traffic - // will be forwarded to. - Backend IngressBackend -} - -// IngressBackend describes all endpoints for a given service and port. -type IngressBackend struct { - // Specifies the name of the referenced service. - ServiceName string - - // Specifies the port of the referenced service. - ServicePort intstr.IntOrString -} diff --git a/pkg/apis/extensions/v1beta1/doc.go b/pkg/apis/extensions/v1beta1/doc.go index 463bceb1a9a..b21d59ab40f 100644 --- a/pkg/apis/extensions/v1beta1/doc.go +++ b/pkg/apis/extensions/v1beta1/doc.go @@ -16,6 +16,7 @@ limitations under the License. // +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/apps // +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/policy +// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/networking // +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/extensions // +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/autoscaling // +k8s:conversion-gen-external-types=k8s.io/api/extensions/v1beta1 diff --git a/pkg/apis/extensions/v1beta1/zz_generated.conversion.go b/pkg/apis/extensions/v1beta1/zz_generated.conversion.go index 3159bdc69e9..e2ebcacc484 100644 --- a/pkg/apis/extensions/v1beta1/zz_generated.conversion.go +++ b/pkg/apis/extensions/v1beta1/zz_generated.conversion.go @@ -28,6 +28,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" + intstr "k8s.io/apimachinery/pkg/util/intstr" apps "k8s.io/kubernetes/pkg/apis/apps" autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling" core "k8s.io/kubernetes/pkg/apis/core" @@ -204,23 +205,23 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.HTTPIngressPath)(nil), (*extensions.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_HTTPIngressPath_To_extensions_HTTPIngressPath(a.(*v1beta1.HTTPIngressPath), b.(*extensions.HTTPIngressPath), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.HTTPIngressPath)(nil), (*networking.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(a.(*v1beta1.HTTPIngressPath), b.(*networking.HTTPIngressPath), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.HTTPIngressPath)(nil), (*v1beta1.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_HTTPIngressPath_To_v1beta1_HTTPIngressPath(a.(*extensions.HTTPIngressPath), b.(*v1beta1.HTTPIngressPath), scope) + if err := s.AddGeneratedConversionFunc((*networking.HTTPIngressPath)(nil), (*v1beta1.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(a.(*networking.HTTPIngressPath), b.(*v1beta1.HTTPIngressPath), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.HTTPIngressRuleValue)(nil), (*extensions.HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_HTTPIngressRuleValue_To_extensions_HTTPIngressRuleValue(a.(*v1beta1.HTTPIngressRuleValue), b.(*extensions.HTTPIngressRuleValue), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.HTTPIngressRuleValue)(nil), (*networking.HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(a.(*v1beta1.HTTPIngressRuleValue), b.(*networking.HTTPIngressRuleValue), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.HTTPIngressRuleValue)(nil), (*v1beta1.HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(a.(*extensions.HTTPIngressRuleValue), b.(*v1beta1.HTTPIngressRuleValue), scope) + if err := s.AddGeneratedConversionFunc((*networking.HTTPIngressRuleValue)(nil), (*v1beta1.HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(a.(*networking.HTTPIngressRuleValue), b.(*v1beta1.HTTPIngressRuleValue), scope) }); err != nil { return err } @@ -244,83 +245,163 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.Ingress)(nil), (*extensions.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_Ingress_To_extensions_Ingress(a.(*v1beta1.Ingress), b.(*extensions.Ingress), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.IPBlock)(nil), (*networking.IPBlock)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IPBlock_To_networking_IPBlock(a.(*v1beta1.IPBlock), b.(*networking.IPBlock), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.Ingress)(nil), (*v1beta1.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_Ingress_To_v1beta1_Ingress(a.(*extensions.Ingress), b.(*v1beta1.Ingress), scope) + if err := s.AddGeneratedConversionFunc((*networking.IPBlock)(nil), (*v1beta1.IPBlock)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IPBlock_To_v1beta1_IPBlock(a.(*networking.IPBlock), b.(*v1beta1.IPBlock), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.IngressBackend)(nil), (*extensions.IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_IngressBackend_To_extensions_IngressBackend(a.(*v1beta1.IngressBackend), b.(*extensions.IngressBackend), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.Ingress)(nil), (*networking.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_Ingress_To_networking_Ingress(a.(*v1beta1.Ingress), b.(*networking.Ingress), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.IngressBackend)(nil), (*v1beta1.IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_IngressBackend_To_v1beta1_IngressBackend(a.(*extensions.IngressBackend), b.(*v1beta1.IngressBackend), scope) + if err := s.AddGeneratedConversionFunc((*networking.Ingress)(nil), (*v1beta1.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_Ingress_To_v1beta1_Ingress(a.(*networking.Ingress), b.(*v1beta1.Ingress), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.IngressList)(nil), (*extensions.IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_IngressList_To_extensions_IngressList(a.(*v1beta1.IngressList), b.(*extensions.IngressList), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressBackend)(nil), (*networking.IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressBackend_To_networking_IngressBackend(a.(*v1beta1.IngressBackend), b.(*networking.IngressBackend), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.IngressList)(nil), (*v1beta1.IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_IngressList_To_v1beta1_IngressList(a.(*extensions.IngressList), b.(*v1beta1.IngressList), scope) + if err := s.AddGeneratedConversionFunc((*networking.IngressBackend)(nil), (*v1beta1.IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressBackend_To_v1beta1_IngressBackend(a.(*networking.IngressBackend), b.(*v1beta1.IngressBackend), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.IngressRule)(nil), (*extensions.IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_IngressRule_To_extensions_IngressRule(a.(*v1beta1.IngressRule), b.(*extensions.IngressRule), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressList)(nil), (*networking.IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressList_To_networking_IngressList(a.(*v1beta1.IngressList), b.(*networking.IngressList), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.IngressRule)(nil), (*v1beta1.IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_IngressRule_To_v1beta1_IngressRule(a.(*extensions.IngressRule), b.(*v1beta1.IngressRule), scope) + if err := s.AddGeneratedConversionFunc((*networking.IngressList)(nil), (*v1beta1.IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressList_To_v1beta1_IngressList(a.(*networking.IngressList), b.(*v1beta1.IngressList), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.IngressRuleValue)(nil), (*extensions.IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_IngressRuleValue_To_extensions_IngressRuleValue(a.(*v1beta1.IngressRuleValue), b.(*extensions.IngressRuleValue), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressRule)(nil), (*networking.IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressRule_To_networking_IngressRule(a.(*v1beta1.IngressRule), b.(*networking.IngressRule), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.IngressRuleValue)(nil), (*v1beta1.IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_IngressRuleValue_To_v1beta1_IngressRuleValue(a.(*extensions.IngressRuleValue), b.(*v1beta1.IngressRuleValue), scope) + if err := s.AddGeneratedConversionFunc((*networking.IngressRule)(nil), (*v1beta1.IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressRule_To_v1beta1_IngressRule(a.(*networking.IngressRule), b.(*v1beta1.IngressRule), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.IngressSpec)(nil), (*extensions.IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_IngressSpec_To_extensions_IngressSpec(a.(*v1beta1.IngressSpec), b.(*extensions.IngressSpec), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressRuleValue)(nil), (*networking.IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(a.(*v1beta1.IngressRuleValue), b.(*networking.IngressRuleValue), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.IngressSpec)(nil), (*v1beta1.IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_IngressSpec_To_v1beta1_IngressSpec(a.(*extensions.IngressSpec), b.(*v1beta1.IngressSpec), scope) + if err := s.AddGeneratedConversionFunc((*networking.IngressRuleValue)(nil), (*v1beta1.IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(a.(*networking.IngressRuleValue), b.(*v1beta1.IngressRuleValue), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.IngressStatus)(nil), (*extensions.IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_IngressStatus_To_extensions_IngressStatus(a.(*v1beta1.IngressStatus), b.(*extensions.IngressStatus), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressSpec)(nil), (*networking.IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressSpec_To_networking_IngressSpec(a.(*v1beta1.IngressSpec), b.(*networking.IngressSpec), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.IngressStatus)(nil), (*v1beta1.IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_IngressStatus_To_v1beta1_IngressStatus(a.(*extensions.IngressStatus), b.(*v1beta1.IngressStatus), scope) + if err := s.AddGeneratedConversionFunc((*networking.IngressSpec)(nil), (*v1beta1.IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressSpec_To_v1beta1_IngressSpec(a.(*networking.IngressSpec), b.(*v1beta1.IngressSpec), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1beta1.IngressTLS)(nil), (*extensions.IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1beta1_IngressTLS_To_extensions_IngressTLS(a.(*v1beta1.IngressTLS), b.(*extensions.IngressTLS), scope) + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressStatus)(nil), (*networking.IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressStatus_To_networking_IngressStatus(a.(*v1beta1.IngressStatus), b.(*networking.IngressStatus), scope) }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*extensions.IngressTLS)(nil), (*v1beta1.IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_extensions_IngressTLS_To_v1beta1_IngressTLS(a.(*extensions.IngressTLS), b.(*v1beta1.IngressTLS), scope) + if err := s.AddGeneratedConversionFunc((*networking.IngressStatus)(nil), (*v1beta1.IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressStatus_To_v1beta1_IngressStatus(a.(*networking.IngressStatus), b.(*v1beta1.IngressStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressTLS)(nil), (*networking.IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressTLS_To_networking_IngressTLS(a.(*v1beta1.IngressTLS), b.(*networking.IngressTLS), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressTLS)(nil), (*v1beta1.IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressTLS_To_v1beta1_IngressTLS(a.(*networking.IngressTLS), b.(*v1beta1.IngressTLS), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.NetworkPolicy)(nil), (*networking.NetworkPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicy_To_networking_NetworkPolicy(a.(*v1beta1.NetworkPolicy), b.(*networking.NetworkPolicy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.NetworkPolicy)(nil), (*v1beta1.NetworkPolicy)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_NetworkPolicy_To_v1beta1_NetworkPolicy(a.(*networking.NetworkPolicy), b.(*v1beta1.NetworkPolicy), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.NetworkPolicyEgressRule)(nil), (*networking.NetworkPolicyEgressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyEgressRule_To_networking_NetworkPolicyEgressRule(a.(*v1beta1.NetworkPolicyEgressRule), b.(*networking.NetworkPolicyEgressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.NetworkPolicyEgressRule)(nil), (*v1beta1.NetworkPolicyEgressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule(a.(*networking.NetworkPolicyEgressRule), b.(*v1beta1.NetworkPolicyEgressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.NetworkPolicyIngressRule)(nil), (*networking.NetworkPolicyIngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyIngressRule_To_networking_NetworkPolicyIngressRule(a.(*v1beta1.NetworkPolicyIngressRule), b.(*networking.NetworkPolicyIngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.NetworkPolicyIngressRule)(nil), (*v1beta1.NetworkPolicyIngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule(a.(*networking.NetworkPolicyIngressRule), b.(*v1beta1.NetworkPolicyIngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.NetworkPolicyList)(nil), (*networking.NetworkPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyList_To_networking_NetworkPolicyList(a.(*v1beta1.NetworkPolicyList), b.(*networking.NetworkPolicyList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.NetworkPolicyList)(nil), (*v1beta1.NetworkPolicyList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_NetworkPolicyList_To_v1beta1_NetworkPolicyList(a.(*networking.NetworkPolicyList), b.(*v1beta1.NetworkPolicyList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.NetworkPolicyPeer)(nil), (*networking.NetworkPolicyPeer)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyPeer_To_networking_NetworkPolicyPeer(a.(*v1beta1.NetworkPolicyPeer), b.(*networking.NetworkPolicyPeer), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.NetworkPolicyPeer)(nil), (*v1beta1.NetworkPolicyPeer)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(a.(*networking.NetworkPolicyPeer), b.(*v1beta1.NetworkPolicyPeer), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.NetworkPolicyPort)(nil), (*networking.NetworkPolicyPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicyPort_To_networking_NetworkPolicyPort(a.(*v1beta1.NetworkPolicyPort), b.(*networking.NetworkPolicyPort), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.NetworkPolicyPort)(nil), (*v1beta1.NetworkPolicyPort)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(a.(*networking.NetworkPolicyPort), b.(*v1beta1.NetworkPolicyPort), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.NetworkPolicySpec)(nil), (*networking.NetworkPolicySpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_NetworkPolicySpec_To_networking_NetworkPolicySpec(a.(*v1beta1.NetworkPolicySpec), b.(*networking.NetworkPolicySpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.NetworkPolicySpec)(nil), (*v1beta1.NetworkPolicySpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(a.(*networking.NetworkPolicySpec), b.(*v1beta1.NetworkPolicySpec), scope) }); err != nil { return err } @@ -1169,50 +1250,50 @@ func Convert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in return autoConvert_policy_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in, out, s) } -func autoConvert_v1beta1_HTTPIngressPath_To_extensions_HTTPIngressPath(in *v1beta1.HTTPIngressPath, out *extensions.HTTPIngressPath, s conversion.Scope) error { +func autoConvert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(in *v1beta1.HTTPIngressPath, out *networking.HTTPIngressPath, s conversion.Scope) error { out.Path = in.Path - if err := Convert_v1beta1_IngressBackend_To_extensions_IngressBackend(&in.Backend, &out.Backend, s); err != nil { + if err := Convert_v1beta1_IngressBackend_To_networking_IngressBackend(&in.Backend, &out.Backend, s); err != nil { return err } return nil } -// Convert_v1beta1_HTTPIngressPath_To_extensions_HTTPIngressPath is an autogenerated conversion function. -func Convert_v1beta1_HTTPIngressPath_To_extensions_HTTPIngressPath(in *v1beta1.HTTPIngressPath, out *extensions.HTTPIngressPath, s conversion.Scope) error { - return autoConvert_v1beta1_HTTPIngressPath_To_extensions_HTTPIngressPath(in, out, s) +// Convert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath is an autogenerated conversion function. +func Convert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(in *v1beta1.HTTPIngressPath, out *networking.HTTPIngressPath, s conversion.Scope) error { + return autoConvert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(in, out, s) } -func autoConvert_extensions_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *extensions.HTTPIngressPath, out *v1beta1.HTTPIngressPath, s conversion.Scope) error { +func autoConvert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *networking.HTTPIngressPath, out *v1beta1.HTTPIngressPath, s conversion.Scope) error { out.Path = in.Path - if err := Convert_extensions_IngressBackend_To_v1beta1_IngressBackend(&in.Backend, &out.Backend, s); err != nil { + if err := Convert_networking_IngressBackend_To_v1beta1_IngressBackend(&in.Backend, &out.Backend, s); err != nil { return err } return nil } -// Convert_extensions_HTTPIngressPath_To_v1beta1_HTTPIngressPath is an autogenerated conversion function. -func Convert_extensions_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *extensions.HTTPIngressPath, out *v1beta1.HTTPIngressPath, s conversion.Scope) error { - return autoConvert_extensions_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in, out, s) +// Convert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath is an autogenerated conversion function. +func Convert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *networking.HTTPIngressPath, out *v1beta1.HTTPIngressPath, s conversion.Scope) error { + return autoConvert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in, out, s) } -func autoConvert_v1beta1_HTTPIngressRuleValue_To_extensions_HTTPIngressRuleValue(in *v1beta1.HTTPIngressRuleValue, out *extensions.HTTPIngressRuleValue, s conversion.Scope) error { - out.Paths = *(*[]extensions.HTTPIngressPath)(unsafe.Pointer(&in.Paths)) +func autoConvert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(in *v1beta1.HTTPIngressRuleValue, out *networking.HTTPIngressRuleValue, s conversion.Scope) error { + out.Paths = *(*[]networking.HTTPIngressPath)(unsafe.Pointer(&in.Paths)) return nil } -// Convert_v1beta1_HTTPIngressRuleValue_To_extensions_HTTPIngressRuleValue is an autogenerated conversion function. -func Convert_v1beta1_HTTPIngressRuleValue_To_extensions_HTTPIngressRuleValue(in *v1beta1.HTTPIngressRuleValue, out *extensions.HTTPIngressRuleValue, s conversion.Scope) error { - return autoConvert_v1beta1_HTTPIngressRuleValue_To_extensions_HTTPIngressRuleValue(in, out, s) +// Convert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue is an autogenerated conversion function. +func Convert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(in *v1beta1.HTTPIngressRuleValue, out *networking.HTTPIngressRuleValue, s conversion.Scope) error { + return autoConvert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(in, out, s) } -func autoConvert_extensions_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *extensions.HTTPIngressRuleValue, out *v1beta1.HTTPIngressRuleValue, s conversion.Scope) error { +func autoConvert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *networking.HTTPIngressRuleValue, out *v1beta1.HTTPIngressRuleValue, s conversion.Scope) error { out.Paths = *(*[]v1beta1.HTTPIngressPath)(unsafe.Pointer(&in.Paths)) return nil } -// Convert_extensions_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue is an autogenerated conversion function. -func Convert_extensions_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *extensions.HTTPIngressRuleValue, out *v1beta1.HTTPIngressRuleValue, s conversion.Scope) error { - return autoConvert_extensions_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in, out, s) +// Convert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue is an autogenerated conversion function. +func Convert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *networking.HTTPIngressRuleValue, out *v1beta1.HTTPIngressRuleValue, s conversion.Scope) error { + return autoConvert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in, out, s) } func autoConvert_v1beta1_HostPortRange_To_policy_HostPortRange(in *v1beta1.HostPortRange, out *policy.HostPortRange, s conversion.Scope) error { @@ -1259,153 +1340,165 @@ func Convert_policy_IDRange_To_v1beta1_IDRange(in *policy.IDRange, out *v1beta1. return autoConvert_policy_IDRange_To_v1beta1_IDRange(in, out, s) } -func autoConvert_v1beta1_Ingress_To_extensions_Ingress(in *v1beta1.Ingress, out *extensions.Ingress, s conversion.Scope) error { +func autoConvert_v1beta1_IPBlock_To_networking_IPBlock(in *v1beta1.IPBlock, out *networking.IPBlock, s conversion.Scope) error { + out.CIDR = in.CIDR + out.Except = *(*[]string)(unsafe.Pointer(&in.Except)) + return nil +} + +func autoConvert_networking_IPBlock_To_v1beta1_IPBlock(in *networking.IPBlock, out *v1beta1.IPBlock, s conversion.Scope) error { + out.CIDR = in.CIDR + out.Except = *(*[]string)(unsafe.Pointer(&in.Except)) + return nil +} + +func autoConvert_v1beta1_Ingress_To_networking_Ingress(in *v1beta1.Ingress, out *networking.Ingress, s conversion.Scope) error { out.ObjectMeta = in.ObjectMeta - if err := Convert_v1beta1_IngressSpec_To_extensions_IngressSpec(&in.Spec, &out.Spec, s); err != nil { + if err := Convert_v1beta1_IngressSpec_To_networking_IngressSpec(&in.Spec, &out.Spec, s); err != nil { return err } - if err := Convert_v1beta1_IngressStatus_To_extensions_IngressStatus(&in.Status, &out.Status, s); err != nil { + if err := Convert_v1beta1_IngressStatus_To_networking_IngressStatus(&in.Status, &out.Status, s); err != nil { return err } return nil } -// Convert_v1beta1_Ingress_To_extensions_Ingress is an autogenerated conversion function. -func Convert_v1beta1_Ingress_To_extensions_Ingress(in *v1beta1.Ingress, out *extensions.Ingress, s conversion.Scope) error { - return autoConvert_v1beta1_Ingress_To_extensions_Ingress(in, out, s) +// Convert_v1beta1_Ingress_To_networking_Ingress is an autogenerated conversion function. +func Convert_v1beta1_Ingress_To_networking_Ingress(in *v1beta1.Ingress, out *networking.Ingress, s conversion.Scope) error { + return autoConvert_v1beta1_Ingress_To_networking_Ingress(in, out, s) } -func autoConvert_extensions_Ingress_To_v1beta1_Ingress(in *extensions.Ingress, out *v1beta1.Ingress, s conversion.Scope) error { +func autoConvert_networking_Ingress_To_v1beta1_Ingress(in *networking.Ingress, out *v1beta1.Ingress, s conversion.Scope) error { out.ObjectMeta = in.ObjectMeta - if err := Convert_extensions_IngressSpec_To_v1beta1_IngressSpec(&in.Spec, &out.Spec, s); err != nil { + if err := Convert_networking_IngressSpec_To_v1beta1_IngressSpec(&in.Spec, &out.Spec, s); err != nil { return err } - if err := Convert_extensions_IngressStatus_To_v1beta1_IngressStatus(&in.Status, &out.Status, s); err != nil { + if err := Convert_networking_IngressStatus_To_v1beta1_IngressStatus(&in.Status, &out.Status, s); err != nil { return err } return nil } -// Convert_extensions_Ingress_To_v1beta1_Ingress is an autogenerated conversion function. -func Convert_extensions_Ingress_To_v1beta1_Ingress(in *extensions.Ingress, out *v1beta1.Ingress, s conversion.Scope) error { - return autoConvert_extensions_Ingress_To_v1beta1_Ingress(in, out, s) +// Convert_networking_Ingress_To_v1beta1_Ingress is an autogenerated conversion function. +func Convert_networking_Ingress_To_v1beta1_Ingress(in *networking.Ingress, out *v1beta1.Ingress, s conversion.Scope) error { + return autoConvert_networking_Ingress_To_v1beta1_Ingress(in, out, s) } -func autoConvert_v1beta1_IngressBackend_To_extensions_IngressBackend(in *v1beta1.IngressBackend, out *extensions.IngressBackend, s conversion.Scope) error { +func autoConvert_v1beta1_IngressBackend_To_networking_IngressBackend(in *v1beta1.IngressBackend, out *networking.IngressBackend, s conversion.Scope) error { out.ServiceName = in.ServiceName out.ServicePort = in.ServicePort return nil } -// Convert_v1beta1_IngressBackend_To_extensions_IngressBackend is an autogenerated conversion function. -func Convert_v1beta1_IngressBackend_To_extensions_IngressBackend(in *v1beta1.IngressBackend, out *extensions.IngressBackend, s conversion.Scope) error { - return autoConvert_v1beta1_IngressBackend_To_extensions_IngressBackend(in, out, s) +// Convert_v1beta1_IngressBackend_To_networking_IngressBackend is an autogenerated conversion function. +func Convert_v1beta1_IngressBackend_To_networking_IngressBackend(in *v1beta1.IngressBackend, out *networking.IngressBackend, s conversion.Scope) error { + return autoConvert_v1beta1_IngressBackend_To_networking_IngressBackend(in, out, s) } -func autoConvert_extensions_IngressBackend_To_v1beta1_IngressBackend(in *extensions.IngressBackend, out *v1beta1.IngressBackend, s conversion.Scope) error { +func autoConvert_networking_IngressBackend_To_v1beta1_IngressBackend(in *networking.IngressBackend, out *v1beta1.IngressBackend, s conversion.Scope) error { out.ServiceName = in.ServiceName out.ServicePort = in.ServicePort return nil } -// Convert_extensions_IngressBackend_To_v1beta1_IngressBackend is an autogenerated conversion function. -func Convert_extensions_IngressBackend_To_v1beta1_IngressBackend(in *extensions.IngressBackend, out *v1beta1.IngressBackend, s conversion.Scope) error { - return autoConvert_extensions_IngressBackend_To_v1beta1_IngressBackend(in, out, s) +// Convert_networking_IngressBackend_To_v1beta1_IngressBackend is an autogenerated conversion function. +func Convert_networking_IngressBackend_To_v1beta1_IngressBackend(in *networking.IngressBackend, out *v1beta1.IngressBackend, s conversion.Scope) error { + return autoConvert_networking_IngressBackend_To_v1beta1_IngressBackend(in, out, s) } -func autoConvert_v1beta1_IngressList_To_extensions_IngressList(in *v1beta1.IngressList, out *extensions.IngressList, s conversion.Scope) error { +func autoConvert_v1beta1_IngressList_To_networking_IngressList(in *v1beta1.IngressList, out *networking.IngressList, s conversion.Scope) error { out.ListMeta = in.ListMeta - out.Items = *(*[]extensions.Ingress)(unsafe.Pointer(&in.Items)) + out.Items = *(*[]networking.Ingress)(unsafe.Pointer(&in.Items)) return nil } -// Convert_v1beta1_IngressList_To_extensions_IngressList is an autogenerated conversion function. -func Convert_v1beta1_IngressList_To_extensions_IngressList(in *v1beta1.IngressList, out *extensions.IngressList, s conversion.Scope) error { - return autoConvert_v1beta1_IngressList_To_extensions_IngressList(in, out, s) +// Convert_v1beta1_IngressList_To_networking_IngressList is an autogenerated conversion function. +func Convert_v1beta1_IngressList_To_networking_IngressList(in *v1beta1.IngressList, out *networking.IngressList, s conversion.Scope) error { + return autoConvert_v1beta1_IngressList_To_networking_IngressList(in, out, s) } -func autoConvert_extensions_IngressList_To_v1beta1_IngressList(in *extensions.IngressList, out *v1beta1.IngressList, s conversion.Scope) error { +func autoConvert_networking_IngressList_To_v1beta1_IngressList(in *networking.IngressList, out *v1beta1.IngressList, s conversion.Scope) error { out.ListMeta = in.ListMeta out.Items = *(*[]v1beta1.Ingress)(unsafe.Pointer(&in.Items)) return nil } -// Convert_extensions_IngressList_To_v1beta1_IngressList is an autogenerated conversion function. -func Convert_extensions_IngressList_To_v1beta1_IngressList(in *extensions.IngressList, out *v1beta1.IngressList, s conversion.Scope) error { - return autoConvert_extensions_IngressList_To_v1beta1_IngressList(in, out, s) +// Convert_networking_IngressList_To_v1beta1_IngressList is an autogenerated conversion function. +func Convert_networking_IngressList_To_v1beta1_IngressList(in *networking.IngressList, out *v1beta1.IngressList, s conversion.Scope) error { + return autoConvert_networking_IngressList_To_v1beta1_IngressList(in, out, s) } -func autoConvert_v1beta1_IngressRule_To_extensions_IngressRule(in *v1beta1.IngressRule, out *extensions.IngressRule, s conversion.Scope) error { +func autoConvert_v1beta1_IngressRule_To_networking_IngressRule(in *v1beta1.IngressRule, out *networking.IngressRule, s conversion.Scope) error { out.Host = in.Host - if err := Convert_v1beta1_IngressRuleValue_To_extensions_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { + if err := Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { return err } return nil } -// Convert_v1beta1_IngressRule_To_extensions_IngressRule is an autogenerated conversion function. -func Convert_v1beta1_IngressRule_To_extensions_IngressRule(in *v1beta1.IngressRule, out *extensions.IngressRule, s conversion.Scope) error { - return autoConvert_v1beta1_IngressRule_To_extensions_IngressRule(in, out, s) +// Convert_v1beta1_IngressRule_To_networking_IngressRule is an autogenerated conversion function. +func Convert_v1beta1_IngressRule_To_networking_IngressRule(in *v1beta1.IngressRule, out *networking.IngressRule, s conversion.Scope) error { + return autoConvert_v1beta1_IngressRule_To_networking_IngressRule(in, out, s) } -func autoConvert_extensions_IngressRule_To_v1beta1_IngressRule(in *extensions.IngressRule, out *v1beta1.IngressRule, s conversion.Scope) error { +func autoConvert_networking_IngressRule_To_v1beta1_IngressRule(in *networking.IngressRule, out *v1beta1.IngressRule, s conversion.Scope) error { out.Host = in.Host - if err := Convert_extensions_IngressRuleValue_To_v1beta1_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { + if err := Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { return err } return nil } -// Convert_extensions_IngressRule_To_v1beta1_IngressRule is an autogenerated conversion function. -func Convert_extensions_IngressRule_To_v1beta1_IngressRule(in *extensions.IngressRule, out *v1beta1.IngressRule, s conversion.Scope) error { - return autoConvert_extensions_IngressRule_To_v1beta1_IngressRule(in, out, s) +// Convert_networking_IngressRule_To_v1beta1_IngressRule is an autogenerated conversion function. +func Convert_networking_IngressRule_To_v1beta1_IngressRule(in *networking.IngressRule, out *v1beta1.IngressRule, s conversion.Scope) error { + return autoConvert_networking_IngressRule_To_v1beta1_IngressRule(in, out, s) } -func autoConvert_v1beta1_IngressRuleValue_To_extensions_IngressRuleValue(in *v1beta1.IngressRuleValue, out *extensions.IngressRuleValue, s conversion.Scope) error { - out.HTTP = (*extensions.HTTPIngressRuleValue)(unsafe.Pointer(in.HTTP)) +func autoConvert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(in *v1beta1.IngressRuleValue, out *networking.IngressRuleValue, s conversion.Scope) error { + out.HTTP = (*networking.HTTPIngressRuleValue)(unsafe.Pointer(in.HTTP)) return nil } -// Convert_v1beta1_IngressRuleValue_To_extensions_IngressRuleValue is an autogenerated conversion function. -func Convert_v1beta1_IngressRuleValue_To_extensions_IngressRuleValue(in *v1beta1.IngressRuleValue, out *extensions.IngressRuleValue, s conversion.Scope) error { - return autoConvert_v1beta1_IngressRuleValue_To_extensions_IngressRuleValue(in, out, s) +// Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue is an autogenerated conversion function. +func Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(in *v1beta1.IngressRuleValue, out *networking.IngressRuleValue, s conversion.Scope) error { + return autoConvert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(in, out, s) } -func autoConvert_extensions_IngressRuleValue_To_v1beta1_IngressRuleValue(in *extensions.IngressRuleValue, out *v1beta1.IngressRuleValue, s conversion.Scope) error { +func autoConvert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(in *networking.IngressRuleValue, out *v1beta1.IngressRuleValue, s conversion.Scope) error { out.HTTP = (*v1beta1.HTTPIngressRuleValue)(unsafe.Pointer(in.HTTP)) return nil } -// Convert_extensions_IngressRuleValue_To_v1beta1_IngressRuleValue is an autogenerated conversion function. -func Convert_extensions_IngressRuleValue_To_v1beta1_IngressRuleValue(in *extensions.IngressRuleValue, out *v1beta1.IngressRuleValue, s conversion.Scope) error { - return autoConvert_extensions_IngressRuleValue_To_v1beta1_IngressRuleValue(in, out, s) +// Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue is an autogenerated conversion function. +func Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(in *networking.IngressRuleValue, out *v1beta1.IngressRuleValue, s conversion.Scope) error { + return autoConvert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(in, out, s) } -func autoConvert_v1beta1_IngressSpec_To_extensions_IngressSpec(in *v1beta1.IngressSpec, out *extensions.IngressSpec, s conversion.Scope) error { - out.Backend = (*extensions.IngressBackend)(unsafe.Pointer(in.Backend)) - out.TLS = *(*[]extensions.IngressTLS)(unsafe.Pointer(&in.TLS)) - out.Rules = *(*[]extensions.IngressRule)(unsafe.Pointer(&in.Rules)) +func autoConvert_v1beta1_IngressSpec_To_networking_IngressSpec(in *v1beta1.IngressSpec, out *networking.IngressSpec, s conversion.Scope) error { + out.Backend = (*networking.IngressBackend)(unsafe.Pointer(in.Backend)) + out.TLS = *(*[]networking.IngressTLS)(unsafe.Pointer(&in.TLS)) + out.Rules = *(*[]networking.IngressRule)(unsafe.Pointer(&in.Rules)) return nil } -// Convert_v1beta1_IngressSpec_To_extensions_IngressSpec is an autogenerated conversion function. -func Convert_v1beta1_IngressSpec_To_extensions_IngressSpec(in *v1beta1.IngressSpec, out *extensions.IngressSpec, s conversion.Scope) error { - return autoConvert_v1beta1_IngressSpec_To_extensions_IngressSpec(in, out, s) +// Convert_v1beta1_IngressSpec_To_networking_IngressSpec is an autogenerated conversion function. +func Convert_v1beta1_IngressSpec_To_networking_IngressSpec(in *v1beta1.IngressSpec, out *networking.IngressSpec, s conversion.Scope) error { + return autoConvert_v1beta1_IngressSpec_To_networking_IngressSpec(in, out, s) } -func autoConvert_extensions_IngressSpec_To_v1beta1_IngressSpec(in *extensions.IngressSpec, out *v1beta1.IngressSpec, s conversion.Scope) error { +func autoConvert_networking_IngressSpec_To_v1beta1_IngressSpec(in *networking.IngressSpec, out *v1beta1.IngressSpec, s conversion.Scope) error { out.Backend = (*v1beta1.IngressBackend)(unsafe.Pointer(in.Backend)) out.TLS = *(*[]v1beta1.IngressTLS)(unsafe.Pointer(&in.TLS)) out.Rules = *(*[]v1beta1.IngressRule)(unsafe.Pointer(&in.Rules)) return nil } -// Convert_extensions_IngressSpec_To_v1beta1_IngressSpec is an autogenerated conversion function. -func Convert_extensions_IngressSpec_To_v1beta1_IngressSpec(in *extensions.IngressSpec, out *v1beta1.IngressSpec, s conversion.Scope) error { - return autoConvert_extensions_IngressSpec_To_v1beta1_IngressSpec(in, out, s) +// Convert_networking_IngressSpec_To_v1beta1_IngressSpec is an autogenerated conversion function. +func Convert_networking_IngressSpec_To_v1beta1_IngressSpec(in *networking.IngressSpec, out *v1beta1.IngressSpec, s conversion.Scope) error { + return autoConvert_networking_IngressSpec_To_v1beta1_IngressSpec(in, out, s) } -func autoConvert_v1beta1_IngressStatus_To_extensions_IngressStatus(in *v1beta1.IngressStatus, out *extensions.IngressStatus, s conversion.Scope) error { +func autoConvert_v1beta1_IngressStatus_To_networking_IngressStatus(in *v1beta1.IngressStatus, out *networking.IngressStatus, s conversion.Scope) error { // TODO: Inefficient conversion - can we improve it? if err := s.Convert(&in.LoadBalancer, &out.LoadBalancer, 0); err != nil { return err @@ -1413,12 +1506,12 @@ func autoConvert_v1beta1_IngressStatus_To_extensions_IngressStatus(in *v1beta1.I return nil } -// Convert_v1beta1_IngressStatus_To_extensions_IngressStatus is an autogenerated conversion function. -func Convert_v1beta1_IngressStatus_To_extensions_IngressStatus(in *v1beta1.IngressStatus, out *extensions.IngressStatus, s conversion.Scope) error { - return autoConvert_v1beta1_IngressStatus_To_extensions_IngressStatus(in, out, s) +// Convert_v1beta1_IngressStatus_To_networking_IngressStatus is an autogenerated conversion function. +func Convert_v1beta1_IngressStatus_To_networking_IngressStatus(in *v1beta1.IngressStatus, out *networking.IngressStatus, s conversion.Scope) error { + return autoConvert_v1beta1_IngressStatus_To_networking_IngressStatus(in, out, s) } -func autoConvert_extensions_IngressStatus_To_v1beta1_IngressStatus(in *extensions.IngressStatus, out *v1beta1.IngressStatus, s conversion.Scope) error { +func autoConvert_networking_IngressStatus_To_v1beta1_IngressStatus(in *networking.IngressStatus, out *v1beta1.IngressStatus, s conversion.Scope) error { // TODO: Inefficient conversion - can we improve it? if err := s.Convert(&in.LoadBalancer, &out.LoadBalancer, 0); err != nil { return err @@ -1426,31 +1519,281 @@ func autoConvert_extensions_IngressStatus_To_v1beta1_IngressStatus(in *extension return nil } -// Convert_extensions_IngressStatus_To_v1beta1_IngressStatus is an autogenerated conversion function. -func Convert_extensions_IngressStatus_To_v1beta1_IngressStatus(in *extensions.IngressStatus, out *v1beta1.IngressStatus, s conversion.Scope) error { - return autoConvert_extensions_IngressStatus_To_v1beta1_IngressStatus(in, out, s) +// Convert_networking_IngressStatus_To_v1beta1_IngressStatus is an autogenerated conversion function. +func Convert_networking_IngressStatus_To_v1beta1_IngressStatus(in *networking.IngressStatus, out *v1beta1.IngressStatus, s conversion.Scope) error { + return autoConvert_networking_IngressStatus_To_v1beta1_IngressStatus(in, out, s) } -func autoConvert_v1beta1_IngressTLS_To_extensions_IngressTLS(in *v1beta1.IngressTLS, out *extensions.IngressTLS, s conversion.Scope) error { +func autoConvert_v1beta1_IngressTLS_To_networking_IngressTLS(in *v1beta1.IngressTLS, out *networking.IngressTLS, s conversion.Scope) error { out.Hosts = *(*[]string)(unsafe.Pointer(&in.Hosts)) out.SecretName = in.SecretName return nil } -// Convert_v1beta1_IngressTLS_To_extensions_IngressTLS is an autogenerated conversion function. -func Convert_v1beta1_IngressTLS_To_extensions_IngressTLS(in *v1beta1.IngressTLS, out *extensions.IngressTLS, s conversion.Scope) error { - return autoConvert_v1beta1_IngressTLS_To_extensions_IngressTLS(in, out, s) +// Convert_v1beta1_IngressTLS_To_networking_IngressTLS is an autogenerated conversion function. +func Convert_v1beta1_IngressTLS_To_networking_IngressTLS(in *v1beta1.IngressTLS, out *networking.IngressTLS, s conversion.Scope) error { + return autoConvert_v1beta1_IngressTLS_To_networking_IngressTLS(in, out, s) } -func autoConvert_extensions_IngressTLS_To_v1beta1_IngressTLS(in *extensions.IngressTLS, out *v1beta1.IngressTLS, s conversion.Scope) error { +func autoConvert_networking_IngressTLS_To_v1beta1_IngressTLS(in *networking.IngressTLS, out *v1beta1.IngressTLS, s conversion.Scope) error { out.Hosts = *(*[]string)(unsafe.Pointer(&in.Hosts)) out.SecretName = in.SecretName return nil } -// Convert_extensions_IngressTLS_To_v1beta1_IngressTLS is an autogenerated conversion function. -func Convert_extensions_IngressTLS_To_v1beta1_IngressTLS(in *extensions.IngressTLS, out *v1beta1.IngressTLS, s conversion.Scope) error { - return autoConvert_extensions_IngressTLS_To_v1beta1_IngressTLS(in, out, s) +// Convert_networking_IngressTLS_To_v1beta1_IngressTLS is an autogenerated conversion function. +func Convert_networking_IngressTLS_To_v1beta1_IngressTLS(in *networking.IngressTLS, out *v1beta1.IngressTLS, s conversion.Scope) error { + return autoConvert_networking_IngressTLS_To_v1beta1_IngressTLS(in, out, s) +} + +func autoConvert_v1beta1_NetworkPolicy_To_networking_NetworkPolicy(in *v1beta1.NetworkPolicy, out *networking.NetworkPolicy, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1beta1_NetworkPolicySpec_To_networking_NetworkPolicySpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +func autoConvert_networking_NetworkPolicy_To_v1beta1_NetworkPolicy(in *networking.NetworkPolicy, out *v1beta1.NetworkPolicy, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_networking_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + return nil +} + +func autoConvert_v1beta1_NetworkPolicyEgressRule_To_networking_NetworkPolicyEgressRule(in *v1beta1.NetworkPolicyEgressRule, out *networking.NetworkPolicyEgressRule, s conversion.Scope) error { + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]networking.NetworkPolicyPort, len(*in)) + for i := range *in { + if err := Convert_v1beta1_NetworkPolicyPort_To_networking_NetworkPolicyPort(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Ports = nil + } + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]networking.NetworkPolicyPeer, len(*in)) + for i := range *in { + if err := Convert_v1beta1_NetworkPolicyPeer_To_networking_NetworkPolicyPeer(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.To = nil + } + return nil +} + +func autoConvert_networking_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule(in *networking.NetworkPolicyEgressRule, out *v1beta1.NetworkPolicyEgressRule, s conversion.Scope) error { + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]v1beta1.NetworkPolicyPort, len(*in)) + for i := range *in { + if err := Convert_networking_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Ports = nil + } + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]v1beta1.NetworkPolicyPeer, len(*in)) + for i := range *in { + if err := Convert_networking_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.To = nil + } + return nil +} + +func autoConvert_v1beta1_NetworkPolicyIngressRule_To_networking_NetworkPolicyIngressRule(in *v1beta1.NetworkPolicyIngressRule, out *networking.NetworkPolicyIngressRule, s conversion.Scope) error { + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]networking.NetworkPolicyPort, len(*in)) + for i := range *in { + if err := Convert_v1beta1_NetworkPolicyPort_To_networking_NetworkPolicyPort(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Ports = nil + } + if in.From != nil { + in, out := &in.From, &out.From + *out = make([]networking.NetworkPolicyPeer, len(*in)) + for i := range *in { + if err := Convert_v1beta1_NetworkPolicyPeer_To_networking_NetworkPolicyPeer(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.From = nil + } + return nil +} + +func autoConvert_networking_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule(in *networking.NetworkPolicyIngressRule, out *v1beta1.NetworkPolicyIngressRule, s conversion.Scope) error { + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]v1beta1.NetworkPolicyPort, len(*in)) + for i := range *in { + if err := Convert_networking_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Ports = nil + } + if in.From != nil { + in, out := &in.From, &out.From + *out = make([]v1beta1.NetworkPolicyPeer, len(*in)) + for i := range *in { + if err := Convert_networking_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.From = nil + } + return nil +} + +func autoConvert_v1beta1_NetworkPolicyList_To_networking_NetworkPolicyList(in *v1beta1.NetworkPolicyList, out *networking.NetworkPolicyList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]networking.NetworkPolicy, len(*in)) + for i := range *in { + if err := Convert_v1beta1_NetworkPolicy_To_networking_NetworkPolicy(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Items = nil + } + return nil +} + +func autoConvert_networking_NetworkPolicyList_To_v1beta1_NetworkPolicyList(in *networking.NetworkPolicyList, out *v1beta1.NetworkPolicyList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]v1beta1.NetworkPolicy, len(*in)) + for i := range *in { + if err := Convert_networking_NetworkPolicy_To_v1beta1_NetworkPolicy(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Items = nil + } + return nil +} + +func autoConvert_v1beta1_NetworkPolicyPeer_To_networking_NetworkPolicyPeer(in *v1beta1.NetworkPolicyPeer, out *networking.NetworkPolicyPeer, s conversion.Scope) error { + out.PodSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.PodSelector)) + out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) + if in.IPBlock != nil { + in, out := &in.IPBlock, &out.IPBlock + *out = new(networking.IPBlock) + if err := Convert_v1beta1_IPBlock_To_networking_IPBlock(*in, *out, s); err != nil { + return err + } + } else { + out.IPBlock = nil + } + return nil +} + +func autoConvert_networking_NetworkPolicyPeer_To_v1beta1_NetworkPolicyPeer(in *networking.NetworkPolicyPeer, out *v1beta1.NetworkPolicyPeer, s conversion.Scope) error { + out.PodSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.PodSelector)) + out.NamespaceSelector = (*metav1.LabelSelector)(unsafe.Pointer(in.NamespaceSelector)) + if in.IPBlock != nil { + in, out := &in.IPBlock, &out.IPBlock + *out = new(v1beta1.IPBlock) + if err := Convert_networking_IPBlock_To_v1beta1_IPBlock(*in, *out, s); err != nil { + return err + } + } else { + out.IPBlock = nil + } + return nil +} + +func autoConvert_v1beta1_NetworkPolicyPort_To_networking_NetworkPolicyPort(in *v1beta1.NetworkPolicyPort, out *networking.NetworkPolicyPort, s conversion.Scope) error { + out.Protocol = (*core.Protocol)(unsafe.Pointer(in.Protocol)) + out.Port = (*intstr.IntOrString)(unsafe.Pointer(in.Port)) + return nil +} + +func autoConvert_networking_NetworkPolicyPort_To_v1beta1_NetworkPolicyPort(in *networking.NetworkPolicyPort, out *v1beta1.NetworkPolicyPort, s conversion.Scope) error { + out.Protocol = (*v1.Protocol)(unsafe.Pointer(in.Protocol)) + out.Port = (*intstr.IntOrString)(unsafe.Pointer(in.Port)) + return nil +} + +func autoConvert_v1beta1_NetworkPolicySpec_To_networking_NetworkPolicySpec(in *v1beta1.NetworkPolicySpec, out *networking.NetworkPolicySpec, s conversion.Scope) error { + out.PodSelector = in.PodSelector + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]networking.NetworkPolicyIngressRule, len(*in)) + for i := range *in { + if err := Convert_v1beta1_NetworkPolicyIngressRule_To_networking_NetworkPolicyIngressRule(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Ingress = nil + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = make([]networking.NetworkPolicyEgressRule, len(*in)) + for i := range *in { + if err := Convert_v1beta1_NetworkPolicyEgressRule_To_networking_NetworkPolicyEgressRule(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Egress = nil + } + out.PolicyTypes = *(*[]networking.PolicyType)(unsafe.Pointer(&in.PolicyTypes)) + return nil +} + +func autoConvert_networking_NetworkPolicySpec_To_v1beta1_NetworkPolicySpec(in *networking.NetworkPolicySpec, out *v1beta1.NetworkPolicySpec, s conversion.Scope) error { + out.PodSelector = in.PodSelector + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]v1beta1.NetworkPolicyIngressRule, len(*in)) + for i := range *in { + if err := Convert_networking_NetworkPolicyIngressRule_To_v1beta1_NetworkPolicyIngressRule(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Ingress = nil + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = make([]v1beta1.NetworkPolicyEgressRule, len(*in)) + for i := range *in { + if err := Convert_networking_NetworkPolicyEgressRule_To_v1beta1_NetworkPolicyEgressRule(&(*in)[i], &(*out)[i], s); err != nil { + return err + } + } + } else { + out.Egress = nil + } + out.PolicyTypes = *(*[]v1beta1.PolicyType)(unsafe.Pointer(&in.PolicyTypes)) + return nil } func autoConvert_v1beta1_PodSecurityPolicy_To_policy_PodSecurityPolicy(in *v1beta1.PodSecurityPolicy, out *policy.PodSecurityPolicy, s conversion.Scope) error { diff --git a/pkg/apis/extensions/validation/BUILD b/pkg/apis/extensions/validation/BUILD index f734bdefe4e..7e76248ad95 100644 --- a/pkg/apis/extensions/validation/BUILD +++ b/pkg/apis/extensions/validation/BUILD @@ -1,36 +1,5 @@ package(default_visibility = ["//visibility:public"]) -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", - "go_test", -) - -go_library( - name = "go_default_library", - srcs = ["validation.go"], - importpath = "k8s.io/kubernetes/pkg/apis/extensions/validation", - deps = [ - "//pkg/apis/core/validation:go_default_library", - "//pkg/apis/extensions:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", - ], -) - -go_test( - name = "go_default_test", - srcs = ["validation_test.go"], - embed = [":go_default_library"], - deps = [ - "//pkg/apis/core:go_default_library", - "//pkg/apis/extensions:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", - ], -) - filegroup( name = "package-srcs", srcs = glob(["**"]), diff --git a/pkg/apis/extensions/validation/validation.go b/pkg/apis/extensions/validation/validation.go deleted file mode 100644 index 0ada34ce606..00000000000 --- a/pkg/apis/extensions/validation/validation.go +++ /dev/null @@ -1,172 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "net" - "regexp" - "strings" - - apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation" - "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/apimachinery/pkg/util/validation/field" - apivalidation "k8s.io/kubernetes/pkg/apis/core/validation" - "k8s.io/kubernetes/pkg/apis/extensions" -) - -// ValidateIngress tests if required fields in the Ingress are set. -func ValidateIngress(ingress *extensions.Ingress) field.ErrorList { - allErrs := apivalidation.ValidateObjectMeta(&ingress.ObjectMeta, true, ValidateIngressName, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateIngressSpec(&ingress.Spec, field.NewPath("spec"))...) - return allErrs -} - -// ValidateIngressName validates that the given name can be used as an Ingress name. -var ValidateIngressName = apimachineryvalidation.NameIsDNSSubdomain - -func validateIngressTLS(spec *extensions.IngressSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // TODO: Perform a more thorough validation of spec.TLS.Hosts that takes - // the wildcard spec from RFC 6125 into account. - for _, itls := range spec.TLS { - for i, host := range itls.Hosts { - if strings.Contains(host, "*") { - for _, msg := range validation.IsWildcardDNS1123Subdomain(host) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("hosts"), host, msg)) - } - continue - } - for _, msg := range validation.IsDNS1123Subdomain(host) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("hosts"), host, msg)) - } - } - } - - return allErrs -} - -// ValidateIngressSpec tests if required fields in the IngressSpec are set. -func ValidateIngressSpec(spec *extensions.IngressSpec, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - // TODO: Is a default backend mandatory? - if spec.Backend != nil { - allErrs = append(allErrs, validateIngressBackend(spec.Backend, fldPath.Child("backend"))...) - } else if len(spec.Rules) == 0 { - allErrs = append(allErrs, field.Invalid(fldPath, spec.Rules, "either `backend` or `rules` must be specified")) - } - if len(spec.Rules) > 0 { - allErrs = append(allErrs, validateIngressRules(spec.Rules, fldPath.Child("rules"))...) - } - if len(spec.TLS) > 0 { - allErrs = append(allErrs, validateIngressTLS(spec, fldPath.Child("tls"))...) - } - return allErrs -} - -// ValidateIngressUpdate tests if required fields in the Ingress are set. -func ValidateIngressUpdate(ingress, oldIngress *extensions.Ingress) field.ErrorList { - allErrs := apivalidation.ValidateObjectMetaUpdate(&ingress.ObjectMeta, &oldIngress.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, ValidateIngressSpec(&ingress.Spec, field.NewPath("spec"))...) - return allErrs -} - -// ValidateIngressStatusUpdate tests if required fields in the Ingress are set when updating status. -func ValidateIngressStatusUpdate(ingress, oldIngress *extensions.Ingress) field.ErrorList { - allErrs := apivalidation.ValidateObjectMetaUpdate(&ingress.ObjectMeta, &oldIngress.ObjectMeta, field.NewPath("metadata")) - allErrs = append(allErrs, apivalidation.ValidateLoadBalancerStatus(&ingress.Status.LoadBalancer, field.NewPath("status", "loadBalancer"))...) - return allErrs -} - -func validateIngressRules(ingressRules []extensions.IngressRule, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(ingressRules) == 0 { - return append(allErrs, field.Required(fldPath, "")) - } - for i, ih := range ingressRules { - if len(ih.Host) > 0 { - if isIP := (net.ParseIP(ih.Host) != nil); isIP { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, "must be a DNS name, not an IP address")) - } - // TODO: Ports and ips are allowed in the host part of a url - // according to RFC 3986, consider allowing them. - if strings.Contains(ih.Host, "*") { - for _, msg := range validation.IsWildcardDNS1123Subdomain(ih.Host) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, msg)) - } - continue - } - for _, msg := range validation.IsDNS1123Subdomain(ih.Host) { - allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, msg)) - } - } - allErrs = append(allErrs, validateIngressRuleValue(&ih.IngressRuleValue, fldPath.Index(0))...) - } - return allErrs -} - -func validateIngressRuleValue(ingressRule *extensions.IngressRuleValue, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if ingressRule.HTTP != nil { - allErrs = append(allErrs, validateHTTPIngressRuleValue(ingressRule.HTTP, fldPath.Child("http"))...) - } - return allErrs -} - -func validateHTTPIngressRuleValue(httpIngressRuleValue *extensions.HTTPIngressRuleValue, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(httpIngressRuleValue.Paths) == 0 { - allErrs = append(allErrs, field.Required(fldPath.Child("paths"), "")) - } - for i, rule := range httpIngressRuleValue.Paths { - if len(rule.Path) > 0 { - if !strings.HasPrefix(rule.Path, "/") { - allErrs = append(allErrs, field.Invalid(fldPath.Child("paths").Index(i).Child("path"), rule.Path, "must be an absolute path")) - } - // TODO: More draconian path regex validation. - // Path must be a valid regex. This is the basic requirement. - // In addition to this any characters not allowed in a path per - // RFC 3986 section-3.3 cannot appear as a literal in the regex. - // Consider the example: http://host/valid?#bar, everything after - // the last '/' is a valid regex that matches valid#bar, which - // isn't a valid path, because the path terminates at the first ? - // or #. A more sophisticated form of validation would detect that - // the user is confusing url regexes with path regexes. - _, err := regexp.CompilePOSIX(rule.Path) - if err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Child("paths").Index(i).Child("path"), rule.Path, "must be a valid regex")) - } - } - allErrs = append(allErrs, validateIngressBackend(&rule.Backend, fldPath.Child("backend"))...) - } - return allErrs -} - -// validateIngressBackend tests if a given backend is valid. -func validateIngressBackend(backend *extensions.IngressBackend, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - - // All backends must reference a single local service by name, and a single service port by name or number. - if len(backend.ServiceName) == 0 { - return append(allErrs, field.Required(fldPath.Child("serviceName"), "")) - } else { - for _, msg := range apivalidation.ValidateServiceName(backend.ServiceName, false) { - allErrs = append(allErrs, field.Invalid(fldPath.Child("serviceName"), backend.ServiceName, msg)) - } - } - allErrs = append(allErrs, apivalidation.ValidatePortNumOrName(backend.ServicePort, fldPath.Child("servicePort"))...) - return allErrs -} diff --git a/pkg/apis/extensions/validation/validation_test.go b/pkg/apis/extensions/validation/validation_test.go deleted file mode 100644 index 2d996837889..00000000000 --- a/pkg/apis/extensions/validation/validation_test.go +++ /dev/null @@ -1,294 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "fmt" - "strings" - "testing" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/intstr" - api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/extensions" -) - -func TestValidateIngress(t *testing.T) { - defaultBackend := extensions.IngressBackend{ - ServiceName: "default-backend", - ServicePort: intstr.FromInt(80), - } - - newValid := func() extensions.Ingress { - return extensions.Ingress{ - ObjectMeta: metav1.ObjectMeta{ - Name: "foo", - Namespace: metav1.NamespaceDefault, - }, - Spec: extensions.IngressSpec{ - Backend: &extensions.IngressBackend{ - ServiceName: "default-backend", - ServicePort: intstr.FromInt(80), - }, - Rules: []extensions.IngressRule{ - { - Host: "foo.bar.com", - IngressRuleValue: extensions.IngressRuleValue{ - HTTP: &extensions.HTTPIngressRuleValue{ - Paths: []extensions.HTTPIngressPath{ - { - Path: "/foo", - Backend: defaultBackend, - }, - }, - }, - }, - }, - }, - }, - Status: extensions.IngressStatus{ - LoadBalancer: api.LoadBalancerStatus{ - Ingress: []api.LoadBalancerIngress{ - {IP: "127.0.0.1"}, - }, - }, - }, - } - } - servicelessBackend := newValid() - servicelessBackend.Spec.Backend.ServiceName = "" - invalidNameBackend := newValid() - invalidNameBackend.Spec.Backend.ServiceName = "defaultBackend" - noPortBackend := newValid() - noPortBackend.Spec.Backend = &extensions.IngressBackend{ServiceName: defaultBackend.ServiceName} - noForwardSlashPath := newValid() - noForwardSlashPath.Spec.Rules[0].IngressRuleValue.HTTP.Paths = []extensions.HTTPIngressPath{ - { - Path: "invalid", - Backend: defaultBackend, - }, - } - noPaths := newValid() - noPaths.Spec.Rules[0].IngressRuleValue.HTTP.Paths = []extensions.HTTPIngressPath{} - badHost := newValid() - badHost.Spec.Rules[0].Host = "foobar:80" - badRegexPath := newValid() - badPathExpr := "/invalid[" - badRegexPath.Spec.Rules[0].IngressRuleValue.HTTP.Paths = []extensions.HTTPIngressPath{ - { - Path: badPathExpr, - Backend: defaultBackend, - }, - } - badPathErr := fmt.Sprintf("spec.rules[0].http.paths[0].path: Invalid value: '%v'", badPathExpr) - hostIP := "127.0.0.1" - badHostIP := newValid() - badHostIP.Spec.Rules[0].Host = hostIP - badHostIPErr := fmt.Sprintf("spec.rules[0].host: Invalid value: '%v'", hostIP) - - errorCases := map[string]extensions.Ingress{ - "spec.backend.serviceName: Required value": servicelessBackend, - "spec.backend.serviceName: Invalid value": invalidNameBackend, - "spec.backend.servicePort: Invalid value": noPortBackend, - "spec.rules[0].host: Invalid value": badHost, - "spec.rules[0].http.paths: Required value": noPaths, - "spec.rules[0].http.paths[0].path: Invalid value": noForwardSlashPath, - } - errorCases[badPathErr] = badRegexPath - errorCases[badHostIPErr] = badHostIP - - wildcardHost := "foo.*.bar.com" - badWildcard := newValid() - badWildcard.Spec.Rules[0].Host = wildcardHost - badWildcardErr := fmt.Sprintf("spec.rules[0].host: Invalid value: '%v'", wildcardHost) - errorCases[badWildcardErr] = badWildcard - - for k, v := range errorCases { - errs := ValidateIngress(&v) - if len(errs) == 0 { - t.Errorf("expected failure for %q", k) - } else { - s := strings.Split(k, ":") - err := errs[0] - if err.Field != s[0] || !strings.Contains(err.Error(), s[1]) { - t.Errorf("unexpected error: %q, expected: %q", err, k) - } - } - } -} - -func TestValidateIngressTLS(t *testing.T) { - defaultBackend := extensions.IngressBackend{ - ServiceName: "default-backend", - ServicePort: intstr.FromInt(80), - } - - newValid := func() extensions.Ingress { - return extensions.Ingress{ - ObjectMeta: metav1.ObjectMeta{ - Name: "foo", - Namespace: metav1.NamespaceDefault, - }, - Spec: extensions.IngressSpec{ - Backend: &extensions.IngressBackend{ - ServiceName: "default-backend", - ServicePort: intstr.FromInt(80), - }, - Rules: []extensions.IngressRule{ - { - Host: "foo.bar.com", - IngressRuleValue: extensions.IngressRuleValue{ - HTTP: &extensions.HTTPIngressRuleValue{ - Paths: []extensions.HTTPIngressPath{ - { - Path: "/foo", - Backend: defaultBackend, - }, - }, - }, - }, - }, - }, - }, - Status: extensions.IngressStatus{ - LoadBalancer: api.LoadBalancerStatus{ - Ingress: []api.LoadBalancerIngress{ - {IP: "127.0.0.1"}, - }, - }, - }, - } - } - - errorCases := map[string]extensions.Ingress{} - - wildcardHost := "foo.*.bar.com" - badWildcardTLS := newValid() - badWildcardTLS.Spec.Rules[0].Host = "*.foo.bar.com" - badWildcardTLS.Spec.TLS = []extensions.IngressTLS{ - { - Hosts: []string{wildcardHost}, - }, - } - badWildcardTLSErr := fmt.Sprintf("spec.tls[0].hosts: Invalid value: '%v'", wildcardHost) - errorCases[badWildcardTLSErr] = badWildcardTLS - - for k, v := range errorCases { - errs := ValidateIngress(&v) - if len(errs) == 0 { - t.Errorf("expected failure for %q", k) - } else { - s := strings.Split(k, ":") - err := errs[0] - if err.Field != s[0] || !strings.Contains(err.Error(), s[1]) { - t.Errorf("unexpected error: %q, expected: %q", err, k) - } - } - } -} - -func TestValidateIngressStatusUpdate(t *testing.T) { - defaultBackend := extensions.IngressBackend{ - ServiceName: "default-backend", - ServicePort: intstr.FromInt(80), - } - - newValid := func() extensions.Ingress { - return extensions.Ingress{ - ObjectMeta: metav1.ObjectMeta{ - Name: "foo", - Namespace: metav1.NamespaceDefault, - ResourceVersion: "9", - }, - Spec: extensions.IngressSpec{ - Backend: &extensions.IngressBackend{ - ServiceName: "default-backend", - ServicePort: intstr.FromInt(80), - }, - Rules: []extensions.IngressRule{ - { - Host: "foo.bar.com", - IngressRuleValue: extensions.IngressRuleValue{ - HTTP: &extensions.HTTPIngressRuleValue{ - Paths: []extensions.HTTPIngressPath{ - { - Path: "/foo", - Backend: defaultBackend, - }, - }, - }, - }, - }, - }, - }, - Status: extensions.IngressStatus{ - LoadBalancer: api.LoadBalancerStatus{ - Ingress: []api.LoadBalancerIngress{ - {IP: "127.0.0.1", Hostname: "foo.bar.com"}, - }, - }, - }, - } - } - oldValue := newValid() - newValue := newValid() - newValue.Status = extensions.IngressStatus{ - LoadBalancer: api.LoadBalancerStatus{ - Ingress: []api.LoadBalancerIngress{ - {IP: "127.0.0.2", Hostname: "foo.com"}, - }, - }, - } - invalidIP := newValid() - invalidIP.Status = extensions.IngressStatus{ - LoadBalancer: api.LoadBalancerStatus{ - Ingress: []api.LoadBalancerIngress{ - {IP: "abcd", Hostname: "foo.com"}, - }, - }, - } - invalidHostname := newValid() - invalidHostname.Status = extensions.IngressStatus{ - LoadBalancer: api.LoadBalancerStatus{ - Ingress: []api.LoadBalancerIngress{ - {IP: "127.0.0.1", Hostname: "127.0.0.1"}, - }, - }, - } - - errs := ValidateIngressStatusUpdate(&newValue, &oldValue) - if len(errs) != 0 { - t.Errorf("Unexpected error %v", errs) - } - - errorCases := map[string]extensions.Ingress{ - "status.loadBalancer.ingress[0].ip: Invalid value": invalidIP, - "status.loadBalancer.ingress[0].hostname: Invalid value": invalidHostname, - } - for k, v := range errorCases { - errs := ValidateIngressStatusUpdate(&v, &oldValue) - if len(errs) == 0 { - t.Errorf("expected failure for %s", k) - } else { - s := strings.Split(k, ":") - err := errs[0] - if err.Field != s[0] || !strings.Contains(err.Error(), s[1]) { - t.Errorf("unexpected error: %q, expected: %q", err, k) - } - } - } -} diff --git a/pkg/apis/extensions/zz_generated.deepcopy.go b/pkg/apis/extensions/zz_generated.deepcopy.go index 390f4328079..56c73e957d6 100644 --- a/pkg/apis/extensions/zz_generated.deepcopy.go +++ b/pkg/apis/extensions/zz_generated.deepcopy.go @@ -24,233 +24,6 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HTTPIngressPath) DeepCopyInto(out *HTTPIngressPath) { - *out = *in - out.Backend = in.Backend - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressPath. -func (in *HTTPIngressPath) DeepCopy() *HTTPIngressPath { - if in == nil { - return nil - } - out := new(HTTPIngressPath) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HTTPIngressRuleValue) DeepCopyInto(out *HTTPIngressRuleValue) { - *out = *in - if in.Paths != nil { - in, out := &in.Paths, &out.Paths - *out = make([]HTTPIngressPath, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressRuleValue. -func (in *HTTPIngressRuleValue) DeepCopy() *HTTPIngressRuleValue { - if in == nil { - return nil - } - out := new(HTTPIngressRuleValue) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Ingress) DeepCopyInto(out *Ingress) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. -func (in *Ingress) DeepCopy() *Ingress { - if in == nil { - return nil - } - out := new(Ingress) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Ingress) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IngressBackend) DeepCopyInto(out *IngressBackend) { - *out = *in - out.ServicePort = in.ServicePort - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressBackend. -func (in *IngressBackend) DeepCopy() *IngressBackend { - if in == nil { - return nil - } - out := new(IngressBackend) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IngressList) DeepCopyInto(out *IngressList) { - *out = *in - out.TypeMeta = in.TypeMeta - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Ingress, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList. -func (in *IngressList) DeepCopy() *IngressList { - if in == nil { - return nil - } - out := new(IngressList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IngressList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IngressRule) DeepCopyInto(out *IngressRule) { - *out = *in - in.IngressRuleValue.DeepCopyInto(&out.IngressRuleValue) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRule. -func (in *IngressRule) DeepCopy() *IngressRule { - if in == nil { - return nil - } - out := new(IngressRule) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IngressRuleValue) DeepCopyInto(out *IngressRuleValue) { - *out = *in - if in.HTTP != nil { - in, out := &in.HTTP, &out.HTTP - *out = new(HTTPIngressRuleValue) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleValue. -func (in *IngressRuleValue) DeepCopy() *IngressRuleValue { - if in == nil { - return nil - } - out := new(IngressRuleValue) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IngressSpec) DeepCopyInto(out *IngressSpec) { - *out = *in - if in.Backend != nil { - in, out := &in.Backend, &out.Backend - *out = new(IngressBackend) - **out = **in - } - if in.TLS != nil { - in, out := &in.TLS, &out.TLS - *out = make([]IngressTLS, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Rules != nil { - in, out := &in.Rules, &out.Rules - *out = make([]IngressRule, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec. -func (in *IngressSpec) DeepCopy() *IngressSpec { - if in == nil { - return nil - } - out := new(IngressSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IngressStatus) DeepCopyInto(out *IngressStatus) { - *out = *in - in.LoadBalancer.DeepCopyInto(&out.LoadBalancer) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus. -func (in *IngressStatus) DeepCopy() *IngressStatus { - if in == nil { - return nil - } - out := new(IngressStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IngressTLS) DeepCopyInto(out *IngressTLS) { - *out = *in - if in.Hosts != nil { - in, out := &in.Hosts, &out.Hosts - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressTLS. -func (in *IngressTLS) DeepCopy() *IngressTLS { - if in == nil { - return nil - } - out := new(IngressTLS) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ReplicationControllerDummy) DeepCopyInto(out *ReplicationControllerDummy) { *out = *in diff --git a/pkg/apis/imagepolicy/OWNERS b/pkg/apis/imagepolicy/OWNERS old mode 100755 new mode 100644 index 02b8511e465..be41e934eb3 --- a/pkg/apis/imagepolicy/OWNERS +++ b/pkg/apis/imagepolicy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-policy-approvers diff --git a/pkg/apis/networking/BUILD b/pkg/apis/networking/BUILD index 6aff9d449f3..6f54a370091 100644 --- a/pkg/apis/networking/BUILD +++ b/pkg/apis/networking/BUILD @@ -37,6 +37,7 @@ filegroup( "//pkg/apis/networking/fuzzer:all-srcs", "//pkg/apis/networking/install:all-srcs", "//pkg/apis/networking/v1:all-srcs", + "//pkg/apis/networking/v1beta1:all-srcs", "//pkg/apis/networking/validation:all-srcs", ], tags = ["automanaged"], diff --git a/pkg/apis/networking/OWNERS b/pkg/apis/networking/OWNERS old mode 100755 new mode 100644 index 0e696c0fbb4..13df36db12e --- a/pkg/apis/networking/OWNERS +++ b/pkg/apis/networking/OWNERS @@ -1,5 +1,9 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - caseydavenport - cmluciano - danwinship - thockin +labels: +- sig/network diff --git a/pkg/apis/networking/install/BUILD b/pkg/apis/networking/install/BUILD index a98f3a258d6..1a28edd925d 100644 --- a/pkg/apis/networking/install/BUILD +++ b/pkg/apis/networking/install/BUILD @@ -13,6 +13,7 @@ go_library( "//pkg/api/legacyscheme:go_default_library", "//pkg/apis/networking:go_default_library", "//pkg/apis/networking/v1:go_default_library", + "//pkg/apis/networking/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", ], diff --git a/pkg/apis/networking/install/install.go b/pkg/apis/networking/install/install.go index 4cef1acaffc..6863a7f7af6 100644 --- a/pkg/apis/networking/install/install.go +++ b/pkg/apis/networking/install/install.go @@ -24,6 +24,7 @@ import ( "k8s.io/kubernetes/pkg/api/legacyscheme" "k8s.io/kubernetes/pkg/apis/networking" "k8s.io/kubernetes/pkg/apis/networking/v1" + "k8s.io/kubernetes/pkg/apis/networking/v1beta1" ) func init() { @@ -34,5 +35,6 @@ func init() { func Install(scheme *runtime.Scheme) { utilruntime.Must(networking.AddToScheme(scheme)) utilruntime.Must(v1.AddToScheme(scheme)) - utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion)) + utilruntime.Must(v1beta1.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion, v1beta1.SchemeGroupVersion)) } diff --git a/pkg/apis/networking/register.go b/pkg/apis/networking/register.go index 4d58a210da2..54b6b0488d6 100644 --- a/pkg/apis/networking/register.go +++ b/pkg/apis/networking/register.go @@ -46,6 +46,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &NetworkPolicy{}, &NetworkPolicyList{}, + &Ingress{}, + &IngressList{}, ) return nil } diff --git a/pkg/apis/networking/types.go b/pkg/apis/networking/types.go index 541b884b58c..43233039d84 100644 --- a/pkg/apis/networking/types.go +++ b/pkg/apis/networking/types.go @@ -78,7 +78,7 @@ type NetworkPolicySpec struct { Egress []NetworkPolicyEgressRule // List of rule types that the NetworkPolicy relates to. - // Valid options are Ingress, Egress, or Ingress,Egress. + // Valid options are "Ingress", "Egress", or "Ingress,Egress". // If this field is not specified, it will default based on the existence of Ingress or Egress rules; // policies that contain an Egress section are assumed to affect Egress, and all policies // (whether or not they contain an Ingress section) are assumed to affect Ingress. @@ -195,3 +195,172 @@ type NetworkPolicyList struct { Items []NetworkPolicy } + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// Ingress is a collection of rules that allow inbound connections to reach the +// endpoints defined by a backend. An Ingress can be configured to give services +// externally-reachable urls, load balance traffic, terminate SSL, offer name +// based virtual hosting etc. +type Ingress struct { + metav1.TypeMeta + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // +optional + metav1.ObjectMeta + + // Spec is the desired state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // +optional + Spec IngressSpec + + // Status is the current state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // +optional + Status IngressStatus +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// IngressList is a collection of Ingress. +type IngressList struct { + metav1.TypeMeta + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // +optional + metav1.ListMeta + + // Items is the list of Ingress. + Items []Ingress +} + +// IngressSpec describes the Ingress the user wishes to exist. +type IngressSpec struct { + // A default backend capable of servicing requests that don't match any + // rule. At least one of 'backend' or 'rules' must be specified. This field + // is optional to allow the loadbalancer controller or defaulting logic to + // specify a global default. + // +optional + Backend *IngressBackend + + // TLS configuration. Currently the Ingress only supports a single TLS + // port, 443. If multiple members of this list specify different hosts, they + // will be multiplexed on the same port according to the hostname specified + // through the SNI TLS extension, if the ingress controller fulfilling the + // ingress supports SNI. + // +optional + TLS []IngressTLS + + // A list of host rules used to configure the Ingress. If unspecified, or + // no rule matches, all traffic is sent to the default backend. + // +optional + Rules []IngressRule + // TODO: Add the ability to specify load-balancer IP through claims +} + +// IngressTLS describes the transport layer security associated with an Ingress. +type IngressTLS struct { + // Hosts are a list of hosts included in the TLS certificate. The values in + // this list must match the name/s used in the tlsSecret. Defaults to the + // wildcard host setting for the loadbalancer controller fulfilling this + // Ingress, if left unspecified. + // +optional + Hosts []string + // SecretName is the name of the secret used to terminate SSL traffic on 443. + // Field is left optional to allow SSL routing based on SNI hostname alone. + // If the SNI host in a listener conflicts with the "Host" header field used + // by an IngressRule, the SNI host is used for termination and value of the + // Host header is used for routing. + // +optional + SecretName string + // TODO: Consider specifying different modes of termination, protocols etc. +} + +// IngressStatus describe the current state of the Ingress. +type IngressStatus struct { + // LoadBalancer contains the current status of the load-balancer. + // +optional + LoadBalancer api.LoadBalancerStatus +} + +// IngressRule represents the rules mapping the paths under a specified host to +// the related backend services. Incoming requests are first evaluated for a host +// match, then routed to the backend associated with the matching IngressRuleValue. +type IngressRule struct { + // Host is the fully qualified domain name of a network host, as defined + // by RFC 3986. Note the following deviations from the "host" part of the + // URI as defined in the RFC: + // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the + // IP in the Spec of the parent Ingress. + // 2. The `:` delimiter is not respected because ports are not allowed. + // Currently the port of an Ingress is implicitly :80 for http and + // :443 for https. + // Both these may change in the future. + // Incoming requests are matched against the host before the IngressRuleValue. + // If the host is unspecified, the Ingress routes all traffic based on the + // specified IngressRuleValue. + // +optional + Host string + // IngressRuleValue represents a rule to route requests for this IngressRule. + // If unspecified, the rule defaults to a http catch-all. Whether that sends + // just traffic matching the host to the default backend or all traffic to the + // default backend, is left to the controller fulfilling the Ingress. Http is + // currently the only supported IngressRuleValue. + // +optional + IngressRuleValue +} + +// IngressRuleValue represents a rule to apply against incoming requests. If the +// rule is satisfied, the request is routed to the specified backend. Currently +// mixing different types of rules in a single Ingress is disallowed, so exactly +// one of the following must be set. +type IngressRuleValue struct { + //TODO: + // 1. Consider renaming this resource and the associated rules so they + // aren't tied to Ingress. They can be used to route intra-cluster traffic. + // 2. Consider adding fields for ingress-type specific global options + // usable by a loadbalancer, like http keep-alive. + + // +optional + HTTP *HTTPIngressRuleValue +} + +// HTTPIngressRuleValue is a list of http selectors pointing to backends. +// In the example: http:///? -> backend where +// where parts of the url correspond to RFC 3986, this resource will be used +// to match against everything after the last '/' and before the first '?' +// or '#'. +type HTTPIngressRuleValue struct { + // A collection of paths that map requests to backends. + Paths []HTTPIngressPath + // TODO: Consider adding fields for ingress-type specific global + // options usable by a loadbalancer, like http keep-alive. +} + +// HTTPIngressPath associates a path regex with a backend. Incoming urls matching +// the path are forwarded to the backend. +type HTTPIngressPath struct { + // Path is an extended POSIX regex as defined by IEEE Std 1003.1, + // (i.e this follows the egrep/unix syntax, not the perl syntax) + // matched against the path of an incoming request. Currently it can + // contain characters disallowed from the conventional "path" + // part of a URL as defined by RFC 3986. Paths must begin with + // a '/'. If unspecified, the path defaults to a catch all sending + // traffic to the backend. + // +optional + Path string + + // Backend defines the referenced service endpoint to which the traffic + // will be forwarded to. + Backend IngressBackend +} + +// IngressBackend describes all endpoints for a given service and port. +type IngressBackend struct { + // Specifies the name of the referenced service. + ServiceName string + + // Specifies the port of the referenced service. + ServicePort intstr.IntOrString +} diff --git a/pkg/apis/networking/v1beta1/BUILD b/pkg/apis/networking/v1beta1/BUILD new file mode 100644 index 00000000000..26162e31ceb --- /dev/null +++ b/pkg/apis/networking/v1beta1/BUILD @@ -0,0 +1,35 @@ +package(default_visibility = ["//visibility:public"]) + +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "defaults.go", + "doc.go", + "register.go", + "zz_generated.conversion.go", + "zz_generated.defaults.go", + ], + importpath = "k8s.io/kubernetes/pkg/apis/networking/v1beta1", + deps = [ + "//pkg/apis/networking:go_default_library", + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], +) diff --git a/pkg/apis/networking/v1beta1/defaults.go b/pkg/apis/networking/v1beta1/defaults.go new file mode 100644 index 00000000000..e2ef92ce7eb --- /dev/null +++ b/pkg/apis/networking/v1beta1/defaults.go @@ -0,0 +1,25 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} diff --git a/pkg/apis/networking/v1beta1/doc.go b/pkg/apis/networking/v1beta1/doc.go new file mode 100644 index 00000000000..75de95210c3 --- /dev/null +++ b/pkg/apis/networking/v1beta1/doc.go @@ -0,0 +1,24 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/networking +// +k8s:conversion-gen-external-types=k8s.io/api/networking/v1beta1 +// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/extensions +// +k8s:defaulter-gen=TypeMeta +// +k8s:defaulter-gen-input=../../../../vendor/k8s.io/api/networking/v1beta1 +// +groupName=networking.k8s.io + +package v1beta1 // import "k8s.io/kubernetes/pkg/apis/networking/v1beta1" diff --git a/pkg/apis/networking/v1beta1/register.go b/pkg/apis/networking/v1beta1/register.go new file mode 100644 index 00000000000..24f55f4ca20 --- /dev/null +++ b/pkg/apis/networking/v1beta1/register.go @@ -0,0 +1,47 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + networkingv1beta1 "k8s.io/api/networking/v1beta1" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name use in this package +const GroupName = "networking.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + localSchemeBuilder = &networkingv1beta1.SchemeBuilder + + // AddToScheme adds the types of this group into the given scheme. + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addDefaultingFuncs) +} diff --git a/pkg/apis/networking/v1beta1/zz_generated.conversion.go b/pkg/apis/networking/v1beta1/zz_generated.conversion.go new file mode 100644 index 00000000000..11332b39aba --- /dev/null +++ b/pkg/apis/networking/v1beta1/zz_generated.conversion.go @@ -0,0 +1,380 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1beta1 + +import ( + unsafe "unsafe" + + v1beta1 "k8s.io/api/networking/v1beta1" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" + networking "k8s.io/kubernetes/pkg/apis/networking" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*v1beta1.HTTPIngressPath)(nil), (*networking.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(a.(*v1beta1.HTTPIngressPath), b.(*networking.HTTPIngressPath), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.HTTPIngressPath)(nil), (*v1beta1.HTTPIngressPath)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(a.(*networking.HTTPIngressPath), b.(*v1beta1.HTTPIngressPath), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.HTTPIngressRuleValue)(nil), (*networking.HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(a.(*v1beta1.HTTPIngressRuleValue), b.(*networking.HTTPIngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.HTTPIngressRuleValue)(nil), (*v1beta1.HTTPIngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(a.(*networking.HTTPIngressRuleValue), b.(*v1beta1.HTTPIngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.Ingress)(nil), (*networking.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_Ingress_To_networking_Ingress(a.(*v1beta1.Ingress), b.(*networking.Ingress), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.Ingress)(nil), (*v1beta1.Ingress)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_Ingress_To_v1beta1_Ingress(a.(*networking.Ingress), b.(*v1beta1.Ingress), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressBackend)(nil), (*networking.IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressBackend_To_networking_IngressBackend(a.(*v1beta1.IngressBackend), b.(*networking.IngressBackend), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressBackend)(nil), (*v1beta1.IngressBackend)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressBackend_To_v1beta1_IngressBackend(a.(*networking.IngressBackend), b.(*v1beta1.IngressBackend), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressList)(nil), (*networking.IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressList_To_networking_IngressList(a.(*v1beta1.IngressList), b.(*networking.IngressList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressList)(nil), (*v1beta1.IngressList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressList_To_v1beta1_IngressList(a.(*networking.IngressList), b.(*v1beta1.IngressList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressRule)(nil), (*networking.IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressRule_To_networking_IngressRule(a.(*v1beta1.IngressRule), b.(*networking.IngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressRule)(nil), (*v1beta1.IngressRule)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressRule_To_v1beta1_IngressRule(a.(*networking.IngressRule), b.(*v1beta1.IngressRule), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressRuleValue)(nil), (*networking.IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(a.(*v1beta1.IngressRuleValue), b.(*networking.IngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressRuleValue)(nil), (*v1beta1.IngressRuleValue)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(a.(*networking.IngressRuleValue), b.(*v1beta1.IngressRuleValue), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressSpec)(nil), (*networking.IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressSpec_To_networking_IngressSpec(a.(*v1beta1.IngressSpec), b.(*networking.IngressSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressSpec)(nil), (*v1beta1.IngressSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressSpec_To_v1beta1_IngressSpec(a.(*networking.IngressSpec), b.(*v1beta1.IngressSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressStatus)(nil), (*networking.IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressStatus_To_networking_IngressStatus(a.(*v1beta1.IngressStatus), b.(*networking.IngressStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressStatus)(nil), (*v1beta1.IngressStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressStatus_To_v1beta1_IngressStatus(a.(*networking.IngressStatus), b.(*v1beta1.IngressStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*v1beta1.IngressTLS)(nil), (*networking.IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1beta1_IngressTLS_To_networking_IngressTLS(a.(*v1beta1.IngressTLS), b.(*networking.IngressTLS), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*networking.IngressTLS)(nil), (*v1beta1.IngressTLS)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_networking_IngressTLS_To_v1beta1_IngressTLS(a.(*networking.IngressTLS), b.(*v1beta1.IngressTLS), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(in *v1beta1.HTTPIngressPath, out *networking.HTTPIngressPath, s conversion.Scope) error { + out.Path = in.Path + if err := Convert_v1beta1_IngressBackend_To_networking_IngressBackend(&in.Backend, &out.Backend, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath is an autogenerated conversion function. +func Convert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(in *v1beta1.HTTPIngressPath, out *networking.HTTPIngressPath, s conversion.Scope) error { + return autoConvert_v1beta1_HTTPIngressPath_To_networking_HTTPIngressPath(in, out, s) +} + +func autoConvert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *networking.HTTPIngressPath, out *v1beta1.HTTPIngressPath, s conversion.Scope) error { + out.Path = in.Path + if err := Convert_networking_IngressBackend_To_v1beta1_IngressBackend(&in.Backend, &out.Backend, s); err != nil { + return err + } + return nil +} + +// Convert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath is an autogenerated conversion function. +func Convert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in *networking.HTTPIngressPath, out *v1beta1.HTTPIngressPath, s conversion.Scope) error { + return autoConvert_networking_HTTPIngressPath_To_v1beta1_HTTPIngressPath(in, out, s) +} + +func autoConvert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(in *v1beta1.HTTPIngressRuleValue, out *networking.HTTPIngressRuleValue, s conversion.Scope) error { + out.Paths = *(*[]networking.HTTPIngressPath)(unsafe.Pointer(&in.Paths)) + return nil +} + +// Convert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue is an autogenerated conversion function. +func Convert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(in *v1beta1.HTTPIngressRuleValue, out *networking.HTTPIngressRuleValue, s conversion.Scope) error { + return autoConvert_v1beta1_HTTPIngressRuleValue_To_networking_HTTPIngressRuleValue(in, out, s) +} + +func autoConvert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *networking.HTTPIngressRuleValue, out *v1beta1.HTTPIngressRuleValue, s conversion.Scope) error { + out.Paths = *(*[]v1beta1.HTTPIngressPath)(unsafe.Pointer(&in.Paths)) + return nil +} + +// Convert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue is an autogenerated conversion function. +func Convert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in *networking.HTTPIngressRuleValue, out *v1beta1.HTTPIngressRuleValue, s conversion.Scope) error { + return autoConvert_networking_HTTPIngressRuleValue_To_v1beta1_HTTPIngressRuleValue(in, out, s) +} + +func autoConvert_v1beta1_Ingress_To_networking_Ingress(in *v1beta1.Ingress, out *networking.Ingress, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1beta1_IngressSpec_To_networking_IngressSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1beta1_IngressStatus_To_networking_IngressStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_Ingress_To_networking_Ingress is an autogenerated conversion function. +func Convert_v1beta1_Ingress_To_networking_Ingress(in *v1beta1.Ingress, out *networking.Ingress, s conversion.Scope) error { + return autoConvert_v1beta1_Ingress_To_networking_Ingress(in, out, s) +} + +func autoConvert_networking_Ingress_To_v1beta1_Ingress(in *networking.Ingress, out *v1beta1.Ingress, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_networking_IngressSpec_To_v1beta1_IngressSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_networking_IngressStatus_To_v1beta1_IngressStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_networking_Ingress_To_v1beta1_Ingress is an autogenerated conversion function. +func Convert_networking_Ingress_To_v1beta1_Ingress(in *networking.Ingress, out *v1beta1.Ingress, s conversion.Scope) error { + return autoConvert_networking_Ingress_To_v1beta1_Ingress(in, out, s) +} + +func autoConvert_v1beta1_IngressBackend_To_networking_IngressBackend(in *v1beta1.IngressBackend, out *networking.IngressBackend, s conversion.Scope) error { + out.ServiceName = in.ServiceName + out.ServicePort = in.ServicePort + return nil +} + +// Convert_v1beta1_IngressBackend_To_networking_IngressBackend is an autogenerated conversion function. +func Convert_v1beta1_IngressBackend_To_networking_IngressBackend(in *v1beta1.IngressBackend, out *networking.IngressBackend, s conversion.Scope) error { + return autoConvert_v1beta1_IngressBackend_To_networking_IngressBackend(in, out, s) +} + +func autoConvert_networking_IngressBackend_To_v1beta1_IngressBackend(in *networking.IngressBackend, out *v1beta1.IngressBackend, s conversion.Scope) error { + out.ServiceName = in.ServiceName + out.ServicePort = in.ServicePort + return nil +} + +// Convert_networking_IngressBackend_To_v1beta1_IngressBackend is an autogenerated conversion function. +func Convert_networking_IngressBackend_To_v1beta1_IngressBackend(in *networking.IngressBackend, out *v1beta1.IngressBackend, s conversion.Scope) error { + return autoConvert_networking_IngressBackend_To_v1beta1_IngressBackend(in, out, s) +} + +func autoConvert_v1beta1_IngressList_To_networking_IngressList(in *v1beta1.IngressList, out *networking.IngressList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]networking.Ingress)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1beta1_IngressList_To_networking_IngressList is an autogenerated conversion function. +func Convert_v1beta1_IngressList_To_networking_IngressList(in *v1beta1.IngressList, out *networking.IngressList, s conversion.Scope) error { + return autoConvert_v1beta1_IngressList_To_networking_IngressList(in, out, s) +} + +func autoConvert_networking_IngressList_To_v1beta1_IngressList(in *networking.IngressList, out *v1beta1.IngressList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]v1beta1.Ingress)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_networking_IngressList_To_v1beta1_IngressList is an autogenerated conversion function. +func Convert_networking_IngressList_To_v1beta1_IngressList(in *networking.IngressList, out *v1beta1.IngressList, s conversion.Scope) error { + return autoConvert_networking_IngressList_To_v1beta1_IngressList(in, out, s) +} + +func autoConvert_v1beta1_IngressRule_To_networking_IngressRule(in *v1beta1.IngressRule, out *networking.IngressRule, s conversion.Scope) error { + out.Host = in.Host + if err := Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_IngressRule_To_networking_IngressRule is an autogenerated conversion function. +func Convert_v1beta1_IngressRule_To_networking_IngressRule(in *v1beta1.IngressRule, out *networking.IngressRule, s conversion.Scope) error { + return autoConvert_v1beta1_IngressRule_To_networking_IngressRule(in, out, s) +} + +func autoConvert_networking_IngressRule_To_v1beta1_IngressRule(in *networking.IngressRule, out *v1beta1.IngressRule, s conversion.Scope) error { + out.Host = in.Host + if err := Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(&in.IngressRuleValue, &out.IngressRuleValue, s); err != nil { + return err + } + return nil +} + +// Convert_networking_IngressRule_To_v1beta1_IngressRule is an autogenerated conversion function. +func Convert_networking_IngressRule_To_v1beta1_IngressRule(in *networking.IngressRule, out *v1beta1.IngressRule, s conversion.Scope) error { + return autoConvert_networking_IngressRule_To_v1beta1_IngressRule(in, out, s) +} + +func autoConvert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(in *v1beta1.IngressRuleValue, out *networking.IngressRuleValue, s conversion.Scope) error { + out.HTTP = (*networking.HTTPIngressRuleValue)(unsafe.Pointer(in.HTTP)) + return nil +} + +// Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue is an autogenerated conversion function. +func Convert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(in *v1beta1.IngressRuleValue, out *networking.IngressRuleValue, s conversion.Scope) error { + return autoConvert_v1beta1_IngressRuleValue_To_networking_IngressRuleValue(in, out, s) +} + +func autoConvert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(in *networking.IngressRuleValue, out *v1beta1.IngressRuleValue, s conversion.Scope) error { + out.HTTP = (*v1beta1.HTTPIngressRuleValue)(unsafe.Pointer(in.HTTP)) + return nil +} + +// Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue is an autogenerated conversion function. +func Convert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(in *networking.IngressRuleValue, out *v1beta1.IngressRuleValue, s conversion.Scope) error { + return autoConvert_networking_IngressRuleValue_To_v1beta1_IngressRuleValue(in, out, s) +} + +func autoConvert_v1beta1_IngressSpec_To_networking_IngressSpec(in *v1beta1.IngressSpec, out *networking.IngressSpec, s conversion.Scope) error { + out.Backend = (*networking.IngressBackend)(unsafe.Pointer(in.Backend)) + out.TLS = *(*[]networking.IngressTLS)(unsafe.Pointer(&in.TLS)) + out.Rules = *(*[]networking.IngressRule)(unsafe.Pointer(&in.Rules)) + return nil +} + +// Convert_v1beta1_IngressSpec_To_networking_IngressSpec is an autogenerated conversion function. +func Convert_v1beta1_IngressSpec_To_networking_IngressSpec(in *v1beta1.IngressSpec, out *networking.IngressSpec, s conversion.Scope) error { + return autoConvert_v1beta1_IngressSpec_To_networking_IngressSpec(in, out, s) +} + +func autoConvert_networking_IngressSpec_To_v1beta1_IngressSpec(in *networking.IngressSpec, out *v1beta1.IngressSpec, s conversion.Scope) error { + out.Backend = (*v1beta1.IngressBackend)(unsafe.Pointer(in.Backend)) + out.TLS = *(*[]v1beta1.IngressTLS)(unsafe.Pointer(&in.TLS)) + out.Rules = *(*[]v1beta1.IngressRule)(unsafe.Pointer(&in.Rules)) + return nil +} + +// Convert_networking_IngressSpec_To_v1beta1_IngressSpec is an autogenerated conversion function. +func Convert_networking_IngressSpec_To_v1beta1_IngressSpec(in *networking.IngressSpec, out *v1beta1.IngressSpec, s conversion.Scope) error { + return autoConvert_networking_IngressSpec_To_v1beta1_IngressSpec(in, out, s) +} + +func autoConvert_v1beta1_IngressStatus_To_networking_IngressStatus(in *v1beta1.IngressStatus, out *networking.IngressStatus, s conversion.Scope) error { + // TODO: Inefficient conversion - can we improve it? + if err := s.Convert(&in.LoadBalancer, &out.LoadBalancer, 0); err != nil { + return err + } + return nil +} + +// Convert_v1beta1_IngressStatus_To_networking_IngressStatus is an autogenerated conversion function. +func Convert_v1beta1_IngressStatus_To_networking_IngressStatus(in *v1beta1.IngressStatus, out *networking.IngressStatus, s conversion.Scope) error { + return autoConvert_v1beta1_IngressStatus_To_networking_IngressStatus(in, out, s) +} + +func autoConvert_networking_IngressStatus_To_v1beta1_IngressStatus(in *networking.IngressStatus, out *v1beta1.IngressStatus, s conversion.Scope) error { + // TODO: Inefficient conversion - can we improve it? + if err := s.Convert(&in.LoadBalancer, &out.LoadBalancer, 0); err != nil { + return err + } + return nil +} + +// Convert_networking_IngressStatus_To_v1beta1_IngressStatus is an autogenerated conversion function. +func Convert_networking_IngressStatus_To_v1beta1_IngressStatus(in *networking.IngressStatus, out *v1beta1.IngressStatus, s conversion.Scope) error { + return autoConvert_networking_IngressStatus_To_v1beta1_IngressStatus(in, out, s) +} + +func autoConvert_v1beta1_IngressTLS_To_networking_IngressTLS(in *v1beta1.IngressTLS, out *networking.IngressTLS, s conversion.Scope) error { + out.Hosts = *(*[]string)(unsafe.Pointer(&in.Hosts)) + out.SecretName = in.SecretName + return nil +} + +// Convert_v1beta1_IngressTLS_To_networking_IngressTLS is an autogenerated conversion function. +func Convert_v1beta1_IngressTLS_To_networking_IngressTLS(in *v1beta1.IngressTLS, out *networking.IngressTLS, s conversion.Scope) error { + return autoConvert_v1beta1_IngressTLS_To_networking_IngressTLS(in, out, s) +} + +func autoConvert_networking_IngressTLS_To_v1beta1_IngressTLS(in *networking.IngressTLS, out *v1beta1.IngressTLS, s conversion.Scope) error { + out.Hosts = *(*[]string)(unsafe.Pointer(&in.Hosts)) + out.SecretName = in.SecretName + return nil +} + +// Convert_networking_IngressTLS_To_v1beta1_IngressTLS is an autogenerated conversion function. +func Convert_networking_IngressTLS_To_v1beta1_IngressTLS(in *networking.IngressTLS, out *v1beta1.IngressTLS, s conversion.Scope) error { + return autoConvert_networking_IngressTLS_To_v1beta1_IngressTLS(in, out, s) +} diff --git a/pkg/apis/networking/v1beta1/zz_generated.defaults.go b/pkg/apis/networking/v1beta1/zz_generated.defaults.go new file mode 100644 index 00000000000..73e63fc114d --- /dev/null +++ b/pkg/apis/networking/v1beta1/zz_generated.defaults.go @@ -0,0 +1,32 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1beta1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/pkg/apis/networking/validation/BUILD b/pkg/apis/networking/validation/BUILD index 42021b70aca..babded2052a 100644 --- a/pkg/apis/networking/validation/BUILD +++ b/pkg/apis/networking/validation/BUILD @@ -8,13 +8,17 @@ load( go_test( name = "go_default_test", - srcs = ["validation_test.go"], + srcs = [ + "conditional_validation_test.go", + "validation_test.go", + ], embed = [":go_default_library"], deps = [ "//pkg/apis/core:go_default_library", "//pkg/apis/networking:go_default_library", "//pkg/features:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature/testing:go_default_library", @@ -23,7 +27,10 @@ go_test( go_library( name = "go_default_library", - srcs = ["validation.go"], + srcs = [ + "conditional_validation.go", + "validation.go", + ], importpath = "k8s.io/kubernetes/pkg/apis/networking/validation", deps = [ "//pkg/apis/core:go_default_library", diff --git a/pkg/apis/networking/validation/conditional_validation.go b/pkg/apis/networking/validation/conditional_validation.go new file mode 100644 index 00000000000..90d746756a7 --- /dev/null +++ b/pkg/apis/networking/validation/conditional_validation.go @@ -0,0 +1,59 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "k8s.io/apimachinery/pkg/util/validation/field" + utilfeature "k8s.io/apiserver/pkg/util/feature" + api "k8s.io/kubernetes/pkg/apis/core" + "k8s.io/kubernetes/pkg/apis/networking" + "k8s.io/kubernetes/pkg/features" +) + +// ValidateConditionalNetworkPolicy validates conditionally valid fields. +func ValidateConditionalNetworkPolicy(np, oldNP *networking.NetworkPolicy) field.ErrorList { + var errs field.ErrorList + // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it + if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(sctpFields(oldNP)) == 0 { + for _, f := range sctpFields(np) { + errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) + } + } + return errs +} + +func sctpFields(np *networking.NetworkPolicy) []*field.Path { + if np == nil { + return nil + } + fields := []*field.Path{} + for iIndex, e := range np.Spec.Ingress { + for pIndex, p := range e.Ports { + if p.Protocol != nil && *p.Protocol == api.ProtocolSCTP { + fields = append(fields, field.NewPath("spec.ingress").Index(iIndex).Child("ports").Index(pIndex).Child("protocol")) + } + } + } + for eIndex, e := range np.Spec.Egress { + for pIndex, p := range e.Ports { + if p.Protocol != nil && *p.Protocol == api.ProtocolSCTP { + fields = append(fields, field.NewPath("spec.egress").Index(eIndex).Child("ports").Index(pIndex).Child("protocol")) + } + } + } + return fields +} diff --git a/pkg/apis/networking/validation/conditional_validation_test.go b/pkg/apis/networking/validation/conditional_validation_test.go new file mode 100644 index 00000000000..2cb3d89415f --- /dev/null +++ b/pkg/apis/networking/validation/conditional_validation_test.go @@ -0,0 +1,108 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "fmt" + "reflect" + "testing" + + "k8s.io/apimachinery/pkg/util/diff" + utilfeature "k8s.io/apiserver/pkg/util/feature" + utilfeaturetesting "k8s.io/apiserver/pkg/util/feature/testing" + api "k8s.io/kubernetes/pkg/apis/core" + "k8s.io/kubernetes/pkg/apis/networking" + "k8s.io/kubernetes/pkg/features" +) + +func TestValidateNetworkPolicySCTP(t *testing.T) { + sctpProtocol := api.ProtocolSCTP + tcpProtocol := api.ProtocolTCP + objectWithValue := func() *networking.NetworkPolicy { + return &networking.NetworkPolicy{ + Spec: networking.NetworkPolicySpec{ + Ingress: []networking.NetworkPolicyIngressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &sctpProtocol}}}}, + Egress: []networking.NetworkPolicyEgressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &sctpProtocol}}}}, + }, + } + } + objectWithoutValue := func() *networking.NetworkPolicy { + return &networking.NetworkPolicy{ + Spec: networking.NetworkPolicySpec{ + Ingress: []networking.NetworkPolicyIngressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &tcpProtocol}}}}, + Egress: []networking.NetworkPolicyEgressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &tcpProtocol}}}}, + }, + } + } + + objectInfo := []struct { + description string + hasValue bool + object func() *networking.NetworkPolicy + }{ + { + description: "has value", + hasValue: true, + object: objectWithValue, + }, + { + description: "does not have value", + hasValue: false, + object: objectWithoutValue, + }, + { + description: "is nil", + hasValue: false, + object: func() *networking.NetworkPolicy { return nil }, + }, + } + + for _, enabled := range []bool{true, false} { + for _, oldNetworkPolicyInfo := range objectInfo { + for _, newNetworkPolicyInfo := range objectInfo { + oldNetworkPolicyHasValue, oldNetworkPolicy := oldNetworkPolicyInfo.hasValue, oldNetworkPolicyInfo.object() + newNetworkPolicyHasValue, newNetworkPolicy := newNetworkPolicyInfo.hasValue, newNetworkPolicyInfo.object() + if newNetworkPolicy == nil { + continue + } + + t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldNetworkPolicyInfo.description, newNetworkPolicyInfo.description), func(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() + errs := ValidateConditionalNetworkPolicy(newNetworkPolicy, oldNetworkPolicy) + // objects should never be changed + if !reflect.DeepEqual(oldNetworkPolicy, oldNetworkPolicyInfo.object()) { + t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldNetworkPolicy, oldNetworkPolicyInfo.object())) + } + if !reflect.DeepEqual(newNetworkPolicy, newNetworkPolicyInfo.object()) { + t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newNetworkPolicy, newNetworkPolicyInfo.object())) + } + + switch { + case enabled || oldNetworkPolicyHasValue || !newNetworkPolicyHasValue: + if len(errs) > 0 { + t.Errorf("unexpected errors: %v", errs) + } + default: + if len(errs) != 2 { + t.Errorf("expected 2 errors, got %v", errs) + } + } + }) + } + } + } +} diff --git a/pkg/apis/networking/validation/validation.go b/pkg/apis/networking/validation/validation.go index 0e012f36644..6f62f66fe89 100644 --- a/pkg/apis/networking/validation/validation.go +++ b/pkg/apis/networking/validation/validation.go @@ -17,17 +17,19 @@ limitations under the License. package validation import ( + "net" + "regexp" + "strings" + apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation" unversionedvalidation "k8s.io/apimachinery/pkg/apis/meta/v1/validation" "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/validation" "k8s.io/apimachinery/pkg/util/validation/field" - utilfeature "k8s.io/apiserver/pkg/util/feature" api "k8s.io/kubernetes/pkg/apis/core" apivalidation "k8s.io/kubernetes/pkg/apis/core/validation" "k8s.io/kubernetes/pkg/apis/networking" - "k8s.io/kubernetes/pkg/features" ) // ValidateNetworkPolicyName can be used to check whether the given networkpolicy @@ -39,12 +41,8 @@ func ValidateNetworkPolicyName(name string, prefix bool) []string { // ValidateNetworkPolicyPort validates a NetworkPolicyPort func ValidateNetworkPolicyPort(port *networking.NetworkPolicyPort, portPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} - if utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) { - if port.Protocol != nil && *port.Protocol != api.ProtocolTCP && *port.Protocol != api.ProtocolUDP && *port.Protocol != api.ProtocolSCTP { - allErrs = append(allErrs, field.NotSupported(portPath.Child("protocol"), *port.Protocol, []string{string(api.ProtocolTCP), string(api.ProtocolUDP), string(api.ProtocolSCTP)})) - } - } else if port.Protocol != nil && *port.Protocol != api.ProtocolTCP && *port.Protocol != api.ProtocolUDP { - allErrs = append(allErrs, field.NotSupported(portPath.Child("protocol"), *port.Protocol, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) + if port.Protocol != nil && *port.Protocol != api.ProtocolTCP && *port.Protocol != api.ProtocolUDP && *port.Protocol != api.ProtocolSCTP { + allErrs = append(allErrs, field.NotSupported(portPath.Child("protocol"), *port.Protocol, []string{string(api.ProtocolTCP), string(api.ProtocolUDP), string(api.ProtocolSCTP)})) } if port.Port != nil { if port.Port.Type == intstr.Int { @@ -175,3 +173,145 @@ func ValidateIPBlock(ipb *networking.IPBlock, fldPath *field.Path) field.ErrorLi } return allErrs } + +// ValidateIngress tests if required fields in the Ingress are set. +func ValidateIngress(ingress *networking.Ingress) field.ErrorList { + allErrs := apivalidation.ValidateObjectMeta(&ingress.ObjectMeta, true, ValidateIngressName, field.NewPath("metadata")) + allErrs = append(allErrs, ValidateIngressSpec(&ingress.Spec, field.NewPath("spec"))...) + return allErrs +} + +// ValidateIngressName validates that the given name can be used as an Ingress name. +var ValidateIngressName = apimachineryvalidation.NameIsDNSSubdomain + +func validateIngressTLS(spec *networking.IngressSpec, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + // TODO: Perform a more thorough validation of spec.TLS.Hosts that takes + // the wildcard spec from RFC 6125 into account. + for _, itls := range spec.TLS { + for i, host := range itls.Hosts { + if strings.Contains(host, "*") { + for _, msg := range validation.IsWildcardDNS1123Subdomain(host) { + allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("hosts"), host, msg)) + } + continue + } + for _, msg := range validation.IsDNS1123Subdomain(host) { + allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("hosts"), host, msg)) + } + } + } + + return allErrs +} + +// ValidateIngressSpec tests if required fields in the IngressSpec are set. +func ValidateIngressSpec(spec *networking.IngressSpec, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + // TODO: Is a default backend mandatory? + if spec.Backend != nil { + allErrs = append(allErrs, validateIngressBackend(spec.Backend, fldPath.Child("backend"))...) + } else if len(spec.Rules) == 0 { + allErrs = append(allErrs, field.Invalid(fldPath, spec.Rules, "either `backend` or `rules` must be specified")) + } + if len(spec.Rules) > 0 { + allErrs = append(allErrs, validateIngressRules(spec.Rules, fldPath.Child("rules"))...) + } + if len(spec.TLS) > 0 { + allErrs = append(allErrs, validateIngressTLS(spec, fldPath.Child("tls"))...) + } + return allErrs +} + +// ValidateIngressUpdate tests if required fields in the Ingress are set. +func ValidateIngressUpdate(ingress, oldIngress *networking.Ingress) field.ErrorList { + allErrs := apivalidation.ValidateObjectMetaUpdate(&ingress.ObjectMeta, &oldIngress.ObjectMeta, field.NewPath("metadata")) + allErrs = append(allErrs, ValidateIngressSpec(&ingress.Spec, field.NewPath("spec"))...) + return allErrs +} + +// ValidateIngressStatusUpdate tests if required fields in the Ingress are set when updating status. +func ValidateIngressStatusUpdate(ingress, oldIngress *networking.Ingress) field.ErrorList { + allErrs := apivalidation.ValidateObjectMetaUpdate(&ingress.ObjectMeta, &oldIngress.ObjectMeta, field.NewPath("metadata")) + allErrs = append(allErrs, apivalidation.ValidateLoadBalancerStatus(&ingress.Status.LoadBalancer, field.NewPath("status", "loadBalancer"))...) + return allErrs +} + +func validateIngressRules(ingressRules []networking.IngressRule, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + if len(ingressRules) == 0 { + return append(allErrs, field.Required(fldPath, "")) + } + for i, ih := range ingressRules { + if len(ih.Host) > 0 { + if isIP := (net.ParseIP(ih.Host) != nil); isIP { + allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, "must be a DNS name, not an IP address")) + } + // TODO: Ports and ips are allowed in the host part of a url + // according to RFC 3986, consider allowing them. + if strings.Contains(ih.Host, "*") { + for _, msg := range validation.IsWildcardDNS1123Subdomain(ih.Host) { + allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, msg)) + } + continue + } + for _, msg := range validation.IsDNS1123Subdomain(ih.Host) { + allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, msg)) + } + } + allErrs = append(allErrs, validateIngressRuleValue(&ih.IngressRuleValue, fldPath.Index(0))...) + } + return allErrs +} + +func validateIngressRuleValue(ingressRule *networking.IngressRuleValue, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + if ingressRule.HTTP != nil { + allErrs = append(allErrs, validateHTTPIngressRuleValue(ingressRule.HTTP, fldPath.Child("http"))...) + } + return allErrs +} + +func validateHTTPIngressRuleValue(httpIngressRuleValue *networking.HTTPIngressRuleValue, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + if len(httpIngressRuleValue.Paths) == 0 { + allErrs = append(allErrs, field.Required(fldPath.Child("paths"), "")) + } + for i, rule := range httpIngressRuleValue.Paths { + if len(rule.Path) > 0 { + if !strings.HasPrefix(rule.Path, "/") { + allErrs = append(allErrs, field.Invalid(fldPath.Child("paths").Index(i).Child("path"), rule.Path, "must be an absolute path")) + } + // TODO: More draconian path regex validation. + // Path must be a valid regex. This is the basic requirement. + // In addition to this any characters not allowed in a path per + // RFC 3986 section-3.3 cannot appear as a literal in the regex. + // Consider the example: http://host/valid?#bar, everything after + // the last '/' is a valid regex that matches valid#bar, which + // isn't a valid path, because the path terminates at the first ? + // or #. A more sophisticated form of validation would detect that + // the user is confusing url regexes with path regexes. + _, err := regexp.CompilePOSIX(rule.Path) + if err != nil { + allErrs = append(allErrs, field.Invalid(fldPath.Child("paths").Index(i).Child("path"), rule.Path, "must be a valid regex")) + } + } + allErrs = append(allErrs, validateIngressBackend(&rule.Backend, fldPath.Child("backend"))...) + } + return allErrs +} + +// validateIngressBackend tests if a given backend is valid. +func validateIngressBackend(backend *networking.IngressBackend, fldPath *field.Path) field.ErrorList { + allErrs := field.ErrorList{} + + // All backends must reference a single local service by name, and a single service port by name or number. + if len(backend.ServiceName) == 0 { + return append(allErrs, field.Required(fldPath.Child("serviceName"), "")) + } + for _, msg := range apivalidation.ValidateServiceName(backend.ServiceName, false) { + allErrs = append(allErrs, field.Invalid(fldPath.Child("serviceName"), backend.ServiceName, msg)) + } + allErrs = append(allErrs, apivalidation.ValidatePortNumOrName(backend.ServicePort, fldPath.Child("servicePort"))...) + return allErrs +} diff --git a/pkg/apis/networking/validation/validation_test.go b/pkg/apis/networking/validation/validation_test.go index bacffbfa387..83787dcb8a5 100644 --- a/pkg/apis/networking/validation/validation_test.go +++ b/pkg/apis/networking/validation/validation_test.go @@ -17,6 +17,8 @@ limitations under the License. package validation import ( + "fmt" + "strings" "testing" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -733,3 +735,269 @@ func TestValidateNetworkPolicyUpdate(t *testing.T) { } } } + +func TestValidateIngress(t *testing.T) { + defaultBackend := networking.IngressBackend{ + ServiceName: "default-backend", + ServicePort: intstr.FromInt(80), + } + + newValid := func() networking.Ingress { + return networking.Ingress{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: metav1.NamespaceDefault, + }, + Spec: networking.IngressSpec{ + Backend: &networking.IngressBackend{ + ServiceName: "default-backend", + ServicePort: intstr.FromInt(80), + }, + Rules: []networking.IngressRule{ + { + Host: "foo.bar.com", + IngressRuleValue: networking.IngressRuleValue{ + HTTP: &networking.HTTPIngressRuleValue{ + Paths: []networking.HTTPIngressPath{ + { + Path: "/foo", + Backend: defaultBackend, + }, + }, + }, + }, + }, + }, + }, + Status: networking.IngressStatus{ + LoadBalancer: api.LoadBalancerStatus{ + Ingress: []api.LoadBalancerIngress{ + {IP: "127.0.0.1"}, + }, + }, + }, + } + } + servicelessBackend := newValid() + servicelessBackend.Spec.Backend.ServiceName = "" + invalidNameBackend := newValid() + invalidNameBackend.Spec.Backend.ServiceName = "defaultBackend" + noPortBackend := newValid() + noPortBackend.Spec.Backend = &networking.IngressBackend{ServiceName: defaultBackend.ServiceName} + noForwardSlashPath := newValid() + noForwardSlashPath.Spec.Rules[0].IngressRuleValue.HTTP.Paths = []networking.HTTPIngressPath{ + { + Path: "invalid", + Backend: defaultBackend, + }, + } + noPaths := newValid() + noPaths.Spec.Rules[0].IngressRuleValue.HTTP.Paths = []networking.HTTPIngressPath{} + badHost := newValid() + badHost.Spec.Rules[0].Host = "foobar:80" + badRegexPath := newValid() + badPathExpr := "/invalid[" + badRegexPath.Spec.Rules[0].IngressRuleValue.HTTP.Paths = []networking.HTTPIngressPath{ + { + Path: badPathExpr, + Backend: defaultBackend, + }, + } + badPathErr := fmt.Sprintf("spec.rules[0].http.paths[0].path: Invalid value: '%v'", badPathExpr) + hostIP := "127.0.0.1" + badHostIP := newValid() + badHostIP.Spec.Rules[0].Host = hostIP + badHostIPErr := fmt.Sprintf("spec.rules[0].host: Invalid value: '%v'", hostIP) + + errorCases := map[string]networking.Ingress{ + "spec.backend.serviceName: Required value": servicelessBackend, + "spec.backend.serviceName: Invalid value": invalidNameBackend, + "spec.backend.servicePort: Invalid value": noPortBackend, + "spec.rules[0].host: Invalid value": badHost, + "spec.rules[0].http.paths: Required value": noPaths, + "spec.rules[0].http.paths[0].path: Invalid value": noForwardSlashPath, + } + errorCases[badPathErr] = badRegexPath + errorCases[badHostIPErr] = badHostIP + + wildcardHost := "foo.*.bar.com" + badWildcard := newValid() + badWildcard.Spec.Rules[0].Host = wildcardHost + badWildcardErr := fmt.Sprintf("spec.rules[0].host: Invalid value: '%v'", wildcardHost) + errorCases[badWildcardErr] = badWildcard + + for k, v := range errorCases { + errs := ValidateIngress(&v) + if len(errs) == 0 { + t.Errorf("expected failure for %q", k) + } else { + s := strings.Split(k, ":") + err := errs[0] + if err.Field != s[0] || !strings.Contains(err.Error(), s[1]) { + t.Errorf("unexpected error: %q, expected: %q", err, k) + } + } + } +} + +func TestValidateIngressTLS(t *testing.T) { + defaultBackend := networking.IngressBackend{ + ServiceName: "default-backend", + ServicePort: intstr.FromInt(80), + } + + newValid := func() networking.Ingress { + return networking.Ingress{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: metav1.NamespaceDefault, + }, + Spec: networking.IngressSpec{ + Backend: &networking.IngressBackend{ + ServiceName: "default-backend", + ServicePort: intstr.FromInt(80), + }, + Rules: []networking.IngressRule{ + { + Host: "foo.bar.com", + IngressRuleValue: networking.IngressRuleValue{ + HTTP: &networking.HTTPIngressRuleValue{ + Paths: []networking.HTTPIngressPath{ + { + Path: "/foo", + Backend: defaultBackend, + }, + }, + }, + }, + }, + }, + }, + Status: networking.IngressStatus{ + LoadBalancer: api.LoadBalancerStatus{ + Ingress: []api.LoadBalancerIngress{ + {IP: "127.0.0.1"}, + }, + }, + }, + } + } + + errorCases := map[string]networking.Ingress{} + + wildcardHost := "foo.*.bar.com" + badWildcardTLS := newValid() + badWildcardTLS.Spec.Rules[0].Host = "*.foo.bar.com" + badWildcardTLS.Spec.TLS = []networking.IngressTLS{ + { + Hosts: []string{wildcardHost}, + }, + } + badWildcardTLSErr := fmt.Sprintf("spec.tls[0].hosts: Invalid value: '%v'", wildcardHost) + errorCases[badWildcardTLSErr] = badWildcardTLS + + for k, v := range errorCases { + errs := ValidateIngress(&v) + if len(errs) == 0 { + t.Errorf("expected failure for %q", k) + } else { + s := strings.Split(k, ":") + err := errs[0] + if err.Field != s[0] || !strings.Contains(err.Error(), s[1]) { + t.Errorf("unexpected error: %q, expected: %q", err, k) + } + } + } +} + +func TestValidateIngressStatusUpdate(t *testing.T) { + defaultBackend := networking.IngressBackend{ + ServiceName: "default-backend", + ServicePort: intstr.FromInt(80), + } + + newValid := func() networking.Ingress { + return networking.Ingress{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: metav1.NamespaceDefault, + ResourceVersion: "9", + }, + Spec: networking.IngressSpec{ + Backend: &networking.IngressBackend{ + ServiceName: "default-backend", + ServicePort: intstr.FromInt(80), + }, + Rules: []networking.IngressRule{ + { + Host: "foo.bar.com", + IngressRuleValue: networking.IngressRuleValue{ + HTTP: &networking.HTTPIngressRuleValue{ + Paths: []networking.HTTPIngressPath{ + { + Path: "/foo", + Backend: defaultBackend, + }, + }, + }, + }, + }, + }, + }, + Status: networking.IngressStatus{ + LoadBalancer: api.LoadBalancerStatus{ + Ingress: []api.LoadBalancerIngress{ + {IP: "127.0.0.1", Hostname: "foo.bar.com"}, + }, + }, + }, + } + } + oldValue := newValid() + newValue := newValid() + newValue.Status = networking.IngressStatus{ + LoadBalancer: api.LoadBalancerStatus{ + Ingress: []api.LoadBalancerIngress{ + {IP: "127.0.0.2", Hostname: "foo.com"}, + }, + }, + } + invalidIP := newValid() + invalidIP.Status = networking.IngressStatus{ + LoadBalancer: api.LoadBalancerStatus{ + Ingress: []api.LoadBalancerIngress{ + {IP: "abcd", Hostname: "foo.com"}, + }, + }, + } + invalidHostname := newValid() + invalidHostname.Status = networking.IngressStatus{ + LoadBalancer: api.LoadBalancerStatus{ + Ingress: []api.LoadBalancerIngress{ + {IP: "127.0.0.1", Hostname: "127.0.0.1"}, + }, + }, + } + + errs := ValidateIngressStatusUpdate(&newValue, &oldValue) + if len(errs) != 0 { + t.Errorf("Unexpected error %v", errs) + } + + errorCases := map[string]networking.Ingress{ + "status.loadBalancer.ingress[0].ip: Invalid value": invalidIP, + "status.loadBalancer.ingress[0].hostname: Invalid value": invalidHostname, + } + for k, v := range errorCases { + errs := ValidateIngressStatusUpdate(&v, &oldValue) + if len(errs) == 0 { + t.Errorf("expected failure for %s", k) + } else { + s := strings.Split(k, ":") + err := errs[0] + if err.Field != s[0] || !strings.Contains(err.Error(), s[1]) { + t.Errorf("unexpected error: %q, expected: %q", err, k) + } + } + } +} diff --git a/pkg/apis/networking/zz_generated.deepcopy.go b/pkg/apis/networking/zz_generated.deepcopy.go index 5a0959e9cb1..9f36287c270 100644 --- a/pkg/apis/networking/zz_generated.deepcopy.go +++ b/pkg/apis/networking/zz_generated.deepcopy.go @@ -27,6 +27,44 @@ import ( core "k8s.io/kubernetes/pkg/apis/core" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressPath) DeepCopyInto(out *HTTPIngressPath) { + *out = *in + out.Backend = in.Backend + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressPath. +func (in *HTTPIngressPath) DeepCopy() *HTTPIngressPath { + if in == nil { + return nil + } + out := new(HTTPIngressPath) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressRuleValue) DeepCopyInto(out *HTTPIngressRuleValue) { + *out = *in + if in.Paths != nil { + in, out := &in.Paths, &out.Paths + *out = make([]HTTPIngressPath, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressRuleValue. +func (in *HTTPIngressRuleValue) DeepCopy() *HTTPIngressRuleValue { + if in == nil { + return nil + } + out := new(HTTPIngressRuleValue) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPBlock) DeepCopyInto(out *IPBlock) { *out = *in @@ -48,6 +86,195 @@ func (in *IPBlock) DeepCopy() *IPBlock { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Ingress) DeepCopyInto(out *Ingress) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. +func (in *Ingress) DeepCopy() *Ingress { + if in == nil { + return nil + } + out := new(Ingress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Ingress) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressBackend) DeepCopyInto(out *IngressBackend) { + *out = *in + out.ServicePort = in.ServicePort + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressBackend. +func (in *IngressBackend) DeepCopy() *IngressBackend { + if in == nil { + return nil + } + out := new(IngressBackend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressList) DeepCopyInto(out *IngressList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Ingress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList. +func (in *IngressList) DeepCopy() *IngressList { + if in == nil { + return nil + } + out := new(IngressList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *IngressList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRule) DeepCopyInto(out *IngressRule) { + *out = *in + in.IngressRuleValue.DeepCopyInto(&out.IngressRuleValue) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRule. +func (in *IngressRule) DeepCopy() *IngressRule { + if in == nil { + return nil + } + out := new(IngressRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRuleValue) DeepCopyInto(out *IngressRuleValue) { + *out = *in + if in.HTTP != nil { + in, out := &in.HTTP, &out.HTTP + *out = new(HTTPIngressRuleValue) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleValue. +func (in *IngressRuleValue) DeepCopy() *IngressRuleValue { + if in == nil { + return nil + } + out := new(IngressRuleValue) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressSpec) DeepCopyInto(out *IngressSpec) { + *out = *in + if in.Backend != nil { + in, out := &in.Backend, &out.Backend + *out = new(IngressBackend) + **out = **in + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = make([]IngressTLS, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]IngressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec. +func (in *IngressSpec) DeepCopy() *IngressSpec { + if in == nil { + return nil + } + out := new(IngressSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressStatus) DeepCopyInto(out *IngressStatus) { + *out = *in + in.LoadBalancer.DeepCopyInto(&out.LoadBalancer) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus. +func (in *IngressStatus) DeepCopy() *IngressStatus { + if in == nil { + return nil + } + out := new(IngressStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressTLS) DeepCopyInto(out *IngressTLS) { + *out = *in + if in.Hosts != nil { + in, out := &in.Hosts, &out.Hosts + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressTLS. +func (in *IngressTLS) DeepCopy() *IngressTLS { + if in == nil { + return nil + } + out := new(IngressTLS) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) { *out = *in diff --git a/pkg/apis/policy/OWNERS b/pkg/apis/policy/OWNERS old mode 100755 new mode 100644 index 5780104890d..31a0a7358d6 --- a/pkg/apis/policy/OWNERS +++ b/pkg/apis/policy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-apps-api-approvers diff --git a/pkg/apis/policy/validation/validation_test.go b/pkg/apis/policy/validation/validation_test.go index aecd163afd5..b36f03d01a2 100644 --- a/pkg/apis/policy/validation/validation_test.go +++ b/pkg/apis/policy/validation/validation_test.go @@ -802,7 +802,7 @@ func TestIsValidSysctlPattern(t *testing.T) { } } -func Test_validatePSPRunAsUser(t *testing.T) { +func TestValidatePSPRunAsUser(t *testing.T) { var testCases = []struct { name string runAsUserStrategy policy.RunAsUserStrategyOptions @@ -829,3 +829,80 @@ func Test_validatePSPRunAsUser(t *testing.T) { }) } } +func TestValidatePSPFSGroup(t *testing.T) { + var testCases = []struct { + name string + fsGroupStrategy policy.FSGroupStrategyOptions + fail bool + }{ + {"Invalid FSGroupStrategy", policy.FSGroupStrategyOptions{Rule: policy.FSGroupStrategyType("someInvalidStrategy")}, true}, + {"FSGroupStrategyMustRunAs", policy.FSGroupStrategyOptions{Rule: policy.FSGroupStrategyMustRunAs}, false}, + {"FSGroupStrategyMayRunAs", policy.FSGroupStrategyOptions{Rule: policy.FSGroupStrategyMayRunAs, Ranges: []policy.IDRange{{Min: 1, Max: 5}}}, false}, + {"FSGroupStrategyRunAsAny", policy.FSGroupStrategyOptions{Rule: policy.FSGroupStrategyRunAsAny}, false}, + } + for _, testCase := range testCases { + t.Run(testCase.name, func(t *testing.T) { + errList := validatePSPFSGroup(field.NewPath("Status"), &testCase.fsGroupStrategy) + actualErrors := len(errList) + expectedErrors := 1 + if !testCase.fail { + expectedErrors = 0 + } + if actualErrors != expectedErrors { + t.Errorf("In testCase %v, expected %v errors, got %v errors", testCase.name, expectedErrors, actualErrors) + } + }) + } + +} + +func TestValidatePSPSupplementalGroup(t *testing.T) { + var testCases = []struct { + name string + supplementalGroupStrategy policy.SupplementalGroupsStrategyOptions + fail bool + }{ + {"Invalid SupplementalGroupStrategy", policy.SupplementalGroupsStrategyOptions{Rule: policy.SupplementalGroupsStrategyType("someInvalidStrategy")}, true}, + {"SupplementalGroupsStrategyMustRunAs", policy.SupplementalGroupsStrategyOptions{Rule: policy.SupplementalGroupsStrategyMustRunAs}, false}, + {"SupplementalGroupsStrategyMayRunAs", policy.SupplementalGroupsStrategyOptions{Rule: policy.SupplementalGroupsStrategyMayRunAs, Ranges: []policy.IDRange{{Min: 1, Max: 5}}}, false}, + {"SupplementalGroupsStrategyRunAsAny", policy.SupplementalGroupsStrategyOptions{Rule: policy.SupplementalGroupsStrategyRunAsAny}, false}, + } + for _, testCase := range testCases { + t.Run(testCase.name, func(t *testing.T) { + errList := validatePSPSupplementalGroup(field.NewPath("Status"), &testCase.supplementalGroupStrategy) + actualErrors := len(errList) + expectedErrors := 1 + if !testCase.fail { + expectedErrors = 0 + } + if actualErrors != expectedErrors { + t.Errorf("In testCase %v, expected %v errors, got %v errors", testCase.name, expectedErrors, actualErrors) + } + }) + } +} + +func TestValidatePSPRunAsGroup(t *testing.T) { + var testCases = []struct { + name string + runAsGroup policy.RunAsGroupStrategyOptions + fail bool + }{ + {"RunAsGroupStrategyMayRunAs", policy.RunAsGroupStrategyOptions{Rule: policy.RunAsGroupStrategyMayRunAs, Ranges: []policy.IDRange{{Min: 1, Max: 5}}}, false}, + {"RunAsGroupStrategyMustRunAs", policy.RunAsGroupStrategyOptions{Rule: policy.RunAsGroupStrategyMustRunAs, Ranges: []policy.IDRange{{Min: 1, Max: 5}}}, false}, + {"RunAsGroupStrategyRunAsAny", policy.RunAsGroupStrategyOptions{Rule: policy.RunAsGroupStrategyRunAsAny}, false}, + } + for _, testCase := range testCases { + t.Run(testCase.name, func(t *testing.T) { + errList := validatePSPRunAsGroup(field.NewPath("Status"), &testCase.runAsGroup) + actualErrors := len(errList) + expectedErrors := 1 + if !testCase.fail { + expectedErrors = 0 + } + if actualErrors != expectedErrors { + t.Errorf("In testCase %v, expected %v errors, got %v errors", testCase.name, expectedErrors, actualErrors) + } + }) + } +} diff --git a/pkg/apis/rbac/OWNERS b/pkg/apis/rbac/OWNERS old mode 100755 new mode 100644 index ff4a7f4bf9a..dbc9a28c6f2 --- a/pkg/apis/rbac/OWNERS +++ b/pkg/apis/rbac/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-authorizers-approvers diff --git a/pkg/apis/storage/OWNERS b/pkg/apis/storage/OWNERS old mode 100755 new mode 100644 index d59ed6e1d8a..7562f04b86a --- a/pkg/apis/storage/OWNERS +++ b/pkg/apis/storage/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - mbohlool diff --git a/pkg/auth/OWNERS b/pkg/auth/OWNERS index a6d8763e5a7..3574e453dda 100644 --- a/pkg/auth/OWNERS +++ b/pkg/auth/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - erictune - liggitt diff --git a/pkg/client/OWNERS b/pkg/client/OWNERS index 996779d7475..0ecc092a750 100644 --- a/pkg/client/OWNERS +++ b/pkg/client/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - caesarxuchao - deads2k diff --git a/pkg/client/clientset_generated/.import-restrictions b/pkg/client/clientset_generated/.import-restrictions index 89c2cc64e2d..d3a3fedea37 100644 --- a/pkg/client/clientset_generated/.import-restrictions +++ b/pkg/client/clientset_generated/.import-restrictions @@ -3,7 +3,6 @@ { "SelectorRegexp": "k8s[.]io/kubernetes/pkg/client/unversioned", "AllowedPrefixes": [ - "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api" ] } ] diff --git a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/BUILD b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/BUILD index 6fb0ee1557e..b8183a36d95 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/BUILD +++ b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/BUILD @@ -11,15 +11,10 @@ go_library( "doc.go", "extensions_client.go", "generated_expansion.go", - "ingress.go", ], importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion", deps = [ - "//pkg/apis/extensions:go_default_library", "//pkg/client/clientset_generated/internalclientset/scheme:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", ], ) diff --git a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go index b7a7df1b96c..44e27ced7ae 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go +++ b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go @@ -25,7 +25,6 @@ import ( type ExtensionsInterface interface { RESTClient() rest.Interface - IngressesGetter } // ExtensionsClient is used to interact with features provided by the extensions group. @@ -33,10 +32,6 @@ type ExtensionsClient struct { restClient rest.Interface } -func (c *ExtensionsClient) Ingresses(namespace string) IngressInterface { - return newIngresses(c, namespace) -} - // NewForConfig creates a new ExtensionsClient for the given config. func NewForConfig(c *rest.Config) (*ExtensionsClient, error) { config := *c diff --git a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/BUILD b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/BUILD index a7551ee5ed4..8cbc1291eae 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/BUILD +++ b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/BUILD @@ -10,17 +10,9 @@ go_library( srcs = [ "doc.go", "fake_extensions_client.go", - "fake_ingress.go", ], importpath = "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake", deps = [ - "//pkg/apis/extensions:go_default_library", - "//pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/testing:go_default_library", ], diff --git a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/fake_extensions_client.go b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/fake_extensions_client.go index 016e1bec064..925f4dd8d90 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/fake_extensions_client.go +++ b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/fake_extensions_client.go @@ -21,17 +21,12 @@ package fake import ( rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" - internalversion "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion" ) type FakeExtensions struct { *testing.Fake } -func (c *FakeExtensions) Ingresses(namespace string) internalversion.IngressInterface { - return &FakeIngresses{c, namespace} -} - // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeExtensions) RESTClient() rest.Interface { diff --git a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go index 3c1593ccf5e..1b59c8431ce 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go +++ b/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go @@ -17,5 +17,3 @@ limitations under the License. // Code generated by client-gen. DO NOT EDIT. package internalversion - -type IngressExpansion interface{} diff --git a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/BUILD b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/BUILD index aa720eb4415..3c861d7b8cc 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/BUILD +++ b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/BUILD @@ -10,6 +10,7 @@ go_library( srcs = [ "doc.go", "generated_expansion.go", + "ingress.go", "networking_client.go", "networkpolicy.go", ], diff --git a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/BUILD b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/BUILD index 1605dc768dd..634e59569b0 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/BUILD +++ b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/BUILD @@ -9,6 +9,7 @@ go_library( name = "go_default_library", srcs = [ "doc.go", + "fake_ingress.go", "fake_networking_client.go", "fake_networkpolicy.go", ], diff --git a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/fake_ingress.go b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/fake_ingress.go similarity index 71% rename from pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/fake_ingress.go rename to pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/fake_ingress.go index ddf67e29602..424b762357e 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/fake/fake_ingress.go +++ b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/fake_ingress.go @@ -25,34 +25,34 @@ import ( types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" testing "k8s.io/client-go/testing" - extensions "k8s.io/kubernetes/pkg/apis/extensions" + networking "k8s.io/kubernetes/pkg/apis/networking" ) // FakeIngresses implements IngressInterface type FakeIngresses struct { - Fake *FakeExtensions + Fake *FakeNetworking ns string } -var ingressesResource = schema.GroupVersionResource{Group: "extensions", Version: "", Resource: "ingresses"} +var ingressesResource = schema.GroupVersionResource{Group: "networking.k8s.io", Version: "", Resource: "ingresses"} -var ingressesKind = schema.GroupVersionKind{Group: "extensions", Version: "", Kind: "Ingress"} +var ingressesKind = schema.GroupVersionKind{Group: "networking.k8s.io", Version: "", Kind: "Ingress"} // Get takes name of the ingress, and returns the corresponding ingress object, and an error if there is any. -func (c *FakeIngresses) Get(name string, options v1.GetOptions) (result *extensions.Ingress, err error) { +func (c *FakeIngresses) Get(name string, options v1.GetOptions) (result *networking.Ingress, err error) { obj, err := c.Fake. - Invokes(testing.NewGetAction(ingressesResource, c.ns, name), &extensions.Ingress{}) + Invokes(testing.NewGetAction(ingressesResource, c.ns, name), &networking.Ingress{}) if obj == nil { return nil, err } - return obj.(*extensions.Ingress), err + return obj.(*networking.Ingress), err } // List takes label and field selectors, and returns the list of Ingresses that match those selectors. -func (c *FakeIngresses) List(opts v1.ListOptions) (result *extensions.IngressList, err error) { +func (c *FakeIngresses) List(opts v1.ListOptions) (result *networking.IngressList, err error) { obj, err := c.Fake. - Invokes(testing.NewListAction(ingressesResource, ingressesKind, c.ns, opts), &extensions.IngressList{}) + Invokes(testing.NewListAction(ingressesResource, ingressesKind, c.ns, opts), &networking.IngressList{}) if obj == nil { return nil, err @@ -62,8 +62,8 @@ func (c *FakeIngresses) List(opts v1.ListOptions) (result *extensions.IngressLis if label == nil { label = labels.Everything() } - list := &extensions.IngressList{ListMeta: obj.(*extensions.IngressList).ListMeta} - for _, item := range obj.(*extensions.IngressList).Items { + list := &networking.IngressList{ListMeta: obj.(*networking.IngressList).ListMeta} + for _, item := range obj.(*networking.IngressList).Items { if label.Matches(labels.Set(item.Labels)) { list.Items = append(list.Items, item) } @@ -79,43 +79,43 @@ func (c *FakeIngresses) Watch(opts v1.ListOptions) (watch.Interface, error) { } // Create takes the representation of a ingress and creates it. Returns the server's representation of the ingress, and an error, if there is any. -func (c *FakeIngresses) Create(ingress *extensions.Ingress) (result *extensions.Ingress, err error) { +func (c *FakeIngresses) Create(ingress *networking.Ingress) (result *networking.Ingress, err error) { obj, err := c.Fake. - Invokes(testing.NewCreateAction(ingressesResource, c.ns, ingress), &extensions.Ingress{}) + Invokes(testing.NewCreateAction(ingressesResource, c.ns, ingress), &networking.Ingress{}) if obj == nil { return nil, err } - return obj.(*extensions.Ingress), err + return obj.(*networking.Ingress), err } // Update takes the representation of a ingress and updates it. Returns the server's representation of the ingress, and an error, if there is any. -func (c *FakeIngresses) Update(ingress *extensions.Ingress) (result *extensions.Ingress, err error) { +func (c *FakeIngresses) Update(ingress *networking.Ingress) (result *networking.Ingress, err error) { obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ingressesResource, c.ns, ingress), &extensions.Ingress{}) + Invokes(testing.NewUpdateAction(ingressesResource, c.ns, ingress), &networking.Ingress{}) if obj == nil { return nil, err } - return obj.(*extensions.Ingress), err + return obj.(*networking.Ingress), err } // UpdateStatus was generated because the type contains a Status member. // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeIngresses) UpdateStatus(ingress *extensions.Ingress) (*extensions.Ingress, error) { +func (c *FakeIngresses) UpdateStatus(ingress *networking.Ingress) (*networking.Ingress, error) { obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ingressesResource, "status", c.ns, ingress), &extensions.Ingress{}) + Invokes(testing.NewUpdateSubresourceAction(ingressesResource, "status", c.ns, ingress), &networking.Ingress{}) if obj == nil { return nil, err } - return obj.(*extensions.Ingress), err + return obj.(*networking.Ingress), err } // Delete takes name of the ingress and deletes it. Returns an error if one occurs. func (c *FakeIngresses) Delete(name string, options *v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(ingressesResource, c.ns, name), &extensions.Ingress{}) + Invokes(testing.NewDeleteAction(ingressesResource, c.ns, name), &networking.Ingress{}) return err } @@ -124,17 +124,17 @@ func (c *FakeIngresses) Delete(name string, options *v1.DeleteOptions) error { func (c *FakeIngresses) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { action := testing.NewDeleteCollectionAction(ingressesResource, c.ns, listOptions) - _, err := c.Fake.Invokes(action, &extensions.IngressList{}) + _, err := c.Fake.Invokes(action, &networking.IngressList{}) return err } // Patch applies the patch and returns the patched ingress. -func (c *FakeIngresses) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *extensions.Ingress, err error) { +func (c *FakeIngresses) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *networking.Ingress, err error) { obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ingressesResource, c.ns, name, pt, data, subresources...), &extensions.Ingress{}) + Invokes(testing.NewPatchSubresourceAction(ingressesResource, c.ns, name, pt, data, subresources...), &networking.Ingress{}) if obj == nil { return nil, err } - return obj.(*extensions.Ingress), err + return obj.(*networking.Ingress), err } diff --git a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/fake_networking_client.go b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/fake_networking_client.go index 7f083460ed9..c30fb6defb4 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/fake_networking_client.go +++ b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/fake/fake_networking_client.go @@ -28,6 +28,10 @@ type FakeNetworking struct { *testing.Fake } +func (c *FakeNetworking) Ingresses(namespace string) internalversion.IngressInterface { + return &FakeIngresses{c, namespace} +} + func (c *FakeNetworking) NetworkPolicies(namespace string) internalversion.NetworkPolicyInterface { return &FakeNetworkPolicies{c, namespace} } diff --git a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go index 8406486f4d0..d7e2a55283a 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go +++ b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go @@ -18,4 +18,6 @@ limitations under the License. package internalversion +type IngressExpansion interface{} + type NetworkPolicyExpansion interface{} diff --git a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/ingress.go b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/ingress.go similarity index 80% rename from pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/ingress.go rename to pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/ingress.go index 2b8f27e39aa..89fbe0538b9 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/ingress.go +++ b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/ingress.go @@ -25,7 +25,7 @@ import ( types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" rest "k8s.io/client-go/rest" - extensions "k8s.io/kubernetes/pkg/apis/extensions" + networking "k8s.io/kubernetes/pkg/apis/networking" scheme "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme" ) @@ -37,15 +37,15 @@ type IngressesGetter interface { // IngressInterface has methods to work with Ingress resources. type IngressInterface interface { - Create(*extensions.Ingress) (*extensions.Ingress, error) - Update(*extensions.Ingress) (*extensions.Ingress, error) - UpdateStatus(*extensions.Ingress) (*extensions.Ingress, error) + Create(*networking.Ingress) (*networking.Ingress, error) + Update(*networking.Ingress) (*networking.Ingress, error) + UpdateStatus(*networking.Ingress) (*networking.Ingress, error) Delete(name string, options *v1.DeleteOptions) error DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error - Get(name string, options v1.GetOptions) (*extensions.Ingress, error) - List(opts v1.ListOptions) (*extensions.IngressList, error) + Get(name string, options v1.GetOptions) (*networking.Ingress, error) + List(opts v1.ListOptions) (*networking.IngressList, error) Watch(opts v1.ListOptions) (watch.Interface, error) - Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *extensions.Ingress, err error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *networking.Ingress, err error) IngressExpansion } @@ -56,7 +56,7 @@ type ingresses struct { } // newIngresses returns a Ingresses -func newIngresses(c *ExtensionsClient, namespace string) *ingresses { +func newIngresses(c *NetworkingClient, namespace string) *ingresses { return &ingresses{ client: c.RESTClient(), ns: namespace, @@ -64,8 +64,8 @@ func newIngresses(c *ExtensionsClient, namespace string) *ingresses { } // Get takes name of the ingress, and returns the corresponding ingress object, and an error if there is any. -func (c *ingresses) Get(name string, options v1.GetOptions) (result *extensions.Ingress, err error) { - result = &extensions.Ingress{} +func (c *ingresses) Get(name string, options v1.GetOptions) (result *networking.Ingress, err error) { + result = &networking.Ingress{} err = c.client.Get(). Namespace(c.ns). Resource("ingresses"). @@ -77,12 +77,12 @@ func (c *ingresses) Get(name string, options v1.GetOptions) (result *extensions. } // List takes label and field selectors, and returns the list of Ingresses that match those selectors. -func (c *ingresses) List(opts v1.ListOptions) (result *extensions.IngressList, err error) { +func (c *ingresses) List(opts v1.ListOptions) (result *networking.IngressList, err error) { var timeout time.Duration if opts.TimeoutSeconds != nil { timeout = time.Duration(*opts.TimeoutSeconds) * time.Second } - result = &extensions.IngressList{} + result = &networking.IngressList{} err = c.client.Get(). Namespace(c.ns). Resource("ingresses"). @@ -109,8 +109,8 @@ func (c *ingresses) Watch(opts v1.ListOptions) (watch.Interface, error) { } // Create takes the representation of a ingress and creates it. Returns the server's representation of the ingress, and an error, if there is any. -func (c *ingresses) Create(ingress *extensions.Ingress) (result *extensions.Ingress, err error) { - result = &extensions.Ingress{} +func (c *ingresses) Create(ingress *networking.Ingress) (result *networking.Ingress, err error) { + result = &networking.Ingress{} err = c.client.Post(). Namespace(c.ns). Resource("ingresses"). @@ -121,8 +121,8 @@ func (c *ingresses) Create(ingress *extensions.Ingress) (result *extensions.Ingr } // Update takes the representation of a ingress and updates it. Returns the server's representation of the ingress, and an error, if there is any. -func (c *ingresses) Update(ingress *extensions.Ingress) (result *extensions.Ingress, err error) { - result = &extensions.Ingress{} +func (c *ingresses) Update(ingress *networking.Ingress) (result *networking.Ingress, err error) { + result = &networking.Ingress{} err = c.client.Put(). Namespace(c.ns). Resource("ingresses"). @@ -136,8 +136,8 @@ func (c *ingresses) Update(ingress *extensions.Ingress) (result *extensions.Ingr // UpdateStatus was generated because the type contains a Status member. // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *ingresses) UpdateStatus(ingress *extensions.Ingress) (result *extensions.Ingress, err error) { - result = &extensions.Ingress{} +func (c *ingresses) UpdateStatus(ingress *networking.Ingress) (result *networking.Ingress, err error) { + result = &networking.Ingress{} err = c.client.Put(). Namespace(c.ns). Resource("ingresses"). @@ -177,8 +177,8 @@ func (c *ingresses) DeleteCollection(options *v1.DeleteOptions, listOptions v1.L } // Patch applies the patch and returns the patched ingress. -func (c *ingresses) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *extensions.Ingress, err error) { - result = &extensions.Ingress{} +func (c *ingresses) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *networking.Ingress, err error) { + result = &networking.Ingress{} err = c.client.Patch(pt). Namespace(c.ns). Resource("ingresses"). diff --git a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go index 1d2f9ab0eaf..0a875a16e1b 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go +++ b/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go @@ -25,6 +25,7 @@ import ( type NetworkingInterface interface { RESTClient() rest.Interface + IngressesGetter NetworkPoliciesGetter } @@ -33,6 +34,10 @@ type NetworkingClient struct { restClient rest.Interface } +func (c *NetworkingClient) Ingresses(namespace string) IngressInterface { + return newIngresses(c, namespace) +} + func (c *NetworkingClient) NetworkPolicies(namespace string) NetworkPolicyInterface { return newNetworkPolicies(c, namespace) } diff --git a/pkg/client/metrics/OWNERS b/pkg/client/metrics/OWNERS old mode 100755 new mode 100644 index ff517980719..f150be53699 --- a/pkg/client/metrics/OWNERS +++ b/pkg/client/metrics/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - wojtek-t - eparis diff --git a/pkg/client/testdata/OWNERS b/pkg/client/testdata/OWNERS old mode 100755 new mode 100644 index 602b682a5f7..9e6561bea6d --- a/pkg/client/testdata/OWNERS +++ b/pkg/client/testdata/OWNERS @@ -1 +1,3 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: [] diff --git a/pkg/cloudprovider/OWNERS b/pkg/cloudprovider/OWNERS index 1603c1de30c..7634a1d6a38 100644 --- a/pkg/cloudprovider/OWNERS +++ b/pkg/cloudprovider/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - mikedanese - dims diff --git a/pkg/cloudprovider/README.md b/pkg/cloudprovider/README.md index c6d4badeb2a..89879dc2e28 100644 --- a/pkg/cloudprovider/README.md +++ b/pkg/cloudprovider/README.md @@ -1,6 +1,6 @@ ### Deprecation Notice -Cloud providers in this directory are **deprecated** and will be **removed** in favor of external (a.k.a out-of-tree) providers. Existing providers in this directory (a.k.a in-tree providers) should only make small incremental changes as needed and avoid large refactors or new features. New providers seeking to support Kubernetes should follow the out-of-tree model as specified in the [Running Kubernetes Cloud Controller Manager docs](https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/). For more information on the future of Kubernetes cloud providers see [KEP-0002](https://github.com/kubernetes/community/blob/master/keps/sig-cloud-provider/0002-cloud-controller-manager.md) and [KEP-0013](https://github.com/kubernetes/community/blob/master/keps/sig-cloud-provider/0013-build-deploy-ccm.md). +Cloud providers in this directory are **deprecated** and will be **removed** in favor of external (a.k.a out-of-tree) providers. Existing providers in this directory (a.k.a in-tree providers) should only make small incremental changes as needed and avoid large refactors or new features. New providers seeking to support Kubernetes should follow the out-of-tree model as specified in the [Running Kubernetes Cloud Controller Manager docs](https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/). For more information on the future of Kubernetes cloud providers see [KEP-0002](https://git.k8s.io/enhancements/keps/sig-cloud-provider/20180530-cloud-controller-manager.md) and [KEP-0013](https://git.k8s.io/enhancements/keps/sig-cloud-provider/20190125-removing-in-tree-providers.md). Cloud Providers in this directory will continue to be actively developed or maintained and supported at their current level of support as a longer-term solution evolves. See the following enhancement issues to track the status of out-of-tree support for cloud providers in this repo: diff --git a/pkg/cloudprovider/providers/.import-restrictions b/pkg/cloudprovider/providers/.import-restrictions index 95f5febc1ce..2d0306a628f 100644 --- a/pkg/cloudprovider/providers/.import-restrictions +++ b/pkg/cloudprovider/providers/.import-restrictions @@ -14,17 +14,10 @@ { "SelectorRegexp": "k8s[.]io/kubernetes", "AllowedPrefixes": [ - "k8s.io/kubernetes/pkg/api/legacyscheme", - "k8s.io/kubernetes/pkg/apis/core", - "k8s.io/kubernetes/pkg/cloudprovider", + "k8s.io/kubernetes/pkg/cloudprovider/providers", "k8s.io/kubernetes/pkg/credentialprovider", - "k8s.io/kubernetes/pkg/features", - "k8s.io/kubernetes/pkg/kubelet/apis", - "k8s.io/kubernetes/pkg/master/ports", "k8s.io/kubernetes/pkg/util/mount", - "k8s.io/kubernetes/pkg/util/resizefs", - "k8s.io/kubernetes/pkg/version", - "k8s.io/kubernetes/pkg/volume" + "k8s.io/kubernetes/pkg/version" ], "ForbiddenPrefixes": [] } diff --git a/pkg/cloudprovider/providers/aws/BUILD b/pkg/cloudprovider/providers/aws/BUILD index 760881fa041..07371824f9f 100644 --- a/pkg/cloudprovider/providers/aws/BUILD +++ b/pkg/cloudprovider/providers/aws/BUILD @@ -28,9 +28,6 @@ go_library( importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/aws", deps = [ "//pkg/credentialprovider/aws:go_default_library", - "//pkg/kubelet/apis:go_default_library", - "//pkg/volume:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -45,6 +42,9 @@ go_library( "//staging/src/k8s.io/cloud-provider:go_default_library", "//staging/src/k8s.io/cloud-provider/node/helpers:go_default_library", "//staging/src/k8s.io/cloud-provider/service/helpers:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/errors:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", @@ -79,12 +79,11 @@ go_test( ], embed = [":go_default_library"], deps = [ - "//pkg/kubelet/apis:go_default_library", - "//pkg/volume:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library", "//vendor/github.com/aws/aws-sdk-go/service/ec2:go_default_library", "//vendor/github.com/aws/aws-sdk-go/service/elb:go_default_library", diff --git a/pkg/cloudprovider/providers/aws/OWNERS b/pkg/cloudprovider/providers/aws/OWNERS index e933f393348..a43d63b93ce 100644 --- a/pkg/cloudprovider/providers/aws/OWNERS +++ b/pkg/cloudprovider/providers/aws/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - justinsb - zmerlynn diff --git a/pkg/cloudprovider/providers/aws/aws.go b/pkg/cloudprovider/providers/aws/aws.go index 2fc33070421..da7787285a5 100644 --- a/pkg/cloudprovider/providers/aws/aws.go +++ b/pkg/cloudprovider/providers/aws/aws.go @@ -60,9 +60,9 @@ import ( cloudprovider "k8s.io/cloud-provider" nodehelpers "k8s.io/cloud-provider/node/helpers" servicehelpers "k8s.io/cloud-provider/service/helpers" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - "k8s.io/kubernetes/pkg/volume" - volumeutil "k8s.io/kubernetes/pkg/volume/util" + cloudvolume "k8s.io/cloud-provider/volume" + volerr "k8s.io/cloud-provider/volume/errors" + volumehelpers "k8s.io/cloud-provider/volume/helpers" ) // NLBHealthCheckRuleDescription is the comment used on a security group rule to @@ -2036,7 +2036,7 @@ func (d *awsDisk) deleteVolume() (bool, error) { } if awsError, ok := err.(awserr.Error); ok { if awsError.Code() == "VolumeInUse" { - return false, volume.NewDeletedVolumeInUseError(err.Error()) + return false, volerr.NewDeletedVolumeInUseError(err.Error()) } } return false, fmt.Errorf("error deleting EBS volume %q: %q", d.awsID, err) @@ -2425,7 +2425,7 @@ func (c *Cloud) checkIfAvailable(disk *awsDisk, opName string, instance string) devicePath := aws.StringValue(attachment.Device) nodeName := mapInstanceToNodeName(attachedInstance) - danglingErr := volumeutil.NewDanglingError(attachErr, nodeName, devicePath) + danglingErr := volerr.NewDanglingError(attachErr, nodeName, devicePath) return false, danglingErr } @@ -2444,7 +2444,7 @@ func (c *Cloud) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) } // Ignore any volumes that are being provisioned - if pv.Spec.AWSElasticBlockStore.VolumeID == volume.ProvisionedVolumeName { + if pv.Spec.AWSElasticBlockStore.VolumeID == cloudvolume.ProvisionedVolumeName { return nil, nil } @@ -2473,12 +2473,12 @@ func (c *Cloud) GetVolumeLabels(volumeName KubernetesVolumeID) (map[string]strin return nil, fmt.Errorf("volume did not have AZ information: %q", aws.StringValue(info.VolumeId)) } - labels[kubeletapis.LabelZoneFailureDomain] = az + labels[v1.LabelZoneFailureDomain] = az region, err := azToRegion(az) if err != nil { return nil, err } - labels[kubeletapis.LabelZoneRegion] = region + labels[v1.LabelZoneRegion] = region return labels, nil } @@ -2604,7 +2604,7 @@ func (c *Cloud) ResizeDisk( return oldSize, descErr } // AWS resizes in chunks of GiB (not GB) - requestGiB := volumeutil.RoundUpToGiB(newSize) + requestGiB := volumehelpers.RoundUpToGiB(newSize) newSizeQuant := resource.MustParse(fmt.Sprintf("%dGi", requestGiB)) // If disk already if of greater or equal size than requested we return diff --git a/pkg/cloudprovider/providers/aws/aws_loadbalancer.go b/pkg/cloudprovider/providers/aws/aws_loadbalancer.go index 7a79e3d8fd4..339160f1e3d 100644 --- a/pkg/cloudprovider/providers/aws/aws_loadbalancer.go +++ b/pkg/cloudprovider/providers/aws/aws_loadbalancer.go @@ -143,10 +143,7 @@ func (c *Cloud) ensureLoadBalancerv2(namespacedName types.NamespacedName, loadBa loadBalancer = createResponse.LoadBalancers[0] // Create Target Groups - addTagsInput := &elbv2.AddTagsInput{ - ResourceArns: []*string{}, - Tags: []*elbv2.Tag{}, - } + resourceArns := make([]*string, 0, len(mappings)) for i := range mappings { // It is easier to keep track of updates by having possibly @@ -155,20 +152,28 @@ func (c *Cloud) ensureLoadBalancerv2(namespacedName types.NamespacedName, loadBa if err != nil { return nil, fmt.Errorf("Error creating listener: %q", err) } - addTagsInput.ResourceArns = append(addTagsInput.ResourceArns, targetGroupArn) + resourceArns = append(resourceArns, targetGroupArn) } // Add tags to targets + targetGroupTags := make([]*elbv2.Tag, 0, len(tags)) + for k, v := range tags { - addTagsInput.Tags = append(addTagsInput.Tags, &elbv2.Tag{ + targetGroupTags = append(targetGroupTags, &elbv2.Tag{ Key: aws.String(k), Value: aws.String(v), }) } - if len(addTagsInput.ResourceArns) > 0 && len(addTagsInput.Tags) > 0 { - _, err = c.elbv2.AddTags(addTagsInput) - if err != nil { - return nil, fmt.Errorf("Error adding tags after creating Load Balancer: %q", err) + if len(resourceArns) > 0 && len(targetGroupTags) > 0 { + // elbv2.AddTags doesn't allow to tag multiple resources at once + for _, arn := range resourceArns { + _, err = c.elbv2.AddTags(&elbv2.AddTagsInput{ + ResourceArns: []*string{arn}, + Tags: targetGroupTags, + }) + if err != nil { + return nil, fmt.Errorf("Error adding tags after creating Load Balancer: %q", err) + } } } } else { @@ -645,7 +650,7 @@ func filterForIPRangeDescription(securityGroups []*ec2.SecurityGroup, lbName str return response } -func (c *Cloud) getVpcCidrBlock() (*string, error) { +func (c *Cloud) getVpcCidrBlocks() ([]string, error) { vpcs, err := c.ec2.DescribeVpcs(&ec2.DescribeVpcsInput{ VpcIds: []*string{aws.String(c.vpcID)}, }) @@ -655,7 +660,12 @@ func (c *Cloud) getVpcCidrBlock() (*string, error) { if len(vpcs.Vpcs) != 1 { return nil, fmt.Errorf("Error querying VPC for ELB, got %d vpcs for %s", len(vpcs.Vpcs), c.vpcID) } - return vpcs.Vpcs[0].CidrBlock, nil + + cidrBlocks := make([]string, 0, len(vpcs.Vpcs[0].CidrBlockAssociationSet)) + for _, cidr := range vpcs.Vpcs[0].CidrBlockAssociationSet { + cidrBlocks = append(cidrBlocks, aws.StringValue(cidr.CidrBlock)) + } + return cidrBlocks, nil } // abstraction for updating SG rules @@ -868,7 +878,7 @@ func (c *Cloud) updateInstanceSecurityGroupsForNLB(mappings []nlbPortMapping, in return nil } - vpcCidr, err := c.getVpcCidrBlock() + vpcCidrBlocks, err := c.getVpcCidrBlocks() if err != nil { return err } @@ -953,7 +963,7 @@ func (c *Cloud) updateInstanceSecurityGroupsForNLB(mappings []nlbPortMapping, in } // Run once for health check traffic - err = c.updateInstanceSecurityGroupsForNLBTraffic(actualGroups, desiredGroupIds, healthCheckPorts, lbName, []string{aws.StringValue(vpcCidr)}, false) + err = c.updateInstanceSecurityGroupsForNLBTraffic(actualGroups, desiredGroupIds, healthCheckPorts, lbName, vpcCidrBlocks, false) if err != nil { return err } diff --git a/pkg/cloudprovider/providers/aws/aws_metrics.go b/pkg/cloudprovider/providers/aws/aws_metrics.go index aa434d92607..bb7958f04f0 100644 --- a/pkg/cloudprovider/providers/aws/aws_metrics.go +++ b/pkg/cloudprovider/providers/aws/aws_metrics.go @@ -16,7 +16,11 @@ limitations under the License. package aws -import "github.com/prometheus/client_golang/prometheus" +import ( + "sync" + + "github.com/prometheus/client_golang/prometheus" +) var ( awsAPIMetric = prometheus.NewHistogramVec( @@ -53,8 +57,12 @@ func recordAWSThrottlesMetric(operation string) { awsAPIThrottlesMetric.With(prometheus.Labels{"operation_name": operation}).Inc() } +var registerOnce sync.Once + func registerMetrics() { - prometheus.MustRegister(awsAPIMetric) - prometheus.MustRegister(awsAPIErrorMetric) - prometheus.MustRegister(awsAPIThrottlesMetric) + registerOnce.Do(func() { + prometheus.MustRegister(awsAPIMetric) + prometheus.MustRegister(awsAPIErrorMetric) + prometheus.MustRegister(awsAPIThrottlesMetric) + }) } diff --git a/pkg/cloudprovider/providers/aws/aws_test.go b/pkg/cloudprovider/providers/aws/aws_test.go index 62f7186af05..d37630e837c 100644 --- a/pkg/cloudprovider/providers/aws/aws_test.go +++ b/pkg/cloudprovider/providers/aws/aws_test.go @@ -35,8 +35,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/sets" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - "k8s.io/kubernetes/pkg/volume" + cloudvolume "k8s.io/cloud-provider/volume" ) const TestClusterID = "clusterid.test" @@ -1191,8 +1190,8 @@ func TestGetVolumeLabels(t *testing.T) { assert.Nil(t, err, "Error creating Volume %v", err) assert.Equal(t, map[string]string{ - kubeletapis.LabelZoneFailureDomain: "us-east-1a", - kubeletapis.LabelZoneRegion: "us-east-1"}, labels) + v1.LabelZoneFailureDomain: "us-east-1a", + v1.LabelZoneRegion: "us-east-1"}, labels) awsServices.ec2.(*MockedFakeEC2).AssertExpectations(t) } @@ -1222,7 +1221,7 @@ func TestGetLabelsForVolume(t *testing.T) { Spec: v1.PersistentVolumeSpec{ PersistentVolumeSource: v1.PersistentVolumeSource{ AWSElasticBlockStore: &v1.AWSElasticBlockStoreVolumeSource{ - VolumeID: volume.ProvisionedVolumeName, + VolumeID: cloudvolume.ProvisionedVolumeName, }, }, }, @@ -1265,8 +1264,8 @@ func TestGetLabelsForVolume(t *testing.T) { AvailabilityZone: aws.String("us-east-1a"), }}, map[string]string{ - kubeletapis.LabelZoneFailureDomain: "us-east-1a", - kubeletapis.LabelZoneRegion: "us-east-1", + v1.LabelZoneFailureDomain: "us-east-1a", + v1.LabelZoneRegion: "us-east-1", }, nil, }, diff --git a/pkg/cloudprovider/providers/azure/BUILD b/pkg/cloudprovider/providers/azure/BUILD index 12b75d79666..bd97289989d 100644 --- a/pkg/cloudprovider/providers/azure/BUILD +++ b/pkg/cloudprovider/providers/azure/BUILD @@ -37,9 +37,6 @@ go_library( importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/azure", deps = [ "//pkg/cloudprovider/providers/azure/auth:go_default_library", - "//pkg/kubelet/apis:go_default_library", - "//pkg/volume:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", @@ -58,6 +55,9 @@ go_library( "//staging/src/k8s.io/client-go/util/flowcontrol:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", "//staging/src/k8s.io/cloud-provider/service/helpers:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/errors:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-10-01/compute:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", @@ -94,7 +94,6 @@ go_test( embed = [":go_default_library"], deps = [ "//pkg/cloudprovider/providers/azure/auth:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", diff --git a/pkg/cloudprovider/providers/azure/OWNERS b/pkg/cloudprovider/providers/azure/OWNERS index 54c420b642d..9036637dde4 100644 --- a/pkg/cloudprovider/providers/azure/OWNERS +++ b/pkg/cloudprovider/providers/azure/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - andyzhangx - brendandburns diff --git a/pkg/cloudprovider/providers/azure/azure.go b/pkg/cloudprovider/providers/azure/azure.go index 02c9267ad76..25650e022b7 100644 --- a/pkg/cloudprovider/providers/azure/azure.go +++ b/pkg/cloudprovider/providers/azure/azure.go @@ -37,8 +37,8 @@ import ( "k8s.io/client-go/util/flowcontrol" cloudprovider "k8s.io/cloud-provider" "k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" + "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-10-01/compute" "github.com/Azure/go-autorest/autorest" "github.com/Azure/go-autorest/autorest/azure" "k8s.io/klog" @@ -171,6 +171,7 @@ type Cloud struct { VirtualMachinesClient VirtualMachinesClient StorageAccountClient StorageAccountClient DisksClient DisksClient + SnapshotsClient *compute.SnapshotsClient FileClient FileClient resourceRequestBackoff wait.Backoff metadata *InstanceMetadataService @@ -345,6 +346,7 @@ func NewCloud(configReader io.Reader) (cloudprovider.Interface, error) { resourceRequestBackoff: resourceRequestBackoff, DisksClient: newAzDisksClient(azClientConfig), + SnapshotsClient: newSnapshotsClient(azClientConfig), RoutesClient: newAzRoutesClient(azClientConfig), SubnetsClient: newAzSubnetsClient(azClientConfig), InterfacesClient: newAzInterfacesClient(azClientConfig), @@ -521,8 +523,8 @@ func (az *Cloud) SetInformers(informerFactory informers.SharedInformerFactory) { UpdateFunc: func(prev, obj interface{}) { prevNode := prev.(*v1.Node) newNode := obj.(*v1.Node) - if newNode.Labels[kubeletapis.LabelZoneFailureDomain] == - prevNode.Labels[kubeletapis.LabelZoneFailureDomain] { + if newNode.Labels[v1.LabelZoneFailureDomain] == + prevNode.Labels[v1.LabelZoneFailureDomain] { return } az.updateNodeCaches(prevNode, newNode) @@ -556,7 +558,7 @@ func (az *Cloud) updateNodeCaches(prevNode, newNode *v1.Node) { if prevNode != nil { // Remove from nodeZones cache. - prevZone, ok := prevNode.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] + prevZone, ok := prevNode.ObjectMeta.Labels[v1.LabelZoneFailureDomain] if ok && az.isAvailabilityZone(prevZone) { az.nodeZones[prevZone].Delete(prevNode.ObjectMeta.Name) if az.nodeZones[prevZone].Len() == 0 { @@ -579,7 +581,7 @@ func (az *Cloud) updateNodeCaches(prevNode, newNode *v1.Node) { if newNode != nil { // Add to nodeZones cache. - newZone, ok := newNode.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] + newZone, ok := newNode.ObjectMeta.Labels[v1.LabelZoneFailureDomain] if ok && az.isAvailabilityZone(newZone) { if az.nodeZones[newZone] == nil { az.nodeZones[newZone] = sets.NewString() diff --git a/pkg/cloudprovider/providers/azure/azure_blobDiskController.go b/pkg/cloudprovider/providers/azure/azure_blobDiskController.go index 7cb8a756df7..1ff0a892cd4 100644 --- a/pkg/cloudprovider/providers/azure/azure_blobDiskController.go +++ b/pkg/cloudprovider/providers/azure/azure_blobDiskController.go @@ -31,10 +31,10 @@ import ( azstorage "github.com/Azure/azure-sdk-for-go/storage" "github.com/Azure/go-autorest/autorest/to" "github.com/rubiojr/go-vhd/vhd" - "k8s.io/klog" kwait "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/kubernetes/pkg/volume" + volerr "k8s.io/cloud-provider/volume/errors" + "k8s.io/klog" ) const ( @@ -119,7 +119,7 @@ func (c *BlobDiskController) DeleteVolume(diskURI string) error { if strings.Contains(detail, errLeaseIDMissing) { // disk is still being used // see https://msdn.microsoft.com/en-us/library/microsoft.windowsazure.storage.blob.protocol.bloberrorcodestrings.leaseidmissing.aspx - return volume.NewDeletedVolumeInUseError(fmt.Sprintf("disk %q is still in use while being deleted", diskURI)) + return volerr.NewDeletedVolumeInUseError(fmt.Sprintf("disk %q is still in use while being deleted", diskURI)) } return fmt.Errorf("failed to delete vhd %v, account %s, blob %s, err: %v", diskURI, accountName, blob, err) } diff --git a/pkg/cloudprovider/providers/azure/azure_client.go b/pkg/cloudprovider/providers/azure/azure_client.go index e7d2a9d6cec..8559c1cd37e 100644 --- a/pkg/cloudprovider/providers/azure/azure_client.go +++ b/pkg/cloudprovider/providers/azure/azure_client.go @@ -1385,6 +1385,18 @@ func (az *azDisksClient) Get(ctx context.Context, resourceGroupName string, disk return } +func newSnapshotsClient(config *azClientConfig) *compute.SnapshotsClient { + snapshotsClient := compute.NewSnapshotsClientWithBaseURI(config.resourceManagerEndpoint, config.subscriptionID) + snapshotsClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken) + snapshotsClient.PollingDelay = 5 * time.Second + if config.ShouldOmitCloudProviderBackoff { + snapshotsClient.RetryAttempts = config.CloudProviderBackoffRetries + snapshotsClient.RetryDuration = time.Duration(config.CloudProviderBackoffDuration) * time.Second + } + configureUserAgent(&snapshotsClient.Client) + return &snapshotsClient +} + // azVirtualMachineSizesClient implements VirtualMachineSizesClient. type azVirtualMachineSizesClient struct { client compute.VirtualMachineSizesClient diff --git a/pkg/cloudprovider/providers/azure/azure_managedDiskController.go b/pkg/cloudprovider/providers/azure/azure_managedDiskController.go index 110636531d3..efdbb67275e 100644 --- a/pkg/cloudprovider/providers/azure/azure_managedDiskController.go +++ b/pkg/cloudprovider/providers/azure/azure_managedDiskController.go @@ -30,9 +30,8 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" kwait "k8s.io/apimachinery/pkg/util/wait" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - "k8s.io/kubernetes/pkg/volume" - "k8s.io/kubernetes/pkg/volume/util" + cloudvolume "k8s.io/cloud-provider/volume" + volumehelpers "k8s.io/cloud-provider/volume/helpers" ) const ( @@ -239,9 +238,8 @@ func (c *ManagedDiskController) ResizeDisk(diskURI string, oldSize resource.Quan return oldSize, fmt.Errorf("DiskProperties of disk(%s) is nil", diskName) } - requestBytes := newSize.Value() // Azure resizes in chunks of GiB (not GB) - requestGiB := int32(util.RoundUpSize(requestBytes, 1024*1024*1024)) + requestGiB := int32(volumehelpers.RoundUpToGiB(newSize)) newSizeQuant := resource.MustParse(fmt.Sprintf("%dGi", requestGiB)) klog.V(2).Infof("azureDisk - begin to resize disk(%s) with new size(%d), old size(%v)", diskName, requestGiB, oldSize) @@ -282,7 +280,7 @@ func (c *Cloud) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) } // Ignore any volumes that are being provisioned - if pv.Spec.AzureDisk.DiskName == volume.ProvisionedVolumeName { + if pv.Spec.AzureDisk.DiskName == cloudvolume.ProvisionedVolumeName { return nil, nil } @@ -323,8 +321,8 @@ func (c *Cloud) GetAzureDiskLabels(diskURI string) (map[string]string, error) { zone := c.makeZone(zoneID) klog.V(4).Infof("Got zone %q for Azure disk %q", zone, diskName) labels := map[string]string{ - kubeletapis.LabelZoneRegion: c.Location, - kubeletapis.LabelZoneFailureDomain: zone, + v1.LabelZoneRegion: c.Location, + v1.LabelZoneFailureDomain: zone, } return labels, nil } diff --git a/pkg/cloudprovider/providers/azure/azure_test.go b/pkg/cloudprovider/providers/azure/azure_test.go index b90d3f27230..4cfb3a1d0fa 100644 --- a/pkg/cloudprovider/providers/azure/azure_test.go +++ b/pkg/cloudprovider/providers/azure/azure_test.go @@ -32,7 +32,6 @@ import ( "k8s.io/apimachinery/pkg/util/sets" servicehelpers "k8s.io/cloud-provider/service/helpers" "k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-10-01/compute" "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network" @@ -1093,7 +1092,7 @@ func getClusterResources(az *Cloud, vmCount int, availabilitySetCount int) (clus ObjectMeta: metav1.ObjectMeta{ Name: vmName, Labels: map[string]string{ - kubeletapis.LabelHostname: vmName, + v1.LabelHostname: vmName, }, }, } diff --git a/pkg/cloudprovider/providers/azure/azure_vmss_cache.go b/pkg/cloudprovider/providers/azure/azure_vmss_cache.go index 534ba9d445b..07d30b78855 100644 --- a/pkg/cloudprovider/providers/azure/azure_vmss_cache.go +++ b/pkg/cloudprovider/providers/azure/azure_vmss_cache.go @@ -159,7 +159,7 @@ func extractVmssCacheKey(key string) (string, string, error) { // key is composed of # keyItems := strings.Split(key, vmssCacheSeparator) if len(keyItems) != 2 { - return "", "", fmt.Errorf("key %q is not in format '#'", key) + return "", "", fmt.Errorf("key %q is not in format '#'", key) } resourceGroup := keyItems[0] diff --git a/pkg/cloudprovider/providers/cloudstack/OWNERS b/pkg/cloudprovider/providers/cloudstack/OWNERS index 0a5ced7913b..111e3dd19d5 100644 --- a/pkg/cloudprovider/providers/cloudstack/OWNERS +++ b/pkg/cloudprovider/providers/cloudstack/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - ngtuna - sebgoa diff --git a/pkg/cloudprovider/providers/gce/BUILD b/pkg/cloudprovider/providers/gce/BUILD index 4843e8b085a..8875dd9b93e 100644 --- a/pkg/cloudprovider/providers/gce/BUILD +++ b/pkg/cloudprovider/providers/gce/BUILD @@ -1,10 +1,4 @@ -package(default_visibility = ["//visibility:public"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", - "go_test", -) +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") go_library( name = "go_default_library", @@ -45,10 +39,8 @@ go_library( "token_source.go", ], importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/gce", + visibility = ["//visibility:public"], deps = [ - "//pkg/kubelet/apis:go_default_library", - "//pkg/volume:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -72,6 +64,9 @@ go_library( "//staging/src/k8s.io/cloud-provider:go_default_library", "//staging/src/k8s.io/cloud-provider/features:go_default_library", "//staging/src/k8s.io/cloud-provider/service/helpers:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/errors:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/cloud.google.com/go/compute/metadata:go_default_library", "//vendor/github.com/GoogleCloudPlatform/k8s-cloud-provider/pkg/cloud:go_default_library", "//vendor/github.com/GoogleCloudPlatform/k8s-cloud-provider/pkg/cloud/filter:go_default_library", @@ -109,7 +104,6 @@ go_test( ], embed = [":go_default_library"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", @@ -142,4 +136,5 @@ filegroup( name = "all-srcs", srcs = [":package-srcs"], tags = ["automanaged"], + visibility = ["//visibility:public"], ) diff --git a/pkg/cloudprovider/providers/gce/OWNERS b/pkg/cloudprovider/providers/gce/OWNERS index f02eb9550b1..b1c2f63c96b 100644 --- a/pkg/cloudprovider/providers/gce/OWNERS +++ b/pkg/cloudprovider/providers/gce/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - jingxu97 diff --git a/pkg/cloudprovider/providers/gce/gce.go b/pkg/cloudprovider/providers/gce/gce.go index 6e45eef1622..0716a96877b 100644 --- a/pkg/cloudprovider/providers/gce/gce.go +++ b/pkg/cloudprovider/providers/gce/gce.go @@ -52,7 +52,6 @@ import ( "k8s.io/client-go/util/flowcontrol" cloudprovider "k8s.io/cloud-provider" "k8s.io/klog" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) const ( @@ -709,8 +708,8 @@ func (g *Cloud) SetInformers(informerFactory informers.SharedInformerFactory) { UpdateFunc: func(prev, obj interface{}) { prevNode := prev.(*v1.Node) newNode := obj.(*v1.Node) - if newNode.Labels[kubeletapis.LabelZoneFailureDomain] == - prevNode.Labels[kubeletapis.LabelZoneFailureDomain] { + if newNode.Labels[v1.LabelZoneFailureDomain] == + prevNode.Labels[v1.LabelZoneFailureDomain] { return } g.updateNodeZones(prevNode, newNode) @@ -741,7 +740,7 @@ func (g *Cloud) updateNodeZones(prevNode, newNode *v1.Node) { g.nodeZonesLock.Lock() defer g.nodeZonesLock.Unlock() if prevNode != nil { - prevZone, ok := prevNode.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] + prevZone, ok := prevNode.ObjectMeta.Labels[v1.LabelZoneFailureDomain] if ok { g.nodeZones[prevZone].Delete(prevNode.ObjectMeta.Name) if g.nodeZones[prevZone].Len() == 0 { @@ -750,7 +749,7 @@ func (g *Cloud) updateNodeZones(prevNode, newNode *v1.Node) { } } if newNode != nil { - newZone, ok := newNode.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] + newZone, ok := newNode.ObjectMeta.Labels[v1.LabelZoneFailureDomain] if ok { if g.nodeZones[newZone] == nil { g.nodeZones[newZone] = sets.NewString() diff --git a/pkg/cloudprovider/providers/gce/gce_disks.go b/pkg/cloudprovider/providers/gce/gce_disks.go index 268d83b5c46..1503409044e 100644 --- a/pkg/cloudprovider/providers/gce/gce_disks.go +++ b/pkg/cloudprovider/providers/gce/gce_disks.go @@ -29,9 +29,9 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/sets" cloudprovider "k8s.io/cloud-provider" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - "k8s.io/kubernetes/pkg/volume" - volumeutil "k8s.io/kubernetes/pkg/volume/util" + cloudvolume "k8s.io/cloud-provider/volume" + volerr "k8s.io/cloud-provider/volume/errors" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "github.com/GoogleCloudPlatform/k8s-cloud-provider/pkg/cloud" "github.com/GoogleCloudPlatform/k8s-cloud-provider/pkg/cloud/meta" @@ -505,12 +505,12 @@ func newDiskMetricContextRegional(request, region string) *metricContext { // GetLabelsForVolume retrieved the label info for the provided volume func (g *Cloud) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) (map[string]string, error) { // Ignore any volumes that are being provisioned - if pv.Spec.GCEPersistentDisk.PDName == volume.ProvisionedVolumeName { + if pv.Spec.GCEPersistentDisk.PDName == cloudvolume.ProvisionedVolumeName { return nil, nil } // If the zone is already labeled, honor the hint - zone := pv.Labels[kubeletapis.LabelZoneFailureDomain] + zone := pv.Labels[v1.LabelZoneFailureDomain] labels, err := g.GetAutoLabelsForPD(pv.Spec.GCEPersistentDisk.PDName, zone) if err != nil { @@ -731,7 +731,7 @@ func getDiskType(diskType string) (string, error) { func (g *Cloud) DeleteDisk(diskToDelete string) error { err := g.doDeleteDisk(diskToDelete) if isGCEError(err, "resourceInUseByAnotherResource") { - return volume.NewDeletedVolumeInUseError(err.Error()) + return volerr.NewDeletedVolumeInUseError(err.Error()) } if err == cloudprovider.DiskNotFound { @@ -748,7 +748,7 @@ func (g *Cloud) ResizeDisk(diskToResize string, oldSize resource.Quantity, newSi } // GCE resizes in chunks of GiBs - requestGIB := volumeutil.RoundUpToGiB(newSize) + requestGIB := volumehelpers.RoundUpToGiB(newSize) newSizeQuant := resource.MustParse(fmt.Sprintf("%dGi", requestGIB)) // If disk is already of size equal or greater than requested size, we simply return @@ -812,7 +812,7 @@ func (g *Cloud) GetAutoLabelsForPD(name string, zone string) (map[string]string, // However it is more consistent to ensure the disk exists, // and in future we may gather addition information (e.g. disk type, IOPS etc) if utilfeature.DefaultFeatureGate.Enabled(cloudfeatures.GCERegionalPersistentDisk) { - zoneSet, err := volumeutil.LabelZonesToSet(zone) + zoneSet, err := volumehelpers.LabelZonesToSet(zone) if err != nil { klog.Warningf("Failed to parse zone field: %q. Will use raw field.", zone) } @@ -845,16 +845,16 @@ func (g *Cloud) GetAutoLabelsForPD(name string, zone string) (map[string]string, // Unexpected, but sanity-check return nil, fmt.Errorf("PD did not have zone/region information: %v", disk) } - labels[kubeletapis.LabelZoneFailureDomain] = zoneInfo.zone - labels[kubeletapis.LabelZoneRegion] = disk.Region + labels[v1.LabelZoneFailureDomain] = zoneInfo.zone + labels[v1.LabelZoneRegion] = disk.Region case multiZone: if zoneInfo.replicaZones == nil || zoneInfo.replicaZones.Len() <= 0 { // Unexpected, but sanity-check return nil, fmt.Errorf("PD is regional but does not have any replicaZones specified: %v", disk) } - labels[kubeletapis.LabelZoneFailureDomain] = - volumeutil.ZonesSetToLabelValue(zoneInfo.replicaZones) - labels[kubeletapis.LabelZoneRegion] = disk.Region + labels[v1.LabelZoneFailureDomain] = + volumehelpers.ZonesSetToLabelValue(zoneInfo.replicaZones) + labels[v1.LabelZoneRegion] = disk.Region case nil: // Unexpected, but sanity-check return nil, fmt.Errorf("PD did not have ZoneInfo: %v", disk) diff --git a/pkg/cloudprovider/providers/gce/gce_disks_test.go b/pkg/cloudprovider/providers/gce/gce_disks_test.go index 6b45c868684..27531cb8098 100644 --- a/pkg/cloudprovider/providers/gce/gce_disks_test.go +++ b/pkg/cloudprovider/providers/gce/gce_disks_test.go @@ -25,9 +25,9 @@ import ( computebeta "google.golang.org/api/compute/v0.beta" compute "google.golang.org/api/compute/v1" "google.golang.org/api/googleapi" + "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" cloudprovider "k8s.io/cloud-provider" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) // TODO TODO write a test for GetDiskByNameUnknownZone and make sure casting logic works @@ -463,12 +463,12 @@ func TestGetAutoLabelsForPD_Basic(t *testing.T) { if err != nil { t.Error(err) } - if labels[kubeletapis.LabelZoneFailureDomain] != zone { + if labels[v1.LabelZoneFailureDomain] != zone { t.Errorf("Failure domain is '%v', but zone is '%v'", - labels[kubeletapis.LabelZoneFailureDomain], zone) + labels[v1.LabelZoneFailureDomain], zone) } - if labels[kubeletapis.LabelZoneRegion] != gceRegion { - t.Errorf("Region is '%v', but region is 'us-central1'", labels[kubeletapis.LabelZoneRegion]) + if labels[v1.LabelZoneRegion] != gceRegion { + t.Errorf("Region is '%v', but region is 'us-central1'", labels[v1.LabelZoneRegion]) } } @@ -499,12 +499,12 @@ func TestGetAutoLabelsForPD_NoZone(t *testing.T) { if err != nil { t.Error(err) } - if labels[kubeletapis.LabelZoneFailureDomain] != zone { + if labels[v1.LabelZoneFailureDomain] != zone { t.Errorf("Failure domain is '%v', but zone is '%v'", - labels[kubeletapis.LabelZoneFailureDomain], zone) + labels[v1.LabelZoneFailureDomain], zone) } - if labels[kubeletapis.LabelZoneRegion] != gceRegion { - t.Errorf("Region is '%v', but region is 'europe-west1'", labels[kubeletapis.LabelZoneRegion]) + if labels[v1.LabelZoneRegion] != gceRegion { + t.Errorf("Region is '%v', but region is 'europe-west1'", labels[v1.LabelZoneRegion]) } } @@ -585,12 +585,12 @@ func TestGetAutoLabelsForPD_DupDisk(t *testing.T) { if err != nil { t.Error("Disk name and zone uniquely identifies a disk, yet an error is returned.") } - if labels[kubeletapis.LabelZoneFailureDomain] != zone { + if labels[v1.LabelZoneFailureDomain] != zone { t.Errorf("Failure domain is '%v', but zone is '%v'", - labels[kubeletapis.LabelZoneFailureDomain], zone) + labels[v1.LabelZoneFailureDomain], zone) } - if labels[kubeletapis.LabelZoneRegion] != gceRegion { - t.Errorf("Region is '%v', but region is 'us-west1'", labels[kubeletapis.LabelZoneRegion]) + if labels[v1.LabelZoneRegion] != gceRegion { + t.Errorf("Region is '%v', but region is 'us-west1'", labels[v1.LabelZoneRegion]) } } diff --git a/pkg/cloudprovider/providers/gce/gce_instances.go b/pkg/cloudprovider/providers/gce/gce_instances.go index f93e0fff006..ef705fa808b 100644 --- a/pkg/cloudprovider/providers/gce/gce_instances.go +++ b/pkg/cloudprovider/providers/gce/gce_instances.go @@ -37,7 +37,6 @@ import ( "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/wait" cloudprovider "k8s.io/cloud-provider" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) const ( @@ -60,7 +59,7 @@ func splitNodesByZone(nodes []*v1.Node) map[string][]*v1.Node { } func getZone(n *v1.Node) string { - zone, ok := n.Labels[kubeletapis.LabelZoneFailureDomain] + zone, ok := n.Labels[v1.LabelZoneFailureDomain] if !ok { return defaultZone } diff --git a/pkg/cloudprovider/providers/gce/gce_loadbalancer_utils_test.go b/pkg/cloudprovider/providers/gce/gce_loadbalancer_utils_test.go index 293d1e53093..87fcf1d5dcc 100644 --- a/pkg/cloudprovider/providers/gce/gce_loadbalancer_utils_test.go +++ b/pkg/cloudprovider/providers/gce/gce_loadbalancer_utils_test.go @@ -36,7 +36,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/tools/record" servicehelpers "k8s.io/cloud-provider/service/helpers" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) // TODO(yankaiz): Create shared error types for both test/non-test codes. @@ -99,8 +98,8 @@ func createAndInsertNodes(gce *Cloud, nodeNames []string, zoneName string) ([]*v ObjectMeta: metav1.ObjectMeta{ Name: name, Labels: map[string]string{ - kubeletapis.LabelHostname: name, - kubeletapis.LabelZoneFailureDomain: zoneName, + v1.LabelHostname: name, + v1.LabelZoneFailureDomain: zoneName, }, }, Status: v1.NodeStatus{ diff --git a/pkg/cloudprovider/providers/openstack/BUILD b/pkg/cloudprovider/providers/openstack/BUILD index 313a3b27239..934af2f7502 100644 --- a/pkg/cloudprovider/providers/openstack/BUILD +++ b/pkg/cloudprovider/providers/openstack/BUILD @@ -20,10 +20,7 @@ go_library( ], importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/openstack", deps = [ - "//pkg/kubelet/apis:go_default_library", "//pkg/util/mount:go_default_library", - "//pkg/volume:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", @@ -34,6 +31,9 @@ go_library( "//staging/src/k8s.io/cloud-provider:go_default_library", "//staging/src/k8s.io/cloud-provider/node/helpers:go_default_library", "//staging/src/k8s.io/cloud-provider/service/helpers:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/errors:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/gophercloud/gophercloud:go_default_library", "//vendor/github.com/gophercloud/gophercloud/openstack:go_default_library", "//vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions:go_default_library", diff --git a/pkg/cloudprovider/providers/openstack/OWNERS b/pkg/cloudprovider/providers/openstack/OWNERS index 4bc4fbc4cbb..e8856d16e94 100644 --- a/pkg/cloudprovider/providers/openstack/OWNERS +++ b/pkg/cloudprovider/providers/openstack/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - anguslees - NickrenREN diff --git a/pkg/cloudprovider/providers/openstack/openstack_metrics.go b/pkg/cloudprovider/providers/openstack/openstack_metrics.go index ab8f9b68707..d24d657352d 100644 --- a/pkg/cloudprovider/providers/openstack/openstack_metrics.go +++ b/pkg/cloudprovider/providers/openstack/openstack_metrics.go @@ -16,7 +16,11 @@ limitations under the License. package openstack -import "github.com/prometheus/client_golang/prometheus" +import ( + "sync" + + "github.com/prometheus/client_golang/prometheus" +) const ( openstackSubsystem = "openstack" @@ -44,7 +48,11 @@ var ( ) ) +var registerOnce sync.Once + func registerMetrics() { - prometheus.MustRegister(openstackOperationsLatency) - prometheus.MustRegister(openstackAPIRequestErrors) + registerOnce.Do(func() { + prometheus.MustRegister(openstackOperationsLatency) + prometheus.MustRegister(openstackAPIRequestErrors) + }) } diff --git a/pkg/cloudprovider/providers/openstack/openstack_volumes.go b/pkg/cloudprovider/providers/openstack/openstack_volumes.go index fa4c4d59769..dd7636175a5 100644 --- a/pkg/cloudprovider/providers/openstack/openstack_volumes.go +++ b/pkg/cloudprovider/providers/openstack/openstack_volumes.go @@ -30,9 +30,9 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/types" cloudprovider "k8s.io/cloud-provider" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - k8s_volume "k8s.io/kubernetes/pkg/volume" - volumeutil "k8s.io/kubernetes/pkg/volume/util" + cloudvolume "k8s.io/cloud-provider/volume" + volerr "k8s.io/cloud-provider/volume/errors" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "github.com/gophercloud/gophercloud" volumeexpand "github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions" @@ -345,7 +345,7 @@ func (os *OpenStack) AttachDisk(instanceID, volumeID string) (string, error) { } // using volume.AttachedDevice may cause problems because cinder does not report device path correctly see issue #33128 devicePath := volume.AttachedDevice - danglingErr := volumeutil.NewDanglingError(attachErr, nodeName, devicePath) + danglingErr := volerr.NewDanglingError(attachErr, nodeName, devicePath) klog.V(2).Infof("Found dangling volume %s attached to node %s", volumeID, nodeName) return "", danglingErr } @@ -413,7 +413,7 @@ func (os *OpenStack) ExpandVolume(volumeID string, oldSize resource.Quantity, ne } // Cinder works with gigabytes, convert to GiB with rounding up - volSizeGiB, err := volumeutil.RoundUpToGiBInt(newSize) + volSizeGiB, err := volumehelpers.RoundUpToGiBInt(newSize) if err != nil { return oldSize, err } @@ -572,7 +572,7 @@ func (os *OpenStack) DeleteVolume(volumeID string) error { } if used { msg := fmt.Sprintf("Cannot delete the volume %q, it's still attached to a node", volumeID) - return k8s_volume.NewDeletedVolumeInUseError(msg) + return volerr.NewDeletedVolumeInUseError(msg) } volumes, err := os.volumeService("") @@ -703,7 +703,7 @@ func (os *OpenStack) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVo } // Ignore any volumes that are being provisioned - if pv.Spec.Cinder.VolumeID == k8s_volume.ProvisionedVolumeName { + if pv.Spec.Cinder.VolumeID == cloudvolume.ProvisionedVolumeName { return nil, nil } @@ -715,8 +715,8 @@ func (os *OpenStack) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVo // Construct Volume Labels labels := make(map[string]string) - labels[kubeletapis.LabelZoneFailureDomain] = volume.AvailabilityZone - labels[kubeletapis.LabelZoneRegion] = os.region + labels[v1.LabelZoneFailureDomain] = volume.AvailabilityZone + labels[v1.LabelZoneRegion] = os.region klog.V(4).Infof("The Volume %s has labels %v", pv.Spec.Cinder.VolumeID, labels) return labels, nil diff --git a/pkg/cloudprovider/providers/photon/OWNERS b/pkg/cloudprovider/providers/photon/OWNERS index b8170a5d6d4..36c201edd9a 100644 --- a/pkg/cloudprovider/providers/photon/OWNERS +++ b/pkg/cloudprovider/providers/photon/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + maintainers: - luomiao - kerneltime diff --git a/pkg/cloudprovider/providers/vsphere/BUILD b/pkg/cloudprovider/providers/vsphere/BUILD index ebfecdb86c7..45e49e2a73b 100644 --- a/pkg/cloudprovider/providers/vsphere/BUILD +++ b/pkg/cloudprovider/providers/vsphere/BUILD @@ -13,6 +13,9 @@ go_library( "nodemanager.go", "vsphere.go", "vsphere_util.go", + "vsphere_util_linux.go", + "vsphere_util_unsupported.go", + "vsphere_util_windows.go", ], importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere", deps = [ @@ -21,12 +24,16 @@ go_library( "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/version:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/listers/core/v1:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", "//staging/src/k8s.io/cloud-provider/node/helpers:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", + "//vendor/github.com/vmware/govmomi/object:go_default_library", + "//vendor/github.com/vmware/govmomi/property:go_default_library", "//vendor/github.com/vmware/govmomi/vapi/rest:go_default_library", "//vendor/github.com/vmware/govmomi/vapi/tags:go_default_library", "//vendor/github.com/vmware/govmomi/vim25:go_default_library", @@ -58,6 +65,7 @@ go_test( "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", "//vendor/github.com/vmware/govmomi:go_default_library", + "//vendor/github.com/vmware/govmomi/find:go_default_library", "//vendor/github.com/vmware/govmomi/lookup/simulator:go_default_library", "//vendor/github.com/vmware/govmomi/property:go_default_library", "//vendor/github.com/vmware/govmomi/simulator:go_default_library", @@ -67,6 +75,7 @@ go_test( "//vendor/github.com/vmware/govmomi/vapi/simulator:go_default_library", "//vendor/github.com/vmware/govmomi/vapi/tags:go_default_library", "//vendor/github.com/vmware/govmomi/vim25/mo:go_default_library", + "//vendor/github.com/vmware/govmomi/vim25/types:go_default_library", ], ) diff --git a/pkg/cloudprovider/providers/vsphere/OWNERS b/pkg/cloudprovider/providers/vsphere/OWNERS index 001c17509c5..eca27ff2f9b 100644 --- a/pkg/cloudprovider/providers/vsphere/OWNERS +++ b/pkg/cloudprovider/providers/vsphere/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - abrarshivani - baludontu diff --git a/pkg/cloudprovider/providers/vsphere/nodemanager.go b/pkg/cloudprovider/providers/vsphere/nodemanager.go index 55a2a09d9d4..f245e336f65 100644 --- a/pkg/cloudprovider/providers/vsphere/nodemanager.go +++ b/pkg/cloudprovider/providers/vsphere/nodemanager.go @@ -22,8 +22,10 @@ import ( "strings" "sync" + "github.com/vmware/govmomi/object" "k8s.io/api/core/v1" k8stypes "k8s.io/apimachinery/pkg/types" + cloudprovider "k8s.io/cloud-provider" "k8s.io/klog" "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib" ) @@ -34,6 +36,7 @@ type NodeInfo struct { vm *vclib.VirtualMachine vcServer string vmUUID string + zone *cloudprovider.Zone } type NodeManager struct { @@ -58,6 +61,7 @@ type NodeDetails struct { NodeName string vm *vclib.VirtualMachine VMUUID string + Zone *cloudprovider.Zone } // TODO: Make it configurable in vsphere.conf @@ -190,7 +194,11 @@ func (nm *NodeManager) DiscoverNode(node *v1.Node) error { klog.V(4).Infof("Found node %s as vm=%+v in vc=%s and datacenter=%s", node.Name, vm, res.vc, res.datacenter.Name()) - nodeInfo := &NodeInfo{dataCenter: res.datacenter, vm: vm, vcServer: res.vc, vmUUID: nodeUUID} + // Get the node zone information + nodeFd := node.ObjectMeta.Labels[v1.LabelZoneFailureDomain] + nodeRegion := node.ObjectMeta.Labels[v1.LabelZoneRegion] + nodeZone := &cloudprovider.Zone{FailureDomain: nodeFd, Region: nodeRegion} + nodeInfo := &NodeInfo{dataCenter: res.datacenter, vm: vm, vcServer: res.vc, vmUUID: nodeUUID, zone: nodeZone} nm.addNodeInfo(node.ObjectMeta.Name, nodeInfo) for range queueChannel { } @@ -309,7 +317,7 @@ func (nm *NodeManager) GetNodeDetails() ([]NodeDetails, error) { return nil, err } klog.V(4).Infof("Updated NodeInfo %v for node %q.", nodeInfo, nodeName) - nodeDetails = append(nodeDetails, NodeDetails{nodeName, nodeInfo.vm, nodeInfo.vmUUID}) + nodeDetails = append(nodeDetails, NodeDetails{nodeName, nodeInfo.vm, nodeInfo.vmUUID, nodeInfo.zone}) } return nodeDetails, nil } @@ -355,6 +363,7 @@ func (nm *NodeManager) renewNodeInfo(nodeInfo *NodeInfo, reconnect bool) (*NodeI dataCenter: vm.Datacenter, vcServer: nodeInfo.vcServer, vmUUID: nodeInfo.vmUUID, + zone: nodeInfo.zone, }, nil } @@ -442,3 +451,28 @@ func (nm *NodeManager) UpdateCredentialManager(credentialManager *SecretCredenti defer nm.credentialManagerLock.Unlock() nm.credentialManager = credentialManager } + +func (nm *NodeManager) GetHostsInZone(ctx context.Context, zoneFailureDomain string) ([]*object.HostSystem, error) { + klog.V(9).Infof("GetHostsInZone called with registeredNodes: %v", nm.registeredNodes) + nodeDetails, err := nm.GetNodeDetails() + if err != nil { + return nil, err + } + klog.V(4).Infof("Node Details: %v", nodeDetails) + // Return those hosts that are in the given zone. + hosts := make([]*object.HostSystem, 0) + for _, n := range nodeDetails { + // Match the provided zone failure domain with the node. + klog.V(9).Infof("Matching provided zone %s with node %s zone %s", zoneFailureDomain, n.NodeName, n.Zone.FailureDomain) + if zoneFailureDomain == n.Zone.FailureDomain { + host, err := n.vm.HostSystem(ctx) + if err != nil { + klog.Errorf("Failed to get host system for VM %s. err: %+v", n.vm, err) + continue + } + hosts = append(hosts, host) + } + } + klog.V(4).Infof("GetHostsInZone %v returning: %v", zoneFailureDomain, hosts) + return hosts, nil +} diff --git a/pkg/cloudprovider/providers/vsphere/vclib/constants.go b/pkg/cloudprovider/providers/vsphere/vclib/constants.go index 74386bae240..a8a4e5f420e 100644 --- a/pkg/cloudprovider/providers/vsphere/vclib/constants.go +++ b/pkg/cloudprovider/providers/vsphere/vclib/constants.go @@ -40,15 +40,18 @@ const ( // Other Constants const ( - LogLevel = 4 - DatastoreProperty = "datastore" - ResourcePoolProperty = "resourcePool" - DatastoreInfoProperty = "info" - VirtualMachineType = "VirtualMachine" - RoundTripperDefaultCount = 3 - VSANDatastoreType = "vsan" - DummyVMPrefixName = "vsphere-k8s" - ActivePowerState = "poweredOn" + LogLevel = 4 + DatastoreProperty = "datastore" + ResourcePoolProperty = "resourcePool" + DatastoreInfoProperty = "info" + VirtualMachineType = "VirtualMachine" + RoundTripperDefaultCount = 3 + VSANDatastoreType = "vsan" + DummyVMPrefixName = "vsphere-k8s" + ActivePowerState = "poweredOn" + DatacenterType = "Datacenter" + ClusterComputeResourceType = "ClusterComputeResource" + HostSystemType = "HostSystem" ) // Test Constants diff --git a/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go b/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go index 31c9b98dd70..bbd60cc620a 100644 --- a/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go +++ b/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go @@ -148,6 +148,21 @@ func (dc *Datacenter) GetAllDatastores(ctx context.Context) (map[string]*Datasto return dsURLInfoMap, nil } +// GetAllHosts returns all the host objects in this datacenter of VC +func (dc *Datacenter) GetAllHosts(ctx context.Context) ([]types.ManagedObjectReference, error) { + finder := getFinder(dc) + hostSystems, err := finder.HostSystemList(ctx, "*") + if err != nil { + klog.Errorf("Failed to get all hostSystems. err: %+v", err) + return nil, err + } + var hostMors []types.ManagedObjectReference + for _, hs := range hostSystems { + hostMors = append(hostMors, hs.Reference()) + } + return hostMors, nil +} + // GetDatastoreByPath gets the Datastore object from the given vmDiskPath func (dc *Datacenter) GetDatastoreByPath(ctx context.Context, vmDiskPath string) (*Datastore, error) { datastorePathObj := new(object.DatastorePath) diff --git a/pkg/cloudprovider/providers/vsphere/vclib/datastore.go b/pkg/cloudprovider/providers/vsphere/vclib/datastore.go index a57685bc76c..859e56239f5 100644 --- a/pkg/cloudprovider/providers/vsphere/vclib/datastore.go +++ b/pkg/cloudprovider/providers/vsphere/vclib/datastore.go @@ -85,3 +85,19 @@ func (ds *Datastore) IsCompatibleWithStoragePolicy(ctx context.Context, storageP } return pbmClient.IsDatastoreCompatible(ctx, storagePolicyID, ds) } + +// GetDatastoreHostMounts gets the host names mounted on given datastore +func (ds *Datastore) GetDatastoreHostMounts(ctx context.Context) ([]types.ManagedObjectReference, error) { + var dsMo mo.Datastore + pc := property.DefaultCollector(ds.Client()) + err := pc.RetrieveOne(ctx, ds.Datastore.Reference(), []string{"host"}, &dsMo) + if err != nil { + klog.Errorf("Failed to retrieve datastore host mount property. err: %v", err) + return nil, err + } + hosts := make([]types.ManagedObjectReference, len(dsMo.Host)) + for _, dsHostMount := range dsMo.Host { + hosts = append(hosts, dsHostMount.Key) + } + return hosts, nil +} diff --git a/pkg/cloudprovider/providers/vsphere/vclib/volumeoptions.go b/pkg/cloudprovider/providers/vsphere/vclib/volumeoptions.go index 989ed446815..02f9e9ce944 100644 --- a/pkg/cloudprovider/providers/vsphere/vclib/volumeoptions.go +++ b/pkg/cloudprovider/providers/vsphere/vclib/volumeoptions.go @@ -33,6 +33,7 @@ type VolumeOptions struct { StoragePolicyName string StoragePolicyID string SCSIControllerType string + Zone []string } var ( diff --git a/pkg/cloudprovider/providers/vsphere/vsphere.go b/pkg/cloudprovider/providers/vsphere/vsphere.go index d0ae21247bb..b8aa2ea8de3 100644 --- a/pkg/cloudprovider/providers/vsphere/vsphere.go +++ b/pkg/cloudprovider/providers/vsphere/vsphere.go @@ -33,15 +33,19 @@ import ( "gopkg.in/gcfg.v1" + "github.com/vmware/govmomi/object" "github.com/vmware/govmomi/vapi/rest" "github.com/vmware/govmomi/vapi/tags" "github.com/vmware/govmomi/vim25/mo" + vmwaretypes "github.com/vmware/govmomi/vim25/types" "k8s.io/api/core/v1" k8stypes "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/client-go/informers" "k8s.io/client-go/tools/cache" cloudprovider "k8s.io/cloud-provider" nodehelpers "k8s.io/cloud-provider/node/helpers" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib" "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/diskmanagers" @@ -66,17 +70,20 @@ var cleanUpDummyVMLock sync.RWMutex const ( MissingUsernameErrMsg = "Username is missing" MissingPasswordErrMsg = "Password is missing" + NoZoneTagInVCErrMsg = "No zone tags found in vCenter" ) // Error constants var ( ErrUsernameMissing = errors.New(MissingUsernameErrMsg) ErrPasswordMissing = errors.New(MissingPasswordErrMsg) + ErrNoZoneTagInVC = errors.New(NoZoneTagInVCErrMsg) ) var _ cloudprovider.Interface = (*VSphere)(nil) var _ cloudprovider.Instances = (*VSphere)(nil) var _ cloudprovider.Zones = (*VSphere)(nil) +var _ cloudprovider.PVLabeler = (*VSphere)(nil) // VSphere is an implementation of cloud provider Interface for VSphere. type VSphere struct { @@ -501,6 +508,7 @@ func buildVSphereFromConfig(cfg VSphereConfig) (*VSphere, error) { if cfg.Global.VCenterPort == "" { cfg.Global.VCenterPort = "443" } + vsphereInstanceMap, err := populateVsphereInstanceMap(&cfg) if err != nil { return nil, err @@ -547,18 +555,22 @@ func getLocalIP() ([]v1.NodeAddress, error) { return nil, err } for _, i := range ifaces { + if i.Flags&net.FlagLoopback != 0 { + continue + } localAddrs, err := i.Addrs() if err != nil { klog.Warningf("Failed to extract addresses for NodeAddresses - %v", err) } else { for _, addr := range localAddrs { - if ipnet, ok := addr.(*net.IPNet); ok && !ipnet.IP.IsLoopback() { + if ipnet, ok := addr.(*net.IPNet); ok { if ipnet.IP.To4() != nil { // Filter external IP by MAC address OUIs from vCenter and from ESX vmMACAddr := strings.ToLower(i.HardwareAddr.String()) // Making sure that the MAC address is long enough if len(vmMACAddr) < 17 { - return addrs, fmt.Errorf("MAC address %q is invalid", vmMACAddr) + klog.V(4).Infof("Skipping invalid MAC address: %q", vmMACAddr) + continue } if vmwareOUI[vmMACAddr[:8]] { nodehelpers.AddToNodeAddresses(&addrs, @@ -833,13 +845,17 @@ func (vs *VSphere) LoadBalancer() (cloudprovider.LoadBalancer, bool) { return nil, false } +func (vs *VSphere) isZoneEnabled() bool { + return vs.cfg != nil && vs.cfg.Labels.Zone != "" && vs.cfg.Labels.Region != "" +} + // Zones returns an implementation of Zones for vSphere. func (vs *VSphere) Zones() (cloudprovider.Zones, bool) { - if vs.cfg == nil { - klog.V(1).Info("The vSphere cloud provider does not support zones") - return nil, false + if vs.isZoneEnabled() { + return vs, true } - return vs, true + klog.V(1).Info("The vSphere cloud provider does not support zones") + return nil, false } // Routes returns a false since the interface is not supported for vSphere. @@ -1149,6 +1165,7 @@ func (vs *VSphere) CreateVolume(volumeOptions *vclib.VolumeOptions) (canonicalVo klog.V(1).Infof("Starting to create a vSphere volume with volumeOptions: %+v", volumeOptions) createVolumeInternal := func(volumeOptions *vclib.VolumeOptions) (canonicalVolumePath string, err error) { var datastore string + var dsList []*vclib.DatastoreInfo // If datastore not specified, then use default datastore if volumeOptions.Datastore == "" { datastore = vs.cfg.Workspace.DefaultDatastore @@ -1169,6 +1186,28 @@ func (vs *VSphere) CreateVolume(volumeOptions *vclib.VolumeOptions) (canonicalVo } var vmOptions *vclib.VMOptions if volumeOptions.VSANStorageProfileData != "" || volumeOptions.StoragePolicyName != "" { + // If datastore and zone are specified, first validate if the datastore is in the provided zone. + if len(volumeOptions.Zone) != 0 && volumeOptions.Datastore != "" { + klog.V(4).Infof("Specified zone : %s, datastore : %s", volumeOptions.Zone, volumeOptions.Datastore) + dsList, err = getDatastoresForZone(ctx, dc, vs.nodeManager, volumeOptions.Zone) + if err != nil { + return "", err + } + + // Validate if the datastore provided belongs to the zone. If not, fail the operation. + found := false + for _, ds := range dsList { + if ds.Info.Name == volumeOptions.Datastore { + found = true + break + } + } + if !found { + err := fmt.Errorf("The specified datastore %s does not match the provided zones : %s", volumeOptions.Datastore, volumeOptions.Zone) + klog.Error(err) + return "", err + } + } // Acquire a read lock to ensure multiple PVC requests can be processed simultaneously. cleanUpDummyVMLock.RLock() defer cleanUpDummyVMLock.RUnlock() @@ -1188,29 +1227,94 @@ func (vs *VSphere) CreateVolume(volumeOptions *vclib.VolumeOptions) (canonicalVo } } if volumeOptions.StoragePolicyName != "" && volumeOptions.Datastore == "" { - datastore, err = getPbmCompatibleDatastore(ctx, dc, volumeOptions.StoragePolicyName, vs.nodeManager) + if len(volumeOptions.Zone) == 0 { + klog.V(4).Infof("Selecting a shared datastore as per the storage policy %s", volumeOptions.StoragePolicyName) + datastore, err = getPbmCompatibleDatastore(ctx, dc, volumeOptions.StoragePolicyName, vs.nodeManager) + } else { + // If zone is specified, first get the datastores in the zone. + dsList, err = getDatastoresForZone(ctx, dc, vs.nodeManager, volumeOptions.Zone) + + if err != nil { + klog.Errorf("Failed to find a shared datastore matching zone %s. err: %+v", volumeOptions.Zone, err) + return "", err + } + // If unable to get any datastore, fail the operation. + if len(dsList) == 0 { + err := fmt.Errorf("Failed to find a shared datastore matching zone %s", volumeOptions.Zone) + klog.Error(err) + return "", err + } + + klog.V(4).Infof("Specified zone : %s. Picking a datastore as per the storage policy %s among the zoned datastores : %s", volumeOptions.Zone, + volumeOptions.StoragePolicyName, dsList) + // Among the compatible datastores, select the one based on the maximum free space. + datastore, err = getPbmCompatibleZonedDatastore(ctx, dc, volumeOptions.StoragePolicyName, dsList) + } + klog.V(1).Infof("Datastore selected as per policy : %s", datastore) if err != nil { klog.Errorf("Failed to get pbm compatible datastore with storagePolicy: %s. err: %+v", volumeOptions.StoragePolicyName, err) return "", err } } else { - // Since no storage policy is specified but datastore is specified, check - // if the given datastore is a shared datastore across all node VMs. - sharedDsList, err := getSharedDatastoresInK8SCluster(ctx, dc, vs.nodeManager) - if err != nil { - klog.Errorf("Failed to get shared datastore: %+v", err) - return "", err - } - found := false - for _, sharedDs := range sharedDsList { - if datastore == sharedDs.Info.Name { - found = true - break + // If zone is specified, pick the datastore in the zone with maximum free space within the zone. + if volumeOptions.Datastore == "" && len(volumeOptions.Zone) != 0 { + klog.V(4).Infof("Specified zone : %s", volumeOptions.Zone) + dsList, err = getDatastoresForZone(ctx, dc, vs.nodeManager, volumeOptions.Zone) + + if err != nil { + klog.Errorf("Failed to find a shared datastore matching zone %s. err: %+v", volumeOptions.Zone, err) + return "", err + } + // If unable to get any datastore, fail the operation + if len(dsList) == 0 { + err := fmt.Errorf("Failed to find a shared datastore matching zone %s", volumeOptions.Zone) + klog.Error(err) + return "", err + } + + datastore, err = getMostFreeDatastoreName(ctx, nil, dsList) + if err != nil { + klog.Errorf("Failed to get shared datastore: %+v", err) + return "", err + } + klog.V(1).Infof("Specified zone : %s. Selected datastore : %s", volumeOptions.StoragePolicyName, datastore) + } else { + var sharedDsList []*vclib.DatastoreInfo + var err error + if len(volumeOptions.Zone) == 0 { + // If zone is not provided, get the shared datastore across all node VMs. + klog.V(4).Infof("Validating if datastore %s is shared across all node VMs", datastore) + sharedDsList, err = getSharedDatastoresInK8SCluster(ctx, dc, vs.nodeManager) + if err != nil { + klog.Errorf("Failed to get shared datastore: %+v", err) + return "", err + } + // Prepare error msg to be used later, if required. + err = fmt.Errorf("The specified datastore %s is not a shared datastore across node VMs", datastore) + } else { + // If zone is provided, get the shared datastores in that zone. + klog.V(4).Infof("Validating if datastore %s is in zone %s ", datastore, volumeOptions.Zone) + sharedDsList, err = getDatastoresForZone(ctx, dc, vs.nodeManager, volumeOptions.Zone) + if err != nil { + klog.Errorf("Failed to find a shared datastore matching zone %s. err: %+v", volumeOptions.Zone, err) + return "", err + } + // Prepare error msg to be used later, if required. + err = fmt.Errorf("The specified datastore %s does not match the provided zones : %s", datastore, volumeOptions.Zone) + } + found := false + // Check if the selected datastore belongs to the list of shared datastores computed. + for _, sharedDs := range sharedDsList { + if datastore == sharedDs.Info.Name { + klog.V(4).Infof("Datastore validation succeeded") + found = true + break + } + } + if !found { + klog.Error(err) + return "", err } - } - if !found { - msg := fmt.Sprintf("The specified datastore %s is not a shared datastore across node VMs", datastore) - return "", errors.New(msg) } } ds, err := dc.GetDatastoreByName(ctx, datastore) @@ -1412,14 +1516,10 @@ func (vs *VSphere) GetZone(ctx context.Context) (cloudprovider.Zone, error) { } if zone.Region == "" { - if vs.cfg.Labels.Region != "" { - return fmt.Errorf("vSphere region category %q does not match any tags for node %s [%s]", vs.cfg.Labels.Region, nodeName, vs.vmUUID) - } + return fmt.Errorf("vSphere region category %q does not match any tags for node %s [%s]", vs.cfg.Labels.Region, nodeName, vs.vmUUID) } if zone.FailureDomain == "" { - if vs.cfg.Labels.Zone != "" { - return fmt.Errorf("vSphere zone category %q does not match any tags for node %s [%s]", vs.cfg.Labels.Zone, nodeName, vs.vmUUID) - } + return fmt.Errorf("vSphere zone category %q does not match any tags for node %s [%s]", vs.cfg.Labels.Zone, nodeName, vs.vmUUID) } return nil @@ -1438,3 +1538,269 @@ func (vs *VSphere) GetZoneByNodeName(ctx context.Context, nodeName k8stypes.Node func (vs *VSphere) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) { return cloudprovider.Zone{}, cloudprovider.NotImplemented } + +// GetLabelsForVolume implements the PVLabeler interface for VSphere +// since this interface is used by the PV label admission controller. +func (vs *VSphere) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) (map[string]string, error) { + // ignore if zones not enabled + if !vs.isZoneEnabled() { + klog.V(4).Infof("Zone labels for volume is not enabled in vsphere.conf") + return nil, nil + } + // ignore if not vSphere volume + if pv.Spec.VsphereVolume == nil { + return nil, nil + } + return vs.GetVolumeLabels(pv.Spec.VsphereVolume.VolumePath) +} + +// GetVolumeLabels returns the well known zone and region labels for given volume +func (vs *VSphere) GetVolumeLabels(volumePath string) (map[string]string, error) { + // Create context + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + + // if zones is not enabled return no labels + if !vs.isZoneEnabled() { + klog.V(4).Infof("Volume zone labels is not enabled in vsphere.conf") + return nil, nil + } + + datastorePathObj, err := vclib.GetDatastorePathObjFromVMDiskPath(volumePath) + if err != nil { + klog.Errorf("Failed to get datastore for volume: %v: %+v", volumePath, err) + return nil, err + } + dsZones, err := vs.GetZonesForDatastore(ctx, datastorePathObj.Datastore) + if err != nil { + klog.Errorf("Failed to get zones for datastore %v: %+v", datastorePathObj.Datastore, err) + return nil, err + } + dsZones, err = vs.collapseZonesInRegion(ctx, dsZones) + // FIXME: For now, pick the first zone of datastore as the zone of volume + labels := make(map[string]string) + if len(dsZones) > 0 { + labels[v1.LabelZoneRegion] = dsZones[0].Region + labels[v1.LabelZoneFailureDomain] = dsZones[0].FailureDomain + } + return labels, nil +} + +// collapse all zones in same region. Join FailureDomain with well known separator +func (vs *VSphere) collapseZonesInRegion(ctx context.Context, zones []cloudprovider.Zone) ([]cloudprovider.Zone, error) { + // first create a map of region -> list of zones in that region + regionToZones := make(map[string][]string) + for _, zone := range zones { + fds, exists := regionToZones[zone.Region] + if !exists { + fds = make([]string, 0) + } + regionToZones[zone.Region] = append(fds, zone.FailureDomain) + } + + // Join all fds in same region and return Zone instances + collapsedZones := make([]cloudprovider.Zone, 0) + for region, fds := range regionToZones { + fdSet := sets.NewString(fds...) + appendedZone := volumehelpers.ZonesSetToLabelValue(fdSet) + collapsedZones = append(collapsedZones, cloudprovider.Zone{FailureDomain: appendedZone, Region: region}) + } + return collapsedZones, nil +} + +// GetZonesForDatastore returns all the zones from which this datastore is visible +func (vs *VSphere) GetZonesForDatastore(ctx context.Context, datastore string) ([]cloudprovider.Zone, error) { + vsi, err := vs.getVSphereInstanceForServer(vs.cfg.Workspace.VCenterIP, ctx) + if err != nil { + klog.Errorf("Failed to get vSphere instance: %+v", err) + return nil, err + } + dc, err := vclib.GetDatacenter(ctx, vsi.conn, vs.cfg.Workspace.Datacenter) + if err != nil { + klog.Errorf("Failed to get datacenter: %+v", err) + return nil, err + } + // get the hosts mounted on this datastore + // datastore -> ["host-1", "host-2", "host-3", ...] + ds, err := dc.GetDatastoreByName(ctx, datastore) + if err != nil { + klog.Errorf("Failed to get datastore by name: %v: %+v", datastore, err) + return nil, err + } + dsHosts, err := ds.GetDatastoreHostMounts(ctx) + if err != nil { + klog.Errorf("Failed to get datastore host mounts for %v: %+v", datastore, err) + return nil, err + } + klog.V(4).Infof("Got host mounts for datastore: %v: %v", datastore, dsHosts) + + // compute map of zone to list of hosts in that zone across all hosts in vsphere + // zone -> ["host-i", "host-j", "host-k", ...] + zoneToHosts, err := vs.GetZoneToHosts(ctx, vsi) + if err != nil { + klog.Errorf("Failed to get zones for hosts: %+v", err) + return nil, err + } + klog.V(4).Infof("Got zone to hosts: %v", zoneToHosts) + + // datastore belongs to a zone if all hosts in that zone mount that datastore + dsZones := make([]cloudprovider.Zone, 0) + for zone, zoneHosts := range zoneToHosts { + // if zone is valid and zoneHosts is a subset of dsHosts, then add zone + if zone.Region != "" && containsAll(dsHosts, zoneHosts) { + dsZones = append(dsZones, zone) + } + } + klog.V(4).Infof("Datastore %s belongs to zones: %v", datastore, dsZones) + return dsZones, nil +} + +// GetZoneToHosts returns a map of 'zone' -> 'list of hosts in that zone' in given VC +func (vs *VSphere) GetZoneToHosts(ctx context.Context, vsi *VSphereInstance) (map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference, error) { + // Approach is to find tags with the category of 'vs.cfg.Labels.Zone' + zoneToHosts := make(map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference) + + getHostsInTagCategory := func(ctx context.Context, tagCategoryName string) (map[vmwaretypes.ManagedObjectReference]string, error) { + + hostToTag := make(map[vmwaretypes.ManagedObjectReference]string) + err := withTagsClient(ctx, vsi.conn, func(c *rest.Client) error { + // Look whether the zone/region tag is defined in VC + tagManager := tags.NewManager(c) + tagsForCat, err := tagManager.GetTagsForCategory(ctx, tagCategoryName) + if err != nil { + klog.V(4).Infof("No tags with category %s exists in VC. So ignoring.", tagCategoryName) + // return a special error so that tag unavailability can be ignored + return ErrNoZoneTagInVC + } + klog.V(4).Infof("List of tags under category %s: %v", tagCategoryName, tagsForCat) + + // Each such tag is a different 'zone' marked in vCenter. + // Query for objects associated with each tag. Consider Host, Cluster and Datacenter kind of objects. + tagToObjects := make(map[string][]mo.Reference) + for _, tag := range tagsForCat { + klog.V(4).Infof("Getting objects associated with tag %s", tag.Name) + objects, err := tagManager.ListAttachedObjects(ctx, tag.Name) + if err != nil { + klog.Errorf("Error fetching objects associated with zone tag %s: %+v", tag.Name, err) + return err + } + tagToObjects[tag.Name] = objects + } + klog.V(4).Infof("Map of tag to objects: %v", tagToObjects) + + // Infer zone for hosts within Datacenter, hosts within clusters and hosts - in this order of increasing priority + // The below nested for-loops goes over all the objects in tagToObjects three times over. + for _, moType := range []string{vclib.DatacenterType, vclib.ClusterComputeResourceType, vclib.HostSystemType} { + for tagName, objects := range tagToObjects { + for _, obj := range objects { + if obj.Reference().Type == moType { + klog.V(4).Infof("Found zone tag %s associated with %s of type %T: %s", tagName, obj, obj, obj.Reference().Value) + switch moType { + case "Datacenter": + // mark that all hosts in this datacenter has tag applied + dcObjRef := object.NewReference(vsi.conn.Client, obj.Reference()) + klog.V(4).Infof("Converted mo obj %v to govmomi object ref %v", obj, dcObjRef) + dcObj, ok := dcObjRef.(*object.Datacenter) + if !ok { + errMsg := fmt.Sprintf("Not able to convert object to Datacenter %v", obj) + klog.Errorf(errMsg) + return errors.New(errMsg) + } + klog.V(4).Infof("Converted to object Datacenter %v", dcObj) + dc := vclib.Datacenter{Datacenter: dcObj} + hosts, err := dc.GetAllHosts(ctx) + if err != nil { + klog.Errorf("Could not get hosts from datacenter %v: %+v", dc, err) + return err + } + for _, host := range hosts { + hostToTag[host] = tagName + } + case "ClusterComputeResource": + // mark that all hosts in this cluster has tag applied + clusterObjRef := object.NewReference(vsi.conn.Client, obj.Reference()) + clusterObj, ok := clusterObjRef.(*object.ClusterComputeResource) + if !ok { + errMsg := fmt.Sprintf("Not able to convert object ClusterComputeResource %v", obj) + klog.Errorf(errMsg) + return errors.New(errMsg) + } + hostSystemList, err := clusterObj.Hosts(ctx) + if err != nil { + klog.Errorf("Not able to get hosts in cluster %v: %+v", clusterObj, err) + return err + } + for _, host := range hostSystemList { + hostToTag[host.Reference()] = tagName + } + case "HostSystem": + // mark that this host has tag applied + hostToTag[obj.Reference()] = tagName + } + } + } + } + } + return nil // no error + }) + if err != nil { + klog.Errorf("Error processing tag category %s: %+v", tagCategoryName, err) + return nil, err + } + klog.V(6).Infof("Computed hostToTag: %v", hostToTag) + return hostToTag, nil + } + + hostToZone, err := getHostsInTagCategory(ctx, vs.cfg.Labels.Zone) + if err != nil { + if err == ErrNoZoneTagInVC { + return zoneToHosts, nil + } + klog.Errorf("Get hosts in tag category %s failed: %+v", vs.cfg.Labels.Zone, err) + return nil, err + } + + hostToRegion, err := getHostsInTagCategory(ctx, vs.cfg.Labels.Region) + if err != nil { + if err == ErrNoZoneTagInVC { + return zoneToHosts, nil + } + klog.Errorf("Get hosts in tag category %s failed: %+v", vs.cfg.Labels.Region, err) + return nil, err + } + + // populate zoneToHosts based on hostToZone and hostToRegion + klog.V(6).Infof("hostToZone: %v", hostToZone) + klog.V(6).Infof("hostToRegion: %v", hostToRegion) + for host, zone := range hostToZone { + region, regionExists := hostToRegion[host] + if !regionExists { + klog.Errorf("Host %s has a zone, but no region. So ignoring.", host) + continue + } + cpZone := cloudprovider.Zone{FailureDomain: zone, Region: region} + hosts, exists := zoneToHosts[cpZone] + if !exists { + hosts = make([]vmwaretypes.ManagedObjectReference, 0) + } + zoneToHosts[cpZone] = append(hosts, host) + } + klog.V(4).Infof("Final zoneToHosts: %v", zoneToHosts) + return zoneToHosts, nil +} + +// returns true if s1 contains all elements from s2; false otherwise +func containsAll(s1 []vmwaretypes.ManagedObjectReference, s2 []vmwaretypes.ManagedObjectReference) bool { + // put all elements of s1 into a map + s1Map := make(map[vmwaretypes.ManagedObjectReference]bool) + for _, mor := range s1 { + s1Map[mor] = true + } + // verify if all elements of s2 are present in s1Map + for _, mor := range s2 { + if _, found := s1Map[mor]; !found { + return false + } + } + return true +} diff --git a/pkg/cloudprovider/providers/vsphere/vsphere_test.go b/pkg/cloudprovider/providers/vsphere/vsphere_test.go index 4332b3cb016..b0805fbc037 100644 --- a/pkg/cloudprovider/providers/vsphere/vsphere_test.go +++ b/pkg/cloudprovider/providers/vsphere/vsphere_test.go @@ -23,10 +23,13 @@ import ( "io/ioutil" "log" "os" + "reflect" + "sort" "strconv" "strings" "testing" + "github.com/vmware/govmomi/find" lookup "github.com/vmware/govmomi/lookup/simulator" "github.com/vmware/govmomi/property" "github.com/vmware/govmomi/simulator" @@ -36,6 +39,7 @@ import ( vapi "github.com/vmware/govmomi/vapi/simulator" "github.com/vmware/govmomi/vapi/tags" "github.com/vmware/govmomi/vim25/mo" + vmwaretypes "github.com/vmware/govmomi/vim25/types" "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/rand" @@ -487,6 +491,192 @@ func TestZones(t *testing.T) { } } +func TestGetZoneToHosts(t *testing.T) { + // Common setup for all testcases in this test + ctx := context.TODO() + + // Create a vcsim instance + cfg, cleanup := configFromSim() + defer cleanup() + + // Create vSphere configuration object + vs, err := newControllerNode(cfg) + if err != nil { + t.Fatalf("Failed to construct/authenticate vSphere: %s", err) + } + + // Configure region and zone categories + vs.cfg.Labels.Region = "k8s-region" + vs.cfg.Labels.Zone = "k8s-zone" + + // Create vSphere client + vsi, ok := vs.vsphereInstanceMap[cfg.Global.VCenterIP] + if !ok { + t.Fatalf("Couldn't get vSphere instance: %s", cfg.Global.VCenterIP) + } + + err = vsi.conn.Connect(ctx) + if err != nil { + t.Errorf("Failed to connect to vSphere: %s", err) + } + + // Lookup Datacenter for this test's Workspace + dc, err := vclib.GetDatacenter(ctx, vsi.conn, vs.cfg.Workspace.Datacenter) + if err != nil { + t.Fatal(err) + } + + // Property Collector instance + pc := property.DefaultCollector(vsi.conn.Client) + + // find all hosts in VC + finder := find.NewFinder(vsi.conn.Client, true) + finder.SetDatacenter(dc.Datacenter) + allVcHostsList, err := finder.HostSystemList(ctx, "*") + if err != nil { + t.Fatal(err) + } + var allVcHosts []vmwaretypes.ManagedObjectReference + for _, h := range allVcHostsList { + allVcHosts = append(allVcHosts, h.Reference()) + } + + // choose a cluster to apply zone/region tags + cluster := simulator.Map.Any("ClusterComputeResource") + var c mo.ClusterComputeResource + if err := pc.RetrieveOne(ctx, cluster.Reference(), []string{"host"}, &c); err != nil { + t.Fatal(err) + } + + // choose one of the host inside this cluster to apply zone/region tags + if c.Host == nil || len(c.Host) == 0 { + t.Fatalf("This test needs a host inside a cluster.") + } + clusterHosts := c.Host + sortHosts(clusterHosts) + // pick the first host in the cluster to apply tags + host := clusterHosts[0] + remainingHostsInCluster := clusterHosts[1:] + + // Tag manager instance + m := tags.NewManager(rest.NewClient(vsi.conn.Client)) + + // Create a region category + regionCat, err := m.CreateCategory(ctx, &tags.Category{Name: vs.cfg.Labels.Region}) + if err != nil { + t.Fatal(err) + } + + // Create a region tag + regionName := "k8s-region-US" + regionTag, err := m.CreateTag(ctx, &tags.Tag{CategoryID: regionCat, Name: regionName}) + if err != nil { + t.Fatal(err) + } + + // Create a zone category + zoneCat, err := m.CreateCategory(ctx, &tags.Category{Name: vs.cfg.Labels.Zone}) + if err != nil { + t.Fatal(err) + } + + // Create a zone tag + zone1Name := "k8s-zone-US-CA1" + zone1Tag, err := m.CreateTag(ctx, &tags.Tag{CategoryID: zoneCat, Name: zone1Name}) + if err != nil { + t.Fatal(err) + } + zone1 := cloudprovider.Zone{FailureDomain: zone1Name, Region: regionName} + + // Create a second zone tag + zone2Name := "k8s-zone-US-CA2" + zone2Tag, err := m.CreateTag(ctx, &tags.Tag{CategoryID: zoneCat, Name: zone2Name}) + if err != nil { + t.Fatal(err) + } + zone2 := cloudprovider.Zone{FailureDomain: zone2Name, Region: regionName} + + testcases := []struct { + name string + tags map[string][]mo.Reference + zoneToHosts map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference + }{ + { + name: "Zone and Region tags on host", + tags: map[string][]mo.Reference{zone1Tag: {host}, regionTag: {host}}, + zoneToHosts: map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference{zone1: {host}}, + }, + { + name: "Zone on host Region on datacenter", + tags: map[string][]mo.Reference{zone1Tag: {host}, regionTag: {dc}}, + zoneToHosts: map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference{zone1: {host}}, + }, + { + name: "Zone on cluster Region on datacenter", + tags: map[string][]mo.Reference{zone1Tag: {cluster}, regionTag: {dc}}, + zoneToHosts: map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference{zone1: clusterHosts}, + }, + { + name: "Zone on cluster and override on host", + tags: map[string][]mo.Reference{zone2Tag: {cluster}, zone1Tag: {host}, regionTag: {dc}}, + zoneToHosts: map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference{zone1: {host}, zone2: remainingHostsInCluster}, + }, + { + name: "Zone and Region on datacenter", + tags: map[string][]mo.Reference{zone1Tag: {dc}, regionTag: {dc}}, + zoneToHosts: map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference{zone1: allVcHosts}, + }, + } + + for _, testcase := range testcases { + t.Run(testcase.name, func(t *testing.T) { + // apply tags to datacenter/cluster/host as per this testcase + for tagId, objects := range testcase.tags { + for _, object := range objects { + if err := m.AttachTag(ctx, tagId, object); err != nil { + t.Fatal(err) + } + } + } + + // run the test + zoneToHosts, err := vs.GetZoneToHosts(ctx, vsi) + if err != nil { + t.Errorf("unexpected error when calling GetZoneToHosts: %q", err) + } + + // do not depend on the sort order of hosts in result + sortHostsMap(zoneToHosts) + if !reflect.DeepEqual(zoneToHosts, testcase.zoneToHosts) { + t.Logf("expected result: %+v", testcase.zoneToHosts) + t.Logf("actual result: %+v", zoneToHosts) + t.Error("unexpected result from GetZoneToHosts") + } + + // clean up tags applied on datacenter/cluster/host for this testcase + for tagId, objects := range testcase.tags { + for _, object := range objects { + if err = m.DetachTag(ctx, tagId, object); err != nil { + t.Fatal(err) + } + } + } + }) + } +} + +func sortHostsMap(zoneToHosts map[cloudprovider.Zone][]vmwaretypes.ManagedObjectReference) { + for _, hosts := range zoneToHosts { + sortHosts(hosts) + } +} + +func sortHosts(hosts []vmwaretypes.ManagedObjectReference) { + sort.Slice(hosts, func(i, j int) bool { + return hosts[i].Value < hosts[j].Value + }) +} + func TestInstances(t *testing.T) { cfg, ok := configFromEnv() if !ok { diff --git a/pkg/cloudprovider/providers/vsphere/vsphere_util.go b/pkg/cloudprovider/providers/vsphere/vsphere_util.go index 8cc22447b43..22726792289 100644 --- a/pkg/cloudprovider/providers/vsphere/vsphere_util.go +++ b/pkg/cloudprovider/providers/vsphere/vsphere_util.go @@ -20,12 +20,13 @@ import ( "context" "errors" "fmt" - "io/ioutil" "os" "path/filepath" "strings" "time" + "github.com/vmware/govmomi/object" + "github.com/vmware/govmomi/property" "github.com/vmware/govmomi/vim25" "github.com/vmware/govmomi/vim25/mo" "github.com/vmware/govmomi/vim25/soap" @@ -45,8 +46,6 @@ const ( Folder = "Folder" VirtualMachine = "VirtualMachine" DummyDiskName = "kube-dummyDisk.vmdk" - UUIDPath = "/sys/class/dmi/id/product_serial" - UUIDPrefix = "VMware-" ProviderPrefix = "vsphere://" vSphereConfFileEnvVar = "VSPHERE_CONF_FILE" ) @@ -251,6 +250,98 @@ func getPbmCompatibleDatastore(ctx context.Context, dc *vclib.Datacenter, storag return datastore, err } +func getDatastoresForZone(ctx context.Context, dc *vclib.Datacenter, nodeManager *NodeManager, selectedZones []string) ([]*vclib.DatastoreInfo, error) { + + var sharedDatastores []*vclib.DatastoreInfo + + for _, zone := range selectedZones { + var sharedDatastoresPerZone []*vclib.DatastoreInfo + hosts, err := nodeManager.GetHostsInZone(ctx, zone) + if err != nil { + return nil, err + } + klog.V(4).Infof("Hosts in zone %s : %s", zone, hosts) + + for _, host := range hosts { + var hostSystemMo mo.HostSystem + err = host.Properties(ctx, host.Reference(), []string{"datastore"}, &hostSystemMo) + if err != nil { + klog.Errorf("Failed to get datastore property for host %s. err : %+v", host, err) + return nil, err + } + + klog.V(4).Infof("Datastores mounted on host %s : %s", host, hostSystemMo.Datastore) + var dsRefList []types.ManagedObjectReference + for _, dsRef := range hostSystemMo.Datastore { + dsRefList = append(dsRefList, dsRef) + } + + var dsMoList []mo.Datastore + pc := property.DefaultCollector(host.Client()) + properties := []string{DatastoreInfoProperty} + err = pc.Retrieve(ctx, dsRefList, properties, &dsMoList) + if err != nil { + klog.Errorf("Failed to get Datastore managed objects from datastore objects."+ + " dsObjList: %+v, properties: %+v, err: %+v", dsRefList, properties, err) + return nil, err + } + klog.V(9).Infof("Datastore mo details: %+v", dsMoList) + + var dsObjList []*vclib.DatastoreInfo + for _, dsMo := range dsMoList { + dsObjList = append(dsObjList, + &vclib.DatastoreInfo{ + Datastore: &vclib.Datastore{Datastore: object.NewDatastore(host.Client(), dsMo.Reference()), + Datacenter: nil}, + Info: dsMo.Info.GetDatastoreInfo()}) + } + + klog.V(9).Infof("DatastoreInfo details : %s", dsObjList) + + if len(sharedDatastoresPerZone) == 0 { + sharedDatastoresPerZone = dsObjList + } else { + sharedDatastoresPerZone = intersect(sharedDatastoresPerZone, dsObjList) + } + klog.V(9).Infof("Shared datastore list after processing host %s : %s", host, sharedDatastoresPerZone) + } + klog.V(4).Infof("Shared datastore per zone %s is %s", zone, sharedDatastoresPerZone) + if len(sharedDatastores) == 0 { + sharedDatastores = sharedDatastoresPerZone + } else { + sharedDatastores = intersect(sharedDatastores, sharedDatastoresPerZone) + } + } + klog.V(1).Infof("Returning selected datastores : %s", sharedDatastores) + return sharedDatastores, nil +} + +func getPbmCompatibleZonedDatastore(ctx context.Context, dc *vclib.Datacenter, storagePolicyName string, zonedDatastores []*vclib.DatastoreInfo) (string, error) { + pbmClient, err := vclib.NewPbmClient(ctx, dc.Client()) + if err != nil { + return "", err + } + storagePolicyID, err := pbmClient.ProfileIDByName(ctx, storagePolicyName) + if err != nil { + klog.Errorf("Failed to get Profile ID by name: %s. err: %+v", storagePolicyName, err) + return "", err + } + compatibleDatastores, _, err := pbmClient.GetCompatibleDatastores(ctx, dc, storagePolicyID, zonedDatastores) + if err != nil { + klog.Errorf("Failed to get compatible datastores from datastores : %+v with storagePolicy: %s. err: %+v", + zonedDatastores, storagePolicyID, err) + return "", err + } + klog.V(9).Infof("compatibleDatastores : %+v", compatibleDatastores) + datastore, err := getMostFreeDatastoreName(ctx, dc.Client(), compatibleDatastores) + if err != nil { + klog.Errorf("Failed to get most free datastore from compatible datastores: %+v. err: %+v", compatibleDatastores, err) + return "", err + } + klog.V(4).Infof("Most free datastore : %+s", datastore) + return datastore, err +} + func (vs *VSphere) setVMOptions(ctx context.Context, dc *vclib.Datacenter, resourcePoolPath string) (*vclib.VMOptions, error) { var vmOptions vclib.VMOptions resourcePool, err := dc.GetResourcePool(ctx, resourcePoolPath) @@ -552,29 +643,6 @@ func (vs *VSphere) GetNodeNameFromProviderID(providerID string) (string, error) return nodeName, nil } -func GetVMUUID() (string, error) { - id, err := ioutil.ReadFile(UUIDPath) - if err != nil { - return "", fmt.Errorf("error retrieving vm uuid: %s", err) - } - uuidFromFile := string(id[:]) - //strip leading and trailing white space and new line char - uuid := strings.TrimSpace(uuidFromFile) - // check the uuid starts with "VMware-" - if !strings.HasPrefix(uuid, UUIDPrefix) { - return "", fmt.Errorf("Failed to match Prefix, UUID read from the file is %v", uuidFromFile) - } - // Strip the prefix and white spaces and - - uuid = strings.Replace(uuid[len(UUIDPrefix):(len(uuid))], " ", "", -1) - uuid = strings.Replace(uuid, "-", "", -1) - if len(uuid) != 32 { - return "", fmt.Errorf("Length check failed, UUID read from the file is %v", uuidFromFile) - } - // need to add dashes, e.g. "564d395e-d807-e18a-cb25-b79f65eb2b9f" - uuid = fmt.Sprintf("%s-%s-%s-%s-%s", uuid[0:8], uuid[8:12], uuid[12:16], uuid[16:20], uuid[20:32]) - return uuid, nil -} - func GetUUIDFromProviderID(providerID string) string { return strings.TrimPrefix(providerID, ProviderPrefix) } diff --git a/pkg/cloudprovider/providers/vsphere/vsphere_util_linux.go b/pkg/cloudprovider/providers/vsphere/vsphere_util_linux.go new file mode 100644 index 00000000000..596bf9a1063 --- /dev/null +++ b/pkg/cloudprovider/providers/vsphere/vsphere_util_linux.go @@ -0,0 +1,53 @@ +// +build linux + +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package vsphere + +import ( + "fmt" + "io/ioutil" + "strings" +) + +const ( + UUIDPath = "/sys/class/dmi/id/product_serial" + UUIDPrefix = "VMware-" +) + +func GetVMUUID() (string, error) { + id, err := ioutil.ReadFile(UUIDPath) + if err != nil { + return "", fmt.Errorf("error retrieving vm uuid: %s", err) + } + uuidFromFile := string(id[:]) + //strip leading and trailing white space and new line char + uuid := strings.TrimSpace(uuidFromFile) + // check the uuid starts with "VMware-" + if !strings.HasPrefix(uuid, UUIDPrefix) { + return "", fmt.Errorf("Failed to match Prefix, UUID read from the file is %v", uuidFromFile) + } + // Strip the prefix and white spaces and - + uuid = strings.Replace(uuid[len(UUIDPrefix):(len(uuid))], " ", "", -1) + uuid = strings.Replace(uuid, "-", "", -1) + if len(uuid) != 32 { + return "", fmt.Errorf("Length check failed, UUID read from the file is %v", uuidFromFile) + } + // need to add dashes, e.g. "564d395e-d807-e18a-cb25-b79f65eb2b9f" + uuid = fmt.Sprintf("%s-%s-%s-%s-%s", uuid[0:8], uuid[8:12], uuid[12:16], uuid[16:20], uuid[20:32]) + return uuid, nil +} diff --git a/pkg/cloudprovider/providers/vsphere/vsphere_util_unsupported.go b/pkg/cloudprovider/providers/vsphere/vsphere_util_unsupported.go new file mode 100644 index 00000000000..ca6eb66b23f --- /dev/null +++ b/pkg/cloudprovider/providers/vsphere/vsphere_util_unsupported.go @@ -0,0 +1,25 @@ +// +build !windows,!linux + +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package vsphere + +import "fmt" + +func GetVMUUID() (string, error) { + return "", fmt.Errorf("Retrieving VM UUID on this build is not implemented.") +} diff --git a/pkg/cloudprovider/providers/vsphere/vsphere_util_windows.go b/pkg/cloudprovider/providers/vsphere/vsphere_util_windows.go new file mode 100644 index 00000000000..9b276427878 --- /dev/null +++ b/pkg/cloudprovider/providers/vsphere/vsphere_util_windows.go @@ -0,0 +1,37 @@ +// +build windows + +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package vsphere + +import ( + "fmt" + "os/exec" + "strings" +) + +func GetVMUUID() (string, error) { + result, err := exec.Command("wmic", "csproduct", "get", "UUID").Output() + if err != nil { + return "", fmt.Errorf("error retrieving vm uuid: %s", err) + } + fields := strings.Fields(string(result)) + if len(fields) != 2 { + return "", fmt.Errorf("received unexpected value retrieving vm uuid: %q", string(result)) + } + return fields[1], nil +} diff --git a/pkg/controller/.import-restrictions b/pkg/controller/.import-restrictions index 403dc4115a2..6000753734d 100644 --- a/pkg/controller/.import-restrictions +++ b/pkg/controller/.import-restrictions @@ -31,13 +31,9 @@ "k8s.io/api/policy/v1beta1", "k8s.io/api/rbac/v1", "k8s.io/api/storage/v1", - "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1", - "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset", - "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/fake", "k8s.io/apimachinery/pkg/api/equality", "k8s.io/apimachinery/pkg/api/errors", "k8s.io/apimachinery/pkg/api/meta", - "k8s.io/apimachinery/pkg/api/meta/testrestmapper", "k8s.io/apimachinery/pkg/api/resource", "k8s.io/apimachinery/pkg/apis/meta/v1", "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured", @@ -93,7 +89,6 @@ { "SelectorRegexp": "github[.]com/", "AllowedPrefixes": [ - "github.com/Azure/go-autorest/autorest/to", "github.com/cloudflare/cfssl/config", "github.com/cloudflare/cfssl/helpers", "github.com/cloudflare/cfssl/signer", @@ -108,7 +103,11 @@ "github.com/robfig/cron", "github.com/spf13/pflag", "github.com/stretchr/testify/assert", - "github.com/stretchr/testify/require" + "github.com/stretchr/testify/require", + "github.com/google/gofuzz", + "github.com/golang/protobuf/ptypes/wrappers", + "github.com/golang/protobuf/proto", + "github.com/container-storage-interface/spec/lib/go/csi" ] }, { @@ -151,9 +150,7 @@ "k8s.io/client-go/pkg/version", "k8s.io/client-go/rest", "k8s.io/client-go/scale", - "k8s.io/client-go/scale/fake", "k8s.io/client-go/testing", - "k8s.io/client-go/tools/bootstrap/token/api", "k8s.io/client-go/tools/cache", "k8s.io/client-go/tools/leaderelection/resourcelock", "k8s.io/client-go/tools/record", @@ -162,7 +159,6 @@ "k8s.io/client-go/util/cert", "k8s.io/client-go/util/flowcontrol", "k8s.io/client-go/util/retry", - "k8s.io/client-go/util/testing", "k8s.io/client-go/util/workqueue" ] }, @@ -170,18 +166,11 @@ "SelectorRegexp": "k8s[.]io/kubernetes/pkg", "AllowedPrefixes": [ "k8s.io/kubernetes/pkg/api/legacyscheme", - "k8s.io/kubernetes/pkg/api/testapi", "k8s.io/kubernetes/pkg/api/v1/endpoints", "k8s.io/kubernetes/pkg/api/v1/node", "k8s.io/kubernetes/pkg/api/v1/pod", - "k8s.io/kubernetes/pkg/apis/apps/install", "k8s.io/kubernetes/pkg/apis/apps/v1", - "k8s.io/kubernetes/pkg/apis/authentication/install", - "k8s.io/kubernetes/pkg/apis/authorization/install", "k8s.io/kubernetes/pkg/apis/autoscaling", - "k8s.io/kubernetes/pkg/apis/autoscaling/install", - "k8s.io/kubernetes/pkg/apis/batch/install", - "k8s.io/kubernetes/pkg/apis/certificates/install", "k8s.io/kubernetes/pkg/apis/certificates/v1beta1", "k8s.io/kubernetes/pkg/apis/core", "k8s.io/kubernetes/pkg/apis/core/helper", @@ -189,35 +178,16 @@ "k8s.io/kubernetes/pkg/apis/core/v1", "k8s.io/kubernetes/pkg/apis/core/v1/helper", "k8s.io/kubernetes/pkg/apis/core/validation", - "k8s.io/kubernetes/pkg/apis/extensions", - "k8s.io/kubernetes/pkg/apis/extensions/install", - "k8s.io/kubernetes/pkg/apis/policy/install", - "k8s.io/kubernetes/pkg/apis/rbac/install", - "k8s.io/kubernetes/pkg/apis/settings/install", - "k8s.io/kubernetes/pkg/apis/storage/install", - "k8s.io/kubernetes/pkg/client/unversioned", - "k8s.io/kubernetes/pkg/client/unversioned/testclient", "k8s.io/kubernetes/pkg/cloudprovider", - "k8s.io/kubernetes/pkg/cloudprovider/providers/fake", "k8s.io/kubernetes/pkg/cloudprovider/providers/gce", "k8s.io/kubernetes/pkg/controller", "k8s.io/kubernetes/pkg/controller/apis/config", - "k8s.io/kubernetes/pkg/controller/apis/config/scheme", "k8s.io/kubernetes/pkg/controller/apis/config/v1alpha1", - "k8s.io/kubernetes/pkg/controller/bootstrap", "k8s.io/kubernetes/pkg/controller/certificates", - "k8s.io/kubernetes/pkg/controller/certificates/approver", - "k8s.io/kubernetes/pkg/controller/certificates/cleaner", - "k8s.io/kubernetes/pkg/controller/certificates/signer", - "k8s.io/kubernetes/pkg/controller/cloud", - "k8s.io/kubernetes/pkg/controller/clusterroleaggregation", - "k8s.io/kubernetes/pkg/controller/cronjob", "k8s.io/kubernetes/pkg/controller/daemon", "k8s.io/kubernetes/pkg/controller/daemon/util", "k8s.io/kubernetes/pkg/controller/deployment", "k8s.io/kubernetes/pkg/controller/deployment/util", - "k8s.io/kubernetes/pkg/controller/disruption", - "k8s.io/kubernetes/pkg/controller/endpoint", "k8s.io/kubernetes/pkg/controller/garbagecollector", "k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly", "k8s.io/kubernetes/pkg/controller/history", @@ -228,23 +198,11 @@ "k8s.io/kubernetes/pkg/controller/nodeipam/ipam", "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset", "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync", - "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/test", "k8s.io/kubernetes/pkg/controller/nodelifecycle", "k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler", "k8s.io/kubernetes/pkg/controller/podautoscaler", "k8s.io/kubernetes/pkg/controller/podautoscaler/metrics", - "k8s.io/kubernetes/pkg/controller/podgc", "k8s.io/kubernetes/pkg/controller/replicaset", - "k8s.io/kubernetes/pkg/controller/replicaset/options", - "k8s.io/kubernetes/pkg/controller/replication", - "k8s.io/kubernetes/pkg/controller/resourcequota", - "k8s.io/kubernetes/pkg/controller/route", - "k8s.io/kubernetes/pkg/controller/service", - "k8s.io/kubernetes/pkg/controller/serviceaccount", - "k8s.io/kubernetes/pkg/controller/statefulset", - "k8s.io/kubernetes/pkg/controller/testutil", - "k8s.io/kubernetes/pkg/controller/ttl", - "k8s.io/kubernetes/pkg/controller/ttlafterfinished", "k8s.io/kubernetes/pkg/controller/util/node", "k8s.io/kubernetes/pkg/controller/volume/attachdetach", "k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache", @@ -252,16 +210,12 @@ "k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator", "k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler", "k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater", - "k8s.io/kubernetes/pkg/controller/volume/attachdetach/testing", "k8s.io/kubernetes/pkg/controller/volume/attachdetach/util", "k8s.io/kubernetes/pkg/controller/volume/events", "k8s.io/kubernetes/pkg/controller/volume/expand", "k8s.io/kubernetes/pkg/controller/volume/expand/cache", "k8s.io/kubernetes/pkg/controller/volume/persistentvolume", "k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics", - "k8s.io/kubernetes/pkg/controller/volume/persistentvolume/options", - "k8s.io/kubernetes/pkg/controller/volume/pvcprotection", - "k8s.io/kubernetes/pkg/controller/volume/pvprotection", "k8s.io/kubernetes/pkg/features", "k8s.io/kubernetes/pkg/kubectl/scheme", "k8s.io/kubernetes/pkg/kubelet/apis", @@ -269,14 +223,10 @@ "k8s.io/kubernetes/pkg/kubelet/types", "k8s.io/kubernetes/pkg/kubelet/util/format", "k8s.io/kubernetes/pkg/quota", - "k8s.io/kubernetes/pkg/quota/evaluator/core", - "k8s.io/kubernetes/pkg/quota/generic", - "k8s.io/kubernetes/pkg/quota/install", "k8s.io/kubernetes/pkg/registry/core/secret", "k8s.io/kubernetes/pkg/scheduler/algorithm", "k8s.io/kubernetes/pkg/scheduler/algorithm/predicates", "k8s.io/kubernetes/pkg/scheduler/nodeinfo", - "k8s.io/kubernetes/pkg/securitycontext", "k8s.io/kubernetes/pkg/serviceaccount", "k8s.io/kubernetes/pkg/util/goroutinemap", "k8s.io/kubernetes/pkg/util/goroutinemap/exponentialbackoff", @@ -285,22 +235,16 @@ "k8s.io/kubernetes/pkg/util/metrics", "k8s.io/kubernetes/pkg/util/mount", "k8s.io/kubernetes/pkg/util/node", - "k8s.io/kubernetes/pkg/util/reflector/prometheus", "k8s.io/kubernetes/pkg/util/slice", "k8s.io/kubernetes/pkg/util/system", "k8s.io/kubernetes/pkg/util/taints", - "k8s.io/kubernetes/pkg/util/workqueue/prometheus", "k8s.io/kubernetes/pkg/volume", - "k8s.io/kubernetes/pkg/volume/testing", "k8s.io/kubernetes/pkg/volume/util", "k8s.io/kubernetes/pkg/volume/util/operationexecutor", "k8s.io/kubernetes/pkg/volume/util/recyclerclient", "k8s.io/kubernetes/pkg/volume/util/types", "k8s.io/kubernetes/pkg/volume/util/volumepathhandler", "k8s.io/kubernetes/pkg/api/service", - "k8s.io/kubernetes/pkg/api/v1/service", - "k8s.io/kubernetes/pkg/apis/networking", - "k8s.io/kubernetes/pkg/apis/policy", "k8s.io/kubernetes/pkg/apis/scheduling", "k8s.io/kubernetes/pkg/capabilities", "k8s.io/kubernetes/pkg/master/ports", @@ -310,11 +254,8 @@ "k8s.io/kubernetes/pkg/util/parsers", "k8s.io/kubernetes/pkg/fieldpath", "k8s.io/kubernetes/pkg/scheduler/volumebinder", - "k8s.io/kubernetes/pkg/scheduler/internal/cache", "k8s.io/kubernetes/pkg/util/resizefs", - "k8s.io/kubernetes/pkg/util/version", - "k8s.io/kubernetes/pkg/apis/apps", - "k8s.io/kubernetes/pkg/version" + "k8s.io/kubernetes/pkg/apis/apps" ] }, { @@ -322,19 +263,19 @@ "AllowedPrefixes": [ "k8s.io/csi-api/pkg/apis/csi/v1alpha1", "k8s.io/csi-api/pkg/client/clientset/versioned", + "k8s.io/csi-api/pkg/client/listers/csi/v1alpha1", + "k8s.io/csi-api/pkg/client/informers/externalversions", + "k8s.io/csi-api/pkg/client/informers/externalversions/csi/v1alpha1", "k8s.io/heapster/metrics/api/v1/types", "k8s.io/kube-controller-manager/config/v1alpha1", "k8s.io/metrics/pkg/apis/custom_metrics/v1beta2", "k8s.io/metrics/pkg/apis/external_metrics/v1beta1", "k8s.io/metrics/pkg/apis/metrics/v1alpha1", "k8s.io/metrics/pkg/apis/metrics/v1beta1", - "k8s.io/metrics/pkg/client/clientset/versioned/fake", "k8s.io/metrics/pkg/client/clientset/versioned/scheme", "k8s.io/metrics/pkg/client/clientset/versioned/typed/metrics/v1beta1", "k8s.io/metrics/pkg/client/custom_metrics", - "k8s.io/metrics/pkg/client/custom_metrics/fake", "k8s.io/metrics/pkg/client/external_metrics", - "k8s.io/metrics/pkg/client/external_metrics/fake", "k8s.io/utils/nsenter", "k8s.io/utils/integer", "k8s.io/utils/io", @@ -351,12 +292,15 @@ "golang.org/x/time/rate", "golang.org/x/sys/unix", "golang.org/x/oauth2", + "golang.org/x/net/context", "google.golang.org/api/compute/v1", "google.golang.org/api/googleapi", "google.golang.org/api/compute/v0.alpha", "google.golang.org/api/container/v1", "google.golang.org/api/compute/v0.beta", - "google.golang.org/api/tpu/v1" + "google.golang.org/api/tpu/v1", + "golang.org/x/net/context", + "google.golang.org/grpc" ] } ] diff --git a/pkg/controller/OWNERS b/pkg/controller/OWNERS index 591fa3b2286..b1147466aa3 100644 --- a/pkg/controller/OWNERS +++ b/pkg/controller/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - derekwaynecarr diff --git a/pkg/controller/apis/config/OWNERS b/pkg/controller/apis/config/OWNERS index e3149dc3c06..5381816e41e 100644 --- a/pkg/controller/apis/config/OWNERS +++ b/pkg/controller/apis/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - api-approvers - deads2k diff --git a/pkg/controller/certificates/OWNERS b/pkg/controller/certificates/OWNERS old mode 100755 new mode 100644 index 470b7a1c92d..3cf03643835 --- a/pkg/controller/certificates/OWNERS +++ b/pkg/controller/certificates/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-certificates-approvers reviewers: diff --git a/pkg/controller/cloud/BUILD b/pkg/controller/cloud/BUILD index 1348d836c50..1997df80994 100644 --- a/pkg/controller/cloud/BUILD +++ b/pkg/controller/cloud/BUILD @@ -21,7 +21,6 @@ go_library( "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/api:go_default_library", "//pkg/util/node:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -42,6 +41,7 @@ go_library( "//staging/src/k8s.io/client-go/util/retry:go_default_library", "//staging/src/k8s.io/client-go/util/workqueue:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) @@ -60,7 +60,6 @@ go_test( "//pkg/controller/testutil:go_default_library", "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/api:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", @@ -73,6 +72,7 @@ go_test( "//staging/src/k8s.io/client-go/testing:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/stretchr/testify/assert:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], diff --git a/pkg/controller/cloud/OWNERS b/pkg/controller/cloud/OWNERS index 789b468a02c..028c9eee132 100644 --- a/pkg/controller/cloud/OWNERS +++ b/pkg/controller/cloud/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin - luxas diff --git a/pkg/controller/cloud/node_controller.go b/pkg/controller/cloud/node_controller.go index 312bb550bee..781c3e7c349 100644 --- a/pkg/controller/cloud/node_controller.go +++ b/pkg/controller/cloud/node_controller.go @@ -284,8 +284,8 @@ func (cnc *CloudNodeController) initializeNode(node *v1.Node) { if instanceType, err := getInstanceTypeByProviderIDOrName(instances, curNode); err != nil { return err } else if instanceType != "" { - klog.V(2).Infof("Adding node label from cloud provider: %s=%s", kubeletapis.LabelInstanceType, instanceType) - curNode.ObjectMeta.Labels[kubeletapis.LabelInstanceType] = instanceType + klog.V(2).Infof("Adding node label from cloud provider: %s=%s", v1.LabelInstanceType, instanceType) + curNode.ObjectMeta.Labels[v1.LabelInstanceType] = instanceType } if zones, ok := cnc.cloud.Zones(); ok { @@ -294,12 +294,12 @@ func (cnc *CloudNodeController) initializeNode(node *v1.Node) { return fmt.Errorf("failed to get zone from cloud provider: %v", err) } if zone.FailureDomain != "" { - klog.V(2).Infof("Adding node label from cloud provider: %s=%s", kubeletapis.LabelZoneFailureDomain, zone.FailureDomain) - curNode.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] = zone.FailureDomain + klog.V(2).Infof("Adding node label from cloud provider: %s=%s", v1.LabelZoneFailureDomain, zone.FailureDomain) + curNode.ObjectMeta.Labels[v1.LabelZoneFailureDomain] = zone.FailureDomain } if zone.Region != "" { - klog.V(2).Infof("Adding node label from cloud provider: %s=%s", kubeletapis.LabelZoneRegion, zone.Region) - curNode.ObjectMeta.Labels[kubeletapis.LabelZoneRegion] = zone.Region + klog.V(2).Infof("Adding node label from cloud provider: %s=%s", v1.LabelZoneRegion, zone.Region) + curNode.ObjectMeta.Labels[v1.LabelZoneRegion] = zone.Region } } diff --git a/pkg/controller/cloud/node_controller_test.go b/pkg/controller/cloud/node_controller_test.go index e5ccc73642d..f78b2f73c87 100644 --- a/pkg/controller/cloud/node_controller_test.go +++ b/pkg/controller/cloud/node_controller_test.go @@ -462,9 +462,9 @@ func TestZoneInitialized(t *testing.T) { assert.Equal(t, "node0", fnh.UpdatedNodes[0].Name, "Node was not updated") assert.Equal(t, 2, len(fnh.UpdatedNodes[0].ObjectMeta.Labels), "Node label for Region and Zone were not set") - assert.Equal(t, "us-west", fnh.UpdatedNodes[0].ObjectMeta.Labels[kubeletapis.LabelZoneRegion], + assert.Equal(t, "us-west", fnh.UpdatedNodes[0].ObjectMeta.Labels[v1.LabelZoneRegion], "Node Region not correctly updated") - assert.Equal(t, "us-west-1a", fnh.UpdatedNodes[0].ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain], + assert.Equal(t, "us-west-1a", fnh.UpdatedNodes[0].ObjectMeta.Labels[v1.LabelZoneFailureDomain], "Node FailureDomain not correctly updated") } diff --git a/pkg/controller/cloud/pvlcontroller.go b/pkg/controller/cloud/pvlcontroller.go index 4f05a7a81fb..3bb7dc72a3b 100644 --- a/pkg/controller/cloud/pvlcontroller.go +++ b/pkg/controller/cloud/pvlcontroller.go @@ -38,10 +38,9 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/client-go/util/workqueue" cloudprovider "k8s.io/cloud-provider" + volumehelpers "k8s.io/cloud-provider/volume/helpers" v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" "k8s.io/kubernetes/pkg/controller" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - volumeutil "k8s.io/kubernetes/pkg/volume/util" ) // PersistentVolumeLabelController handles adding labels to persistent volumes when they are created @@ -210,8 +209,8 @@ func (pvlc *PersistentVolumeLabelController) createPatch(vol *v1.PersistentVolum // Set NodeSelectorRequirements based on the labels if populateAffinity { var values []string - if k == kubeletapis.LabelZoneFailureDomain { - zones, err := volumeutil.LabelZonesToSet(v) + if k == v1.LabelZoneFailureDomain { + zones, err := volumehelpers.LabelZonesToSet(v) if err != nil { return nil, fmt.Errorf("failed to convert label string for Zone: %s to a Set", v) } diff --git a/pkg/controller/cloud/pvlcontroller_test.go b/pkg/controller/cloud/pvlcontroller_test.go index 83fd0a7de26..6be54477033 100644 --- a/pkg/controller/cloud/pvlcontroller_test.go +++ b/pkg/controller/cloud/pvlcontroller_test.go @@ -29,8 +29,7 @@ import ( sets "k8s.io/apimachinery/pkg/util/sets" "k8s.io/client-go/kubernetes/fake" core "k8s.io/client-go/testing" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - volumeutil "k8s.io/kubernetes/pkg/volume/util" + volumehelpers "k8s.io/cloud-provider/volume/helpers" fakecloud "k8s.io/kubernetes/pkg/cloudprovider/providers/fake" ) @@ -176,7 +175,7 @@ func TestCreatePatch(t *testing.T) { { MatchExpressions: []v1.NodeSelectorRequirement{ { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: v1.NodeSelectorOpIn, Values: []string{"1"}, }, @@ -191,7 +190,7 @@ func TestCreatePatch(t *testing.T) { { MatchExpressions: []v1.NodeSelectorRequirement{ { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: v1.NodeSelectorOpIn, Values: []string{"1", "2", "3"}, }, @@ -306,7 +305,7 @@ func TestCreatePatch(t *testing.T) { Values: []string{"val3"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: v1.NodeSelectorOpIn, Values: []string{"1"}, }, @@ -320,7 +319,7 @@ func TestCreatePatch(t *testing.T) { Values: []string{"val4", "val5"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: v1.NodeSelectorOpIn, Values: []string{"1"}, }, @@ -345,7 +344,7 @@ func TestCreatePatch(t *testing.T) { Values: []string{"val3"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: v1.NodeSelectorOpIn, Values: []string{"1", "2", "3"}, }, @@ -359,7 +358,7 @@ func TestCreatePatch(t *testing.T) { Values: []string{"val5", "val4"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: v1.NodeSelectorOpIn, Values: []string{"3", "2", "1"}, }, @@ -369,7 +368,7 @@ func TestCreatePatch(t *testing.T) { }, } - zones, _ := volumeutil.ZonesToSet("1,2,3") + zones, _ := volumehelpers.ZonesToSet("1,2,3") testCases := map[string]struct { vol v1.PersistentVolume labels map[string]string @@ -407,22 +406,22 @@ func TestCreatePatch(t *testing.T) { }, "cloudprovider singlezone": { vol: awsPV, - labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "1"}, + labels: map[string]string{v1.LabelZoneFailureDomain: "1"}, expectedAffinity: &expectedAffinityZone1MergedWithAWSPV, }, "cloudprovider singlezone pre-existing affinity non-conflicting": { vol: awsPVWithAffinity, - labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "1"}, + labels: map[string]string{v1.LabelZoneFailureDomain: "1"}, expectedAffinity: &expectedAffinityZone1MergedWithAWSPVWithAffinity, }, "cloudprovider multizone": { vol: awsPV, - labels: map[string]string{kubeletapis.LabelZoneFailureDomain: volumeutil.ZonesSetToLabelValue(zones)}, + labels: map[string]string{v1.LabelZoneFailureDomain: volumehelpers.ZonesSetToLabelValue(zones)}, expectedAffinity: &expectedAffinityZonesMergedWithAWSPV, }, "cloudprovider multizone pre-existing affinity non-conflicting": { vol: awsPVWithAffinity, - labels: map[string]string{kubeletapis.LabelZoneFailureDomain: volumeutil.ZonesSetToLabelValue(zones)}, + labels: map[string]string{v1.LabelZoneFailureDomain: volumehelpers.ZonesSetToLabelValue(zones)}, expectedAffinity: &expectedAffinityZonesMergedWithAWSPVWithAffinity, }, } diff --git a/pkg/controller/cronjob/OWNERS b/pkg/controller/cronjob/OWNERS old mode 100755 new mode 100644 index 44285bec824..2941b561f02 --- a/pkg/controller/cronjob/OWNERS +++ b/pkg/controller/cronjob/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - erictune - janetkuo diff --git a/pkg/controller/daemon/OWNERS b/pkg/controller/daemon/OWNERS old mode 100755 new mode 100644 index fc74fc31e79..8ec6466c0dc --- a/pkg/controller/daemon/OWNERS +++ b/pkg/controller/daemon/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - mikedanese - janetkuo diff --git a/pkg/controller/daemon/util/BUILD b/pkg/controller/daemon/util/BUILD index 5d703265edb..d8b01615dd2 100644 --- a/pkg/controller/daemon/util/BUILD +++ b/pkg/controller/daemon/util/BUILD @@ -40,7 +40,6 @@ go_test( embed = [":go_default_library"], deps = [ "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/api:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/pkg/controller/daemon/util/daemonset_util_test.go b/pkg/controller/daemon/util/daemonset_util_test.go index 1ed864849c5..68d26531db0 100644 --- a/pkg/controller/daemon/util/daemonset_util_test.go +++ b/pkg/controller/daemon/util/daemonset_util_test.go @@ -27,7 +27,6 @@ import ( utilfeature "k8s.io/apiserver/pkg/util/feature" utilfeaturetesting "k8s.io/apiserver/pkg/util/feature/testing" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" schedulerapi "k8s.io/kubernetes/pkg/scheduler/api" ) @@ -209,7 +208,7 @@ func TestReplaceDaemonSetPodNodeNameNodeAffinity(t *testing.T) { { MatchExpressions: []v1.NodeSelectorRequirement{ { - Key: kubeletapis.LabelHostname, + Key: v1.LabelHostname, Operator: v1.NodeSelectorOpIn, Values: []string{"host_1"}, }, @@ -246,7 +245,7 @@ func TestReplaceDaemonSetPodNodeNameNodeAffinity(t *testing.T) { Preference: v1.NodeSelectorTerm{ MatchExpressions: []v1.NodeSelectorRequirement{ { - Key: kubeletapis.LabelHostname, + Key: v1.LabelHostname, Operator: v1.NodeSelectorOpIn, Values: []string{"host_1"}, }, @@ -264,7 +263,7 @@ func TestReplaceDaemonSetPodNodeNameNodeAffinity(t *testing.T) { Preference: v1.NodeSelectorTerm{ MatchExpressions: []v1.NodeSelectorRequirement{ { - Key: kubeletapis.LabelHostname, + Key: v1.LabelHostname, Operator: v1.NodeSelectorOpIn, Values: []string{"host_1"}, }, diff --git a/pkg/controller/deployment/OWNERS b/pkg/controller/deployment/OWNERS old mode 100755 new mode 100644 index 985da0553b9..cfda9340c32 --- a/pkg/controller/deployment/OWNERS +++ b/pkg/controller/deployment/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - janetkuo - nikhiljindal diff --git a/pkg/controller/disruption/OWNERS b/pkg/controller/disruption/OWNERS old mode 100755 new mode 100644 index 175b5751b27..53e9977950f --- a/pkg/controller/disruption/OWNERS +++ b/pkg/controller/disruption/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sig-apps-reviewers labels: diff --git a/pkg/controller/endpoint/OWNERS b/pkg/controller/endpoint/OWNERS old mode 100755 new mode 100644 index 14351bb3ac0..11633581acf --- a/pkg/controller/endpoint/OWNERS +++ b/pkg/controller/endpoint/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bowei - MrHohn @@ -8,3 +10,5 @@ reviewers: - MrHohn - thockin - matchstick +labels: +- sig/network diff --git a/pkg/controller/endpoint/endpoints_controller.go b/pkg/controller/endpoint/endpoints_controller.go index b935f78364b..0016871c1d6 100644 --- a/pkg/controller/endpoint/endpoints_controller.go +++ b/pkg/controller/endpoint/endpoints_controller.go @@ -522,6 +522,8 @@ func (e *EndpointController) syncService(key string) error { if !endpointsLastChangeTriggerTime.IsZero() { newEndpoints.Annotations[v1.EndpointsLastChangeTriggerTime] = endpointsLastChangeTriggerTime.Format(time.RFC3339Nano) + } else { // No new trigger time, clear the annotation. + delete(newEndpoints.Annotations, v1.EndpointsLastChangeTriggerTime) } klog.V(4).Infof("Update endpoints for %v/%v, ready: %d not ready: %d", service.Namespace, service.Name, totalReadyEps, totalNotReadyEps) diff --git a/pkg/controller/endpoint/endpoints_controller_test.go b/pkg/controller/endpoint/endpoints_controller_test.go index 6818903e9cf..b60a2efe969 100644 --- a/pkg/controller/endpoint/endpoints_controller_test.go +++ b/pkg/controller/endpoint/endpoints_controller_test.go @@ -1269,3 +1269,49 @@ func TestLastTriggerChangeTimeAnnotation_AnnotationOverridden(t *testing.T) { }) endpointsHandler.ValidateRequest(t, testapi.Default.ResourcePath("endpoints", ns, "foo"), "PUT", &data) } + +func TestLastTriggerChangeTimeAnnotation_AnnotationCleared(t *testing.T) { + ns := "other" + testServer, endpointsHandler := makeTestServer(t, ns) + defer testServer.Close() + endpoints := newController(testServer.URL) + endpoints.endpointsStore.Add(&v1.Endpoints{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: ns, + ResourceVersion: "1", + Annotations: map[string]string{ + v1.EndpointsLastChangeTriggerTime: triggerTimeString, + }, + }, + Subsets: []v1.EndpointSubset{{ + Addresses: []v1.EndpointAddress{{IP: "6.7.8.9", NodeName: &emptyNodeName}}, + Ports: []v1.EndpointPort{{Port: 1000, Protocol: "TCP"}}, + }}, + }) + // Neither pod nor service has trigger time, this should cause annotation to be cleared. + addPods(endpoints.podStore, ns, 1, 1, 0) + endpoints.serviceStore.Add(&v1.Service{ + ObjectMeta: metav1.ObjectMeta{Name: "foo", Namespace: ns}, + Spec: v1.ServiceSpec{ + Selector: map[string]string{}, + Ports: []v1.ServicePort{{Port: 80, TargetPort: intstr.FromInt(8080), Protocol: "TCP"}}, + }, + }) + endpoints.syncService(ns + "/foo") + + endpointsHandler.ValidateRequestCount(t, 1) + data := runtime.EncodeOrDie(testapi.Default.Codec(), &v1.Endpoints{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: ns, + ResourceVersion: "1", + Annotations: map[string]string{}, // Annotation not set anymore. + }, + Subsets: []v1.EndpointSubset{{ + Addresses: []v1.EndpointAddress{{IP: "1.2.3.4", NodeName: &emptyNodeName, TargetRef: &v1.ObjectReference{Kind: "Pod", Name: "pod0", Namespace: ns}}}, + Ports: []v1.EndpointPort{{Port: 8080, Protocol: "TCP"}}, + }}, + }) + endpointsHandler.ValidateRequest(t, testapi.Default.ResourcePath("endpoints", ns, "foo"), "PUT", &data) +} diff --git a/pkg/controller/garbagecollector/OWNERS b/pkg/controller/garbagecollector/OWNERS old mode 100755 new mode 100644 index 53def544e49..4126598370e --- a/pkg/controller/garbagecollector/OWNERS +++ b/pkg/controller/garbagecollector/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - caesarxuchao - lavalamp diff --git a/pkg/controller/garbagecollector/garbagecollector_test.go b/pkg/controller/garbagecollector/garbagecollector_test.go index 0543a5d6fbb..2f4c98487c4 100644 --- a/pkg/controller/garbagecollector/garbagecollector_test.go +++ b/pkg/controller/garbagecollector/garbagecollector_test.go @@ -948,10 +948,15 @@ func (_ *fakeServerResources) ServerResourcesForGroupVersion(groupVersion string return nil, nil } +// Deprecated: use ServerGroupsAndResources instead. func (_ *fakeServerResources) ServerResources() ([]*metav1.APIResourceList, error) { return nil, nil } +func (_ *fakeServerResources) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return nil, nil, nil +} + func (f *fakeServerResources) ServerPreferredResources() ([]*metav1.APIResourceList, error) { f.Lock.Lock() defer f.Lock.Unlock() diff --git a/pkg/controller/history/OWNERS b/pkg/controller/history/OWNERS old mode 100755 new mode 100644 index 1b97b567cad..f0156c7d4c7 --- a/pkg/controller/history/OWNERS +++ b/pkg/controller/history/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - enisoc - foxish diff --git a/pkg/controller/history/controller_history.go b/pkg/controller/history/controller_history.go index 85a65eaad02..262652e36d2 100644 --- a/pkg/controller/history/controller_history.go +++ b/pkg/controller/history/controller_history.go @@ -70,21 +70,10 @@ func NewControllerRevision(parent metav1.Object, for k, v := range templateLabels { labelMap[k] = v } - blockOwnerDeletion := true - isController := true cr := &apps.ControllerRevision{ ObjectMeta: metav1.ObjectMeta{ - Labels: labelMap, - OwnerReferences: []metav1.OwnerReference{ - { - APIVersion: parentKind.GroupVersion().String(), - Kind: parentKind.Kind, - Name: parent.GetName(), - UID: parent.GetUID(), - BlockOwnerDeletion: &blockOwnerDeletion, - Controller: &isController, - }, - }, + Labels: labelMap, + OwnerReferences: []metav1.OwnerReference{*metav1.NewControllerRef(parent, parentKind)}, }, Data: data, Revision: revision, @@ -417,8 +406,6 @@ func (fh *fakeHistory) UpdateControllerRevision(revision *apps.ControllerRevisio } func (fh *fakeHistory) AdoptControllerRevision(parent metav1.Object, parentKind schema.GroupVersionKind, revision *apps.ControllerRevision) (*apps.ControllerRevision, error) { - blockOwnerDeletion := true - isController := true if owner := metav1.GetControllerOf(revision); owner != nil { return nil, fmt.Errorf("attempt to adopt revision owned by %v", owner) } @@ -434,16 +421,8 @@ func (fh *fakeHistory) AdoptControllerRevision(parent metav1.Object, parentKind return nil, errors.NewNotFound(apps.Resource("controllerrevisions"), revision.Name) } clone := revision.DeepCopy() - clone.OwnerReferences = append(clone.OwnerReferences, metav1.OwnerReference{ - APIVersion: parentKind.GroupVersion().String(), - Kind: parentKind.Kind, - Name: parent.GetName(), - UID: parent.GetUID(), - BlockOwnerDeletion: &blockOwnerDeletion, - Controller: &isController, - }) + clone.OwnerReferences = append(clone.OwnerReferences, *metav1.NewControllerRef(parent, parentKind)) return clone, fh.indexer.Update(clone) - } func (fh *fakeHistory) ReleaseControllerRevision(parent metav1.Object, revision *apps.ControllerRevision) (*apps.ControllerRevision, error) { diff --git a/pkg/controller/job/OWNERS b/pkg/controller/job/OWNERS old mode 100755 new mode 100644 index 44285bec824..2941b561f02 --- a/pkg/controller/job/OWNERS +++ b/pkg/controller/job/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - erictune - janetkuo diff --git a/pkg/controller/namespace/OWNERS b/pkg/controller/namespace/OWNERS old mode 100755 new mode 100644 index b4a3c10782e..417fa9e8002 --- a/pkg/controller/namespace/OWNERS +++ b/pkg/controller/namespace/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - derekwaynecarr - smarterclayton diff --git a/pkg/controller/nodeipam/OWNERS b/pkg/controller/nodeipam/OWNERS old mode 100755 new mode 100644 index 99dd2eda0e1..0a59082f424 --- a/pkg/controller/nodeipam/OWNERS +++ b/pkg/controller/nodeipam/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - gmarek - bowei @@ -7,3 +9,5 @@ reviewers: - ingvagabund - aveshagarwal - k82cn +labels: +- sig/network diff --git a/pkg/controller/nodeipam/ipam/OWNERS b/pkg/controller/nodeipam/ipam/OWNERS old mode 100755 new mode 100644 index 8164b49a07a..1020d67b6bb --- a/pkg/controller/nodeipam/ipam/OWNERS +++ b/pkg/controller/nodeipam/ipam/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bowei - dnardo diff --git a/pkg/controller/nodeipam/node_ipam_controller.go b/pkg/controller/nodeipam/node_ipam_controller.go index 8f87cf72b1e..c98be2cef01 100644 --- a/pkg/controller/nodeipam/node_ipam_controller.go +++ b/pkg/controller/nodeipam/node_ipam_controller.go @@ -106,13 +106,12 @@ func NewNodeIpamController( metrics.RegisterMetricAndTrackRateLimiterUsage("node_ipam_controller", kubeClient.CoreV1().RESTClient().GetRateLimiter()) } - if clusterCIDR == nil { - klog.Fatal("Controller: Must specify --cluster-cidr if --allocate-node-cidrs is set") - } - mask := clusterCIDR.Mask if allocatorType != ipam.CloudAllocatorType { // Cloud CIDR allocator does not rely on clusterCIDR or nodeCIDRMaskSize for allocation. - if maskSize, _ := mask.Size(); maskSize > nodeCIDRMaskSize { + if clusterCIDR == nil { + klog.Fatal("Controller: Must specify --cluster-cidr if --allocate-node-cidrs is set") + } + if maskSize, _ := clusterCIDR.Mask.Size(); maskSize > nodeCIDRMaskSize { klog.Fatal("Controller: Invalid --cluster-cidr, mask size of cluster CIDR must be less than --node-cidr-mask-size") } } diff --git a/pkg/controller/nodeipam/node_ipam_controller_test.go b/pkg/controller/nodeipam/node_ipam_controller_test.go index 331c19d6646..c44ff60a348 100644 --- a/pkg/controller/nodeipam/node_ipam_controller_test.go +++ b/pkg/controller/nodeipam/node_ipam_controller_test.go @@ -70,7 +70,8 @@ func TestNewNodeIpamControllerWithCIDRMasks(t *testing.T) { {"valid_cloud_allocator", "10.0.0.0/21", "10.1.0.0/21", 24, ipam.CloudAllocatorType, false}, {"valid_ipam_from_cluster", "10.0.0.0/21", "10.1.0.0/21", 24, ipam.IPAMFromClusterAllocatorType, false}, {"valid_ipam_from_cloud", "10.0.0.0/21", "10.1.0.0/21", 24, ipam.IPAMFromCloudAllocatorType, false}, - {"invalid_cluster_CIDR", "invalid", "10.1.0.0/21", 24, ipam.CloudAllocatorType, true}, + {"valid_skip_cluster_CIDR_validation_for_cloud_allocator", "invalid", "10.1.0.0/21", 24, ipam.CloudAllocatorType, false}, + {"invalid_cluster_CIDR", "invalid", "10.1.0.0/21", 24, ipam.IPAMFromClusterAllocatorType, true}, {"valid_CIDR_smaller_than_mask_cloud_allocator", "10.0.0.0/26", "10.1.0.0/21", 24, ipam.CloudAllocatorType, false}, {"invalid_CIDR_smaller_than_mask_other_allocators", "10.0.0.0/26", "10.1.0.0/21", 24, ipam.IPAMFromCloudAllocatorType, true}, } { diff --git a/pkg/controller/nodelifecycle/BUILD b/pkg/controller/nodelifecycle/BUILD index 015b150ea8b..a7935ff7908 100644 --- a/pkg/controller/nodelifecycle/BUILD +++ b/pkg/controller/nodelifecycle/BUILD @@ -73,7 +73,6 @@ go_test( "//pkg/controller/testutil:go_default_library", "//pkg/controller/util/node:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/api:go_default_library", "//pkg/util/node:go_default_library", "//pkg/util/taints:go_default_library", diff --git a/pkg/controller/nodelifecycle/OWNERS b/pkg/controller/nodelifecycle/OWNERS old mode 100755 new mode 100644 index 274351a0ed1..b1dae75b5c6 --- a/pkg/controller/nodelifecycle/OWNERS +++ b/pkg/controller/nodelifecycle/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - gmarek - bowei diff --git a/pkg/controller/nodelifecycle/node_lifecycle_controller.go b/pkg/controller/nodelifecycle/node_lifecycle_controller.go index 9657fed24d0..87796c5757e 100644 --- a/pkg/controller/nodelifecycle/node_lifecycle_controller.go +++ b/pkg/controller/nodelifecycle/node_lifecycle_controller.go @@ -146,7 +146,7 @@ type Controller struct { kubeClient clientset.Interface // This timestamp is to be used instead of LastProbeTime stored in Condition. We do this - // to aviod the problem with time skew across the cluster. + // to avoid the problem with time skew across the cluster. now func() metav1.Time enterPartialDisruptionFunc func(nodeNum int) float32 @@ -524,9 +524,6 @@ func (nc *Controller) doNoExecuteTaintingPass() { klog.Warningf("Failed to get Node %v from the nodeLister: %v", value.Value, err) // retry in 50 millisecond return false, 50 * time.Millisecond - } else { - zone := utilnode.GetZoneKey(node) - evictionsNumber.WithLabelValues(zone).Inc() } _, condition := v1node.GetNodeCondition(&node.Status, v1.NodeReady) // Because we want to mimic NodeStatus.Condition["Ready"] we make "unreachable" and "not ready" taints mutually exclusive. @@ -544,7 +541,14 @@ func (nc *Controller) doNoExecuteTaintingPass() { return true, 0 } - return nodeutil.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{&oppositeTaint}, node), 0 + result := nodeutil.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{&oppositeTaint}, node) + if result { + //count the evictionsNumber + zone := utilnode.GetZoneKey(node) + evictionsNumber.WithLabelValues(zone).Inc() + } + + return result, 0 }) } } @@ -560,9 +564,6 @@ func (nc *Controller) doEvictionPass() { klog.Warningf("Node %v no longer present in nodeLister!", value.Value) } else if err != nil { klog.Warningf("Failed to get Node %v from the nodeLister: %v", value.Value, err) - } else { - zone := utilnode.GetZoneKey(node) - evictionsNumber.WithLabelValues(zone).Inc() } nodeUID, _ := value.UID.(string) remaining, err := nodeutil.DeletePods(nc.kubeClient, nc.recorder, value.Value, nodeUID, nc.daemonSetStore) @@ -573,6 +574,13 @@ func (nc *Controller) doEvictionPass() { if remaining { klog.Infof("Pods awaiting deletion due to Controller eviction") } + + //count the evictionsNumber + if node != nil { + zone := utilnode.GetZoneKey(node) + evictionsNumber.WithLabelValues(zone).Inc() + } + return true, 0 }) } diff --git a/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go b/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go index 81586991190..a935a00d885 100644 --- a/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go +++ b/pkg/controller/nodelifecycle/node_lifecycle_controller_test.go @@ -42,7 +42,6 @@ import ( "k8s.io/kubernetes/pkg/controller/testutil" nodeutil "k8s.io/kubernetes/pkg/controller/util/node" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" schedulerapi "k8s.io/kubernetes/pkg/scheduler/api" "k8s.io/kubernetes/pkg/util/node" taintutils "k8s.io/kubernetes/pkg/util/taints" @@ -175,8 +174,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { fakeNow := metav1.Date(2015, 1, 1, 12, 0, 0, 0, time.UTC) evictionTimeout := 10 * time.Minute labels := map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", } // Because of the logic that prevents NC from evicting anything when all Nodes are NotReady @@ -212,8 +211,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node0", CreationTimestamp: fakeNow, Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, }, @@ -222,8 +221,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -292,8 +291,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -312,8 +311,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -356,8 +355,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -376,8 +375,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -447,8 +446,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -467,8 +466,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -511,8 +510,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -531,8 +530,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -575,8 +574,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -595,8 +594,8 @@ func TestMonitorNodeHealthEvictPods(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -734,8 +733,8 @@ func TestPodStatusChange(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -754,8 +753,8 @@ func TestPodStatusChange(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -897,8 +896,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -917,8 +916,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -952,8 +951,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -972,8 +971,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region2", - kubeletapis.LabelZoneFailureDomain: "zone2", + v1.LabelZoneRegion: "region2", + v1.LabelZoneFailureDomain: "zone2", }, }, Status: v1.NodeStatus{ @@ -1014,8 +1013,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1034,8 +1033,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone2", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone2", }, }, Status: v1.NodeStatus{ @@ -1075,8 +1074,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1095,8 +1094,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node-master", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1134,8 +1133,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1154,8 +1153,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone2", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone2", }, }, Status: v1.NodeStatus{ @@ -1196,8 +1195,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1216,8 +1215,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1236,8 +1235,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node2", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1256,8 +1255,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node3", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -1276,8 +1275,8 @@ func TestMonitorNodeHealthEvictPodsWithDisruption(t *testing.T) { Name: "node4", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2366,8 +2365,8 @@ func TestApplyNoExecuteTaints(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2388,8 +2387,8 @@ func TestApplyNoExecuteTaints(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2409,8 +2408,8 @@ func TestApplyNoExecuteTaints(t *testing.T) { Name: "node2", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2512,8 +2511,8 @@ func TestSwapUnreachableNotReadyTaints(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2535,8 +2534,8 @@ func TestSwapUnreachableNotReadyTaints(t *testing.T) { Name: "node1", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2660,8 +2659,8 @@ func TestTaintsNodeByCondition(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2718,8 +2717,8 @@ func TestTaintsNodeByCondition(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2748,8 +2747,8 @@ func TestTaintsNodeByCondition(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2778,8 +2777,8 @@ func TestTaintsNodeByCondition(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ @@ -2802,8 +2801,8 @@ func TestTaintsNodeByCondition(t *testing.T) { Name: "node0", CreationTimestamp: metav1.Date(2012, 1, 1, 0, 0, 0, 0, time.UTC), Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region1", - kubeletapis.LabelZoneFailureDomain: "zone1", + v1.LabelZoneRegion: "region1", + v1.LabelZoneFailureDomain: "zone1", }, }, Status: v1.NodeStatus{ diff --git a/pkg/controller/podautoscaler/OWNERS b/pkg/controller/podautoscaler/OWNERS old mode 100755 new mode 100644 index 48a53f474c7..ad61a1564ff --- a/pkg/controller/podautoscaler/OWNERS +++ b/pkg/controller/podautoscaler/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - DirectXMan12 - mwielgus diff --git a/pkg/controller/podgc/OWNERS b/pkg/controller/podgc/OWNERS old mode 100755 new mode 100644 index bdc466903eb..f2c85258423 --- a/pkg/controller/podgc/OWNERS +++ b/pkg/controller/podgc/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - foxish - gmarek diff --git a/pkg/controller/replicaset/OWNERS b/pkg/controller/replicaset/OWNERS old mode 100755 new mode 100644 index b1947058a4b..b8444207c7a --- a/pkg/controller/replicaset/OWNERS +++ b/pkg/controller/replicaset/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - caesarxuchao - lavalamp diff --git a/pkg/controller/replicaset/replica_set.go b/pkg/controller/replicaset/replica_set.go index 1ee5f61160a..1c269b8995c 100644 --- a/pkg/controller/replicaset/replica_set.go +++ b/pkg/controller/replicaset/replica_set.go @@ -484,16 +484,7 @@ func (rsc *ReplicaSetController) manageReplicas(filteredPods []*v1.Pod, rs *apps // after one of its pods fails. Conveniently, this also prevents the // event spam that those failures would generate. successfulCreations, err := slowStartBatch(diff, controller.SlowStartInitialBatchSize, func() error { - boolPtr := func(b bool) *bool { return &b } - controllerRef := &metav1.OwnerReference{ - APIVersion: rsc.GroupVersion().String(), - Kind: rsc.Kind, - Name: rs.Name, - UID: rs.UID, - BlockOwnerDeletion: boolPtr(true), - Controller: boolPtr(true), - } - err := rsc.podControl.CreatePodsWithControllerRef(rs.Namespace, &rs.Spec.Template, rs, controllerRef) + err := rsc.podControl.CreatePodsWithControllerRef(rs.Namespace, &rs.Spec.Template, rs, metav1.NewControllerRef(rs, rsc.GroupVersionKind)) if err != nil && errors.IsTimeout(err) { // Pod is created but its initialization has timed out. // If the initialization is successful eventually, the diff --git a/pkg/controller/replication/OWNERS b/pkg/controller/replication/OWNERS old mode 100755 new mode 100644 index b1947058a4b..b8444207c7a --- a/pkg/controller/replication/OWNERS +++ b/pkg/controller/replication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - caesarxuchao - lavalamp diff --git a/pkg/controller/resourcequota/OWNERS b/pkg/controller/resourcequota/OWNERS old mode 100755 new mode 100644 index 054bbcdd186..75928576a4e --- a/pkg/controller/resourcequota/OWNERS +++ b/pkg/controller/resourcequota/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - derekwaynecarr - deads2k diff --git a/pkg/controller/route/OWNERS b/pkg/controller/route/OWNERS old mode 100755 new mode 100644 index c55f47eeacb..287ab38fb77 --- a/pkg/controller/route/OWNERS +++ b/pkg/controller/route/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - gmarek - wojtek-t diff --git a/pkg/controller/service/OWNERS b/pkg/controller/service/OWNERS index 229e90d56e4..738cad4db32 100644 --- a/pkg/controller/service/OWNERS +++ b/pkg/controller/service/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - bowei - MrHohn @@ -12,3 +14,5 @@ approvers: - matchstick - andrewsykim - cheftako +labels: +- sig/network diff --git a/pkg/controller/serviceaccount/OWNERS b/pkg/controller/serviceaccount/OWNERS old mode 100755 new mode 100644 index d914c0d7195..c6c376de4e1 --- a/pkg/controller/serviceaccount/OWNERS +++ b/pkg/controller/serviceaccount/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-serviceaccounts-approvers reviewers: diff --git a/pkg/controller/statefulset/OWNERS b/pkg/controller/statefulset/OWNERS old mode 100755 new mode 100644 index 1b97b567cad..f0156c7d4c7 --- a/pkg/controller/statefulset/OWNERS +++ b/pkg/controller/statefulset/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - enisoc - foxish diff --git a/pkg/controller/volume/OWNERS b/pkg/controller/volume/OWNERS old mode 100755 new mode 100644 index 16a78635fe2..49fd329dea9 --- a/pkg/controller/volume/OWNERS +++ b/pkg/controller/volume/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - childsb - jsafrane diff --git a/pkg/controller/volume/attachdetach/OWNERS b/pkg/controller/volume/attachdetach/OWNERS index 43cf273b1ff..301737d5399 100644 --- a/pkg/controller/volume/attachdetach/OWNERS +++ b/pkg/controller/volume/attachdetach/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - gnufied diff --git a/pkg/controller/volume/attachdetach/testing/testvolumespec.go b/pkg/controller/volume/attachdetach/testing/testvolumespec.go index 2c9d5eec323..611bf097915 100644 --- a/pkg/controller/volume/attachdetach/testing/testvolumespec.go +++ b/pkg/controller/volume/attachdetach/testing/testvolumespec.go @@ -310,6 +310,10 @@ func (plugin *TestPlugin) NewDetacher() (volume.Detacher, error) { return &detacher, nil } +func (plugin *TestPlugin) CanAttach(spec *volume.Spec) bool { + return true +} + func (plugin *TestPlugin) NewDeviceUnmounter() (volume.DeviceUnmounter, error) { return plugin.NewDetacher() } diff --git a/pkg/controller/volume/expand/OWNERS b/pkg/controller/volume/expand/OWNERS index f9e1482748f..38bd2c83c7c 100644 --- a/pkg/controller/volume/expand/OWNERS +++ b/pkg/controller/volume/expand/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - jsafrane diff --git a/pkg/controller/volume/expand/cache/volume_resize_map.go b/pkg/controller/volume/expand/cache/volume_resize_map.go index 76d85ec4d92..3c86c21cffc 100644 --- a/pkg/controller/volume/expand/cache/volume_resize_map.go +++ b/pkg/controller/volume/expand/cache/volume_resize_map.go @@ -185,7 +185,7 @@ func (resizeMap *volumeResizeMap) UpdatePVSize(pvcr *PVCWithResizeRequest, newSi oldData, err := json.Marshal(pvClone) if err != nil { - return fmt.Errorf("Unexpected error marshaling PV : %q with error %v", pvClone.Name, err) + return fmt.Errorf("Unexpected error marshaling old PV %q with error : %v", pvClone.Name, err) } pvClone.Spec.Capacity[v1.ResourceStorage] = newSize @@ -193,13 +193,13 @@ func (resizeMap *volumeResizeMap) UpdatePVSize(pvcr *PVCWithResizeRequest, newSi newData, err := json.Marshal(pvClone) if err != nil { - return fmt.Errorf("Unexpected error marshaling PV : %q with error %v", pvClone.Name, err) + return fmt.Errorf("Unexpected error marshaling new PV %q with error : %v", pvClone.Name, err) } patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, pvClone) if err != nil { - return fmt.Errorf("Error Creating two way merge patch for PV : %q with error %v", pvClone.Name, err) + return fmt.Errorf("Error Creating two way merge patch for PV %q with error : %v", pvClone.Name, err) } _, updateErr := resizeMap.kubeClient.CoreV1().PersistentVolumes().Patch(pvClone.Name, commontypes.StrategicMergePatchType, patchBytes) diff --git a/pkg/controller/volume/expand/sync_volume_resize.go b/pkg/controller/volume/expand/sync_volume_resize.go index c355a967472..b59ff845ec4 100644 --- a/pkg/controller/volume/expand/sync_volume_resize.go +++ b/pkg/controller/volume/expand/sync_volume_resize.go @@ -64,6 +64,11 @@ func (rc *syncResize) Sync() { // Resize PVCs that require resize for _, pvcWithResizeRequest := range rc.resizeMap.GetPVCsWithResizeRequest() { uniqueVolumeKey := v1.UniqueVolumeName(pvcWithResizeRequest.UniquePVCKey()) + if rc.opsExecutor.IsOperationPending(uniqueVolumeKey, "") { + klog.V(10).Infof("Operation for PVC %s is already pending", pvcWithResizeRequest.QualifiedName()) + continue + } + updatedClaim, err := markPVCResizeInProgress(pvcWithResizeRequest, rc.kubeClient) if err != nil { klog.V(5).Infof("Error setting PVC %s in progress with error : %v", pvcWithResizeRequest.QualifiedName(), err) @@ -73,10 +78,6 @@ func (rc *syncResize) Sync() { pvcWithResizeRequest.PVC = updatedClaim } - if rc.opsExecutor.IsOperationPending(uniqueVolumeKey, "") { - klog.V(10).Infof("Operation for PVC %v is already pending", pvcWithResizeRequest.QualifiedName()) - continue - } growFuncError := rc.opsExecutor.ExpandVolume(pvcWithResizeRequest, rc.resizeMap) if growFuncError != nil && !exponentialbackoff.IsExponentialBackoff(growFuncError) { klog.Errorf("Error growing pvc %s with %v", pvcWithResizeRequest.QualifiedName(), growFuncError) diff --git a/pkg/controller/volume/persistentvolume/BUILD b/pkg/controller/volume/persistentvolume/BUILD index 4bf32fe7afe..6f46984a647 100644 --- a/pkg/controller/volume/persistentvolume/BUILD +++ b/pkg/controller/volume/persistentvolume/BUILD @@ -59,6 +59,7 @@ go_library( "//staging/src/k8s.io/client-go/tools/reference:go_default_library", "//staging/src/k8s.io/client-go/util/workqueue:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/errors:go_default_library", "//staging/src/k8s.io/csi-api/pkg/client/clientset/versioned:go_default_library", "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/pkg/controller/volume/persistentvolume/OWNERS b/pkg/controller/volume/persistentvolume/OWNERS index a0e86666b17..33657172abe 100644 --- a/pkg/controller/volume/persistentvolume/OWNERS +++ b/pkg/controller/volume/persistentvolume/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - jsafrane - saad-ali diff --git a/pkg/controller/volume/persistentvolume/pv_controller.go b/pkg/controller/volume/persistentvolume/pv_controller.go index 16d1ee02d14..5a3151b3e60 100644 --- a/pkg/controller/volume/persistentvolume/pv_controller.go +++ b/pkg/controller/volume/persistentvolume/pv_controller.go @@ -38,6 +38,7 @@ import ( ref "k8s.io/client-go/tools/reference" "k8s.io/client-go/util/workqueue" cloudprovider "k8s.io/cloud-provider" + volerr "k8s.io/cloud-provider/volume/errors" v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" "k8s.io/kubernetes/pkg/controller/volume/events" "k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics" @@ -1177,7 +1178,7 @@ func (ctrl *PersistentVolumeController) deleteVolumeOperation(volume *v1.Persist if err != nil { // Delete failed, update the volume and emit an event. klog.V(3).Infof("deletion of volume %q failed: %v", volume.Name, err) - if vol.IsDeletedVolumeInUse(err) { + if volerr.IsDeletedVolumeInUse(err) { // The plugin needs more time, don't mark the volume as Failed // and send Normal event only ctrl.eventRecorder.Event(volume, v1.EventTypeNormal, events.VolumeDelete, err.Error()) diff --git a/pkg/credentialprovider/OWNERS b/pkg/credentialprovider/OWNERS index 2e8f8a1c050..2ad314139c3 100644 --- a/pkg/credentialprovider/OWNERS +++ b/pkg/credentialprovider/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - erictune diff --git a/pkg/credentialprovider/aws/OWNERS b/pkg/credentialprovider/aws/OWNERS old mode 100755 new mode 100644 index 5d2b86e103f..7b1a9c5feed --- a/pkg/credentialprovider/aws/OWNERS +++ b/pkg/credentialprovider/aws/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - justinsb - david-mcmahon diff --git a/pkg/credentialprovider/azure/OWNERS b/pkg/credentialprovider/azure/OWNERS index 6b1eb11dd34..957a7271e16 100644 --- a/pkg/credentialprovider/azure/OWNERS +++ b/pkg/credentialprovider/azure/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - andyzhangx - brendandburns diff --git a/pkg/credentialprovider/gcp/OWNERS b/pkg/credentialprovider/gcp/OWNERS old mode 100755 new mode 100644 index 6e3335ba979..4c32e8bef5c --- a/pkg/credentialprovider/gcp/OWNERS +++ b/pkg/credentialprovider/gcp/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - deads2k diff --git a/pkg/features/OWNERS b/pkg/features/OWNERS index fe7b0144e0c..05b08249aed 100644 --- a/pkg/features/OWNERS +++ b/pkg/features/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - feature-approvers diff --git a/pkg/features/kube_features.go b/pkg/features/kube_features.go index d4b2ede0c76..b689c5f52e9 100644 --- a/pkg/features/kube_features.go +++ b/pkg/features/kube_features.go @@ -405,6 +405,12 @@ const ( // // Enables the AWS EBS in-tree driver to AWS EBS CSI Driver migration feature. CSIMigrationAWS utilfeature.Feature = "CSIMigrationAWS" + + // owner: @RobertKrawitz + // alpha: v1.14 + // + // Implement support for limiting pids in nodes + SupportNodePidsLimit utilfeature.Feature = "SupportNodePidsLimit" ) func init() { @@ -450,6 +456,7 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS ResourceLimitsPriorityFunction: {Default: false, PreRelease: utilfeature.Alpha}, SupportIPVSProxyMode: {Default: true, PreRelease: utilfeature.GA}, SupportPodPidsLimit: {Default: true, PreRelease: utilfeature.Beta}, + SupportNodePidsLimit: {Default: false, PreRelease: utilfeature.Alpha}, HyperVContainer: {Default: false, PreRelease: utilfeature.Alpha}, ScheduleDaemonSetPods: {Default: true, PreRelease: utilfeature.Beta}, TokenRequest: {Default: true, PreRelease: utilfeature.Beta}, diff --git a/pkg/generated/openapi/BUILD b/pkg/generated/openapi/BUILD index c79f243286b..2f7428dc574 100644 --- a/pkg/generated/openapi/BUILD +++ b/pkg/generated/openapi/BUILD @@ -1,7 +1,7 @@ package(default_visibility = ["//visibility:public"]) load("//build:code_generation.bzl", "gen_openapi", "openapi_deps") -load("@io_bazel_rules_go//go:def.bzl", "go_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") gen_openapi( outs = ["zz_generated.openapi.go"], @@ -30,3 +30,13 @@ filegroup( srcs = [":package-srcs"], tags = ["automanaged"], ) + +go_test( + name = "go_default_test", + srcs = ["openapi_test.go"], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", + "//vendor/github.com/go-openapi/spec:go_default_library", + ], +) diff --git a/pkg/generated/openapi/openapi_test.go b/pkg/generated/openapi/openapi_test.go new file mode 100644 index 00000000000..bf3513abbe2 --- /dev/null +++ b/pkg/generated/openapi/openapi_test.go @@ -0,0 +1,51 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package openapi + +import ( + "encoding/json" + "reflect" + "testing" + + "github.com/go-openapi/spec" + + "k8s.io/apimachinery/pkg/util/diff" +) + +func TestOpenAPIRoundtrip(t *testing.T) { + dummyRef := func(name string) spec.Ref { return spec.MustCreateRef("#/definitions/dummy") } + for name, value := range GetOpenAPIDefinitions(dummyRef) { + t.Run(name, func(t *testing.T) { + data, err := json.Marshal(value.Schema) + if err != nil { + t.Error(err) + return + } + + roundTripped := spec.Schema{} + if err := json.Unmarshal(data, &roundTripped); err != nil { + t.Error(err) + return + } + + if !reflect.DeepEqual(value.Schema, roundTripped) { + t.Errorf("unexpected diff (a=expected,b=roundtripped):\n%s", diff.ObjectReflectDiff(value.Schema, roundTripped)) + return + } + }) + } +} diff --git a/pkg/kubeapiserver/BUILD b/pkg/kubeapiserver/BUILD index 6c557cd9b4f..4a9c0ea5026 100644 --- a/pkg/kubeapiserver/BUILD +++ b/pkg/kubeapiserver/BUILD @@ -22,7 +22,6 @@ go_library( "//pkg/apis/networking:go_default_library", "//pkg/apis/policy:go_default_library", "//pkg/apis/storage:go_default_library", - "//pkg/kubeapiserver/options:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", diff --git a/pkg/kubeapiserver/OWNERS b/pkg/kubeapiserver/OWNERS index e2df84c11a3..13d15cab5f3 100644 --- a/pkg/kubeapiserver/OWNERS +++ b/pkg/kubeapiserver/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - lavalamp diff --git a/pkg/kubeapiserver/admission/BUILD b/pkg/kubeapiserver/admission/BUILD index a0688a4e84d..ba6185120e9 100644 --- a/pkg/kubeapiserver/admission/BUILD +++ b/pkg/kubeapiserver/admission/BUILD @@ -19,7 +19,7 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/webhook:go_default_library", - "//staging/src/k8s.io/client-go/discovery/cached:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/restmapper:go_default_library", diff --git a/pkg/kubeapiserver/admission/config.go b/pkg/kubeapiserver/admission/config.go index a47e4559377..52788434eab 100644 --- a/pkg/kubeapiserver/admission/config.go +++ b/pkg/kubeapiserver/admission/config.go @@ -29,7 +29,7 @@ import ( "k8s.io/apiserver/pkg/server" genericapiserver "k8s.io/apiserver/pkg/server" "k8s.io/apiserver/pkg/util/webhook" - cacheddiscovery "k8s.io/client-go/discovery/cached" + cacheddiscovery "k8s.io/client-go/discovery/cached/memory" externalinformers "k8s.io/client-go/informers" "k8s.io/client-go/rest" "k8s.io/client-go/restmapper" diff --git a/pkg/kubeapiserver/admission/initializer_test.go b/pkg/kubeapiserver/admission/initializer_test.go index f5a6b144c6a..a1c6d106249 100644 --- a/pkg/kubeapiserver/admission/initializer_test.go +++ b/pkg/kubeapiserver/admission/initializer_test.go @@ -24,7 +24,9 @@ import ( type doNothingAdmission struct{} -func (doNothingAdmission) Admit(a admission.Attributes) error { return nil } +func (doNothingAdmission) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { + return nil +} func (doNothingAdmission) Handles(o admission.Operation) bool { return false } func (doNothingAdmission) Validate() error { return nil } diff --git a/pkg/kubeapiserver/authenticator/OWNERS b/pkg/kubeapiserver/authenticator/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/pkg/kubeapiserver/authenticator/OWNERS +++ b/pkg/kubeapiserver/authenticator/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/pkg/kubeapiserver/authorizer/OWNERS b/pkg/kubeapiserver/authorizer/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/pkg/kubeapiserver/authorizer/OWNERS +++ b/pkg/kubeapiserver/authorizer/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/pkg/kubeapiserver/default_storage_factory_builder.go b/pkg/kubeapiserver/default_storage_factory_builder.go index 3029924b753..b92a53d7e2d 100644 --- a/pkg/kubeapiserver/default_storage_factory_builder.go +++ b/pkg/kubeapiserver/default_storage_factory_builder.go @@ -19,8 +19,6 @@ package kubeapiserver import ( "strings" - "fmt" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" serveroptions "k8s.io/apiserver/pkg/server/options" @@ -37,7 +35,6 @@ import ( "k8s.io/kubernetes/pkg/apis/networking" "k8s.io/kubernetes/pkg/apis/policy" apisstorage "k8s.io/kubernetes/pkg/apis/storage" - kubeapiserveroptions "k8s.io/kubernetes/pkg/kubeapiserver/options" ) // SpecialDefaultResourcePrefixes are prefixes compiled into Kubernetes. @@ -68,18 +65,12 @@ type StorageFactoryConfig struct { DefaultResourceEncoding *serverstorage.DefaultResourceEncodingConfig DefaultStorageMediaType string Serializer runtime.StorageSerializer - StorageEncodingOverrides map[string]schema.GroupVersion ResourceEncodingOverrides []schema.GroupVersionResource EtcdServersOverrides []string EncryptionProviderConfigFilepath string } -func (c *StorageFactoryConfig) Complete(etcdOptions *serveroptions.EtcdOptions, serializationOptions *kubeapiserveroptions.StorageSerializationOptions) (*completedStorageFactoryConfig, error) { - storageGroupsToEncodingVersion, err := serializationOptions.StorageGroupsToEncodingVersion() - if err != nil { - return nil, fmt.Errorf("error generating storage version map: %s", err) - } - c.StorageEncodingOverrides = storageGroupsToEncodingVersion +func (c *StorageFactoryConfig) Complete(etcdOptions *serveroptions.EtcdOptions) (*completedStorageFactoryConfig, error) { c.StorageConfig = etcdOptions.StorageConfig c.DefaultStorageMediaType = etcdOptions.DefaultStorageMediaType c.EtcdServersOverrides = etcdOptions.EtcdServersOverrides @@ -92,8 +83,7 @@ type completedStorageFactoryConfig struct { } func (c *completedStorageFactoryConfig) New() (*serverstorage.DefaultStorageFactory, error) { - resourceEncodingConfig := resourceconfig.MergeGroupEncodingConfigs(c.DefaultResourceEncoding, c.StorageEncodingOverrides) - resourceEncodingConfig = resourceconfig.MergeResourceEncodingConfigs(resourceEncodingConfig, c.ResourceEncodingOverrides) + resourceEncodingConfig := resourceconfig.MergeResourceEncodingConfigs(c.DefaultResourceEncoding, c.ResourceEncodingOverrides) storageFactory := serverstorage.NewDefaultStorageFactory( c.StorageConfig, c.DefaultStorageMediaType, @@ -108,6 +98,7 @@ func (c *completedStorageFactoryConfig) New() (*serverstorage.DefaultStorageFact storageFactory.AddCohabitatingResources(apps.Resource("replicasets"), extensions.Resource("replicasets")) storageFactory.AddCohabitatingResources(api.Resource("events"), events.Resource("events")) storageFactory.AddCohabitatingResources(policy.Resource("podsecuritypolicies"), extensions.Resource("podsecuritypolicies")) + storageFactory.AddCohabitatingResources(extensions.Resource("ingresses"), networking.Resource("ingresses")) for _, override := range c.EtcdServersOverrides { tokens := strings.Split(override, "#") diff --git a/pkg/kubeapiserver/options/BUILD b/pkg/kubeapiserver/options/BUILD index eda73f5cef5..7360f9c0eff 100644 --- a/pkg/kubeapiserver/options/BUILD +++ b/pkg/kubeapiserver/options/BUILD @@ -16,11 +16,9 @@ go_library( "options.go", "plugins.go", "serving.go", - "storage_versions.go", ], importpath = "k8s.io/kubernetes/pkg/kubeapiserver/options", deps = [ - "//pkg/api/legacyscheme:go_default_library", "//pkg/cloudprovider/providers:go_default_library", "//pkg/features:go_default_library", "//pkg/kubeapiserver/authenticator:go_default_library", @@ -53,8 +51,6 @@ go_library( "//plugin/pkg/admission/storage/persistentvolume/resize:go_default_library", "//plugin/pkg/admission/storage/storageclass/setdefault:go_default_library", "//plugin/pkg/admission/storage/storageobjectinuseprotection:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", @@ -65,9 +61,9 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], @@ -92,13 +88,11 @@ go_test( "admission_test.go", "authentication_test.go", "authorization_test.go", - "storage_versions_test.go", ], embed = [":go_default_library"], deps = [ "//pkg/kubeapiserver/authenticator:go_default_library", "//pkg/kubeapiserver/authorizer/modes:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library", "//staging/src/k8s.io/apiserver/pkg/authentication/authenticatorfactory:go_default_library", diff --git a/pkg/kubeapiserver/options/admission.go b/pkg/kubeapiserver/options/admission.go index 15f5d954921..dfad5aa0bcb 100644 --- a/pkg/kubeapiserver/options/admission.go +++ b/pkg/kubeapiserver/options/admission.go @@ -22,7 +22,6 @@ import ( "github.com/spf13/pflag" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/server" @@ -108,7 +107,6 @@ func (a *AdmissionOptions) ApplyTo( c *server.Config, informers informers.SharedInformerFactory, kubeAPIServerClientConfig *rest.Config, - scheme *runtime.Scheme, pluginInitializers ...admission.PluginInitializer, ) error { if a == nil { @@ -120,7 +118,7 @@ func (a *AdmissionOptions) ApplyTo( a.GenericAdmission.EnablePlugins, a.GenericAdmission.DisablePlugins = computePluginNames(a.PluginNames, a.GenericAdmission.RecommendedPluginOrder) } - return a.GenericAdmission.ApplyTo(c, informers, kubeAPIServerClientConfig, scheme, pluginInitializers...) + return a.GenericAdmission.ApplyTo(c, informers, kubeAPIServerClientConfig, pluginInitializers...) } // explicitly disable all plugins that are not in the enabled list diff --git a/pkg/kubeapiserver/options/authentication.go b/pkg/kubeapiserver/options/authentication.go index 9230b07215f..383717487a8 100644 --- a/pkg/kubeapiserver/options/authentication.go +++ b/pkg/kubeapiserver/options/authentication.go @@ -31,7 +31,7 @@ import ( genericapiserver "k8s.io/apiserver/pkg/server" genericoptions "k8s.io/apiserver/pkg/server/options" utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/kubernetes/pkg/features" kubeauthenticator "k8s.io/kubernetes/pkg/kubeapiserver/authenticator" authzmodes "k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes" @@ -249,7 +249,7 @@ func (s *BuiltInAuthenticationOptions) AddFlags(fs *pflag.FlagSet) { "'alg' header value not in this list will be rejected. "+ "Values are defined by RFC 7518 https://tools.ietf.org/html/rfc7518#section-3.1.") - fs.Var(flag.NewMapStringStringNoSplit(&s.OIDC.RequiredClaims), "oidc-required-claim", ""+ + fs.Var(cliflag.NewMapStringStringNoSplit(&s.OIDC.RequiredClaims), "oidc-required-claim", ""+ "A key=value pair that describes a required claim in the ID Token. "+ "If set, the claim is verified to be present in the ID Token with a matching value. "+ "Repeat this flag to specify multiple claims.") diff --git a/pkg/kubeapiserver/options/options.go b/pkg/kubeapiserver/options/options.go index f7e6eedaf71..e38bd99996d 100644 --- a/pkg/kubeapiserver/options/options.go +++ b/pkg/kubeapiserver/options/options.go @@ -27,3 +27,5 @@ var DefaultServiceNodePortRange = utilnet.PortRange{Base: 30000, Size: 2768} // DefaultServiceIPCIDR is a CIDR notation of IP range from which to allocate service cluster IPs var DefaultServiceIPCIDR net.IPNet = net.IPNet{IP: net.ParseIP("10.0.0.0"), Mask: net.CIDRMask(24, 32)} + +const DefaultEtcdPathPrefix = "/registry" diff --git a/pkg/kubeapiserver/options/storage_versions.go b/pkg/kubeapiserver/options/storage_versions.go deleted file mode 100644 index 67950bb715a..00000000000 --- a/pkg/kubeapiserver/options/storage_versions.go +++ /dev/null @@ -1,124 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package options - -import ( - "sort" - "strings" - - "github.com/spf13/pflag" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/kubernetes/pkg/api/legacyscheme" -) - -const ( - DefaultEtcdPathPrefix = "/registry" -) - -// StorageSerializationOptions contains the options for encoding resources. -type StorageSerializationOptions struct { - StorageVersions string - // The default values for StorageVersions. StorageVersions overrides - // these; you can change this if you want to change the defaults (e.g., - // for testing). This is not actually exposed as a flag. - DefaultStorageVersions string -} - -func NewStorageSerializationOptions() *StorageSerializationOptions { - return &StorageSerializationOptions{ - DefaultStorageVersions: ToPreferredVersionString(legacyscheme.Scheme.PreferredVersionAllGroups()), - StorageVersions: ToPreferredVersionString(legacyscheme.Scheme.PreferredVersionAllGroups()), - } -} - -// StorageGroupsToEncodingVersion returns a map from group name to group version, -// computed from s.StorageVersions flag. -func (s *StorageSerializationOptions) StorageGroupsToEncodingVersion() (map[string]schema.GroupVersion, error) { - storageVersionMap := map[string]schema.GroupVersion{} - - // First, get the defaults. - if err := mergeGroupVersionIntoMap(s.DefaultStorageVersions, storageVersionMap); err != nil { - return nil, err - } - // Override any defaults with the user settings. - if err := mergeGroupVersionIntoMap(s.StorageVersions, storageVersionMap); err != nil { - return nil, err - } - - return storageVersionMap, nil -} - -// dest must be a map of group to groupVersion. -func mergeGroupVersionIntoMap(gvList string, dest map[string]schema.GroupVersion) error { - for _, gvString := range strings.Split(gvList, ",") { - if gvString == "" { - continue - } - // We accept two formats. "group/version" OR - // "group=group/version". The latter is used when types - // move between groups. - if !strings.Contains(gvString, "=") { - gv, err := schema.ParseGroupVersion(gvString) - if err != nil { - return err - } - dest[gv.Group] = gv - - } else { - parts := strings.SplitN(gvString, "=", 2) - gv, err := schema.ParseGroupVersion(parts[1]) - if err != nil { - return err - } - dest[parts[0]] = gv - } - } - - return nil -} - -// AddFlags adds flags for a specific APIServer to the specified FlagSet -func (s *StorageSerializationOptions) AddFlags(fs *pflag.FlagSet) { - // Note: the weird ""+ in below lines seems to be the only way to get gofmt to - // arrange these text blocks sensibly. Grrr. - fs.StringVar(&s.StorageVersions, "storage-versions", s.StorageVersions, ""+ - "The per-group version to store resources in. "+ - "Specified in the format \"group1/version1,group2/version2,...\". "+ - "In the case where objects are moved from one group to the other, "+ - "you may specify the format \"group1=group2/v1beta1,group3/v1beta1,...\". "+ - "You only need to pass the groups you wish to change from the defaults. "+ - "It defaults to a list of preferred versions of all known groups.") - - fs.MarkDeprecated("storage-versions", ""+ - "Please omit this flag to ensure the default storage versions are used ."+ - "Otherwise the cluster is not safe to upgrade to a version newer than 1.12. "+ - "This flag will be removed in 1.13.") - -} - -// ToPreferredVersionString returns the preferred versions of all registered -// groups in the form of "group1/version1,group2/version2,...". This is compatible -// with the flag format -func ToPreferredVersionString(versions []schema.GroupVersion) string { - var defaults []string - for _, version := range versions { - defaults = append(defaults, version.String()) - } - // sorting provides stable output for help. - sort.Strings(defaults) - return strings.Join(defaults, ",") -} diff --git a/pkg/kubeapiserver/options/storage_versions_test.go b/pkg/kubeapiserver/options/storage_versions_test.go deleted file mode 100644 index abbe211a809..00000000000 --- a/pkg/kubeapiserver/options/storage_versions_test.go +++ /dev/null @@ -1,73 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package options - -import ( - "reflect" - "testing" - - "k8s.io/apimachinery/pkg/runtime/schema" -) - -func TestGenerateStorageVersionMap(t *testing.T) { - testCases := []struct { - storageVersions string - defaultVersions string - expectedMap map[string]schema.GroupVersion - }{ - { - storageVersions: "v1,extensions/v1beta1", - expectedMap: map[string]schema.GroupVersion{ - "": {Version: "v1"}, - "extensions": {Group: "extensions", Version: "v1beta1"}, - }, - }, - { - storageVersions: "extensions/v1beta1,v1", - expectedMap: map[string]schema.GroupVersion{ - "": {Version: "v1"}, - "extensions": {Group: "extensions", Version: "v1beta1"}, - }, - }, - { - storageVersions: "autoscaling=extensions/v1beta1,v1", - defaultVersions: "extensions/v1beta1,v1,autoscaling/v1", - expectedMap: map[string]schema.GroupVersion{ - "": {Version: "v1"}, - "autoscaling": {Group: "extensions", Version: "v1beta1"}, - "extensions": {Group: "extensions", Version: "v1beta1"}, - }, - }, - { - storageVersions: "", - expectedMap: map[string]schema.GroupVersion{}, - }, - } - for i, test := range testCases { - s := &StorageSerializationOptions{ - StorageVersions: test.storageVersions, - DefaultStorageVersions: test.defaultVersions, - } - output, err := s.StorageGroupsToEncodingVersion() - if err != nil { - t.Errorf("%v: unexpected error: %v", i, err) - } - if !reflect.DeepEqual(test.expectedMap, output) { - t.Errorf("%v: unexpected error. expect: %v, got: %v", i, test.expectedMap, output) - } - } -} diff --git a/pkg/kubectl/.import-restrictions b/pkg/kubectl/.import-restrictions index 880029a1782..cd0644cc109 100644 --- a/pkg/kubectl/.import-restrictions +++ b/pkg/kubectl/.import-restrictions @@ -3,16 +3,7 @@ "SelectorRegexp": "k8s[.]io/kubernetes/pkg", "AllowedPrefixes": [ "k8s.io/kubernetes/pkg/api", - "k8s.io/kubernetes/pkg/api/events", "k8s.io/kubernetes/pkg/api/legacyscheme", - "k8s.io/kubernetes/pkg/api/pod", - "k8s.io/kubernetes/pkg/api/ref", - "k8s.io/kubernetes/pkg/api/resource", - "k8s.io/kubernetes/pkg/api/service", - "k8s.io/kubernetes/pkg/api/v1/pod", - "k8s.io/kubernetes/pkg/api/v1/service", - "k8s.io/kubernetes/pkg/apis/admissionregistration", - "k8s.io/kubernetes/pkg/apis/admissionregistration/install", "k8s.io/kubernetes/pkg/apis/apps", "k8s.io/kubernetes/pkg/apis/apps/install", "k8s.io/kubernetes/pkg/apis/apps/v1", @@ -38,23 +29,14 @@ "k8s.io/kubernetes/pkg/apis/certificates", "k8s.io/kubernetes/pkg/apis/certificates/install", "k8s.io/kubernetes/pkg/apis/certificates/v1beta1", - "k8s.io/kubernetes/pkg/apis/componentconfig", - "k8s.io/kubernetes/pkg/apis/componentconfig/install", - "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1", "k8s.io/kubernetes/pkg/apis/core", "k8s.io/kubernetes/pkg/apis/core/helper", - "k8s.io/kubernetes/pkg/apis/core/helper/qos", "k8s.io/kubernetes/pkg/apis/core/install", "k8s.io/kubernetes/pkg/apis/core/v1", - "k8s.io/kubernetes/pkg/apis/core/v1/helper", - "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos", - "k8s.io/kubernetes/pkg/apis/core/validation", "k8s.io/kubernetes/pkg/apis/extensions", "k8s.io/kubernetes/pkg/apis/extensions/install", "k8s.io/kubernetes/pkg/apis/extensions/v1beta1", "k8s.io/kubernetes/pkg/apis/networking", - "k8s.io/kubernetes/pkg/apis/networking/install", - "k8s.io/kubernetes/pkg/apis/networking/v1", "k8s.io/kubernetes/pkg/apis/policy", "k8s.io/kubernetes/pkg/apis/policy/install", "k8s.io/kubernetes/pkg/apis/policy/v1beta1", @@ -74,77 +56,17 @@ "k8s.io/kubernetes/pkg/apis/storage/util", "k8s.io/kubernetes/pkg/apis/storage/v1", "k8s.io/kubernetes/pkg/apis/storage/v1beta1", - "k8s.io/kubernetes/pkg/capabilities", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion", - "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion", - "k8s.io/kubernetes/pkg/client/metrics/prometheus", - "k8s.io/kubernetes/pkg/client/unversioned", - "k8s.io/kubernetes/pkg/cloudprovider", - "k8s.io/kubernetes/pkg/cloudprovider/providers/aws", - "k8s.io/kubernetes/pkg/controller", - "k8s.io/kubernetes/pkg/controller/daemon", - "k8s.io/kubernetes/pkg/controller/daemon/util", - "k8s.io/kubernetes/pkg/controller/deployment/util", - "k8s.io/kubernetes/pkg/controller/history", - "k8s.io/kubernetes/pkg/controller/statefulset", - "k8s.io/kubernetes/pkg/credentialprovider", - "k8s.io/kubernetes/pkg/credentialprovider/aws", "k8s.io/kubernetes/pkg/features", - "k8s.io/kubernetes/pkg/fieldpath", - "k8s.io/kubernetes/pkg/generated", "k8s.io/kubernetes/pkg/kubectl", - "k8s.io/kubernetes/pkg/kubelet/apis", - "k8s.io/kubernetes/pkg/kubelet/qos", - "k8s.io/kubernetes/pkg/kubelet/types", - "k8s.io/kubernetes/pkg/master/ports", "k8s.io/kubernetes/pkg/printers", "k8s.io/kubernetes/pkg/printers/internalversion", "k8s.io/kubernetes/pkg/registry/rbac/reconciliation", "k8s.io/kubernetes/pkg/registry/rbac/validation", - "k8s.io/kubernetes/pkg/scheduler/algorithm", - "k8s.io/kubernetes/pkg/scheduler/algorithm/predicates", - "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util", - "k8s.io/kubernetes/pkg/scheduler/api", - "k8s.io/kubernetes/pkg/scheduler/nodeinfo", - "k8s.io/kubernetes/pkg/scheduler/internal/cache", - "k8s.io/kubernetes/pkg/scheduler/util", - "k8s.io/kubernetes/pkg/scheduler/volumebinder", - "k8s.io/kubernetes/pkg/security/apparmor", - "k8s.io/kubernetes/pkg/serviceaccount", - "k8s.io/kubernetes/pkg/util/goroutinemap", - "k8s.io/kubernetes/pkg/util/hash", "k8s.io/kubernetes/pkg/util/interrupt", - "k8s.io/kubernetes/pkg/util/labels", - "k8s.io/kubernetes/pkg/util/metrics", - "k8s.io/kubernetes/pkg/util/mount", "k8s.io/kubernetes/pkg/util/node", "k8s.io/kubernetes/pkg/util/parsers", - "k8s.io/kubernetes/pkg/util/slice", - "k8s.io/kubernetes/pkg/util/taints", "k8s.io/kubernetes/pkg/version", - "k8s.io/kubernetes/pkg/version/prometheus", - "k8s.io/kubernetes/pkg/volume", - "k8s.io/kubernetes/pkg/volume/util", - "k8s.io/utils/nsenter", - "k8s.io/utils/io", - "k8s.io/utils/path", - "k8s.io/utils/pointer", - "k8s.io/utils/net" + "k8s.io/utils/pointer" ], "ForbiddenPrefixes": [] }] diff --git a/pkg/kubectl/OWNERS b/pkg/kubectl/OWNERS index 4ac9429057e..a1f6b7eee30 100644 --- a/pkg/kubectl/OWNERS +++ b/pkg/kubectl/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/pkg/kubectl/cmd/BUILD b/pkg/kubectl/cmd/BUILD index 89ec72bf71f..979699b6e18 100644 --- a/pkg/kubectl/cmd/BUILD +++ b/pkg/kubectl/cmd/BUILD @@ -38,6 +38,7 @@ go_library( "//pkg/kubectl/cmd/explain:go_default_library", "//pkg/kubectl/cmd/expose:go_default_library", "//pkg/kubectl/cmd/get:go_default_library", + "//pkg/kubectl/cmd/kustomize:go_default_library", "//pkg/kubectl/cmd/label:go_default_library", "//pkg/kubectl/cmd/logs:go_default_library", "//pkg/kubectl/cmd/options:go_default_library", @@ -58,9 +59,9 @@ go_library( "//pkg/kubectl/cmd/wait:go_default_library", "//pkg/kubectl/util/i18n:go_default_library", "//pkg/kubectl/util/templates:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], @@ -116,6 +117,7 @@ filegroup( "//pkg/kubectl/cmd/expose:all-srcs", "//pkg/kubectl/cmd/get:all-srcs", "//pkg/kubectl/cmd/help:all-srcs", + "//pkg/kubectl/cmd/kustomize:all-srcs", "//pkg/kubectl/cmd/label:all-srcs", "//pkg/kubectl/cmd/logs:all-srcs", "//pkg/kubectl/cmd/options:all-srcs", diff --git a/pkg/kubectl/cmd/auth/BUILD b/pkg/kubectl/cmd/auth/BUILD index 9be5ff830ac..dacb97ed84a 100644 --- a/pkg/kubectl/cmd/auth/BUILD +++ b/pkg/kubectl/cmd/auth/BUILD @@ -17,7 +17,10 @@ go_library( ], deps = [ "//pkg/kubectl/cmd/util:go_default_library", + "//pkg/kubectl/describe/versioned:go_default_library", "//pkg/kubectl/scheme:go_default_library", + "//pkg/kubectl/util/printers:go_default_library", + "//pkg/kubectl/util/rbac:go_default_library", "//pkg/kubectl/util/templates:go_default_library", "//pkg/registry/rbac/reconciliation:go_default_library", "//staging/src/k8s.io/api/authorization/v1:go_default_library", @@ -25,7 +28,9 @@ go_library( "//staging/src/k8s.io/api/rbac/v1alpha1:go_default_library", "//staging/src/k8s.io/api/rbac/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource:go_default_library", @@ -59,7 +64,10 @@ go_test( deps = [ "//pkg/kubectl/cmd/testing:go_default_library", "//pkg/kubectl/scheme:go_default_library", + "//staging/src/k8s.io/api/authorization/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/rest/fake:go_default_library", ], diff --git a/pkg/kubectl/cmd/auth/OWNERS b/pkg/kubectl/cmd/auth/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/pkg/kubectl/cmd/auth/OWNERS +++ b/pkg/kubectl/cmd/auth/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/pkg/kubectl/cmd/auth/cani.go b/pkg/kubectl/cmd/auth/cani.go index 5b20a240a50..4aa28c18c45 100644 --- a/pkg/kubectl/cmd/auth/cani.go +++ b/pkg/kubectl/cmd/auth/cani.go @@ -19,18 +19,25 @@ package auth import ( "errors" "fmt" + "io" "io/ioutil" "os" + "sort" "strings" "github.com/spf13/cobra" authorizationv1 "k8s.io/api/authorization/v1" + rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/meta" "k8s.io/apimachinery/pkg/runtime/schema" + utilerrors "k8s.io/apimachinery/pkg/util/errors" "k8s.io/cli-runtime/pkg/genericclioptions" authorizationv1client "k8s.io/client-go/kubernetes/typed/authorization/v1" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" + describeutil "k8s.io/kubernetes/pkg/kubectl/describe/versioned" + "k8s.io/kubernetes/pkg/kubectl/util/printers" + rbacutil "k8s.io/kubernetes/pkg/kubectl/util/rbac" "k8s.io/kubernetes/pkg/kubectl/util/templates" ) @@ -39,14 +46,16 @@ import ( type CanIOptions struct { AllNamespaces bool Quiet bool + NoHeaders bool Namespace string - SelfSARClient authorizationv1client.SelfSubjectAccessReviewsGetter + AuthClient authorizationv1client.AuthorizationV1Interface Verb string Resource schema.GroupVersionResource NonResourceURL string Subresource string ResourceName string + List bool genericclioptions.IOStreams } @@ -77,7 +86,10 @@ var ( kubectl auth can-i get pods --subresource=log # Check to see if I can access the URL /logs/ - kubectl auth can-i get /logs/`) + kubectl auth can-i get /logs/ + + # List all allowed actions in namespace "foo" + kubectl auth can-i --list --namespace=foo`) ) // NewCmdCanI returns an initialized Command for 'auth can-i' sub command @@ -95,14 +107,18 @@ func NewCmdCanI(f cmdutil.Factory, streams genericclioptions.IOStreams) *cobra.C Run: func(cmd *cobra.Command, args []string) { cmdutil.CheckErr(o.Complete(f, args)) cmdutil.CheckErr(o.Validate()) - - allowed, err := o.RunAccessCheck() - if err == nil { - if !allowed { - os.Exit(1) + var err error + if o.List { + err = o.RunAccessList() + } else { + var allowed bool + allowed, err = o.RunAccessCheck() + if err == nil { + if !allowed { + os.Exit(1) + } } } - cmdutil.CheckErr(err) }, } @@ -110,33 +126,41 @@ func NewCmdCanI(f cmdutil.Factory, streams genericclioptions.IOStreams) *cobra.C cmd.Flags().BoolVarP(&o.AllNamespaces, "all-namespaces", "A", o.AllNamespaces, "If true, check the specified action in all namespaces.") cmd.Flags().BoolVarP(&o.Quiet, "quiet", "q", o.Quiet, "If true, suppress output and just return the exit code.") cmd.Flags().StringVar(&o.Subresource, "subresource", o.Subresource, "SubResource such as pod/log or deployment/scale") + cmd.Flags().BoolVar(&o.List, "list", o.List, "If true, prints all allowed actions.") + cmd.Flags().BoolVar(&o.NoHeaders, "no-headers", o.NoHeaders, "If true, prints allowed actions without headers") return cmd } // Complete completes all the required options func (o *CanIOptions) Complete(f cmdutil.Factory, args []string) error { - if o.Quiet { - o.Out = ioutil.Discard - } + if o.List { + if len(args) != 0 { + return errors.New("list option must be specified with no arguments") + } + } else { + if o.Quiet { + o.Out = ioutil.Discard + } - switch len(args) { - case 2: - o.Verb = args[0] - if strings.HasPrefix(args[1], "/") { - o.NonResourceURL = args[1] - break + switch len(args) { + case 2: + o.Verb = args[0] + if strings.HasPrefix(args[1], "/") { + o.NonResourceURL = args[1] + break + } + resourceTokens := strings.SplitN(args[1], "/", 2) + restMapper, err := f.ToRESTMapper() + if err != nil { + return err + } + o.Resource = o.resourceFor(restMapper, resourceTokens[0]) + if len(resourceTokens) > 1 { + o.ResourceName = resourceTokens[1] + } + default: + return errors.New("you must specify two or three arguments: verb, resource, and optional resourceName") } - resourceTokens := strings.SplitN(args[1], "/", 2) - restMapper, err := f.ToRESTMapper() - if err != nil { - return err - } - o.Resource = o.resourceFor(restMapper, resourceTokens[0]) - if len(resourceTokens) > 1 { - o.ResourceName = resourceTokens[1] - } - default: - return errors.New("you must specify two or three arguments: verb, resource, and optional resourceName") } var err error @@ -144,8 +168,7 @@ func (o *CanIOptions) Complete(f cmdutil.Factory, args []string) error { if err != nil { return err } - o.SelfSARClient = client.AuthorizationV1() - + o.AuthClient = client.AuthorizationV1() o.Namespace = "" if !o.AllNamespaces { o.Namespace, _, err = f.ToRawKubeConfigLoader().Namespace() @@ -159,6 +182,13 @@ func (o *CanIOptions) Complete(f cmdutil.Factory, args []string) error { // Validate makes sure provided values for CanIOptions are valid func (o *CanIOptions) Validate() error { + if o.List { + if o.Quiet || o.AllNamespaces || o.Subresource != "" { + return errors.New("list option can't be specified with neither quiet, all-namespaces nor subresource options") + } + return nil + } + if o.NonResourceURL != "" { if o.Subresource != "" { return fmt.Errorf("--subresource can not be used with NonResourceURL") @@ -167,9 +197,28 @@ func (o *CanIOptions) Validate() error { return fmt.Errorf("NonResourceURL and ResourceName can not specified together") } } + + if o.NoHeaders { + return fmt.Errorf("--no-headers cannot be set without --list specified") + } return nil } +// RunAccessList lists all the access current user has +func (o *CanIOptions) RunAccessList() error { + sar := &authorizationv1.SelfSubjectRulesReview{ + Spec: authorizationv1.SelfSubjectRulesReviewSpec{ + Namespace: o.Namespace, + }, + } + response, err := o.AuthClient.SelfSubjectRulesReviews().Create(sar) + if err != nil { + return err + } + + return o.printStatus(response.Status) +} + // RunAccessCheck checks if user has access to a certain resource or non resource URL func (o *CanIOptions) RunAccessCheck() (bool, error) { var sar *authorizationv1.SelfSubjectAccessReview @@ -195,10 +244,9 @@ func (o *CanIOptions) RunAccessCheck() (bool, error) { }, }, } - } - response, err := o.SelfSARClient.SelfSubjectAccessReviews().Create(sar) + response, err := o.AuthClient.SelfSubjectAccessReviews().Create(sar) if err != nil { return false, err } @@ -244,3 +292,71 @@ func (o *CanIOptions) resourceFor(mapper meta.RESTMapper, resourceArg string) sc return gvr } + +func (o *CanIOptions) printStatus(status authorizationv1.SubjectRulesReviewStatus) error { + if status.Incomplete { + fmt.Fprintf(o.ErrOut, "warning: the list may be incomplete: %v\n", status.EvaluationError) + } + + breakdownRules := []rbacv1.PolicyRule{} + for _, rule := range convertToPolicyRule(status) { + breakdownRules = append(breakdownRules, rbacutil.BreakdownRule(rule)...) + } + + compactRules, err := rbacutil.CompactRules(breakdownRules) + if err != nil { + return err + } + sort.Stable(rbacutil.SortableRuleSlice(compactRules)) + + w := printers.GetNewTabWriter(o.Out) + defer w.Flush() + + allErrs := []error{} + if !o.NoHeaders { + if err := printAccessHeaders(w); err != nil { + allErrs = append(allErrs, err) + } + } + + if err := printAccess(w, compactRules); err != nil { + allErrs = append(allErrs, err) + } + return utilerrors.NewAggregate(allErrs) +} + +func convertToPolicyRule(status authorizationv1.SubjectRulesReviewStatus) []rbacv1.PolicyRule { + ret := []rbacv1.PolicyRule{} + for _, resource := range status.ResourceRules { + ret = append(ret, rbacv1.PolicyRule{ + Verbs: resource.Verbs, + APIGroups: resource.APIGroups, + Resources: resource.Resources, + ResourceNames: resource.ResourceNames, + }) + } + + for _, nonResource := range status.NonResourceRules { + ret = append(ret, rbacv1.PolicyRule{ + Verbs: nonResource.Verbs, + NonResourceURLs: nonResource.NonResourceURLs, + }) + } + + return ret +} + +func printAccessHeaders(out io.Writer) error { + columnNames := []string{"Resources", "Non-Resource URLs", "Resource Names", "Verbs"} + _, err := fmt.Fprintf(out, "%s\n", strings.Join(columnNames, "\t")) + return err +} + +func printAccess(out io.Writer, rules []rbacv1.PolicyRule) error { + for _, r := range rules { + if _, err := fmt.Fprintf(out, "%s\t%v\t%v\t%v\n", describeutil.CombineResourceGroup(r.Resources, r.APIGroups), r.NonResourceURLs, r.ResourceNames, r.Verbs); err != nil { + return err + } + } + return nil +} diff --git a/pkg/kubectl/cmd/auth/cani_test.go b/pkg/kubectl/cmd/auth/cani_test.go index 325485497c1..b553356b452 100644 --- a/pkg/kubectl/cmd/auth/cani_test.go +++ b/pkg/kubectl/cmd/auth/cani_test.go @@ -24,7 +24,10 @@ import ( "strings" "testing" + authorizationv1 "k8s.io/api/authorization/v1" + "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/cli-runtime/pkg/genericclioptions" restclient "k8s.io/client-go/rest" "k8s.io/client-go/rest/fake" cmdtesting "k8s.io/kubernetes/pkg/kubectl/cmd/testing" @@ -181,3 +184,69 @@ func TestRunAccessCheck(t *testing.T) { }) } } + +func TestRunAccessList(t *testing.T) { + t.Run("test access list", func(t *testing.T) { + options := &CanIOptions{List: true} + expectedOutput := "Resources Non-Resource URLs Resource Names Verbs\n" + + "job.* [] [test-resource] [get list]\n" + + "pod.* [] [test-resource] [get list]\n" + + " [/apis/*] [] [get]\n" + + " [/version] [] [get]\n" + + tf := cmdtesting.NewTestFactory().WithNamespace("test") + defer tf.Cleanup() + + ns := scheme.Codecs + codec := scheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...) + + tf.Client = &fake.RESTClient{ + GroupVersion: schema.GroupVersion{Group: "", Version: "v1"}, + NegotiatedSerializer: ns, + Client: fake.CreateHTTPClient(func(req *http.Request) (*http.Response, error) { + switch req.URL.Path { + case "/apis/authorization.k8s.io/v1/selfsubjectrulesreviews": + body := ioutil.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(codec, getSelfSubjectRulesReview())))) + return &http.Response{StatusCode: http.StatusOK, Body: body}, nil + default: + t.Fatalf("unexpected request: %#v\n%#v", req.URL, req) + return nil, nil + } + }), + } + ioStreams, _, buf, _ := genericclioptions.NewTestIOStreams() + options.IOStreams = ioStreams + if err := options.Complete(tf, []string{}); err != nil { + t.Errorf("got unexpected error when do Complete(): %v", err) + return + } + + err := options.RunAccessList() + if err != nil { + t.Errorf("got unexpected error when do RunAccessList(): %v", err) + } else if buf.String() != expectedOutput { + t.Errorf("expected %v\n but got %v\n", expectedOutput, buf.String()) + } + }) +} + +func getSelfSubjectRulesReview() *authorizationv1.SelfSubjectRulesReview { + return &authorizationv1.SelfSubjectRulesReview{ + Status: authorizationv1.SubjectRulesReviewStatus{ + ResourceRules: []authorizationv1.ResourceRule{ + { + Verbs: []string{"get", "list"}, + APIGroups: []string{"*"}, + Resources: []string{"pod", "job"}, + ResourceNames: []string{"test-resource"}, + }, + }, + NonResourceRules: []authorizationv1.NonResourceRule{ + { + Verbs: []string{"get"}, + NonResourceURLs: []string{"/apis/*", "/version"}, + }, + }, + }, + } +} diff --git a/pkg/kubectl/cmd/auth/reconcile.go b/pkg/kubectl/cmd/auth/reconcile.go index eea7e735917..950192d8e96 100644 --- a/pkg/kubectl/cmd/auth/reconcile.go +++ b/pkg/kubectl/cmd/auth/reconcile.go @@ -21,6 +21,7 @@ import ( "fmt" "github.com/spf13/cobra" + "k8s.io/apimachinery/pkg/runtime" "k8s.io/klog" rbacv1 "k8s.io/api/rbac/v1" @@ -205,7 +206,7 @@ func (o *ReconcileOptions) RunReconcile() error { if err != nil { return err } - o.PrintObject(result.Role.GetObject(), o.Out) + o.printResults(result.Role.GetObject(), nil, nil, result.MissingRules, result.ExtraRules, result.Operation, result.Protected) case *rbacv1.ClusterRole: reconcileOptions := reconciliation.ReconcileRoleOptions{ @@ -220,7 +221,7 @@ func (o *ReconcileOptions) RunReconcile() error { if err != nil { return err } - o.PrintObject(result.Role.GetObject(), o.Out) + o.printResults(result.Role.GetObject(), nil, nil, result.MissingRules, result.ExtraRules, result.Operation, result.Protected) case *rbacv1.RoleBinding: reconcileOptions := reconciliation.ReconcileRoleBindingOptions{ @@ -236,7 +237,7 @@ func (o *ReconcileOptions) RunReconcile() error { if err != nil { return err } - o.PrintObject(result.RoleBinding.GetObject(), o.Out) + o.printResults(result.RoleBinding.GetObject(), result.MissingSubjects, result.ExtraSubjects, nil, nil, result.Operation, result.Protected) case *rbacv1.ClusterRoleBinding: reconcileOptions := reconciliation.ReconcileRoleBindingOptions{ @@ -251,7 +252,7 @@ func (o *ReconcileOptions) RunReconcile() error { if err != nil { return err } - o.PrintObject(result.RoleBinding.GetObject(), o.Out) + o.printResults(result.RoleBinding.GetObject(), result.MissingSubjects, result.ExtraSubjects, nil, nil, result.Operation, result.Protected) case *rbacv1beta1.Role, *rbacv1beta1.RoleBinding, @@ -271,3 +272,56 @@ func (o *ReconcileOptions) RunReconcile() error { return nil }) } + +func (o *ReconcileOptions) printResults(object runtime.Object, + missingSubjects, extraSubjects []rbacv1.Subject, + missingRules, extraRules []rbacv1.PolicyRule, + operation reconciliation.ReconcileOperation, + protected bool) { + + o.PrintObject(object, o.Out) + + caveat := "" + if protected { + caveat = ", but object opted out (rbac.authorization.kubernetes.io/autoupdate: false)" + } + switch operation { + case reconciliation.ReconcileNone: + return + case reconciliation.ReconcileCreate: + fmt.Fprintf(o.ErrOut, "\treconciliation required create%s\n", caveat) + case reconciliation.ReconcileUpdate: + fmt.Fprintf(o.ErrOut, "\treconciliation required update%s\n", caveat) + case reconciliation.ReconcileRecreate: + fmt.Fprintf(o.ErrOut, "\treconciliation required recreate%s\n", caveat) + } + + if len(missingSubjects) > 0 { + fmt.Fprintf(o.ErrOut, "\tmissing subjects added:\n") + for _, s := range missingSubjects { + fmt.Fprintf(o.ErrOut, "\t\t%+v\n", s) + } + } + if o.RemoveExtraSubjects { + if len(extraSubjects) > 0 { + fmt.Fprintf(o.ErrOut, "\textra subjects removed:\n") + for _, s := range extraSubjects { + fmt.Fprintf(o.ErrOut, "\t\t%+v\n", s) + } + } + } + if len(missingRules) > 0 { + fmt.Fprintf(o.ErrOut, "\tmissing rules added:\n") + for _, r := range missingRules { + fmt.Fprintf(o.ErrOut, "\t\t%+v\n", r) + } + } + if o.RemoveExtraPermissions { + if len(extraRules) > 0 { + fmt.Fprintf(o.ErrOut, "\textra rules removed:\n") + for _, r := range extraRules { + fmt.Fprintf(o.ErrOut, "\t\t%+v\n", r) + } + } + } +} diff --git a/pkg/kubectl/cmd/cmd.go b/pkg/kubectl/cmd/cmd.go index df2be6d44f2..12f2735a58e 100644 --- a/pkg/kubectl/cmd/cmd.go +++ b/pkg/kubectl/cmd/cmd.go @@ -27,8 +27,8 @@ import ( "github.com/spf13/cobra" - utilflag "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/tools/clientcmd" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/kubernetes/pkg/kubectl/cmd/annotate" "k8s.io/kubernetes/pkg/kubectl/cmd/apiresources" "k8s.io/kubernetes/pkg/kubectl/cmd/apply" @@ -73,6 +73,7 @@ import ( "k8s.io/kubernetes/pkg/kubectl/util/templates" "k8s.io/cli-runtime/pkg/genericclioptions" + "k8s.io/kubernetes/pkg/kubectl/cmd/kustomize" ) const ( @@ -430,11 +431,11 @@ func NewKubectlCommand(in io.Reader, out, err io.Writer) *cobra.Command { } flags := cmds.PersistentFlags() - flags.SetNormalizeFunc(utilflag.WarnWordSepNormalizeFunc) // Warn for "_" flags + flags.SetNormalizeFunc(cliflag.WarnWordSepNormalizeFunc) // Warn for "_" flags // Normalize all flags that are coming from other packages or pre-configurations // a.k.a. change all "_" to "-". e.g. glog package - flags.SetNormalizeFunc(utilflag.WordSepNormalizeFunc) + flags.SetNormalizeFunc(cliflag.WordSepNormalizeFunc) addProfilingFlags(flags) @@ -455,7 +456,7 @@ func NewKubectlCommand(in io.Reader, out, err io.Writer) *cobra.Command { i18n.LoadTranslations("kubectl", nil) // From this point and forward we get warnings on flags that contain "_" separators - cmds.SetGlobalNormalizationFunc(utilflag.WarnWordSepNormalizeFunc) + cmds.SetGlobalNormalizationFunc(cliflag.WarnWordSepNormalizeFunc) ioStreams := genericclioptions.IOStreams{In: in, Out: out, ErrOut: err} @@ -521,6 +522,7 @@ func NewKubectlCommand(in io.Reader, out, err io.Writer) *cobra.Command { replace.NewCmdReplace(f, ioStreams), wait.NewCmdWait(f, ioStreams), convert.NewCmdConvert(f, ioStreams), + kustomize.NewCmdKustomize(ioStreams), }, }, { diff --git a/pkg/kubectl/cmd/config/BUILD b/pkg/kubectl/cmd/config/BUILD index f47fcd00fbc..256ab036948 100644 --- a/pkg/kubectl/cmd/config/BUILD +++ b/pkg/kubectl/cmd/config/BUILD @@ -35,12 +35,12 @@ go_library( "//pkg/kubectl/util/templates:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd/api:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd/api/latest:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/liggitt/tabwriter:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", ], @@ -70,10 +70,10 @@ go_test( "//pkg/kubectl/cmd/util:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd/api:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", ], ) diff --git a/pkg/kubectl/cmd/config/create_authinfo.go b/pkg/kubectl/cmd/config/create_authinfo.go index 5ac80dfe746..475684b9247 100644 --- a/pkg/kubectl/cmd/config/create_authinfo.go +++ b/pkg/kubectl/cmd/config/create_authinfo.go @@ -26,9 +26,9 @@ import ( "github.com/spf13/cobra" - "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" + cliflag "k8s.io/component-base/cli/flag" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/util/i18n" "k8s.io/kubernetes/pkg/kubectl/util/templates" @@ -37,14 +37,14 @@ import ( type createAuthInfoOptions struct { configAccess clientcmd.ConfigAccess name string - authPath flag.StringFlag - clientCertificate flag.StringFlag - clientKey flag.StringFlag - token flag.StringFlag - username flag.StringFlag - password flag.StringFlag - embedCertData flag.Tristate - authProvider flag.StringFlag + authPath cliflag.StringFlag + clientCertificate cliflag.StringFlag + clientKey cliflag.StringFlag + token cliflag.StringFlag + username cliflag.StringFlag + password cliflag.StringFlag + embedCertData cliflag.Tristate + authProvider cliflag.StringFlag authProviderArgs map[string]string authProviderArgsToRemove []string diff --git a/pkg/kubectl/cmd/config/create_authinfo_test.go b/pkg/kubectl/cmd/config/create_authinfo_test.go index 2de35e72c52..7f7025b7bc1 100644 --- a/pkg/kubectl/cmd/config/create_authinfo_test.go +++ b/pkg/kubectl/cmd/config/create_authinfo_test.go @@ -23,13 +23,13 @@ import ( "reflect" "testing" - "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" + cliflag "k8s.io/component-base/cli/flag" ) -func stringFlagFor(s string) flag.StringFlag { - var f flag.StringFlag +func stringFlagFor(s string) cliflag.StringFlag { + var f cliflag.StringFlag f.Set(s) return f } diff --git a/pkg/kubectl/cmd/config/create_cluster.go b/pkg/kubectl/cmd/config/create_cluster.go index 81d0560a98a..e2f084c22b8 100644 --- a/pkg/kubectl/cmd/config/create_cluster.go +++ b/pkg/kubectl/cmd/config/create_cluster.go @@ -25,9 +25,9 @@ import ( "github.com/spf13/cobra" - "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" + cliflag "k8s.io/component-base/cli/flag" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/util/i18n" "k8s.io/kubernetes/pkg/kubectl/util/templates" @@ -36,10 +36,10 @@ import ( type createClusterOptions struct { configAccess clientcmd.ConfigAccess name string - server flag.StringFlag - insecureSkipTLSVerify flag.Tristate - certificateAuthority flag.StringFlag - embedCAData flag.Tristate + server cliflag.StringFlag + insecureSkipTLSVerify cliflag.Tristate + certificateAuthority cliflag.StringFlag + embedCAData cliflag.Tristate } var ( diff --git a/pkg/kubectl/cmd/config/create_context.go b/pkg/kubectl/cmd/config/create_context.go index 59af1712e4a..7453151d095 100644 --- a/pkg/kubectl/cmd/config/create_context.go +++ b/pkg/kubectl/cmd/config/create_context.go @@ -23,9 +23,9 @@ import ( "github.com/spf13/cobra" - "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" + cliflag "k8s.io/component-base/cli/flag" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/util/i18n" "k8s.io/kubernetes/pkg/kubectl/util/templates" @@ -35,9 +35,9 @@ type createContextOptions struct { configAccess clientcmd.ConfigAccess name string currContext bool - cluster flag.StringFlag - authInfo flag.StringFlag - namespace flag.StringFlag + cluster cliflag.StringFlag + authInfo cliflag.StringFlag + namespace cliflag.StringFlag } var ( diff --git a/pkg/kubectl/cmd/config/set.go b/pkg/kubectl/cmd/config/set.go index 55c994136f1..4a76a0f442b 100644 --- a/pkg/kubectl/cmd/config/set.go +++ b/pkg/kubectl/cmd/config/set.go @@ -26,8 +26,8 @@ import ( "github.com/spf13/cobra" - "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/tools/clientcmd" + cliflag "k8s.io/component-base/cli/flag" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/util/i18n" "k8s.io/kubernetes/pkg/kubectl/util/templates" @@ -37,7 +37,7 @@ type setOptions struct { configAccess clientcmd.ConfigAccess propertyName string propertyValue string - setRawBytes flag.Tristate + setRawBytes cliflag.Tristate } var ( diff --git a/pkg/kubectl/cmd/config/view.go b/pkg/kubectl/cmd/config/view.go index 4df1f9a2824..a8b5ea2f32c 100644 --- a/pkg/kubectl/cmd/config/view.go +++ b/pkg/kubectl/cmd/config/view.go @@ -21,12 +21,12 @@ import ( "github.com/spf13/cobra" - "k8s.io/apiserver/pkg/util/flag" "k8s.io/cli-runtime/pkg/genericclioptions" "k8s.io/cli-runtime/pkg/genericclioptions/printers" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" "k8s.io/client-go/tools/clientcmd/api/latest" + cliflag "k8s.io/component-base/cli/flag" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/scheme" "k8s.io/kubernetes/pkg/kubectl/util/i18n" @@ -39,7 +39,7 @@ type ViewOptions struct { PrintObject printers.ResourcePrinterFunc ConfigAccess clientcmd.ConfigAccess - Merge flag.Tristate + Merge cliflag.Tristate Flatten bool Minify bool RawByteData bool diff --git a/pkg/kubectl/cmd/create/BUILD b/pkg/kubectl/cmd/create/BUILD index 49ce594021e..faa5e38e2e3 100644 --- a/pkg/kubectl/cmd/create/BUILD +++ b/pkg/kubectl/cmd/create/BUILD @@ -40,13 +40,13 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/batch/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/rbac/v1:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], diff --git a/pkg/kubectl/cmd/create/create_clusterrole.go b/pkg/kubectl/cmd/create/create_clusterrole.go index 276ae7f5891..d22bc82f9e2 100644 --- a/pkg/kubectl/cmd/create/create_clusterrole.go +++ b/pkg/kubectl/cmd/create/create_clusterrole.go @@ -24,8 +24,8 @@ import ( rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - utilflag "k8s.io/apiserver/pkg/util/flag" "k8s.io/cli-runtime/pkg/genericclioptions" + cliflag "k8s.io/component-base/cli/flag" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/util/i18n" "k8s.io/kubernetes/pkg/kubectl/util/templates" @@ -93,7 +93,7 @@ func NewCmdCreateClusterRole(f cmdutil.Factory, ioStreams genericclioptions.IOSt cmd.Flags().StringSliceVar(&c.NonResourceURLs, "non-resource-url", c.NonResourceURLs, "A partial url that user should have access to.") cmd.Flags().StringSlice("resource", []string{}, "Resource that the rule applies to") cmd.Flags().StringArrayVar(&c.ResourceNames, "resource-name", c.ResourceNames, "Resource in the white list that the rule applies to, repeat this flag for multiple items") - cmd.Flags().Var(utilflag.NewMapStringString(&c.AggregationRule), "aggregation-rule", "An aggregation label selector for combining ClusterRoles.") + cmd.Flags().Var(cliflag.NewMapStringString(&c.AggregationRule), "aggregation-rule", "An aggregation label selector for combining ClusterRoles.") return cmd } diff --git a/pkg/kubectl/cmd/exec/exec.go b/pkg/kubectl/cmd/exec/exec.go index 9f27a8a79d7..e7f40e3f71a 100644 --- a/pkg/kubectl/cmd/exec/exec.go +++ b/pkg/kubectl/cmd/exec/exec.go @@ -311,8 +311,7 @@ func (p *ExecOptions) Run() error { Resource("pods"). Name(pod.Name). Namespace(pod.Namespace). - SubResource("exec"). - Param("container", containerName) + SubResource("exec") req.VersionedParams(&corev1.PodExecOptions{ Container: containerName, Command: p.Command, diff --git a/pkg/kubectl/cmd/exec/exec_test.go b/pkg/kubectl/cmd/exec/exec_test.go index 316074e4e50..4c603bcd364 100644 --- a/pkg/kubectl/cmd/exec/exec_test.go +++ b/pkg/kubectl/cmd/exec/exec_test.go @@ -244,6 +244,10 @@ func TestExec(t *testing.T) { t.Errorf("%s: Did not get expected path for exec request", test.name) return } + if strings.Count(ex.url.RawQuery, "container=bar") != 1 { + t.Errorf("%s: Did not get expected container query param for exec request", test.name) + return + } if ex.method != "POST" { t.Errorf("%s: Did not get method for exec request: %s", test.name, ex.method) } diff --git a/pkg/kubectl/cmd/expose/expose.go b/pkg/kubectl/cmd/expose/expose.go index 2727e61c1bf..404fddb2d77 100644 --- a/pkg/kubectl/cmd/expose/expose.go +++ b/pkg/kubectl/cmd/expose/expose.go @@ -74,7 +74,7 @@ var ( kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https # Create a service for a replicated streaming application on port 4100 balancing UDP traffic and named 'video-stream'. - kubectl expose rc streamer --port=4100 --protocol=udp --name=video-stream + kubectl expose rc streamer --port=4100 --protocol=UDP --name=video-stream # Create a service for a replicated nginx using replica set, which serves on port 80 and connects to the containers on port 8000. kubectl expose rs nginx --port=80 --target-port=8000 @@ -314,7 +314,8 @@ func (o *ExposeServiceOptions) RunExpose(cmd *cobra.Command, args []string) erro } if inline := cmdutil.GetFlagString(cmd, "overrides"); len(inline) > 0 { - object, err = cmdutil.Merge(scheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...), object, inline) + codec := runtime.NewCodec(scheme.DefaultJSONEncoder(), scheme.Codecs.UniversalDecoder(scheme.Scheme.PrioritizedVersionsAllGroups()...)) + object, err = cmdutil.Merge(codec, object, inline) if err != nil { return err } diff --git a/pkg/kubectl/cmd/get/get.go b/pkg/kubectl/cmd/get/get.go index bc15a3a4726..73a450d36f2 100644 --- a/pkg/kubectl/cmd/get/get.go +++ b/pkg/kubectl/cmd/get/get.go @@ -118,6 +118,9 @@ var ( # Return only the phase value of the specified pod. kubectl get -o template pod/web-pod-13je7 --template={{.status.phase}} + # List resource information in custom columns. + kubectl get pod test-pod -o custom-columns=CONTAINER:.spec.containers[0].name,IMAGE:.spec.containers[0].image + # List all replication controllers and services together in ps output format. kubectl get rc,services @@ -175,6 +178,7 @@ func NewCmdGet(parent string, f cmdutil.Factory, streams genericclioptions.IOStr addOpenAPIPrintColumnFlags(cmd, o) addServerPrintColumnFlags(cmd, o) cmd.Flags().BoolVar(&o.Export, "export", o.Export, "If true, use 'export' for the resources. Exported resources are stripped of cluster-specific information.") + cmd.Flags().MarkDeprecated("export", "This flag is deprecated and will be removed in future.") cmdutil.AddFilenameOptionFlags(cmd, &o.FilenameOptions, "identifying the resource to get from a server.") return cmd } diff --git a/pkg/kubectl/cmd/kustomize/BUILD b/pkg/kubectl/cmd/kustomize/BUILD new file mode 100644 index 00000000000..917db7bcc87 --- /dev/null +++ b/pkg/kubectl/cmd/kustomize/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["kustomize.go"], + importpath = "k8s.io/kubernetes/pkg/kubectl/cmd/kustomize", + visibility = ["//visibility:public"], + deps = [ + "//pkg/kubectl/util/i18n:go_default_library", + "//pkg/kubectl/util/templates:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize:go_default_library", + "//vendor/github.com/spf13/cobra:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) + +go_test( + name = "go_default_test", + srcs = ["kustomize_test.go"], + embed = [":go_default_library"], +) diff --git a/pkg/kubectl/cmd/kustomize/kustomize.go b/pkg/kubectl/cmd/kustomize/kustomize.go new file mode 100644 index 00000000000..dcd5a1c3985 --- /dev/null +++ b/pkg/kubectl/cmd/kustomize/kustomize.go @@ -0,0 +1,92 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kustomize + +import ( + "errors" + "github.com/spf13/cobra" + + "k8s.io/cli-runtime/pkg/genericclioptions" + "k8s.io/cli-runtime/pkg/kustomize" + "k8s.io/kubernetes/pkg/kubectl/util/i18n" + "k8s.io/kubernetes/pkg/kubectl/util/templates" + "sigs.k8s.io/kustomize/pkg/fs" +) + +type kustomizeOptions struct { + kustomizationDir string +} + +var ( + kustomizeLong = templates.LongDesc(i18n.T(` +Print a set of API resources generated from instructions in a kustomization.yaml file. + +The argument must be the path to the directory containing +the file, or a git repository +URL with a path suffix specifying same with respect to the +repository root. + + kubectl kustomize somedir + `)) + + kustomizeExample = templates.Examples(i18n.T(` +# Use the current working directory + kubectl kustomize . + +# Use some shared configuration directory + kubectl kustomize /home/configuration/production + +# Use a URL + kubectl kustomize github.com/kubernetes-sigs/kustomize.git/examples/helloWorld?ref=v1.0.6 +`)) +) + +// NewCmdKustomize returns a kustomize command +func NewCmdKustomize(streams genericclioptions.IOStreams) *cobra.Command { + var o kustomizeOptions + + cmd := &cobra.Command{ + Use: "kustomize ", + Short: i18n.T("Build a kustomization target from a directory or a remote url."), + Long: kustomizeLong, + Example: kustomizeExample, + + RunE: func(cmd *cobra.Command, args []string) error { + err := o.Validate(args) + if err != nil { + return err + } + return kustomize.RunKustomizeBuild(streams.Out, fs.MakeRealFS(), o.kustomizationDir) + }, + } + + return cmd +} + +// Validate validates build command. +func (o *kustomizeOptions) Validate(args []string) error { + if len(args) > 1 { + return errors.New("specify one path to a kustomization directory") + } + if len(args) == 0 { + o.kustomizationDir = "./" + } else { + o.kustomizationDir = args[0] + } + + return nil +} diff --git a/pkg/kubectl/cmd/kustomize/kustomize_test.go b/pkg/kubectl/cmd/kustomize/kustomize_test.go new file mode 100644 index 00000000000..3143b1de2b2 --- /dev/null +++ b/pkg/kubectl/cmd/kustomize/kustomize_test.go @@ -0,0 +1,56 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kustomize + +import ( + "testing" +) + +func TestValidate(t *testing.T) { + var cases = []struct { + name string + args []string + path string + erMsg string + }{ + {"noargs", []string{}, "./", ""}, + {"file", []string{"beans"}, "beans", ""}, + {"path", []string{"a/b/c"}, "a/b/c", ""}, + {"path", []string{"too", "many"}, + "", "specify one path to a kustomization directory"}, + } + for _, mycase := range cases { + opts := kustomizeOptions{} + e := opts.Validate(mycase.args) + if len(mycase.erMsg) > 0 { + if e == nil { + t.Errorf("%s: Expected an error %v", mycase.name, mycase.erMsg) + } + if e.Error() != mycase.erMsg { + t.Errorf("%s: Expected error %s, but got %v", mycase.name, mycase.erMsg, e) + } + continue + } + if e != nil { + t.Errorf("%s: unknown error %v", mycase.name, e) + continue + } + if opts.kustomizationDir != mycase.path { + t.Errorf("%s: expected path '%s', got '%s'", mycase.name, mycase.path, opts.kustomizationDir) + } + } +} diff --git a/pkg/kubectl/cmd/portforward/portforward.go b/pkg/kubectl/cmd/portforward/portforward.go index ccd925207a7..d31a0193488 100644 --- a/pkg/kubectl/cmd/portforward/portforward.go +++ b/pkg/kubectl/cmd/portforward/portforward.go @@ -120,7 +120,7 @@ func NewCmdPortForward(f cmdutil.Factory, streams genericclioptions.IOStreams) * }, } cmdutil.AddPodRunningTimeoutFlag(cmd, defaultPodPortForwardWaitTimeout) - cmd.Flags().StringSliceVar(&opts.Address, "address", []string{"localhost"}, "Addresses to listen on (comma separated)") + cmd.Flags().StringSliceVar(&opts.Address, "address", []string{"localhost"}, "Addresses to listen on (comma separated). Only accepts IP addresses or localhost as a value. When localhost is supplied, kubectl will try to bind on both 127.0.0.1 and ::1 and will fail if neither of these addresses are available to bind.") // TODO support UID return cmd } diff --git a/pkg/kubectl/cmd/set/set_env.go b/pkg/kubectl/cmd/set/set_env.go index 0cc00cbcfc6..799270edd47 100644 --- a/pkg/kubectl/cmd/set/set_env.go +++ b/pkg/kubectl/cmd/set/set_env.go @@ -474,7 +474,8 @@ func (o *EnvOptions) RunEnv() error { for _, patch := range patches { info := patch.Info if patch.Err != nil { - allErrs = append(allErrs, fmt.Errorf("error: %s/%s %v", info.Mapping.Resource, info.Name, patch.Err)) + name := info.ObjectName() + allErrs = append(allErrs, fmt.Errorf("error: %s %v\n", name, patch.Err)) continue } diff --git a/pkg/kubectl/cmd/set/set_image.go b/pkg/kubectl/cmd/set/set_image.go index 6e92d5fae4f..ef422879ba9 100644 --- a/pkg/kubectl/cmd/set/set_image.go +++ b/pkg/kubectl/cmd/set/set_image.go @@ -247,7 +247,8 @@ func (o *SetImageOptions) Run() error { for _, patch := range patches { info := patch.Info if patch.Err != nil { - allErrs = append(allErrs, fmt.Errorf("error: %s/%s %v", info.Mapping.Resource, info.Name, patch.Err)) + name := info.ObjectName() + allErrs = append(allErrs, fmt.Errorf("error: %s %v\n", name, patch.Err)) continue } diff --git a/pkg/kubectl/cmd/set/set_resources.go b/pkg/kubectl/cmd/set/set_resources.go index c7872ba2afd..106df1974df 100644 --- a/pkg/kubectl/cmd/set/set_resources.go +++ b/pkg/kubectl/cmd/set/set_resources.go @@ -260,14 +260,15 @@ func (o *SetResourcesOptions) Run() error { for _, patch := range patches { info := patch.Info + name := info.ObjectName() if patch.Err != nil { - allErrs = append(allErrs, fmt.Errorf("error: %s/%s %v", info.Mapping.Resource, info.Name, patch.Err)) + allErrs = append(allErrs, fmt.Errorf("error: %s %v\n", name, patch.Err)) continue } //no changes if string(patch.Patch) == "{}" || len(patch.Patch) == 0 { - allErrs = append(allErrs, fmt.Errorf("info: %s %q was not changed", info.Mapping.Resource, info.Name)) + allErrs = append(allErrs, fmt.Errorf("info: %s was not changed\n", name)) continue } diff --git a/pkg/kubectl/cmd/set/set_serviceaccount.go b/pkg/kubectl/cmd/set/set_serviceaccount.go index e3e56346a8d..d74aaef3481 100644 --- a/pkg/kubectl/cmd/set/set_serviceaccount.go +++ b/pkg/kubectl/cmd/set/set_serviceaccount.go @@ -191,8 +191,9 @@ func (o *SetServiceAccountOptions) Run() error { patches := CalculatePatches(o.infos, scheme.DefaultJSONEncoder(), patchFn) for _, patch := range patches { info := patch.Info + name := info.ObjectName() if patch.Err != nil { - patchErrs = append(patchErrs, fmt.Errorf("error: %s/%s %v", info.Mapping.Resource, info.Name, patch.Err)) + patchErrs = append(patchErrs, fmt.Errorf("error: %s %v\n", name, patch.Err)) continue } if o.local || o.dryRun { diff --git a/pkg/kubectl/cmd/set/set_subject.go b/pkg/kubectl/cmd/set/set_subject.go index c88414590d0..fd371a26b2b 100644 --- a/pkg/kubectl/cmd/set/set_subject.go +++ b/pkg/kubectl/cmd/set/set_subject.go @@ -240,14 +240,15 @@ func (o *SubjectOptions) Run(fn updateSubjects) error { allErrs := []error{} for _, patch := range patches { info := patch.Info + name := info.ObjectName() if patch.Err != nil { - allErrs = append(allErrs, fmt.Errorf("error: %s/%s %v", info.Mapping.Resource, info.Name, patch.Err)) + allErrs = append(allErrs, fmt.Errorf("error: %s %v\n", name, patch.Err)) continue } //no changes if string(patch.Patch) == "{}" || len(patch.Patch) == 0 { - allErrs = append(allErrs, fmt.Errorf("info: %s %q was not changed", info.Mapping.Resource, info.Name)) + allErrs = append(allErrs, fmt.Errorf("info: %s was not changed\n", name)) continue } diff --git a/pkg/kubectl/cmd/testing/BUILD b/pkg/kubectl/cmd/testing/BUILD index 3664a87569a..9d16c50a5ba 100644 --- a/pkg/kubectl/cmd/testing/BUILD +++ b/pkg/kubectl/cmd/testing/BUILD @@ -26,6 +26,7 @@ go_library( "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource:go_default_library", "//staging/src/k8s.io/client-go/discovery:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/disk:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/dynamic/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", diff --git a/pkg/kubectl/cmd/testing/fake.go b/pkg/kubectl/cmd/testing/fake.go index ac116373db6..d561f000995 100644 --- a/pkg/kubectl/cmd/testing/fake.go +++ b/pkg/kubectl/cmd/testing/fake.go @@ -34,6 +34,7 @@ import ( "k8s.io/cli-runtime/pkg/genericclioptions" "k8s.io/cli-runtime/pkg/genericclioptions/resource" "k8s.io/client-go/discovery" + diskcached "k8s.io/client-go/discovery/cached/disk" "k8s.io/client-go/dynamic" fakedynamic "k8s.io/client-go/dynamic/fake" "k8s.io/client-go/kubernetes" @@ -275,10 +276,15 @@ func (d *fakeCachedDiscoveryClient) Fresh() bool { func (d *fakeCachedDiscoveryClient) Invalidate() { } +// Deprecated: use ServerGroupsAndResources instead. func (d *fakeCachedDiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) { return []*metav1.APIResourceList{}, nil } +func (d *fakeCachedDiscoveryClient) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return []*metav1.APIGroup{}, []*metav1.APIResourceList{}, nil +} + // TestFactory extends cmdutil.Factory type TestFactory struct { cmdutil.Factory @@ -453,7 +459,7 @@ func (f *TestFactory) DiscoveryClient() (discovery.CachedDiscoveryInterface, err fakeClient := f.Client.(*fake.RESTClient) cacheDir := filepath.Join("", ".kube", "cache", "discovery") - cachedClient, err := discovery.NewCachedDiscoveryClientForConfig(f.ClientConfigVal, cacheDir, "", time.Duration(10*time.Minute)) + cachedClient, err := diskcached.NewCachedDiscoveryClientForConfig(f.ClientConfigVal, cacheDir, "", time.Duration(10*time.Minute)) if err != nil { return nil, err } diff --git a/pkg/kubectl/cmd/top/top_pod_test.go b/pkg/kubectl/cmd/top/top_pod_test.go index 1d28b4c6a5d..61d1ed4a6f9 100644 --- a/pkg/kubectl/cmd/top/top_pod_test.go +++ b/pkg/kubectl/cmd/top/top_pod_test.go @@ -405,10 +405,16 @@ func (d *fakeDiscovery) ServerResourcesForGroupVersion(groupVersion string) (*me } // ServerResources returns the supported resources for all groups and versions. +// Deprecated: use ServerGroupsAndResources instead. func (d *fakeDiscovery) ServerResources() ([]*metav1.APIResourceList, error) { return nil, nil } +// ServerGroupsAndResources returns the supported groups and resources for all groups and versions. +func (d *fakeDiscovery) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return nil, nil, nil +} + // ServerPreferredResources returns the supported resources with the version preferred by the // server. func (d *fakeDiscovery) ServerPreferredResources() ([]*metav1.APIResourceList, error) { diff --git a/pkg/kubectl/cmd/util/openapi/OWNERS b/pkg/kubectl/cmd/util/openapi/OWNERS index 7eb2d06fe1a..99dabed0834 100644 --- a/pkg/kubectl/cmd/util/openapi/OWNERS +++ b/pkg/kubectl/cmd/util/openapi/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - apelisse reviewers: diff --git a/pkg/kubectl/describe/versioned/BUILD b/pkg/kubectl/describe/versioned/BUILD index 21c1a0b78c7..950c7120184 100644 --- a/pkg/kubectl/describe/versioned/BUILD +++ b/pkg/kubectl/describe/versioned/BUILD @@ -25,6 +25,7 @@ go_library( "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/api/networking/v1:go_default_library", + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/api/policy/v1beta1:go_default_library", "//staging/src/k8s.io/api/rbac/v1:go_default_library", "//staging/src/k8s.io/api/scheduling/v1beta1:go_default_library", diff --git a/pkg/kubectl/describe/versioned/describe.go b/pkg/kubectl/describe/versioned/describe.go index 6add1c2123a..2c4d34a3a02 100644 --- a/pkg/kubectl/describe/versioned/describe.go +++ b/pkg/kubectl/describe/versioned/describe.go @@ -40,6 +40,7 @@ import ( corev1 "k8s.io/api/core/v1" extensionsv1beta1 "k8s.io/api/extensions/v1beta1" networkingv1 "k8s.io/api/networking/v1" + networkingv1beta1 "k8s.io/api/networking/v1beta1" policyv1beta1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" schedulingv1beta1 "k8s.io/api/scheduling/v1beta1" @@ -173,6 +174,7 @@ func describerMap(clientConfig *rest.Config) (map[schema.GroupKind]describe.Desc {Group: extensionsv1beta1.GroupName, Kind: "DaemonSet"}: &DaemonSetDescriber{c}, {Group: extensionsv1beta1.GroupName, Kind: "Deployment"}: &DeploymentDescriber{c}, {Group: extensionsv1beta1.GroupName, Kind: "Ingress"}: &IngressDescriber{c}, + {Group: networkingv1beta1.GroupName, Kind: "Ingress"}: &IngressDescriber{c}, {Group: batchv1.GroupName, Kind: "Job"}: &JobDescriber{c}, {Group: batchv1.GroupName, Kind: "CronJob"}: &CronJobDescriber{c}, {Group: appsv1.GroupName, Kind: "StatefulSet"}: &StatefulSetDescriber{c}, @@ -642,6 +644,9 @@ func (d *PodDescriber) Describe(namespace, name string, describerSettings descri klog.Errorf("Unable to construct reference to '%#v': %v", pod, err) } else { ref.Kind = "" + if _, isMirrorPod := pod.Annotations[corev1.MirrorPodAnnotationKey]; isMirrorPod { + ref.UID = types.UID(pod.Annotations[corev1.MirrorPodAnnotationKey]) + } events, _ = d.Core().Events(namespace).Search(scheme.Scheme, ref) } } @@ -2677,7 +2682,7 @@ func (d *RoleDescriber) Describe(namespace, name string, describerSettings descr w.Write(LEVEL_1, "Resources\tNon-Resource URLs\tResource Names\tVerbs\n") w.Write(LEVEL_1, "---------\t-----------------\t--------------\t-----\n") for _, r := range compactRules { - w.Write(LEVEL_1, "%s\t%v\t%v\t%v\n", combineResourceGroup(r.Resources, r.APIGroups), r.NonResourceURLs, r.ResourceNames, r.Verbs) + w.Write(LEVEL_1, "%s\t%v\t%v\t%v\n", CombineResourceGroup(r.Resources, r.APIGroups), r.NonResourceURLs, r.ResourceNames, r.Verbs) } return nil @@ -2716,14 +2721,14 @@ func (d *ClusterRoleDescriber) Describe(namespace, name string, describerSetting w.Write(LEVEL_1, "Resources\tNon-Resource URLs\tResource Names\tVerbs\n") w.Write(LEVEL_1, "---------\t-----------------\t--------------\t-----\n") for _, r := range compactRules { - w.Write(LEVEL_1, "%s\t%v\t%v\t%v\n", combineResourceGroup(r.Resources, r.APIGroups), r.NonResourceURLs, r.ResourceNames, r.Verbs) + w.Write(LEVEL_1, "%s\t%v\t%v\t%v\n", CombineResourceGroup(r.Resources, r.APIGroups), r.NonResourceURLs, r.ResourceNames, r.Verbs) } return nil }) } -func combineResourceGroup(resource, group []string) string { +func CombineResourceGroup(resource, group []string) string { if len(resource) == 0 { return "" } diff --git a/pkg/kubectl/explain/OWNERS b/pkg/kubectl/explain/OWNERS index 7eb2d06fe1a..99dabed0834 100644 --- a/pkg/kubectl/explain/OWNERS +++ b/pkg/kubectl/explain/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - apelisse reviewers: diff --git a/pkg/kubectl/explain/field_lookup.go b/pkg/kubectl/explain/field_lookup.go index 82288642d43..9f96c507269 100644 --- a/pkg/kubectl/explain/field_lookup.go +++ b/pkg/kubectl/explain/field_lookup.go @@ -89,6 +89,10 @@ func (f *fieldLookup) VisitKind(k *proto.Kind) { subSchema.Accept(f) } +func (f *fieldLookup) VisitArbitrary(a *proto.Arbitrary) { + f.Schema = a +} + // VisitReference is mostly a passthrough. func (f *fieldLookup) VisitReference(r proto.Reference) { if f.SaveLeafSchema(r) { diff --git a/pkg/kubectl/explain/field_lookup_test.go b/pkg/kubectl/explain/field_lookup_test.go index be23a7df0a7..18843f191cf 100644 --- a/pkg/kubectl/explain/field_lookup_test.go +++ b/pkg/kubectl/explain/field_lookup_test.go @@ -87,3 +87,48 @@ func TestFindField(t *testing.T) { }) } } +func TestCrdFindField(t *testing.T) { + schema := resources.LookupResource(schema.GroupVersionKind{ + Group: "", + Version: "v1", + Kind: "CrdKind", + }) + if schema == nil { + t.Fatal("Counldn't find schema v1.CrdKind") + } + + tests := []struct { + name string + path []string + + err string + expectedPath string + }{ + { + name: "test1", + path: []string{}, + expectedPath: "CrdKind", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + path, err := LookupSchemaForField(schema, tt.path) + + gotErr := "" + if err != nil { + gotErr = err.Error() + } + + gotPath := "" + if path != nil { + gotPath = path.GetPath().String() + } + + if gotErr != tt.err || gotPath != tt.expectedPath { + t.Errorf("LookupSchemaForField(schema, %v) = (path: %q, err: %q), expected (path: %q, err: %q)", + tt.path, gotPath, gotErr, tt.expectedPath, tt.err) + } + }) + } +} diff --git a/pkg/kubectl/explain/model_printer.go b/pkg/kubectl/explain/model_printer.go index 64f5bb4487a..f717cf6a6aa 100644 --- a/pkg/kubectl/explain/model_printer.go +++ b/pkg/kubectl/explain/model_printer.go @@ -56,10 +56,12 @@ func (m *modelPrinter) PrintDescription(schema proto.Schema) error { if err := m.Writer.Write("DESCRIPTION:"); err != nil { return err } + empty := true for i, desc := range append(m.Descriptions, schema.GetDescription()) { if desc == "" { continue } + empty = false if i != 0 { if err := m.Writer.Write(""); err != nil { return err @@ -69,6 +71,9 @@ func (m *modelPrinter) PrintDescription(schema proto.Schema) error { return err } } + if empty { + return m.Writer.Indent(descriptionIndentLevel).WriteWrapped("") + } return nil } @@ -134,6 +139,15 @@ func (m *modelPrinter) VisitPrimitive(p *proto.Primitive) { m.Error = m.PrintDescription(p) } +func (m *modelPrinter) VisitArbitrary(a *proto.Arbitrary) { + if err := m.PrintKindAndVersion(); err != nil { + m.Error = err + return + } + + m.Error = m.PrintDescription(a) +} + // VisitReference recurses inside the subtype, while collecting the description. func (m *modelPrinter) VisitReference(r proto.Reference) { m.Descriptions = append(m.Descriptions, r.GetDescription()) diff --git a/pkg/kubectl/explain/model_printer_test.go b/pkg/kubectl/explain/model_printer_test.go index 42c0f424723..a6692df3755 100644 --- a/pkg/kubectl/explain/model_printer_test.go +++ b/pkg/kubectl/explain/model_printer_test.go @@ -133,3 +133,40 @@ DESCRIPTION: } } } +func TestCRDModel(t *testing.T) { + gvk := schema.GroupVersionKind{ + Group: "", + Version: "v1", + Kind: "CrdKind", + } + schema := resources.LookupResource(gvk) + if schema == nil { + t.Fatal("Couldn't find schema v1.CrdKind") + } + + tests := []struct { + path []string + want string + }{ + { + path: []string{}, + want: `KIND: CrdKind +VERSION: v1 + +DESCRIPTION: + +`, + }, + } + + for _, test := range tests { + buf := bytes.Buffer{} + if err := PrintModelDescription(test.path, &buf, schema, gvk, false); err != nil { + t.Fatalf("Failed to PrintModelDescription for path %v: %v", test.path, err) + } + got := buf.String() + if got != test.want { + t.Errorf("Got:\n%v\nWant:\n%v\n", buf.String(), test.want) + } + } +} diff --git a/pkg/kubectl/explain/test-swagger.json b/pkg/kubectl/explain/test-swagger.json index a30e6a0c954..9c137fb946c 100644 --- a/pkg/kubectl/explain/test-swagger.json +++ b/pkg/kubectl/explain/test-swagger.json @@ -73,6 +73,15 @@ "$ref": "#/definitions/PrimitiveDef" } } + }, + "CrdKind": { + "x-kubernetes-group-version-kind": [ + { + "group": "", + "kind": "CrdKind", + "version": "v1" + } + ] } } } diff --git a/pkg/kubectl/generated/bindata.go b/pkg/kubectl/generated/bindata.go index d0dd200e9b6..085a8912cde 100644 --- a/pkg/kubectl/generated/bindata.go +++ b/pkg/kubectl/generated/bindata.go @@ -70,7 +70,9 @@ func (fi bindataFileInfo) Sys() interface{} { return nil } -var _translationsOwners = []byte(`reviewers: +var _translationsOwners = []byte(`# See the OWNERS docs at https://go.k8s.io/owners + +reviewers: - brendandburns approvers: - brendandburns @@ -213,7 +215,9 @@ func translationsExtractPy() (*asset, error) { return a, nil } -var _translationsKubectlOwners = []byte(`approvers: +var _translationsKubectlOwners = []byte(`# See the OWNERS docs at https://go.k8s.io/owners + +approvers: - sig-cli-maintainers reviewers: - sig-cli diff --git a/pkg/kubectl/rolling_updater.go b/pkg/kubectl/rolling_updater.go index 3cea7c82fef..0601efc1db4 100644 --- a/pkg/kubectl/rolling_updater.go +++ b/pkg/kubectl/rolling_updater.go @@ -101,7 +101,7 @@ type RollingUpdaterConfig struct { // when the rolling update starts, such that the total number of old and new pods do not exceed // 130% of desired pods. Once old pods have been killed, new RC can be scaled up // further, ensuring that total number of pods running at any time during - // the update is atmost 130% of desired pods. + // the update is at most 130% of desired pods. MaxSurge intstr.IntOrString // OnProgress is invoked if set during each scale cycle, to allow the caller to perform additional logic or // abort the scale. If an error is returned the cleanup method will not be invoked. The percentage value diff --git a/pkg/kubectl/util/templates/markdown.go b/pkg/kubectl/util/templates/markdown.go index 1a19f89fd4c..65ee886d10a 100644 --- a/pkg/kubectl/util/templates/markdown.go +++ b/pkg/kubectl/util/templates/markdown.go @@ -46,8 +46,10 @@ func (r *ASCIIRenderer) NormalText(out *bytes.Buffer, text []byte) { lines := strings.Split(raw, linebreak) for _, line := range lines { trimmed := strings.Trim(line, " \n\t") + if len(trimmed) > 0 && trimmed[0] != '_' { + out.WriteString(" ") + } out.WriteString(trimmed) - out.WriteString(" ") } } diff --git a/pkg/kubectl/util/templates/normalizers.go b/pkg/kubectl/util/templates/normalizers.go index db7b17a7d6d..f90412058a0 100644 --- a/pkg/kubectl/util/templates/normalizers.go +++ b/pkg/kubectl/util/templates/normalizers.go @@ -70,7 +70,7 @@ type normalizer struct { func (s normalizer) markdown() normalizer { bytes := []byte(s.string) - formatted := blackfriday.Markdown(bytes, &ASCIIRenderer{Indentation: Indentation}, 0) + formatted := blackfriday.Markdown(bytes, &ASCIIRenderer{Indentation: Indentation}, blackfriday.EXTENSION_NO_INTRA_EMPHASIS) s.string = string(formatted) return s } diff --git a/pkg/kubelet/OWNERS b/pkg/kubelet/OWNERS index 6d98243a138..8de8ee816c6 100644 --- a/pkg/kubelet/OWNERS +++ b/pkg/kubelet/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - Random-Liu - dchen1107 diff --git a/pkg/kubelet/apis/BUILD b/pkg/kubelet/apis/BUILD index 926c8add6ca..e1bfa430ca5 100644 --- a/pkg/kubelet/apis/BUILD +++ b/pkg/kubelet/apis/BUILD @@ -14,6 +14,7 @@ go_library( ], importpath = "k8s.io/kubernetes/pkg/kubelet/apis", deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", ] + select({ "@io_bazel_rules_go//go/platform:windows": [ diff --git a/pkg/kubelet/apis/config/OWNERS b/pkg/kubelet/apis/config/OWNERS index 7eed1121edd..b8b2acd3b66 100644 --- a/pkg/kubelet/apis/config/OWNERS +++ b/pkg/kubelet/apis/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - mtaufen reviewers: diff --git a/pkg/kubelet/apis/config/types.go b/pkg/kubelet/apis/config/types.go index 7061a62e0c9..079cb192534 100644 --- a/pkg/kubelet/apis/config/types.go +++ b/pkg/kubelet/apis/config/types.go @@ -291,12 +291,12 @@ type KubeletConfiguration struct { /* the following fields are meant for Node Allocatable */ - // A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs + // A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G,pids=100) pairs // that describe resources reserved for non-kubernetes components. // Currently only cpu and memory are supported. // See http://kubernetes.io/docs/user-guide/compute-resources for more detail. SystemReserved map[string]string - // A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs + // A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G,pids=100) pairs // that describe resources reserved for kubernetes system components. // Currently cpu, memory and local ephemeral storage for root file system are supported. // See http://kubernetes.io/docs/user-guide/compute-resources for more detail. diff --git a/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go b/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go index bb29c29521a..f93bf5c6803 100644 --- a/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go +++ b/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go @@ -736,7 +736,8 @@ type PodSandboxConfig struct { // operation. The runtime may also use this information to improve UX, such // as by constructing a readable name. Metadata *PodSandboxMetadata `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"` - // Hostname of the sandbox. + // Hostname of the sandbox. Hostname could only be empty when the pod + // network namespace is NODE. Hostname string `protobuf:"bytes,2,opt,name=hostname,proto3" json:"hostname,omitempty"` // Path to the directory on the host in which container log files are // stored. @@ -848,7 +849,7 @@ type RunPodSandboxRequest struct { // If the runtime handler is unknown, this request should be rejected. An // empty string should select the default handler, equivalent to the // behavior before this feature was added. - // See https://git.k8s.io/community/keps/sig-node/0014-runtime-class.md + // See https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md RuntimeHandler string `protobuf:"bytes,2,opt,name=runtime_handler,json=runtimeHandler,proto3" json:"runtime_handler,omitempty"` } @@ -1029,6 +1030,8 @@ type PodSandboxStatus struct { // MUST be identical to that of the corresponding PodSandboxConfig used to // instantiate the pod sandbox this status represents. Annotations map[string]string `protobuf:"bytes,8,rep,name=annotations" json:"annotations,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // runtime configuration used for this PodSandbox. + RuntimeHandler string `protobuf:"bytes,9,opt,name=runtime_handler,json=runtimeHandler,proto3" json:"runtime_handler,omitempty"` } func (m *PodSandboxStatus) Reset() { *m = PodSandboxStatus{} } @@ -1091,6 +1094,13 @@ func (m *PodSandboxStatus) GetAnnotations() map[string]string { return nil } +func (m *PodSandboxStatus) GetRuntimeHandler() string { + if m != nil { + return m.RuntimeHandler + } + return "" +} + type PodSandboxStatusResponse struct { // Status of the PodSandbox. Status *PodSandboxStatus `protobuf:"bytes,1,opt,name=status" json:"status,omitempty"` @@ -1207,6 +1217,8 @@ type PodSandbox struct { // MUST be identical to that of the corresponding PodSandboxConfig used to // instantiate this PodSandbox. Annotations map[string]string `protobuf:"bytes,6,rep,name=annotations" json:"annotations,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // runtime configuration used for this PodSandbox. + RuntimeHandler string `protobuf:"bytes,7,opt,name=runtime_handler,json=runtimeHandler,proto3" json:"runtime_handler,omitempty"` } func (m *PodSandbox) Reset() { *m = PodSandbox{} } @@ -1255,6 +1267,13 @@ func (m *PodSandbox) GetAnnotations() map[string]string { return nil } +func (m *PodSandbox) GetRuntimeHandler() string { + if m != nil { + return m.RuntimeHandler + } + return "" +} + type ListPodSandboxResponse struct { // List of PodSandboxes. Items []*PodSandbox `protobuf:"bytes,1,rep,name=items" json:"items,omitempty"` @@ -5774,6 +5793,12 @@ func (m *PodSandboxStatus) MarshalTo(dAtA []byte) (int, error) { i += copy(dAtA[i:], v) } } + if len(m.RuntimeHandler) > 0 { + dAtA[i] = 0x4a + i++ + i = encodeVarintApi(dAtA, i, uint64(len(m.RuntimeHandler))) + i += copy(dAtA[i:], m.RuntimeHandler) + } return i, nil } @@ -5999,6 +6024,12 @@ func (m *PodSandbox) MarshalTo(dAtA []byte) (int, error) { i += copy(dAtA[i:], v) } } + if len(m.RuntimeHandler) > 0 { + dAtA[i] = 0x3a + i++ + i = encodeVarintApi(dAtA, i, uint64(len(m.RuntimeHandler))) + i += copy(dAtA[i:], m.RuntimeHandler) + } return i, nil } @@ -9446,6 +9477,10 @@ func (m *PodSandboxStatus) Size() (n int) { n += mapEntrySize + 1 + sovApi(uint64(mapEntrySize)) } } + l = len(m.RuntimeHandler) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } return n } @@ -9541,6 +9576,10 @@ func (m *PodSandbox) Size() (n int) { n += mapEntrySize + 1 + sovApi(uint64(mapEntrySize)) } } + l = len(m.RuntimeHandler) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } return n } @@ -11127,6 +11166,7 @@ func (this *PodSandboxStatus) String() string { `Linux:` + strings.Replace(fmt.Sprintf("%v", this.Linux), "LinuxPodSandboxStatus", "LinuxPodSandboxStatus", 1) + `,`, `Labels:` + mapStringForLabels + `,`, `Annotations:` + mapStringForAnnotations + `,`, + `RuntimeHandler:` + fmt.Sprintf("%v", this.RuntimeHandler) + `,`, `}`, }, "") return s @@ -11225,6 +11265,7 @@ func (this *PodSandbox) String() string { `CreatedAt:` + fmt.Sprintf("%v", this.CreatedAt) + `,`, `Labels:` + mapStringForLabels + `,`, `Annotations:` + mapStringForAnnotations + `,`, + `RuntimeHandler:` + fmt.Sprintf("%v", this.RuntimeHandler) + `,`, `}`, }, "") return s @@ -15490,6 +15531,35 @@ func (m *PodSandboxStatus) Unmarshal(dAtA []byte) error { } m.Annotations[mapkey] = mapvalue iNdEx = postIndex + case 9: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RuntimeHandler", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.RuntimeHandler = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApi(dAtA[iNdEx:]) @@ -16459,6 +16529,35 @@ func (m *PodSandbox) Unmarshal(dAtA []byte) error { } m.Annotations[mapkey] = mapvalue iNdEx = postIndex + case 7: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RuntimeHandler", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.RuntimeHandler = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApi(dAtA[iNdEx:]) @@ -26861,300 +26960,300 @@ var ( func init() { proto.RegisterFile("api.proto", fileDescriptorApi) } var fileDescriptorApi = []byte{ - // 4708 bytes of a gzipped FileDescriptorProto + // 4720 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x5c, 0xcd, 0x6f, 0x1b, 0x49, 0x76, 0x57, 0x93, 0xfa, 0x20, 0x1f, 0x45, 0x89, 0x2a, 0xcb, 0x16, 0x4d, 0x8f, 0x35, 0x56, 0xcf, - 0xf8, 0x73, 0x66, 0xe4, 0xb1, 0x66, 0xd7, 0x13, 0xdb, 0xb3, 0xb6, 0x69, 0x49, 0xb6, 0x99, 0xb5, - 0x29, 0xa6, 0x29, 0xcd, 0xc7, 0xce, 0x00, 0xbd, 0x2d, 0x76, 0x89, 0xea, 0x35, 0xd9, 0xd5, 0xd3, - 0xdd, 0xb4, 0xad, 0x04, 0x08, 0x16, 0x08, 0xb2, 0x87, 0x00, 0x01, 0x72, 0xce, 0x71, 0x73, 0xc8, - 0x21, 0xb7, 0x00, 0x41, 0x0e, 0x39, 0x6d, 0xb0, 0x87, 0xbd, 0x04, 0xc8, 0x69, 0x91, 0x8f, 0x4b, - 0x66, 0x92, 0x5c, 0x72, 0x08, 0xf2, 0x07, 0xe4, 0x10, 0xd4, 0x57, 0xb3, 0x3f, 0xf9, 0xe1, 0xf1, - 0xee, 0x4c, 0x4e, 0xea, 0x7a, 0xfd, 0xde, 0xab, 0x57, 0xaf, 0x5e, 0xbf, 0x7a, 0xf5, 0xab, 0xa2, - 0xa0, 0x68, 0x38, 0xd6, 0xa6, 0xe3, 0x12, 0x9f, 0xa0, 0x8a, 0x3b, 0xb0, 0x7d, 0xab, 0x8f, 0x37, - 0x9f, 0xdf, 0x30, 0x7a, 0xce, 0xb1, 0xb1, 0x55, 0x7b, 0xaf, 0x6b, 0xf9, 0xc7, 0x83, 0xc3, 0xcd, - 0x0e, 0xe9, 0x5f, 0xef, 0x92, 0x2e, 0xb9, 0xce, 0x18, 0x0f, 0x07, 0x47, 0xac, 0xc5, 0x1a, 0xec, - 0x89, 0x2b, 0x50, 0xaf, 0xc1, 0xd2, 0xc7, 0xd8, 0xf5, 0x2c, 0x62, 0x6b, 0xf8, 0xcb, 0x01, 0xf6, - 0x7c, 0x54, 0x85, 0x85, 0xe7, 0x9c, 0x52, 0x55, 0x2e, 0x28, 0x57, 0x8a, 0x9a, 0x6c, 0xaa, 0x7f, - 0xa9, 0xc0, 0x72, 0xc0, 0xec, 0x39, 0xc4, 0xf6, 0x70, 0x36, 0x37, 0xda, 0x80, 0x45, 0x61, 0x9c, - 0x6e, 0x1b, 0x7d, 0x5c, 0xcd, 0xb1, 0xd7, 0x25, 0x41, 0x6b, 0x1a, 0x7d, 0x8c, 0x2e, 0xc3, 0xb2, - 0x64, 0x91, 0x4a, 0xf2, 0x8c, 0x6b, 0x49, 0x90, 0x45, 0x6f, 0x68, 0x13, 0x4e, 0x49, 0x46, 0xc3, - 0xb1, 0x02, 0xe6, 0x59, 0xc6, 0xbc, 0x22, 0x5e, 0xd5, 0x1d, 0x4b, 0xf0, 0xab, 0x9f, 0x43, 0x71, - 0xa7, 0xd9, 0xde, 0x26, 0xf6, 0x91, 0xd5, 0xa5, 0x26, 0x7a, 0xd8, 0xa5, 0x32, 0x55, 0xe5, 0x42, - 0x9e, 0x9a, 0x28, 0x9a, 0xa8, 0x06, 0x05, 0x0f, 0x1b, 0x6e, 0xe7, 0x18, 0x7b, 0xd5, 0x1c, 0x7b, - 0x15, 0xb4, 0xa9, 0x14, 0x71, 0x7c, 0x8b, 0xd8, 0x5e, 0x35, 0xcf, 0xa5, 0x44, 0x53, 0xfd, 0xb9, - 0x02, 0xa5, 0x16, 0x71, 0xfd, 0xa7, 0x86, 0xe3, 0x58, 0x76, 0x17, 0xdd, 0x84, 0x02, 0xf3, 0x65, - 0x87, 0xf4, 0x98, 0x0f, 0x96, 0xb6, 0x6a, 0x9b, 0xf1, 0x69, 0xd9, 0x6c, 0x09, 0x0e, 0x2d, 0xe0, - 0x45, 0x17, 0x61, 0xa9, 0x43, 0x6c, 0xdf, 0xb0, 0x6c, 0xec, 0xea, 0x0e, 0x71, 0x7d, 0xe6, 0xa2, - 0x39, 0xad, 0x1c, 0x50, 0x69, 0x2f, 0xe8, 0x1c, 0x14, 0x8f, 0x89, 0xe7, 0x73, 0x8e, 0x3c, 0xe3, - 0x28, 0x50, 0x02, 0x7b, 0xb9, 0x06, 0x0b, 0xec, 0xa5, 0xe5, 0x08, 0x67, 0xcc, 0xd3, 0x66, 0xc3, - 0x51, 0x7f, 0xad, 0xc0, 0xdc, 0x53, 0x32, 0xb0, 0xfd, 0x58, 0x37, 0x86, 0x7f, 0x2c, 0x26, 0x2a, - 0xd4, 0x8d, 0xe1, 0x1f, 0x0f, 0xbb, 0xa1, 0x1c, 0x7c, 0xae, 0x78, 0x37, 0xf4, 0x65, 0x0d, 0x0a, - 0x2e, 0x36, 0x4c, 0x62, 0xf7, 0x4e, 0x98, 0x09, 0x05, 0x2d, 0x68, 0xd3, 0x49, 0xf4, 0x70, 0xcf, - 0xb2, 0x07, 0x2f, 0x75, 0x17, 0xf7, 0x8c, 0x43, 0xdc, 0x63, 0xa6, 0x14, 0xb4, 0x25, 0x41, 0xd6, - 0x38, 0x15, 0xed, 0x40, 0xc9, 0x71, 0x89, 0x63, 0x74, 0x0d, 0xea, 0xc7, 0xea, 0x1c, 0x73, 0x95, - 0x9a, 0x74, 0x15, 0x33, 0xbb, 0x35, 0xe4, 0xd4, 0xc2, 0x62, 0xea, 0x5f, 0x2b, 0xb0, 0x4c, 0x83, - 0xc7, 0x73, 0x8c, 0x0e, 0xde, 0x63, 0x53, 0x82, 0x6e, 0xc1, 0x82, 0x8d, 0xfd, 0x17, 0xc4, 0x7d, - 0x26, 0x26, 0xe0, 0xcd, 0xa4, 0xd6, 0x40, 0xe6, 0x29, 0x31, 0xb1, 0x26, 0xf9, 0xd1, 0x0d, 0xc8, - 0x3b, 0x96, 0xc9, 0x06, 0x3c, 0x81, 0x18, 0xe5, 0xa5, 0x22, 0x96, 0xd3, 0x61, 0x7e, 0x98, 0x44, - 0xc4, 0x72, 0x3a, 0xaa, 0x0a, 0xd0, 0xb0, 0xfd, 0x9b, 0xdf, 0xfb, 0xd8, 0xe8, 0x0d, 0x30, 0x5a, - 0x85, 0xb9, 0xe7, 0xf4, 0x81, 0x19, 0x9b, 0xd7, 0x78, 0x43, 0xfd, 0x2a, 0x0f, 0xe7, 0x9e, 0x50, - 0x7f, 0xb5, 0x0d, 0xdb, 0x3c, 0x24, 0x2f, 0xdb, 0xb8, 0x33, 0x70, 0x2d, 0xff, 0x64, 0x9b, 0xd8, - 0x3e, 0x7e, 0xe9, 0xa3, 0x26, 0xac, 0xd8, 0x52, 0xb3, 0x2e, 0x43, 0x93, 0x6a, 0x28, 0x6d, 0x6d, - 0x8c, 0x30, 0x82, 0xbb, 0x48, 0xab, 0xd8, 0x51, 0x82, 0x87, 0x1e, 0x0f, 0xe7, 0x4d, 0x6a, 0xcb, - 0x31, 0x6d, 0x29, 0x43, 0x6a, 0xef, 0x32, 0xcb, 0x84, 0x2e, 0x39, 0xb1, 0x52, 0xd3, 0x47, 0x40, - 0xbf, 0x6a, 0xdd, 0xf0, 0xf4, 0x81, 0x87, 0x5d, 0xe6, 0x98, 0xd2, 0xd6, 0x1b, 0x49, 0x2d, 0x43, - 0x17, 0x68, 0x45, 0x77, 0x60, 0xd7, 0xbd, 0x03, 0x0f, 0xbb, 0x2c, 0x09, 0x88, 0x58, 0xd2, 0x5d, - 0x42, 0xfc, 0x23, 0x4f, 0xc6, 0x8f, 0x24, 0x6b, 0x8c, 0x8a, 0xae, 0xc3, 0x29, 0x6f, 0xe0, 0x38, - 0x3d, 0xdc, 0xc7, 0xb6, 0x6f, 0xf4, 0xf4, 0xae, 0x4b, 0x06, 0x8e, 0x57, 0x9d, 0xbb, 0x90, 0xbf, - 0x92, 0xd7, 0x50, 0xf8, 0xd5, 0x23, 0xf6, 0x06, 0xad, 0x03, 0x38, 0xae, 0xf5, 0xdc, 0xea, 0xe1, - 0x2e, 0x36, 0xab, 0xf3, 0x4c, 0x69, 0x88, 0x82, 0xde, 0x87, 0x55, 0x0f, 0x77, 0x3a, 0xa4, 0xef, - 0xe8, 0x8e, 0x4b, 0x8e, 0xac, 0x1e, 0xe6, 0xd1, 0xbf, 0xc0, 0xa2, 0x1f, 0x89, 0x77, 0x2d, 0xfe, - 0x8a, 0x7d, 0x07, 0x77, 0x59, 0x4e, 0xa3, 0x23, 0x65, 0x9d, 0x57, 0x0b, 0x13, 0x0c, 0x15, 0xd8, - 0x50, 0x99, 0x49, 0xea, 0xcf, 0x73, 0x70, 0x9a, 0x79, 0xb2, 0x45, 0x4c, 0x31, 0xcd, 0x22, 0x49, - 0xbd, 0x05, 0xe5, 0x0e, 0xd3, 0xa9, 0x3b, 0x86, 0x8b, 0x6d, 0x5f, 0x7c, 0xa4, 0x8b, 0x9c, 0xd8, - 0x62, 0x34, 0xf4, 0x29, 0x54, 0x3c, 0x11, 0x15, 0x7a, 0x87, 0x87, 0x85, 0x98, 0xb3, 0xf7, 0x92, - 0x26, 0x8c, 0x88, 0x25, 0x6d, 0xd9, 0x4b, 0x04, 0xd7, 0x82, 0x77, 0xe2, 0x75, 0xfc, 0x1e, 0xcf, - 0x76, 0xa5, 0xad, 0xef, 0x65, 0x28, 0x8c, 0x1b, 0xbe, 0xd9, 0xe6, 0x62, 0xbb, 0xb6, 0xef, 0x9e, - 0x68, 0x52, 0x49, 0xed, 0x36, 0x2c, 0x86, 0x5f, 0xa0, 0x0a, 0xe4, 0x9f, 0xe1, 0x13, 0x31, 0x28, - 0xfa, 0x38, 0xfc, 0x08, 0x78, 0xae, 0xe1, 0x8d, 0xdb, 0xb9, 0xdf, 0x51, 0x54, 0x17, 0xd0, 0xb0, - 0x97, 0xa7, 0xd8, 0x37, 0x4c, 0xc3, 0x37, 0x10, 0x82, 0x59, 0xb6, 0x8c, 0x70, 0x15, 0xec, 0x99, - 0x6a, 0x1d, 0x88, 0x8f, 0xb7, 0xa8, 0xd1, 0x47, 0xf4, 0x06, 0x14, 0x83, 0x40, 0x17, 0x6b, 0xc9, - 0x90, 0x40, 0x73, 0xba, 0xe1, 0xfb, 0xb8, 0xef, 0xf8, 0x2c, 0xc4, 0xca, 0x9a, 0x6c, 0xaa, 0xff, - 0x3d, 0x0b, 0x95, 0xc4, 0x9c, 0xdc, 0x87, 0x42, 0x5f, 0x74, 0x2f, 0x3e, 0xb4, 0xb7, 0x53, 0x12, - 0x7b, 0xc2, 0x54, 0x2d, 0x90, 0xa2, 0x79, 0x93, 0xe6, 0xd0, 0xd0, 0xfa, 0x17, 0xb4, 0xe9, 0x8c, - 0xf7, 0x48, 0x57, 0x37, 0x2d, 0x17, 0x77, 0x7c, 0xe2, 0x9e, 0x08, 0x73, 0x17, 0x7b, 0xa4, 0xbb, - 0x23, 0x69, 0xe8, 0x36, 0x80, 0x69, 0x7b, 0x74, 0xb2, 0x8f, 0xac, 0x2e, 0x33, 0xba, 0xb4, 0x75, - 0x2e, 0x69, 0x44, 0xb0, 0xd8, 0x69, 0x45, 0xd3, 0xf6, 0x84, 0xf9, 0x0f, 0xa0, 0x4c, 0xd7, 0x0c, - 0xbd, 0xcf, 0xd7, 0x29, 0xfe, 0xa5, 0x94, 0xb6, 0xce, 0xa7, 0x8d, 0x21, 0x58, 0xcd, 0xb4, 0x45, - 0x67, 0xd8, 0xf0, 0xd0, 0x43, 0x98, 0x67, 0xc9, 0xdb, 0xab, 0xce, 0x33, 0xe1, 0xcd, 0x51, 0x0e, - 0x10, 0x11, 0xf1, 0x84, 0x09, 0xf0, 0x80, 0x10, 0xd2, 0xe8, 0x00, 0x4a, 0x86, 0x6d, 0x13, 0xdf, - 0xe0, 0x89, 0x66, 0x81, 0x29, 0xfb, 0x60, 0x02, 0x65, 0xf5, 0xa1, 0x14, 0xd7, 0x18, 0xd6, 0x83, - 0x7e, 0x00, 0x73, 0x2c, 0x13, 0x89, 0x0f, 0xf1, 0xf2, 0x84, 0x41, 0xab, 0x71, 0xa9, 0xda, 0x2d, - 0x28, 0x85, 0x8c, 0x9d, 0x26, 0x48, 0x6b, 0x77, 0xa1, 0x12, 0x37, 0x6d, 0xaa, 0x20, 0xff, 0x03, - 0x58, 0xd5, 0x06, 0xf6, 0xd0, 0x30, 0x59, 0x7d, 0xdd, 0x86, 0x79, 0x31, 0xd9, 0x3c, 0xe2, 0xd4, - 0xf1, 0x3e, 0xd2, 0x84, 0x44, 0xb8, 0x9c, 0x3a, 0x36, 0x6c, 0xb3, 0x87, 0x5d, 0xd1, 0xaf, 0x2c, - 0xa7, 0x1e, 0x73, 0xaa, 0xfa, 0x03, 0x38, 0x1d, 0xeb, 0x5c, 0x54, 0x73, 0x6f, 0xc3, 0x92, 0x43, - 0x4c, 0xdd, 0xe3, 0x64, 0xdd, 0x32, 0x65, 0x1a, 0x72, 0x02, 0xde, 0x86, 0x49, 0xc5, 0xdb, 0x3e, - 0x71, 0x92, 0xc6, 0x4f, 0x26, 0x5e, 0x85, 0x33, 0x71, 0x71, 0xde, 0xbd, 0x7a, 0x0f, 0xd6, 0x34, - 0xdc, 0x27, 0xcf, 0xf1, 0xab, 0xaa, 0xae, 0x41, 0x35, 0xa9, 0x40, 0x28, 0xff, 0x0c, 0xd6, 0x86, - 0xd4, 0xb6, 0x6f, 0xf8, 0x03, 0x6f, 0x2a, 0xe5, 0xa2, 0xd4, 0x3d, 0x24, 0x1e, 0x9f, 0xce, 0x82, - 0x26, 0x9b, 0xea, 0xd5, 0xb0, 0xea, 0x26, 0xaf, 0x2c, 0x78, 0x0f, 0x68, 0x09, 0x72, 0x96, 0x23, - 0xd4, 0xe5, 0x2c, 0x47, 0x7d, 0x0c, 0xc5, 0x60, 0x69, 0x46, 0x77, 0x86, 0x35, 0x66, 0x6e, 0xd2, - 0x85, 0x3c, 0x28, 0x43, 0xf7, 0x13, 0x4b, 0x89, 0xe8, 0xf2, 0x0e, 0x40, 0x90, 0xf2, 0x64, 0x85, - 0x70, 0x6e, 0x84, 0x62, 0x2d, 0xc4, 0xae, 0xfe, 0x4b, 0x24, 0x11, 0x86, 0x06, 0x61, 0x06, 0x83, - 0x30, 0x23, 0x89, 0x31, 0xf7, 0x4a, 0x89, 0xf1, 0x43, 0x98, 0xf3, 0x7c, 0xc3, 0xc7, 0xa2, 0x8a, - 0xda, 0x18, 0x25, 0x4e, 0x8d, 0xc0, 0x1a, 0xe7, 0x47, 0xe7, 0x01, 0x3a, 0x2e, 0x36, 0x7c, 0x6c, - 0xea, 0x06, 0xcf, 0xe2, 0x79, 0xad, 0x28, 0x28, 0x75, 0x1f, 0x6d, 0x0f, 0x2b, 0xc1, 0x39, 0x66, - 0xd8, 0xd5, 0x51, 0x9a, 0x23, 0x53, 0x35, 0xac, 0x09, 0x83, 0xac, 0x32, 0x3f, 0x61, 0x56, 0x11, - 0x0a, 0xb8, 0x54, 0x28, 0x67, 0x2e, 0x8c, 0xcf, 0x99, 0x5c, 0x74, 0x92, 0x9c, 0x59, 0x18, 0x9f, - 0x33, 0x85, 0xb2, 0x91, 0x39, 0xf3, 0xdb, 0x4c, 0x7a, 0xff, 0xac, 0x40, 0x35, 0xf9, 0x0d, 0x8a, - 0xdc, 0x73, 0x1b, 0xe6, 0x3d, 0x46, 0x99, 0x24, 0xf3, 0x09, 0x59, 0x21, 0x81, 0x1e, 0xc3, 0xac, - 0x65, 0x1f, 0x11, 0xb6, 0x89, 0x4b, 0xad, 0x5d, 0xb2, 0x7a, 0xdd, 0x6c, 0xd8, 0x47, 0x84, 0x3b, - 0x89, 0x69, 0xa8, 0x7d, 0x08, 0xc5, 0x80, 0x34, 0xd5, 0xd8, 0xf6, 0x60, 0x35, 0x16, 0xb2, 0xbc, - 0xd8, 0x0f, 0x22, 0x5d, 0x99, 0x2e, 0xd2, 0xd5, 0x9f, 0xe6, 0xc2, 0x5f, 0xe2, 0x43, 0xab, 0xe7, - 0x63, 0x37, 0xf1, 0x25, 0x7e, 0x24, 0xb5, 0xf3, 0xcf, 0xf0, 0xd2, 0x58, 0xed, 0xbc, 0x26, 0x15, - 0x1f, 0xd3, 0x17, 0xb0, 0xc4, 0x62, 0x4d, 0xf7, 0x70, 0x8f, 0x15, 0x1c, 0xa2, 0xf8, 0xfb, 0xfe, - 0x28, 0x35, 0xdc, 0x12, 0x1e, 0xb1, 0x6d, 0x21, 0xc7, 0x3d, 0x58, 0xee, 0x85, 0x69, 0xb5, 0xfb, - 0x80, 0x92, 0x4c, 0x53, 0xf9, 0xb4, 0x4d, 0x53, 0x1c, 0xdd, 0xe9, 0xa6, 0xac, 0x92, 0x47, 0xcc, - 0x8c, 0x49, 0x62, 0x85, 0x1b, 0xac, 0x09, 0x09, 0xf5, 0x97, 0x79, 0x80, 0xe1, 0xcb, 0xff, 0x47, - 0xb9, 0xed, 0x7e, 0x90, 0x57, 0x78, 0x21, 0x77, 0x65, 0x94, 0xe2, 0xd4, 0x8c, 0xb2, 0x17, 0xcd, - 0x28, 0xbc, 0xa4, 0x7b, 0x6f, 0xa4, 0x9a, 0xef, 0x6c, 0x2e, 0x79, 0x02, 0x67, 0xe2, 0xb1, 0x21, - 0x12, 0xc9, 0x16, 0xcc, 0x59, 0x3e, 0xee, 0x73, 0xb4, 0x27, 0x75, 0x77, 0x16, 0x12, 0xe2, 0xac, - 0xea, 0x06, 0x14, 0x1b, 0x7d, 0xa3, 0x8b, 0xdb, 0x0e, 0xee, 0xd0, 0x4e, 0x2d, 0xda, 0x10, 0x86, - 0xf0, 0x86, 0xba, 0x05, 0x85, 0x1f, 0xe2, 0x13, 0xfe, 0x51, 0x4f, 0x68, 0xa8, 0xfa, 0xa7, 0x39, - 0x58, 0x63, 0x6b, 0xc5, 0xb6, 0xc4, 0x5a, 0x34, 0xec, 0x91, 0x81, 0xdb, 0xc1, 0x1e, 0x9b, 0x6d, - 0x67, 0xa0, 0x3b, 0xd8, 0xb5, 0x88, 0x29, 0xa0, 0x80, 0x62, 0xc7, 0x19, 0xb4, 0x18, 0x01, 0x9d, - 0x03, 0xda, 0xd0, 0xbf, 0x1c, 0x10, 0x11, 0x88, 0x79, 0xad, 0xd0, 0x71, 0x06, 0xbf, 0x47, 0xdb, - 0x52, 0xd6, 0x3b, 0x36, 0x5c, 0xec, 0xb1, 0x38, 0xe3, 0xb2, 0x6d, 0x46, 0x40, 0x37, 0xe0, 0x74, - 0x1f, 0xf7, 0x89, 0x7b, 0xa2, 0xf7, 0xac, 0xbe, 0xe5, 0xeb, 0x96, 0xad, 0x1f, 0x9e, 0xf8, 0xd8, - 0x13, 0x31, 0x85, 0xf8, 0xcb, 0x27, 0xf4, 0x5d, 0xc3, 0x7e, 0x40, 0xdf, 0x20, 0x15, 0xca, 0x84, - 0xf4, 0x75, 0xaf, 0x43, 0x5c, 0xac, 0x1b, 0xe6, 0x4f, 0xd8, 0xf2, 0x99, 0xd7, 0x4a, 0x84, 0xf4, - 0xdb, 0x94, 0x56, 0x37, 0x7f, 0x82, 0xde, 0x84, 0x52, 0xc7, 0x19, 0x78, 0xd8, 0xd7, 0xe9, 0x1f, - 0xb6, 0x3a, 0x16, 0x35, 0xe0, 0xa4, 0x6d, 0x67, 0xe0, 0x85, 0x18, 0xfa, 0xd4, 0xff, 0x0b, 0x61, - 0x86, 0xa7, 0xd4, 0xcd, 0x06, 0x94, 0x23, 0x50, 0x02, 0xdd, 0xd5, 0x31, 0xcc, 0x40, 0xec, 0xea, - 0xe8, 0x33, 0xa5, 0xb9, 0xa4, 0x27, 0x3d, 0xc9, 0x9e, 0x29, 0xcd, 0x3f, 0x71, 0xe4, 0x96, 0x8e, - 0x3d, 0x53, 0x97, 0xf7, 0xf0, 0x73, 0x01, 0x37, 0x15, 0x35, 0xde, 0x50, 0x4d, 0x80, 0x6d, 0xc3, - 0x31, 0x0e, 0xad, 0x9e, 0xe5, 0x9f, 0xa0, 0xab, 0x50, 0x31, 0x4c, 0x53, 0xef, 0x48, 0x8a, 0x85, - 0x25, 0x08, 0xb8, 0x6c, 0x98, 0xe6, 0x76, 0x88, 0x8c, 0xde, 0x81, 0x15, 0xd3, 0x25, 0x4e, 0x94, - 0x97, 0xa3, 0x82, 0x15, 0xfa, 0x22, 0xcc, 0xac, 0xfe, 0xc7, 0x1c, 0x9c, 0x8f, 0x4e, 0x6c, 0x1c, - 0xae, 0xb9, 0x0f, 0x8b, 0xb1, 0x5e, 0x33, 0xa0, 0x82, 0xa1, 0xb5, 0x5a, 0x44, 0x22, 0x06, 0x5f, - 0xe4, 0x12, 0xf0, 0x45, 0x2a, 0x20, 0x94, 0x7f, 0xad, 0x80, 0xd0, 0xec, 0x6b, 0x01, 0x84, 0xe6, - 0xa6, 0x03, 0x84, 0x2e, 0xb1, 0x6d, 0x8c, 0x94, 0x66, 0x7b, 0x67, 0x1e, 0x6a, 0xe5, 0x80, 0xc7, - 0x96, 0xe8, 0x71, 0x0c, 0x38, 0x5a, 0x98, 0x06, 0x38, 0x2a, 0x64, 0x02, 0x47, 0x34, 0x6a, 0x1c, - 0xc7, 0x70, 0xfb, 0xc4, 0x95, 0xc8, 0x50, 0xb5, 0xc8, 0x4c, 0x58, 0x96, 0x74, 0x81, 0x0a, 0x65, - 0x62, 0x48, 0x90, 0x89, 0x21, 0x5d, 0x80, 0x45, 0x9b, 0xe8, 0x36, 0x7e, 0xa1, 0xd3, 0xb9, 0xf4, - 0xaa, 0x25, 0x3e, 0xb1, 0x36, 0x69, 0xe2, 0x17, 0x2d, 0x4a, 0x49, 0xa0, 0x4c, 0x8b, 0xd3, 0xa1, - 0x4c, 0x68, 0x03, 0x16, 0xfb, 0x86, 0xf7, 0x0c, 0x9b, 0xcc, 0x14, 0xaf, 0x5a, 0x66, 0x41, 0x5c, - 0xe2, 0x34, 0x6a, 0x83, 0x87, 0x2e, 0x42, 0xe0, 0x24, 0xc1, 0xb4, 0xc4, 0x98, 0xca, 0x92, 0xca, - 0xd8, 0xd4, 0xbf, 0x53, 0x60, 0x35, 0x1a, 0xe6, 0x02, 0x5b, 0x78, 0x04, 0x45, 0x57, 0x66, 0x32, - 0x11, 0xda, 0x57, 0x33, 0xca, 0xe4, 0x64, 0xea, 0xd3, 0x86, 0xb2, 0xe8, 0x47, 0x99, 0x90, 0xd6, - 0xf5, 0x71, 0xfa, 0xc6, 0x81, 0x5a, 0x6a, 0x03, 0xde, 0xfc, 0xc4, 0xb2, 0x4d, 0xf2, 0xc2, 0xcb, - 0xfc, 0x4a, 0x53, 0x62, 0x4d, 0x49, 0x89, 0x35, 0xf5, 0x17, 0x0a, 0x9c, 0x89, 0xeb, 0x12, 0xae, - 0x68, 0x24, 0x5d, 0xf1, 0x4e, 0xd2, 0xf4, 0xb8, 0x70, 0xaa, 0x33, 0xbe, 0xc8, 0x74, 0xc6, 0x8d, - 0xf1, 0x1a, 0xc7, 0xba, 0xe3, 0xaf, 0x14, 0x38, 0x9b, 0x69, 0x46, 0x6c, 0x49, 0x51, 0xe2, 0x4b, - 0x8a, 0x58, 0x8e, 0x3a, 0x64, 0x60, 0xfb, 0xa1, 0xe5, 0x68, 0x9b, 0x1d, 0x31, 0xf0, 0xbc, 0xaf, - 0xf7, 0x8d, 0x97, 0x56, 0x7f, 0xd0, 0x17, 0xeb, 0x11, 0x55, 0xf7, 0x94, 0x53, 0x5e, 0x61, 0x41, - 0x52, 0xeb, 0xb0, 0x12, 0x58, 0x39, 0x12, 0x04, 0x0c, 0x81, 0x7a, 0xb9, 0x28, 0xa8, 0x67, 0xc3, - 0xfc, 0x0e, 0x7e, 0x6e, 0x75, 0xf0, 0x6b, 0x39, 0x03, 0xb9, 0x00, 0x25, 0x07, 0xbb, 0x7d, 0xcb, - 0xf3, 0x82, 0x44, 0x5b, 0xd4, 0xc2, 0x24, 0xf5, 0x3f, 0xe7, 0x61, 0x39, 0x1e, 0x1d, 0xf7, 0x12, - 0x18, 0xe2, 0x5b, 0x29, 0x4b, 0x40, 0x7c, 0xa0, 0xa1, 0x6a, 0xf2, 0x86, 0x2c, 0x46, 0x72, 0x59, - 0x1b, 0xf9, 0xa0, 0x70, 0x11, 0x95, 0x0a, 0xf5, 0x48, 0x87, 0xf4, 0xfb, 0x86, 0x6d, 0xca, 0xa3, - 0x2b, 0xd1, 0xa4, 0xfe, 0x33, 0xdc, 0x2e, 0x75, 0x3b, 0x25, 0xb3, 0x67, 0x3a, 0x79, 0x74, 0xd7, - 0x6b, 0xd9, 0x0c, 0x8b, 0x64, 0xc9, 0xba, 0xa8, 0x81, 0x20, 0xed, 0x58, 0x2e, 0xda, 0x84, 0x59, - 0x6c, 0x3f, 0x97, 0xe5, 0x62, 0xca, 0xd9, 0x96, 0x2c, 0x8b, 0x34, 0xc6, 0x87, 0xae, 0xc3, 0x7c, - 0x9f, 0x86, 0x85, 0xdc, 0xff, 0xae, 0x65, 0x1c, 0xf1, 0x68, 0x82, 0x0d, 0x6d, 0xc1, 0x82, 0xc9, - 0xe6, 0x49, 0x6e, 0x72, 0xab, 0x29, 0x08, 0x27, 0x63, 0xd0, 0x24, 0x23, 0xda, 0x0d, 0x8a, 0xe1, - 0x62, 0x56, 0x15, 0x1b, 0x9b, 0x8a, 0xd4, 0x8a, 0x78, 0x3f, 0x5a, 0x11, 0x03, 0xd3, 0xb5, 0x35, - 0x5e, 0xd7, 0x68, 0x58, 0xf2, 0x2c, 0x14, 0x7a, 0xa4, 0xcb, 0xc3, 0xa8, 0xc4, 0x4f, 0x45, 0x7b, - 0xa4, 0xcb, 0xa2, 0x68, 0x95, 0x6e, 0x0e, 0x4c, 0xcb, 0x66, 0x49, 0xbd, 0xa0, 0xf1, 0x06, 0xfd, - 0xf8, 0xd8, 0x83, 0x4e, 0xec, 0x0e, 0xae, 0x96, 0xd9, 0xab, 0x22, 0xa3, 0xec, 0xd9, 0x1d, 0x56, - 0x6e, 0xfa, 0xfe, 0x49, 0x75, 0x89, 0xd1, 0xe9, 0x23, 0xdd, 0xf7, 0x71, 0x88, 0x62, 0x39, 0x6b, - 0xdf, 0x97, 0x96, 0xb6, 0x25, 0x42, 0xf1, 0x00, 0x16, 0x5e, 0xf0, 0x44, 0x50, 0xad, 0x30, 0xf9, - 0x2b, 0xe3, 0xd3, 0x8b, 0xd0, 0x20, 0x05, 0xbf, 0xcd, 0xd2, 0xff, 0x97, 0x0a, 0x9c, 0xd9, 0x66, - 0xdb, 0xa2, 0x50, 0x1e, 0x9b, 0x06, 0xc9, 0xbb, 0x15, 0x80, 0xac, 0x99, 0xb0, 0x5b, 0x7c, 0xdc, - 0x12, 0x63, 0x6d, 0xc0, 0x92, 0x54, 0x2e, 0x54, 0xe4, 0x27, 0xc6, 0x69, 0xcb, 0x5e, 0xb8, 0xa9, - 0x7e, 0x04, 0x6b, 0x89, 0x51, 0x88, 0x2d, 0xcc, 0x06, 0x2c, 0x0e, 0xf3, 0x55, 0x30, 0x88, 0x52, - 0x40, 0x6b, 0x98, 0xea, 0x6d, 0x38, 0xdd, 0xf6, 0x0d, 0xd7, 0x4f, 0xb8, 0x60, 0x02, 0x59, 0x86, - 0xc0, 0x46, 0x65, 0x05, 0x48, 0xda, 0x86, 0xd5, 0xb6, 0x4f, 0x9c, 0x57, 0x50, 0x4a, 0xb3, 0x0e, - 0x1d, 0x3f, 0x19, 0xc8, 0xf5, 0x41, 0x36, 0xd5, 0x35, 0x8e, 0x17, 0x27, 0x7b, 0xbb, 0x03, 0x67, - 0x38, 0x5c, 0xfb, 0x2a, 0x83, 0x38, 0x2b, 0xc1, 0xe2, 0xa4, 0xde, 0xa7, 0x70, 0x6a, 0xb8, 0x2c, - 0x0e, 0xa1, 0x98, 0x9b, 0x51, 0x28, 0xe6, 0xc2, 0x88, 0x59, 0x8f, 0x20, 0x31, 0x7f, 0x91, 0x0b, - 0xe5, 0xf5, 0x0c, 0x20, 0xe6, 0x4e, 0x14, 0x88, 0xb9, 0x38, 0x4e, 0x77, 0x04, 0x87, 0x49, 0x46, - 0x6d, 0x3e, 0x25, 0x6a, 0x3f, 0x4f, 0xa0, 0x35, 0xb3, 0x59, 0x70, 0x57, 0xcc, 0xda, 0xdf, 0x0a, - 0x58, 0xa3, 0x71, 0xb0, 0x26, 0xe8, 0x3a, 0x40, 0xd7, 0x6f, 0xc5, 0xc0, 0x9a, 0x8d, 0xb1, 0xf6, - 0x06, 0x58, 0xcd, 0xdf, 0xcc, 0x42, 0x31, 0x78, 0x97, 0xf0, 0x79, 0xd2, 0x6d, 0xb9, 0x14, 0xb7, - 0x85, 0x57, 0xe0, 0xfc, 0x37, 0x5a, 0x81, 0x67, 0x27, 0x5e, 0x81, 0xcf, 0x41, 0x91, 0x3d, 0xe8, - 0x2e, 0x3e, 0x12, 0x2b, 0x6a, 0x81, 0x11, 0x34, 0x7c, 0x34, 0x0c, 0xc3, 0xf9, 0xa9, 0xc2, 0x30, - 0x06, 0x0f, 0x2d, 0xc4, 0xe1, 0xa1, 0x7b, 0xc1, 0x8a, 0xc8, 0x17, 0xd1, 0xcb, 0x23, 0xf4, 0xa6, - 0xae, 0x85, 0xcd, 0xe8, 0x5a, 0xc8, 0xd7, 0xd5, 0x77, 0x47, 0x69, 0xf9, 0xce, 0x82, 0x43, 0x07, - 0x1c, 0x1c, 0x0a, 0xc7, 0xa2, 0xc8, 0xac, 0x77, 0x00, 0x82, 0x24, 0x22, 0x11, 0xa2, 0x73, 0x23, - 0xc6, 0xa8, 0x85, 0xd8, 0xa9, 0xda, 0xc8, 0xd4, 0x0c, 0x4f, 0x90, 0x26, 0xcb, 0x8f, 0x19, 0xc7, - 0x47, 0xff, 0x3b, 0x17, 0xca, 0x2f, 0x19, 0x47, 0x2e, 0xf7, 0x12, 0xb0, 0xe4, 0x94, 0x51, 0x7c, - 0x33, 0x8a, 0x4a, 0xbe, 0x62, 0xd4, 0x25, 0x40, 0x49, 0x56, 0xb9, 0x18, 0xae, 0x78, 0xcd, 0x41, - 0xa3, 0xa2, 0xa0, 0xd4, 0xd9, 0xce, 0xe0, 0xc8, 0xb2, 0x2d, 0xef, 0x98, 0xbf, 0x9f, 0xe7, 0x3b, - 0x03, 0x49, 0xaa, 0xb3, 0xdb, 0x4d, 0xf8, 0xa5, 0xe5, 0xeb, 0x1d, 0x62, 0x62, 0x16, 0xd3, 0x73, - 0x5a, 0x81, 0x12, 0xb6, 0x89, 0x89, 0x87, 0x5f, 0x5e, 0xe1, 0xd5, 0xbe, 0xbc, 0x62, 0xec, 0xcb, - 0x3b, 0x03, 0xf3, 0x2e, 0x36, 0x3c, 0x62, 0x8b, 0xed, 0xb9, 0x68, 0xd1, 0xa9, 0xe9, 0x63, 0xcf, - 0xa3, 0x3d, 0x89, 0x72, 0x4d, 0x34, 0x43, 0x65, 0xe6, 0xe2, 0xd8, 0x32, 0x73, 0xc4, 0x51, 0x4e, - 0xac, 0xcc, 0x2c, 0x8f, 0x2d, 0x33, 0x27, 0x39, 0xc9, 0x09, 0x15, 0xda, 0x4b, 0x93, 0x15, 0xda, - 0xe1, 0xba, 0x74, 0x39, 0x52, 0x97, 0x7e, 0x9b, 0x1f, 0xeb, 0xaf, 0x15, 0x58, 0x4b, 0x7c, 0x56, - 0xe2, 0x73, 0xbd, 0x15, 0x3b, 0x14, 0xda, 0x18, 0xeb, 0xb3, 0xe0, 0x4c, 0xe8, 0x51, 0xe4, 0x4c, - 0xe8, 0x83, 0xf1, 0x82, 0xaf, 0xfd, 0x48, 0xe8, 0x8f, 0x15, 0x78, 0xf3, 0xc0, 0x31, 0x63, 0x15, - 0x9e, 0xd8, 0xf6, 0x4f, 0x9e, 0x38, 0xee, 0xc9, 0x5a, 0x3f, 0x37, 0x2d, 0xce, 0xc2, 0xe5, 0x54, - 0x15, 0x2e, 0x64, 0x9b, 0x21, 0x4a, 0xa6, 0x1f, 0xc3, 0xf2, 0xee, 0x4b, 0xdc, 0x69, 0x9f, 0xd8, - 0x9d, 0x29, 0x4c, 0xab, 0x40, 0xbe, 0xd3, 0x37, 0x05, 0x4a, 0x4a, 0x1f, 0xc3, 0x55, 0x60, 0x3e, - 0x5a, 0x05, 0xea, 0x50, 0x19, 0xf6, 0x20, 0xa6, 0xf7, 0x0c, 0x9d, 0x5e, 0x93, 0x32, 0x53, 0xe5, - 0x8b, 0x9a, 0x68, 0x09, 0x3a, 0x76, 0xf9, 0x05, 0x06, 0x4e, 0xc7, 0xae, 0x1b, 0xcd, 0x16, 0xf9, - 0x68, 0xb6, 0x50, 0xff, 0x5c, 0x81, 0x12, 0xed, 0xe1, 0x1b, 0xd9, 0x2f, 0xb6, 0x5a, 0xf9, 0xe1, - 0x56, 0x2b, 0xd8, 0xb1, 0xcd, 0x86, 0x77, 0x6c, 0x43, 0xcb, 0xe7, 0x18, 0x39, 0x69, 0xf9, 0x7c, - 0x40, 0xc7, 0xae, 0xab, 0x5e, 0x80, 0x45, 0x6e, 0x9b, 0x18, 0x79, 0x05, 0xf2, 0x03, 0xb7, 0x27, - 0xe3, 0x68, 0xe0, 0xf6, 0xd4, 0x3f, 0x51, 0xa0, 0x5c, 0xf7, 0x7d, 0xa3, 0x73, 0x3c, 0xc5, 0x00, - 0x02, 0xe3, 0x72, 0x61, 0xe3, 0x92, 0x83, 0x18, 0x9a, 0x3b, 0x9b, 0x61, 0xee, 0x5c, 0xc4, 0x5c, - 0x15, 0x96, 0xa4, 0x2d, 0x99, 0x06, 0x37, 0x01, 0xb5, 0x88, 0xeb, 0x3f, 0x24, 0xee, 0x0b, 0xc3, - 0x35, 0xa7, 0xdb, 0x81, 0x21, 0x98, 0x15, 0x37, 0x5e, 0xf3, 0x57, 0xe6, 0x34, 0xf6, 0xac, 0x5e, - 0x86, 0x53, 0x11, 0x7d, 0x99, 0x1d, 0xdf, 0x87, 0x12, 0xcb, 0xfb, 0xa2, 0x14, 0xbf, 0x11, 0x3e, - 0xae, 0x99, 0x68, 0x95, 0x50, 0x7f, 0x17, 0x56, 0x68, 0x7d, 0xc0, 0xe8, 0xc1, 0xa7, 0xf8, 0xfd, - 0x58, 0x9d, 0x7a, 0x3e, 0x43, 0x51, 0xac, 0x46, 0xfd, 0x5b, 0x05, 0xe6, 0x18, 0x3d, 0xb1, 0x66, - 0x9f, 0x83, 0xa2, 0x8b, 0x1d, 0xa2, 0xfb, 0x46, 0x37, 0xb8, 0x5f, 0x4c, 0x09, 0xfb, 0x46, 0xd7, - 0x63, 0xd7, 0xa3, 0xe9, 0x4b, 0xd3, 0xea, 0x62, 0xcf, 0x97, 0x97, 0x8c, 0x4b, 0x94, 0xb6, 0xc3, - 0x49, 0xd4, 0x49, 0x9e, 0xf5, 0xfb, 0xbc, 0xee, 0x9c, 0xd5, 0xd8, 0x33, 0xda, 0xe4, 0x57, 0xde, - 0x26, 0x81, 0xd4, 0xd9, 0x85, 0xb8, 0x1a, 0x14, 0x62, 0x28, 0x7a, 0xd0, 0x56, 0x77, 0x01, 0x85, - 0xbd, 0x20, 0xfc, 0x7d, 0x1d, 0xe6, 0x99, 0x93, 0x64, 0x75, 0xb4, 0x96, 0xe1, 0x06, 0x4d, 0xb0, - 0xa9, 0x06, 0x20, 0xee, 0xe0, 0x48, 0x45, 0x34, 0xfd, 0xac, 0x8c, 0xa8, 0x90, 0xfe, 0x5e, 0x81, - 0x53, 0x91, 0x3e, 0x84, 0xad, 0xef, 0x45, 0x3b, 0xc9, 0x34, 0x55, 0x74, 0xb0, 0x1d, 0x59, 0x12, - 0xae, 0x67, 0x99, 0xf4, 0x1b, 0x5a, 0x0e, 0xfe, 0x41, 0x01, 0xa8, 0x0f, 0xfc, 0x63, 0x81, 0x0c, - 0x86, 0x67, 0x46, 0x89, 0xce, 0x0c, 0x7d, 0xe7, 0x18, 0x9e, 0xf7, 0x82, 0xb8, 0x72, 0x4f, 0x13, - 0xb4, 0x19, 0x86, 0x37, 0xf0, 0x8f, 0xe5, 0x51, 0x18, 0x7d, 0x46, 0x17, 0x61, 0x89, 0xdf, 0x69, - 0xd7, 0x0d, 0xd3, 0x74, 0xb1, 0xe7, 0x89, 0x33, 0xb1, 0x32, 0xa7, 0xd6, 0x39, 0x91, 0xb2, 0x59, - 0x26, 0xb6, 0x7d, 0xcb, 0x3f, 0xd1, 0x7d, 0xf2, 0x0c, 0xdb, 0x62, 0x6f, 0x52, 0x96, 0xd4, 0x7d, - 0x4a, 0xe4, 0x87, 0x03, 0x5d, 0xcb, 0xf3, 0x5d, 0xc9, 0x26, 0xcf, 0x5f, 0x04, 0x95, 0xb1, 0xd1, - 0x49, 0xa9, 0xb4, 0x06, 0xbd, 0x1e, 0x77, 0xf1, 0xab, 0x4f, 0xfb, 0xfb, 0x62, 0x40, 0xb9, 0xac, - 0x98, 0x1e, 0x3a, 0x4d, 0x0c, 0xf7, 0x35, 0x82, 0x30, 0xef, 0xc3, 0x4a, 0x68, 0x0c, 0x22, 0xac, - 0x22, 0x45, 0xa4, 0x12, 0x2d, 0x22, 0xd5, 0x47, 0x80, 0x38, 0xee, 0xf0, 0x0d, 0xc7, 0xad, 0x9e, - 0x86, 0x53, 0x11, 0x45, 0x62, 0x25, 0xbe, 0x06, 0x65, 0x71, 0x2f, 0x49, 0x04, 0xca, 0x59, 0x28, - 0xd0, 0x8c, 0xda, 0xb1, 0x4c, 0x79, 0x4e, 0xba, 0xe0, 0x10, 0x73, 0xdb, 0x32, 0x5d, 0xf5, 0x13, - 0x28, 0x6b, 0xbc, 0x1f, 0xc1, 0xfb, 0x10, 0x96, 0xc4, 0x2d, 0x26, 0x3d, 0x72, 0x8d, 0x30, 0xed, - 0x9a, 0x7a, 0xb8, 0x13, 0xad, 0x6c, 0x87, 0x9b, 0xaa, 0x09, 0x35, 0x5e, 0x32, 0x44, 0xd4, 0xcb, - 0xc1, 0x3e, 0x04, 0x79, 0xa3, 0x70, 0x6c, 0x2f, 0x51, 0xf9, 0xb2, 0x1b, 0x6e, 0xaa, 0xe7, 0xe1, - 0x5c, 0x6a, 0x2f, 0xc2, 0x13, 0x0e, 0x54, 0x86, 0x2f, 0x4c, 0x4b, 0x1e, 0x18, 0xb3, 0x83, 0x60, - 0x25, 0x74, 0x10, 0x7c, 0x26, 0x28, 0x12, 0x73, 0x72, 0x11, 0x63, 0x15, 0xe0, 0xb0, 0xdc, 0xcf, - 0x67, 0x95, 0xfb, 0xb3, 0x91, 0x72, 0x5f, 0x6d, 0x07, 0xfe, 0x14, 0xdb, 0xb0, 0x07, 0x6c, 0xbb, - 0xc8, 0xfb, 0x96, 0x09, 0x51, 0x1d, 0x35, 0x4a, 0xce, 0xaa, 0x85, 0xa4, 0xd4, 0xab, 0x50, 0x8e, - 0xa6, 0xc6, 0x50, 0x9e, 0x53, 0x12, 0x79, 0x6e, 0x29, 0x96, 0xe2, 0x3e, 0x8c, 0x55, 0xc0, 0xd9, - 0x3e, 0x8e, 0xd5, 0xbf, 0x77, 0x23, 0xc9, 0xee, 0x5a, 0xca, 0x19, 0xee, 0x6f, 0x28, 0xcf, 0xad, - 0x8a, 0xf5, 0xe0, 0xa1, 0x47, 0xe5, 0xc5, 0xa0, 0xd5, 0xb7, 0xa0, 0x74, 0x90, 0xf5, 0x1b, 0x88, - 0x59, 0x79, 0x5f, 0xe2, 0x26, 0xac, 0x3e, 0xb4, 0x7a, 0xd8, 0x3b, 0xf1, 0x7c, 0xdc, 0x6f, 0xb0, - 0xa4, 0x74, 0x64, 0x61, 0x17, 0xad, 0x03, 0xb0, 0x2d, 0x8c, 0x43, 0xac, 0xe0, 0x6a, 0x7c, 0x88, - 0xa2, 0xfe, 0x97, 0x02, 0xcb, 0x43, 0xc1, 0x03, 0xb6, 0x75, 0x7b, 0x03, 0x8a, 0x74, 0xbc, 0x9e, - 0x6f, 0xf4, 0x1d, 0x79, 0x9e, 0x15, 0x10, 0xd0, 0x1d, 0x98, 0x3b, 0xf2, 0x24, 0x64, 0x94, 0x0a, - 0xa0, 0xa7, 0x19, 0xa2, 0xcd, 0x1e, 0x79, 0x0d, 0x13, 0x7d, 0x04, 0x30, 0xf0, 0xb0, 0x29, 0xce, - 0xb0, 0xf2, 0x59, 0xd5, 0xc2, 0x41, 0xf8, 0x7c, 0x9b, 0x0a, 0xf0, 0xab, 0x16, 0x77, 0xa1, 0x64, - 0xd9, 0xc4, 0xc4, 0xec, 0xcc, 0xd1, 0x14, 0xa8, 0xd2, 0x18, 0x71, 0xe0, 0x12, 0x07, 0x1e, 0x36, - 0x55, 0x2c, 0xd6, 0x42, 0xe9, 0x5f, 0x11, 0x28, 0x4d, 0x58, 0xe1, 0x49, 0xeb, 0x28, 0x30, 0x5c, - 0x46, 0xec, 0xc6, 0xa8, 0xd1, 0x31, 0x6f, 0x69, 0x15, 0x4b, 0x94, 0x36, 0x52, 0x54, 0xbd, 0x0d, - 0xa7, 0x23, 0x3b, 0xa4, 0x29, 0xb6, 0x2c, 0x6a, 0x2b, 0x06, 0x94, 0x0c, 0xc3, 0x59, 0xc0, 0x10, - 0x32, 0x9a, 0xc7, 0xc1, 0x10, 0x1e, 0x87, 0x21, 0x3c, 0xf5, 0x73, 0x38, 0x1b, 0x41, 0x74, 0x22, - 0x16, 0xdd, 0x8d, 0x55, 0x6e, 0x97, 0xc6, 0x69, 0x8d, 0x95, 0x70, 0xff, 0xa3, 0xc0, 0x6a, 0x1a, - 0xc3, 0x2b, 0x22, 0x8e, 0x3f, 0xce, 0xb8, 0x56, 0x77, 0x6b, 0x32, 0xb3, 0x7e, 0x2b, 0x68, 0xed, - 0x3e, 0xd4, 0xd2, 0xfc, 0x99, 0x9c, 0xa5, 0xfc, 0x34, 0xb3, 0xf4, 0xb3, 0x7c, 0x08, 0x79, 0xaf, - 0xfb, 0xbe, 0x6b, 0x1d, 0x0e, 0x68, 0xc8, 0xbf, 0x76, 0x34, 0xab, 0x11, 0xe0, 0x32, 0xdc, 0xb5, - 0x37, 0x46, 0x88, 0x0f, 0xed, 0x48, 0xc5, 0x66, 0x3e, 0x8d, 0x62, 0x33, 0x1c, 0x53, 0xbf, 0x39, - 0x99, 0xbe, 0xef, 0x2c, 0x00, 0xfa, 0xb3, 0x1c, 0x2c, 0x45, 0xa7, 0x08, 0xed, 0x02, 0x18, 0x81, - 0xe5, 0xe2, 0x43, 0xb9, 0x38, 0xd1, 0x30, 0xb5, 0x90, 0x20, 0x7a, 0x17, 0xf2, 0x1d, 0x67, 0x20, - 0x66, 0x2d, 0xe5, 0x30, 0x78, 0xdb, 0x19, 0xf0, 0x8c, 0x42, 0xd9, 0xe8, 0x9e, 0x8a, 0x9f, 0xed, - 0x67, 0x67, 0xc9, 0xa7, 0xec, 0x3d, 0x97, 0x11, 0xcc, 0xe8, 0x31, 0x2c, 0xbd, 0x70, 0x2d, 0xdf, - 0x38, 0xec, 0x61, 0xbd, 0x67, 0x9c, 0x60, 0x57, 0x64, 0xc9, 0x09, 0x12, 0x59, 0x59, 0x0a, 0x3e, - 0xa1, 0x72, 0xea, 0x1f, 0x42, 0x41, 0x5a, 0x34, 0x66, 0x45, 0xd8, 0x87, 0xb5, 0x01, 0x65, 0xd3, - 0xd9, 0x15, 0x38, 0xdb, 0xb0, 0x89, 0xee, 0x61, 0xba, 0x8c, 0xcb, 0xcb, 0xf9, 0x63, 0x52, 0xf4, - 0x2a, 0x93, 0xde, 0x26, 0x2e, 0x6e, 0x1a, 0x36, 0x69, 0x73, 0x51, 0xf5, 0x39, 0x94, 0x42, 0x03, - 0x1c, 0x63, 0x42, 0x03, 0x56, 0xe4, 0x51, 0xbc, 0x87, 0x7d, 0xb1, 0xbc, 0x4c, 0xd4, 0xf9, 0xb2, - 0x90, 0x6b, 0x63, 0x9f, 0x5f, 0x9f, 0xb8, 0x0b, 0x67, 0x35, 0x4c, 0x1c, 0x6c, 0x07, 0xf3, 0xf9, - 0x84, 0x74, 0xa7, 0xc8, 0xe0, 0x6f, 0x40, 0x2d, 0x4d, 0x9e, 0xe7, 0x87, 0x6b, 0x97, 0xa0, 0x20, - 0x7f, 0xd0, 0x8a, 0x16, 0x20, 0xbf, 0xbf, 0xdd, 0xaa, 0xcc, 0xd0, 0x87, 0x83, 0x9d, 0x56, 0x45, - 0x41, 0x05, 0x98, 0x6d, 0x6f, 0xef, 0xb7, 0x2a, 0xb9, 0x6b, 0x7d, 0xa8, 0xc4, 0x7f, 0xcd, 0x89, - 0xd6, 0xe0, 0x54, 0x4b, 0xdb, 0x6b, 0xd5, 0x1f, 0xd5, 0xf7, 0x1b, 0x7b, 0x4d, 0xbd, 0xa5, 0x35, - 0x3e, 0xae, 0xef, 0xef, 0x56, 0x66, 0xd0, 0x06, 0x9c, 0x0f, 0xbf, 0x78, 0xbc, 0xd7, 0xde, 0xd7, - 0xf7, 0xf7, 0xf4, 0xed, 0xbd, 0xe6, 0x7e, 0xbd, 0xd1, 0xdc, 0xd5, 0x2a, 0x0a, 0x3a, 0x0f, 0x67, - 0xc3, 0x2c, 0x0f, 0x1a, 0x3b, 0x0d, 0x6d, 0x77, 0x9b, 0x3e, 0xd7, 0x9f, 0x54, 0x72, 0xd7, 0x6e, - 0x40, 0x39, 0xf2, 0xe3, 0x4b, 0x6a, 0x52, 0x6b, 0x6f, 0xa7, 0x32, 0x83, 0xca, 0x50, 0x0c, 0xeb, - 0x29, 0xc0, 0x6c, 0x73, 0x6f, 0x67, 0xb7, 0x92, 0xbb, 0x76, 0x1b, 0x96, 0x63, 0xb7, 0x71, 0xd1, - 0x0a, 0x94, 0xdb, 0xf5, 0xe6, 0xce, 0x83, 0xbd, 0x4f, 0x75, 0x6d, 0xb7, 0xbe, 0xf3, 0x59, 0x65, - 0x06, 0xad, 0x42, 0x45, 0x92, 0x9a, 0x7b, 0xfb, 0x9c, 0xaa, 0x5c, 0x7b, 0x16, 0xfb, 0xc6, 0x30, - 0x3a, 0x0d, 0x2b, 0x41, 0x37, 0xfa, 0xb6, 0xb6, 0x5b, 0xdf, 0xdf, 0xa5, 0xbd, 0x47, 0xc8, 0xda, - 0x41, 0xb3, 0xd9, 0x68, 0x3e, 0xaa, 0x28, 0x54, 0xeb, 0x90, 0xbc, 0xfb, 0x69, 0x83, 0x32, 0xe7, - 0xa2, 0xcc, 0x07, 0xcd, 0x1f, 0x36, 0xf7, 0x3e, 0x69, 0x56, 0xf2, 0x5b, 0xbf, 0x58, 0x81, 0x25, - 0x59, 0xe8, 0x61, 0x97, 0xdd, 0x6a, 0x69, 0xc1, 0x82, 0xfc, 0x81, 0x74, 0x4a, 0x86, 0x8e, 0xfe, - 0xac, 0xbb, 0xb6, 0x31, 0x82, 0x43, 0xd4, 0xdb, 0x33, 0xe8, 0x90, 0xd5, 0xbf, 0xa1, 0xdb, 0xd1, - 0x97, 0x52, 0xab, 0xcd, 0xc4, 0x85, 0xec, 0xda, 0xe5, 0xb1, 0x7c, 0x41, 0x1f, 0x98, 0x96, 0xb8, - 0xe1, 0x9f, 0xff, 0xa0, 0xcb, 0x69, 0xb5, 0x69, 0xca, 0xef, 0x8b, 0x6a, 0x57, 0xc6, 0x33, 0x06, - 0xdd, 0x3c, 0x83, 0x4a, 0xfc, 0xa7, 0x40, 0x28, 0x05, 0x3a, 0xcd, 0xf8, 0xbd, 0x51, 0xed, 0xda, - 0x24, 0xac, 0xe1, 0xce, 0x12, 0x3f, 0x9a, 0xb9, 0x3a, 0xc9, 0xaf, 0x10, 0x32, 0x3b, 0xcb, 0xfa, - 0xc1, 0x02, 0x77, 0x60, 0xf4, 0xe6, 0x33, 0x4a, 0xfd, 0x85, 0x4a, 0xca, 0xbd, 0xf9, 0x34, 0x07, - 0xa6, 0x5f, 0xa2, 0x56, 0x67, 0xd0, 0x31, 0x2c, 0xc7, 0xae, 0x27, 0xa0, 0x14, 0xf1, 0xf4, 0x7b, - 0x18, 0xb5, 0xab, 0x13, 0x70, 0x46, 0x23, 0x22, 0x7c, 0x1d, 0x21, 0x3d, 0x22, 0x52, 0x2e, 0x3b, - 0xa4, 0x47, 0x44, 0xea, 0xcd, 0x06, 0x16, 0xdc, 0x91, 0x6b, 0x08, 0x69, 0xc1, 0x9d, 0x76, 0xf9, - 0xa1, 0x76, 0x79, 0x2c, 0x5f, 0xd8, 0x69, 0xb1, 0x4b, 0x09, 0x69, 0x4e, 0x4b, 0xbf, 0xf4, 0x50, - 0xbb, 0x3a, 0x01, 0x67, 0x3c, 0x0a, 0x86, 0x47, 0x9c, 0x59, 0x51, 0x90, 0x38, 0x90, 0xcf, 0x8a, - 0x82, 0xe4, 0x69, 0xa9, 0x88, 0x82, 0xd8, 0xd1, 0xe4, 0x95, 0x09, 0x8e, 0x52, 0xb2, 0xa3, 0x20, - 0xfd, 0xd0, 0x45, 0x9d, 0x41, 0x7f, 0xa4, 0x40, 0x35, 0xeb, 0x98, 0x02, 0xa5, 0xd4, 0x77, 0x63, - 0x4e, 0x56, 0x6a, 0x5b, 0xd3, 0x88, 0x04, 0x56, 0x7c, 0x09, 0x28, 0xb9, 0xee, 0xa1, 0x77, 0xd2, - 0x66, 0x26, 0x63, 0x75, 0xad, 0xbd, 0x3b, 0x19, 0x73, 0xd0, 0x65, 0x1b, 0x0a, 0xf2, 0x60, 0x04, - 0xa5, 0x64, 0xe9, 0xd8, 0xb1, 0x4c, 0x4d, 0x1d, 0xc5, 0x12, 0x28, 0x7d, 0x04, 0xb3, 0x94, 0x8a, - 0xce, 0xa7, 0x73, 0x4b, 0x65, 0xeb, 0x59, 0xaf, 0x03, 0x45, 0x4f, 0x61, 0x9e, 0x9f, 0x04, 0xa0, - 0x14, 0xe4, 0x21, 0x72, 0x5e, 0x51, 0xbb, 0x90, 0xcd, 0x10, 0xa8, 0xfb, 0x82, 0xff, 0xef, 0x0c, - 0x01, 0xf2, 0xa3, 0xb7, 0xd3, 0x7f, 0x8c, 0x1c, 0x3d, 0x53, 0xa8, 0x5d, 0x1c, 0xc3, 0x15, 0xfe, - 0x28, 0x62, 0x55, 0xef, 0xe5, 0xb1, 0x5b, 0x97, 0xec, 0x8f, 0x22, 0x7d, 0x73, 0xc4, 0x83, 0x24, - 0xb9, 0x79, 0x4a, 0x0b, 0x92, 0xcc, 0x2d, 0x6b, 0x5a, 0x90, 0x64, 0xef, 0xc7, 0xd4, 0x19, 0xe4, - 0xc3, 0xa9, 0x14, 0xa8, 0x0c, 0xbd, 0x9b, 0x15, 0xe4, 0x69, 0xb8, 0x5d, 0xed, 0xbd, 0x09, 0xb9, - 0xc3, 0x93, 0x2f, 0x3e, 0xfa, 0x37, 0xb3, 0xf1, 0xa3, 0xcc, 0xc9, 0x8f, 0x7f, 0xe2, 0x5b, 0xff, - 0x9a, 0x87, 0x45, 0x0e, 0x83, 0x8a, 0x0a, 0xe6, 0x33, 0x80, 0xe1, 0x09, 0x04, 0x7a, 0x2b, 0xdd, - 0x27, 0x91, 0x53, 0x9a, 0xda, 0xdb, 0xa3, 0x99, 0xc2, 0x81, 0x16, 0x42, 0xf3, 0xd3, 0x02, 0x2d, - 0x79, 0x68, 0x91, 0x16, 0x68, 0x29, 0x47, 0x02, 0xea, 0x0c, 0xfa, 0x18, 0x8a, 0x01, 0x6c, 0x8c, - 0xd2, 0x60, 0xe7, 0x18, 0x2e, 0x5e, 0x7b, 0x6b, 0x24, 0x4f, 0xd8, 0xea, 0x10, 0x26, 0x9c, 0x66, - 0x75, 0x12, 0x7b, 0x4e, 0xb3, 0x3a, 0x0d, 0x58, 0x1e, 0xfa, 0x84, 0x23, 0x47, 0x99, 0x3e, 0x89, - 0x00, 0x77, 0x99, 0x3e, 0x89, 0xc2, 0x4f, 0xea, 0xcc, 0x83, 0x4b, 0xbf, 0xfa, 0x6a, 0x5d, 0xf9, - 0xa7, 0xaf, 0xd6, 0x67, 0x7e, 0xfa, 0xf5, 0xba, 0xf2, 0xab, 0xaf, 0xd7, 0x95, 0x7f, 0xfc, 0x7a, - 0x5d, 0xf9, 0xb7, 0xaf, 0xd7, 0x95, 0x3f, 0xfb, 0xf7, 0xf5, 0x99, 0x1f, 0x15, 0xa4, 0xf4, 0xe1, - 0x3c, 0xfb, 0x0f, 0x38, 0x1f, 0xfc, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x15, 0x30, 0x49, 0xcc, - 0xc7, 0x48, 0x00, 0x00, + 0xf8, 0x73, 0xc7, 0xf2, 0x58, 0xb3, 0xeb, 0x89, 0xed, 0x59, 0xdb, 0xb4, 0x24, 0xdb, 0xcc, 0xda, + 0x14, 0xd3, 0x94, 0xe6, 0x63, 0x67, 0x80, 0xde, 0x16, 0xbb, 0x44, 0xf5, 0x9a, 0xec, 0xea, 0xe9, + 0x6e, 0xda, 0x56, 0x02, 0x04, 0x0b, 0x2c, 0xb2, 0x87, 0x00, 0x01, 0x72, 0xce, 0x71, 0x73, 0xc8, + 0x21, 0xb7, 0x00, 0x41, 0x0e, 0x39, 0x6d, 0x90, 0xc3, 0x5e, 0x02, 0xe4, 0xb4, 0x48, 0x90, 0x4b, + 0x66, 0x92, 0x5c, 0x02, 0x24, 0xc8, 0x1f, 0x90, 0x43, 0x50, 0x5f, 0xcd, 0xfe, 0xe4, 0x87, 0xc7, + 0xbb, 0xb3, 0x39, 0xa9, 0xfb, 0xf5, 0x7b, 0xaf, 0x5e, 0xbd, 0x7a, 0xf5, 0xea, 0xd5, 0xaf, 0x8a, + 0x82, 0xa2, 0xe1, 0x58, 0x9b, 0x8e, 0x4b, 0x7c, 0x82, 0x2a, 0xee, 0xc0, 0xf6, 0xad, 0x3e, 0xde, + 0x7c, 0x71, 0xd3, 0xe8, 0x39, 0xc7, 0xc6, 0x56, 0xed, 0x7a, 0xd7, 0xf2, 0x8f, 0x07, 0x87, 0x9b, + 0x1d, 0xd2, 0xbf, 0xd1, 0x25, 0x5d, 0x72, 0x83, 0x31, 0x1e, 0x0e, 0x8e, 0xd8, 0x1b, 0x7b, 0x61, + 0x4f, 0x5c, 0x81, 0x7a, 0x0d, 0x96, 0x3e, 0xc6, 0xae, 0x67, 0x11, 0x5b, 0xc3, 0x5f, 0x0e, 0xb0, + 0xe7, 0xa3, 0x2a, 0x2c, 0xbc, 0xe0, 0x94, 0xaa, 0x72, 0x41, 0xb9, 0x52, 0xd4, 0xe4, 0xab, 0xfa, + 0x17, 0x0a, 0x2c, 0x07, 0xcc, 0x9e, 0x43, 0x6c, 0x0f, 0x67, 0x73, 0xa3, 0x0d, 0x58, 0x14, 0xc6, + 0xe9, 0xb6, 0xd1, 0xc7, 0xd5, 0x1c, 0xfb, 0x5c, 0x12, 0xb4, 0xa6, 0xd1, 0xc7, 0xe8, 0x32, 0x2c, + 0x4b, 0x16, 0xa9, 0x24, 0xcf, 0xb8, 0x96, 0x04, 0x59, 0xb4, 0x86, 0x36, 0xe1, 0x94, 0x64, 0x34, + 0x1c, 0x2b, 0x60, 0x9e, 0x65, 0xcc, 0x2b, 0xe2, 0x53, 0xdd, 0xb1, 0x04, 0xbf, 0xfa, 0x39, 0x14, + 0x77, 0x9a, 0xed, 0x6d, 0x62, 0x1f, 0x59, 0x5d, 0x6a, 0xa2, 0x87, 0x5d, 0x2a, 0x53, 0x55, 0x2e, + 0xe4, 0xa9, 0x89, 0xe2, 0x15, 0xd5, 0xa0, 0xe0, 0x61, 0xc3, 0xed, 0x1c, 0x63, 0xaf, 0x9a, 0x63, + 0x9f, 0x82, 0x77, 0x2a, 0x45, 0x1c, 0xdf, 0x22, 0xb6, 0x57, 0xcd, 0x73, 0x29, 0xf1, 0xaa, 0xfe, + 0x5c, 0x81, 0x52, 0x8b, 0xb8, 0xfe, 0x33, 0xc3, 0x71, 0x2c, 0xbb, 0x8b, 0x6e, 0x41, 0x81, 0xf9, + 0xb2, 0x43, 0x7a, 0xcc, 0x07, 0x4b, 0x5b, 0xb5, 0xcd, 0xf8, 0xb0, 0x6c, 0xb6, 0x04, 0x87, 0x16, + 0xf0, 0xa2, 0x8b, 0xb0, 0xd4, 0x21, 0xb6, 0x6f, 0x58, 0x36, 0x76, 0x75, 0x87, 0xb8, 0x3e, 0x73, + 0xd1, 0x9c, 0x56, 0x0e, 0xa8, 0xb4, 0x15, 0x74, 0x0e, 0x8a, 0xc7, 0xc4, 0xf3, 0x39, 0x47, 0x9e, + 0x71, 0x14, 0x28, 0x81, 0x7d, 0x5c, 0x83, 0x05, 0xf6, 0xd1, 0x72, 0x84, 0x33, 0xe6, 0xe9, 0x6b, + 0xc3, 0x51, 0x7f, 0xa5, 0xc0, 0xdc, 0x33, 0x32, 0xb0, 0xfd, 0x58, 0x33, 0x86, 0x7f, 0x2c, 0x06, + 0x2a, 0xd4, 0x8c, 0xe1, 0x1f, 0x0f, 0x9b, 0xa1, 0x1c, 0x7c, 0xac, 0x78, 0x33, 0xf4, 0x63, 0x0d, + 0x0a, 0x2e, 0x36, 0x4c, 0x62, 0xf7, 0x4e, 0x98, 0x09, 0x05, 0x2d, 0x78, 0xa7, 0x83, 0xe8, 0xe1, + 0x9e, 0x65, 0x0f, 0x5e, 0xe9, 0x2e, 0xee, 0x19, 0x87, 0xb8, 0xc7, 0x4c, 0x29, 0x68, 0x4b, 0x82, + 0xac, 0x71, 0x2a, 0xda, 0x81, 0x92, 0xe3, 0x12, 0xc7, 0xe8, 0x1a, 0xd4, 0x8f, 0xd5, 0x39, 0xe6, + 0x2a, 0x35, 0xe9, 0x2a, 0x66, 0x76, 0x6b, 0xc8, 0xa9, 0x85, 0xc5, 0xd4, 0xbf, 0x52, 0x60, 0x99, + 0x06, 0x8f, 0xe7, 0x18, 0x1d, 0xbc, 0xc7, 0x86, 0x04, 0xdd, 0x86, 0x05, 0x1b, 0xfb, 0x2f, 0x89, + 0xfb, 0x5c, 0x0c, 0xc0, 0xdb, 0x49, 0xad, 0x81, 0xcc, 0x33, 0x62, 0x62, 0x4d, 0xf2, 0xa3, 0x9b, + 0x90, 0x77, 0x2c, 0x93, 0x75, 0x78, 0x02, 0x31, 0xca, 0x4b, 0x45, 0x2c, 0xa7, 0xc3, 0xfc, 0x30, + 0x89, 0x88, 0xe5, 0x74, 0x54, 0x15, 0xa0, 0x61, 0xfb, 0xb7, 0xbe, 0xfb, 0xb1, 0xd1, 0x1b, 0x60, + 0xb4, 0x0a, 0x73, 0x2f, 0xe8, 0x03, 0x33, 0x36, 0xaf, 0xf1, 0x17, 0xf5, 0xab, 0x3c, 0x9c, 0x7b, + 0x4a, 0xfd, 0xd5, 0x36, 0x6c, 0xf3, 0x90, 0xbc, 0x6a, 0xe3, 0xce, 0xc0, 0xb5, 0xfc, 0x93, 0x6d, + 0x62, 0xfb, 0xf8, 0x95, 0x8f, 0x9a, 0xb0, 0x62, 0x4b, 0xcd, 0xba, 0x0c, 0x4d, 0xaa, 0xa1, 0xb4, + 0xb5, 0x31, 0xc2, 0x08, 0xee, 0x22, 0xad, 0x62, 0x47, 0x09, 0x1e, 0x7a, 0x32, 0x1c, 0x37, 0xa9, + 0x2d, 0xc7, 0xb4, 0xa5, 0x74, 0xa9, 0xbd, 0xcb, 0x2c, 0x13, 0xba, 0xe4, 0xc0, 0x4a, 0x4d, 0x1f, + 0x01, 0x9d, 0xd5, 0xba, 0xe1, 0xe9, 0x03, 0x0f, 0xbb, 0xcc, 0x31, 0xa5, 0xad, 0xb7, 0x92, 0x5a, + 0x86, 0x2e, 0xd0, 0x8a, 0xee, 0xc0, 0xae, 0x7b, 0x07, 0x1e, 0x76, 0x59, 0x12, 0x10, 0xb1, 0xa4, + 0xbb, 0x84, 0xf8, 0x47, 0x9e, 0x8c, 0x1f, 0x49, 0xd6, 0x18, 0x15, 0xdd, 0x80, 0x53, 0xde, 0xc0, + 0x71, 0x7a, 0xb8, 0x8f, 0x6d, 0xdf, 0xe8, 0xe9, 0x5d, 0x97, 0x0c, 0x1c, 0xaf, 0x3a, 0x77, 0x21, + 0x7f, 0x25, 0xaf, 0xa1, 0xf0, 0xa7, 0xc7, 0xec, 0x0b, 0x5a, 0x07, 0x70, 0x5c, 0xeb, 0x85, 0xd5, + 0xc3, 0x5d, 0x6c, 0x56, 0xe7, 0x99, 0xd2, 0x10, 0x05, 0xbd, 0x0f, 0xab, 0x1e, 0xee, 0x74, 0x48, + 0xdf, 0xd1, 0x1d, 0x97, 0x1c, 0x59, 0x3d, 0xcc, 0xa3, 0x7f, 0x81, 0x45, 0x3f, 0x12, 0xdf, 0x5a, + 0xfc, 0x13, 0x9b, 0x07, 0xf7, 0x58, 0x4e, 0xa3, 0x3d, 0x65, 0x8d, 0x57, 0x0b, 0x13, 0x74, 0x15, + 0x58, 0x57, 0x99, 0x49, 0xea, 0xcf, 0x73, 0x70, 0x9a, 0x79, 0xb2, 0x45, 0x4c, 0x31, 0xcc, 0x22, + 0x49, 0xbd, 0x03, 0xe5, 0x0e, 0xd3, 0xa9, 0x3b, 0x86, 0x8b, 0x6d, 0x5f, 0x4c, 0xd2, 0x45, 0x4e, + 0x6c, 0x31, 0x1a, 0xfa, 0x14, 0x2a, 0x9e, 0x88, 0x0a, 0xbd, 0xc3, 0xc3, 0x42, 0x8c, 0xd9, 0xf5, + 0xa4, 0x09, 0x23, 0x62, 0x49, 0x5b, 0xf6, 0x12, 0xc1, 0xb5, 0xe0, 0x9d, 0x78, 0x1d, 0xbf, 0xc7, + 0xb3, 0x5d, 0x69, 0xeb, 0xbb, 0x19, 0x0a, 0xe3, 0x86, 0x6f, 0xb6, 0xb9, 0xd8, 0xae, 0xed, 0xbb, + 0x27, 0x9a, 0x54, 0x52, 0xbb, 0x03, 0x8b, 0xe1, 0x0f, 0xa8, 0x02, 0xf9, 0xe7, 0xf8, 0x44, 0x74, + 0x8a, 0x3e, 0x0e, 0x27, 0x01, 0xcf, 0x35, 0xfc, 0xe5, 0x4e, 0xee, 0x77, 0x14, 0xd5, 0x05, 0x34, + 0x6c, 0xe5, 0x19, 0xf6, 0x0d, 0xd3, 0xf0, 0x0d, 0x84, 0x60, 0x96, 0x2d, 0x23, 0x5c, 0x05, 0x7b, + 0xa6, 0x5a, 0x07, 0x62, 0xf2, 0x16, 0x35, 0xfa, 0x88, 0xde, 0x82, 0x62, 0x10, 0xe8, 0x62, 0x2d, + 0x19, 0x12, 0x68, 0x4e, 0x37, 0x7c, 0x1f, 0xf7, 0x1d, 0x9f, 0x85, 0x58, 0x59, 0x93, 0xaf, 0xea, + 0x7f, 0xcf, 0x42, 0x25, 0x31, 0x26, 0x0f, 0xa0, 0xd0, 0x17, 0xcd, 0x8b, 0x89, 0xf6, 0x6e, 0x4a, + 0x62, 0x4f, 0x98, 0xaa, 0x05, 0x52, 0x34, 0x6f, 0xd2, 0x1c, 0x1a, 0x5a, 0xff, 0x82, 0x77, 0x3a, + 0xe2, 0x3d, 0xd2, 0xd5, 0x4d, 0xcb, 0xc5, 0x1d, 0x9f, 0xb8, 0x27, 0xc2, 0xdc, 0xc5, 0x1e, 0xe9, + 0xee, 0x48, 0x1a, 0xba, 0x03, 0x60, 0xda, 0x1e, 0x1d, 0xec, 0x23, 0xab, 0xcb, 0x8c, 0x2e, 0x6d, + 0x9d, 0x4b, 0x1a, 0x11, 0x2c, 0x76, 0x5a, 0xd1, 0xb4, 0x3d, 0x61, 0xfe, 0x43, 0x28, 0xd3, 0x35, + 0x43, 0xef, 0xf3, 0x75, 0x8a, 0xcf, 0x94, 0xd2, 0xd6, 0xf9, 0xb4, 0x3e, 0x04, 0xab, 0x99, 0xb6, + 0xe8, 0x0c, 0x5f, 0x3c, 0xf4, 0x08, 0xe6, 0x59, 0xf2, 0xf6, 0xaa, 0xf3, 0x4c, 0x78, 0x73, 0x94, + 0x03, 0x44, 0x44, 0x3c, 0x65, 0x02, 0x3c, 0x20, 0x84, 0x34, 0x3a, 0x80, 0x92, 0x61, 0xdb, 0xc4, + 0x37, 0x78, 0xa2, 0x59, 0x60, 0xca, 0x3e, 0x98, 0x40, 0x59, 0x7d, 0x28, 0xc5, 0x35, 0x86, 0xf5, + 0xa0, 0xef, 0xc3, 0x1c, 0xcb, 0x44, 0x62, 0x22, 0x5e, 0x9e, 0x30, 0x68, 0x35, 0x2e, 0x55, 0xbb, + 0x0d, 0xa5, 0x90, 0xb1, 0xd3, 0x04, 0x69, 0xed, 0x1e, 0x54, 0xe2, 0xa6, 0x4d, 0x15, 0xe4, 0x7f, + 0x00, 0xab, 0xda, 0xc0, 0x1e, 0x1a, 0x26, 0xab, 0xaf, 0x3b, 0x30, 0x2f, 0x06, 0x9b, 0x47, 0x9c, + 0x3a, 0xde, 0x47, 0x9a, 0x90, 0x08, 0x97, 0x53, 0xc7, 0x86, 0x6d, 0xf6, 0xb0, 0x2b, 0xda, 0x95, + 0xe5, 0xd4, 0x13, 0x4e, 0x55, 0xbf, 0x0f, 0xa7, 0x63, 0x8d, 0x8b, 0x6a, 0xee, 0x5d, 0x58, 0x72, + 0x88, 0xa9, 0x7b, 0x9c, 0xac, 0x5b, 0xa6, 0x4c, 0x43, 0x4e, 0xc0, 0xdb, 0x30, 0xa9, 0x78, 0xdb, + 0x27, 0x4e, 0xd2, 0xf8, 0xc9, 0xc4, 0xab, 0x70, 0x26, 0x2e, 0xce, 0x9b, 0x57, 0xef, 0xc3, 0x9a, + 0x86, 0xfb, 0xe4, 0x05, 0x7e, 0x5d, 0xd5, 0x35, 0xa8, 0x26, 0x15, 0x08, 0xe5, 0x9f, 0xc1, 0xda, + 0x90, 0xda, 0xf6, 0x0d, 0x7f, 0xe0, 0x4d, 0xa5, 0x5c, 0x94, 0xba, 0x87, 0xc4, 0xe3, 0xc3, 0x59, + 0xd0, 0xe4, 0xab, 0x7a, 0x35, 0xac, 0xba, 0xc9, 0x2b, 0x0b, 0xde, 0x02, 0x5a, 0x82, 0x9c, 0xe5, + 0x08, 0x75, 0x39, 0xcb, 0x51, 0x9f, 0x40, 0x31, 0x58, 0x9a, 0xd1, 0xdd, 0x61, 0x8d, 0x99, 0x9b, + 0x74, 0x21, 0x0f, 0xca, 0xd0, 0xfd, 0xc4, 0x52, 0x22, 0x9a, 0xbc, 0x0b, 0x10, 0xa4, 0x3c, 0x59, + 0x21, 0x9c, 0x1b, 0xa1, 0x58, 0x0b, 0xb1, 0xab, 0x3f, 0x9d, 0x0b, 0x27, 0xc2, 0x50, 0x27, 0xcc, + 0xa0, 0x13, 0x66, 0x24, 0x31, 0xe6, 0x5e, 0x2b, 0x31, 0x7e, 0x08, 0x73, 0x9e, 0x6f, 0xf8, 0x58, + 0x54, 0x51, 0x1b, 0xa3, 0xc4, 0xa9, 0x11, 0x58, 0xe3, 0xfc, 0xe8, 0x3c, 0x40, 0xc7, 0xc5, 0x86, + 0x8f, 0x4d, 0xdd, 0xe0, 0x59, 0x3c, 0xaf, 0x15, 0x05, 0xa5, 0xee, 0xa3, 0xed, 0x61, 0x25, 0x38, + 0xc7, 0x0c, 0xbb, 0x3a, 0x4a, 0x73, 0x64, 0xa8, 0x86, 0x35, 0x61, 0x90, 0x55, 0xe6, 0x27, 0xcc, + 0x2a, 0x42, 0x01, 0x97, 0x0a, 0xe5, 0xcc, 0x85, 0xf1, 0x39, 0x93, 0x8b, 0x4e, 0x92, 0x33, 0x0b, + 0xe3, 0x73, 0xa6, 0x50, 0x36, 0x3a, 0x67, 0xa6, 0x64, 0x89, 0x62, 0x5a, 0x96, 0xf8, 0x36, 0xb3, + 0xe3, 0x3f, 0x2b, 0x50, 0x4d, 0x4e, 0x56, 0x91, 0xa4, 0xee, 0xc0, 0xbc, 0xc7, 0x28, 0x93, 0xa4, + 0x48, 0x21, 0x2b, 0x24, 0xd0, 0x13, 0x98, 0xb5, 0xec, 0x23, 0xc2, 0x76, 0x7b, 0xa9, 0x45, 0x4e, + 0x56, 0xab, 0x9b, 0x0d, 0xfb, 0x88, 0x70, 0x6f, 0x32, 0x0d, 0xb5, 0x0f, 0xa1, 0x18, 0x90, 0xa6, + 0xea, 0xdb, 0x1e, 0xac, 0xc6, 0x62, 0x9b, 0xef, 0x0a, 0x82, 0x29, 0xa1, 0x4c, 0x37, 0x25, 0xd4, + 0x9f, 0xe4, 0xc2, 0x53, 0xf6, 0x91, 0xd5, 0xf3, 0xb1, 0x9b, 0x98, 0xb2, 0x1f, 0x49, 0xed, 0x7c, + 0xbe, 0x5e, 0x1a, 0xab, 0x9d, 0x17, 0xaf, 0x62, 0xd6, 0x7d, 0x01, 0x4b, 0x2c, 0x28, 0x75, 0x0f, + 0xf7, 0x58, 0x65, 0x22, 0xaa, 0xc4, 0xef, 0x8d, 0x52, 0xc3, 0x2d, 0xe1, 0xa1, 0xdd, 0x16, 0x72, + 0xdc, 0x83, 0xe5, 0x5e, 0x98, 0x56, 0x7b, 0x00, 0x28, 0xc9, 0x34, 0x95, 0x4f, 0xdb, 0x34, 0x17, + 0xd2, 0x2d, 0x71, 0xca, 0x72, 0x7a, 0xc4, 0xcc, 0x98, 0x24, 0x56, 0xb8, 0xc1, 0x9a, 0x90, 0x50, + 0xff, 0x2b, 0x0f, 0x30, 0xfc, 0xf8, 0xff, 0x28, 0x09, 0x3e, 0x08, 0x12, 0x10, 0xaf, 0xf8, 0xae, + 0x8c, 0x52, 0x9c, 0x9a, 0x7a, 0xf6, 0xa2, 0xa9, 0x87, 0xd7, 0x7e, 0xd7, 0x47, 0xaa, 0x99, 0x3a, + 0xe9, 0x2c, 0xfc, 0xb6, 0x25, 0x9d, 0xa7, 0x70, 0x26, 0x1e, 0x44, 0x22, 0xe3, 0x6c, 0xc1, 0x9c, + 0xe5, 0xe3, 0x3e, 0xc7, 0x8f, 0x52, 0xf7, 0x7b, 0x21, 0x21, 0xce, 0xaa, 0x6e, 0x40, 0xb1, 0xd1, + 0x37, 0xba, 0xb8, 0xed, 0xe0, 0x0e, 0x6d, 0xd4, 0xa2, 0x2f, 0xc2, 0x10, 0xfe, 0xa2, 0x6e, 0x41, + 0xe1, 0x07, 0xf8, 0x84, 0xcf, 0xfe, 0x09, 0x0d, 0x55, 0xff, 0x24, 0x07, 0x6b, 0x6c, 0xf5, 0xd9, + 0x96, 0xe8, 0x8d, 0x86, 0x3d, 0x32, 0x70, 0x3b, 0xd8, 0x63, 0x61, 0xe1, 0x0c, 0x74, 0x07, 0xbb, + 0x16, 0x31, 0x05, 0xb8, 0x50, 0xec, 0x38, 0x83, 0x16, 0x23, 0xa0, 0x73, 0x40, 0x5f, 0xf4, 0x2f, + 0x07, 0x44, 0x44, 0x6c, 0x5e, 0x2b, 0x74, 0x9c, 0xc1, 0xef, 0xd1, 0x77, 0x29, 0xeb, 0x1d, 0x1b, + 0x2e, 0xf6, 0x58, 0x40, 0x72, 0xd9, 0x36, 0x23, 0xa0, 0x9b, 0x70, 0xba, 0x8f, 0xfb, 0xc4, 0x3d, + 0xd1, 0x7b, 0x56, 0xdf, 0xf2, 0x75, 0xcb, 0xd6, 0x0f, 0x4f, 0x7c, 0xec, 0x89, 0xe0, 0x43, 0xfc, + 0xe3, 0x53, 0xfa, 0xad, 0x61, 0x3f, 0xa4, 0x5f, 0x90, 0x0a, 0x65, 0x42, 0xfa, 0xba, 0xd7, 0x21, + 0x2e, 0xd6, 0x0d, 0xf3, 0xc7, 0x6c, 0x41, 0xce, 0x6b, 0x25, 0x42, 0xfa, 0x6d, 0x4a, 0xab, 0x9b, + 0x3f, 0x46, 0x6f, 0x43, 0xa9, 0xe3, 0x0c, 0x3c, 0xec, 0xeb, 0xf4, 0x0f, 0x5b, 0x6f, 0x8b, 0x1a, + 0x70, 0xd2, 0xb6, 0x33, 0xf0, 0x42, 0x0c, 0x7d, 0xea, 0xff, 0x85, 0x30, 0xc3, 0x33, 0xea, 0x66, + 0x03, 0xca, 0x11, 0x70, 0x82, 0xee, 0x13, 0x19, 0x0a, 0x21, 0xf6, 0x89, 0xf4, 0x99, 0xd2, 0x5c, + 0xd2, 0x93, 0x9e, 0x64, 0xcf, 0x94, 0xe6, 0x9f, 0x38, 0x72, 0x93, 0xc8, 0x9e, 0xa9, 0xcb, 0x7b, + 0xf8, 0x85, 0x00, 0xb0, 0x8a, 0x1a, 0x7f, 0x51, 0x4d, 0x80, 0x6d, 0xc3, 0x31, 0x0e, 0xad, 0x9e, + 0xe5, 0x9f, 0xa0, 0xab, 0x50, 0x31, 0x4c, 0x53, 0xef, 0x48, 0x8a, 0x85, 0x25, 0xac, 0xb8, 0x6c, + 0x98, 0xe6, 0x76, 0x88, 0x8c, 0xbe, 0x03, 0x2b, 0xa6, 0x4b, 0x9c, 0x28, 0x2f, 0xc7, 0x19, 0x2b, + 0xf4, 0x43, 0x98, 0x59, 0xfd, 0xf7, 0x39, 0x38, 0x1f, 0x1d, 0xd8, 0x38, 0x00, 0xf4, 0x00, 0x16, + 0x63, 0xad, 0x66, 0x80, 0x0f, 0x43, 0x6b, 0xb5, 0x88, 0x44, 0x0c, 0x10, 0xc9, 0x25, 0x00, 0x91, + 0x54, 0x88, 0x29, 0xff, 0x46, 0x21, 0xa6, 0xd9, 0x37, 0x02, 0x31, 0xcd, 0x4d, 0x07, 0x31, 0x5d, + 0x62, 0xd9, 0x47, 0x4a, 0xb3, 0xdd, 0x38, 0x0f, 0xb5, 0x72, 0xc0, 0x63, 0x4b, 0x3c, 0x3a, 0x06, + 0x45, 0x2d, 0x4c, 0x03, 0x45, 0x15, 0x32, 0xa1, 0x28, 0x1a, 0x35, 0x8e, 0x63, 0xb8, 0x7d, 0xe2, + 0x4a, 0xac, 0x49, 0x54, 0x5d, 0xcb, 0x92, 0x2e, 0x70, 0xa6, 0x4c, 0x54, 0x0a, 0x32, 0x51, 0xa9, + 0x0b, 0xb0, 0x68, 0x13, 0xdd, 0xc6, 0x2f, 0x75, 0x3a, 0x96, 0x5e, 0xb5, 0xc4, 0x07, 0xd6, 0x26, + 0x4d, 0xfc, 0xb2, 0x45, 0x29, 0x09, 0xdc, 0x6a, 0x71, 0x3a, 0xdc, 0x0a, 0x6d, 0xc0, 0x62, 0xdf, + 0xf0, 0x9e, 0x63, 0x93, 0x99, 0xe2, 0x55, 0xcb, 0x2c, 0x88, 0x4b, 0x9c, 0x46, 0x6d, 0xf0, 0xd0, + 0x45, 0x08, 0x9c, 0x24, 0x98, 0x96, 0x18, 0x53, 0x59, 0x52, 0x19, 0x9b, 0xfa, 0xb7, 0x0a, 0xac, + 0x46, 0xc3, 0x5c, 0xa0, 0x15, 0x8f, 0xa1, 0xe8, 0xca, 0x4c, 0x26, 0x42, 0xfb, 0x6a, 0x46, 0xe1, + 0x9d, 0x4c, 0x7d, 0xda, 0x50, 0x16, 0xfd, 0x30, 0x13, 0x24, 0xbb, 0x31, 0x4e, 0xdf, 0x38, 0x98, + 0x4c, 0x6d, 0xc0, 0xdb, 0x9f, 0x58, 0xb6, 0x49, 0x5e, 0x7a, 0x99, 0xb3, 0x34, 0x25, 0xd6, 0x94, + 0x94, 0x58, 0x53, 0x7f, 0xa1, 0xc0, 0x99, 0xb8, 0x2e, 0xe1, 0x8a, 0x46, 0xd2, 0x15, 0xdf, 0x49, + 0x9a, 0x1e, 0x17, 0x4e, 0x75, 0xc6, 0x17, 0x99, 0xce, 0xb8, 0x39, 0x5e, 0xe3, 0x58, 0x77, 0xfc, + 0xa5, 0x02, 0x67, 0x33, 0xcd, 0x88, 0x2d, 0x29, 0x4a, 0x7c, 0x49, 0x11, 0xcb, 0x51, 0x87, 0x0c, + 0x6c, 0x3f, 0xb4, 0x1c, 0x6d, 0xb3, 0x43, 0x0b, 0x9e, 0xf7, 0xf5, 0xbe, 0xf1, 0xca, 0xea, 0x0f, + 0xfa, 0x62, 0x3d, 0xa2, 0xea, 0x9e, 0x71, 0xca, 0x6b, 0x2c, 0x48, 0x6a, 0x1d, 0x56, 0x02, 0x2b, + 0x47, 0xc2, 0x8a, 0x21, 0x98, 0x30, 0x17, 0x85, 0x09, 0x6d, 0x98, 0xdf, 0xc1, 0x2f, 0xac, 0x0e, + 0x7e, 0x23, 0xa7, 0x2a, 0x17, 0xa0, 0xe4, 0x60, 0xb7, 0x6f, 0x79, 0x5e, 0x90, 0x68, 0x8b, 0x5a, + 0x98, 0xa4, 0xfe, 0xc7, 0x3c, 0x2c, 0xc7, 0xa3, 0xe3, 0x7e, 0x02, 0x95, 0x7c, 0x27, 0x65, 0x09, + 0x88, 0x77, 0x34, 0x54, 0x76, 0xde, 0x94, 0xc5, 0x48, 0x2e, 0x0b, 0x1a, 0x08, 0x0a, 0x17, 0x51, + 0xa9, 0x50, 0x8f, 0x74, 0x48, 0xbf, 0x6f, 0xd8, 0xa6, 0x3c, 0x0c, 0x13, 0xaf, 0xd4, 0x7f, 0x86, + 0xdb, 0xa5, 0x6e, 0xa7, 0x64, 0xf6, 0x4c, 0x07, 0x8f, 0xee, 0xa3, 0x2d, 0x9b, 0xa1, 0x9b, 0x2c, + 0x59, 0x17, 0x35, 0x10, 0xa4, 0x1d, 0xcb, 0x45, 0x9b, 0x30, 0x8b, 0xed, 0x17, 0xb2, 0xae, 0x4c, + 0x39, 0x2d, 0x93, 0x65, 0x91, 0xc6, 0xf8, 0xd0, 0x0d, 0x98, 0xef, 0xd3, 0xb0, 0x90, 0x3b, 0xea, + 0xb5, 0x8c, 0x43, 0x23, 0x4d, 0xb0, 0xa1, 0x2d, 0x58, 0x30, 0xd9, 0x38, 0xc9, 0x6d, 0x73, 0x35, + 0x05, 0x33, 0x65, 0x0c, 0x9a, 0x64, 0x44, 0xbb, 0x41, 0xd5, 0x5c, 0xcc, 0x2a, 0x77, 0x63, 0x43, + 0x91, 0x5a, 0x3a, 0xef, 0x47, 0x4b, 0x67, 0x60, 0xba, 0xb6, 0xc6, 0xeb, 0x1a, 0x5d, 0x3f, 0x9f, + 0x85, 0x42, 0x8f, 0x74, 0x79, 0x18, 0x95, 0xf8, 0x39, 0x6b, 0x8f, 0x74, 0x59, 0x14, 0xad, 0xd2, + 0x5d, 0x84, 0x69, 0xd9, 0x2c, 0xa9, 0x17, 0x34, 0xfe, 0x42, 0x27, 0x1f, 0x7b, 0xd0, 0x89, 0xdd, + 0xc1, 0xd5, 0x32, 0xfb, 0x54, 0x64, 0x94, 0x3d, 0xbb, 0xc3, 0xca, 0x4d, 0xdf, 0x3f, 0xa9, 0x2e, + 0x31, 0x3a, 0x7d, 0xa4, 0x1b, 0x44, 0x0e, 0x7a, 0x2c, 0x67, 0x6d, 0x10, 0xd3, 0xd2, 0xb6, 0xc4, + 0x3c, 0x1e, 0xc2, 0xc2, 0x4b, 0x9e, 0x08, 0xaa, 0x15, 0x26, 0x7f, 0x65, 0x7c, 0x7a, 0x11, 0x1a, + 0xa4, 0xe0, 0xb7, 0x59, 0xfa, 0xff, 0xbd, 0x02, 0x67, 0xb6, 0xd9, 0xfe, 0x29, 0x94, 0xc7, 0xa6, + 0xc1, 0x06, 0x6f, 0x07, 0xb0, 0x6d, 0x26, 0x90, 0x17, 0xef, 0xb7, 0x44, 0x6d, 0x1b, 0xb0, 0x24, + 0x95, 0x0b, 0x15, 0xf9, 0x89, 0x91, 0xdf, 0xb2, 0x17, 0x7e, 0x55, 0x3f, 0x82, 0xb5, 0x44, 0x2f, + 0xc4, 0x16, 0x66, 0x03, 0x16, 0x87, 0xf9, 0x2a, 0xe8, 0x44, 0x29, 0xa0, 0x35, 0x4c, 0xf5, 0x0e, + 0x9c, 0x6e, 0xfb, 0x86, 0xeb, 0x27, 0x5c, 0x30, 0x81, 0x2c, 0xc3, 0x74, 0xa3, 0xb2, 0x02, 0x76, + 0x6d, 0xc3, 0x6a, 0xdb, 0x27, 0xce, 0x6b, 0x28, 0xa5, 0x59, 0x87, 0xf6, 0x9f, 0x0c, 0xe4, 0xfa, + 0x20, 0x5f, 0xd5, 0x35, 0x8e, 0x40, 0x27, 0x5b, 0xbb, 0x0b, 0x67, 0x38, 0x00, 0xfc, 0x3a, 0x9d, + 0x38, 0x2b, 0xe1, 0xe7, 0xa4, 0xde, 0x67, 0x70, 0x6a, 0xb8, 0x2c, 0x0e, 0x31, 0x9b, 0x5b, 0x51, + 0xcc, 0xe6, 0xc2, 0x88, 0x51, 0x8f, 0x40, 0x36, 0x7f, 0x9e, 0x0b, 0xe5, 0xf5, 0x0c, 0xc4, 0xe6, + 0x6e, 0x14, 0xb1, 0xb9, 0x38, 0x4e, 0x77, 0x04, 0xb0, 0x49, 0x46, 0x6d, 0x3e, 0x25, 0x6a, 0x3f, + 0x4f, 0xc0, 0x3a, 0xb3, 0x59, 0xb8, 0x58, 0xcc, 0xda, 0xdf, 0x08, 0xaa, 0xa3, 0x71, 0x54, 0x27, + 0x68, 0x3a, 0xc0, 0xeb, 0x6f, 0xc7, 0x50, 0x9d, 0x8d, 0xb1, 0xf6, 0x06, 0xa0, 0xce, 0x5f, 0xcf, + 0x42, 0x31, 0xf8, 0x96, 0xf0, 0x79, 0xd2, 0x6d, 0xb9, 0x14, 0xb7, 0x85, 0x57, 0xe0, 0xfc, 0x37, + 0x5a, 0x81, 0x67, 0x27, 0x5e, 0x81, 0xcf, 0x41, 0x91, 0x3d, 0xe8, 0x2e, 0x3e, 0x12, 0x2b, 0x6a, + 0x81, 0x11, 0x34, 0x7c, 0x34, 0x0c, 0xc3, 0xf9, 0xa9, 0xc2, 0x30, 0x86, 0x23, 0x2d, 0xc4, 0x71, + 0xa4, 0xfb, 0xc1, 0x8a, 0xc8, 0x17, 0xd1, 0xcb, 0x23, 0xf4, 0xa6, 0xae, 0x85, 0xcd, 0xe8, 0x5a, + 0xc8, 0xd7, 0xd5, 0xf7, 0x46, 0x69, 0x19, 0xb9, 0x0a, 0x7e, 0x9b, 0x2b, 0xc4, 0x01, 0x07, 0x87, + 0xc2, 0xb1, 0x28, 0x32, 0xeb, 0x5d, 0x80, 0x20, 0x89, 0x48, 0x84, 0xe8, 0xdc, 0x88, 0x3e, 0x6a, + 0x21, 0x76, 0xaa, 0x36, 0x32, 0x34, 0xc3, 0x33, 0xa9, 0xc9, 0xf2, 0x63, 0xc6, 0x81, 0xd4, 0xff, + 0xce, 0x85, 0xf2, 0x4b, 0xc6, 0x21, 0xce, 0xfd, 0x04, 0x7e, 0x39, 0x65, 0x14, 0xdf, 0x8a, 0xc2, + 0x97, 0xaf, 0x19, 0x75, 0x09, 0xf4, 0x92, 0x55, 0x2e, 0x86, 0x2b, 0x3e, 0x73, 0xd0, 0xa8, 0x28, + 0x28, 0x75, 0xb6, 0x33, 0x38, 0xb2, 0x6c, 0xcb, 0x3b, 0xe6, 0xdf, 0xe7, 0xf9, 0xce, 0x40, 0x92, + 0xea, 0xec, 0xbe, 0x14, 0x7e, 0x65, 0xf9, 0x7a, 0x87, 0x98, 0x98, 0xc5, 0xf4, 0x9c, 0x56, 0xa0, + 0x84, 0x6d, 0x62, 0xe2, 0xe1, 0xcc, 0x2b, 0xbc, 0xde, 0xcc, 0x2b, 0xc6, 0x66, 0xde, 0x19, 0x98, + 0x77, 0xb1, 0xe1, 0x11, 0x5b, 0x6c, 0xcf, 0xc5, 0x1b, 0x1d, 0x9a, 0x3e, 0xf6, 0x3c, 0xda, 0x92, + 0x28, 0xd7, 0xc4, 0x6b, 0xa8, 0xcc, 0x5c, 0x1c, 0x5b, 0x66, 0x8e, 0x38, 0x1c, 0x8a, 0x95, 0x99, + 0xe5, 0xb1, 0x65, 0xe6, 0x44, 0x67, 0x43, 0xc3, 0x42, 0x7b, 0x69, 0xb2, 0x42, 0x3b, 0x5c, 0x97, + 0x2e, 0x47, 0xea, 0xd2, 0x6f, 0x73, 0xb2, 0xfe, 0x4a, 0x81, 0xb5, 0xc4, 0xb4, 0x12, 0xd3, 0xf5, + 0x76, 0xec, 0xf4, 0x68, 0x63, 0xac, 0xcf, 0x82, 0xc3, 0xa3, 0xc7, 0x91, 0xc3, 0xa3, 0x0f, 0xc6, + 0x0b, 0xbe, 0xf1, 0xb3, 0xa3, 0x3f, 0x52, 0xe0, 0xed, 0x03, 0xc7, 0x8c, 0x55, 0x78, 0x62, 0xdb, + 0x3f, 0x79, 0xe2, 0xb8, 0x2f, 0x6b, 0xfd, 0xdc, 0xb4, 0x38, 0x0b, 0x97, 0x53, 0x55, 0xb8, 0x90, + 0x6d, 0x86, 0x28, 0x99, 0x7e, 0x04, 0xcb, 0xbb, 0xaf, 0x70, 0xa7, 0x7d, 0x62, 0x77, 0xa6, 0x30, + 0xad, 0x02, 0xf9, 0x4e, 0xdf, 0x14, 0x28, 0x29, 0x7d, 0x0c, 0x57, 0x81, 0xf9, 0x68, 0x15, 0xa8, + 0x43, 0x65, 0xd8, 0x82, 0x18, 0xde, 0x33, 0x74, 0x78, 0x4d, 0xca, 0x4c, 0x95, 0x2f, 0x6a, 0xe2, + 0x4d, 0xd0, 0xb1, 0xcb, 0xaf, 0x44, 0x70, 0x3a, 0x76, 0xdd, 0x68, 0xb6, 0xc8, 0x47, 0xb3, 0x85, + 0xfa, 0x67, 0x0a, 0x94, 0x68, 0x0b, 0xdf, 0xc8, 0x7e, 0xb1, 0xd5, 0xca, 0x0f, 0xb7, 0x5a, 0xc1, + 0x8e, 0x6d, 0x36, 0xbc, 0x63, 0x1b, 0x5a, 0x3e, 0xc7, 0xc8, 0x49, 0xcb, 0xe7, 0x03, 0x3a, 0x76, + 0x5d, 0xf5, 0x02, 0x2c, 0x72, 0xdb, 0x44, 0xcf, 0x2b, 0x90, 0x1f, 0xb8, 0x3d, 0x19, 0x47, 0x03, + 0xb7, 0xa7, 0xfe, 0xb1, 0x02, 0xe5, 0xba, 0xef, 0x1b, 0x9d, 0xe3, 0x29, 0x3a, 0x10, 0x18, 0x97, + 0x0b, 0x1b, 0x97, 0xec, 0xc4, 0xd0, 0xdc, 0xd9, 0x0c, 0x73, 0xe7, 0x22, 0xe6, 0xaa, 0xb0, 0x24, + 0x6d, 0xc9, 0x34, 0xb8, 0x09, 0xa8, 0x45, 0x5c, 0xff, 0x11, 0x71, 0x5f, 0x1a, 0xae, 0x39, 0xdd, + 0x0e, 0x0c, 0xc1, 0xac, 0xb8, 0x43, 0x9b, 0xbf, 0x32, 0xa7, 0xb1, 0x67, 0xf5, 0x32, 0x9c, 0x8a, + 0xe8, 0xcb, 0x6c, 0xf8, 0x01, 0x94, 0x58, 0xde, 0x17, 0xa5, 0xf8, 0xcd, 0xf0, 0x71, 0xcd, 0x44, + 0xab, 0x84, 0xfa, 0xbb, 0xb0, 0x42, 0xeb, 0x03, 0x46, 0x0f, 0xa6, 0xe2, 0xf7, 0x62, 0x75, 0xea, + 0xf9, 0x0c, 0x45, 0xb1, 0x1a, 0xf5, 0x6f, 0x14, 0x98, 0x63, 0xf4, 0xc4, 0x9a, 0x7d, 0x0e, 0x8a, + 0x2e, 0x76, 0x88, 0xee, 0x1b, 0xdd, 0xe0, 0xc6, 0x32, 0x25, 0xec, 0x1b, 0x5d, 0x8f, 0x5d, 0xb8, + 0xa6, 0x1f, 0x4d, 0xab, 0x8b, 0x3d, 0x5f, 0x5e, 0x5b, 0x2e, 0x51, 0xda, 0x0e, 0x27, 0x51, 0x27, + 0x79, 0xd6, 0xef, 0xf3, 0xba, 0x73, 0x56, 0x63, 0xcf, 0x68, 0x93, 0x5f, 0xa2, 0x9b, 0x04, 0x52, + 0x67, 0x57, 0xec, 0x6a, 0x50, 0x88, 0xa1, 0xe8, 0xc1, 0xbb, 0xba, 0x0b, 0x28, 0xec, 0x05, 0xe1, + 0xef, 0x1b, 0x30, 0xcf, 0x9c, 0x24, 0xab, 0xa3, 0xb5, 0x0c, 0x37, 0x68, 0x82, 0x4d, 0x35, 0x00, + 0x71, 0x07, 0x47, 0x2a, 0xa2, 0xe9, 0x47, 0x65, 0x44, 0x85, 0xf4, 0x77, 0x0a, 0x9c, 0x8a, 0xb4, + 0x21, 0x6c, 0xbd, 0x1e, 0x6d, 0x24, 0xd3, 0x54, 0xd1, 0xc0, 0x76, 0x64, 0x49, 0xb8, 0x91, 0x65, + 0xd2, 0xaf, 0x69, 0x39, 0xf8, 0x07, 0x05, 0xa0, 0x3e, 0xf0, 0x8f, 0x05, 0x32, 0x18, 0x1e, 0x19, + 0x25, 0x3a, 0x32, 0xf4, 0x9b, 0x63, 0x78, 0xde, 0x4b, 0xe2, 0xca, 0x3d, 0x4d, 0xf0, 0xce, 0x30, + 0xbc, 0x81, 0x7f, 0x2c, 0x8f, 0xc2, 0xe8, 0x33, 0xba, 0x08, 0x4b, 0xfc, 0x96, 0xbc, 0x6e, 0x98, + 0xa6, 0x8b, 0x3d, 0x4f, 0x9c, 0x89, 0x95, 0x39, 0xb5, 0xce, 0x89, 0x94, 0xcd, 0x32, 0xb1, 0xed, + 0x5b, 0xfe, 0x89, 0xee, 0x93, 0xe7, 0xd8, 0x16, 0x7b, 0x93, 0xb2, 0xa4, 0xee, 0x53, 0x22, 0x3f, + 0x1c, 0xe8, 0x5a, 0x9e, 0xef, 0x4a, 0x36, 0x79, 0xfe, 0x22, 0xa8, 0x8c, 0x8d, 0x0e, 0x4a, 0xa5, + 0x35, 0xe8, 0xf5, 0xb8, 0x8b, 0x5f, 0x7f, 0xd8, 0xdf, 0x17, 0x1d, 0xca, 0x65, 0xc5, 0xf4, 0xd0, + 0x69, 0xa2, 0xbb, 0x6f, 0x10, 0x84, 0x79, 0x1f, 0x56, 0x42, 0x7d, 0x10, 0x61, 0x15, 0x29, 0x22, + 0x95, 0x68, 0x11, 0xa9, 0x3e, 0x06, 0xc4, 0x71, 0x87, 0x6f, 0xd8, 0x6f, 0xf5, 0x34, 0x9c, 0x8a, + 0x28, 0x12, 0x2b, 0xf1, 0x35, 0x28, 0x8b, 0x9b, 0x4e, 0x22, 0x50, 0xce, 0x42, 0x81, 0x66, 0xd4, + 0x8e, 0x65, 0xca, 0x73, 0xd2, 0x05, 0x87, 0x98, 0xdb, 0x96, 0xe9, 0xaa, 0x9f, 0x40, 0x59, 0xe3, + 0xed, 0x08, 0xde, 0x47, 0xb0, 0x24, 0xee, 0x45, 0xe9, 0x91, 0x8b, 0x89, 0x69, 0x17, 0xdf, 0xc3, + 0x8d, 0x68, 0x65, 0x3b, 0xfc, 0xaa, 0x9a, 0x50, 0xe3, 0x25, 0x43, 0x44, 0xbd, 0xec, 0xec, 0x23, + 0x90, 0x17, 0x01, 0xc6, 0xb6, 0x12, 0x95, 0x2f, 0xbb, 0xe1, 0x57, 0xf5, 0x3c, 0x9c, 0x4b, 0x6d, + 0x45, 0x78, 0xc2, 0x81, 0xca, 0xf0, 0x83, 0x69, 0xc9, 0x03, 0x63, 0x76, 0x10, 0xac, 0x84, 0x0e, + 0x82, 0xcf, 0x04, 0x45, 0x62, 0x4e, 0x2e, 0x62, 0xac, 0x02, 0x1c, 0x96, 0xfb, 0xf9, 0xac, 0x72, + 0x7f, 0x36, 0x52, 0xee, 0xab, 0xed, 0xc0, 0x9f, 0x62, 0x1b, 0xf6, 0x90, 0x6d, 0x17, 0x79, 0xdb, + 0x32, 0x21, 0xaa, 0xa3, 0x7a, 0xc9, 0x59, 0xb5, 0x90, 0x94, 0x7a, 0x15, 0xca, 0xd1, 0xd4, 0x18, + 0xca, 0x73, 0x4a, 0x22, 0xcf, 0x2d, 0xc5, 0x52, 0xdc, 0x87, 0xb1, 0x0a, 0x38, 0xdb, 0xc7, 0xb1, + 0xfa, 0xf7, 0x5e, 0x24, 0xd9, 0x5d, 0x4b, 0x39, 0xc3, 0xfd, 0x35, 0xe5, 0xb9, 0x55, 0xb1, 0x1e, + 0x3c, 0xf2, 0xa8, 0xbc, 0xe8, 0xb4, 0xfa, 0x0e, 0x94, 0x0e, 0xb2, 0x7e, 0x55, 0x31, 0x2b, 0xef, + 0x4b, 0xdc, 0x82, 0xd5, 0x47, 0x56, 0x0f, 0x7b, 0x27, 0x9e, 0x8f, 0xfb, 0x0d, 0x96, 0x94, 0x8e, + 0x2c, 0xec, 0xa2, 0x75, 0x00, 0xb6, 0x85, 0x71, 0x88, 0x15, 0x5c, 0xb6, 0x0f, 0x51, 0xd4, 0xff, + 0x54, 0x60, 0x79, 0x28, 0x78, 0xc0, 0xb6, 0x6e, 0x6f, 0x41, 0x91, 0xf6, 0xd7, 0xf3, 0x8d, 0xbe, + 0x23, 0xcf, 0xb3, 0x02, 0x02, 0xba, 0x0b, 0x73, 0x47, 0x9e, 0x84, 0x8c, 0x52, 0x01, 0xf4, 0x34, + 0x43, 0xb4, 0xd9, 0x23, 0xaf, 0x61, 0xa2, 0x8f, 0x00, 0x06, 0x1e, 0x36, 0xc5, 0x19, 0x56, 0x3e, + 0xab, 0x5a, 0x38, 0x08, 0x9f, 0x6f, 0x53, 0x01, 0x7e, 0xd5, 0xe2, 0x1e, 0x94, 0x2c, 0x9b, 0x98, + 0x98, 0x9d, 0x39, 0x9a, 0x02, 0x55, 0x1a, 0x23, 0x0e, 0x5c, 0xe2, 0xc0, 0xc3, 0xa6, 0x8a, 0xc5, + 0x5a, 0x28, 0xfd, 0x2b, 0x02, 0xa5, 0x09, 0x2b, 0x3c, 0x69, 0x1d, 0x05, 0x86, 0xcb, 0x88, 0xdd, + 0x18, 0xd5, 0x3b, 0xe6, 0x2d, 0xad, 0x62, 0x89, 0xd2, 0x46, 0x8a, 0xaa, 0x77, 0xe0, 0x74, 0x64, + 0x87, 0x34, 0xc5, 0x96, 0x45, 0x6d, 0xc5, 0x80, 0x92, 0x61, 0x38, 0x0b, 0x18, 0x42, 0x46, 0xf3, + 0x38, 0x18, 0xc2, 0xe3, 0x30, 0x84, 0xa7, 0x7e, 0x0e, 0x67, 0x23, 0x88, 0x4e, 0xc4, 0xa2, 0x7b, + 0xb1, 0xca, 0xed, 0xd2, 0x38, 0xad, 0xb1, 0x12, 0xee, 0x7f, 0x14, 0x58, 0x4d, 0x63, 0x78, 0x4d, + 0xc4, 0xf1, 0x47, 0x19, 0xf7, 0xef, 0x6e, 0x4f, 0x66, 0xd6, 0x6f, 0x04, 0xad, 0xdd, 0x87, 0x5a, + 0x9a, 0x3f, 0x93, 0xa3, 0x94, 0x9f, 0x66, 0x94, 0x7e, 0x96, 0x0f, 0x21, 0xef, 0x75, 0xdf, 0x77, + 0xad, 0xc3, 0x01, 0x0d, 0xf9, 0x37, 0x8e, 0x66, 0x35, 0x02, 0x5c, 0x86, 0xbb, 0xf6, 0xe6, 0x08, + 0xf1, 0xa1, 0x1d, 0xa9, 0xd8, 0xcc, 0xa7, 0x51, 0x6c, 0x86, 0x63, 0xea, 0xb7, 0x26, 0xd3, 0xf7, + 0x5b, 0x0b, 0x80, 0xfe, 0x2c, 0x07, 0x4b, 0xd1, 0x21, 0x42, 0xbb, 0x00, 0x46, 0x60, 0xb9, 0x98, + 0x28, 0x17, 0x27, 0xea, 0xa6, 0x16, 0x12, 0x44, 0xef, 0x41, 0xbe, 0xe3, 0x0c, 0xc4, 0xa8, 0xa5, + 0x1c, 0x06, 0x6f, 0x3b, 0x03, 0x9e, 0x51, 0x28, 0x1b, 0xdd, 0x53, 0xf1, 0xb3, 0xfd, 0xec, 0x2c, + 0xf9, 0x8c, 0x7d, 0xe7, 0x32, 0x82, 0x19, 0x3d, 0x81, 0xa5, 0x97, 0xae, 0xe5, 0x1b, 0x87, 0x3d, + 0xac, 0xf7, 0x8c, 0x13, 0xec, 0x8a, 0x2c, 0x39, 0x41, 0x22, 0x2b, 0x4b, 0xc1, 0xa7, 0x54, 0x4e, + 0xfd, 0x43, 0x28, 0x48, 0x8b, 0xc6, 0xac, 0x08, 0xfb, 0xb0, 0x36, 0xa0, 0x6c, 0x3a, 0xbb, 0x02, + 0x67, 0x1b, 0x36, 0xd1, 0x3d, 0x4c, 0x97, 0x71, 0x79, 0xdd, 0x7f, 0x4c, 0x8a, 0x5e, 0x65, 0xd2, + 0xdb, 0xc4, 0xc5, 0x4d, 0xc3, 0x26, 0x6d, 0x2e, 0xaa, 0xbe, 0x80, 0x52, 0xa8, 0x83, 0x63, 0x4c, + 0x68, 0xc0, 0x8a, 0x3c, 0x8a, 0xf7, 0xb0, 0x2f, 0x96, 0x97, 0x89, 0x1a, 0x5f, 0x16, 0x72, 0x6d, + 0xec, 0xf3, 0xeb, 0x13, 0xf7, 0xe0, 0xac, 0x86, 0x89, 0x83, 0xed, 0x60, 0x3c, 0x9f, 0x92, 0xee, + 0x14, 0x19, 0xfc, 0x2d, 0xa8, 0xa5, 0xc9, 0xf3, 0xfc, 0x70, 0xed, 0x12, 0x14, 0xe4, 0x4f, 0x64, + 0xd1, 0x02, 0xe4, 0xf7, 0xb7, 0x5b, 0x95, 0x19, 0xfa, 0x70, 0xb0, 0xd3, 0xaa, 0x28, 0xa8, 0x00, + 0xb3, 0xed, 0xed, 0xfd, 0x56, 0x25, 0x77, 0xad, 0x0f, 0x95, 0xf8, 0xef, 0x43, 0xd1, 0x1a, 0x9c, + 0x6a, 0x69, 0x7b, 0xad, 0xfa, 0xe3, 0xfa, 0x7e, 0x63, 0xaf, 0xa9, 0xb7, 0xb4, 0xc6, 0xc7, 0xf5, + 0xfd, 0xdd, 0xca, 0x0c, 0xda, 0x80, 0xf3, 0xe1, 0x0f, 0x4f, 0xf6, 0xda, 0xfb, 0xfa, 0xfe, 0x9e, + 0xbe, 0xbd, 0xd7, 0xdc, 0xaf, 0x37, 0x9a, 0xbb, 0x5a, 0x45, 0x41, 0xe7, 0xe1, 0x6c, 0x98, 0xe5, + 0x61, 0x63, 0xa7, 0xa1, 0xed, 0x6e, 0xd3, 0xe7, 0xfa, 0xd3, 0x4a, 0xee, 0xda, 0x4d, 0x28, 0x47, + 0x7e, 0xce, 0x49, 0x4d, 0x6a, 0xed, 0xed, 0x54, 0x66, 0x50, 0x19, 0x8a, 0x61, 0x3d, 0x05, 0x98, + 0x6d, 0xee, 0xed, 0xec, 0x56, 0x72, 0xd7, 0xee, 0xc0, 0x72, 0xec, 0xda, 0x2e, 0x5a, 0x81, 0x72, + 0xbb, 0xde, 0xdc, 0x79, 0xb8, 0xf7, 0xa9, 0xae, 0xed, 0xd6, 0x77, 0x3e, 0xab, 0xcc, 0xa0, 0x55, + 0xa8, 0x48, 0x52, 0x73, 0x6f, 0x9f, 0x53, 0x95, 0x6b, 0xcf, 0x63, 0x73, 0x0c, 0xa3, 0xd3, 0xb0, + 0x12, 0x34, 0xa3, 0x6f, 0x6b, 0xbb, 0xf5, 0xfd, 0x5d, 0xda, 0x7a, 0x84, 0xac, 0x1d, 0x34, 0x9b, + 0x8d, 0xe6, 0xe3, 0x8a, 0x42, 0xb5, 0x0e, 0xc9, 0xbb, 0x9f, 0x36, 0x28, 0x73, 0x2e, 0xca, 0x7c, + 0xd0, 0xfc, 0x41, 0x73, 0xef, 0x93, 0x66, 0x25, 0xbf, 0xf5, 0x8b, 0x15, 0x58, 0x92, 0x85, 0x1e, + 0x76, 0xd9, 0xad, 0x96, 0x16, 0x2c, 0xc8, 0x9f, 0x5c, 0xa7, 0x64, 0xe8, 0xe8, 0x0f, 0xc5, 0x6b, + 0x1b, 0x23, 0x38, 0x44, 0xbd, 0x3d, 0x83, 0x0e, 0x59, 0xfd, 0x1b, 0xba, 0x46, 0x7d, 0x29, 0xb5, + 0xda, 0x4c, 0xdc, 0xdc, 0xae, 0x5d, 0x1e, 0xcb, 0x17, 0xb4, 0x81, 0x69, 0x89, 0x1b, 0xfe, 0x41, + 0x11, 0xba, 0x9c, 0x56, 0x9b, 0xa6, 0xfc, 0x62, 0xa9, 0x76, 0x65, 0x3c, 0x63, 0xd0, 0xcc, 0x73, + 0xa8, 0xc4, 0x7f, 0x5c, 0x84, 0x52, 0xa0, 0xd3, 0x8c, 0x5f, 0x30, 0xd5, 0xae, 0x4d, 0xc2, 0x1a, + 0x6e, 0x2c, 0xf1, 0x33, 0x9c, 0xab, 0x93, 0xfc, 0x5c, 0x21, 0xb3, 0xb1, 0xac, 0x5f, 0x36, 0x70, + 0x07, 0x46, 0x6f, 0x3e, 0xa3, 0xd4, 0xdf, 0xbc, 0xa4, 0x5c, 0xb0, 0x4f, 0x73, 0x60, 0xfa, 0x25, + 0x6a, 0x75, 0x06, 0x1d, 0xc3, 0x72, 0xec, 0x7a, 0x02, 0x4a, 0x11, 0x4f, 0xbf, 0x87, 0x51, 0xbb, + 0x3a, 0x01, 0x67, 0x34, 0x22, 0xc2, 0xd7, 0x11, 0xd2, 0x23, 0x22, 0xe5, 0xb2, 0x43, 0x7a, 0x44, + 0xa4, 0xde, 0x6c, 0x60, 0xc1, 0x1d, 0xb9, 0x86, 0x90, 0x16, 0xdc, 0x69, 0x97, 0x1f, 0x6a, 0x97, + 0xc7, 0xf2, 0x85, 0x9d, 0x16, 0xbb, 0x94, 0x90, 0xe6, 0xb4, 0xf4, 0x4b, 0x0f, 0xb5, 0xab, 0x13, + 0x70, 0xc6, 0xa3, 0x60, 0x78, 0xc4, 0x99, 0x15, 0x05, 0x89, 0x03, 0xf9, 0xac, 0x28, 0x48, 0x9e, + 0x96, 0x8a, 0x28, 0x88, 0x1d, 0x4d, 0x5e, 0x99, 0xe0, 0x28, 0x25, 0x3b, 0x0a, 0xd2, 0x0f, 0x5d, + 0xd4, 0x19, 0xf4, 0x53, 0x05, 0xaa, 0x59, 0xc7, 0x14, 0x28, 0xa5, 0xbe, 0x1b, 0x73, 0xb2, 0x52, + 0xdb, 0x9a, 0x46, 0x24, 0xb0, 0xe2, 0x4b, 0x40, 0xc9, 0x75, 0x0f, 0x7d, 0x27, 0x6d, 0x64, 0x32, + 0x56, 0xd7, 0xda, 0x7b, 0x93, 0x31, 0x07, 0x4d, 0xb6, 0xa1, 0x20, 0x0f, 0x46, 0x50, 0x4a, 0x96, + 0x8e, 0x1d, 0xcb, 0xd4, 0xd4, 0x51, 0x2c, 0x81, 0xd2, 0xc7, 0x30, 0x4b, 0xa9, 0xe8, 0x7c, 0x3a, + 0xb7, 0x54, 0xb6, 0x9e, 0xf5, 0x39, 0x50, 0xf4, 0x0c, 0xe6, 0xf9, 0x49, 0x00, 0x4a, 0x41, 0x1e, + 0x22, 0xe7, 0x15, 0xb5, 0x0b, 0xd9, 0x0c, 0x81, 0xba, 0x2f, 0xf8, 0x7f, 0xe3, 0x10, 0x20, 0x3f, + 0x7a, 0x37, 0xfd, 0xe7, 0xcd, 0xd1, 0x33, 0x85, 0xda, 0xc5, 0x31, 0x5c, 0xe1, 0x49, 0x11, 0xab, + 0x7a, 0x2f, 0x8f, 0xdd, 0xba, 0x64, 0x4f, 0x8a, 0xf4, 0xcd, 0x11, 0x0f, 0x92, 0xe4, 0xe6, 0x29, + 0x2d, 0x48, 0x32, 0xb7, 0xac, 0x69, 0x41, 0x92, 0xbd, 0x1f, 0x53, 0x67, 0x90, 0x0f, 0xa7, 0x52, + 0xa0, 0x32, 0xf4, 0x5e, 0x56, 0x90, 0xa7, 0xe1, 0x76, 0xb5, 0xeb, 0x13, 0x72, 0x87, 0x07, 0x5f, + 0x4c, 0xfa, 0xb7, 0xb3, 0xf1, 0xa3, 0xcc, 0xc1, 0x8f, 0x4f, 0xf1, 0xad, 0x7f, 0xc9, 0xc3, 0x22, + 0x87, 0x41, 0x45, 0x05, 0xf3, 0x19, 0xc0, 0xf0, 0x04, 0x02, 0xbd, 0x93, 0xee, 0x93, 0xc8, 0x29, + 0x4d, 0xed, 0xdd, 0xd1, 0x4c, 0xe1, 0x40, 0x0b, 0xa1, 0xf9, 0x69, 0x81, 0x96, 0x3c, 0xb4, 0x48, + 0x0b, 0xb4, 0x94, 0x23, 0x01, 0x75, 0x06, 0x7d, 0x0c, 0xc5, 0x00, 0x36, 0x46, 0x69, 0xb0, 0x73, + 0x0c, 0x17, 0xaf, 0xbd, 0x33, 0x92, 0x27, 0x6c, 0x75, 0x08, 0x13, 0x4e, 0xb3, 0x3a, 0x89, 0x3d, + 0xa7, 0x59, 0x9d, 0x06, 0x2c, 0x0f, 0x7d, 0xc2, 0x91, 0xa3, 0x4c, 0x9f, 0x44, 0x80, 0xbb, 0x4c, + 0x9f, 0x44, 0xe1, 0x27, 0x75, 0xe6, 0xe1, 0xa5, 0x5f, 0x7e, 0xb5, 0xae, 0xfc, 0xd3, 0x57, 0xeb, + 0x33, 0x3f, 0xf9, 0x7a, 0x5d, 0xf9, 0xe5, 0xd7, 0xeb, 0xca, 0x3f, 0x7e, 0xbd, 0xae, 0xfc, 0xeb, + 0xd7, 0xeb, 0xca, 0x9f, 0xfe, 0xdb, 0xfa, 0xcc, 0x0f, 0x0b, 0x52, 0xfa, 0x70, 0x9e, 0xfd, 0x4f, + 0x9d, 0x0f, 0xfe, 0x2f, 0x00, 0x00, 0xff, 0xff, 0x11, 0x3f, 0x6e, 0x39, 0x19, 0x49, 0x00, 0x00, } diff --git a/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto b/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto index f68ca9f050a..c2df37b8045 100644 --- a/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto +++ b/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto @@ -313,7 +313,8 @@ message PodSandboxConfig { // operation. The runtime may also use this information to improve UX, such // as by constructing a readable name. PodSandboxMetadata metadata = 1; - // Hostname of the sandbox. + // Hostname of the sandbox. Hostname could only be empty when the pod + // network namespace is NODE. string hostname = 2; // Path to the directory on the host in which container log files are // stored. @@ -365,7 +366,7 @@ message RunPodSandboxRequest { // If the runtime handler is unknown, this request should be rejected. An // empty string should select the default handler, equivalent to the // behavior before this feature was added. - // See https://git.k8s.io/community/keps/sig-node/0014-runtime-class.md + // See https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md string runtime_handler = 2; } @@ -439,6 +440,8 @@ message PodSandboxStatus { // MUST be identical to that of the corresponding PodSandboxConfig used to // instantiate the pod sandbox this status represents. map annotations = 8; + // runtime configuration used for this PodSandbox. + string runtime_handler = 9; } message PodSandboxStatusResponse { @@ -493,6 +496,8 @@ message PodSandbox { // MUST be identical to that of the corresponding PodSandboxConfig used to // instantiate this PodSandbox. map annotations = 6; + // runtime configuration used for this PodSandbox. + string runtime_handler = 7; } message ListPodSandboxResponse { diff --git a/pkg/kubelet/apis/cri/testing/fake_runtime_service.go b/pkg/kubelet/apis/cri/testing/fake_runtime_service.go index ecdb4a3cc6d..577a15fbc95 100644 --- a/pkg/kubelet/apis/cri/testing/fake_runtime_service.go +++ b/pkg/kubelet/apis/cri/testing/fake_runtime_service.go @@ -104,6 +104,12 @@ func (r *FakeRuntimeService) AssertCalls(calls []string) error { return nil } +func (r *FakeRuntimeService) GetCalls() []string { + r.Lock() + defer r.Unlock() + return append([]string{}, r.Called...) +} + func (r *FakeRuntimeService) InjectError(f string, err error) { r.Lock() defer r.Unlock() diff --git a/pkg/kubelet/apis/deviceplugin/OWNERS b/pkg/kubelet/apis/deviceplugin/OWNERS index f16238fc928..e83bdf7b44b 100644 --- a/pkg/kubelet/apis/deviceplugin/OWNERS +++ b/pkg/kubelet/apis/deviceplugin/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - jiayingz - mindprince diff --git a/pkg/kubelet/apis/well_known_labels.go b/pkg/kubelet/apis/well_known_labels.go index 117b97d05f3..ada371c6b83 100644 --- a/pkg/kubelet/apis/well_known_labels.go +++ b/pkg/kubelet/apis/well_known_labels.go @@ -19,63 +19,43 @@ package apis import ( "strings" + "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" ) const ( - LabelHostname = "kubernetes.io/hostname" - LabelZoneFailureDomain = "failure-domain.beta.kubernetes.io/zone" - LabelMultiZoneDelimiter = "__" - LabelZoneRegion = "failure-domain.beta.kubernetes.io/region" - - LabelInstanceType = "beta.kubernetes.io/instance-type" - - LabelOS = "kubernetes.io/os" - LabelArch = "kubernetes.io/arch" // The OS/Arch labels are promoted to GA in 1.14. kubelet applies both beta // and GA labels to ensure backward compatibility. - // TODO: stop applying the beta OS/Arch labels in Kubernetes 1.17. - LegacyLabelOS = "beta.kubernetes.io/os" - LegacyLabelArch = "beta.kubernetes.io/arch" + // TODO: stop applying the beta OS/Arch labels in Kubernetes 1.18. + LabelOS = "beta.kubernetes.io/os" + LabelArch = "beta.kubernetes.io/arch" // GA versions of the legacy beta labels. // TODO: update kubelet and controllers to set both beta and GA labels, then export these constants labelZoneFailureDomainGA = "failure-domain.kubernetes.io/zone" labelZoneRegionGA = "failure-domain.kubernetes.io/region" labelInstanceTypeGA = "kubernetes.io/instance-type" - - // LabelNamespaceSuffixKubelet is an allowed label namespace suffix kubelets can self-set ([*.]kubelet.kubernetes.io/*) - LabelNamespaceSuffixKubelet = "kubelet.kubernetes.io" - // LabelNamespaceSuffixNode is an allowed label namespace suffix kubelets can self-set ([*.]node.kubernetes.io/*) - LabelNamespaceSuffixNode = "node.kubernetes.io" - - // LabelNamespaceNodeRestriction is a forbidden label namespace that kubelets may not self-set when the NodeRestriction admission plugin is enabled - LabelNamespaceNodeRestriction = "node-restriction.kubernetes.io" ) -// When the --failure-domains scheduler flag is not specified, -// DefaultFailureDomains defines the set of label keys used when TopologyKey is empty in PreferredDuringScheduling anti-affinity. -var DefaultFailureDomains string = LabelHostname + "," + LabelZoneFailureDomain + "," + LabelZoneRegion - var kubeletLabels = sets.NewString( - LabelHostname, - LabelZoneFailureDomain, - LabelZoneRegion, - LabelInstanceType, + v1.LabelHostname, + v1.LabelZoneFailureDomain, + v1.LabelZoneRegion, + v1.LabelInstanceType, + v1.LabelOSStable, + v1.LabelArchStable, + LabelOS, LabelArch, - LegacyLabelOS, - LegacyLabelArch, - labelZoneFailureDomainGA, labelZoneRegionGA, labelInstanceTypeGA, ) var kubeletLabelNamespaces = sets.NewString( - LabelNamespaceSuffixKubelet, - LabelNamespaceSuffixNode, + v1.LabelNamespaceSuffixKubelet, + v1.LabelNamespaceSuffixNode, ) // KubeletLabels returns the list of label keys kubelets are allowed to set on their own Node objects diff --git a/pkg/kubelet/certificate/OWNERS b/pkg/kubelet/certificate/OWNERS index 470b7a1c92d..3cf03643835 100644 --- a/pkg/kubelet/certificate/OWNERS +++ b/pkg/kubelet/certificate/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-certificates-approvers reviewers: diff --git a/pkg/kubelet/checkpointmanager/checkpoint_manager_test.go b/pkg/kubelet/checkpointmanager/checkpoint_manager_test.go index 6081e90483a..ecbab14c958 100644 --- a/pkg/kubelet/checkpointmanager/checkpoint_manager_test.go +++ b/pkg/kubelet/checkpointmanager/checkpoint_manager_test.go @@ -56,6 +56,8 @@ type PortMapping struct { ContainerPort *int32 // Port number on the host. HostPort *int32 + // Host ip to expose. + HostIP string } // CheckpointData is a sample example structure to be used in test cases for checkpointing @@ -151,17 +153,20 @@ func TestCheckpointManager(t *testing.T) { port80 := int32(80) port443 := int32(443) proto := protocol("tcp") + ip1234 := "1.2.3.4" portMappings := []*PortMapping{ { &proto, &port80, &port80, + ip1234, }, { &proto, &port443, &port443, + ip1234, }, } checkpoint1 := newFakeCheckpointV1("check1", portMappings, true) diff --git a/pkg/kubelet/cm/BUILD b/pkg/kubelet/cm/BUILD index 353b7c641ae..ee61d44d630 100644 --- a/pkg/kubelet/cm/BUILD +++ b/pkg/kubelet/cm/BUILD @@ -73,6 +73,7 @@ go_library( "//pkg/kubelet/events:go_default_library", "//pkg/kubelet/metrics:go_default_library", "//pkg/kubelet/qos:go_default_library", + "//pkg/kubelet/stats/pidlimit:go_default_library", "//pkg/kubelet/types:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/util/oom:go_default_library", diff --git a/pkg/kubelet/cm/OWNERS b/pkg/kubelet/cm/OWNERS index 307f9436c00..e9a3fecb9c5 100644 --- a/pkg/kubelet/cm/OWNERS +++ b/pkg/kubelet/cm/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - Random-Liu - dchen1107 diff --git a/pkg/kubelet/cm/cgroup_manager_linux.go b/pkg/kubelet/cm/cgroup_manager_linux.go index 2eb2a167f7e..b08bab132d5 100644 --- a/pkg/kubelet/cm/cgroup_manager_linux.go +++ b/pkg/kubelet/cm/cgroup_manager_linux.go @@ -257,7 +257,7 @@ func (m *cgroupManagerImpl) Exists(name CgroupName) bool { // in https://github.com/opencontainers/runc/issues/1440 // once resolved, we can remove this code. whitelistControllers := sets.NewString("cpu", "cpuacct", "cpuset", "memory", "systemd") - if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) { + if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) || utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportNodePidsLimit) { whitelistControllers.Insert("pids") } var missingPaths []string @@ -284,7 +284,8 @@ func (m *cgroupManagerImpl) Exists(name CgroupName) bool { func (m *cgroupManagerImpl) Destroy(cgroupConfig *CgroupConfig) error { start := time.Now() defer func() { - metrics.CgroupManagerLatency.WithLabelValues("destroy").Observe(metrics.SinceInMicroseconds(start)) + metrics.CgroupManagerDuration.WithLabelValues("destroy").Observe(metrics.SinceInSeconds(start)) + metrics.DeprecatedCgroupManagerLatency.WithLabelValues("destroy").Observe(metrics.SinceInMicroseconds(start)) }() cgroupPaths := m.buildCgroupPaths(cgroupConfig.Name) @@ -325,10 +326,11 @@ func getSupportedSubsystems() map[subsystem]bool { supportedSubsystems := map[subsystem]bool{ &cgroupfs.MemoryGroup{}: true, &cgroupfs.CpuGroup{}: true, + &cgroupfs.PidsGroup{}: true, } // not all hosts support hugetlb cgroup, and in the absent of hugetlb, we will fail silently by reporting no capacity. supportedSubsystems[&cgroupfs.HugetlbGroup{}] = false - if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) { + if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) || utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportNodePidsLimit) { supportedSubsystems[&cgroupfs.PidsGroup{}] = true } return supportedSubsystems @@ -377,9 +379,9 @@ func (m *cgroupManagerImpl) toResources(resourceConfig *ResourceConfig) *libcont if resourceConfig.CpuPeriod != nil { resources.CpuPeriod = *resourceConfig.CpuPeriod } - if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) { - if resourceConfig.PodPidsLimit != nil { - resources.PidsLimit = *resourceConfig.PodPidsLimit + if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) || utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportNodePidsLimit) { + if resourceConfig.PidsLimit != nil { + resources.PidsLimit = *resourceConfig.PidsLimit } } // if huge pages are enabled, we set them in libcontainer @@ -410,7 +412,8 @@ func (m *cgroupManagerImpl) toResources(resourceConfig *ResourceConfig) *libcont func (m *cgroupManagerImpl) Update(cgroupConfig *CgroupConfig) error { start := time.Now() defer func() { - metrics.CgroupManagerLatency.WithLabelValues("update").Observe(metrics.SinceInMicroseconds(start)) + metrics.CgroupManagerDuration.WithLabelValues("update").Observe(metrics.SinceInSeconds(start)) + metrics.DeprecatedCgroupManagerLatency.WithLabelValues("update").Observe(metrics.SinceInMicroseconds(start)) }() // Extract the cgroup resource parameters @@ -431,8 +434,8 @@ func (m *cgroupManagerImpl) Update(cgroupConfig *CgroupConfig) error { libcontainerCgroupConfig.Path = cgroupConfig.Name.ToCgroupfs() } - if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && cgroupConfig.ResourceParameters != nil && cgroupConfig.ResourceParameters.PodPidsLimit != nil { - libcontainerCgroupConfig.PidsLimit = *cgroupConfig.ResourceParameters.PodPidsLimit + if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && cgroupConfig.ResourceParameters != nil && cgroupConfig.ResourceParameters.PidsLimit != nil { + libcontainerCgroupConfig.PidsLimit = *cgroupConfig.ResourceParameters.PidsLimit } if err := setSupportedSubsystems(libcontainerCgroupConfig); err != nil { @@ -445,7 +448,8 @@ func (m *cgroupManagerImpl) Update(cgroupConfig *CgroupConfig) error { func (m *cgroupManagerImpl) Create(cgroupConfig *CgroupConfig) error { start := time.Now() defer func() { - metrics.CgroupManagerLatency.WithLabelValues("create").Observe(metrics.SinceInMicroseconds(start)) + metrics.CgroupManagerDuration.WithLabelValues("create").Observe(metrics.SinceInSeconds(start)) + metrics.DeprecatedCgroupManagerLatency.WithLabelValues("create").Observe(metrics.SinceInMicroseconds(start)) }() resources := m.toResources(cgroupConfig.ResourceParameters) @@ -461,8 +465,8 @@ func (m *cgroupManagerImpl) Create(cgroupConfig *CgroupConfig) error { libcontainerCgroupConfig.Path = cgroupConfig.Name.ToCgroupfs() } - if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && cgroupConfig.ResourceParameters != nil && cgroupConfig.ResourceParameters.PodPidsLimit != nil { - libcontainerCgroupConfig.PidsLimit = *cgroupConfig.ResourceParameters.PodPidsLimit + if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && cgroupConfig.ResourceParameters != nil && cgroupConfig.ResourceParameters.PidsLimit != nil { + libcontainerCgroupConfig.PidsLimit = *cgroupConfig.ResourceParameters.PidsLimit } // get the manager with the specified cgroup configuration diff --git a/pkg/kubelet/cm/container_manager_linux.go b/pkg/kubelet/cm/container_manager_linux.go index af7a779173f..cf84736b8e4 100644 --- a/pkg/kubelet/cm/container_manager_linux.go +++ b/pkg/kubelet/cm/container_manager_linux.go @@ -53,6 +53,7 @@ import ( kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" "k8s.io/kubernetes/pkg/kubelet/lifecycle" "k8s.io/kubernetes/pkg/kubelet/qos" + "k8s.io/kubernetes/pkg/kubelet/stats/pidlimit" "k8s.io/kubernetes/pkg/kubelet/status" "k8s.io/kubernetes/pkg/kubelet/util/pluginwatcher" schedulernodeinfo "k8s.io/kubernetes/pkg/scheduler/nodeinfo" @@ -123,6 +124,8 @@ type containerManagerImpl struct { cgroupManager CgroupManager // Capacity of this node. capacity v1.ResourceList + // Capacity of this node, including internal resources. + internalCapacity v1.ResourceList // Absolute cgroupfs path to a cgroup that Kubelet needs to place all pods under. // This path include a top level container for enforcing Node Allocatable. cgroupRoot CgroupName @@ -219,6 +222,7 @@ func NewContainerManager(mountUtil mount.Interface, cadvisorInterface cadvisor.I } var capacity = v1.ResourceList{} + var internalCapacity = v1.ResourceList{} // It is safe to invoke `MachineInfo` on cAdvisor before logically initializing cAdvisor here because // machine info is computed and cached once as part of cAdvisor object creation. // But `RootFsInfo` and `ImagesFsInfo` are not available at this moment so they will be called later during manager starts @@ -227,6 +231,15 @@ func NewContainerManager(mountUtil mount.Interface, cadvisorInterface cadvisor.I return nil, err } capacity = cadvisor.CapacityFromMachineInfo(machineInfo) + for k, v := range capacity { + internalCapacity[k] = v + } + pidlimits, err := pidlimit.Stats() + if err == nil && pidlimits != nil && pidlimits.MaxPID != nil { + internalCapacity[pidlimit.PIDs] = *resource.NewQuantity( + int64(*pidlimits.MaxPID), + resource.DecimalSI) + } // Turn CgroupRoot from a string (in cgroupfs path format) to internal CgroupName cgroupRoot := ParseCgroupfsToCgroupName(nodeConfig.CgroupRoot) @@ -264,6 +277,7 @@ func NewContainerManager(mountUtil mount.Interface, cadvisorInterface cadvisor.I subsystems: subsystems, cgroupManager: cgroupManager, capacity: capacity, + internalCapacity: internalCapacity, cgroupRoot: cgroupRoot, recorder: recorder, qosContainerManager: qosContainerManager, diff --git a/pkg/kubelet/cm/cpumanager/OWNERS b/pkg/kubelet/cm/cpumanager/OWNERS index 152ded29de0..77f30f6d64b 100644 --- a/pkg/kubelet/cm/cpumanager/OWNERS +++ b/pkg/kubelet/cm/cpumanager/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - derekwaynecarr - vishh diff --git a/pkg/kubelet/cm/cpuset/OWNERS b/pkg/kubelet/cm/cpuset/OWNERS index 02f72bf6cc1..e6f9bfdad6a 100644 --- a/pkg/kubelet/cm/cpuset/OWNERS +++ b/pkg/kubelet/cm/cpuset/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - derekwaynecarr - vishh diff --git a/pkg/kubelet/cm/devicemanager/OWNERS b/pkg/kubelet/cm/devicemanager/OWNERS index a374cd52454..d081f9a626d 100644 --- a/pkg/kubelet/cm/devicemanager/OWNERS +++ b/pkg/kubelet/cm/devicemanager/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - jiayingz - vishh diff --git a/pkg/kubelet/cm/devicemanager/manager.go b/pkg/kubelet/cm/devicemanager/manager.go index 31402ff33ba..355a223a4c6 100644 --- a/pkg/kubelet/cm/devicemanager/manager.go +++ b/pkg/kubelet/cm/devicemanager/manager.go @@ -311,10 +311,7 @@ func (m *ManagerImpl) isVersionCompatibleWithPlugin(versions []string) bool { return false } -// Allocate is the call that you can use to allocate a set of devices -// from the registered device plugins. -func (m *ManagerImpl) Allocate(node *schedulernodeinfo.NodeInfo, attrs *lifecycle.PodAdmitAttributes) error { - pod := attrs.Pod +func (m *ManagerImpl) allocatePodResources(pod *v1.Pod) error { devicesToReuse := make(map[string]sets.String) for _, container := range pod.Spec.InitContainers { if err := m.allocateContainerResources(pod, &container, devicesToReuse); err != nil { @@ -328,6 +325,18 @@ func (m *ManagerImpl) Allocate(node *schedulernodeinfo.NodeInfo, attrs *lifecycl } m.podDevices.removeContainerAllocatedResources(string(pod.UID), container.Name, devicesToReuse) } + return nil +} + +// Allocate is the call that you can use to allocate a set of devices +// from the registered device plugins. +func (m *ManagerImpl) Allocate(node *schedulernodeinfo.NodeInfo, attrs *lifecycle.PodAdmitAttributes) error { + pod := attrs.Pod + err := m.allocatePodResources(pod) + if err != nil { + klog.Errorf("Failed to allocate device plugin resource for pod %s: %v", string(pod.UID), err) + return err + } m.mutex.Lock() defer m.mutex.Unlock() @@ -345,6 +354,7 @@ func (m *ManagerImpl) Allocate(node *schedulernodeinfo.NodeInfo, attrs *lifecycl func (m *ManagerImpl) Register(ctx context.Context, r *pluginapi.RegisterRequest) (*pluginapi.Empty, error) { klog.Infof("Got registration request from device plugin with resource name %q", r.ResourceName) metrics.DevicePluginRegistrationCount.WithLabelValues(r.ResourceName).Inc() + metrics.DeprecatedDevicePluginRegistrationCount.WithLabelValues(r.ResourceName).Inc() var versionCompatible bool for _, v := range pluginapi.SupportedVersions { if r.Version == v { @@ -687,7 +697,8 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont // in a passed in AllocateRequest pointer, and issues a single Allocate call per pod. klog.V(3).Infof("Making allocation request for devices %v for device plugin %s", devs, resource) resp, err := eI.e.allocate(devs) - metrics.DevicePluginAllocationLatency.WithLabelValues(resource).Observe(metrics.SinceInMicroseconds(startRPCTime)) + metrics.DevicePluginAllocationDuration.WithLabelValues(resource).Observe(metrics.SinceInSeconds(startRPCTime)) + metrics.DeprecatedDevicePluginAllocationLatency.WithLabelValues(resource).Observe(metrics.SinceInMicroseconds(startRPCTime)) if err != nil { // In case of allocation failure, we want to restore m.allocatedDevices // to the actual allocated state from m.podDevices. @@ -717,6 +728,7 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont func (m *ManagerImpl) GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Container) (*DeviceRunContainerOptions, error) { podUID := string(pod.UID) contName := container.Name + needsReAllocate := false for k := range container.Resources.Limits { resource := string(k) if !m.isDevicePluginResource(resource) { @@ -726,6 +738,16 @@ func (m *ManagerImpl) GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Co if err != nil { return nil, err } + // This is a device plugin resource yet we don't have cached + // resource state. This is likely due to a race during node + // restart. We re-issue allocate request to cover this race. + if m.podDevices.containerDevices(podUID, contName, resource) == nil { + needsReAllocate = true + } + } + if needsReAllocate { + klog.V(2).Infof("needs re-allocate device plugin resources for pod %s", podUID) + m.allocatePodResources(pod) } m.mutex.Lock() defer m.mutex.Unlock() diff --git a/pkg/kubelet/cm/node_container_manager_linux.go b/pkg/kubelet/cm/node_container_manager_linux.go index 0820e783817..821fee6f0f4 100644 --- a/pkg/kubelet/cm/node_container_manager_linux.go +++ b/pkg/kubelet/cm/node_container_manager_linux.go @@ -28,6 +28,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/klog" "k8s.io/kubernetes/pkg/kubelet/events" + "k8s.io/kubernetes/pkg/kubelet/stats/pidlimit" kubetypes "k8s.io/kubernetes/pkg/kubelet/types" ) @@ -40,7 +41,7 @@ func (cm *containerManagerImpl) createNodeAllocatableCgroups() error { cgroupConfig := &CgroupConfig{ Name: cm.cgroupRoot, // The default limits for cpu shares can be very low which can lead to CPU starvation for pods. - ResourceParameters: getCgroupConfig(cm.capacity), + ResourceParameters: getCgroupConfig(cm.internalCapacity), } if cm.cgroupManager.Exists(cgroupConfig.Name) { return nil @@ -58,10 +59,10 @@ func (cm *containerManagerImpl) enforceNodeAllocatableCgroups() error { // We need to update limits on node allocatable cgroup no matter what because // default cpu shares on cgroups are low and can cause cpu starvation. - nodeAllocatable := cm.capacity + nodeAllocatable := cm.internalCapacity // Use Node Allocatable limits instead of capacity if the user requested enforcing node allocatable. if cm.CgroupsPerQOS && nc.EnforceNodeAllocatable.Has(kubetypes.NodeAllocatableEnforcementKey) { - nodeAllocatable = cm.getNodeAllocatableAbsolute() + nodeAllocatable = cm.getNodeAllocatableInternalAbsolute() } klog.V(4).Infof("Attempting to enforce Node Allocatable with config: %+v", nc) @@ -130,7 +131,7 @@ func enforceExistingCgroup(cgroupManager CgroupManager, cName CgroupName, rl v1. if cgroupConfig.ResourceParameters == nil { return fmt.Errorf("%q cgroup is not config properly", cgroupConfig.Name) } - klog.V(4).Infof("Enforcing limits on cgroup %q with %d cpu shares and %d bytes of memory", cName, cgroupConfig.ResourceParameters.CpuShares, cgroupConfig.ResourceParameters.Memory) + klog.V(4).Infof("Enforcing limits on cgroup %q with %d cpu shares, %d bytes of memory, and %d processes", cName, cgroupConfig.ResourceParameters.CpuShares, cgroupConfig.ResourceParameters.Memory, cgroupConfig.ResourceParameters.PidsLimit) if !cgroupManager.Exists(cgroupConfig.Name) { return fmt.Errorf("%q cgroup does not exist", cgroupConfig.Name) } @@ -157,6 +158,10 @@ func getCgroupConfig(rl v1.ResourceList) *ResourceConfig { val := MilliCPUToShares(q.MilliValue()) rc.CpuShares = &val } + if q, exists := rl[pidlimit.PIDs]; exists { + val := q.Value() + rc.PidsLimit = &val + } rc.HugePageLimit = HugePageLimits(rl) return &rc @@ -166,8 +171,12 @@ func getCgroupConfig(rl v1.ResourceList) *ResourceConfig { // Note that not all resources that are available on the node are included in the returned list of resources. // Returns a ResourceList. func (cm *containerManagerImpl) getNodeAllocatableAbsolute() v1.ResourceList { + return cm.getNodeAllocatableAbsoluteImpl(cm.capacity) +} + +func (cm *containerManagerImpl) getNodeAllocatableAbsoluteImpl(capacity v1.ResourceList) v1.ResourceList { result := make(v1.ResourceList) - for k, v := range cm.capacity { + for k, v := range capacity { value := *(v.Copy()) if cm.NodeConfig.SystemReserved != nil { value.Sub(cm.NodeConfig.SystemReserved[k]) @@ -182,7 +191,13 @@ func (cm *containerManagerImpl) getNodeAllocatableAbsolute() v1.ResourceList { result[k] = value } return result +} +// getNodeAllocatableInternalAbsolute is similar to getNodeAllocatableAbsolute except that +// it also includes internal resources (currently process IDs). It is intended for setting +// up top level cgroups only. +func (cm *containerManagerImpl) getNodeAllocatableInternalAbsolute() v1.ResourceList { + return cm.getNodeAllocatableAbsoluteImpl(cm.internalCapacity) } // GetNodeAllocatableReservation returns amount of compute or storage resource that have to be reserved on this node from scheduling. diff --git a/pkg/kubelet/cm/pod_container_manager_linux.go b/pkg/kubelet/cm/pod_container_manager_linux.go index b91c5babe92..f0bf4df880b 100644 --- a/pkg/kubelet/cm/pod_container_manager_linux.go +++ b/pkg/kubelet/cm/pod_container_manager_linux.go @@ -87,7 +87,7 @@ func (m *podContainerManagerImpl) EnsureExists(pod *v1.Pod) error { ResourceParameters: ResourceConfigForPod(pod, m.enforceCPULimits, m.cpuCFSQuotaPeriod), } if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && m.podPidsLimit > 0 { - containerConfig.ResourceParameters.PodPidsLimit = &m.podPidsLimit + containerConfig.ResourceParameters.PidsLimit = &m.podPidsLimit } if err := m.cgroupManager.Create(containerConfig); err != nil { return fmt.Errorf("failed to create container for %v : %v", podContainerName, err) diff --git a/pkg/kubelet/cm/types.go b/pkg/kubelet/cm/types.go index 2e60d8a8fde..e6011797443 100644 --- a/pkg/kubelet/cm/types.go +++ b/pkg/kubelet/cm/types.go @@ -34,7 +34,7 @@ type ResourceConfig struct { // HugePageLimit map from page size (in bytes) to limit (in bytes) HugePageLimit map[int64]int64 // Maximum number of pids - PodPidsLimit *int64 + PidsLimit *int64 } // CgroupName is the abstract name of a cgroup prior to any driver specific conversion. diff --git a/pkg/kubelet/container/BUILD b/pkg/kubelet/container/BUILD index 3995b79805a..dfb9cdd2591 100644 --- a/pkg/kubelet/container/BUILD +++ b/pkg/kubelet/container/BUILD @@ -29,6 +29,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", "//staging/src/k8s.io/client-go/tools/reference:go_default_library", "//staging/src/k8s.io/client-go/tools/remotecommand:go_default_library", diff --git a/pkg/kubelet/container/helpers.go b/pkg/kubelet/container/helpers.go index 10d848a2d87..ddd414894ca 100644 --- a/pkg/kubelet/container/helpers.go +++ b/pkg/kubelet/container/helpers.go @@ -27,6 +27,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/client-go/tools/record" runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" "k8s.io/kubernetes/pkg/kubelet/util/format" @@ -130,9 +131,22 @@ func ExpandContainerCommandOnlyStatic(containerCommand []string, envs []v1.EnvVa return command } -func ExpandContainerVolumeMounts(mount v1.VolumeMount, envs []EnvVar) (expandedSubpath string) { - mapping := expansion.MappingFuncFor(EnvVarsToMap(envs)) - return expansion.Expand(mount.SubPath, mapping) +func ExpandContainerVolumeMounts(mount v1.VolumeMount, envs []EnvVar) (string, error) { + + envmap := EnvVarsToMap(envs) + missingKeys := sets.NewString() + expanded := expansion.Expand(mount.SubPathExpr, func(key string) string { + value, ok := envmap[key] + if !ok || len(value) == 0 { + missingKeys.Insert(key) + } + return value + }) + + if len(missingKeys) > 0 { + return "", fmt.Errorf("missing value for %s", strings.Join(missingKeys.List(), ", ")) + } + return expanded, nil } func ExpandContainerCommandAndArgs(container *v1.Container, envs []EnvVar) (command []string, args []string) { diff --git a/pkg/kubelet/container/helpers_test.go b/pkg/kubelet/container/helpers_test.go index d6c2792c60b..5a658241b3c 100644 --- a/pkg/kubelet/container/helpers_test.go +++ b/pkg/kubelet/container/helpers_test.go @@ -145,19 +145,21 @@ func TestExpandVolumeMountsWithSubpath(t *testing.T) { envs []EnvVar expectedSubPath string expectedMountPath string + expectedOk bool }{ { name: "subpath with no expansion", container: &v1.Container{ - VolumeMounts: []v1.VolumeMount{{SubPath: "foo"}}, + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "foo"}}, }, expectedSubPath: "foo", expectedMountPath: "", + expectedOk: true, }, { name: "volumes with expanded subpath", container: &v1.Container{ - VolumeMounts: []v1.VolumeMount{{SubPath: "foo/$(POD_NAME)"}}, + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "foo/$(POD_NAME)"}}, }, envs: []EnvVar{ { @@ -167,11 +169,12 @@ func TestExpandVolumeMountsWithSubpath(t *testing.T) { }, expectedSubPath: "foo/bar", expectedMountPath: "", + expectedOk: true, }, { name: "volumes expanded with empty subpath", container: &v1.Container{ - VolumeMounts: []v1.VolumeMount{{SubPath: ""}}, + VolumeMounts: []v1.VolumeMount{{SubPathExpr: ""}}, }, envs: []EnvVar{ { @@ -181,19 +184,21 @@ func TestExpandVolumeMountsWithSubpath(t *testing.T) { }, expectedSubPath: "", expectedMountPath: "", + expectedOk: true, }, { name: "volumes expanded with no envs subpath", container: &v1.Container{ - VolumeMounts: []v1.VolumeMount{{SubPath: "/foo/$(POD_NAME)"}}, + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "/foo/$(POD_NAME)"}}, }, expectedSubPath: "/foo/$(POD_NAME)", expectedMountPath: "", + expectedOk: false, }, { name: "volumes expanded with leading environment variable", container: &v1.Container{ - VolumeMounts: []v1.VolumeMount{{SubPath: "$(POD_NAME)/bar"}}, + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "$(POD_NAME)/bar"}}, }, envs: []EnvVar{ { @@ -203,11 +208,12 @@ func TestExpandVolumeMountsWithSubpath(t *testing.T) { }, expectedSubPath: "foo/bar", expectedMountPath: "", + expectedOk: true, }, { name: "volumes with volume and subpath", container: &v1.Container{ - VolumeMounts: []v1.VolumeMount{{MountPath: "/foo", SubPath: "$(POD_NAME)/bar"}}, + VolumeMounts: []v1.VolumeMount{{MountPath: "/foo", SubPathExpr: "$(POD_NAME)/bar"}}, }, envs: []EnvVar{ { @@ -217,6 +223,7 @@ func TestExpandVolumeMountsWithSubpath(t *testing.T) { }, expectedSubPath: "foo/bar", expectedMountPath: "/foo", + expectedOk: true, }, { name: "volumes with volume and no subpath", @@ -231,11 +238,78 @@ func TestExpandVolumeMountsWithSubpath(t *testing.T) { }, expectedSubPath: "", expectedMountPath: "/foo", + expectedOk: true, + }, + { + name: "subpaths with empty environment variable", + container: &v1.Container{ + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "foo/$(POD_NAME)/$(ANNOTATION)"}}, + }, + envs: []EnvVar{ + { + Name: "ANNOTATION", + Value: "", + }, + }, + expectedSubPath: "foo/$(POD_NAME)/$(ANNOTATION)", + expectedMountPath: "", + expectedOk: false, + }, + { + name: "subpaths with missing env variables", + container: &v1.Container{ + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "foo/$(ODD_NAME)/$(POD_NAME)"}}, + }, + envs: []EnvVar{ + { + Name: "ODD_NAME", + Value: "bar", + }, + }, + expectedSubPath: "foo/$(ODD_NAME)/$(POD_NAME)", + expectedMountPath: "", + expectedOk: false, + }, + { + name: "subpaths with empty expansion", + container: &v1.Container{ + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "$()"}}, + }, + expectedSubPath: "$()", + expectedMountPath: "", + expectedOk: false, + }, + { + name: "subpaths with nested expandable envs", + container: &v1.Container{ + VolumeMounts: []v1.VolumeMount{{SubPathExpr: "$(POD_NAME$(ANNOTATION))"}}, + }, + envs: []EnvVar{ + { + Name: "POD_NAME", + Value: "foo", + }, + { + Name: "ANNOTATION", + Value: "bar", + }, + }, + expectedSubPath: "$(POD_NAME$(ANNOTATION))", + expectedMountPath: "", + expectedOk: false, }, } for _, tc := range cases { - actualSubPath := ExpandContainerVolumeMounts(tc.container.VolumeMounts[0], tc.envs) + actualSubPath, err := ExpandContainerVolumeMounts(tc.container.VolumeMounts[0], tc.envs) + ok := err == nil + if e, a := tc.expectedOk, ok; !reflect.DeepEqual(e, a) { + t.Errorf("%v: unexpected validation failure of subpath; expected %v, got %v", tc.name, e, a) + } + if !ok { + // if ExpandContainerVolumeMounts returns an error, we don't care what the actualSubPath value is + continue + } if e, a := tc.expectedSubPath, actualSubPath; !reflect.DeepEqual(e, a) { t.Errorf("%v: unexpected subpath; expected %v, got %v", tc.name, e, a) } diff --git a/pkg/kubelet/container/runtime.go b/pkg/kubelet/container/runtime.go index 64ebad5f0a3..cebd987858c 100644 --- a/pkg/kubelet/container/runtime.go +++ b/pkg/kubelet/container/runtime.go @@ -98,17 +98,6 @@ type Runtime interface { // GetPodStatus retrieves the status of the pod, including the // information of all containers in the pod that are visible in Runtime. GetPodStatus(uid types.UID, name, namespace string) (*PodStatus, error) - // Returns the filesystem path of the pod's network namespace; if the - // runtime does not handle namespace creation itself, or cannot return - // the network namespace path, it should return an error. - // TODO: Change ContainerID to a Pod ID since the namespace is shared - // by all containers in the pod. - GetNetNS(containerID ContainerID) (string, error) - // Returns the container ID that represents the Pod, as passed to network - // plugins. For example, if the runtime uses an infra container, returns - // the infra container's ContainerID. - // TODO: Change ContainerID to a Pod ID, see GetNetNS() - GetPodContainerID(*Pod) (ContainerID, error) // TODO(vmarmol): Unify pod and containerID args. // GetContainerLogs returns logs of a specific container. By // default, it returns a snapshot of the container log. Set 'follow' to true to diff --git a/pkg/kubelet/container/testing/fake_runtime.go b/pkg/kubelet/container/testing/fake_runtime.go index 01cc606dc69..767f0a2bb8b 100644 --- a/pkg/kubelet/container/testing/fake_runtime.go +++ b/pkg/kubelet/container/testing/fake_runtime.go @@ -345,31 +345,6 @@ func (f *FakeRuntime) RemoveImage(image ImageSpec) error { return f.Err } -func (f *FakeRuntime) GetNetNS(containerID ContainerID) (string, error) { - f.Lock() - defer f.Unlock() - - f.CalledFunctions = append(f.CalledFunctions, "GetNetNS") - - for _, fp := range f.AllPodList { - for _, c := range fp.Pod.Containers { - if c.ID == containerID { - return fp.NetnsPath, nil - } - } - } - - return "", f.Err -} - -func (f *FakeRuntime) GetPodContainerID(pod *Pod) (ContainerID, error) { - f.Lock() - defer f.Unlock() - - f.CalledFunctions = append(f.CalledFunctions, "GetPodContainerID") - return ContainerID{}, f.Err -} - func (f *FakeRuntime) GarbageCollect(gcPolicy ContainerGCPolicy, ready bool, evictNonDeletedPods bool) error { f.Lock() defer f.Unlock() diff --git a/pkg/kubelet/container/testing/runtime_mock.go b/pkg/kubelet/container/testing/runtime_mock.go index 5edc0d32c6f..a9d455cfd09 100644 --- a/pkg/kubelet/container/testing/runtime_mock.go +++ b/pkg/kubelet/container/testing/runtime_mock.go @@ -132,16 +132,6 @@ func (r *Mock) PortForward(pod *Pod, port uint16, stream io.ReadWriteCloser) err return args.Error(0) } -func (r *Mock) GetNetNS(containerID ContainerID) (string, error) { - args := r.Called(containerID) - return "", args.Error(0) -} - -func (r *Mock) GetPodContainerID(pod *Pod) (ContainerID, error) { - args := r.Called(pod) - return ContainerID{}, args.Error(0) -} - func (r *Mock) GarbageCollect(gcPolicy ContainerGCPolicy, ready bool, evictNonDeletedPods bool) error { args := r.Called(gcPolicy, ready, evictNonDeletedPods) return args.Error(0) diff --git a/pkg/kubelet/dockershim/docker_checkpoint.go b/pkg/kubelet/dockershim/docker_checkpoint.go index e44f0bd62f2..24769dd69d6 100644 --- a/pkg/kubelet/dockershim/docker_checkpoint.go +++ b/pkg/kubelet/dockershim/docker_checkpoint.go @@ -47,6 +47,8 @@ type PortMapping struct { ContainerPort *int32 `json:"container_port,omitempty"` // Port number on the host. HostPort *int32 `json:"host_port,omitempty"` + // Host ip to expose. + HostIP string `json:"host_ip,omitempty"` } // CheckpointData contains all types of data that can be stored in the checkpoint. diff --git a/pkg/kubelet/dockershim/docker_sandbox.go b/pkg/kubelet/dockershim/docker_sandbox.go index 01d7f9b4951..d72712f0774 100644 --- a/pkg/kubelet/dockershim/docker_sandbox.go +++ b/pkg/kubelet/dockershim/docker_sandbox.go @@ -672,6 +672,7 @@ func constructPodSandboxCheckpoint(config *runtimeapi.PodSandboxConfig) checkpoi HostPort: &pm.HostPort, ContainerPort: &pm.ContainerPort, Protocol: &proto, + HostIP: pm.HostIp, }) } if config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetNetwork() == runtimeapi.NamespaceMode_NODE { diff --git a/pkg/kubelet/dockershim/docker_service.go b/pkg/kubelet/dockershim/docker_service.go index 97f6543c4bb..1baa9a50183 100644 --- a/pkg/kubelet/dockershim/docker_service.go +++ b/pkg/kubelet/dockershim/docker_service.go @@ -387,6 +387,7 @@ func (ds *dockerService) GetPodPortMappings(podSandboxID string) ([]*hostport.Po HostPort: *pm.HostPort, ContainerPort: *pm.ContainerPort, Protocol: proto, + HostIP: pm.HostIP, }) } return portMappings, nil diff --git a/pkg/kubelet/dockershim/libdocker/instrumented_client.go b/pkg/kubelet/dockershim/libdocker/instrumented_client.go index 78a0d696481..29c0f9e6b86 100644 --- a/pkg/kubelet/dockershim/libdocker/instrumented_client.go +++ b/pkg/kubelet/dockershim/libdocker/instrumented_client.go @@ -42,7 +42,9 @@ func NewInstrumentedInterface(dockerClient Interface) Interface { // recordOperation records the duration of the operation. func recordOperation(operation string, start time.Time) { metrics.DockerOperations.WithLabelValues(operation).Inc() - metrics.DockerOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInMicroseconds(start)) + metrics.DeprecatedDockerOperations.WithLabelValues(operation).Inc() + metrics.DockerOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInSeconds(start)) + metrics.DeprecatedDockerOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInMicroseconds(start)) } // recordError records error for metric if an error occurred. @@ -50,9 +52,11 @@ func recordError(operation string, err error) { if err != nil { if _, ok := err.(operationTimeout); ok { metrics.DockerOperationsTimeout.WithLabelValues(operation).Inc() + metrics.DeprecatedDockerOperationsTimeout.WithLabelValues(operation).Inc() } // Docker operation timeout error is also a docker error, so we don't add else here. metrics.DockerOperationsErrors.WithLabelValues(operation).Inc() + metrics.DeprecatedDockerOperationsErrors.WithLabelValues(operation).Inc() } } diff --git a/pkg/kubelet/dockershim/metrics/metrics.go b/pkg/kubelet/dockershim/metrics/metrics.go index 907647970d5..d36eeba473d 100644 --- a/pkg/kubelet/dockershim/metrics/metrics.go +++ b/pkg/kubelet/dockershim/metrics/metrics.go @@ -25,13 +25,22 @@ import ( const ( // DockerOperationsKey is the key for docker operation metrics. - DockerOperationsKey = "docker_operations" + DockerOperationsKey = "docker_operations_total" // DockerOperationsLatencyKey is the key for the operation latency metrics. - DockerOperationsLatencyKey = "docker_operations_latency_microseconds" + DockerOperationsLatencyKey = "docker_operations_latency_seconds" // DockerOperationsErrorsKey is the key for the operation error metrics. - DockerOperationsErrorsKey = "docker_operations_errors" + DockerOperationsErrorsKey = "docker_operations_errors_total" // DockerOperationsTimeoutKey is the key for the operation timeout metrics. - DockerOperationsTimeoutKey = "docker_operations_timeout" + DockerOperationsTimeoutKey = "docker_operations_timeout_total" + + // DeprecatedDockerOperationsKey is the deprecated key for docker operation metrics. + DeprecatedDockerOperationsKey = "docker_operations" + // DeprecatedDockerOperationsLatencyKey is the deprecated key for the operation latency metrics. + DeprecatedDockerOperationsLatencyKey = "docker_operations_latency_microseconds" + // DeprecatedDockerOperationsErrorsKey is the deprecated key for the operation error metrics. + DeprecatedDockerOperationsErrorsKey = "docker_operations_errors" + // DeprecatedDockerOperationsTimeoutKey is the deprecated key for the operation timeout metrics. + DeprecatedDockerOperationsTimeoutKey = "docker_operations_timeout" // Keep the "kubelet" subsystem for backward compatibility. kubeletSubsystem = "kubelet" @@ -40,11 +49,12 @@ const ( var ( // DockerOperationsLatency collects operation latency numbers by operation // type. - DockerOperationsLatency = prometheus.NewSummaryVec( - prometheus.SummaryOpts{ + DockerOperationsLatency = prometheus.NewHistogramVec( + prometheus.HistogramOpts{ Subsystem: kubeletSubsystem, Name: DockerOperationsLatencyKey, - Help: "Latency in microseconds of Docker operations. Broken down by operation type.", + Help: "Latency in seconds of Docker operations. Broken down by operation type.", + Buckets: prometheus.DefBuckets, }, []string{"operation_type"}, ) @@ -76,6 +86,45 @@ var ( }, []string{"operation_type"}, ) + + // DeprecatedDockerOperationsLatency collects operation latency numbers by operation + // type. + DeprecatedDockerOperationsLatency = prometheus.NewSummaryVec( + prometheus.SummaryOpts{ + Subsystem: kubeletSubsystem, + Name: DeprecatedDockerOperationsLatencyKey, + Help: "(Deprecated) Latency in microseconds of Docker operations. Broken down by operation type.", + }, + []string{"operation_type"}, + ) + // DeprecatedDockerOperations collects operation counts by operation type. + DeprecatedDockerOperations = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: kubeletSubsystem, + Name: DeprecatedDockerOperationsKey, + Help: "(Deprecated) Cumulative number of Docker operations by operation type.", + }, + []string{"operation_type"}, + ) + // DeprecatedDockerOperationsErrors collects operation errors by operation + // type. + DeprecatedDockerOperationsErrors = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: kubeletSubsystem, + Name: DeprecatedDockerOperationsErrorsKey, + Help: "(Deprecated) Cumulative number of Docker operation errors by operation type.", + }, + []string{"operation_type"}, + ) + // DeprecatedDockerOperationsTimeout collects operation timeouts by operation type. + DeprecatedDockerOperationsTimeout = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: kubeletSubsystem, + Name: DeprecatedDockerOperationsTimeoutKey, + Help: "(Deprecated) Cumulative number of Docker operation timeout by operation type.", + }, + []string{"operation_type"}, + ) ) var registerMetrics sync.Once @@ -87,6 +136,10 @@ func Register() { prometheus.MustRegister(DockerOperations) prometheus.MustRegister(DockerOperationsErrors) prometheus.MustRegister(DockerOperationsTimeout) + prometheus.MustRegister(DeprecatedDockerOperationsLatency) + prometheus.MustRegister(DeprecatedDockerOperations) + prometheus.MustRegister(DeprecatedDockerOperationsErrors) + prometheus.MustRegister(DeprecatedDockerOperationsTimeout) }) } @@ -94,3 +147,8 @@ func Register() { func SinceInMicroseconds(start time.Time) float64 { return float64(time.Since(start).Nanoseconds() / time.Microsecond.Nanoseconds()) } + +// SinceInSeconds gets the time since the specified start in seconds. +func SinceInSeconds(start time.Time) float64 { + return time.Since(start).Seconds() +} diff --git a/pkg/kubelet/dockershim/network/OWNERS b/pkg/kubelet/dockershim/network/OWNERS index 73c2c95f9a3..358b5e2b627 100644 --- a/pkg/kubelet/dockershim/network/OWNERS +++ b/pkg/kubelet/dockershim/network/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin - dchen1107 @@ -6,4 +8,5 @@ approvers: - dcbw reviewers: - sig-network-reviewers - +labels: +- sig/network diff --git a/pkg/kubelet/dockershim/network/cni/cni_test.go b/pkg/kubelet/dockershim/network/cni/cni_test.go index 0fbe58ad715..241bd1fca5c 100644 --- a/pkg/kubelet/dockershim/network/cni/cni_test.go +++ b/pkg/kubelet/dockershim/network/cni/cni_test.go @@ -121,16 +121,14 @@ func tearDownPlugin(tmpDir string) { type fakeNetworkHost struct { networktest.FakePortMappingGetter kubeClient clientset.Interface - runtime kubecontainer.Runtime + pods []*containertest.FakePod } func NewFakeHost(kubeClient clientset.Interface, pods []*containertest.FakePod, ports map[string][]*hostport.PortMapping) *fakeNetworkHost { host := &fakeNetworkHost{ networktest.FakePortMappingGetter{PortMaps: ports}, kubeClient, - &containertest.FakeRuntime{ - AllPodList: pods, - }, + pods, } return host } @@ -143,12 +141,15 @@ func (fnh *fakeNetworkHost) GetKubeClient() clientset.Interface { return fnh.kubeClient } -func (fnh *fakeNetworkHost) GetRuntime() kubecontainer.Runtime { - return fnh.runtime -} - func (fnh *fakeNetworkHost) GetNetNS(containerID string) (string, error) { - return fnh.GetRuntime().GetNetNS(kubecontainer.ContainerID{Type: "test", ID: containerID}) + for _, fp := range fnh.pods { + for _, c := range fp.Pod.Containers { + if c.ID.ID == containerID { + return fp.NetnsPath, nil + } + } + } + return "", fmt.Errorf("container %q not found", containerID) } func (fnh *fakeNetworkHost) SupportsLegacyFeatures() bool { diff --git a/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go index b7e036ff8aa..0c50149a98c 100644 --- a/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go +++ b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go @@ -221,7 +221,6 @@ func TestTearDownWithoutRuntime(t *testing.T) { for _, tc := range testCases { fhost := nettest.NewFakeHost(nil) fhost.Legacy = false - fhost.Runtime = nil mockcni := &mock_cni.MockCNI{} fexec := &fakeexec.FakeExec{ diff --git a/pkg/kubelet/dockershim/network/metrics/metrics.go b/pkg/kubelet/dockershim/network/metrics/metrics.go index 9e4ff185517..b7cc13c88e4 100644 --- a/pkg/kubelet/dockershim/network/metrics/metrics.go +++ b/pkg/kubelet/dockershim/network/metrics/metrics.go @@ -27,7 +27,9 @@ const ( // NetworkPluginOperationsKey is the key for operation count metrics. NetworkPluginOperationsKey = "network_plugin_operations" // NetworkPluginOperationsLatencyKey is the key for the operation latency metrics. - NetworkPluginOperationsLatencyKey = "network_plugin_operations_latency_microseconds" + NetworkPluginOperationsLatencyKey = "network_plugin_operations_latency_seconds" + // DeprecatedNetworkPluginOperationsLatencyKey is the deprecated key for the operation latency metrics. + DeprecatedNetworkPluginOperationsLatencyKey = "network_plugin_operations_latency_microseconds" // Keep the "kubelet" subsystem for backward compatibility. kubeletSubsystem = "kubelet" @@ -36,11 +38,23 @@ const ( var ( // NetworkPluginOperationsLatency collects operation latency numbers by operation // type. - NetworkPluginOperationsLatency = prometheus.NewSummaryVec( - prometheus.SummaryOpts{ + NetworkPluginOperationsLatency = prometheus.NewHistogramVec( + prometheus.HistogramOpts{ Subsystem: kubeletSubsystem, Name: NetworkPluginOperationsLatencyKey, - Help: "Latency in microseconds of network plugin operations. Broken down by operation type.", + Help: "Latency in seconds of network plugin operations. Broken down by operation type.", + Buckets: prometheus.DefBuckets, + }, + []string{"operation_type"}, + ) + + // DeprecatedNetworkPluginOperationsLatency collects operation latency numbers by operation + // type. + DeprecatedNetworkPluginOperationsLatency = prometheus.NewSummaryVec( + prometheus.SummaryOpts{ + Subsystem: kubeletSubsystem, + Name: DeprecatedNetworkPluginOperationsLatencyKey, + Help: "(Deprecated) Latency in microseconds of network plugin operations. Broken down by operation type.", }, []string{"operation_type"}, ) @@ -52,6 +66,7 @@ var registerMetrics sync.Once func Register() { registerMetrics.Do(func() { prometheus.MustRegister(NetworkPluginOperationsLatency) + prometheus.MustRegister(DeprecatedNetworkPluginOperationsLatency) }) } @@ -59,3 +74,8 @@ func Register() { func SinceInMicroseconds(start time.Time) float64 { return float64(time.Since(start).Nanoseconds() / time.Microsecond.Nanoseconds()) } + +// SinceInSeconds gets the time since the specified start in seconds. +func SinceInSeconds(start time.Time) float64 { + return time.Since(start).Seconds() +} diff --git a/pkg/kubelet/dockershim/network/plugins.go b/pkg/kubelet/dockershim/network/plugins.go index c67c1a355b6..bc1173b3ff2 100644 --- a/pkg/kubelet/dockershim/network/plugins.go +++ b/pkg/kubelet/dockershim/network/plugins.go @@ -351,7 +351,8 @@ func (pm *PluginManager) podUnlock(fullPodName string) { // recordOperation records operation and duration func recordOperation(operation string, start time.Time) { - metrics.NetworkPluginOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInMicroseconds(start)) + metrics.NetworkPluginOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInSeconds(start)) + metrics.DeprecatedNetworkPluginOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInMicroseconds(start)) } func (pm *PluginManager) GetPodNetworkStatus(podNamespace, podName string, id kubecontainer.ContainerID) (*PodNetworkStatus, error) { diff --git a/pkg/kubelet/dockershim/network/testing/BUILD b/pkg/kubelet/dockershim/network/testing/BUILD index 5fb15b3d46e..5000d267500 100644 --- a/pkg/kubelet/dockershim/network/testing/BUILD +++ b/pkg/kubelet/dockershim/network/testing/BUILD @@ -16,7 +16,6 @@ go_library( deps = [ "//pkg/kubelet/apis/config:go_default_library", "//pkg/kubelet/container:go_default_library", - "//pkg/kubelet/container/testing:go_default_library", "//pkg/kubelet/dockershim/network:go_default_library", "//pkg/kubelet/dockershim/network/hostport:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", diff --git a/pkg/kubelet/dockershim/network/testing/fake_host.go b/pkg/kubelet/dockershim/network/testing/fake_host.go index 71dbf1d072b..c2e3b65cbe7 100644 --- a/pkg/kubelet/dockershim/network/testing/fake_host.go +++ b/pkg/kubelet/dockershim/network/testing/fake_host.go @@ -22,8 +22,6 @@ package testing import ( "k8s.io/api/core/v1" clientset "k8s.io/client-go/kubernetes" - kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" - containertest "k8s.io/kubernetes/pkg/kubelet/container/testing" "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport" ) @@ -32,11 +30,10 @@ type fakeNetworkHost struct { FakePortMappingGetter kubeClient clientset.Interface Legacy bool - Runtime *containertest.FakeRuntime } func NewFakeHost(kubeClient clientset.Interface) *fakeNetworkHost { - host := &fakeNetworkHost{kubeClient: kubeClient, Legacy: true, Runtime: &containertest.FakeRuntime{}} + host := &fakeNetworkHost{kubeClient: kubeClient, Legacy: true} return host } @@ -48,10 +45,6 @@ func (fnh *fakeNetworkHost) GetKubeClient() clientset.Interface { return nil } -func (nh *fakeNetworkHost) GetRuntime() kubecontainer.Runtime { - return nh.Runtime -} - func (nh *fakeNetworkHost) SupportsLegacyFeatures() bool { return nh.Legacy } diff --git a/pkg/kubelet/eviction/OWNERS b/pkg/kubelet/eviction/OWNERS index a63babacba3..44027eec1b6 100644 --- a/pkg/kubelet/eviction/OWNERS +++ b/pkg/kubelet/eviction/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - derekwaynecarr - vishh diff --git a/pkg/kubelet/eviction/eviction_manager.go b/pkg/kubelet/eviction/eviction_manager.go index 801fc8106fa..2ecabf8194a 100644 --- a/pkg/kubelet/eviction/eviction_manager.go +++ b/pkg/kubelet/eviction/eviction_manager.go @@ -361,7 +361,8 @@ func (m *managerImpl) synchronize(diskInfoProvider DiskInfoProvider, podFunc Act for _, t := range thresholds { timeObserved := observations[t.Signal].time if !timeObserved.IsZero() { - metrics.EvictionStatsAge.WithLabelValues(string(t.Signal)).Observe(metrics.SinceInMicroseconds(timeObserved.Time)) + metrics.EvictionStatsAge.WithLabelValues(string(t.Signal)).Observe(metrics.SinceInSeconds(timeObserved.Time)) + metrics.DeprecatedEvictionStatsAge.WithLabelValues(string(t.Signal)).Observe(metrics.SinceInMicroseconds(timeObserved.Time)) } } diff --git a/pkg/kubelet/images/image_manager.go b/pkg/kubelet/images/image_manager.go index 39c85133cc1..dc2f24c6154 100644 --- a/pkg/kubelet/images/image_manager.go +++ b/pkg/kubelet/images/image_manager.go @@ -20,7 +20,7 @@ import ( "fmt" dockerref "github.com/docker/distribution/reference" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/client-go/tools/record" "k8s.io/client-go/util/flowcontrol" "k8s.io/klog" @@ -127,7 +127,7 @@ func (m *imageManager) EnsureImageExists(pod *v1.Pod, container *v1.Container, p m.logIt(ref, v1.EventTypeNormal, events.BackOffPullImage, logPrefix, msg, klog.Info) return "", msg, ErrImagePullBackOff } - m.logIt(ref, v1.EventTypeNormal, events.PullingImage, logPrefix, fmt.Sprintf("pulling image %q", container.Image), klog.Info) + m.logIt(ref, v1.EventTypeNormal, events.PullingImage, logPrefix, fmt.Sprintf("Pulling image %q", container.Image), klog.Info) pullChan := make(chan pullResult) m.puller.pullImage(spec, pullSecrets, pullChan, podSandboxConfig) imagePullResult := <-pullChan diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go index bb00c21a946..b413304c377 100644 --- a/pkg/kubelet/kubelet.go +++ b/pkg/kubelet/kubelet.go @@ -1500,7 +1500,8 @@ func (kl *Kubelet) syncPod(o syncPodOptions) error { if !firstSeenTime.IsZero() { // This is the first time we are syncing the pod. Record the latency // since kubelet first saw the pod if firstSeenTime is set. - metrics.PodWorkerStartLatency.Observe(metrics.SinceInMicroseconds(firstSeenTime)) + metrics.PodWorkerStartDuration.Observe(metrics.SinceInSeconds(firstSeenTime)) + metrics.DeprecatedPodWorkerStartLatency.Observe(metrics.SinceInMicroseconds(firstSeenTime)) } else { klog.V(3).Infof("First seen time not recorded for pod %q", pod.UID) } @@ -1517,7 +1518,8 @@ func (kl *Kubelet) syncPod(o syncPodOptions) error { existingStatus, ok := kl.statusManager.GetPodStatus(pod.UID) if !ok || existingStatus.Phase == v1.PodPending && apiPodStatus.Phase == v1.PodRunning && !firstSeenTime.IsZero() { - metrics.PodStartLatency.Observe(metrics.SinceInMicroseconds(firstSeenTime)) + metrics.PodStartDuration.Observe(metrics.SinceInSeconds(firstSeenTime)) + metrics.DeprecatedPodStartLatency.Observe(metrics.SinceInMicroseconds(firstSeenTime)) } runnable := kl.canRunPod(pod) @@ -1996,7 +1998,8 @@ func (kl *Kubelet) dispatchWork(pod *v1.Pod, syncType kubetypes.SyncPodType, mir UpdateType: syncType, OnCompleteFunc: func(err error) { if err != nil { - metrics.PodWorkerLatency.WithLabelValues(syncType.String()).Observe(metrics.SinceInMicroseconds(start)) + metrics.PodWorkerDuration.WithLabelValues(syncType.String()).Observe(metrics.SinceInSeconds(start)) + metrics.DeprecatedPodWorkerLatency.WithLabelValues(syncType.String()).Observe(metrics.SinceInMicroseconds(start)) } }, }) diff --git a/pkg/kubelet/kubelet_node_status.go b/pkg/kubelet/kubelet_node_status.go index bc86e4d0060..87e39a0b6db 100644 --- a/pkg/kubelet/kubelet_node_status.go +++ b/pkg/kubelet/kubelet_node_status.go @@ -134,6 +134,7 @@ func (kl *Kubelet) reconcileExtendedResource(initialNode, node *v1.Node) bool { requiresUpdate := false for k := range node.Status.Capacity { if v1helper.IsExtendedResourceName(k) { + klog.Infof("Zero out resource %s capacity in existing node.", k) node.Status.Capacity[k] = *resource.NewQuantity(int64(0), resource.DecimalSI) node.Status.Allocatable[k] = *resource.NewQuantity(int64(0), resource.DecimalSI) requiresUpdate = true @@ -145,14 +146,14 @@ func (kl *Kubelet) reconcileExtendedResource(initialNode, node *v1.Node) bool { // updateDefaultLabels will set the default labels on the node func (kl *Kubelet) updateDefaultLabels(initialNode, existingNode *v1.Node) bool { defaultLabels := []string{ - kubeletapis.LabelHostname, - kubeletapis.LabelZoneFailureDomain, - kubeletapis.LabelZoneRegion, - kubeletapis.LabelInstanceType, + v1.LabelHostname, + v1.LabelZoneFailureDomain, + v1.LabelZoneRegion, + v1.LabelInstanceType, + v1.LabelOSStable, + v1.LabelArchStable, kubeletapis.LabelOS, kubeletapis.LabelArch, - kubeletapis.LegacyLabelOS, - kubeletapis.LegacyLabelArch, } needsUpdate := false @@ -215,11 +216,11 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) { ObjectMeta: metav1.ObjectMeta{ Name: string(kl.nodeName), Labels: map[string]string{ - kubeletapis.LabelHostname: kl.hostname, - kubeletapis.LabelOS: goruntime.GOOS, - kubeletapis.LabelArch: goruntime.GOARCH, - kubeletapis.LegacyLabelOS: goruntime.GOOS, - kubeletapis.LegacyLabelArch: goruntime.GOARCH, + v1.LabelHostname: kl.hostname, + v1.LabelOSStable: goruntime.GOOS, + v1.LabelArchStable: goruntime.GOARCH, + kubeletapis.LabelOS: goruntime.GOOS, + kubeletapis.LabelArch: goruntime.GOARCH, }, }, Spec: v1.NodeSpec{ @@ -327,8 +328,8 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) { return nil, err } if instanceType != "" { - klog.Infof("Adding node label from cloud provider: %s=%s", kubeletapis.LabelInstanceType, instanceType) - node.ObjectMeta.Labels[kubeletapis.LabelInstanceType] = instanceType + klog.Infof("Adding node label from cloud provider: %s=%s", v1.LabelInstanceType, instanceType) + node.ObjectMeta.Labels[v1.LabelInstanceType] = instanceType } // If the cloud has zone information, label the node with the zone information zones, ok := kl.cloud.Zones() @@ -338,12 +339,12 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) { return nil, fmt.Errorf("failed to get zone from cloud provider: %v", err) } if zone.FailureDomain != "" { - klog.Infof("Adding node label from cloud provider: %s=%s", kubeletapis.LabelZoneFailureDomain, zone.FailureDomain) - node.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] = zone.FailureDomain + klog.Infof("Adding node label from cloud provider: %s=%s", v1.LabelZoneFailureDomain, zone.FailureDomain) + node.ObjectMeta.Labels[v1.LabelZoneFailureDomain] = zone.FailureDomain } if zone.Region != "" { - klog.Infof("Adding node label from cloud provider: %s=%s", kubeletapis.LabelZoneRegion, zone.Region) - node.ObjectMeta.Labels[kubeletapis.LabelZoneRegion] = zone.Region + klog.Infof("Adding node label from cloud provider: %s=%s", v1.LabelZoneRegion, zone.Region) + node.ObjectMeta.Labels[v1.LabelZoneRegion] = zone.Region } } } @@ -427,6 +428,23 @@ func (kl *Kubelet) tryUpdateNodeStatus(tryNumber int) error { now := kl.clock.Now() if utilfeature.DefaultFeatureGate.Enabled(features.NodeLease) && now.Before(kl.lastStatusReportTime.Add(kl.nodeStatusReportFrequency)) { if !podCIDRChanged && !nodeStatusHasChanged(&originalNode.Status, &node.Status) { + // We must mark the volumes as ReportedInUse in volume manager's dsw even + // if no changes were made to the node status (no volumes were added or removed + // from the VolumesInUse list). + // + // The reason is that on a kubelet restart, the volume manager's dsw is + // repopulated and the volume ReportedInUse is initialized to false, while the + // VolumesInUse list from the Node object still contains the state from the + // previous kubelet instantiation. + // + // Once the volumes are added to the dsw, the ReportedInUse field needs to be + // synced from the VolumesInUse list in the Node.Status. + // + // The MarkVolumesAsReportedInUse() call cannot be performed in dsw directly + // because it does not have access to the Node object. + // This also cannot be populated on node status manager init because the volume + // may not have been added to dsw at that time. + kl.volumeManager.MarkVolumesAsReportedInUse(node.Status.VolumesInUse) return nil } } diff --git a/pkg/kubelet/kubelet_node_status_test.go b/pkg/kubelet/kubelet_node_status_test.go index ceb76205aaa..02a9723ac37 100644 --- a/pkg/kubelet/kubelet_node_status_test.go +++ b/pkg/kubelet/kubelet_node_status_test.go @@ -55,6 +55,7 @@ import ( kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" "k8s.io/kubernetes/pkg/kubelet/nodestatus" "k8s.io/kubernetes/pkg/kubelet/util/sliceutils" + kubeletvolume "k8s.io/kubernetes/pkg/kubelet/volumemanager" schedulerapi "k8s.io/kubernetes/pkg/scheduler/api" taintutil "k8s.io/kubernetes/pkg/util/taints" "k8s.io/kubernetes/pkg/version" @@ -1029,6 +1030,213 @@ func TestUpdateNodeStatusWithLease(t *testing.T) { assert.IsType(t, core.GetActionImpl{}, actions[9]) } +func TestUpdateNodeStatusAndVolumesInUseWithoutNodeLease(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.NodeLease, false)() + + cases := []struct { + desc string + existingVolumes []v1.UniqueVolumeName // volumes to initially populate volumeManager + existingNode *v1.Node // existing node object + expectedNode *v1.Node // new node object after patch + expectedReportedInUse []v1.UniqueVolumeName // expected volumes reported in use in volumeManager + }{ + { + desc: "no volumes and no update", + existingNode: &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}}, + expectedNode: &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}}, + }, + { + desc: "volumes inuse on node and volumeManager", + existingVolumes: []v1.UniqueVolumeName{"vol1"}, + existingNode: &v1.Node{ + ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}, + Status: v1.NodeStatus{ + VolumesInUse: []v1.UniqueVolumeName{"vol1"}, + }, + }, + expectedNode: &v1.Node{ + ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}, + Status: v1.NodeStatus{ + VolumesInUse: []v1.UniqueVolumeName{"vol1"}, + }, + }, + expectedReportedInUse: []v1.UniqueVolumeName{"vol1"}, + }, + { + desc: "volumes inuse on node but not in volumeManager", + existingNode: &v1.Node{ + ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}, + Status: v1.NodeStatus{ + VolumesInUse: []v1.UniqueVolumeName{"vol1"}, + }, + }, + expectedNode: &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}}, + }, + { + desc: "volumes inuse in volumeManager but not on node", + existingVolumes: []v1.UniqueVolumeName{"vol1"}, + existingNode: &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}}, + expectedNode: &v1.Node{ + ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}, + Status: v1.NodeStatus{ + VolumesInUse: []v1.UniqueVolumeName{"vol1"}, + }, + }, + expectedReportedInUse: []v1.UniqueVolumeName{"vol1"}, + }, + } + + for _, tc := range cases { + t.Run(tc.desc, func(t *testing.T) { + // Setup + testKubelet := newTestKubelet(t, false /* controllerAttachDetachEnabled */) + defer testKubelet.Cleanup() + + kubelet := testKubelet.kubelet + kubelet.kubeClient = nil // ensure only the heartbeat client is used + kubelet.containerManager = &localCM{ContainerManager: cm.NewStubContainerManager()} + kubelet.lastStatusReportTime = kubelet.clock.Now() + kubelet.nodeStatusReportFrequency = time.Hour + kubelet.machineInfo = &cadvisorapi.MachineInfo{} + + // override test volumeManager + fakeVolumeManager := kubeletvolume.NewFakeVolumeManager(tc.existingVolumes) + kubelet.volumeManager = fakeVolumeManager + + // Only test VolumesInUse setter + kubelet.setNodeStatusFuncs = []func(*v1.Node) error{ + nodestatus.VolumesInUse(kubelet.volumeManager.ReconcilerStatesHasBeenSynced, + kubelet.volumeManager.GetVolumesInUse), + } + + kubeClient := testKubelet.fakeKubeClient + kubeClient.ReactionChain = fake.NewSimpleClientset(&v1.NodeList{Items: []v1.Node{*tc.existingNode}}).ReactionChain + + // Execute + assert.NoError(t, kubelet.updateNodeStatus()) + + // Validate + actions := kubeClient.Actions() + if tc.expectedNode != nil { + assert.Len(t, actions, 2) + assert.IsType(t, core.GetActionImpl{}, actions[0]) + assert.IsType(t, core.PatchActionImpl{}, actions[1]) + patchAction := actions[1].(core.PatchActionImpl) + + updatedNode, err := applyNodeStatusPatch(tc.existingNode, patchAction.GetPatch()) + require.NoError(t, err) + assert.True(t, apiequality.Semantic.DeepEqual(tc.expectedNode, updatedNode), "%s", diff.ObjectDiff(tc.expectedNode, updatedNode)) + } else { + assert.Len(t, actions, 1) + assert.IsType(t, core.GetActionImpl{}, actions[0]) + } + + reportedInUse := fakeVolumeManager.GetVolumesReportedInUse() + assert.True(t, apiequality.Semantic.DeepEqual(tc.expectedReportedInUse, reportedInUse), "%s", diff.ObjectDiff(tc.expectedReportedInUse, reportedInUse)) + }) + } +} + +func TestUpdateNodeStatusAndVolumesInUseWithNodeLease(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.NodeLease, true)() + + cases := []struct { + desc string + existingVolumes []v1.UniqueVolumeName // volumes to initially populate volumeManager + existingNode *v1.Node // existing node object + expectedNode *v1.Node // new node object after patch + expectedReportedInUse []v1.UniqueVolumeName // expected volumes reported in use in volumeManager + }{ + { + desc: "no volumes and no update", + existingNode: &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}}, + }, + { + desc: "volumes inuse on node and volumeManager", + existingVolumes: []v1.UniqueVolumeName{"vol1"}, + existingNode: &v1.Node{ + ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}, + Status: v1.NodeStatus{ + VolumesInUse: []v1.UniqueVolumeName{"vol1"}, + }, + }, + expectedReportedInUse: []v1.UniqueVolumeName{"vol1"}, + }, + { + desc: "volumes inuse on node but not in volumeManager", + existingNode: &v1.Node{ + ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}, + Status: v1.NodeStatus{ + VolumesInUse: []v1.UniqueVolumeName{"vol1"}, + }, + }, + expectedNode: &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}}, + }, + { + desc: "volumes inuse in volumeManager but not on node", + existingVolumes: []v1.UniqueVolumeName{"vol1"}, + existingNode: &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}}, + expectedNode: &v1.Node{ + ObjectMeta: metav1.ObjectMeta{Name: testKubeletHostname}, + Status: v1.NodeStatus{ + VolumesInUse: []v1.UniqueVolumeName{"vol1"}, + }, + }, + expectedReportedInUse: []v1.UniqueVolumeName{"vol1"}, + }, + } + + for _, tc := range cases { + t.Run(tc.desc, func(t *testing.T) { + // Setup + testKubelet := newTestKubelet(t, false /* controllerAttachDetachEnabled */) + defer testKubelet.Cleanup() + + kubelet := testKubelet.kubelet + kubelet.kubeClient = nil // ensure only the heartbeat client is used + kubelet.containerManager = &localCM{ContainerManager: cm.NewStubContainerManager()} + kubelet.lastStatusReportTime = kubelet.clock.Now() + kubelet.nodeStatusReportFrequency = time.Hour + kubelet.machineInfo = &cadvisorapi.MachineInfo{} + + // override test volumeManager + fakeVolumeManager := kubeletvolume.NewFakeVolumeManager(tc.existingVolumes) + kubelet.volumeManager = fakeVolumeManager + + // Only test VolumesInUse setter + kubelet.setNodeStatusFuncs = []func(*v1.Node) error{ + nodestatus.VolumesInUse(kubelet.volumeManager.ReconcilerStatesHasBeenSynced, + kubelet.volumeManager.GetVolumesInUse), + } + + kubeClient := testKubelet.fakeKubeClient + kubeClient.ReactionChain = fake.NewSimpleClientset(&v1.NodeList{Items: []v1.Node{*tc.existingNode}}).ReactionChain + + // Execute + assert.NoError(t, kubelet.updateNodeStatus()) + + // Validate + actions := kubeClient.Actions() + if tc.expectedNode != nil { + assert.Len(t, actions, 2) + assert.IsType(t, core.GetActionImpl{}, actions[0]) + assert.IsType(t, core.PatchActionImpl{}, actions[1]) + patchAction := actions[1].(core.PatchActionImpl) + + updatedNode, err := applyNodeStatusPatch(tc.existingNode, patchAction.GetPatch()) + require.NoError(t, err) + assert.True(t, apiequality.Semantic.DeepEqual(tc.expectedNode, updatedNode), "%s", diff.ObjectDiff(tc.expectedNode, updatedNode)) + } else { + assert.Len(t, actions, 1) + assert.IsType(t, core.GetActionImpl{}, actions[0]) + } + + reportedInUse := fakeVolumeManager.GetVolumesReportedInUse() + assert.True(t, apiequality.Semantic.DeepEqual(tc.expectedReportedInUse, reportedInUse), "%s", diff.ObjectDiff(tc.expectedReportedInUse, reportedInUse)) + }) + } +} + func TestRegisterWithApiServer(t *testing.T) { testKubelet := newTestKubelet(t, false /* controllerAttachDetachEnabled */) defer testKubelet.Cleanup() @@ -1046,11 +1254,11 @@ func TestRegisterWithApiServer(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: testKubeletHostname, Labels: map[string]string{ - kubeletapis.LabelHostname: testKubeletHostname, - kubeletapis.LabelOS: goruntime.GOOS, - kubeletapis.LabelArch: goruntime.GOARCH, - kubeletapis.LegacyLabelOS: goruntime.GOOS, - kubeletapis.LegacyLabelArch: goruntime.GOARCH, + v1.LabelHostname: testKubeletHostname, + v1.LabelOSStable: goruntime.GOOS, + v1.LabelArchStable: goruntime.GOARCH, + kubeletapis.LabelOS: goruntime.GOOS, + kubeletapis.LabelArch: goruntime.GOARCH, }, }, }, nil @@ -1093,11 +1301,11 @@ func TestTryRegisterWithApiServer(t *testing.T) { node := &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: testKubeletHostname, - kubeletapis.LabelOS: goruntime.GOOS, - kubeletapis.LabelArch: goruntime.GOARCH, - kubeletapis.LegacyLabelOS: goruntime.GOOS, - kubeletapis.LegacyLabelArch: goruntime.GOARCH, + v1.LabelHostname: testKubeletHostname, + v1.LabelOSStable: goruntime.GOOS, + v1.LabelArchStable: goruntime.GOARCH, + kubeletapis.LabelOS: goruntime.GOOS, + kubeletapis.LabelArch: goruntime.GOARCH, }, }, } @@ -1325,12 +1533,12 @@ func TestUpdateDefaultLabels(t *testing.T) { initialNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, }, @@ -1341,12 +1549,12 @@ func TestUpdateDefaultLabels(t *testing.T) { }, needsUpdate: true, finalLabels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, { @@ -1354,35 +1562,35 @@ func TestUpdateDefaultLabels(t *testing.T) { initialNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, }, existingNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "old-hostname", - kubeletapis.LabelZoneFailureDomain: "old-zone-failure-domain", - kubeletapis.LabelZoneRegion: "old-zone-region", - kubeletapis.LabelInstanceType: "old-instance-type", - kubeletapis.LabelOS: "old-os", - kubeletapis.LabelArch: "old-arch", + v1.LabelHostname: "old-hostname", + v1.LabelZoneFailureDomain: "old-zone-failure-domain", + v1.LabelZoneRegion: "old-zone-region", + v1.LabelInstanceType: "old-instance-type", + kubeletapis.LabelOS: "old-os", + kubeletapis.LabelArch: "old-arch", }, }, }, needsUpdate: true, finalLabels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, { @@ -1390,37 +1598,37 @@ func TestUpdateDefaultLabels(t *testing.T) { initialNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, }, existingNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", - "please-persist": "foo", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", + "please-persist": "foo", }, }, }, needsUpdate: false, finalLabels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", - "please-persist": "foo", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", + "please-persist": "foo", }, }, { @@ -1433,25 +1641,25 @@ func TestUpdateDefaultLabels(t *testing.T) { existingNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", - "please-persist": "foo", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", + "please-persist": "foo", }, }, }, needsUpdate: false, finalLabels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", - "please-persist": "foo", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", + "please-persist": "foo", }, }, { @@ -1459,35 +1667,35 @@ func TestUpdateDefaultLabels(t *testing.T) { initialNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, }, existingNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, }, needsUpdate: false, finalLabels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, { @@ -1495,12 +1703,12 @@ func TestUpdateDefaultLabels(t *testing.T) { initialNode: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, }, @@ -1509,12 +1717,12 @@ func TestUpdateDefaultLabels(t *testing.T) { }, needsUpdate: true, finalLabels: map[string]string{ - kubeletapis.LabelHostname: "new-hostname", - kubeletapis.LabelZoneFailureDomain: "new-zone-failure-domain", - kubeletapis.LabelZoneRegion: "new-zone-region", - kubeletapis.LabelInstanceType: "new-instance-type", - kubeletapis.LabelOS: "new-os", - kubeletapis.LabelArch: "new-arch", + v1.LabelHostname: "new-hostname", + v1.LabelZoneFailureDomain: "new-zone-failure-domain", + v1.LabelZoneRegion: "new-zone-region", + v1.LabelInstanceType: "new-instance-type", + kubeletapis.LabelOS: "new-os", + kubeletapis.LabelArch: "new-arch", }, }, } diff --git a/pkg/kubelet/kubelet_pods.go b/pkg/kubelet/kubelet_pods.go index 9d06d595ebb..f66b0fef21d 100644 --- a/pkg/kubelet/kubelet_pods.go +++ b/pkg/kubelet/kubelet_pods.go @@ -159,27 +159,40 @@ func makeMounts(pod *v1.Pod, podDir string, container *v1.Container, hostName, h if err != nil { return nil, cleanupAction, err } - if mount.SubPath != "" { + + subPath := mount.SubPath + if mount.SubPathExpr != "" { if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeSubpath) { return nil, cleanupAction, fmt.Errorf("volume subpaths are disabled") } - // Expand subpath variables - if utilfeature.DefaultFeatureGate.Enabled(features.VolumeSubpathEnvExpansion) { - mount.SubPath = kubecontainer.ExpandContainerVolumeMounts(mount, expandEnvs) + if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeSubpathEnvExpansion) { + return nil, cleanupAction, fmt.Errorf("volume subpath expansion is disabled") } - if filepath.IsAbs(mount.SubPath) { - return nil, cleanupAction, fmt.Errorf("error SubPath `%s` must not be an absolute path", mount.SubPath) - } + subPath, err = kubecontainer.ExpandContainerVolumeMounts(mount, expandEnvs) - err = volumevalidation.ValidatePathNoBacksteps(mount.SubPath) if err != nil { - return nil, cleanupAction, fmt.Errorf("unable to provision SubPath `%s`: %v", mount.SubPath, err) + return nil, cleanupAction, err + } + } + + if subPath != "" { + if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeSubpath) { + return nil, cleanupAction, fmt.Errorf("volume subpaths are disabled") + } + + if filepath.IsAbs(subPath) { + return nil, cleanupAction, fmt.Errorf("error SubPath `%s` must not be an absolute path", subPath) + } + + err = volumevalidation.ValidatePathNoBacksteps(subPath) + if err != nil { + return nil, cleanupAction, fmt.Errorf("unable to provision SubPath `%s`: %v", subPath, err) } volumePath := hostPath - hostPath = filepath.Join(volumePath, mount.SubPath) + hostPath = filepath.Join(volumePath, subPath) if subPathExists, err := mounter.ExistsPath(hostPath); err != nil { klog.Errorf("Could not determine if subPath %s exists; will not attempt to change its permissions", hostPath) @@ -193,7 +206,7 @@ func makeMounts(pod *v1.Pod, podDir string, container *v1.Container, hostName, h if err != nil { return nil, cleanupAction, err } - if err := mounter.SafeMakeDir(mount.SubPath, volumePath, perm); err != nil { + if err := mounter.SafeMakeDir(subPath, volumePath, perm); err != nil { // Don't pass detailed error back to the user because it could give information about host filesystem klog.Errorf("failed to create subPath directory for volumeMount %q of container %q: %v", mount.Name, container.Name, err) return nil, cleanupAction, fmt.Errorf("failed to create subPath directory for volumeMount %q of container %q", mount.Name, container.Name) diff --git a/pkg/kubelet/kubeletconfig/OWNERS b/pkg/kubelet/kubeletconfig/OWNERS index 99d321aac10..22935e94052 100644 --- a/pkg/kubelet/kubeletconfig/OWNERS +++ b/pkg/kubelet/kubeletconfig/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - mtaufen - dchen1107 diff --git a/pkg/kubelet/kuberuntime/helpers.go b/pkg/kubelet/kuberuntime/helpers.go index 056e4d0ae75..ccabf8d004a 100644 --- a/pkg/kubelet/kuberuntime/helpers.go +++ b/pkg/kubelet/kuberuntime/helpers.go @@ -141,12 +141,17 @@ func (m *kubeGenericRuntimeManager) getImageUser(image string) (*int64, string, return new(int64), "", nil } -// isContainerFailed returns true if container has exited and exitcode is not zero. -func isContainerFailed(status *kubecontainer.ContainerStatus) bool { +// isInitContainerFailed returns true if container has exited and exitcode is not zero +// or is in unknown state. +func isInitContainerFailed(status *kubecontainer.ContainerStatus) bool { if status.State == kubecontainer.ContainerStateExited && status.ExitCode != 0 { return true } + if status.State == kubecontainer.ContainerStateUnknown { + return true + } + return false } diff --git a/pkg/kubelet/kuberuntime/helpers_linux.go b/pkg/kubelet/kuberuntime/helpers_linux.go index b6a4f4f85c9..204bc4e9ffb 100644 --- a/pkg/kubelet/kuberuntime/helpers_linux.go +++ b/pkg/kubelet/kuberuntime/helpers_linux.go @@ -18,11 +18,6 @@ limitations under the License. package kuberuntime -import ( - utilfeature "k8s.io/apiserver/pkg/util/feature" - kubefeatures "k8s.io/kubernetes/pkg/features" -) - const ( // Taken from lmctfy https://github.com/google/lmctfy/blob/master/lmctfy/controllers/cpu_controller.cc minShares = 2 @@ -59,9 +54,6 @@ func milliCPUToQuota(milliCPU int64, period int64) (quota int64) { if milliCPU == 0 { return } - if !utilfeature.DefaultFeatureGate.Enabled(kubefeatures.CPUCFSQuotaPeriod) { - period = quotaPeriod - } // we then convert your milliCPU to a value normalized over a period quota = (milliCPU * period) / milliCPUToCPU diff --git a/pkg/kubelet/kuberuntime/instrumented_services.go b/pkg/kubelet/kuberuntime/instrumented_services.go index dc3c6575f8b..b96faa0cd82 100644 --- a/pkg/kubelet/kuberuntime/instrumented_services.go +++ b/pkg/kubelet/kuberuntime/instrumented_services.go @@ -49,13 +49,16 @@ func newInstrumentedImageManagerService(service internalapi.ImageManagerService) // recordOperation records the duration of the operation. func recordOperation(operation string, start time.Time) { metrics.RuntimeOperations.WithLabelValues(operation).Inc() - metrics.RuntimeOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInMicroseconds(start)) + metrics.DeprecatedRuntimeOperations.WithLabelValues(operation).Inc() + metrics.RuntimeOperationsDuration.WithLabelValues(operation).Observe(metrics.SinceInSeconds(start)) + metrics.DeprecatedRuntimeOperationsLatency.WithLabelValues(operation).Observe(metrics.SinceInMicroseconds(start)) } // recordError records error for metric if an error occurred. func recordError(operation string, err error) { if err != nil { metrics.RuntimeOperationsErrors.WithLabelValues(operation).Inc() + metrics.DeprecatedRuntimeOperationsErrors.WithLabelValues(operation).Inc() } } diff --git a/pkg/kubelet/kuberuntime/instrumented_services_test.go b/pkg/kubelet/kuberuntime/instrumented_services_test.go index 6463e617f06..d29f00fa199 100644 --- a/pkg/kubelet/kuberuntime/instrumented_services_test.go +++ b/pkg/kubelet/kuberuntime/instrumented_services_test.go @@ -30,7 +30,7 @@ import ( func TestRecordOperation(t *testing.T) { prometheus.MustRegister(metrics.RuntimeOperations) - prometheus.MustRegister(metrics.RuntimeOperationsLatency) + prometheus.MustRegister(metrics.RuntimeOperationsDuration) prometheus.MustRegister(metrics.RuntimeOperationsErrors) temporalServer := "127.0.0.1:1234" @@ -50,8 +50,8 @@ func TestRecordOperation(t *testing.T) { }() recordOperation("create_container", time.Now()) - runtimeOperationsCounterExpected := "kubelet_runtime_operations{operation_type=\"create_container\"} 1" - runtimeOperationsLatencyExpected := "kubelet_runtime_operations_latency_microseconds_count{operation_type=\"create_container\"} 1" + runtimeOperationsCounterExpected := "kubelet_runtime_operations_total{operation_type=\"create_container\"} 1" + runtimeOperationsDurationExpected := "kubelet_runtime_operations_duration_seconds_count{operation_type=\"create_container\"} 1" assert.HTTPBodyContains(t, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { mux.ServeHTTP(w, r) @@ -59,7 +59,7 @@ func TestRecordOperation(t *testing.T) { assert.HTTPBodyContains(t, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { mux.ServeHTTP(w, r) - }), "GET", prometheusURL, nil, runtimeOperationsLatencyExpected) + }), "GET", prometheusURL, nil, runtimeOperationsDurationExpected) } func TestInstrumentedVersion(t *testing.T) { diff --git a/pkg/kubelet/kuberuntime/kuberuntime_container.go b/pkg/kubelet/kuberuntime/kuberuntime_container.go index 4ca0980d4d4..b5826ab47dd 100644 --- a/pkg/kubelet/kuberuntime/kuberuntime_container.go +++ b/pkg/kubelet/kuberuntime/kuberuntime_container.go @@ -35,7 +35,7 @@ import ( "github.com/armon/circbuf" "k8s.io/klog" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" kubetypes "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" @@ -131,7 +131,7 @@ func (m *kubeGenericRuntimeManager) startContainer(podSandboxID string, podSandb m.recordContainerEvent(pod, container, containerID, v1.EventTypeWarning, events.FailedToStartContainer, "Internal PreStartContainer hook failed: %v", grpc.ErrorDesc(err)) return grpc.ErrorDesc(err), ErrPreStartHook } - m.recordContainerEvent(pod, container, containerID, v1.EventTypeNormal, events.CreatedContainer, "Created container") + m.recordContainerEvent(pod, container, containerID, v1.EventTypeNormal, events.CreatedContainer, fmt.Sprintf("Created container %s", container.Name)) if ref != nil { m.containerRefManager.SetRef(kubecontainer.ContainerID{ @@ -146,7 +146,7 @@ func (m *kubeGenericRuntimeManager) startContainer(podSandboxID string, podSandb m.recordContainerEvent(pod, container, containerID, v1.EventTypeWarning, events.FailedToStartContainer, "Error: %v", grpc.ErrorDesc(err)) return grpc.ErrorDesc(err), kubecontainer.ErrRunContainer } - m.recordContainerEvent(pod, container, containerID, v1.EventTypeNormal, events.StartedContainer, "Started container") + m.recordContainerEvent(pod, container, containerID, v1.EventTypeNormal, events.StartedContainer, fmt.Sprintf("Started container %s", container.Name)) // Symlink container logs to the legacy container log location for cluster logging // support. @@ -532,12 +532,12 @@ func (m *kubeGenericRuntimeManager) restoreSpecsFromContainerLabels(containerID // killContainer kills a container through the following steps: // * Run the pre-stop lifecycle hooks (if applicable). // * Stop the container. -func (m *kubeGenericRuntimeManager) killContainer(pod *v1.Pod, containerID kubecontainer.ContainerID, containerName string, reason string, gracePeriodOverride *int64) error { +func (m *kubeGenericRuntimeManager) killContainer(pod *v1.Pod, containerID kubecontainer.ContainerID, containerName string, message string, gracePeriodOverride *int64) error { var containerSpec *v1.Container if pod != nil { if containerSpec = kubecontainer.GetContainerSpec(pod, containerName); containerSpec == nil { return fmt.Errorf("failed to get containerSpec %q(id=%q) in pod %q when killing container for reason %q", - containerName, containerID.String(), format.Pod(pod), reason) + containerName, containerID.String(), format.Pod(pod), message) } } else { // Restore necessary information if one of the specs is nil. @@ -557,6 +557,11 @@ func (m *kubeGenericRuntimeManager) killContainer(pod *v1.Pod, containerID kubec gracePeriod = *pod.Spec.TerminationGracePeriodSeconds } + if len(message) == 0 { + message = fmt.Sprintf("Stopping container %s", containerSpec.Name) + } + m.recordContainerEvent(pod, containerSpec, containerID.ID, v1.EventTypeNormal, events.KillingContainer, message) + // Run internal pre-stop lifecycle hook if err := m.internalLifecycle.PreStopContainer(containerID.ID); err != nil { return err @@ -584,11 +589,6 @@ func (m *kubeGenericRuntimeManager) killContainer(pod *v1.Pod, containerID kubec klog.V(3).Infof("Container %q exited normally", containerID.String()) } - message := fmt.Sprintf("Killing container %s", containerID.String()) - if reason != "" { - message = fmt.Sprint(message, ":", reason) - } - m.recordContainerEvent(pod, containerSpec, containerID.ID, v1.EventTypeNormal, events.KillingContainer, message) m.containerRefManager.ClearRef(containerID) return err @@ -606,7 +606,7 @@ func (m *kubeGenericRuntimeManager) killContainersWithSyncResult(pod *v1.Pod, ru defer wg.Done() killContainerResult := kubecontainer.NewSyncResult(kubecontainer.KillContainer, container.Name) - if err := m.killContainer(pod, container.ID, container.Name, "Need to kill Pod", gracePeriodOverride); err != nil { + if err := m.killContainer(pod, container.ID, container.Name, "", gracePeriodOverride); err != nil { killContainerResult.Fail(kubecontainer.ErrKillContainer, err.Error()) } containerResults <- killContainerResult @@ -635,9 +635,14 @@ func (m *kubeGenericRuntimeManager) pruneInitContainersBeforeStart(pod *v1.Pod, for name := range initContainerNames { count := 0 for _, status := range podStatus.ContainerStatuses { - if status.Name != name || !initContainerNames.Has(status.Name) || status.State != kubecontainer.ContainerStateExited { + if status.Name != name || !initContainerNames.Has(status.Name) || + (status.State != kubecontainer.ContainerStateExited && + status.State != kubecontainer.ContainerStateUnknown) { continue } + // Remove init containers in unknown state. It should have + // been stopped before pruneInitContainersBeforeStart is + // called. count++ // keep the first init container for this name if count == 1 { @@ -692,7 +697,7 @@ func (m *kubeGenericRuntimeManager) purgeInitContainers(pod *v1.Pod, podStatus * } // findNextInitContainerToRun returns the status of the last failed container, the -// next init container to start, or done if there are no further init containers. +// index of next init container to start, or done if there are no further init containers. // Status is only returned if an init container is failed, in which case next will // point to the current container. func findNextInitContainerToRun(pod *v1.Pod, podStatus *kubecontainer.PodStatus) (status *kubecontainer.ContainerStatus, next *v1.Container, done bool) { @@ -704,7 +709,7 @@ func findNextInitContainerToRun(pod *v1.Pod, podStatus *kubecontainer.PodStatus) for i := len(pod.Spec.InitContainers) - 1; i >= 0; i-- { container := &pod.Spec.InitContainers[i] status := podStatus.FindContainerStatusByName(container.Name) - if status != nil && isContainerFailed(status) { + if status != nil && isInitContainerFailed(status) { return status, container, false } } diff --git a/pkg/kubelet/kuberuntime/kuberuntime_container_linux.go b/pkg/kubelet/kuberuntime/kuberuntime_container_linux.go index c5da7e3171d..1a6a50311c0 100644 --- a/pkg/kubelet/kuberuntime/kuberuntime_container_linux.go +++ b/pkg/kubelet/kuberuntime/kuberuntime_container_linux.go @@ -22,6 +22,8 @@ import ( "time" "k8s.io/api/core/v1" + utilfeature "k8s.io/apiserver/pkg/util/feature" + kubefeatures "k8s.io/kubernetes/pkg/features" runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" "k8s.io/kubernetes/pkg/kubelet/qos" ) @@ -67,7 +69,10 @@ func (m *kubeGenericRuntimeManager) generateLinuxContainerConfig(container *v1.C if m.cpuCFSQuota { // if cpuLimit.Amount is nil, then the appropriate default value is returned // to allow full usage of cpu resource. - cpuPeriod := int64(m.cpuCFSQuotaPeriod.Duration / time.Microsecond) + cpuPeriod := int64(quotaPeriod) + if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.CPUCFSQuotaPeriod) { + cpuPeriod = int64(m.cpuCFSQuotaPeriod.Duration / time.Microsecond) + } cpuQuota := milliCPUToQuota(cpuLimit.MilliValue(), cpuPeriod) lc.Resources.CpuQuota = cpuQuota lc.Resources.CpuPeriod = cpuPeriod diff --git a/pkg/kubelet/kuberuntime/kuberuntime_gc.go b/pkg/kubelet/kuberuntime/kuberuntime_gc.go index e2ba00d0645..1bc77c1739c 100644 --- a/pkg/kubelet/kuberuntime/kuberuntime_gc.go +++ b/pkg/kubelet/kuberuntime/kuberuntime_gc.go @@ -55,6 +55,9 @@ type containerGCInfo struct { name string // Creation time for the container. createTime time.Time + // If true, the container is in unknown state. Garbage collector should try + // to stop containers before removal. + unknown bool } // sandboxGCInfo is the internal information kept for sandboxes being considered for GC. @@ -122,6 +125,19 @@ func (cgc *containerGC) removeOldestN(containers []containerGCInfo, toRemove int // Remove from oldest to newest (last to first). numToKeep := len(containers) - toRemove for i := len(containers) - 1; i >= numToKeep; i-- { + if containers[i].unknown { + // Containers in known state could be running, we should try + // to stop it before removal. + id := kubecontainer.ContainerID{ + Type: cgc.manager.runtimeName, + ID: containers[i].id, + } + message := "Container is in unknown state, try killing it before removal" + if err := cgc.manager.killContainer(nil, id, containers[i].name, message, nil); err != nil { + klog.Errorf("Failed to stop container %q: %v", containers[i].id, err) + continue + } + } if err := cgc.manager.removeContainer(containers[i].id); err != nil { klog.Errorf("Failed to remove container %q: %v", containers[i].id, err) } @@ -184,6 +200,7 @@ func (cgc *containerGC) evictableContainers(minAge time.Duration) (containersByE id: container.Id, name: container.Metadata.Name, createTime: createdAt, + unknown: container.State == runtimeapi.ContainerState_CONTAINER_UNKNOWN, } key := evictUnit{ uid: labeledInfo.PodUID, diff --git a/pkg/kubelet/kuberuntime/kuberuntime_gc_test.go b/pkg/kubelet/kuberuntime/kuberuntime_gc_test.go index 49513d4423d..8c565d56753 100644 --- a/pkg/kubelet/kuberuntime/kuberuntime_gc_test.go +++ b/pkg/kubelet/kuberuntime/kuberuntime_gc_test.go @@ -179,28 +179,29 @@ func TestSandboxGC(t *testing.T) { } } +func makeGCContainer(podStateProvider *fakePodStateProvider, podName, containerName string, attempt int, createdAt int64, state runtimeapi.ContainerState) containerTemplate { + container := makeTestContainer(containerName, "test-image") + pod := makeTestPod(podName, "test-ns", podName, []v1.Container{container}) + if podName == "running" { + podStateProvider.runningPods[pod.UID] = struct{}{} + } + if podName != "deleted" { + podStateProvider.existingPods[pod.UID] = struct{}{} + } + return containerTemplate{ + pod: pod, + container: &container, + attempt: attempt, + createdAt: createdAt, + state: state, + } +} + func TestContainerGC(t *testing.T) { fakeRuntime, _, m, err := createTestRuntimeManager() assert.NoError(t, err) podStateProvider := m.containerGC.podStateProvider.(*fakePodStateProvider) - makeGCContainer := func(podName, containerName string, attempt int, createdAt int64, state runtimeapi.ContainerState) containerTemplate { - container := makeTestContainer(containerName, "test-image") - pod := makeTestPod(podName, "test-ns", podName, []v1.Container{container}) - if podName == "running" { - podStateProvider.runningPods[pod.UID] = struct{}{} - } - if podName != "deleted" { - podStateProvider.existingPods[pod.UID] = struct{}{} - } - return containerTemplate{ - pod: pod, - container: &container, - attempt: attempt, - createdAt: createdAt, - state: state, - } - } defaultGCPolicy := kubecontainer.ContainerGCPolicy{MinAge: time.Hour, MaxPerPodContainer: 2, MaxContainers: 6} for c, test := range []struct { @@ -214,7 +215,7 @@ func TestContainerGC(t *testing.T) { { description: "all containers should be removed when max container limit is 0", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, policy: &kubecontainer.ContainerGCPolicy{MinAge: time.Minute, MaxPerPodContainer: 1, MaxContainers: 0}, remain: []int{}, @@ -224,11 +225,11 @@ func TestContainerGC(t *testing.T) { { description: "max containers should be complied when no max per pod container limit is set", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 4, 4, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 3, 3, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 4, 4, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 3, 3, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, policy: &kubecontainer.ContainerGCPolicy{MinAge: time.Minute, MaxPerPodContainer: -1, MaxContainers: 4}, remain: []int{0, 1, 2, 3}, @@ -238,9 +239,9 @@ func TestContainerGC(t *testing.T) { { description: "no containers should be removed if both max container and per pod container limits are not set", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, policy: &kubecontainer.ContainerGCPolicy{MinAge: time.Minute, MaxPerPodContainer: -1, MaxContainers: -1}, remain: []int{0, 1, 2}, @@ -250,9 +251,9 @@ func TestContainerGC(t *testing.T) { { description: "recently started containers should not be removed", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 2, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 2, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0, 1, 2}, evictTerminatedPods: false, @@ -261,9 +262,9 @@ func TestContainerGC(t *testing.T) { { description: "oldest containers should be removed when per pod container limit exceeded", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0, 1}, evictTerminatedPods: false, @@ -272,9 +273,9 @@ func TestContainerGC(t *testing.T) { { description: "running containers should not be removed", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_RUNNING), + makeGCContainer(podStateProvider, "foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_RUNNING), }, remain: []int{0, 1, 2}, evictTerminatedPods: false, @@ -283,8 +284,8 @@ func TestContainerGC(t *testing.T) { { description: "no containers should be removed when limits are not exceeded", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0, 1}, evictTerminatedPods: false, @@ -293,15 +294,15 @@ func TestContainerGC(t *testing.T) { { description: "max container count should apply per (UID, container) pair", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "baz", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "baz", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "baz", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo2", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo2", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo2", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "baz", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "baz", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "baz", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo2", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo2", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo2", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0, 1, 3, 4, 6, 7}, evictTerminatedPods: false, @@ -310,16 +311,16 @@ func TestContainerGC(t *testing.T) { { description: "max limit should apply and try to keep from every pod", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "bar1", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo2", "bar2", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo2", "bar2", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo3", "bar3", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo3", "bar3", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo4", "bar4", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo4", "bar4", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "bar1", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo2", "bar2", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo2", "bar2", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo3", "bar3", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo3", "bar3", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo4", "bar4", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo4", "bar4", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0, 2, 4, 6, 8}, evictTerminatedPods: false, @@ -328,16 +329,16 @@ func TestContainerGC(t *testing.T) { { description: "oldest pods should be removed if limit exceeded", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "bar1", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo2", "bar2", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo3", "bar3", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo4", "bar4", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo5", "bar5", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo6", "bar6", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo7", "bar7", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "bar1", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo2", "bar2", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo3", "bar3", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo4", "bar4", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo5", "bar5", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo6", "bar6", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo7", "bar7", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0, 2, 4, 6, 8, 9}, evictTerminatedPods: false, @@ -346,12 +347,12 @@ func TestContainerGC(t *testing.T) { { description: "all non-running containers should be removed when evictTerminatedPods is set", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "bar1", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo1", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("running", "bar2", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo3", "bar3", 0, 0, runtimeapi.ContainerState_CONTAINER_RUNNING), + makeGCContainer(podStateProvider, "foo", "bar", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "bar1", 2, 2, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo1", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "running", "bar2", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo3", "bar3", 0, 0, runtimeapi.ContainerState_CONTAINER_RUNNING), }, remain: []int{4, 5}, evictTerminatedPods: true, @@ -360,12 +361,12 @@ func TestContainerGC(t *testing.T) { { description: "containers for deleted pods should be removed", containers: []containerTemplate{ - makeGCContainer("foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), // deleted pods still respect MinAge. - makeGCContainer("deleted", "bar1", 2, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("deleted", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), - makeGCContainer("deleted", "bar1", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "deleted", "bar1", 2, time.Now().UnixNano(), runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "deleted", "bar1", 1, 1, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "deleted", "bar1", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0, 1, 2}, evictTerminatedPods: false, @@ -374,7 +375,7 @@ func TestContainerGC(t *testing.T) { { description: "containers for deleted pods may not be removed if allSourcesReady is set false ", containers: []containerTemplate{ - makeGCContainer("deleted", "bar1", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), + makeGCContainer(podStateProvider, "deleted", "bar1", 0, 0, runtimeapi.ContainerState_CONTAINER_EXITED), }, remain: []int{0}, evictTerminatedPods: true, @@ -440,3 +441,26 @@ func TestPodLogDirectoryGC(t *testing.T) { assert.NoError(t, err) assert.Empty(t, fakeOS.Removes) } + +func TestUnknownStateContainerGC(t *testing.T) { + fakeRuntime, _, m, err := createTestRuntimeManager() + assert.NoError(t, err) + + podStateProvider := m.containerGC.podStateProvider.(*fakePodStateProvider) + defaultGCPolicy := kubecontainer.ContainerGCPolicy{MinAge: time.Hour, MaxPerPodContainer: 0, MaxContainers: 0} + + fakeContainers := makeFakeContainers(t, m, []containerTemplate{ + makeGCContainer(podStateProvider, "foo", "bar", 0, 0, runtimeapi.ContainerState_CONTAINER_UNKNOWN), + }) + fakeRuntime.SetFakeContainers(fakeContainers) + + err = m.containerGC.evictContainers(defaultGCPolicy, true, false) + assert.NoError(t, err) + + assert.Contains(t, fakeRuntime.GetCalls(), "StopContainer", "RemoveContainer", + "container in unknown state should be stopped before being removed") + + remain, err := fakeRuntime.ListContainers(nil) + assert.NoError(t, err) + assert.Empty(t, remain) +} diff --git a/pkg/kubelet/kuberuntime/kuberuntime_manager.go b/pkg/kubelet/kuberuntime/kuberuntime_manager.go index 2d5fdf30716..b6313fb8bdf 100644 --- a/pkg/kubelet/kuberuntime/kuberuntime_manager.go +++ b/pkg/kubelet/kuberuntime/kuberuntime_manager.go @@ -26,7 +26,7 @@ import ( cadvisorapi "github.com/google/cadvisor/info/v1" "k8s.io/klog" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" kubetypes "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" @@ -505,10 +505,19 @@ func (m *kubeGenericRuntimeManager) computePodActions(pod *v1.Pod, podStatus *ku initLastStatus, next, done := findNextInitContainerToRun(pod, podStatus) if !done { if next != nil { - initFailed := initLastStatus != nil && isContainerFailed(initLastStatus) + initFailed := initLastStatus != nil && isInitContainerFailed(initLastStatus) if initFailed && !shouldRestartOnFailure(pod) { changes.KillPod = true } else { + // Always try to stop containers in unknown state first. + if initLastStatus != nil && initLastStatus.State == kubecontainer.ContainerStateUnknown { + changes.ContainersToKill[initLastStatus.ID] = containerToKillInfo{ + name: next.Name, + container: next, + message: fmt.Sprintf("Init container is in %q state, try killing it before restart", + initLastStatus.State), + } + } changes.NextInitContainerToStart = next } } @@ -540,20 +549,31 @@ func (m *kubeGenericRuntimeManager) computePodActions(pod *v1.Pod, podStatus *ku message := fmt.Sprintf("Container %+v is dead, but RestartPolicy says that we should restart it.", container) klog.V(3).Infof(message) changes.ContainersToStart = append(changes.ContainersToStart, idx) + if containerStatus != nil && containerStatus.State == kubecontainer.ContainerStateUnknown { + // If container is in unknown state, we don't know whether it + // is actually running or not, always try killing it before + // restart to avoid having 2 running instances of the same container. + changes.ContainersToKill[containerStatus.ID] = containerToKillInfo{ + name: containerStatus.Name, + container: &pod.Spec.Containers[idx], + message: fmt.Sprintf("Container is in %q state, try killing it before restart", + containerStatus.State), + } + } } continue } // The container is running, but kill the container if any of the following condition is met. - reason := "" + var message string restart := shouldRestartOnFailure(pod) - if expectedHash, actualHash, changed := containerChanged(&container, containerStatus); changed { - reason = fmt.Sprintf("Container spec hash changed (%d vs %d).", actualHash, expectedHash) + if _, _, changed := containerChanged(&container, containerStatus); changed { + message = fmt.Sprintf("Container %s definition changed", container.Name) // Restart regardless of the restart policy because the container // spec changed. restart = true } else if liveness, found := m.livenessManager.Get(containerStatus.ID); found && liveness == proberesults.Failure { // If the container failed the liveness probe, we should kill it. - reason = "Container failed liveness probe." + message = fmt.Sprintf("Container %s failed liveness probe", container.Name) } else { // Keep the container. keepCount++ @@ -563,9 +583,8 @@ func (m *kubeGenericRuntimeManager) computePodActions(pod *v1.Pod, podStatus *ku // We need to kill the container, but if we also want to restart the // container afterwards, make the intent clear in the message. Also do // not kill the entire pod since we expect container to be running eventually. - message := reason if restart { - message = fmt.Sprintf("%s. Container will be killed and recreated.", message) + message = fmt.Sprintf("%s, will be restarted", message) changes.ContainersToStart = append(changes.ContainersToStart, idx) } @@ -610,10 +629,10 @@ func (m *kubeGenericRuntimeManager) SyncPod(pod *v1.Pod, podStatus *kubecontaine // Step 2: Kill the pod if the sandbox has changed. if podContainerChanges.KillPod { - if !podContainerChanges.CreateSandbox { - klog.V(4).Infof("Stopping PodSandbox for %q because all other containers are dead.", format.Pod(pod)) - } else { + if podContainerChanges.CreateSandbox { klog.V(4).Infof("Stopping PodSandbox for %q, will start new one", format.Pod(pod)) + } else { + klog.V(4).Infof("Stopping PodSandbox for %q because all other containers are dead.", format.Pod(pod)) } killResult := m.killPodWithSyncResult(pod, kubecontainer.ConvertPodStatusToRunningPod(m.runtimeName, podStatus), nil) @@ -914,31 +933,11 @@ func (m *kubeGenericRuntimeManager) GetPodStatus(uid kubetypes.UID, name, namesp }, nil } -// Returns the filesystem path of the pod's network namespace. -// -// For CRI, container network is handled by the runtime completely and this -// function should never be called. -func (m *kubeGenericRuntimeManager) GetNetNS(_ kubecontainer.ContainerID) (string, error) { - return "", fmt.Errorf("not supported") -} - // GarbageCollect removes dead containers using the specified container gc policy. func (m *kubeGenericRuntimeManager) GarbageCollect(gcPolicy kubecontainer.ContainerGCPolicy, allSourcesReady bool, evictNonDeletedPods bool) error { return m.containerGC.GarbageCollect(gcPolicy, allSourcesReady, evictNonDeletedPods) } -// GetPodContainerID gets pod sandbox ID -func (m *kubeGenericRuntimeManager) GetPodContainerID(pod *kubecontainer.Pod) (kubecontainer.ContainerID, error) { - formattedPod := kubecontainer.FormatPod(pod) - if len(pod.Sandboxes) == 0 { - klog.Errorf("No sandboxes are found for pod %q", formattedPod) - return kubecontainer.ContainerID{}, fmt.Errorf("sandboxes for pod %q not found", formattedPod) - } - - // return sandboxID of the first sandbox since it is the latest one - return pod.Sandboxes[0].ID, nil -} - // UpdatePodCIDR is just a passthrough method to update the runtimeConfig of the shim // with the podCIDR supplied by the kubelet. func (m *kubeGenericRuntimeManager) UpdatePodCIDR(podCIDR string) error { diff --git a/pkg/kubelet/kuberuntime/kuberuntime_manager_test.go b/pkg/kubelet/kuberuntime/kuberuntime_manager_test.go index ffbb40329a5..42f447765fc 100644 --- a/pkg/kubelet/kuberuntime/kuberuntime_manager_test.go +++ b/pkg/kubelet/kuberuntime/kuberuntime_manager_test.go @@ -388,85 +388,6 @@ func TestGetPods(t *testing.T) { } } -func TestGetPodContainerID(t *testing.T) { - fakeRuntime, _, m, err := createTestRuntimeManager() - assert.NoError(t, err) - - pod := &v1.Pod{ - ObjectMeta: metav1.ObjectMeta{ - UID: "12345678", - Name: "foo", - Namespace: "new", - }, - Spec: v1.PodSpec{ - Containers: []v1.Container{ - { - Name: "foo1", - Image: "busybox", - }, - { - Name: "foo2", - Image: "busybox", - }, - }, - }, - } - // Set fake sandbox and fake containers to fakeRuntime. - fakeSandbox, _ := makeAndSetFakePod(t, m, fakeRuntime, pod) - - // Convert fakeSandbox to kubecontainer.Container - sandbox, err := m.sandboxToKubeContainer(&runtimeapi.PodSandbox{ - Id: fakeSandbox.Id, - Metadata: fakeSandbox.Metadata, - State: fakeSandbox.State, - CreatedAt: fakeSandbox.CreatedAt, - Labels: fakeSandbox.Labels, - }) - assert.NoError(t, err) - - expectedPod := &kubecontainer.Pod{ - ID: pod.UID, - Name: pod.Name, - Namespace: pod.Namespace, - Containers: []*kubecontainer.Container{}, - Sandboxes: []*kubecontainer.Container{sandbox}, - } - actual, err := m.GetPodContainerID(expectedPod) - assert.Equal(t, fakeSandbox.Id, actual.ID) -} - -func TestGetNetNS(t *testing.T) { - fakeRuntime, _, m, err := createTestRuntimeManager() - assert.NoError(t, err) - - pod := &v1.Pod{ - ObjectMeta: metav1.ObjectMeta{ - UID: "12345678", - Name: "foo", - Namespace: "new", - }, - Spec: v1.PodSpec{ - Containers: []v1.Container{ - { - Name: "foo1", - Image: "busybox", - }, - { - Name: "foo2", - Image: "busybox", - }, - }, - }, - } - - // Set fake sandbox and fake containers to fakeRuntime. - sandbox, _ := makeAndSetFakePod(t, m, fakeRuntime, pod) - - actual, err := m.GetNetNS(kubecontainer.ContainerID{ID: sandbox.Id}) - assert.Equal(t, "", actual) - assert.Equal(t, "not supported", err.Error()) -} - func TestKillPod(t *testing.T) { fakeRuntime, _, m, err := createTestRuntimeManager() assert.NoError(t, err) @@ -597,9 +518,10 @@ func TestPruneInitContainers(t *testing.T) { } templates := []containerTemplate{ + {pod: pod, container: &init1, attempt: 3, createdAt: 3, state: runtimeapi.ContainerState_CONTAINER_EXITED}, {pod: pod, container: &init1, attempt: 2, createdAt: 2, state: runtimeapi.ContainerState_CONTAINER_EXITED}, - {pod: pod, container: &init1, attempt: 1, createdAt: 1, state: runtimeapi.ContainerState_CONTAINER_EXITED}, {pod: pod, container: &init2, attempt: 1, createdAt: 1, state: runtimeapi.ContainerState_CONTAINER_EXITED}, + {pod: pod, container: &init1, attempt: 1, createdAt: 1, state: runtimeapi.ContainerState_CONTAINER_UNKNOWN}, {pod: pod, container: &init2, attempt: 0, createdAt: 0, state: runtimeapi.ContainerState_CONTAINER_EXITED}, {pod: pod, container: &init1, attempt: 0, createdAt: 0, state: runtimeapi.ContainerState_CONTAINER_EXITED}, } @@ -928,6 +850,17 @@ func TestComputePodActions(t *testing.T) { ContainersToKill: map[kubecontainer.ContainerID]containerToKillInfo{}, }, }, + "Kill and recreate the container if the container is in unknown state": { + mutatePodFn: func(pod *v1.Pod) { pod.Spec.RestartPolicy = v1.RestartPolicyNever }, + mutateStatusFn: func(status *kubecontainer.PodStatus) { + status.ContainerStatuses[1].State = kubecontainer.ContainerStateUnknown + }, + actions: podActions{ + SandboxID: baseStatus.SandboxStatuses[0].Id, + ContainersToKill: getKillMap(basePod, baseStatus, []int{1}), + ContainersToStart: []int{1}, + }, + }, } { pod, status := makeBasePodAndStatus() if test.mutatePodFn != nil { @@ -952,6 +885,17 @@ func getKillMap(pod *v1.Pod, status *kubecontainer.PodStatus, cIndexes []int) ma return m } +func getKillMapWithInitContainers(pod *v1.Pod, status *kubecontainer.PodStatus, cIndexes []int) map[kubecontainer.ContainerID]containerToKillInfo { + m := map[kubecontainer.ContainerID]containerToKillInfo{} + for _, i := range cIndexes { + m[status.ContainerStatuses[i].ID] = containerToKillInfo{ + container: &pod.Spec.InitContainers[i], + name: pod.Spec.InitContainers[i].Name, + } + } + return m +} + func verifyActions(t *testing.T, expected, actual *podActions, desc string) { if actual.ContainersToKill != nil { // Clear the message field since we don't need to verify the message. @@ -985,7 +929,7 @@ func TestComputePodActionsWithInitContainers(t *testing.T) { actions: podActions{ SandboxID: baseStatus.SandboxStatuses[0].Id, ContainersToStart: []int{0, 1, 2}, - ContainersToKill: getKillMap(basePod, baseStatus, []int{}), + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{}), }, }, "initialization in progress; do nothing": { @@ -1007,7 +951,7 @@ func TestComputePodActionsWithInitContainers(t *testing.T) { Attempt: uint32(1), NextInitContainerToStart: &basePod.Spec.InitContainers[0], ContainersToStart: []int{}, - ContainersToKill: getKillMap(basePod, baseStatus, []int{}), + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{}), }, }, "initialization failed; restart the last init container if RestartPolicy == Always": { @@ -1019,7 +963,7 @@ func TestComputePodActionsWithInitContainers(t *testing.T) { SandboxID: baseStatus.SandboxStatuses[0].Id, NextInitContainerToStart: &basePod.Spec.InitContainers[2], ContainersToStart: []int{}, - ContainersToKill: getKillMap(basePod, baseStatus, []int{}), + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{}), }, }, "initialization failed; restart the last init container if RestartPolicy == OnFailure": { @@ -1031,7 +975,7 @@ func TestComputePodActionsWithInitContainers(t *testing.T) { SandboxID: baseStatus.SandboxStatuses[0].Id, NextInitContainerToStart: &basePod.Spec.InitContainers[2], ContainersToStart: []int{}, - ContainersToKill: getKillMap(basePod, baseStatus, []int{}), + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{}), }, }, "initialization failed; kill pod if RestartPolicy == Never": { @@ -1043,7 +987,43 @@ func TestComputePodActionsWithInitContainers(t *testing.T) { KillPod: true, SandboxID: baseStatus.SandboxStatuses[0].Id, ContainersToStart: []int{}, - ContainersToKill: getKillMap(basePod, baseStatus, []int{}), + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{}), + }, + }, + "init container state unknown; kill and recreate the last init container if RestartPolicy == Always": { + mutatePodFn: func(pod *v1.Pod) { pod.Spec.RestartPolicy = v1.RestartPolicyAlways }, + mutateStatusFn: func(status *kubecontainer.PodStatus) { + status.ContainerStatuses[2].State = kubecontainer.ContainerStateUnknown + }, + actions: podActions{ + SandboxID: baseStatus.SandboxStatuses[0].Id, + NextInitContainerToStart: &basePod.Spec.InitContainers[2], + ContainersToStart: []int{}, + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{2}), + }, + }, + "init container state unknown; kill and recreate the last init container if RestartPolicy == OnFailure": { + mutatePodFn: func(pod *v1.Pod) { pod.Spec.RestartPolicy = v1.RestartPolicyOnFailure }, + mutateStatusFn: func(status *kubecontainer.PodStatus) { + status.ContainerStatuses[2].State = kubecontainer.ContainerStateUnknown + }, + actions: podActions{ + SandboxID: baseStatus.SandboxStatuses[0].Id, + NextInitContainerToStart: &basePod.Spec.InitContainers[2], + ContainersToStart: []int{}, + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{2}), + }, + }, + "init container state unknown; kill pod if RestartPolicy == Never": { + mutatePodFn: func(pod *v1.Pod) { pod.Spec.RestartPolicy = v1.RestartPolicyNever }, + mutateStatusFn: func(status *kubecontainer.PodStatus) { + status.ContainerStatuses[2].State = kubecontainer.ContainerStateUnknown + }, + actions: podActions{ + KillPod: true, + SandboxID: baseStatus.SandboxStatuses[0].Id, + ContainersToStart: []int{}, + ContainersToKill: getKillMapWithInitContainers(basePod, baseStatus, []int{}), }, }, } { diff --git a/pkg/kubelet/metrics/metrics.go b/pkg/kubelet/metrics/metrics.go index dcf1e9dbacc..da31c581f8f 100644 --- a/pkg/kubelet/metrics/metrics.go +++ b/pkg/kubelet/metrics/metrics.go @@ -31,29 +31,42 @@ import ( ) const ( - KubeletSubsystem = "kubelet" - NodeNameKey = "node_name" - NodeLabelKey = "node" - PodWorkerLatencyKey = "pod_worker_latency_microseconds" - PodStartLatencyKey = "pod_start_latency_microseconds" - CgroupManagerOperationsKey = "cgroup_manager_latency_microseconds" - PodWorkerStartLatencyKey = "pod_worker_start_latency_microseconds" - PLEGRelistLatencyKey = "pleg_relist_latency_microseconds" - PLEGRelistIntervalKey = "pleg_relist_interval_microseconds" - EvictionStatsAgeKey = "eviction_stats_age_microseconds" - VolumeStatsCapacityBytesKey = "volume_stats_capacity_bytes" - VolumeStatsAvailableBytesKey = "volume_stats_available_bytes" - VolumeStatsUsedBytesKey = "volume_stats_used_bytes" - VolumeStatsInodesKey = "volume_stats_inodes" - VolumeStatsInodesFreeKey = "volume_stats_inodes_free" - VolumeStatsInodesUsedKey = "volume_stats_inodes_used" + KubeletSubsystem = "kubelet" + NodeNameKey = "node_name" + NodeLabelKey = "node" + PodWorkerDurationKey = "pod_worker_duration_seconds" + PodStartDurationKey = "pod_start_duration_seconds" + CgroupManagerOperationsKey = "cgroup_manager_duration_seconds" + PodWorkerStartDurationKey = "pod_worker_start_duration_seconds" + PLEGRelistDurationKey = "pleg_relist_duration_seconds" + PLEGDiscardEventsKey = "pleg_discard_events" + PLEGRelistIntervalKey = "pleg_relist_interval_seconds" + EvictionStatsAgeKey = "eviction_stats_age_seconds" + DeprecatedPodWorkerLatencyKey = "pod_worker_latency_microseconds" + DeprecatedPodStartLatencyKey = "pod_start_latency_microseconds" + DeprecatedCgroupManagerOperationsKey = "cgroup_manager_latency_microseconds" + DeprecatedPodWorkerStartLatencyKey = "pod_worker_start_latency_microseconds" + DeprecatedPLEGRelistLatencyKey = "pleg_relist_latency_microseconds" + DeprecatedPLEGRelistIntervalKey = "pleg_relist_interval_microseconds" + DeprecatedEvictionStatsAgeKey = "eviction_stats_age_microseconds" + VolumeStatsCapacityBytesKey = "volume_stats_capacity_bytes" + VolumeStatsAvailableBytesKey = "volume_stats_available_bytes" + VolumeStatsUsedBytesKey = "volume_stats_used_bytes" + VolumeStatsInodesKey = "volume_stats_inodes" + VolumeStatsInodesFreeKey = "volume_stats_inodes_free" + VolumeStatsInodesUsedKey = "volume_stats_inodes_used" // Metrics keys of remote runtime operations - RuntimeOperationsKey = "runtime_operations" - RuntimeOperationsLatencyKey = "runtime_operations_latency_microseconds" - RuntimeOperationsErrorsKey = "runtime_operations_errors" + RuntimeOperationsKey = "runtime_operations_total" + RuntimeOperationsDurationKey = "runtime_operations_duration_seconds" + RuntimeOperationsErrorsKey = "runtime_operations_errors_total" + DeprecatedRuntimeOperationsKey = "runtime_operations" + DeprecatedRuntimeOperationsLatencyKey = "runtime_operations_latency_microseconds" + DeprecatedRuntimeOperationsErrorsKey = "runtime_operations_errors" // Metrics keys of device plugin operations - DevicePluginRegistrationCountKey = "device_plugin_registration_count" - DevicePluginAllocationLatencyKey = "device_plugin_alloc_latency_microseconds" + DevicePluginRegistrationCountKey = "device_plugin_registration_total" + DevicePluginAllocationDurationKey = "device_plugin_alloc_duration_seconds" + DeprecatedDevicePluginRegistrationCountKey = "device_plugin_registration_count" + DeprecatedDevicePluginAllocationLatencyKey = "device_plugin_alloc_latency_microseconds" // Metric keys for node config AssignedConfigKey = "node_config_assigned" @@ -80,55 +93,70 @@ var ( }, []string{NodeLabelKey}, ) - ContainersPerPodCount = prometheus.NewSummary( - prometheus.SummaryOpts{ + ContainersPerPodCount = prometheus.NewHistogram( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, Name: "containers_per_pod_count", Help: "The number of containers per pod.", + Buckets: prometheus.DefBuckets, }, ) - PodWorkerLatency = prometheus.NewSummaryVec( - prometheus.SummaryOpts{ + PodWorkerDuration = prometheus.NewHistogramVec( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, - Name: PodWorkerLatencyKey, - Help: "Latency in microseconds to sync a single pod. Broken down by operation type: create, update, or sync", + Name: PodWorkerDurationKey, + Help: "Duration in seconds to sync a single pod. Broken down by operation type: create, update, or sync", + Buckets: prometheus.DefBuckets, }, []string{"operation_type"}, ) - PodStartLatency = prometheus.NewSummary( - prometheus.SummaryOpts{ + PodStartDuration = prometheus.NewHistogram( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, - Name: PodStartLatencyKey, - Help: "Latency in microseconds for a single pod to go from pending to running.", + Name: PodStartDurationKey, + Help: "Duration in seconds for a single pod to go from pending to running.", + Buckets: prometheus.DefBuckets, }, ) - CgroupManagerLatency = prometheus.NewSummaryVec( - prometheus.SummaryOpts{ + CgroupManagerDuration = prometheus.NewHistogramVec( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, Name: CgroupManagerOperationsKey, - Help: "Latency in microseconds for cgroup manager operations. Broken down by method.", + Help: "Duration in seconds for cgroup manager operations. Broken down by method.", + Buckets: prometheus.DefBuckets, }, []string{"operation_type"}, ) - PodWorkerStartLatency = prometheus.NewSummary( - prometheus.SummaryOpts{ + PodWorkerStartDuration = prometheus.NewHistogram( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, - Name: PodWorkerStartLatencyKey, - Help: "Latency in microseconds from seeing a pod to starting a worker.", + Name: PodWorkerStartDurationKey, + Help: "Duration in seconds from seeing a pod to starting a worker.", + Buckets: prometheus.DefBuckets, }, ) - PLEGRelistLatency = prometheus.NewSummary( - prometheus.SummaryOpts{ + PLEGRelistDuration = prometheus.NewHistogram( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, - Name: PLEGRelistLatencyKey, - Help: "Latency in microseconds for relisting pods in PLEG.", + Name: PLEGRelistDurationKey, + Help: "Duration in seconds for relisting pods in PLEG.", + Buckets: prometheus.DefBuckets, }, ) - PLEGRelistInterval = prometheus.NewSummary( - prometheus.SummaryOpts{ + PLEGDiscardEvents = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: KubeletSubsystem, + Name: PLEGDiscardEventsKey, + Help: "The number of discard events in PLEG.", + }, + []string{}, + ) + PLEGRelistInterval = prometheus.NewHistogram( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, Name: PLEGRelistIntervalKey, - Help: "Interval in microseconds between relisting in PLEG.", + Help: "Interval in seconds between relisting in PLEG.", + Buckets: prometheus.DefBuckets, }, ) // Metrics of remote runtime operations. @@ -140,11 +168,12 @@ var ( }, []string{"operation_type"}, ) - RuntimeOperationsLatency = prometheus.NewSummaryVec( - prometheus.SummaryOpts{ + RuntimeOperationsDuration = prometheus.NewHistogramVec( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, - Name: RuntimeOperationsLatencyKey, - Help: "Latency in microseconds of runtime operations. Broken down by operation type.", + Name: RuntimeOperationsDurationKey, + Help: "Duration in seconds of runtime operations. Broken down by operation type.", + Buckets: prometheus.DefBuckets, }, []string{"operation_type"}, ) @@ -156,11 +185,12 @@ var ( }, []string{"operation_type"}, ) - EvictionStatsAge = prometheus.NewSummaryVec( - prometheus.SummaryOpts{ + EvictionStatsAge = prometheus.NewHistogramVec( + prometheus.HistogramOpts{ Subsystem: KubeletSubsystem, Name: EvictionStatsAgeKey, Help: "Time between when stats are collected, and when pod is evicted based on those stats by eviction signal", + Buckets: prometheus.DefBuckets, }, []string{"eviction_signal"}, ) @@ -172,11 +202,105 @@ var ( }, []string{"resource_name"}, ) - DevicePluginAllocationLatency = prometheus.NewSummaryVec( + DevicePluginAllocationDuration = prometheus.NewHistogramVec( + prometheus.HistogramOpts{ + Subsystem: KubeletSubsystem, + Name: DevicePluginAllocationDurationKey, + Help: "Duration in seconds to serve a device plugin Allocation request. Broken down by resource name.", + Buckets: prometheus.DefBuckets, + }, + []string{"resource_name"}, + ) + + DeprecatedPodWorkerLatency = prometheus.NewSummaryVec( prometheus.SummaryOpts{ Subsystem: KubeletSubsystem, - Name: DevicePluginAllocationLatencyKey, - Help: "Latency in microseconds to serve a device plugin Allocation request. Broken down by resource name.", + Name: DeprecatedPodWorkerLatencyKey, + Help: "(Deprecated) Latency in microseconds to sync a single pod. Broken down by operation type: create, update, or sync", + }, + []string{"operation_type"}, + ) + DeprecatedPodStartLatency = prometheus.NewSummary( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedPodStartLatencyKey, + Help: "(Deprecated) Latency in microseconds for a single pod to go from pending to running.", + }, + ) + DeprecatedCgroupManagerLatency = prometheus.NewSummaryVec( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedCgroupManagerOperationsKey, + Help: "(Deprecated) Latency in microseconds for cgroup manager operations. Broken down by method.", + }, + []string{"operation_type"}, + ) + DeprecatedPodWorkerStartLatency = prometheus.NewSummary( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedPodWorkerStartLatencyKey, + Help: "(Deprecated) Latency in microseconds from seeing a pod to starting a worker.", + }, + ) + DeprecatedPLEGRelistLatency = prometheus.NewSummary( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedPLEGRelistLatencyKey, + Help: "(Deprecated) Latency in microseconds for relisting pods in PLEG.", + }, + ) + DeprecatedPLEGRelistInterval = prometheus.NewSummary( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedPLEGRelistIntervalKey, + Help: "(Deprecated) Interval in microseconds between relisting in PLEG.", + }, + ) + DeprecatedRuntimeOperations = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedRuntimeOperationsKey, + Help: "(Deprecated) Cumulative number of runtime operations by operation type.", + }, + []string{"operation_type"}, + ) + DeprecatedRuntimeOperationsLatency = prometheus.NewSummaryVec( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedRuntimeOperationsLatencyKey, + Help: "(Deprecated) Latency in microseconds of runtime operations. Broken down by operation type.", + }, + []string{"operation_type"}, + ) + DeprecatedRuntimeOperationsErrors = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedRuntimeOperationsErrorsKey, + Help: "(Deprecated) Cumulative number of runtime operation errors by operation type.", + }, + []string{"operation_type"}, + ) + DeprecatedEvictionStatsAge = prometheus.NewSummaryVec( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedEvictionStatsAgeKey, + Help: "(Deprecated) Time between when stats are collected, and when pod is evicted based on those stats by eviction signal", + }, + []string{"eviction_signal"}, + ) + DeprecatedDevicePluginRegistrationCount = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedDevicePluginRegistrationCountKey, + Help: "(Deprecated) Cumulative number of device plugin registrations. Broken down by resource name.", + }, + []string{"resource_name"}, + ) + DeprecatedDevicePluginAllocationLatency = prometheus.NewSummaryVec( + prometheus.SummaryOpts{ + Subsystem: KubeletSubsystem, + Name: DeprecatedDevicePluginAllocationLatencyKey, + Help: "(Deprecated) Latency in microseconds to serve a device plugin Allocation request. Broken down by resource name.", }, []string{"resource_name"}, ) @@ -239,20 +363,33 @@ func Register(containerCache kubecontainer.RuntimeCache, collectors ...prometheu // Register the metrics. registerMetrics.Do(func() { prometheus.MustRegister(NodeName) - prometheus.MustRegister(PodWorkerLatency) - prometheus.MustRegister(PodStartLatency) - prometheus.MustRegister(CgroupManagerLatency) - prometheus.MustRegister(PodWorkerStartLatency) + prometheus.MustRegister(PodWorkerDuration) + prometheus.MustRegister(PodStartDuration) + prometheus.MustRegister(CgroupManagerDuration) + prometheus.MustRegister(PodWorkerStartDuration) prometheus.MustRegister(ContainersPerPodCount) prometheus.MustRegister(newPodAndContainerCollector(containerCache)) - prometheus.MustRegister(PLEGRelistLatency) + prometheus.MustRegister(PLEGRelistDuration) + prometheus.MustRegister(PLEGDiscardEvents) prometheus.MustRegister(PLEGRelistInterval) prometheus.MustRegister(RuntimeOperations) - prometheus.MustRegister(RuntimeOperationsLatency) + prometheus.MustRegister(RuntimeOperationsDuration) prometheus.MustRegister(RuntimeOperationsErrors) prometheus.MustRegister(EvictionStatsAge) prometheus.MustRegister(DevicePluginRegistrationCount) - prometheus.MustRegister(DevicePluginAllocationLatency) + prometheus.MustRegister(DevicePluginAllocationDuration) + prometheus.MustRegister(DeprecatedPodWorkerLatency) + prometheus.MustRegister(DeprecatedPodStartLatency) + prometheus.MustRegister(DeprecatedCgroupManagerLatency) + prometheus.MustRegister(DeprecatedPodWorkerStartLatency) + prometheus.MustRegister(DeprecatedPLEGRelistLatency) + prometheus.MustRegister(DeprecatedPLEGRelistInterval) + prometheus.MustRegister(DeprecatedRuntimeOperations) + prometheus.MustRegister(DeprecatedRuntimeOperationsLatency) + prometheus.MustRegister(DeprecatedRuntimeOperationsErrors) + prometheus.MustRegister(DeprecatedEvictionStatsAge) + prometheus.MustRegister(DeprecatedDevicePluginRegistrationCount) + prometheus.MustRegister(DeprecatedDevicePluginAllocationLatency) if utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) { prometheus.MustRegister(AssignedConfig) prometheus.MustRegister(ActiveConfig) @@ -270,6 +407,11 @@ func SinceInMicroseconds(start time.Time) float64 { return float64(time.Since(start).Nanoseconds() / time.Microsecond.Nanoseconds()) } +// Gets the time since the specified start in seconds. +func SinceInSeconds(start time.Time) float64 { + return time.Since(start).Seconds() +} + func newPodAndContainerCollector(containerCache kubecontainer.RuntimeCache) *podAndContainerCollector { return &podAndContainerCollector{ containerCache: containerCache, diff --git a/pkg/kubelet/network/OWNERS b/pkg/kubelet/network/OWNERS index 2e520645d70..2424e6272dc 100644 --- a/pkg/kubelet/network/OWNERS +++ b/pkg/kubelet/network/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin - dchen1107 diff --git a/pkg/kubelet/network/dns/OWNERS b/pkg/kubelet/network/dns/OWNERS index b5c11e8c5ad..a055e4d7024 100644 --- a/pkg/kubelet/network/dns/OWNERS +++ b/pkg/kubelet/network/dns/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-network-approvers reviewers: diff --git a/pkg/kubelet/network/dns/dns.go b/pkg/kubelet/network/dns/dns.go index 6f9ab339e97..a39994ffcbf 100644 --- a/pkg/kubelet/network/dns/dns.go +++ b/pkg/kubelet/network/dns/dns.go @@ -190,7 +190,7 @@ func (c *Configurer) CheckLimitsForResolvConf() { return } -// parseResolveConf reads a resolv.conf file from the given reader, and parses +// parseResolvConf reads a resolv.conf file from the given reader, and parses // it into nameservers, searches and options, possibly returning an error. func parseResolvConf(reader io.Reader) (nameservers []string, searches []string, options []string, err error) { file, err := ioutil.ReadAll(reader) @@ -280,7 +280,7 @@ func getPodDNSType(pod *v1.Pod) (podDNSType, error) { return podDNSCluster, fmt.Errorf(fmt.Sprintf("invalid DNSPolicy=%v", dnsPolicy)) } -// Merge DNS options. If duplicated, entries given by PodDNSConfigOption will +// mergeDNSOptions merges DNS options. If duplicated, entries given by PodDNSConfigOption will // overwrite the existing ones. func mergeDNSOptions(existingDNSConfigOptions []string, dnsConfigOptions []v1.PodDNSConfigOption) []string { optionsMap := make(map[string]string) diff --git a/pkg/kubelet/pleg/generic.go b/pkg/kubelet/pleg/generic.go index f69e0d49552..64bf43a1ef4 100644 --- a/pkg/kubelet/pleg/generic.go +++ b/pkg/kubelet/pleg/generic.go @@ -189,12 +189,14 @@ func (g *GenericPLEG) relist() { klog.V(5).Infof("GenericPLEG: Relisting") if lastRelistTime := g.getRelistTime(); !lastRelistTime.IsZero() { - metrics.PLEGRelistInterval.Observe(metrics.SinceInMicroseconds(lastRelistTime)) + metrics.PLEGRelistInterval.Observe(metrics.SinceInSeconds(lastRelistTime)) + metrics.DeprecatedPLEGRelistInterval.Observe(metrics.SinceInMicroseconds(lastRelistTime)) } timestamp := g.clock.Now() defer func() { - metrics.PLEGRelistLatency.Observe(metrics.SinceInMicroseconds(timestamp)) + metrics.PLEGRelistDuration.Observe(metrics.SinceInSeconds(timestamp)) + metrics.DeprecatedPLEGRelistLatency.Observe(metrics.SinceInMicroseconds(timestamp)) }() // Get all the pods. @@ -265,7 +267,12 @@ func (g *GenericPLEG) relist() { if events[i].Type == ContainerChanged { continue } - g.eventChannel <- events[i] + select { + case g.eventChannel <- events[i]: + default: + metrics.PLEGDiscardEvents.WithLabelValues().Inc() + klog.Error("event channel is full, discard this relist() cycle event") + } } } @@ -337,7 +344,7 @@ func (g *GenericPLEG) cacheEnabled() bool { return g.cache != nil } -// Preserve an older cached status' pod IP if the new status has no pod IP +// getPodIP preserves an older cached status' pod IP if the new status has no pod IP // and its sandboxes have exited func (g *GenericPLEG) getPodIP(pid types.UID, status *kubecontainer.PodStatus) string { if status.IP != "" { diff --git a/pkg/kubelet/pleg/generic_test.go b/pkg/kubelet/pleg/generic_test.go index 2e972ed4521..860ff2934b8 100644 --- a/pkg/kubelet/pleg/generic_test.go +++ b/pkg/kubelet/pleg/generic_test.go @@ -34,6 +34,8 @@ import ( const ( testContainerRuntimeType = "fooRuntime" + // largeChannelCap is a large enough capacity to hold all events in a single test. + largeChannelCap = 100 ) type TestGenericPLEG struct { @@ -43,6 +45,10 @@ type TestGenericPLEG struct { } func newTestGenericPLEG() *TestGenericPLEG { + return newTestGenericPLEGWithChannelSize(largeChannelCap) +} + +func newTestGenericPLEGWithChannelSize(eventChannelCap int) *TestGenericPLEG { fakeRuntime := &containertest.FakeRuntime{} clock := clock.NewFakeClock(time.Time{}) // The channel capacity should be large enough to hold all events in a @@ -50,7 +56,7 @@ func newTestGenericPLEG() *TestGenericPLEG { pleg := &GenericPLEG{ relistPeriod: time.Hour, runtime: fakeRuntime, - eventChannel: make(chan *PodLifecycleEvent, 100), + eventChannel: make(chan *PodLifecycleEvent, eventChannelCap), podRecords: make(podRecords), clock: clock, } @@ -157,6 +163,65 @@ func TestRelisting(t *testing.T) { verifyEvents(t, expected, actual) } +// TestEventChannelFull test when channel is full, the events will be discard. +func TestEventChannelFull(t *testing.T) { + testPleg := newTestGenericPLEGWithChannelSize(4) + pleg, runtime := testPleg.pleg, testPleg.runtime + ch := pleg.Watch() + // The first relist should send a PodSync event to each pod. + runtime.AllPodList = []*containertest.FakePod{ + {Pod: &kubecontainer.Pod{ + ID: "1234", + Containers: []*kubecontainer.Container{ + createTestContainer("c1", kubecontainer.ContainerStateExited), + createTestContainer("c2", kubecontainer.ContainerStateRunning), + createTestContainer("c3", kubecontainer.ContainerStateUnknown), + }, + }}, + {Pod: &kubecontainer.Pod{ + ID: "4567", + Containers: []*kubecontainer.Container{ + createTestContainer("c1", kubecontainer.ContainerStateExited), + }, + }}, + } + pleg.relist() + // Report every running/exited container if we see them for the first time. + expected := []*PodLifecycleEvent{ + {ID: "1234", Type: ContainerStarted, Data: "c2"}, + {ID: "4567", Type: ContainerDied, Data: "c1"}, + {ID: "1234", Type: ContainerDied, Data: "c1"}, + } + actual := getEventsFromChannel(ch) + verifyEvents(t, expected, actual) + + runtime.AllPodList = []*containertest.FakePod{ + {Pod: &kubecontainer.Pod{ + ID: "1234", + Containers: []*kubecontainer.Container{ + createTestContainer("c2", kubecontainer.ContainerStateExited), + createTestContainer("c3", kubecontainer.ContainerStateRunning), + }, + }}, + {Pod: &kubecontainer.Pod{ + ID: "4567", + Containers: []*kubecontainer.Container{ + createTestContainer("c4", kubecontainer.ContainerStateRunning), + }, + }}, + } + pleg.relist() + // event channel is full, discard events + expected = []*PodLifecycleEvent{ + {ID: "1234", Type: ContainerRemoved, Data: "c1"}, + {ID: "1234", Type: ContainerDied, Data: "c2"}, + {ID: "1234", Type: ContainerStarted, Data: "c3"}, + {ID: "4567", Type: ContainerRemoved, Data: "c1"}, + } + actual = getEventsFromChannel(ch) + verifyEvents(t, expected, actual) +} + func TestDetectingContainerDeaths(t *testing.T) { // Vary the number of relists after the container started and before the // container died to account for the changes in pleg's internal states. diff --git a/pkg/kubelet/qos/BUILD b/pkg/kubelet/qos/BUILD index 634175a6e93..e068804aabe 100644 --- a/pkg/kubelet/qos/BUILD +++ b/pkg/kubelet/qos/BUILD @@ -11,6 +11,7 @@ go_test( srcs = ["policy_test.go"], embed = [":go_default_library"], deps = [ + "//pkg/apis/scheduling:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", ], @@ -25,6 +26,7 @@ go_library( importpath = "k8s.io/kubernetes/pkg/kubelet/qos", deps = [ "//pkg/apis/core/v1/helper/qos:go_default_library", + "//pkg/kubelet/types:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", ], ) diff --git a/pkg/kubelet/qos/policy.go b/pkg/kubelet/qos/policy.go index b7177d2a4fd..344b0d99ce9 100644 --- a/pkg/kubelet/qos/policy.go +++ b/pkg/kubelet/qos/policy.go @@ -17,8 +17,9 @@ limitations under the License. package qos import ( - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" v1qos "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos" + "k8s.io/kubernetes/pkg/kubelet/types" ) const ( @@ -41,6 +42,11 @@ const ( // and 1000. Containers with higher OOM scores are killed if the system runs out of memory. // See https://lwn.net/Articles/391222/ for more information. func GetContainerOOMScoreAdjust(pod *v1.Pod, container *v1.Container, memoryCapacity int64) int { + if types.IsCriticalPod(pod) { + // Critical pods should be the last to get killed. + return guaranteedOOMScoreAdj + } + switch v1qos.GetPodQOS(pod) { case v1.PodQOSGuaranteed: // Guaranteed containers should be the last to get killed. diff --git a/pkg/kubelet/qos/policy_test.go b/pkg/kubelet/qos/policy_test.go index b713766960c..deebc439783 100644 --- a/pkg/kubelet/qos/policy_test.go +++ b/pkg/kubelet/qos/policy_test.go @@ -20,8 +20,9 @@ import ( "strconv" "testing" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" + "k8s.io/kubernetes/pkg/apis/scheduling" ) const ( @@ -135,6 +136,19 @@ var ( }, }, } + + systemCritical = scheduling.SystemCriticalPriority + + critical = v1.Pod{ + Spec: v1.PodSpec{ + Priority: &systemCritical, + Containers: []v1.Container{ + { + Resources: v1.ResourceRequirements{}, + }, + }, + }, + } ) type oomTest struct { @@ -188,6 +202,12 @@ func TestGetContainerOOMScoreAdjust(t *testing.T) { lowOOMScoreAdj: 2, highOOMScoreAdj: 2, }, + { + pod: &critical, + memoryCapacity: 4000000000, + lowOOMScoreAdj: -998, + highOOMScoreAdj: -998, + }, } for _, test := range oomTests { oomScoreAdj := GetContainerOOMScoreAdjust(test.pod, &test.pod.Spec.Containers[0], test.memoryCapacity) diff --git a/pkg/kubelet/remote/OWNERS b/pkg/kubelet/remote/OWNERS index 30afd24444a..b1e7523c7fc 100644 --- a/pkg/kubelet/remote/OWNERS +++ b/pkg/kubelet/remote/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - feiskyer diff --git a/pkg/kubelet/server/remotecommand/doc.go b/pkg/kubelet/server/remotecommand/doc.go index 24f9393abfb..a78404cb8bb 100644 --- a/pkg/kubelet/server/remotecommand/doc.go +++ b/pkg/kubelet/server/remotecommand/doc.go @@ -14,5 +14,5 @@ See the License for the specific language governing permissions and limitations under the License. */ -// package remotecommand contains functions related to executing commands in and attaching to pods. +// Package remotecommand contains functions related to executing commands in and attaching to pods. package remotecommand // import "k8s.io/kubernetes/pkg/kubelet/server/remotecommand" diff --git a/pkg/kubelet/server/remotecommand/httpstream.go b/pkg/kubelet/server/remotecommand/httpstream.go index 8bff323ec7a..df5c8eee36d 100644 --- a/pkg/kubelet/server/remotecommand/httpstream.go +++ b/pkg/kubelet/server/remotecommand/httpstream.go @@ -108,7 +108,7 @@ func createStreams(req *http.Request, w http.ResponseWriter, opts *Options, supp if wsstream.IsWebSocketRequest(req) { ctx, ok = createWebSocketStreams(req, w, opts, idleTimeout) } else { - ctx, ok = createHttpStreamStreams(req, w, opts, supportedStreamProtocols, idleTimeout, streamCreationTimeout) + ctx, ok = createHTTPStreamStreams(req, w, opts, supportedStreamProtocols, idleTimeout, streamCreationTimeout) } if !ok { return nil, false @@ -122,7 +122,7 @@ func createStreams(req *http.Request, w http.ResponseWriter, opts *Options, supp return ctx, true } -func createHttpStreamStreams(req *http.Request, w http.ResponseWriter, opts *Options, supportedStreamProtocols []string, idleTimeout, streamCreationTimeout time.Duration) (*context, bool) { +func createHTTPStreamStreams(req *http.Request, w http.ResponseWriter, opts *Options, supportedStreamProtocols []string, idleTimeout, streamCreationTimeout time.Duration) (*context, bool) { protocol, err := httpstream.Handshake(req, w, supportedStreamProtocols) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) diff --git a/pkg/kubelet/stats/BUILD b/pkg/kubelet/stats/BUILD index ac9d306d2f6..3f6398686bb 100644 --- a/pkg/kubelet/stats/BUILD +++ b/pkg/kubelet/stats/BUILD @@ -5,13 +5,9 @@ go_library( srcs = [ "cadvisor_stats_provider.go", "cri_stats_provider.go", - "cri_stats_provider_unsupported.go", - "cri_stats_provider_windows.go", "helper.go", "log_metrics_provider.go", "stats_provider.go", - "stats_provider_linux.go", - "stats_provider_unsupported.go", ], importpath = "k8s.io/kubernetes/pkg/kubelet/stats", visibility = ["//visibility:public"], @@ -26,6 +22,7 @@ go_library( "//pkg/kubelet/leaky:go_default_library", "//pkg/kubelet/pod:go_default_library", "//pkg/kubelet/server/stats:go_default_library", + "//pkg/kubelet/stats/pidlimit:go_default_library", "//pkg/kubelet/status:go_default_library", "//pkg/kubelet/types:go_default_library", "//pkg/volume:go_default_library", @@ -35,12 +32,7 @@ go_library( "//vendor/github.com/google/cadvisor/info/v1:go_default_library", "//vendor/github.com/google/cadvisor/info/v2:go_default_library", "//vendor/k8s.io/klog:go_default_library", - ] + select({ - "@io_bazel_rules_go//go/platform:windows": [ - "//vendor/github.com/Microsoft/hcsshim:go_default_library", - ], - "//conditions:default": [], - }), + ], ) filegroup( @@ -52,7 +44,10 @@ filegroup( filegroup( name = "all-srcs", - srcs = [":package-srcs"], + srcs = [ + ":package-srcs", + "//pkg/kubelet/stats/pidlimit:all-srcs", + ], tags = ["automanaged"], visibility = ["//visibility:public"], ) diff --git a/pkg/kubelet/stats/cri_stats_provider.go b/pkg/kubelet/stats/cri_stats_provider.go index b6eb43fd7ec..c2657d9b6a4 100644 --- a/pkg/kubelet/stats/cri_stats_provider.go +++ b/pkg/kubelet/stats/cri_stats_provider.go @@ -22,13 +22,15 @@ import ( "path" "sort" "strings" + "sync" "time" cadvisorfs "github.com/google/cadvisor/fs" + "k8s.io/klog" + cadvisorapiv2 "github.com/google/cadvisor/info/v2" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" - "k8s.io/klog" internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri" runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1" @@ -38,6 +40,11 @@ import ( kubetypes "k8s.io/kubernetes/pkg/kubelet/types" ) +var ( + // defaultCachePeriod is the default cache period for each cpuUsage. + defaultCachePeriod = 10 * time.Minute +) + // criStatsProvider implements the containerStatsProvider interface by getting // the container stats from CRI. type criStatsProvider struct { @@ -54,6 +61,10 @@ type criStatsProvider struct { imageService internalapi.ImageManagerService // logMetrics provides the metrics for container logs logMetricsService LogMetricsService + + // cpuUsageCache caches the cpu usage for containers. + cpuUsageCache map[string]*runtimeapi.CpuUsage + mutex sync.Mutex } // newCRIStatsProvider returns a containerStatsProvider implementation that @@ -71,6 +82,7 @@ func newCRIStatsProvider( runtimeService: runtimeService, imageService: imageService, logMetricsService: logMetricsService, + cpuUsageCache: make(map[string]*runtimeapi.CpuUsage), } } @@ -123,12 +135,6 @@ func (p *criStatsProvider) ListPodStats() ([]statsapi.PodStats, error) { } caInfos := getCRICadvisorStats(allInfos) - // get network stats for containers. - containerNetworkStats, err := p.listContainerNetworkStats() - if err != nil { - return nil, fmt.Errorf("failed to list container network stats: %v", err) - } - for _, stats := range resp { containerID := stats.Attributes.Id container, found := containerMap[containerID] @@ -152,7 +158,7 @@ func (p *criStatsProvider) ListPodStats() ([]statsapi.PodStats, error) { // Fill available stats for full set of required pod stats cs := p.makeContainerStats(stats, container, &rootFsInfo, fsIDtoInfo, podSandbox.GetMetadata().GetUid()) - p.addPodNetworkStats(ps, podSandboxID, caInfos, cs, containerNetworkStats[podSandboxID]) + p.addPodNetworkStats(ps, podSandboxID, caInfos, cs) p.addPodCPUMemoryStats(ps, types.UID(podSandbox.Metadata.Uid), allInfos, cs) // If cadvisor stats is available for the container, use it to populate @@ -165,6 +171,8 @@ func (p *criStatsProvider) ListPodStats() ([]statsapi.PodStats, error) { } ps.Containers = append(ps.Containers, *cs) } + // cleanup outdated caches. + p.cleanupOutdatedCaches() result := make([]statsapi.PodStats, 0, len(sandboxIDToPodStats)) for _, s := range sandboxIDToPodStats { @@ -247,6 +255,8 @@ func (p *criStatsProvider) ListPodCPUAndMemoryStats() ([]statsapi.PodStats, erro } ps.Containers = append(ps.Containers, *cs) } + // cleanup outdated caches. + p.cleanupOutdatedCaches() result := make([]statsapi.PodStats, 0, len(sandboxIDToPodStats)) for _, s := range sandboxIDToPodStats { @@ -358,21 +368,11 @@ func (p *criStatsProvider) addPodNetworkStats( podSandboxID string, caInfos map[string]cadvisorapiv2.ContainerInfo, cs *statsapi.ContainerStats, - netStats *statsapi.NetworkStats, ) { caPodSandbox, found := caInfos[podSandboxID] // try get network stats from cadvisor first. if found { - networkStats := cadvisorInfoToNetworkStats(ps.PodRef.Name, &caPodSandbox) - if networkStats != nil { - ps.Network = networkStats - return - } - } - - // Not found from cadvisor, get from netStats. - if netStats != nil { - ps.Network = netStats + ps.Network = cadvisorInfoToNetworkStats(ps.PodRef.Name, &caPodSandbox) return } @@ -450,6 +450,11 @@ func (p *criStatsProvider) makeContainerStats( if stats.Cpu.UsageCoreNanoSeconds != nil { result.CPU.UsageCoreNanoSeconds = &stats.Cpu.UsageCoreNanoSeconds.Value } + + usageNanoCores := p.getContainerUsageNanoCores(stats) + if usageNanoCores != nil { + result.CPU.UsageNanoCores = usageNanoCores + } } if stats.Memory != nil { result.Memory.Time = metav1.NewTime(time.Unix(0, stats.Memory.Timestamp)) @@ -506,6 +511,11 @@ func (p *criStatsProvider) makeContainerCPUAndMemoryStats( if stats.Cpu.UsageCoreNanoSeconds != nil { result.CPU.UsageCoreNanoSeconds = &stats.Cpu.UsageCoreNanoSeconds.Value } + + usageNanoCores := p.getContainerUsageNanoCores(stats) + if usageNanoCores != nil { + result.CPU.UsageNanoCores = usageNanoCores + } } if stats.Memory != nil { result.Memory.Time = metav1.NewTime(time.Unix(0, stats.Memory.Timestamp)) @@ -516,6 +526,44 @@ func (p *criStatsProvider) makeContainerCPUAndMemoryStats( return result } +// getContainerUsageNanoCores gets usageNanoCores based on cached usageCoreNanoSeconds. +func (p *criStatsProvider) getContainerUsageNanoCores(stats *runtimeapi.ContainerStats) *uint64 { + if stats == nil || stats.Cpu == nil || stats.Cpu.UsageCoreNanoSeconds == nil { + return nil + } + + p.mutex.Lock() + defer func() { + // Update cache with new value. + p.cpuUsageCache[stats.Attributes.Id] = stats.Cpu + p.mutex.Unlock() + }() + + cached, ok := p.cpuUsageCache[stats.Attributes.Id] + if !ok || cached.UsageCoreNanoSeconds == nil { + return nil + } + + nanoSeconds := stats.Cpu.Timestamp - cached.Timestamp + usageNanoCores := (stats.Cpu.UsageCoreNanoSeconds.Value - cached.UsageCoreNanoSeconds.Value) * uint64(time.Second/time.Nanosecond) / uint64(nanoSeconds) + return &usageNanoCores +} + +func (p *criStatsProvider) cleanupOutdatedCaches() { + p.mutex.Lock() + defer p.mutex.Unlock() + + for k, v := range p.cpuUsageCache { + if v == nil { + delete(p.cpuUsageCache, k) + } + + if time.Since(time.Unix(0, v.Timestamp)) > defaultCachePeriod { + delete(p.cpuUsageCache, k) + } + } +} + // removeTerminatedContainer returns the specified container but with // the stats of the terminated containers removed. func removeTerminatedContainer(containers []*runtimeapi.Container) []*runtimeapi.Container { diff --git a/pkg/kubelet/stats/cri_stats_provider_test.go b/pkg/kubelet/stats/cri_stats_provider_test.go index 3e73625a2f9..f420f379056 100644 --- a/pkg/kubelet/stats/cri_stats_provider_test.go +++ b/pkg/kubelet/stats/cri_stats_provider_test.go @@ -645,3 +645,110 @@ func makeFakeLogStats(seed int) *volume.Metrics { m.InodesUsed = resource.NewQuantity(int64(seed+offsetInodeUsage), resource.BinarySI) return m } + +func TestGetContainerUsageNanoCores(t *testing.T) { + var value0 uint64 + var value1 uint64 = 10000000000 + + tests := []struct { + desc string + cpuUsageCache map[string]*runtimeapi.CpuUsage + stats *runtimeapi.ContainerStats + expected *uint64 + }{ + { + desc: "should return nil if stats is nil", + cpuUsageCache: map[string]*runtimeapi.CpuUsage{}, + }, + { + desc: "should return nil if cpu stats is nil", + cpuUsageCache: map[string]*runtimeapi.CpuUsage{}, + stats: &runtimeapi.ContainerStats{ + Attributes: &runtimeapi.ContainerAttributes{ + Id: "1", + }, + Cpu: nil, + }, + }, + { + desc: "should return nil if usageCoreNanoSeconds is nil", + cpuUsageCache: map[string]*runtimeapi.CpuUsage{}, + stats: &runtimeapi.ContainerStats{ + Attributes: &runtimeapi.ContainerAttributes{ + Id: "1", + }, + Cpu: &runtimeapi.CpuUsage{ + Timestamp: 1, + UsageCoreNanoSeconds: nil, + }, + }, + }, + { + desc: "should return nil if cpu stats is not cached yet", + cpuUsageCache: map[string]*runtimeapi.CpuUsage{}, + stats: &runtimeapi.ContainerStats{ + Attributes: &runtimeapi.ContainerAttributes{ + Id: "1", + }, + Cpu: &runtimeapi.CpuUsage{ + Timestamp: 1, + UsageCoreNanoSeconds: &runtimeapi.UInt64Value{ + Value: 10000000000, + }, + }, + }, + }, + { + desc: "should return zero value if cached cpu stats is equal to current value", + stats: &runtimeapi.ContainerStats{ + Attributes: &runtimeapi.ContainerAttributes{ + Id: "1", + }, + Cpu: &runtimeapi.CpuUsage{ + Timestamp: 1, + UsageCoreNanoSeconds: &runtimeapi.UInt64Value{ + Value: 10000000000, + }, + }, + }, + cpuUsageCache: map[string]*runtimeapi.CpuUsage{ + "1": { + Timestamp: 0, + UsageCoreNanoSeconds: &runtimeapi.UInt64Value{ + Value: 10000000000, + }, + }, + }, + expected: &value0, + }, + { + desc: "should return correct value if cached cpu stats is not equal to current value", + stats: &runtimeapi.ContainerStats{ + Attributes: &runtimeapi.ContainerAttributes{ + Id: "1", + }, + Cpu: &runtimeapi.CpuUsage{ + Timestamp: int64(time.Second / time.Nanosecond), + UsageCoreNanoSeconds: &runtimeapi.UInt64Value{ + Value: 20000000000, + }, + }, + }, + cpuUsageCache: map[string]*runtimeapi.CpuUsage{ + "1": { + Timestamp: 0, + UsageCoreNanoSeconds: &runtimeapi.UInt64Value{ + Value: 10000000000, + }, + }, + }, + expected: &value1, + }, + } + + for _, test := range tests { + provider := &criStatsProvider{cpuUsageCache: test.cpuUsageCache} + real := provider.getContainerUsageNanoCores(test.stats) + assert.Equal(t, test.expected, real, test.desc) + } +} diff --git a/pkg/kubelet/stats/cri_stats_provider_windows.go b/pkg/kubelet/stats/cri_stats_provider_windows.go deleted file mode 100644 index bbc45647424..00000000000 --- a/pkg/kubelet/stats/cri_stats_provider_windows.go +++ /dev/null @@ -1,91 +0,0 @@ -// +build windows - -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package stats - -import ( - "time" - - "github.com/Microsoft/hcsshim" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/klog" - statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1" -) - -// listContainerNetworkStats returns the network stats of all the running containers. -func (p *criStatsProvider) listContainerNetworkStats() (map[string]*statsapi.NetworkStats, error) { - containers, err := hcsshim.GetContainers(hcsshim.ComputeSystemQuery{ - Types: []string{"Container"}, - }) - if err != nil { - return nil, err - } - - stats := make(map[string]*statsapi.NetworkStats) - for _, c := range containers { - container, err := hcsshim.OpenContainer(c.ID) - if err != nil { - klog.Warningf("Failed to open container %q with error '%v', continue to get stats for other containers", c.ID, err) - continue - } - - cstats, err := container.Statistics() - if err != nil { - klog.Warningf("Failed to get statistics for container %q with error '%v', continue to get stats for other containers", c.ID, err) - continue - } - - if len(cstats.Network) > 0 { - stats[c.ID] = hcsStatsToNetworkStats(cstats.Timestamp, cstats.Network) - } - } - - return stats, nil -} - -// hcsStatsToNetworkStats converts hcsshim.Statistics.Network to statsapi.NetworkStats -func hcsStatsToNetworkStats(timestamp time.Time, hcsStats []hcsshim.NetworkStats) *statsapi.NetworkStats { - result := &statsapi.NetworkStats{ - Time: metav1.NewTime(timestamp), - Interfaces: make([]statsapi.InterfaceStats, 0), - } - - for _, stat := range hcsStats { - iStat := hcsStatsToInterfaceStats(stat) - if iStat != nil { - result.Interfaces = append(result.Interfaces, *iStat) - } - } - - // TODO(feiskyer): add support of multiple interfaces for getting default interface. - if len(result.Interfaces) > 0 { - result.InterfaceStats = result.Interfaces[0] - } - - return result -} - -// hcsStatsToInterfaceStats converts hcsshim.NetworkStats to statsapi.InterfaceStats. -func hcsStatsToInterfaceStats(stat hcsshim.NetworkStats) *statsapi.InterfaceStats { - return &statsapi.InterfaceStats{ - Name: stat.EndpointId, - RxBytes: &stat.BytesReceived, - TxBytes: &stat.BytesSent, - } -} diff --git a/pkg/kubelet/stats/helper.go b/pkg/kubelet/stats/helper.go index 024f8981d8d..54f3093e553 100644 --- a/pkg/kubelet/stats/helper.go +++ b/pkg/kubelet/stats/helper.go @@ -20,10 +20,11 @@ import ( "fmt" "time" + "k8s.io/klog" + cadvisorapiv1 "github.com/google/cadvisor/info/v1" cadvisorapiv2 "github.com/google/cadvisor/info/v2" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/klog" statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1" "k8s.io/kubernetes/pkg/kubelet/cadvisor" ) @@ -157,10 +158,6 @@ func cadvisorInfoToNetworkStats(name string, info *cadvisorapiv2.ContainerInfo) return nil } - if cstat.Network == nil { - return nil - } - iStats := statsapi.NetworkStats{ Time: metav1.NewTime(cstat.Timestamp), } diff --git a/pkg/kubelet/stats/pidlimit/BUILD b/pkg/kubelet/stats/pidlimit/BUILD new file mode 100644 index 00000000000..d88396b7d6a --- /dev/null +++ b/pkg/kubelet/stats/pidlimit/BUILD @@ -0,0 +1,65 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "pidlimit.go", + "pidlimit_linux.go", + "pidlimit_unsupported.go", + ], + importpath = "k8s.io/kubernetes/pkg/kubelet/stats/pidlimit", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:android": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:darwin": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:dragonfly": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:freebsd": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:linux": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:nacl": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:netbsd": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:openbsd": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:plan9": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:solaris": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "@io_bazel_rules_go//go/platform:windows": [ + "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/kubelet/stats/pidlimit/pidlimit.go b/pkg/kubelet/stats/pidlimit/pidlimit.go new file mode 100644 index 00000000000..7356fa9c416 --- /dev/null +++ b/pkg/kubelet/stats/pidlimit/pidlimit.go @@ -0,0 +1,26 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package pidlimit + +import ( + "k8s.io/api/core/v1" +) + +const ( + // PIDs is the (internal) name for this resource + PIDs v1.ResourceName = "pid" +) diff --git a/pkg/kubelet/stats/stats_provider_linux.go b/pkg/kubelet/stats/pidlimit/pidlimit_linux.go similarity index 89% rename from pkg/kubelet/stats/stats_provider_linux.go rename to pkg/kubelet/stats/pidlimit/pidlimit_linux.go index f36890fc26c..d537f48f8b2 100644 --- a/pkg/kubelet/stats/stats_provider_linux.go +++ b/pkg/kubelet/stats/pidlimit/pidlimit_linux.go @@ -16,7 +16,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package stats +package pidlimit import ( "io/ioutil" @@ -28,7 +28,8 @@ import ( statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1" ) -func (p *StatsProvider) RlimitStats() (*statsapi.RlimitStats, error) { +// Stats provides basic information about max and current process count +func Stats() (*statsapi.RlimitStats, error) { rlimit := &statsapi.RlimitStats{} if content, err := ioutil.ReadFile("/proc/sys/kernel/pid_max"); err == nil { diff --git a/pkg/kubelet/stats/stats_provider_unsupported.go b/pkg/kubelet/stats/pidlimit/pidlimit_unsupported.go similarity index 83% rename from pkg/kubelet/stats/stats_provider_unsupported.go rename to pkg/kubelet/stats/pidlimit/pidlimit_unsupported.go index a7b00d9db02..825c7852200 100644 --- a/pkg/kubelet/stats/stats_provider_unsupported.go +++ b/pkg/kubelet/stats/pidlimit/pidlimit_unsupported.go @@ -16,12 +16,13 @@ See the License for the specific language governing permissions and limitations under the License. */ -package stats +package pidlimit import ( statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1" ) -func (p *StatsProvider) RlimitStats() (*statsapi.RlimitStats, error) { +// Stats provides basic information about max and current process count +func Stats() (*statsapi.RlimitStats, error) { return nil, nil } diff --git a/pkg/kubelet/stats/stats_provider.go b/pkg/kubelet/stats/stats_provider.go index b06c7a8ad8a..c0d98f900fa 100644 --- a/pkg/kubelet/stats/stats_provider.go +++ b/pkg/kubelet/stats/stats_provider.go @@ -28,6 +28,7 @@ import ( kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" kubepod "k8s.io/kubernetes/pkg/kubelet/pod" "k8s.io/kubernetes/pkg/kubelet/server/stats" + "k8s.io/kubernetes/pkg/kubelet/stats/pidlimit" "k8s.io/kubernetes/pkg/kubelet/status" ) @@ -96,6 +97,11 @@ type rlimitStatsProvider interface { RlimitStats() (*statsapi.RlimitStats, error) } +// RlimitStats returns base information about process count +func (p *StatsProvider) RlimitStats() (*statsapi.RlimitStats, error) { + return pidlimit.Stats() +} + // GetCgroupStats returns the stats of the cgroup with the cgroupName. Note that // this function doesn't generate filesystem stats. func (p *StatsProvider) GetCgroupStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, *statsapi.NetworkStats, error) { diff --git a/pkg/kubelet/stats/stats_provider_test.go b/pkg/kubelet/stats/stats_provider_test.go index 26884547e51..9700a501cab 100644 --- a/pkg/kubelet/stats/stats_provider_test.go +++ b/pkg/kubelet/stats/stats_provider_test.go @@ -607,13 +607,13 @@ func checkNetworkStats(t *testing.T, label string, seed int, stats *statsapi.Net assert.EqualValues(t, 2, len(stats.Interfaces), "network interfaces should contain 2 elements") - assert.EqualValues(t, "eth0", stats.Interfaces[0].Name, "default interface name is ont eth0") + assert.EqualValues(t, "eth0", stats.Interfaces[0].Name, "default interface name is not eth0") assert.EqualValues(t, seed+offsetNetRxBytes, *stats.Interfaces[0].RxBytes, label+".Net.TxErrors") assert.EqualValues(t, seed+offsetNetRxErrors, *stats.Interfaces[0].RxErrors, label+".Net.TxErrors") assert.EqualValues(t, seed+offsetNetTxBytes, *stats.Interfaces[0].TxBytes, label+".Net.TxErrors") assert.EqualValues(t, seed+offsetNetTxErrors, *stats.Interfaces[0].TxErrors, label+".Net.TxErrors") - assert.EqualValues(t, "cbr0", stats.Interfaces[1].Name, "cbr0 interface name is ont cbr0") + assert.EqualValues(t, "cbr0", stats.Interfaces[1].Name, "cbr0 interface name is not cbr0") assert.EqualValues(t, 100, *stats.Interfaces[1].RxBytes, label+".Net.TxErrors") assert.EqualValues(t, 100, *stats.Interfaces[1].RxErrors, label+".Net.TxErrors") assert.EqualValues(t, 100, *stats.Interfaces[1].TxBytes, label+".Net.TxErrors") diff --git a/pkg/kubelet/token/OWNERS b/pkg/kubelet/token/OWNERS index d914c0d7195..c6c376de4e1 100644 --- a/pkg/kubelet/token/OWNERS +++ b/pkg/kubelet/token/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-serviceaccounts-approvers reviewers: diff --git a/pkg/kubelet/util/cache/object_cache.go b/pkg/kubelet/util/cache/object_cache.go index 56d06908c32..98dbe40534a 100644 --- a/pkg/kubelet/util/cache/object_cache.go +++ b/pkg/kubelet/util/cache/object_cache.go @@ -75,6 +75,7 @@ func (c *ObjectCache) Get(key string) (interface{}, error) { return value.(objectEntry).obj, nil } +// Add adds objectEntry by using a unique string as the key. func (c *ObjectCache) Add(key string, obj interface{}) error { err := c.cache.Add(objectEntry{key: key, obj: obj}) if err != nil { diff --git a/pkg/kubelet/util/cache/object_cache_test.go b/pkg/kubelet/util/cache/object_cache_test.go index 5bc09abdd8f..792ed2869f3 100644 --- a/pkg/kubelet/util/cache/object_cache_test.go +++ b/pkg/kubelet/util/cache/object_cache_test.go @@ -46,7 +46,7 @@ func TestAddAndGet(t *testing.T) { val: "bar", } objectCache := NewFakeObjectCache(func() (interface{}, error) { - return nil, fmt.Errorf("Unexpected Error: updater should never be called in this test!") + return nil, fmt.Errorf("Unexpected Error: updater should never be called in this test") }, 1*time.Hour, clock.NewFakeClock(time.Now())) err := objectCache.Add(testObj.key, testObj.val) diff --git a/pkg/kubelet/util/queue/work_queue.go b/pkg/kubelet/util/queue/work_queue.go index 4075562f05c..5c66968c7f7 100644 --- a/pkg/kubelet/util/queue/work_queue.go +++ b/pkg/kubelet/util/queue/work_queue.go @@ -41,6 +41,7 @@ type basicWorkQueue struct { var _ WorkQueue = &basicWorkQueue{} +// NewBasicWorkQueue returns a new basic WorkQueue with the provided clock func NewBasicWorkQueue(clock clock.Clock) WorkQueue { queue := make(map[types.UID]time.Time) return &basicWorkQueue{queue: queue, clock: clock} diff --git a/pkg/kubelet/util/sliceutils/sliceutils.go b/pkg/kubelet/util/sliceutils/sliceutils.go index ff9fb56031f..359272eb401 100644 --- a/pkg/kubelet/util/sliceutils/sliceutils.go +++ b/pkg/kubelet/util/sliceutils/sliceutils.go @@ -21,6 +21,7 @@ import ( kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" ) +// StringInSlice returns true if s is in list func StringInSlice(s string, list []string) bool { for _, v := range list { if v == s { diff --git a/pkg/kubelet/volumemanager/BUILD b/pkg/kubelet/volumemanager/BUILD index 269eb189192..f967754b53f 100644 --- a/pkg/kubelet/volumemanager/BUILD +++ b/pkg/kubelet/volumemanager/BUILD @@ -8,7 +8,10 @@ load( go_library( name = "go_default_library", - srcs = ["volume_manager.go"], + srcs = [ + "volume_manager.go", + "volume_manager_fake.go", + ], importpath = "k8s.io/kubernetes/pkg/kubelet/volumemanager", deps = [ "//pkg/kubelet/config:go_default_library", diff --git a/pkg/kubelet/volumemanager/OWNERS b/pkg/kubelet/volumemanager/OWNERS index 0f0dc72d717..ca99990f73d 100644 --- a/pkg/kubelet/volumemanager/OWNERS +++ b/pkg/kubelet/volumemanager/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali reviewers: diff --git a/pkg/kubelet/volumemanager/volume_manager_fake.go b/pkg/kubelet/volumemanager/volume_manager_fake.go new file mode 100644 index 00000000000..b21d34a14ce --- /dev/null +++ b/pkg/kubelet/volumemanager/volume_manager_fake.go @@ -0,0 +1,99 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package volumemanager + +import ( + "k8s.io/api/core/v1" + "k8s.io/kubernetes/pkg/kubelet/config" + "k8s.io/kubernetes/pkg/kubelet/container" + "k8s.io/kubernetes/pkg/volume/util/types" +) + +// FakeVolumeManager is a test implementation that just tracks calls +type FakeVolumeManager struct { + volumes map[v1.UniqueVolumeName]bool + reportedInUse map[v1.UniqueVolumeName]bool +} + +// NewFakeVolumeManager creates a new VolumeManager test instance +func NewFakeVolumeManager(initialVolumes []v1.UniqueVolumeName) *FakeVolumeManager { + volumes := map[v1.UniqueVolumeName]bool{} + for _, v := range initialVolumes { + volumes[v] = true + } + return &FakeVolumeManager{ + volumes: volumes, + reportedInUse: map[v1.UniqueVolumeName]bool{}, + } +} + +// Run is not implemented +func (f *FakeVolumeManager) Run(sourcesReady config.SourcesReady, stopCh <-chan struct{}) { +} + +// WaitForAttachAndMount is not implemented +func (f *FakeVolumeManager) WaitForAttachAndMount(pod *v1.Pod) error { + return nil +} + +// GetMountedVolumesForPod is not implemented +func (f *FakeVolumeManager) GetMountedVolumesForPod(podName types.UniquePodName) container.VolumeMap { + return nil +} + +// GetExtraSupplementalGroupsForPod is not implemented +func (f *FakeVolumeManager) GetExtraSupplementalGroupsForPod(pod *v1.Pod) []int64 { + return nil +} + +// GetVolumesInUse returns a list of the initial volumes +func (f *FakeVolumeManager) GetVolumesInUse() []v1.UniqueVolumeName { + inuse := []v1.UniqueVolumeName{} + for v := range f.volumes { + inuse = append(inuse, v) + } + return inuse +} + +// ReconcilerStatesHasBeenSynced is not implemented +func (f *FakeVolumeManager) ReconcilerStatesHasBeenSynced() bool { + return true +} + +// VolumeIsAttached is not implemented +func (f *FakeVolumeManager) VolumeIsAttached(volumeName v1.UniqueVolumeName) bool { + return false +} + +// MarkVolumesAsReportedInUse adds the given volumes to the reportedInUse map +func (f *FakeVolumeManager) MarkVolumesAsReportedInUse(volumesReportedAsInUse []v1.UniqueVolumeName) { + for _, reportedVolume := range volumesReportedAsInUse { + if _, ok := f.volumes[reportedVolume]; ok { + f.reportedInUse[reportedVolume] = true + } + } +} + +// GetVolumesReportedInUse is a test function only that returns a list of volumes +// from the reportedInUse map +func (f *FakeVolumeManager) GetVolumesReportedInUse() []v1.UniqueVolumeName { + inuse := []v1.UniqueVolumeName{} + for reportedVolume := range f.reportedInUse { + inuse = append(inuse, reportedVolume) + } + return inuse +} diff --git a/pkg/kubelet/winstats/BUILD b/pkg/kubelet/winstats/BUILD index 503e8d7297c..25afdd4cfc0 100644 --- a/pkg/kubelet/winstats/BUILD +++ b/pkg/kubelet/winstats/BUILD @@ -4,7 +4,6 @@ go_library( name = "go_default_library", srcs = [ "doc.go", - "network_stats.go", "perfcounter_nodestats.go", "perfcounters.go", "version.go", diff --git a/pkg/kubelet/winstats/network_stats.go b/pkg/kubelet/winstats/network_stats.go deleted file mode 100644 index bfd80bc50d9..00000000000 --- a/pkg/kubelet/winstats/network_stats.go +++ /dev/null @@ -1,67 +0,0 @@ -// +build windows - -/* -Copyright 2019 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package winstats - -import ( - "encoding/json" - "os/exec" - - cadvisorapi "github.com/google/cadvisor/info/v1" -) - -// netAdapterStat represents network statistics for an adapter. -type netAdapterStat struct { - Name string `json:"Name,omitempty"` - ReceivedBytes uint64 `json:"ReceivedBytes,omitempty"` - ReceivedErrors uint64 `json:"ReceivedPacketErrors,omitempty"` - SentBytes uint64 `json:"SentBytes,omitempty"` - SentErrors uint64 `json:"OutboundPacketErrors,omitempty"` -} - -// toCadvisorInterfaceStats converts netAdapterStat to cadvisorapi.InterfaceStats. -func (s *netAdapterStat) toCadvisorInterfaceStats() cadvisorapi.InterfaceStats { - return cadvisorapi.InterfaceStats{ - Name: s.Name, - RxBytes: s.ReceivedBytes, - RxErrors: s.ReceivedErrors, - TxBytes: s.SentBytes, - TxErrors: s.SentErrors, - } -} - -// getNetAdapterStats gets a list of network adapter statistics. -func getNetAdapterStats() ([]cadvisorapi.InterfaceStats, error) { - rawOutput, err := exec.Command("powershell", "/c", " Get-NetAdapterStatistics | ConvertTo-Json").CombinedOutput() - if err != nil { - return nil, err - } - - var stats []*netAdapterStat - err = json.Unmarshal(rawOutput, &stats) - if err != nil { - return nil, err - } - - result := make([]cadvisorapi.InterfaceStats, len(stats)) - for i := range stats { - result[i] = stats[i].toCadvisorInterfaceStats() - } - - return result, nil -} diff --git a/pkg/kubelet/winstats/winstats.go b/pkg/kubelet/winstats/winstats.go index 5a194429c5d..2c483f8967e 100644 --- a/pkg/kubelet/winstats/winstats.go +++ b/pkg/kubelet/winstats/winstats.go @@ -109,16 +109,12 @@ func (c *StatsClient) WinVersionInfo() (*cadvisorapi.VersionInfo, error) { func (c *StatsClient) createRootContainerInfo() (*cadvisorapiv2.ContainerInfo, error) { nodeMetrics, err := c.client.getNodeMetrics() + if err != nil { return nil, err } - - netAdapterStats, err := getNetAdapterStats() - if err != nil { - return nil, err - } - var stats []*cadvisorapiv2.ContainerStats + stats = append(stats, &cadvisorapiv2.ContainerStats{ Timestamp: nodeMetrics.timeStamp, Cpu: &cadvisorapi.CpuStats{ @@ -130,9 +126,6 @@ func (c *StatsClient) createRootContainerInfo() (*cadvisorapiv2.ContainerInfo, e WorkingSet: nodeMetrics.memoryPrivWorkingSetBytes, Usage: nodeMetrics.memoryCommittedBytes, }, - Network: &cadvisorapiv2.NetworkStats{ - Interfaces: netAdapterStats, - }, }) nodeInfo := c.client.getNodeInfo() @@ -141,7 +134,6 @@ func (c *StatsClient) createRootContainerInfo() (*cadvisorapiv2.ContainerInfo, e CreationTime: nodeInfo.startTime, HasCpu: true, HasMemory: true, - HasNetwork: true, Memory: cadvisorapiv2.MemorySpec{ Limit: nodeInfo.memoryPhysicalCapacityBytes, }, diff --git a/pkg/kubelet/winstats/winstats_test.go b/pkg/kubelet/winstats/winstats_test.go index 51f7a290d19..830f76af039 100644 --- a/pkg/kubelet/winstats/winstats_test.go +++ b/pkg/kubelet/winstats/winstats_test.go @@ -86,9 +86,8 @@ func TestWinContainerInfos(t *testing.T) { infos := make(map[string]cadvisorapiv2.ContainerInfo) infos["/"] = cadvisorapiv2.ContainerInfo{ Spec: cadvisorapiv2.ContainerSpec{ - HasCpu: true, - HasMemory: true, - HasNetwork: true, + HasCpu: true, + HasMemory: true, Memory: cadvisorapiv2.MemorySpec{ Limit: 1.6e+10, }, @@ -96,11 +95,7 @@ func TestWinContainerInfos(t *testing.T) { Stats: stats, } - assert.Equal(t, len(actualRootInfos), len(infos)) - assert.Equal(t, actualRootInfos["/"].Spec, infos["/"].Spec) - assert.Equal(t, len(actualRootInfos["/"].Stats), len(infos["/"].Stats)) - assert.Equal(t, actualRootInfos["/"].Stats[0].Cpu, infos["/"].Stats[0].Cpu) - assert.Equal(t, actualRootInfos["/"].Stats[0].Memory, infos["/"].Stats[0].Memory) + assert.Equal(t, actualRootInfos, infos) } func TestWinMachineInfo(t *testing.T) { diff --git a/pkg/kubemark/OWNERS b/pkg/kubemark/OWNERS index cf2f885df34..329e8801dc9 100644 --- a/pkg/kubemark/OWNERS +++ b/pkg/kubemark/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - gmarek - shyamjvs diff --git a/pkg/master/BUILD b/pkg/master/BUILD index 413f120aed3..34af64575b1 100644 --- a/pkg/master/BUILD +++ b/pkg/master/BUILD @@ -88,6 +88,7 @@ go_library( "//staging/src/k8s.io/api/events/v1beta1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/api/networking/v1:go_default_library", + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/api/policy/v1beta1:go_default_library", "//staging/src/k8s.io/api/rbac/v1:go_default_library", "//staging/src/k8s.io/api/rbac/v1alpha1:go_default_library", @@ -134,14 +135,7 @@ go_test( deps = [ "//pkg/api/legacyscheme:go_default_library", "//pkg/api/testapi:go_default_library", - "//pkg/apis/apps:go_default_library", - "//pkg/apis/autoscaling:go_default_library", - "//pkg/apis/batch:go_default_library", - "//pkg/apis/certificates:go_default_library", "//pkg/apis/core:go_default_library", - "//pkg/apis/extensions:go_default_library", - "//pkg/apis/rbac:go_default_library", - "//pkg/apis/storage:go_default_library", "//pkg/generated/openapi:go_default_library", "//pkg/kubelet/client:go_default_library", "//pkg/master/reconcilers:go_default_library", @@ -154,7 +148,6 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/api/apitesting/naming:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library", diff --git a/pkg/master/OWNERS b/pkg/master/OWNERS index 1ce00cdfa1b..d73190c1f46 100644 --- a/pkg/master/OWNERS +++ b/pkg/master/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - derekwaynecarr diff --git a/pkg/master/controller/crdregistration/crdregistration_controller.go b/pkg/master/controller/crdregistration/crdregistration_controller.go index 50b9f6ea0d4..69ad61dbb1f 100644 --- a/pkg/master/controller/crdregistration/crdregistration_controller.go +++ b/pkg/master/controller/crdregistration/crdregistration_controller.go @@ -60,9 +60,9 @@ type crdRegistrationController struct { queue workqueue.RateLimitingInterface } -// NewAutoRegistrationController returns a controller which will register CRD GroupVersions with the auto APIService registration +// NewCRDRegistrationController returns a controller which will register CRD GroupVersions with the auto APIService registration // controller so they automatically stay in sync. -func NewAutoRegistrationController(crdinformer crdinformers.CustomResourceDefinitionInformer, apiServiceRegistration AutoAPIServiceRegistration) *crdRegistrationController { +func NewCRDRegistrationController(crdinformer crdinformers.CustomResourceDefinitionInformer, apiServiceRegistration AutoAPIServiceRegistration) *crdRegistrationController { c := &crdRegistrationController{ crdLister: crdinformer.Lister(), crdSynced: crdinformer.Informer().HasSynced, diff --git a/pkg/master/master.go b/pkg/master/master.go index df96b9541ca..c2c6a0a1dfd 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -46,6 +46,7 @@ import ( eventsv1beta1 "k8s.io/api/events/v1beta1" extensionsapiv1beta1 "k8s.io/api/extensions/v1beta1" networkingapiv1 "k8s.io/api/networking/v1" + networkingapiv1beta1 "k8s.io/api/networking/v1beta1" policyapiv1beta1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" rbacv1alpha1 "k8s.io/api/rbac/v1alpha1" @@ -487,6 +488,7 @@ func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig { eventsv1beta1.SchemeGroupVersion, extensionsapiv1beta1.SchemeGroupVersion, networkingapiv1.SchemeGroupVersion, + networkingapiv1beta1.SchemeGroupVersion, policyapiv1beta1.SchemeGroupVersion, rbacv1.SchemeGroupVersion, rbacv1beta1.SchemeGroupVersion, diff --git a/pkg/master/master_test.go b/pkg/master/master_test.go index 5ee2fa4f833..63c9a9ea19f 100644 --- a/pkg/master/master_test.go +++ b/pkg/master/master_test.go @@ -31,8 +31,6 @@ import ( certificatesapiv1beta1 "k8s.io/api/certificates/v1beta1" apiv1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/version" @@ -46,14 +44,7 @@ import ( restclient "k8s.io/client-go/rest" "k8s.io/kubernetes/pkg/api/legacyscheme" "k8s.io/kubernetes/pkg/api/testapi" - "k8s.io/kubernetes/pkg/apis/apps" - "k8s.io/kubernetes/pkg/apis/autoscaling" - "k8s.io/kubernetes/pkg/apis/batch" - "k8s.io/kubernetes/pkg/apis/certificates" api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/extensions" - "k8s.io/kubernetes/pkg/apis/rbac" - "k8s.io/kubernetes/pkg/apis/storage" kubeletclient "k8s.io/kubernetes/pkg/kubelet/client" "k8s.io/kubernetes/pkg/master/reconcilers" certificatesrest "k8s.io/kubernetes/pkg/registry/certificates/rest" @@ -79,17 +70,6 @@ func setUp(t *testing.T) (*etcdtesting.EtcdTestServer, Config, *assert.Assertion } resourceEncoding := serverstorage.NewDefaultResourceEncodingConfig(legacyscheme.Scheme) - resourceEncoding.SetVersionEncoding(api.GroupName, schema.GroupVersion{Group: "", Version: "v1"}, schema.GroupVersion{Group: api.GroupName, Version: runtime.APIVersionInternal}) - resourceEncoding.SetVersionEncoding(autoscaling.GroupName, schema.GroupVersion{Group: "autoscaling", Version: "v1"}, schema.GroupVersion{Group: autoscaling.GroupName, Version: runtime.APIVersionInternal}) - resourceEncoding.SetVersionEncoding(batch.GroupName, schema.GroupVersion{Group: "batch", Version: "v1"}, schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal}) - // FIXME (soltysh): this GroupVersionResource override should be configurable - resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: "batch", Resource: "cronjobs"}, schema.GroupVersion{Group: batch.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal}) - resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: "storage.k8s.io", Resource: "volumeattachments"}, schema.GroupVersion{Group: storage.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal}) - - resourceEncoding.SetVersionEncoding(apps.GroupName, schema.GroupVersion{Group: "apps", Version: "v1"}, schema.GroupVersion{Group: apps.GroupName, Version: runtime.APIVersionInternal}) - resourceEncoding.SetVersionEncoding(extensions.GroupName, schema.GroupVersion{Group: "extensions", Version: "v1beta1"}, schema.GroupVersion{Group: extensions.GroupName, Version: runtime.APIVersionInternal}) - resourceEncoding.SetVersionEncoding(rbac.GroupName, schema.GroupVersion{Group: "rbac.authorization.k8s.io", Version: "v1"}, schema.GroupVersion{Group: rbac.GroupName, Version: runtime.APIVersionInternal}) - resourceEncoding.SetVersionEncoding(certificates.GroupName, schema.GroupVersion{Group: "certificates.k8s.io", Version: "v1beta1"}, schema.GroupVersion{Group: certificates.GroupName, Version: runtime.APIVersionInternal}) storageFactory := serverstorage.NewDefaultStorageFactory(*storageConfig, testapi.StorageMediaType(), legacyscheme.Codecs, resourceEncoding, DefaultAPIResourceConfigSource(), nil) etcdOptions := options.NewEtcdOptions(storageConfig) diff --git a/pkg/printers/OWNERS b/pkg/printers/OWNERS index a8ab5736b88..a26581944e9 100644 --- a/pkg/printers/OWNERS +++ b/pkg/printers/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - smarterclayton - sig-cli-maintainers diff --git a/pkg/printers/interface.go b/pkg/printers/interface.go index 6e14f61c5be..6d40b9c0e23 100644 --- a/pkg/printers/interface.go +++ b/pkg/printers/interface.go @@ -46,7 +46,6 @@ type PrintOptions struct { WithNamespace bool WithKind bool Wide bool - ShowAll bool ShowLabels bool AbsoluteTimestamps bool Kind schema.GroupKind diff --git a/pkg/printers/internalversion/BUILD b/pkg/printers/internalversion/BUILD index 1c9b3e7f186..34b742ab357 100644 --- a/pkg/printers/internalversion/BUILD +++ b/pkg/printers/internalversion/BUILD @@ -21,7 +21,7 @@ go_test( "//pkg/apis/batch:go_default_library", "//pkg/apis/coordination:go_default_library", "//pkg/apis/core:go_default_library", - "//pkg/apis/extensions:go_default_library", + "//pkg/apis/networking:go_default_library", "//pkg/apis/policy:go_default_library", "//pkg/apis/scheduling:go_default_library", "//pkg/apis/storage:go_default_library", @@ -67,7 +67,6 @@ go_library( "//pkg/apis/core/helper:go_default_library", "//pkg/apis/core/install:go_default_library", "//pkg/apis/events/install:go_default_library", - "//pkg/apis/extensions:go_default_library", "//pkg/apis/extensions/install:go_default_library", "//pkg/apis/networking:go_default_library", "//pkg/apis/policy:go_default_library", diff --git a/pkg/printers/internalversion/printers.go b/pkg/printers/internalversion/printers.go index a38fba95920..bb87e91221d 100644 --- a/pkg/printers/internalversion/printers.go +++ b/pkg/printers/internalversion/printers.go @@ -52,7 +52,6 @@ import ( "k8s.io/kubernetes/pkg/apis/coordination" api "k8s.io/kubernetes/pkg/apis/core" "k8s.io/kubernetes/pkg/apis/core/helper" - "k8s.io/kubernetes/pkg/apis/extensions" "k8s.io/kubernetes/pkg/apis/networking" "k8s.io/kubernetes/pkg/apis/policy" "k8s.io/kubernetes/pkg/apis/rbac" @@ -239,10 +238,10 @@ func AddHandlers(h printers.PrintHandler) { {Name: "Last Seen", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["lastTimestamp"]}, {Name: "Type", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["type"]}, {Name: "Reason", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["reason"]}, - {Name: "Kind", Type: "string", Description: apiv1.Event{}.InvolvedObject.SwaggerDoc()["kind"]}, + {Name: "Object", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["involvedObject"]}, + {Name: "Subobject", Type: "string", Priority: 1, Description: apiv1.Event{}.InvolvedObject.SwaggerDoc()["fieldPath"]}, {Name: "Source", Type: "string", Priority: 1, Description: apiv1.Event{}.SwaggerDoc()["source"]}, {Name: "Message", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["message"]}, - {Name: "Subobject", Type: "string", Priority: 1, Description: apiv1.Event{}.InvolvedObject.SwaggerDoc()["fieldPath"]}, {Name: "First Seen", Type: "string", Priority: 1, Description: apiv1.Event{}.SwaggerDoc()["firstTimestamp"]}, {Name: "Count", Type: "string", Priority: 1, Description: apiv1.Event{}.SwaggerDoc()["count"]}, {Name: "Name", Type: "string", Priority: 1, Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]}, @@ -992,14 +991,14 @@ func printServiceList(list *api.ServiceList, options printers.PrintOptions) ([]m } // backendStringer behaves just like a string interface and converts the given backend to a string. -func backendStringer(backend *extensions.IngressBackend) string { +func backendStringer(backend *networking.IngressBackend) string { if backend == nil { return "" } return fmt.Sprintf("%v:%v", backend.ServiceName, backend.ServicePort.String()) } -func formatHosts(rules []extensions.IngressRule) string { +func formatHosts(rules []networking.IngressRule) string { list := []string{} max := 3 more := false @@ -1021,14 +1020,14 @@ func formatHosts(rules []extensions.IngressRule) string { return ret } -func formatPorts(tls []extensions.IngressTLS) string { +func formatPorts(tls []networking.IngressTLS) string { if len(tls) != 0 { return "80, 443" } return "80" } -func printIngress(obj *extensions.Ingress, options printers.PrintOptions) ([]metav1beta1.TableRow, error) { +func printIngress(obj *networking.Ingress, options printers.PrintOptions) ([]metav1beta1.TableRow, error) { row := metav1beta1.TableRow{ Object: runtime.RawExtension{Object: obj}, } @@ -1040,7 +1039,7 @@ func printIngress(obj *extensions.Ingress, options printers.PrintOptions) ([]met return []metav1beta1.TableRow{row}, nil } -func printIngressList(list *extensions.IngressList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) { +func printIngressList(list *networking.IngressList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) { rows := make([]metav1beta1.TableRow, 0, len(list.Items)) for i := range list.Items { r, err := printIngress(&list.Items[i], options) @@ -1385,15 +1384,21 @@ func printEvent(obj *api.Event, options printers.PrintOptions) ([]metav1beta1.Ta firstTimestamp = translateTimestampSince(obj.FirstTimestamp) lastTimestamp = translateTimestampSince(obj.LastTimestamp) } + var target string + if len(obj.InvolvedObject.Name) > 0 { + target = fmt.Sprintf("%s/%s", strings.ToLower(obj.InvolvedObject.Kind), obj.InvolvedObject.Name) + } else { + target = strings.ToLower(obj.InvolvedObject.Kind) + } if options.Wide { row.Cells = append(row.Cells, lastTimestamp, obj.Type, obj.Reason, - obj.InvolvedObject.Kind, + target, + obj.InvolvedObject.FieldPath, formatEventSource(obj.Source), strings.TrimSpace(obj.Message), - obj.InvolvedObject.FieldPath, firstTimestamp, int64(obj.Count), obj.Name, @@ -1403,7 +1408,7 @@ func printEvent(obj *api.Event, options printers.PrintOptions) ([]metav1beta1.Ta lastTimestamp, obj.Type, obj.Reason, - obj.InvolvedObject.Kind, + target, strings.TrimSpace(obj.Message), ) } diff --git a/pkg/printers/internalversion/printers_test.go b/pkg/printers/internalversion/printers_test.go index bdc1757d82f..2bf55354caa 100644 --- a/pkg/printers/internalversion/printers_test.go +++ b/pkg/printers/internalversion/printers_test.go @@ -50,7 +50,7 @@ import ( "k8s.io/kubernetes/pkg/apis/batch" "k8s.io/kubernetes/pkg/apis/coordination" api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/extensions" + "k8s.io/kubernetes/pkg/apis/networking" "k8s.io/kubernetes/pkg/apis/policy" "k8s.io/kubernetes/pkg/apis/scheduling" "k8s.io/kubernetes/pkg/apis/storage" @@ -1069,7 +1069,7 @@ func contains(fields []string, field string) bool { } func TestPrintHunmanReadableIngressWithColumnLabels(t *testing.T) { - ingress := extensions.Ingress{ + ingress := networking.Ingress{ ObjectMeta: metav1.ObjectMeta{ Name: "test1", CreationTimestamp: metav1.Time{Time: time.Now().AddDate(-10, 0, 0)}, @@ -1077,13 +1077,13 @@ func TestPrintHunmanReadableIngressWithColumnLabels(t *testing.T) { "app_name": "kubectl_test_ingress", }, }, - Spec: extensions.IngressSpec{ - Backend: &extensions.IngressBackend{ + Spec: networking.IngressSpec{ + Backend: &networking.IngressBackend{ ServiceName: "svc", ServicePort: intstr.FromInt(93), }, }, - Status: extensions.IngressStatus{ + Status: networking.IngressStatus{ LoadBalancer: api.LoadBalancerStatus{ Ingress: []api.LoadBalancerIngress{ { diff --git a/pkg/probe/OWNERS b/pkg/probe/OWNERS index 1d2bef03480..997fa9156da 100644 --- a/pkg/probe/OWNERS +++ b/pkg/probe/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - Random-Liu - dchen1107 diff --git a/pkg/proxy/OWNERS b/pkg/proxy/OWNERS index 8282182880a..22480e625aa 100644 --- a/pkg/proxy/OWNERS +++ b/pkg/proxy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin - matchstick diff --git a/pkg/proxy/apis/config/OWNERS b/pkg/proxy/apis/config/OWNERS index 34823356d22..8b0c7feef3f 100644 --- a/pkg/proxy/apis/config/OWNERS +++ b/pkg/proxy/apis/config/OWNERS @@ -1,4 +1,8 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin reviewers: - sig-network-reviewers +labels: +- sig/network diff --git a/pkg/proxy/apis/config/types.go b/pkg/proxy/apis/config/types.go index 2c79debd69f..a9d0b88493c 100644 --- a/pkg/proxy/apis/config/types.go +++ b/pkg/proxy/apis/config/types.go @@ -78,6 +78,20 @@ type KubeProxyConntrackConfiguration struct { TCPCloseWaitTimeout *metav1.Duration } +// KubeProxyWinkernelConfiguration contains Windows/HNS settings for +// the Kubernetes proxy server. +type KubeProxyWinkernelConfiguration struct { + // networkName is the name of the network kube-proxy will use + // to create endpoints and policies + NetworkName string + // sourceVip is the IP address of the source VIP endoint used for + // NAT when loadbalancing + SourceVip string + // enableDSR tells kube-proxy whether HNS policies should be created + // with DSR + EnableDSR bool +} + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // KubeProxyConfiguration contains everything necessary to configure the @@ -140,6 +154,8 @@ type KubeProxyConfiguration struct { // If set it to a non-zero IP block, kube-proxy will filter that down to just the IPs that applied to the node. // An empty string slice is meant to select all network interfaces. NodePortAddresses []string + // winkernel contains winkernel-related configuration options. + Winkernel KubeProxyWinkernelConfiguration } // Currently, three modes of proxy are available in Linux platform: 'userspace' (older, going to be EOL), 'iptables' diff --git a/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go b/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go index eedc7344fc5..c360ab20af0 100644 --- a/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go +++ b/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go @@ -78,6 +78,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*v1alpha1.KubeProxyWinkernelConfiguration)(nil), (*config.KubeProxyWinkernelConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_KubeProxyWinkernelConfiguration_To_config_KubeProxyWinkernelConfiguration(a.(*v1alpha1.KubeProxyWinkernelConfiguration), b.(*config.KubeProxyWinkernelConfiguration), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*config.KubeProxyWinkernelConfiguration)(nil), (*v1alpha1.KubeProxyWinkernelConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_config_KubeProxyWinkernelConfiguration_To_v1alpha1_KubeProxyWinkernelConfiguration(a.(*config.KubeProxyWinkernelConfiguration), b.(*v1alpha1.KubeProxyWinkernelConfiguration), scope) + }); err != nil { + return err + } return nil } @@ -108,6 +118,9 @@ func autoConvert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguratio } out.ConfigSyncPeriod = in.ConfigSyncPeriod out.NodePortAddresses = *(*[]string)(unsafe.Pointer(&in.NodePortAddresses)) + if err := Convert_v1alpha1_KubeProxyWinkernelConfiguration_To_config_KubeProxyWinkernelConfiguration(&in.Winkernel, &out.Winkernel, s); err != nil { + return err + } return nil } @@ -143,6 +156,9 @@ func autoConvert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguratio } out.ConfigSyncPeriod = in.ConfigSyncPeriod out.NodePortAddresses = *(*[]string)(unsafe.Pointer(&in.NodePortAddresses)) + if err := Convert_config_KubeProxyWinkernelConfiguration_To_v1alpha1_KubeProxyWinkernelConfiguration(&in.Winkernel, &out.Winkernel, s); err != nil { + return err + } return nil } @@ -230,3 +246,27 @@ func autoConvert_config_KubeProxyIPVSConfiguration_To_v1alpha1_KubeProxyIPVSConf func Convert_config_KubeProxyIPVSConfiguration_To_v1alpha1_KubeProxyIPVSConfiguration(in *config.KubeProxyIPVSConfiguration, out *v1alpha1.KubeProxyIPVSConfiguration, s conversion.Scope) error { return autoConvert_config_KubeProxyIPVSConfiguration_To_v1alpha1_KubeProxyIPVSConfiguration(in, out, s) } + +func autoConvert_v1alpha1_KubeProxyWinkernelConfiguration_To_config_KubeProxyWinkernelConfiguration(in *v1alpha1.KubeProxyWinkernelConfiguration, out *config.KubeProxyWinkernelConfiguration, s conversion.Scope) error { + out.NetworkName = in.NetworkName + out.SourceVip = in.SourceVip + out.EnableDSR = in.EnableDSR + return nil +} + +// Convert_v1alpha1_KubeProxyWinkernelConfiguration_To_config_KubeProxyWinkernelConfiguration is an autogenerated conversion function. +func Convert_v1alpha1_KubeProxyWinkernelConfiguration_To_config_KubeProxyWinkernelConfiguration(in *v1alpha1.KubeProxyWinkernelConfiguration, out *config.KubeProxyWinkernelConfiguration, s conversion.Scope) error { + return autoConvert_v1alpha1_KubeProxyWinkernelConfiguration_To_config_KubeProxyWinkernelConfiguration(in, out, s) +} + +func autoConvert_config_KubeProxyWinkernelConfiguration_To_v1alpha1_KubeProxyWinkernelConfiguration(in *config.KubeProxyWinkernelConfiguration, out *v1alpha1.KubeProxyWinkernelConfiguration, s conversion.Scope) error { + out.NetworkName = in.NetworkName + out.SourceVip = in.SourceVip + out.EnableDSR = in.EnableDSR + return nil +} + +// Convert_config_KubeProxyWinkernelConfiguration_To_v1alpha1_KubeProxyWinkernelConfiguration is an autogenerated conversion function. +func Convert_config_KubeProxyWinkernelConfiguration_To_v1alpha1_KubeProxyWinkernelConfiguration(in *config.KubeProxyWinkernelConfiguration, out *v1alpha1.KubeProxyWinkernelConfiguration, s conversion.Scope) error { + return autoConvert_config_KubeProxyWinkernelConfiguration_To_v1alpha1_KubeProxyWinkernelConfiguration(in, out, s) +} diff --git a/pkg/proxy/apis/config/zz_generated.deepcopy.go b/pkg/proxy/apis/config/zz_generated.deepcopy.go index 983b5113b70..04a5dbfe7a2 100644 --- a/pkg/proxy/apis/config/zz_generated.deepcopy.go +++ b/pkg/proxy/apis/config/zz_generated.deepcopy.go @@ -74,6 +74,7 @@ func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) { *out = make([]string, len(*in)) copy(*out, *in) } + out.Winkernel = in.Winkernel return } @@ -181,3 +182,19 @@ func (in *KubeProxyIPVSConfiguration) DeepCopy() *KubeProxyIPVSConfiguration { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeProxyWinkernelConfiguration) DeepCopyInto(out *KubeProxyWinkernelConfiguration) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeProxyWinkernelConfiguration. +func (in *KubeProxyWinkernelConfiguration) DeepCopy() *KubeProxyWinkernelConfiguration { + if in == nil { + return nil + } + out := new(KubeProxyWinkernelConfiguration) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/proxy/config/OWNERS b/pkg/proxy/config/OWNERS old mode 100755 new mode 100644 index d9bd05962a3..c7e36e636c8 --- a/pkg/proxy/config/OWNERS +++ b/pkg/proxy/config/OWNERS @@ -1,6 +1,10 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp - smarterclayton - brendandburns - freehan +labels: +- sig/network diff --git a/pkg/proxy/endpoints.go b/pkg/proxy/endpoints.go index c0992b290f6..21f10cdcbf4 100644 --- a/pkg/proxy/endpoints.go +++ b/pkg/proxy/endpoints.go @@ -21,6 +21,7 @@ import ( "reflect" "strconv" "sync" + "time" "k8s.io/klog" @@ -92,16 +93,20 @@ type EndpointChangeTracker struct { // isIPv6Mode indicates if change tracker is under IPv6/IPv4 mode. Nil means not applicable. isIPv6Mode *bool recorder record.EventRecorder + // Map from the Endpoints namespaced-name to the times of the triggers that caused the endpoints + // object to change. Used to calculate the network-programming-latency. + lastChangeTriggerTimes map[types.NamespacedName][]time.Time } // NewEndpointChangeTracker initializes an EndpointsChangeMap func NewEndpointChangeTracker(hostname string, makeEndpointInfo makeEndpointFunc, isIPv6Mode *bool, recorder record.EventRecorder) *EndpointChangeTracker { return &EndpointChangeTracker{ - hostname: hostname, - items: make(map[types.NamespacedName]*endpointsChange), - makeEndpointInfo: makeEndpointInfo, - isIPv6Mode: isIPv6Mode, - recorder: recorder, + hostname: hostname, + items: make(map[types.NamespacedName]*endpointsChange), + makeEndpointInfo: makeEndpointInfo, + isIPv6Mode: isIPv6Mode, + recorder: recorder, + lastChangeTriggerTimes: make(map[types.NamespacedName][]time.Time), } } @@ -133,14 +138,43 @@ func (ect *EndpointChangeTracker) Update(previous, current *v1.Endpoints) bool { change.previous = ect.endpointsToEndpointsMap(previous) ect.items[namespacedName] = change } + if t := getLastChangeTriggerTime(endpoints); !t.IsZero() { + ect.lastChangeTriggerTimes[namespacedName] = + append(ect.lastChangeTriggerTimes[namespacedName], t) + } change.current = ect.endpointsToEndpointsMap(current) // if change.previous equal to change.current, it means no change if reflect.DeepEqual(change.previous, change.current) { delete(ect.items, namespacedName) + // Reset the lastChangeTriggerTimes for the Endpoints object. Given that the network programming + // SLI is defined as the duration between a time of an event and a time when the network was + // programmed to incorporate that event, if there are events that happened between two + // consecutive syncs and that canceled each other out, e.g. pod A added -> pod A deleted, + // there will be no network programming for them and thus no network programming latency metric + // should be exported. + delete(ect.lastChangeTriggerTimes, namespacedName) } return len(ect.items) > 0 } +// getLastChangeTriggerTime returns the time.Time value of the EndpointsLastChangeTriggerTime +// annotation stored in the given endpoints object or the "zero" time if the annotation wasn't set +// or was set incorrectly. +func getLastChangeTriggerTime(endpoints *v1.Endpoints) time.Time { + if _, ok := endpoints.Annotations[v1.EndpointsLastChangeTriggerTime]; !ok { + // It's possible that the Endpoints object won't have the EndpointsLastChangeTriggerTime + // annotation set. In that case return the 'zero value', which is ignored in the upstream code. + return time.Time{} + } + val, err := time.Parse(time.RFC3339Nano, endpoints.Annotations[v1.EndpointsLastChangeTriggerTime]) + if err != nil { + klog.Warningf("Error while parsing EndpointsLastChangeTriggerTimeAnnotation: '%s'. Error is %v", + endpoints.Annotations[v1.EndpointsLastChangeTriggerTime], err) + // In case of error val = time.Zero, which is ignored in the upstream code. + } + return val +} + // endpointsChange contains all changes to endpoints that happened since proxy rules were synced. For a single object, // changes are accumulated, i.e. previous is state from before applying the changes, // current is state after applying the changes. @@ -157,14 +191,19 @@ type UpdateEndpointMapResult struct { StaleEndpoints []ServiceEndpoint // StaleServiceNames identifies if a service is stale. StaleServiceNames []ServicePortName + // List of the trigger times for all endpoints objects that changed. It's used to export the + // network programming latency. + LastChangeTriggerTimes []time.Time } // UpdateEndpointsMap updates endpointsMap base on the given changes. func UpdateEndpointsMap(endpointsMap EndpointsMap, changes *EndpointChangeTracker) (result UpdateEndpointMapResult) { result.StaleEndpoints = make([]ServiceEndpoint, 0) result.StaleServiceNames = make([]ServicePortName, 0) + result.LastChangeTriggerTimes = make([]time.Time, 0) - endpointsMap.apply(changes, &result.StaleEndpoints, &result.StaleServiceNames) + endpointsMap.apply( + changes, &result.StaleEndpoints, &result.StaleServiceNames, &result.LastChangeTriggerTimes) // TODO: If this will appear to be computationally expensive, consider // computing this incrementally similarly to endpointsMap. @@ -241,7 +280,10 @@ func (ect *EndpointChangeTracker) endpointsToEndpointsMap(endpoints *v1.Endpoint // apply the changes to EndpointsMap and updates stale endpoints and service-endpoints pair. The `staleEndpoints` argument // is passed in to store the stale udp endpoints and `staleServiceNames` argument is passed in to store the stale udp service. // The changes map is cleared after applying them. -func (endpointsMap EndpointsMap) apply(changes *EndpointChangeTracker, staleEndpoints *[]ServiceEndpoint, staleServiceNames *[]ServicePortName) { +// In addition it returns (via argument) and resets the lastChangeTriggerTimes for all endpoints +// that were changed and will result in syncing the proxy rules. +func (endpointsMap EndpointsMap) apply(changes *EndpointChangeTracker, staleEndpoints *[]ServiceEndpoint, + staleServiceNames *[]ServicePortName, lastChangeTriggerTimes *[]time.Time) { if changes == nil { return } @@ -253,6 +295,10 @@ func (endpointsMap EndpointsMap) apply(changes *EndpointChangeTracker, staleEndp detectStaleConnections(change.previous, change.current, staleEndpoints, staleServiceNames) } changes.items = make(map[types.NamespacedName]*endpointsChange) + for _, lastChangeTriggerTime := range changes.lastChangeTriggerTimes { + *lastChangeTriggerTimes = append(*lastChangeTriggerTimes, lastChangeTriggerTime...) + } + changes.lastChangeTriggerTimes = make(map[types.NamespacedName][]time.Time) } // Merge ensures that the current EndpointsMap contains all pairs from the EndpointsMap passed in. diff --git a/pkg/proxy/endpoints_test.go b/pkg/proxy/endpoints_test.go index 24fb61ad960..650aa1da994 100644 --- a/pkg/proxy/endpoints_test.go +++ b/pkg/proxy/endpoints_test.go @@ -18,7 +18,9 @@ package proxy import ( "reflect" + "sort" "testing" + "time" "github.com/davecgh/go-spew/spew" @@ -121,8 +123,9 @@ func TestGetLocalEndpointIPs(t *testing.T) { func makeTestEndpoints(namespace, name string, eptFunc func(*v1.Endpoints)) *v1.Endpoints { ept := &v1.Endpoints{ ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: namespace, + Name: name, + Namespace: namespace, + Annotations: make(map[string]string), }, } eptFunc(ept) @@ -1268,6 +1271,120 @@ func TestUpdateEndpointsMap(t *testing.T) { } } +func TestLastChangeTriggerTime(t *testing.T) { + t0 := time.Date(2018, 01, 01, 0, 0, 0, 0, time.UTC) + t1 := t0.Add(time.Second) + t2 := t1.Add(time.Second) + t3 := t2.Add(time.Second) + + createEndpoints := func(namespace, name string, triggerTime time.Time) *v1.Endpoints { + e := makeTestEndpoints(namespace, name, func(ept *v1.Endpoints) { + ept.Subsets = []v1.EndpointSubset{{ + Addresses: []v1.EndpointAddress{{IP: "1.1.1.1"}}, + Ports: []v1.EndpointPort{{Port: 11}}, + }} + }) + e.Annotations[v1.EndpointsLastChangeTriggerTime] = triggerTime.Format(time.RFC3339Nano) + return e + } + + modifyEndpoints := func(endpoints *v1.Endpoints, triggerTime time.Time) *v1.Endpoints { + e := endpoints.DeepCopy() + e.Subsets[0].Ports[0].Port++ + e.Annotations[v1.EndpointsLastChangeTriggerTime] = triggerTime.Format(time.RFC3339Nano) + return e + } + + sortTimeSlice := func(data []time.Time) { + sort.Slice(data, func(i, j int) bool { return data[i].Before(data[j]) }) + } + + testCases := []struct { + name string + scenario func(fp *FakeProxier) + expected []time.Time + }{ + { + name: "Single addEndpoints", + scenario: func(fp *FakeProxier) { + e := createEndpoints("ns", "ep1", t0) + fp.addEndpoints(e) + }, + expected: []time.Time{t0}, + }, + { + name: "addEndpoints then updatedEndpoints", + scenario: func(fp *FakeProxier) { + e := createEndpoints("ns", "ep1", t0) + fp.addEndpoints(e) + + e1 := modifyEndpoints(e, t1) + fp.updateEndpoints(e, e1) + }, + expected: []time.Time{t0, t1}, + }, + { + name: "Add two endpoints then modify one", + scenario: func(fp *FakeProxier) { + e1 := createEndpoints("ns", "ep1", t1) + fp.addEndpoints(e1) + + e2 := createEndpoints("ns", "ep2", t2) + fp.addEndpoints(e2) + + e11 := modifyEndpoints(e1, t3) + fp.updateEndpoints(e1, e11) + }, + expected: []time.Time{t1, t2, t3}, + }, + { + name: "Endpoints without annotation set", + scenario: func(fp *FakeProxier) { + e := createEndpoints("ns", "ep1", t1) + delete(e.Annotations, v1.EndpointsLastChangeTriggerTime) + fp.addEndpoints(e) + }, + expected: []time.Time{}, + }, + { + name: "addEndpoints then deleteEndpoints", + scenario: func(fp *FakeProxier) { + e := createEndpoints("ns", "ep1", t1) + fp.addEndpoints(e) + fp.deleteEndpoints(e) + }, + expected: []time.Time{}, + }, + { + name: "add then delete then add again", + scenario: func(fp *FakeProxier) { + e := createEndpoints("ns", "ep1", t1) + fp.addEndpoints(e) + fp.deleteEndpoints(e) + e = modifyEndpoints(e, t2) + fp.addEndpoints(e) + }, + expected: []time.Time{t2}, + }, + } + + for _, tc := range testCases { + fp := newFakeProxier() + + tc.scenario(fp) + + result := UpdateEndpointsMap(fp.endpointsMap, fp.endpointsChanges) + got := result.LastChangeTriggerTimes + sortTimeSlice(got) + sortTimeSlice(tc.expected) + + if !reflect.DeepEqual(got, tc.expected) { + t.Errorf("%s: Invalid LastChangeTriggerTimes, expected: %v, got: %v", + tc.name, tc.expected, result.LastChangeTriggerTimes) + } + } +} + func compareEndpointsMaps(t *testing.T, tci int, newMap EndpointsMap, expected map[ServicePortName][]*BaseEndpointInfo) { if len(newMap) != len(expected) { t.Errorf("[%d] expected %d results, got %d: %v", tci, len(expected), len(newMap), newMap) diff --git a/pkg/proxy/healthcheck/OWNERS b/pkg/proxy/healthcheck/OWNERS old mode 100755 new mode 100644 index 0e4b22dce61..6e357e0e915 --- a/pkg/proxy/healthcheck/OWNERS +++ b/pkg/proxy/healthcheck/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - m1093782566 diff --git a/pkg/proxy/iptables/OWNERS b/pkg/proxy/iptables/OWNERS old mode 100755 new mode 100644 index b6d1d616c8d..ce99e97466e --- a/pkg/proxy/iptables/OWNERS +++ b/pkg/proxy/iptables/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - smarterclayton @@ -5,3 +7,5 @@ reviewers: - freehan - dcbw - danwinship +labels: +- sig/network diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go index 7caace0933e..a4f8dc8ef76 100644 --- a/pkg/proxy/iptables/proxier.go +++ b/pkg/proxy/iptables/proxier.go @@ -613,6 +613,18 @@ func (proxier *Proxier) deleteEndpointConnections(connectionMap []proxy.ServiceE if err != nil { klog.Errorf("Failed to delete %s endpoint connections, error: %v", epSvcPair.ServicePortName.String(), err) } + for _, extIP := range svcInfo.ExternalIPStrings() { + err := conntrack.ClearEntriesForNAT(proxier.exec, extIP, endpointIP, v1.ProtocolUDP) + if err != nil { + klog.Errorf("Failed to delete %s endpoint connections for externalIP %s, error: %v", epSvcPair.ServicePortName.String(), extIP, err) + } + } + for _, lbIP := range svcInfo.LoadBalancerIPStrings() { + err := conntrack.ClearEntriesForNAT(proxier.exec, lbIP, endpointIP, v1.ProtocolUDP) + if err != nil { + klog.Errorf("Failed to delete %s endpoint connections for LoabBalancerIP %s, error: %v", epSvcPair.ServicePortName.String(), lbIP, err) + } + } } } } @@ -1341,6 +1353,11 @@ func (proxier *Proxier) syncProxyRules() { utilproxy.RevertPorts(replacementPortsMap, proxier.portsMap) return } + for _, lastChangeTriggerTime := range endpointUpdateResult.LastChangeTriggerTimes { + latency := metrics.SinceInSeconds(lastChangeTriggerTime) + metrics.NetworkProgrammingLatency.Observe(latency) + klog.V(4).Infof("Network programming took %f seconds", latency) + } // Close old local ports and save new ones. for k, v := range proxier.portsMap { diff --git a/pkg/proxy/ipvs/OWNERS b/pkg/proxy/ipvs/OWNERS index bccd989d475..c49cd694eba 100644 --- a/pkg/proxy/ipvs/OWNERS +++ b/pkg/proxy/ipvs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - brendandburns @@ -7,3 +9,5 @@ approvers: - thockin - brendandburns - m1093782566 +labels: +- sig/network diff --git a/pkg/proxy/ipvs/README.md b/pkg/proxy/ipvs/README.md index eb0f456f690..7395a6c990f 100644 --- a/pkg/proxy/ipvs/README.md +++ b/pkg/proxy/ipvs/README.md @@ -1,8 +1,8 @@ - [IPVS](#ipvs) - [What is IPVS](#what-is-ipvs) - [IPVS vs. IPTABLES](#ipvs-vs-iptables) - - [When ipvs falls back to iptables](#when-ipvs-falls-back-to-iptables) - - [Run kube-proxy in ipvs mode](#run-kube-proxy-in-ipvs-mode) + - [When IPVS falls back to IPTABLES](#when-ipvs-falls-back-to-iptables) + - [Run kube-proxy in IPVS mode](#run-kube-proxy-in-ipvs-mode) - [Prerequisite](#prerequisite) - [Local UP Cluster](#local-up-cluster) - [GCE Cluster](#gce-cluster) @@ -16,7 +16,7 @@ This document intends to show users - what is IPVS - difference between IPVS and IPTABLES -- how to run kube-proxy in ipvs mode and info on debugging +- how to run kube-proxy in IPVS mode and info on debugging ## What is IPVS @@ -32,16 +32,16 @@ Differences between IPVS mode and IPTABLES mode are as follows: 1. IPVS provides better scalability and performance for large clusters. -2. IPVS supports more sophisticated load balancing algorithms than iptables (least load, least connections, locality, weighted, etc.). +2. IPVS supports more sophisticated load balancing algorithms than IPTABLES (least load, least connections, locality, weighted, etc.). 3. IPVS supports server health checking and connection retries, etc. -### When ipvs falls back to iptables -IPVS proxier will employ iptables in doing packet filtering, SNAT or masquerade. -Specifically, ipvs proxier will use ipset to store source or destination address of traffics that need DROP or do masquerade, to make sure the number of iptables rules be constant, no metter how many services we have. +### When IPVS falls back to IPTABLES +IPVS proxier will employ IPTABLES in doing packet filtering, SNAT or masquerade. +Specifically, IPVS proxier will use ipset to store source or destination address of traffics that need DROP or do masquerade, to make sure the number of IPTABLES rules be constant, no metter how many services we have. -Here is the table of ipset sets that ipvs proxier used. +Here is the table of ipset sets that IPVS proxier used. | set name | members | usage | | :----------------------------- | ---------------------------------------- | ---------------------------------------- | @@ -58,11 +58,11 @@ Here is the table of ipset sets that ipvs proxier used. | KUBE-NODE-PORT-LOCAL-UDP | nodeport type service UDP port with `externalTrafficPolicy=local` | accept packages to nodeport service with `externalTrafficPolicy=local` | -IPVS proxier will fall back on iptables in the following scenarios. +IPVS proxier will fall back on IPTABLES in the following scenarios. **1. kube-proxy starts with --masquerade-all=true** -If kube-proxy starts with `--masquerade-all=true`, ipvs proxier will masquerade all traffic accessing service Cluster IP, which behaves the same as what iptables proxier. Suppose kube-proxy have flag `--masquerade-all=true` specified, then the iptables installed by ipvs proxier should be like what is shown below. +If kube-proxy starts with `--masquerade-all=true`, IPVS proxier will masquerade all traffic accessing service Cluster IP, which behaves the same as what IPTABLES proxier. Suppose kube-proxy have flag `--masquerade-all=true` specified, then the IPTABLES installed by IPVS proxier should be like what is shown below. ```shell # iptables -t nat -nL @@ -96,7 +96,7 @@ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-CLU **2. Specify cluster CIDR in kube-proxy startup** -If kube-proxy starts with `--cluster-cidr=`, ipvs proxier will masquerade off-cluster traffic accessing service Cluster IP, which behaves the same as what iptables proxier. Suppose kube-proxy is provided with the cluster cidr `10.244.16.0/24`, then the iptables installed by ipvs proxier should be like what is shown below. +If kube-proxy starts with `--cluster-cidr=`, IPVS proxier will masquerade off-cluster traffic accessing service Cluster IP, which behaves the same as what IPTABLES proxier. Suppose kube-proxy is provided with the cluster cidr `10.244.16.0/24`, then the IPTABLES installed by IPVS proxier should be like what is shown below. ```shell # iptables -t nat -nL @@ -130,10 +130,10 @@ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-CLU **3. Load Balancer type service** -For loadBalancer type service, ipvs proxier will install iptables with match of ipset `KUBE-LOAD-BALANCER`. +For loadBalancer type service, IPVS proxier will install IPTABLES with match of ipset `KUBE-LOAD-BALANCER`. Specially when service's `LoadBalancerSourceRanges` is specified or specified `externalTrafficPolicy=local`, -ipvs proxier will create ipset sets `KUBE-LOAD-BALANCER-LOCAL`/`KUBE-LOAD-BALANCER-FW`/`KUBE-LOAD-BALANCER-SOURCE-CIDR` -and install iptables accordingly, which should looks like what is shown below. +IPVS proxier will create ipset sets `KUBE-LOAD-BALANCER-LOCAL`/`KUBE-LOAD-BALANCER-FW`/`KUBE-LOAD-BALANCER-SOURCE-CIDR` +and install IPTABLES accordingly, which should looks like what is shown below. ```shell # iptables -t nat -nL @@ -182,9 +182,9 @@ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-LOA **4. NodePort type service** -For NodePort type service, ipvs proxier will install iptables with match of ipset `KUBE-NODE-PORT-TCP/KUBE-NODE-PORT-UDP`. -When specified `externalTrafficPolicy=local`,ipvs proxier will create ipset sets `KUBE-NODE-PORT-LOCAL-TC/KUBE-NODE-PORT-LOCAL-UDP` -and install iptables accordingly, which should looks like what is shown below. +For NodePort type service, IPVS proxier will install IPTABLES with match of ipset `KUBE-NODE-PORT-TCP/KUBE-NODE-PORT-UDP`. +When specified `externalTrafficPolicy=local`,IPVS proxier will create ipset sets `KUBE-NODE-PORT-LOCAL-TC/KUBE-NODE-PORT-LOCAL-UDP` +and install IPTABLES accordingly, which should looks like what is shown below. Suppose service with TCP type nodePort. @@ -222,8 +222,8 @@ KUBE-NODE-PORT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUB **5. Service with externalIPs specified** -For service with `externalIPs` specified, ipvs proxier will install iptables with match of ipset `KUBE-EXTERNAL-IP`, -Suppose we have service with `externalIPs` specified, iptables rules should looks like what is shown below. +For service with `externalIPs` specified, IPVS proxier will install IPTABLES with match of ipset `KUBE-EXTERNAL-IP`, +Suppose we have service with `externalIPs` specified, IPTABLES rules should looks like what is shown below. ```shell Chain PREROUTING (policy ACCEPT) @@ -254,7 +254,7 @@ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-EXT ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set KUBE-EXTERNAL-IP dst,dst ADDRTYPE match dst-type LOCAL ``` -## Run kube-proxy in ipvs mode +## Run kube-proxy in IPVS mode Currently, local-up scripts, GCE scripts and kubeadm support switching IPVS proxy mode via exporting environment variables or specifying flags. @@ -313,9 +313,9 @@ Kube-proxy will fall back to IPTABLES mode if those requirements are not met. ### Local UP Cluster -Kube-proxy will run in iptables mode by default in a [local-up cluster](https://github.com/kubernetes/community/blob/master/contributors/devel/running-locally.md). +Kube-proxy will run in IPTABLES mode by default in a [local-up cluster](https://github.com/kubernetes/community/blob/master/contributors/devel/running-locally.md). -To use IPVS mode, users should export the env `KUBE_PROXY_MODE=ipvs` to specify the ipvs mode before [starting the cluster](https://github.com/kubernetes/community/blob/master/contributors/devel/running-locally.md#starting-the-cluster): +To use IPVS mode, users should export the env `KUBE_PROXY_MODE=ipvs` to specify the IPVS mode before [starting the cluster](https://github.com/kubernetes/community/blob/master/contributors/devel/running-locally.md#starting-the-cluster): ```shell # before running `hack/local-up-cluster.sh` export KUBE_PROXY_MODE=ipvs @@ -323,7 +323,7 @@ export KUBE_PROXY_MODE=ipvs ### GCE Cluster -Similar to local-up cluster, kube-proxy in [clusters running on GCE](https://kubernetes.io/docs/getting-started-guides/gce/) run in iptables mode by default. Users need to export the env `KUBE_PROXY_MODE=ipvs` before [starting a cluster](https://kubernetes.io/docs/getting-started-guides/gce/#starting-a-cluster): +Similar to local-up cluster, kube-proxy in [clusters running on GCE](https://kubernetes.io/docs/getting-started-guides/gce/) run in IPTABLES mode by default. Users need to export the env `KUBE_PROXY_MODE=ipvs` before [starting a cluster](https://kubernetes.io/docs/getting-started-guides/gce/#starting-a-cluster): ```shell #before running one of the commands chosen to start a cluster: # curl -sS https://get.k8s.io | bash @@ -336,7 +336,7 @@ export KUBE_PROXY_MODE=ipvs If you are using kubeadm with a [configuration file](https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/#config-file), you have to add `mode: ipvs` and also add `SupportIPVSProxyMode: true` below the `kubeProxy` field as part of the kubeadm configuration. -```json +```yaml ... kubeProxy: config: @@ -360,7 +360,7 @@ kubeadm init --feature-gates=SupportIPVSProxyMode=true to specify the ipvs mode before deploying the cluster. **Notes** -If ipvs mode is successfully on, you should see ipvs proxy rules (use `ipvsadm`) like +If ipvs mode is successfully on, you should see IPVS proxy rules (use `ipvsadm`) like ```shell # ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) @@ -374,7 +374,7 @@ or similar logs occur in kube-proxy logs (for example, `/tmp/kube-proxy.log` for Using ipvs Proxier. ``` -While there is no ipvs proxy rules or the following logs ocuurs indicate that the kube-proxy fails to use ipvs mode: +While there is no IPVS proxy rules or the following logs ocuurs indicate that the kube-proxy fails to use IPVS mode: ``` Can't use ipvs proxier, trying iptables proxier Using iptables Proxier. @@ -422,4 +422,4 @@ Check whether the kube-proxy mode has been set to `ipvs`. **3. Install required kernel modules and packages** -Check whether the ipvs required kernel modules have been compiled into the kernel and packages installed. (see Prerequisite) +Check whether the IPVS required kernel modules have been compiled into the kernel and packages installed. (see Prerequisite) diff --git a/pkg/proxy/ipvs/proxier.go b/pkg/proxy/ipvs/proxier.go index ab20e70ca40..49c32a0ca8b 100644 --- a/pkg/proxy/ipvs/proxier.go +++ b/pkg/proxy/ipvs/proxier.go @@ -1200,6 +1200,11 @@ func (proxier *Proxier) syncProxyRules() { utilproxy.RevertPorts(replacementPortsMap, proxier.portsMap) return } + for _, lastChangeTriggerTime := range endpointUpdateResult.LastChangeTriggerTimes { + latency := metrics.SinceInSeconds(lastChangeTriggerTime) + metrics.NetworkProgrammingLatency.Observe(latency) + klog.V(4).Infof("Network programming took %f seconds", latency) + } // Close old local ports and save new ones. for k, v := range proxier.portsMap { @@ -1494,6 +1499,18 @@ func (proxier *Proxier) deleteEndpointConnections(connectionMap []proxy.ServiceE if err != nil { klog.Errorf("Failed to delete %s endpoint connections, error: %v", epSvcPair.ServicePortName.String(), err) } + for _, extIP := range svcInfo.ExternalIPStrings() { + err := conntrack.ClearEntriesForNAT(proxier.exec, extIP, endpointIP, v1.ProtocolUDP) + if err != nil { + klog.Errorf("Failed to delete %s endpoint connections for externalIP %s, error: %v", epSvcPair.ServicePortName.String(), extIP, err) + } + } + for _, lbIP := range svcInfo.LoadBalancerIPStrings() { + err := conntrack.ClearEntriesForNAT(proxier.exec, lbIP, endpointIP, v1.ProtocolUDP) + if err != nil { + klog.Errorf("Failed to delete %s endpoint connections for LoabBalancerIP %s, error: %v", epSvcPair.ServicePortName.String(), lbIP, err) + } + } } } } diff --git a/pkg/proxy/metrics/metrics.go b/pkg/proxy/metrics/metrics.go index c5c1d8fedaa..d8c5ed1cd26 100644 --- a/pkg/proxy/metrics/metrics.go +++ b/pkg/proxy/metrics/metrics.go @@ -45,15 +45,34 @@ var ( Buckets: prometheus.ExponentialBuckets(1000, 2, 15), }, ) + + // NetworkProgrammingLatency is defined as the time it took to program the network - from the time + // the service or pod has changed to the time the change was propagated and the proper kube-proxy + // rules were synced. Exported for each endpoints object that were part of the rules sync. + // See https://github.com/kubernetes/community/blob/master/sig-scalability/slos/network_programming_latency.md + // Note that the metrics is partially based on the time exported by the endpoints controller on + // the master machine. The measurement may be inaccurate if there is a clock drift between the + // node and master machine. + NetworkProgrammingLatency = prometheus.NewHistogram( + prometheus.HistogramOpts{ + Subsystem: kubeProxySubsystem, + Name: "network_programming_latency_seconds", + Help: "In Cluster Network Programming Latency in seconds", + // TODO(mm4tt): Reevaluate buckets before 1.14 release. + // The last bucket will be [0.001s*2^20 ~= 17min, +inf) + Buckets: prometheus.ExponentialBuckets(0.001, 2, 20), + }, + ) ) var registerMetricsOnce sync.Once -// RegisterMetrics registers sync proxy rules latency metrics +// RegisterMetrics registers kube-proxy metrics. func RegisterMetrics() { registerMetricsOnce.Do(func() { prometheus.MustRegister(SyncProxyRulesLatency) prometheus.MustRegister(DeprecatedSyncProxyRulesLatency) + prometheus.MustRegister(NetworkProgrammingLatency) }) } diff --git a/pkg/proxy/service.go b/pkg/proxy/service.go index 7de51df1aef..2d5bd352f53 100644 --- a/pkg/proxy/service.go +++ b/pkg/proxy/service.go @@ -79,6 +79,20 @@ func (info *BaseServiceInfo) GetNodePort() int { return info.NodePort } +// ExternalIPStrings is part of ServicePort interface. +func (info *BaseServiceInfo) ExternalIPStrings() []string { + return info.ExternalIPs +} + +// LoadBalancerIPStrings is part of ServicePort interface. +func (info *BaseServiceInfo) LoadBalancerIPStrings() []string { + var ips []string + for _, ing := range info.LoadBalancerStatus.Ingress { + ips = append(ips, ing.IP) + } + return ips +} + func (sct *ServiceChangeTracker) newBaseServiceInfo(port *v1.ServicePort, service *v1.Service) *BaseServiceInfo { onlyNodeLocalEndpoints := false if apiservice.RequestsOnlyLocalTraffic(service) { diff --git a/pkg/proxy/types.go b/pkg/proxy/types.go index f77f9ed0f36..b7d8b1654a9 100644 --- a/pkg/proxy/types.go +++ b/pkg/proxy/types.go @@ -50,6 +50,10 @@ type ServicePort interface { String() string // ClusterIPString returns service cluster IP in string format. ClusterIPString() string + // ExternalIPStrings returns service ExternalIPs as a string array. + ExternalIPStrings() []string + // LoadBalancerIPStrings returns service LoadBalancerIPs as a string array. + LoadBalancerIPStrings() []string // GetProtocol returns service protocol. GetProtocol() v1.Protocol // GetHealthCheckNodePort returns service health check node port if present. If return 0, it means not present. diff --git a/pkg/proxy/userspace/OWNERS b/pkg/proxy/userspace/OWNERS old mode 100755 new mode 100644 index 4988f45c4dd..c0db3231681 --- a/pkg/proxy/userspace/OWNERS +++ b/pkg/proxy/userspace/OWNERS @@ -1,5 +1,9 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp - smarterclayton - freehan +labels: +- sig/network diff --git a/pkg/proxy/winkernel/BUILD b/pkg/proxy/winkernel/BUILD index 4d6b5e0f881..c91644282e7 100644 --- a/pkg/proxy/winkernel/BUILD +++ b/pkg/proxy/winkernel/BUILD @@ -1,8 +1,10 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") go_library( name = "go_default_library", srcs = [ + "hnsV1.go", + "hnsV2.go", "metrics.go", "proxier.go", ], @@ -15,14 +17,18 @@ go_library( "//pkg/api/v1/service:go_default_library", "//pkg/apis/core/v1/helper:go_default_library", "//pkg/proxy:go_default_library", + "//pkg/proxy/apis/config:go_default_library", "//pkg/proxy/healthcheck:go_default_library", "//pkg/util/async:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/features:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", "//vendor/github.com/Microsoft/hcsshim:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/hcn:go_default_library", "//vendor/github.com/davecgh/go-spew/spew:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], @@ -43,3 +49,22 @@ filegroup( tags = ["automanaged"], visibility = ["//visibility:public"], ) + +go_test( + name = "go_default_test", + srcs = [ + "hns_test.go", + "proxier_test.go", + ], + embed = [":go_default_library"], + deps = select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//pkg/proxy:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/hcn:go_default_library", + ], + "//conditions:default": [], + }), +) diff --git a/pkg/proxy/winkernel/OWNERS b/pkg/proxy/winkernel/OWNERS index 557cda002be..845248af5f1 100644 --- a/pkg/proxy/winkernel/OWNERS +++ b/pkg/proxy/winkernel/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dineshgovindasamy - madhanrm @@ -6,3 +8,5 @@ reviewers: - dineshgovindasamy - madhanrm - feiskyer +labels: +- sig/network diff --git a/pkg/proxy/winkernel/hnsV1.go b/pkg/proxy/winkernel/hnsV1.go new file mode 100644 index 00000000000..19aa4ecd0b7 --- /dev/null +++ b/pkg/proxy/winkernel/hnsV1.go @@ -0,0 +1,225 @@ +// +build windows + +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package winkernel + +import ( + "encoding/json" + "fmt" + "github.com/Microsoft/hcsshim" + "k8s.io/klog" + "net" + "strings" +) + +type HostNetworkService interface { + getNetworkByName(name string) (*hnsNetworkInfo, error) + getEndpointByID(id string) (*endpointsInfo, error) + getEndpointByIpAddress(ip string, networkName string) (*endpointsInfo, error) + createEndpoint(ep *endpointsInfo, networkName string) (*endpointsInfo, error) + deleteEndpoint(hnsID string) error + getLoadBalancer(endpoints []endpointsInfo, isILB bool, isDSR bool, sourceVip string, vip string, protocol uint16, internalPort uint16, externalPort uint16) (*loadBalancerInfo, error) + deleteLoadBalancer(hnsID string) error +} + +// V1 HNS API +type hnsV1 struct{} + +func (hns hnsV1) getNetworkByName(name string) (*hnsNetworkInfo, error) { + hnsnetwork, err := hcsshim.GetHNSNetworkByName(name) + if err != nil { + klog.Errorf("%v", err) + return nil, err + } + + return &hnsNetworkInfo{ + id: hnsnetwork.Id, + name: hnsnetwork.Name, + networkType: hnsnetwork.Type, + }, nil +} +func (hns hnsV1) getEndpointByID(id string) (*endpointsInfo, error) { + hnsendpoint, err := hcsshim.GetHNSEndpointByID(id) + if err != nil { + klog.Errorf("%v", err) + return nil, err + } + return &endpointsInfo{ + ip: hnsendpoint.IPAddress.String(), + isLocal: !hnsendpoint.IsRemoteEndpoint, //TODO: Change isLocal to isRemote + macAddress: hnsendpoint.MacAddress, + hnsID: hnsendpoint.Id, + hns: hns, + }, nil +} +func (hns hnsV1) getEndpointByIpAddress(ip string, networkName string) (*endpointsInfo, error) { + hnsnetwork, err := hcsshim.GetHNSNetworkByName(networkName) + if err != nil { + klog.Errorf("%v", err) + return nil, err + } + + endpoints, err := hcsshim.HNSListEndpointRequest() + for _, endpoint := range endpoints { + equal := false + if endpoint.IPAddress != nil { + equal = endpoint.IPAddress.String() == ip + } + if equal && strings.EqualFold(endpoint.VirtualNetwork, hnsnetwork.Id) { + return &endpointsInfo{ + ip: endpoint.IPAddress.String(), + isLocal: !endpoint.IsRemoteEndpoint, + macAddress: endpoint.MacAddress, + hnsID: endpoint.Id, + hns: hns, + }, nil + } + } + + return nil, fmt.Errorf("Endpoint %v not found on network %s", ip, networkName) +} +func (hns hnsV1) createEndpoint(ep *endpointsInfo, networkName string) (*endpointsInfo, error) { + hnsNetwork, err := hcsshim.GetHNSNetworkByName(networkName) + if err != nil { + return nil, fmt.Errorf("Could not find network %s: %v", networkName, err) + } + hnsEndpoint := &hcsshim.HNSEndpoint{ + MacAddress: ep.macAddress, + IPAddress: net.ParseIP(ep.ip), + } + + var createdEndpoint *hcsshim.HNSEndpoint + if !ep.isLocal { + if len(ep.providerAddress) != 0 { + paPolicy := hcsshim.PaPolicy{ + Type: hcsshim.PA, + PA: ep.providerAddress, + } + paPolicyJson, err := json.Marshal(paPolicy) + if err != nil { + return nil, fmt.Errorf("PA Policy creation failed: %v", err) + } + hnsEndpoint.Policies = append(hnsEndpoint.Policies, paPolicyJson) + } + createdEndpoint, err = hnsNetwork.CreateRemoteEndpoint(hnsEndpoint) + if err != nil { + return nil, fmt.Errorf("Remote endpoint creation failed: %v", err) + } + + } else { + createdEndpoint, err = hnsNetwork.CreateEndpoint(hnsEndpoint) + if err != nil { + return nil, fmt.Errorf("Local endpoint creation failed: %v", err) + } + } + return &endpointsInfo{ + ip: createdEndpoint.IPAddress.String(), + isLocal: createdEndpoint.IsRemoteEndpoint, + macAddress: createdEndpoint.MacAddress, + hnsID: createdEndpoint.Id, + providerAddress: ep.providerAddress, //TODO get from createdEndpoint + hns: hns, + }, nil +} +func (hns hnsV1) deleteEndpoint(hnsID string) error { + hnsendpoint, err := hcsshim.GetHNSEndpointByID(hnsID) + if err != nil { + return err + } + _, err = hnsendpoint.Delete() + if err == nil { + klog.V(3).Infof("Remote endpoint resource deleted id %s", hnsID) + } + return err +} + +func (hns hnsV1) getLoadBalancer(endpoints []endpointsInfo, isILB bool, isDSR bool, sourceVip string, vip string, protocol uint16, internalPort uint16, externalPort uint16) (*loadBalancerInfo, error) { + plists, err := hcsshim.HNSListPolicyListRequest() + if err != nil { + return nil, err + } + + if isDSR { + klog.V(3).Info("DSR is not supported in V1. Using non DSR instead") + } + + for _, plist := range plists { + if len(plist.EndpointReferences) != len(endpoints) { + continue + } + // Validate if input meets any of the policy lists + elbPolicy := hcsshim.ELBPolicy{} + if err = json.Unmarshal(plist.Policies[0], &elbPolicy); err != nil { + continue + } + if elbPolicy.Protocol == protocol && elbPolicy.InternalPort == internalPort && elbPolicy.ExternalPort == externalPort && elbPolicy.ILB == isILB { + if len(vip) > 0 { + if len(elbPolicy.VIPs) == 0 || elbPolicy.VIPs[0] != vip { + continue + } + } + LogJson(plist, "Found existing Hns loadbalancer policy resource", 1) + return &loadBalancerInfo{ + hnsID: plist.ID, + }, nil + } + } + + var hnsEndpoints []hcsshim.HNSEndpoint + for _, ep := range endpoints { + endpoint, err := hcsshim.GetHNSEndpointByID(ep.hnsID) + if err != nil { + return nil, err + } + hnsEndpoints = append(hnsEndpoints, *endpoint) + } + lb, err := hcsshim.AddLoadBalancer( + hnsEndpoints, + isILB, + sourceVip, + vip, + protocol, + internalPort, + externalPort, + ) + + if err == nil { + LogJson(lb, "Hns loadbalancer policy resource", 1) + } else { + return nil, err + } + return &loadBalancerInfo{ + hnsID: lb.ID, + }, err +} +func (hns hnsV1) deleteLoadBalancer(hnsID string) error { + if len(hnsID) == 0 { + // Return silently + return nil + } + + // Cleanup HNS policies + hnsloadBalancer, err := hcsshim.GetPolicyListByID(hnsID) + if err != nil { + return err + } + LogJson(hnsloadBalancer, "Removing Policy", 2) + + _, err = hnsloadBalancer.Delete() + return err +} diff --git a/pkg/proxy/winkernel/hnsV2.go b/pkg/proxy/winkernel/hnsV2.go new file mode 100644 index 00000000000..43872095d29 --- /dev/null +++ b/pkg/proxy/winkernel/hnsV2.go @@ -0,0 +1,239 @@ +// +build windows + +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package winkernel + +import ( + "encoding/json" + "fmt" + + "github.com/Microsoft/hcsshim/hcn" + "k8s.io/klog" + + "strings" +) + +type hnsV2 struct{} + +func (hns hnsV2) getNetworkByName(name string) (*hnsNetworkInfo, error) { + hnsnetwork, err := hcn.GetNetworkByName(name) + if err != nil { + klog.Errorf("%v", err) + return nil, err + } + + var remoteSubnets []*remoteSubnetInfo + for _, policy := range hnsnetwork.Policies { + if policy.Type == hcn.RemoteSubnetRoute { + policySettings := hcn.RemoteSubnetRoutePolicySetting{} + err = json.Unmarshal(policy.Settings, &policySettings) + if err != nil { + return nil, fmt.Errorf("Failed to unmarshal Remote Subnet policy settings") + } + rs := &remoteSubnetInfo{ + destinationPrefix: policySettings.DestinationPrefix, + isolationId: policySettings.IsolationId, + providerAddress: policySettings.ProviderAddress, + drMacAddress: policySettings.DistributedRouterMacAddress, + } + remoteSubnets = append(remoteSubnets, rs) + } + } + + return &hnsNetworkInfo{ + id: hnsnetwork.Id, + name: hnsnetwork.Name, + networkType: string(hnsnetwork.Type), + remoteSubnets: remoteSubnets, + }, nil +} +func (hns hnsV2) getEndpointByID(id string) (*endpointsInfo, error) { + hnsendpoint, err := hcn.GetEndpointByID(id) + if err != nil { + return nil, err + } + return &endpointsInfo{ //TODO: fill out PA + ip: hnsendpoint.IpConfigurations[0].IpAddress, + isLocal: uint32(hnsendpoint.Flags&hcn.EndpointFlagsRemoteEndpoint) == 0, //TODO: Change isLocal to isRemote + macAddress: hnsendpoint.MacAddress, + hnsID: hnsendpoint.Id, + hns: hns, + }, nil +} +func (hns hnsV2) getEndpointByIpAddress(ip string, networkName string) (*endpointsInfo, error) { + hnsnetwork, err := hcn.GetNetworkByName(networkName) + if err != nil { + klog.Errorf("%v", err) + return nil, err + } + + endpoints, err := hcn.ListEndpoints() + for _, endpoint := range endpoints { + equal := false + if endpoint.IpConfigurations != nil && len(endpoint.IpConfigurations) > 0 { + equal = endpoint.IpConfigurations[0].IpAddress == ip + } + if equal && strings.EqualFold(endpoint.HostComputeNetwork, hnsnetwork.Id) { + return &endpointsInfo{ + ip: endpoint.IpConfigurations[0].IpAddress, + isLocal: uint32(endpoint.Flags&hcn.EndpointFlagsRemoteEndpoint) == 0, //TODO: Change isLocal to isRemote + macAddress: endpoint.MacAddress, + hnsID: endpoint.Id, + hns: hns, + }, nil + } + } + + return nil, fmt.Errorf("Endpoint %v not found on network %s", ip, networkName) +} +func (hns hnsV2) createEndpoint(ep *endpointsInfo, networkName string) (*endpointsInfo, error) { + hnsNetwork, err := hcn.GetNetworkByName(networkName) + if err != nil { + return nil, fmt.Errorf("Could not find network %s: %v", networkName, err) + } + var flags hcn.EndpointFlags + if !ep.isLocal { + flags |= hcn.EndpointFlagsRemoteEndpoint + } + ipConfig := &hcn.IpConfig{ + IpAddress: ep.ip, + } + hnsEndpoint := &hcn.HostComputeEndpoint{ + IpConfigurations: []hcn.IpConfig{*ipConfig}, + MacAddress: ep.macAddress, + Flags: flags, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + + var createdEndpoint *hcn.HostComputeEndpoint + if !ep.isLocal { + if len(ep.providerAddress) != 0 { + policySettings := hcn.ProviderAddressEndpointPolicySetting{ + ProviderAddress: ep.providerAddress, + } + policySettingsJson, err := json.Marshal(policySettings) + if err != nil { + return nil, fmt.Errorf("PA Policy creation failed: %v", err) + } + paPolicy := hcn.EndpointPolicy{ + Type: hcn.NetworkProviderAddress, + Settings: policySettingsJson, + } + hnsEndpoint.Policies = append(hnsEndpoint.Policies, paPolicy) + } + createdEndpoint, err = hnsNetwork.CreateRemoteEndpoint(hnsEndpoint) + if err != nil { + return nil, fmt.Errorf("Remote endpoint creation failed: %v", err) + } + } else { + createdEndpoint, err = hnsNetwork.CreateEndpoint(hnsEndpoint) + if err != nil { + return nil, fmt.Errorf("Local endpoint creation failed: %v", err) + } + } + return &endpointsInfo{ + ip: createdEndpoint.IpConfigurations[0].IpAddress, + isLocal: uint32(createdEndpoint.Flags&hcn.EndpointFlagsRemoteEndpoint) == 0, + macAddress: createdEndpoint.MacAddress, + hnsID: createdEndpoint.Id, + providerAddress: ep.providerAddress, //TODO get from createdEndpoint + hns: hns, + }, nil +} +func (hns hnsV2) deleteEndpoint(hnsID string) error { + hnsendpoint, err := hcn.GetEndpointByID(hnsID) + if err != nil { + return err + } + err = hnsendpoint.Delete() + if err == nil { + klog.V(3).Infof("Remote endpoint resource deleted id %s", hnsID) + } + return err +} +func (hns hnsV2) getLoadBalancer(endpoints []endpointsInfo, isILB bool, isDSR bool, sourceVip string, vip string, protocol uint16, internalPort uint16, externalPort uint16) (*loadBalancerInfo, error) { + plists, err := hcn.ListLoadBalancers() + if err != nil { + return nil, err + } + + for _, plist := range plists { + if len(plist.HostComputeEndpoints) != len(endpoints) { + continue + } + // Validate if input meets any of the policy lists + lbPortMapping := plist.PortMappings[0] + if lbPortMapping.Protocol == uint32(protocol) && lbPortMapping.InternalPort == internalPort && lbPortMapping.ExternalPort == externalPort && (lbPortMapping.Flags&1 != 0) == isILB { + if len(vip) > 0 { + if len(plist.FrontendVIPs) == 0 || plist.FrontendVIPs[0] != vip { + continue + } + } + LogJson(plist, "Found existing Hns loadbalancer policy resource", 1) + return &loadBalancerInfo{ + hnsID: plist.Id, + }, nil + } + } + + var hnsEndpoints []hcn.HostComputeEndpoint + for _, ep := range endpoints { + endpoint, err := hcn.GetEndpointByID(ep.hnsID) + if err != nil { + return nil, err + } + hnsEndpoints = append(hnsEndpoints, *endpoint) + } + + vips := []string{} + if len(vip) > 0 { + vips = append(vips, vip) + } + lb, err := hcn.AddLoadBalancer( + hnsEndpoints, + isILB, + isDSR, + sourceVip, + vips, + protocol, + internalPort, + externalPort, + ) + if err != nil { + return nil, err + } + + LogJson(lb, "Hns loadbalancer policy resource", 1) + + return &loadBalancerInfo{ + hnsID: lb.Id, + }, err +} +func (hns hnsV2) deleteLoadBalancer(hnsID string) error { + lb, err := hcn.GetLoadBalancerByID(hnsID) + if err != nil { + // Return silently + return nil + } + + err = lb.Delete() + return err +} diff --git a/pkg/proxy/winkernel/hns_test.go b/pkg/proxy/winkernel/hns_test.go new file mode 100644 index 00000000000..08292910150 --- /dev/null +++ b/pkg/proxy/winkernel/hns_test.go @@ -0,0 +1,557 @@ +// +build windows + +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package winkernel + +import ( + "encoding/json" + + "github.com/Microsoft/hcsshim/hcn" + + "strings" + "testing" +) + +const sourceVip = "192.168.1.2" +const serviceVip = "11.0.0.1" +const addressPrefix = "192.168.1.0/24" +const gatewayAddress = "192.168.1.1" +const epMacAddress = "00-11-22-33-44-55" +const epIpAddress = "192.168.1.3" +const epIpAddressRemote = "192.168.2.3" +const epPaAddress = "10.0.0.3" +const protocol = 6 +const internalPort = 80 +const externalPort = 32440 + +func TestGetNetworkByName(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testGetNetworkByName(t, hnsV1) + testGetNetworkByName(t, hnsV2) +} +func TestGetEndpointByID(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testGetEndpointByID(t, hnsV1) + testGetEndpointByID(t, hnsV2) +} +func TestGetEndpointByIpAddress(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testGetEndpointByIpAddress(t, hnsV1) + testGetEndpointByIpAddress(t, hnsV2) +} +func TestCreateEndpointLocal(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testCreateEndpointLocal(t, hnsV1) + testCreateEndpointLocal(t, hnsV2) +} +func TestCreateEndpointRemotePA(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testCreateEndpointRemote(t, hnsV1, epPaAddress) + testCreateEndpointRemote(t, hnsV2, epPaAddress) +} +func TestCreateEndpointRemoteNoPA(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testCreateEndpointRemote(t, hnsV1, "") + testCreateEndpointRemote(t, hnsV2, "") +} +func TestDeleteEndpoint(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testDeleteEndpoint(t, hnsV1) + testDeleteEndpoint(t, hnsV2) +} +func TestGetLoadBalancerExisting(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testGetLoadBalancerExisting(t, hnsV1) + testGetLoadBalancerExisting(t, hnsV2) +} +func TestGetLoadBalancerNew(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testGetLoadBalancerNew(t, hnsV1) + testGetLoadBalancerNew(t, hnsV2) +} +func TestDeleteLoadBalancer(t *testing.T) { + hnsV1 := hnsV1{} + hnsV2 := hnsV2{} + + testDeleteLoadBalancer(t, hnsV1) + testDeleteLoadBalancer(t, hnsV2) +} +func testGetNetworkByName(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + network, err := hns.getNetworkByName(Network.Name) + if err != nil { + t.Error(err) + } + + if !strings.EqualFold(network.id, Network.Id) { + t.Errorf("%v does not match %v", network.id, Network.Id) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func testGetEndpointByID(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + ipConfig := &hcn.IpConfig{ + IpAddress: epIpAddress, + } + Endpoint := &hcn.HostComputeEndpoint{ + IpConfigurations: []hcn.IpConfig{*ipConfig}, + MacAddress: epMacAddress, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + + Endpoint, err = Network.CreateEndpoint(Endpoint) + if err != nil { + t.Error(err) + } + + endpoint, err := hns.getEndpointByID(Endpoint.Id) + if err != nil { + t.Error(err) + } + if !strings.EqualFold(endpoint.hnsID, Endpoint.Id) { + t.Errorf("%v does not match %v", endpoint.hnsID, Endpoint.Id) + } + + err = Endpoint.Delete() + if err != nil { + t.Error(err) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func testGetEndpointByIpAddress(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + ipConfig := &hcn.IpConfig{ + IpAddress: epIpAddress, + } + Endpoint := &hcn.HostComputeEndpoint{ + IpConfigurations: []hcn.IpConfig{*ipConfig}, + MacAddress: epMacAddress, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + Endpoint, err = Network.CreateEndpoint(Endpoint) + if err != nil { + t.Error(err) + } + + endpoint, err := hns.getEndpointByIpAddress(Endpoint.IpConfigurations[0].IpAddress, Network.Name) + if err != nil { + t.Error(err) + } + if !strings.EqualFold(endpoint.hnsID, Endpoint.Id) { + t.Errorf("%v does not match %v", endpoint.hnsID, Endpoint.Id) + } + if endpoint.ip != Endpoint.IpConfigurations[0].IpAddress { + t.Errorf("%v does not match %v", endpoint.ip, Endpoint.IpConfigurations[0].IpAddress) + } + + err = Endpoint.Delete() + if err != nil { + t.Error(err) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func testCreateEndpointLocal(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + endpoint := &endpointsInfo{ + ip: epIpAddress, + macAddress: epMacAddress, + isLocal: true, + } + + endpoint, err = hns.createEndpoint(endpoint, Network.Name) + if err != nil { + t.Error(err) + } + Endpoint, err := hcn.GetEndpointByID(endpoint.hnsID) + if err != nil { + t.Error(err) + } + if !strings.EqualFold(endpoint.hnsID, Endpoint.Id) { + t.Errorf("%v does not match %v", endpoint.hnsID, Endpoint.Id) + } + if endpoint.ip != Endpoint.IpConfigurations[0].IpAddress { + t.Errorf("%v does not match %v", endpoint.ip, Endpoint.IpConfigurations[0].IpAddress) + } + if endpoint.macAddress != Endpoint.MacAddress { + t.Errorf("%v does not match %v", endpoint.macAddress, Endpoint.MacAddress) + } + + err = Endpoint.Delete() + if err != nil { + t.Error(err) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func testCreateEndpointRemote(t *testing.T, hns HostNetworkService, providerAddress string) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + endpoint := &endpointsInfo{ + ip: epIpAddressRemote, + macAddress: epMacAddress, + isLocal: false, + providerAddress: providerAddress, + } + + endpoint, err = hns.createEndpoint(endpoint, Network.Name) + if err != nil { + t.Error(err) + } + Endpoint, err := hcn.GetEndpointByID(endpoint.hnsID) + if err != nil { + t.Error(err) + } + if !strings.EqualFold(endpoint.hnsID, Endpoint.Id) { + t.Errorf("%v does not match %v", endpoint.hnsID, Endpoint.Id) + } + if endpoint.ip != Endpoint.IpConfigurations[0].IpAddress { + t.Errorf("%v does not match %v", endpoint.ip, Endpoint.IpConfigurations[0].IpAddress) + } + if endpoint.macAddress != Endpoint.MacAddress { + t.Errorf("%v does not match %v", endpoint.macAddress, Endpoint.MacAddress) + } + if len(providerAddress) != 0 && endpoint.providerAddress != epPaAddress { + t.Errorf("%v does not match %v", endpoint.providerAddress, providerAddress) + } + + err = Endpoint.Delete() + if err != nil { + t.Error(err) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func testDeleteEndpoint(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + ipConfig := &hcn.IpConfig{ + IpAddress: epIpAddress, + } + Endpoint := &hcn.HostComputeEndpoint{ + IpConfigurations: []hcn.IpConfig{*ipConfig}, + MacAddress: epMacAddress, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + Endpoint, err = Network.CreateEndpoint(Endpoint) + if err != nil { + t.Error(err) + } + err = hns.deleteEndpoint(Endpoint.Id) + if err != nil { + t.Error(err) + } + // Endpoint should no longer exist so this should fail + Endpoint, err = hcn.GetEndpointByID(Endpoint.Id) + if err == nil { + t.Error(err) + } + + err = Network.Delete() + if err != nil { + t.Error(err) + } +} + +func testGetLoadBalancerExisting(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + ipConfig := &hcn.IpConfig{ + IpAddress: epIpAddress, + } + Endpoint := &hcn.HostComputeEndpoint{ + IpConfigurations: []hcn.IpConfig{*ipConfig}, + MacAddress: epMacAddress, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + Endpoint, err = Network.CreateEndpoint(Endpoint) + if err != nil { + t.Error(err) + } + + Endpoints := []hcn.HostComputeEndpoint{*Endpoint} + LoadBalancer, err := hcn.AddLoadBalancer( + Endpoints, + false, + false, + sourceVip, + []string{serviceVip}, + protocol, + internalPort, + externalPort, + ) + if err != nil { + t.Error(err) + } + + endpoint := &endpointsInfo{ + ip: Endpoint.IpConfigurations[0].IpAddress, + hnsID: Endpoint.Id, + } + endpoints := []endpointsInfo{*endpoint} + lb, err := hns.getLoadBalancer(endpoints, false, false, sourceVip, serviceVip, protocol, internalPort, externalPort) + if err != nil { + t.Error(err) + } + + if !strings.EqualFold(lb.hnsID, LoadBalancer.Id) { + t.Errorf("%v does not match %v", lb.hnsID, LoadBalancer.Id) + } + + err = LoadBalancer.Delete() + if err != nil { + t.Error(err) + } + err = Endpoint.Delete() + if err != nil { + t.Error(err) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func testGetLoadBalancerNew(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + ipConfig := &hcn.IpConfig{ + IpAddress: epIpAddress, + } + Endpoint := &hcn.HostComputeEndpoint{ + IpConfigurations: []hcn.IpConfig{*ipConfig}, + MacAddress: epMacAddress, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + Endpoint, err = Network.CreateEndpoint(Endpoint) + if err != nil { + t.Error(err) + } + endpoint := &endpointsInfo{ + ip: Endpoint.IpConfigurations[0].IpAddress, + hnsID: Endpoint.Id, + } + endpoints := []endpointsInfo{*endpoint} + lb, err := hns.getLoadBalancer(endpoints, false, false, sourceVip, serviceVip, protocol, internalPort, externalPort) + if err != nil { + t.Error(err) + } + LoadBalancer, err := hcn.GetLoadBalancerByID(lb.hnsID) + if err != nil { + t.Error(err) + } + if !strings.EqualFold(lb.hnsID, LoadBalancer.Id) { + t.Errorf("%v does not match %v", lb.hnsID, LoadBalancer.Id) + } + err = LoadBalancer.Delete() + if err != nil { + t.Error(err) + } + + err = Endpoint.Delete() + if err != nil { + t.Error(err) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func testDeleteLoadBalancer(t *testing.T, hns HostNetworkService) { + Network, err := createTestNetwork() + if err != nil { + t.Error(err) + } + + ipConfig := &hcn.IpConfig{ + IpAddress: epIpAddress, + } + Endpoint := &hcn.HostComputeEndpoint{ + IpConfigurations: []hcn.IpConfig{*ipConfig}, + MacAddress: epMacAddress, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + Endpoint, err = Network.CreateEndpoint(Endpoint) + if err != nil { + t.Error(err) + } + + Endpoints := []hcn.HostComputeEndpoint{*Endpoint} + LoadBalancer, err := hcn.AddLoadBalancer( + Endpoints, + false, + false, + sourceVip, + []string{serviceVip}, + protocol, + internalPort, + externalPort, + ) + if err != nil { + t.Error(err) + } + err = hns.deleteLoadBalancer(LoadBalancer.Id) + if err != nil { + t.Error(err) + } + // Load balancer should not longer exist + LoadBalancer, err = hcn.GetLoadBalancerByID(LoadBalancer.Id) + if err == nil { + t.Error(err) + } + + err = Endpoint.Delete() + if err != nil { + t.Error(err) + } + err = Network.Delete() + if err != nil { + t.Error(err) + } +} +func createTestNetwork() (*hcn.HostComputeNetwork, error) { + network := &hcn.HostComputeNetwork{ + Type: "Overlay", + Name: "TestOverlay", + MacPool: hcn.MacPool{ + Ranges: []hcn.MacRange{ + { + StartMacAddress: "00-15-5D-52-C0-00", + EndMacAddress: "00-15-5D-52-CF-FF", + }, + }, + }, + Ipams: []hcn.Ipam{ + { + Type: "Static", + Subnets: []hcn.Subnet{ + { + IpAddressPrefix: addressPrefix, + Routes: []hcn.Route{ + { + NextHop: gatewayAddress, + DestinationPrefix: "0.0.0.0/0", + }, + }, + }, + }, + }, + }, + SchemaVersion: hcn.SchemaVersion{ + Major: 2, + Minor: 0, + }, + } + + vsid := &hcn.VsidPolicySetting{ + IsolationId: 5000, + } + vsidJson, err := json.Marshal(vsid) + if err != nil { + return nil, err + } + + sp := &hcn.SubnetPolicy{ + Type: hcn.VSID, + } + sp.Settings = vsidJson + + spJson, err := json.Marshal(sp) + if err != nil { + return nil, err + } + + network.Ipams[0].Subnets[0].Policies = append(network.Ipams[0].Subnets[0].Policies, spJson) + + return network.Create() +} diff --git a/pkg/proxy/winkernel/proxier.go b/pkg/proxy/winkernel/proxier.go index 83d3a92fe56..b7e671219ea 100644 --- a/pkg/proxy/winkernel/proxier.go +++ b/pkg/proxy/winkernel/proxier.go @@ -29,6 +29,8 @@ import ( "time" "github.com/Microsoft/hcsshim" + "github.com/Microsoft/hcsshim/hcn" + "github.com/davecgh/go-spew/spew" "k8s.io/klog" @@ -36,10 +38,13 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/wait" + genericfeatures "k8s.io/apiserver/pkg/features" + utilfeature "k8s.io/apiserver/pkg/util/feature" "k8s.io/client-go/tools/record" apiservice "k8s.io/kubernetes/pkg/api/v1/service" "k8s.io/kubernetes/pkg/apis/core/v1/helper" "k8s.io/kubernetes/pkg/proxy" + "k8s.io/kubernetes/pkg/proxy/apis/config" "k8s.io/kubernetes/pkg/proxy/healthcheck" "k8s.io/kubernetes/pkg/util/async" ) @@ -82,6 +87,10 @@ type loadBalancerIngressInfo struct { hnsID string } +type loadBalancerInfo struct { + hnsID string +} + // internal struct for string service information type serviceInfo struct { clusterIP net.IP @@ -100,11 +109,22 @@ type serviceInfo struct { hnsID string nodePorthnsID string policyApplied bool + remoteEndpoint *endpointsInfo + hns HostNetworkService } type hnsNetworkInfo struct { - name string - id string + name string + id string + networkType string + remoteSubnets []*remoteSubnetInfo +} + +type remoteSubnetInfo struct { + destinationPrefix string + isolationId uint16 + providerAddress string + drMacAddress string } func Log(v interface{}, message string, level klog.Level) { @@ -120,12 +140,14 @@ func LogJson(v interface{}, message string, level klog.Level) { // internal struct for endpoints information type endpointsInfo struct { - ip string - port uint16 - isLocal bool - macAddress string - hnsID string - refCount uint16 + ip string + port uint16 + isLocal bool + macAddress string + hnsID string + refCount uint16 + providerAddress string + hns HostNetworkService } //Uses mac prefix and IPv4 address to return a mac address @@ -139,7 +161,7 @@ func conjureMac(macPrefix string, ip net.IP) string { return "02-11-22-33-44-55" } -func newEndpointInfo(ip string, port uint16, isLocal bool) *endpointsInfo { +func newEndpointInfo(ip string, port uint16, isLocal bool, hns HostNetworkService) *endpointsInfo { info := &endpointsInfo{ ip: ip, port: port, @@ -147,6 +169,7 @@ func newEndpointInfo(ip string, port uint16, isLocal bool) *endpointsInfo { macAddress: conjureMac("02-11", net.ParseIP(ip)), refCount: 0, hnsID: "", + hns: hns, } return info @@ -160,14 +183,17 @@ func (ep *endpointsInfo) Cleanup() { // Remove only remote endpoints created by this service if ep.refCount <= 0 && !ep.isLocal { klog.V(4).Infof("Removing endpoints for %v, since no one is referencing it", ep) - deleteHnsEndpoint(ep.hnsID) - ep.hnsID = "" + err := ep.hns.deleteEndpoint(ep.hnsID) + if err == nil { + ep.hnsID = "" + } else { + klog.Errorf("Endpoint deletion failed for %v: %v", ep.ip, err) + } } - } // returns a new serviceInfo struct -func newServiceInfo(svcPortName proxy.ServicePortName, port *v1.ServicePort, service *v1.Service) *serviceInfo { +func newServiceInfo(svcPortName proxy.ServicePortName, port *v1.ServicePort, service *v1.Service, hns HostNetworkService) *serviceInfo { onlyNodeLocalEndpoints := false if apiservice.RequestsOnlyLocalTraffic(service) { onlyNodeLocalEndpoints = true @@ -175,8 +201,7 @@ func newServiceInfo(svcPortName proxy.ServicePortName, port *v1.ServicePort, ser // set default session sticky max age 180min=10800s stickyMaxAgeSeconds := 10800 - if service.Spec.SessionAffinity == v1.ServiceAffinityClientIP { - // Kube-apiserver side guarantees SessionAffinityConfig won't be nil when session affinity type is ClientIP + if service.Spec.SessionAffinity == v1.ServiceAffinityClientIP && service.Spec.SessionAffinityConfig != nil { stickyMaxAgeSeconds = int(*service.Spec.SessionAffinityConfig.ClientIP.TimeoutSeconds) } info := &serviceInfo{ @@ -193,6 +218,7 @@ func newServiceInfo(svcPortName proxy.ServicePortName, port *v1.ServicePort, ser stickyMaxAgeSeconds: stickyMaxAgeSeconds, loadBalancerSourceRanges: make([]string, len(service.Spec.LoadBalancerSourceRanges)), onlyNodeLocalEndpoints: onlyNodeLocalEndpoints, + hns: hns, } copy(info.loadBalancerSourceRanges, service.Spec.LoadBalancerSourceRanges) @@ -256,17 +282,17 @@ func newEndpointsChangeMap(hostname string) endpointsChangeMap { } } -func (ecm *endpointsChangeMap) update(namespacedName *types.NamespacedName, previous, current *v1.Endpoints) bool { +func (ecm *endpointsChangeMap) update(namespacedName *types.NamespacedName, previous, current *v1.Endpoints, hns HostNetworkService) bool { ecm.lock.Lock() defer ecm.lock.Unlock() change, exists := ecm.items[*namespacedName] if !exists { change = &endpointsChange{} - change.previous = endpointsToEndpointsMap(previous, ecm.hostname) + change.previous = endpointsToEndpointsMap(previous, ecm.hostname, hns) ecm.items[*namespacedName] = change } - change.current = endpointsToEndpointsMap(current, ecm.hostname) + change.current = endpointsToEndpointsMap(current, ecm.hostname, hns) if reflect.DeepEqual(change.previous, change.current) { delete(ecm.items, *namespacedName) } @@ -279,7 +305,7 @@ func newServiceChangeMap() serviceChangeMap { } } -func (scm *serviceChangeMap) update(namespacedName *types.NamespacedName, previous, current *v1.Service) bool { +func (scm *serviceChangeMap) update(namespacedName *types.NamespacedName, previous, current *v1.Service, hns HostNetworkService) bool { scm.lock.Lock() defer scm.lock.Unlock() @@ -287,10 +313,10 @@ func (scm *serviceChangeMap) update(namespacedName *types.NamespacedName, previo if !exists { // Service is Added change = &serviceChange{} - change.previous = serviceToServiceMap(previous) + change.previous = serviceToServiceMap(previous, hns) scm.items[*namespacedName] = change } - change.current = serviceToServiceMap(current) + change.current = serviceToServiceMap(current, hns) if reflect.DeepEqual(change.previous, change.current) { delete(scm.items, *namespacedName) } @@ -420,7 +446,11 @@ type Proxier struct { // precomputing some number of those and cache for future reuse. precomputedProbabilities []string - network hnsNetworkInfo + hns HostNetworkService + network hnsNetworkInfo + sourceVip string + hostMac string + isDSR bool } type localPort struct { @@ -465,6 +495,7 @@ func NewProxier( nodeIP net.IP, recorder record.EventRecorder, healthzServer healthcheck.HealthzUpdater, + config config.KubeProxyWinkernelConfiguration, ) (*Proxier, error) { masqueradeValue := 1 << uint(masqueradeBit) masqueradeMark := fmt.Sprintf("%#08x/%#08x", masqueradeValue, masqueradeValue) @@ -479,19 +510,81 @@ func NewProxier( } healthChecker := healthcheck.NewServer(hostname, recorder, nil, nil) // use default implementations of deps - - // TODO : Make this a param - hnsNetworkName := os.Getenv("KUBE_NETWORK") - if len(hnsNetworkName) == 0 { - return nil, fmt.Errorf("Environment variable KUBE_NETWORK not initialized") + var hns HostNetworkService + hns = hnsV1{} + supportedFeatures := hcn.GetSupportedFeatures() + if supportedFeatures.Api.V2 { + hns = hnsV2{} } - hnsNetwork, err := getHnsNetworkInfo(hnsNetworkName) + + hnsNetworkName := config.NetworkName + if len(hnsNetworkName) == 0 { + klog.V(3).Infof("network-name flag not set. Checking environment variable") + hnsNetworkName = os.Getenv("KUBE_NETWORK") + if len(hnsNetworkName) == 0 { + return nil, fmt.Errorf("Environment variable KUBE_NETWORK and network-flag not initialized") + } + } + + hnsNetworkInfo, err := hns.getNetworkByName(hnsNetworkName) if err != nil { - klog.Fatalf("Unable to find Hns Network specified by %s. Please check environment variable KUBE_NETWORK", hnsNetworkName) + klog.Errorf("Unable to find Hns Network specified by %s. Please check environment variable KUBE_NETWORK or network-name flag", hnsNetworkName) + return nil, err + } + klog.V(1).Infof("Hns Network loaded with info = %v", hnsNetworkInfo) + isDSR := config.EnableDSR + if isDSR && !utilfeature.DefaultFeatureGate.Enabled(genericfeatures.WinDSR) { + return nil, fmt.Errorf("WinDSR feature gate not enabled") + } + err = hcn.DSRSupported() + if isDSR && err != nil { return nil, err } - klog.V(1).Infof("Hns Network loaded with info = %v", hnsNetwork) + var sourceVip string + var hostMac string + if hnsNetworkInfo.networkType == "Overlay" { + if !utilfeature.DefaultFeatureGate.Enabled(genericfeatures.WinOverlay) { + return nil, fmt.Errorf("WinOverlay feature gate not enabled") + } + err = hcn.RemoteSubnetSupported() + if err != nil { + return nil, err + } + sourceVip = config.SourceVip + if len(sourceVip) == 0 { + return nil, fmt.Errorf("source-vip flag not set") + } + + interfaces, _ := net.Interfaces() //TODO create interfaces + for _, inter := range interfaces { + addresses, _ := inter.Addrs() + for _, addr := range addresses { + addrIP, _, _ := net.ParseCIDR(addr.String()) + if addrIP.String() == nodeIP.String() { + klog.V(2).Infof("Host MAC address is %s", inter.HardwareAddr.String()) + hostMac = inter.HardwareAddr.String() + } + } + } + if len(hostMac) == 0 { + return nil, fmt.Errorf("Could not find host mac address for %s", nodeIP) + } + + existingSourceVip, _ := hns.getEndpointByIpAddress(sourceVip, hnsNetworkName) + if existingSourceVip == nil { + hnsEndpoint := &endpointsInfo{ + ip: sourceVip, + isLocal: true, + macAddress: hostMac, + providerAddress: nodeIP.String(), + } + _, err = hns.createEndpoint(hnsEndpoint, hnsNetworkName) + if err != nil { + return nil, fmt.Errorf("Source Vip endpoint creation failed: %v", err) + } + } + } proxier := &Proxier{ portsMap: make(map[localPort]closeable), @@ -507,7 +600,11 @@ func NewProxier( recorder: recorder, healthChecker: healthChecker, healthzServer: healthzServer, - network: *hnsNetwork, + hns: hns, + network: *hnsNetworkInfo, + sourceVip: sourceVip, + hostMac: hostMac, + isDSR: isDSR, } burstSyncs := 2 @@ -536,27 +633,30 @@ func (svcInfo *serviceInfo) cleanupAllPolicies(endpoints []*endpointsInfo) { for _, ep := range endpoints { ep.Cleanup() } + if svcInfo.remoteEndpoint != nil { + svcInfo.remoteEndpoint.Cleanup() + } svcInfo.policyApplied = false } func (svcInfo *serviceInfo) deleteAllHnsLoadBalancerPolicy() { // Remove the Hns Policy corresponding to this service - deleteHnsLoadBalancerPolicy(svcInfo.hnsID) + hns := svcInfo.hns + hns.deleteLoadBalancer(svcInfo.hnsID) svcInfo.hnsID = "" - deleteHnsLoadBalancerPolicy(svcInfo.nodePorthnsID) + hns.deleteLoadBalancer(svcInfo.nodePorthnsID) svcInfo.nodePorthnsID = "" for _, externalIp := range svcInfo.externalIPs { - deleteHnsLoadBalancerPolicy(externalIp.hnsID) + hns.deleteLoadBalancer(externalIp.hnsID) externalIp.hnsID = "" } for _, lbIngressIp := range svcInfo.loadBalancerIngressIPs { - deleteHnsLoadBalancerPolicy(lbIngressIp.hnsID) + hns.deleteLoadBalancer(lbIngressIp.hnsID) lbIngressIp.hnsID = "" } - } func deleteAllHnsLoadBalancerPolicy() { @@ -574,87 +674,6 @@ func deleteAllHnsLoadBalancerPolicy() { } -// getHnsLoadBalancer returns the LoadBalancer policy resource, if already found. -// If not, it would create one and return -func getHnsLoadBalancer(endpoints []hcsshim.HNSEndpoint, isILB bool, vip string, protocol uint16, internalPort uint16, externalPort uint16) (*hcsshim.PolicyList, error) { - plists, err := hcsshim.HNSListPolicyListRequest() - if err != nil { - return nil, err - } - - for _, plist := range plists { - if len(plist.EndpointReferences) != len(endpoints) { - continue - } - // Validate if input meets any of the policy lists - elbPolicy := hcsshim.ELBPolicy{} - if err = json.Unmarshal(plist.Policies[0], &elbPolicy); err != nil { - continue - } - if elbPolicy.Protocol == protocol && elbPolicy.InternalPort == internalPort && elbPolicy.ExternalPort == externalPort && elbPolicy.ILB == isILB { - if len(vip) > 0 { - if len(elbPolicy.VIPs) == 0 || elbPolicy.VIPs[0] != vip { - continue - } - } - LogJson(plist, "Found existing Hns loadbalancer policy resource", 1) - return &plist, nil - - } - } - //TODO: sourceVip is not used. If required, expose this as a param - var sourceVip string - lb, err := hcsshim.AddLoadBalancer( - endpoints, - isILB, - sourceVip, - vip, - protocol, - internalPort, - externalPort, - ) - - if err == nil { - LogJson(lb, "Hns loadbalancer policy resource", 1) - } - return lb, err -} - -func deleteHnsLoadBalancerPolicy(hnsID string) { - if len(hnsID) == 0 { - // Return silently - return - } - - // Cleanup HNS policies - hnsloadBalancer, err := hcsshim.GetPolicyListByID(hnsID) - if err != nil { - klog.Errorf("%v", err) - return - } - LogJson(hnsloadBalancer, "Removing Policy", 2) - - _, err = hnsloadBalancer.Delete() - if err != nil { - klog.Errorf("%v", err) - } -} - -func deleteHnsEndpoint(hnsID string) { - hnsendpoint, err := hcsshim.GetHNSEndpointByID(hnsID) - if err != nil { - klog.Errorf("%v", err) - return - } - - _, err = hnsendpoint.Delete() - if err != nil { - klog.Errorf("%v", err) - } - - klog.V(3).Infof("Remote endpoint resource deleted id %s", hnsID) -} - func getHnsNetworkInfo(hnsNetworkName string) (*hnsNetworkInfo, error) { hnsnetwork, err := hcsshim.GetHNSNetworkByName(hnsNetworkName) if err != nil { @@ -663,29 +682,12 @@ func getHnsNetworkInfo(hnsNetworkName string) (*hnsNetworkInfo, error) { } return &hnsNetworkInfo{ - id: hnsnetwork.Id, - name: hnsnetwork.Name, + id: hnsnetwork.Id, + name: hnsnetwork.Name, + networkType: hnsnetwork.Type, }, nil } -func getHnsEndpointByIpAddress(ip net.IP, networkName string) (*hcsshim.HNSEndpoint, error) { - hnsnetwork, err := hcsshim.GetHNSNetworkByName(networkName) - if err != nil { - klog.Errorf("%v", err) - return nil, err - } - - endpoints, err := hcsshim.HNSListEndpointRequest() - for _, endpoint := range endpoints { - equal := reflect.DeepEqual(endpoint.IPAddress, ip) - if equal && endpoint.VirtualNetwork == hnsnetwork.Id { - return &endpoint, nil - } - } - - return nil, fmt.Errorf("Endpoint %v not found on network %s", ip, networkName) -} - // Sync is called to synchronize the proxier state to hns as soon as possible. func (proxier *Proxier) Sync() { proxier.syncRunner.Run() @@ -714,21 +716,21 @@ func (proxier *Proxier) isInitialized() bool { func (proxier *Proxier) OnServiceAdd(service *v1.Service) { namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name} - if proxier.serviceChanges.update(&namespacedName, nil, service) && proxier.isInitialized() { + if proxier.serviceChanges.update(&namespacedName, nil, service, proxier.hns) && proxier.isInitialized() { proxier.syncRunner.Run() } } func (proxier *Proxier) OnServiceUpdate(oldService, service *v1.Service) { namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name} - if proxier.serviceChanges.update(&namespacedName, oldService, service) && proxier.isInitialized() { + if proxier.serviceChanges.update(&namespacedName, oldService, service, proxier.hns) && proxier.isInitialized() { proxier.syncRunner.Run() } } func (proxier *Proxier) OnServiceDelete(service *v1.Service) { namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name} - if proxier.serviceChanges.update(&namespacedName, service, nil) && proxier.isInitialized() { + if proxier.serviceChanges.update(&namespacedName, service, nil, proxier.hns) && proxier.isInitialized() { proxier.syncRunner.Run() } } @@ -789,21 +791,21 @@ func (proxier *Proxier) updateServiceMap() (result updateServiceMapResult) { func (proxier *Proxier) OnEndpointsAdd(endpoints *v1.Endpoints) { namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name} - if proxier.endpointsChanges.update(&namespacedName, nil, endpoints) && proxier.isInitialized() { + if proxier.endpointsChanges.update(&namespacedName, nil, endpoints, proxier.hns) && proxier.isInitialized() { proxier.syncRunner.Run() } } func (proxier *Proxier) OnEndpointsUpdate(oldEndpoints, endpoints *v1.Endpoints) { namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name} - if proxier.endpointsChanges.update(&namespacedName, oldEndpoints, endpoints) && proxier.isInitialized() { + if proxier.endpointsChanges.update(&namespacedName, oldEndpoints, endpoints, proxier.hns) && proxier.isInitialized() { proxier.syncRunner.Run() } } func (proxier *Proxier) OnEndpointsDelete(endpoints *v1.Endpoints) { namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name} - if proxier.endpointsChanges.update(&namespacedName, endpoints, nil) && proxier.isInitialized() { + if proxier.endpointsChanges.update(&namespacedName, endpoints, nil, proxier.hns) && proxier.isInitialized() { proxier.syncRunner.Run() } } @@ -867,7 +869,7 @@ func getLocalIPs(endpointsMap proxyEndpointsMap) map[types.NamespacedName]sets.S // This function is used for incremental updated of endpointsMap. // // NOTE: endpoints object should NOT be modified. -func endpointsToEndpointsMap(endpoints *v1.Endpoints, hostname string) proxyEndpointsMap { +func endpointsToEndpointsMap(endpoints *v1.Endpoints, hostname string, hns HostNetworkService) proxyEndpointsMap { if endpoints == nil { return nil } @@ -880,7 +882,7 @@ func endpointsToEndpointsMap(endpoints *v1.Endpoints, hostname string) proxyEndp for i := range ss.Ports { port := &ss.Ports[i] if port.Port == 0 { - klog.Warningf("ignoring invalid endpoint port %s", port.Name) + klog.Warningf("Ignoring invalid endpoint port %s", port.Name) continue } svcPortName := proxy.ServicePortName{ @@ -890,11 +892,11 @@ func endpointsToEndpointsMap(endpoints *v1.Endpoints, hostname string) proxyEndp for i := range ss.Addresses { addr := &ss.Addresses[i] if addr.IP == "" { - klog.Warningf("ignoring invalid endpoint port %s with empty host", port.Name) + klog.Warningf("Ignoring invalid endpoint port %s with empty host", port.Name) continue } isLocal := addr.NodeName != nil && *addr.NodeName == hostname - epInfo := newEndpointInfo(addr.IP, uint16(port.Port), isLocal) + epInfo := newEndpointInfo(addr.IP, uint16(port.Port), isLocal, hns) endpointsMap[svcPortName] = append(endpointsMap[svcPortName], epInfo) } if klog.V(3) { @@ -912,7 +914,7 @@ func endpointsToEndpointsMap(endpoints *v1.Endpoints, hostname string) proxyEndp // Translates single Service object to proxyServiceMap. // // NOTE: service object should NOT be modified. -func serviceToServiceMap(service *v1.Service) proxyServiceMap { +func serviceToServiceMap(service *v1.Service, hns HostNetworkService) proxyServiceMap { if service == nil { return nil } @@ -925,7 +927,7 @@ func serviceToServiceMap(service *v1.Service) proxyServiceMap { for i := range service.Spec.Ports { servicePort := &service.Spec.Ports[i] svcPortName := proxy.ServicePortName{NamespacedName: svcName, Port: servicePort.Name} - serviceMap[svcPortName] = newServiceInfo(svcPortName, servicePort, service) + serviceMap[svcPortName] = newServiceInfo(svcPortName, servicePort, service, hns) } return serviceMap } @@ -972,12 +974,36 @@ func (proxier *Proxier) syncProxyRules() { continue } - var hnsEndpoints []hcsshim.HNSEndpoint + hnsNetworkName := proxier.network.name + hns := proxier.hns + if proxier.network.networkType == "Overlay" { + serviceVipEndpoint, _ := hns.getEndpointByIpAddress(svcInfo.clusterIP.String(), hnsNetworkName) + if serviceVipEndpoint == nil { + klog.V(4).Infof("No existing remote endpoint for service VIP %v", svcInfo.clusterIP.String()) + hnsEndpoint := &endpointsInfo{ + ip: svcInfo.clusterIP.String(), + isLocal: false, + macAddress: proxier.hostMac, + providerAddress: proxier.nodeIP.String(), + } + + newHnsEndpoint, err := hns.createEndpoint(hnsEndpoint, hnsNetworkName) + if err != nil { + klog.Errorf("Remote endpoint creation failed for service VIP: %v", err) + continue + } + + newHnsEndpoint.refCount++ + svcInfo.remoteEndpoint = newHnsEndpoint + } + } + + var hnsEndpoints []endpointsInfo klog.V(4).Infof("====Applying Policy for %s====", svcName) // Create Remote endpoints for every endpoint, corresponding to the service for _, ep := range proxier.endpointsMap[svcName] { - var newHnsEndpoint *hcsshim.HNSEndpoint + var newHnsEndpoint *endpointsInfo hnsNetworkName := proxier.network.name var err error @@ -989,14 +1015,14 @@ func (proxier *Proxier) syncProxyRules() { } if len(ep.hnsID) > 0 { - newHnsEndpoint, err = hcsshim.GetHNSEndpointByID(ep.hnsID) + newHnsEndpoint, err = hns.getEndpointByID(ep.hnsID) } if newHnsEndpoint == nil { // First check if an endpoint resource exists for this IP, on the current host // A Local endpoint could exist here already // A remote endpoint was already created and proxy was restarted - newHnsEndpoint, err = getHnsEndpointByIpAddress(net.ParseIP(ep.ip), hnsNetworkName) + newHnsEndpoint, err = hns.getEndpointByIpAddress(ep.ip, hnsNetworkName) } if newHnsEndpoint == nil { @@ -1004,29 +1030,63 @@ func (proxier *Proxier) syncProxyRules() { klog.Errorf("Local endpoint not found for %v: err: %v on network %s", ep.ip, err, hnsNetworkName) continue } - // hns Endpoint resource was not found, create one - hnsnetwork, err := hcsshim.GetHNSNetworkByName(hnsNetworkName) - if err != nil { - klog.Errorf("%v", err) - continue - } - hnsEndpoint := &hcsshim.HNSEndpoint{ - MacAddress: ep.macAddress, - IPAddress: net.ParseIP(ep.ip), - } + if proxier.network.networkType == "Overlay" { + klog.Infof("Updating network %v to check for new remote subnet policies", proxier.network.name) + networkName := proxier.network.name + updatedNetwork, err := hns.getNetworkByName(networkName) + if err != nil { + klog.Fatalf("Failed to get network %v: %v", networkName, err) + } + proxier.network = *updatedNetwork + var providerAddress string + for _, rs := range proxier.network.remoteSubnets { + _, ipNet, err := net.ParseCIDR(rs.destinationPrefix) + if err != nil { + klog.Fatalf("%v", err) + } + if ipNet.Contains(net.ParseIP(ep.ip)) { + providerAddress = rs.providerAddress + } + if ep.ip == rs.providerAddress { + providerAddress = rs.providerAddress + } + } + if len(providerAddress) == 0 { + klog.Errorf("Could not find provider address for %s", ep.ip) + continue + } + hnsEndpoint := &endpointsInfo{ + ip: ep.ip, + isLocal: false, + macAddress: conjureMac("02-11", net.ParseIP(ep.ip)), + providerAddress: providerAddress, + } - newHnsEndpoint, err = hnsnetwork.CreateRemoteEndpoint(hnsEndpoint) - if err != nil { - klog.Errorf("Remote endpoint creation failed: %v", err) - continue + newHnsEndpoint, err = hns.createEndpoint(hnsEndpoint, hnsNetworkName) + if err != nil { + klog.Errorf("Remote endpoint creation failed: %v, %s", err, spew.Sdump(hnsEndpoint)) + continue + } + } else { + hnsEndpoint := &endpointsInfo{ + ip: ep.ip, + isLocal: false, + macAddress: ep.macAddress, + } + + newHnsEndpoint, err = hns.createEndpoint(hnsEndpoint, hnsNetworkName) + if err != nil { + klog.Errorf("Remote endpoint creation failed: %v", err) + continue + } } } // Save the hnsId for reference LogJson(newHnsEndpoint, "Hns Endpoint resource", 1) hnsEndpoints = append(hnsEndpoints, *newHnsEndpoint) - ep.hnsID = newHnsEndpoint.Id + ep.hnsID = newHnsEndpoint.hnsID ep.refCount++ Log(ep, "Endpoint resource found", 3) } @@ -1044,11 +1104,13 @@ func (proxier *Proxier) syncProxyRules() { } klog.V(4).Infof("Trying to Apply Policies for service %s", spew.Sdump(svcInfo)) - var hnsLoadBalancer *hcsshim.PolicyList + var hnsLoadBalancer *loadBalancerInfo - hnsLoadBalancer, err := getHnsLoadBalancer( + hnsLoadBalancer, err := hns.getLoadBalancer( hnsEndpoints, false, + proxier.isDSR, + proxier.sourceVip, svcInfo.clusterIP.String(), Enum(svcInfo.protocol), uint16(svcInfo.targetPort), @@ -1059,15 +1121,17 @@ func (proxier *Proxier) syncProxyRules() { continue } - svcInfo.hnsID = hnsLoadBalancer.ID - klog.V(3).Infof("Hns LoadBalancer resource created for cluster ip resources %v, Id [%s]", svcInfo.clusterIP, hnsLoadBalancer.ID) + svcInfo.hnsID = hnsLoadBalancer.hnsID + klog.V(3).Infof("Hns LoadBalancer resource created for cluster ip resources %v, Id [%s]", svcInfo.clusterIP, hnsLoadBalancer.hnsID) // If nodePort is specified, user should be able to use nodeIP:nodePort to reach the backend endpoints if svcInfo.nodePort > 0 { - hnsLoadBalancer, err := getHnsLoadBalancer( + hnsLoadBalancer, err := hns.getLoadBalancer( hnsEndpoints, false, - "", // VIP has to be empty to automatically select the nodeIP + false, + proxier.sourceVip, + "", Enum(svcInfo.protocol), uint16(svcInfo.targetPort), uint16(svcInfo.nodePort), @@ -1077,16 +1141,18 @@ func (proxier *Proxier) syncProxyRules() { continue } - svcInfo.nodePorthnsID = hnsLoadBalancer.ID - klog.V(3).Infof("Hns LoadBalancer resource created for nodePort resources %v, Id [%s]", svcInfo.clusterIP, hnsLoadBalancer.ID) + svcInfo.nodePorthnsID = hnsLoadBalancer.hnsID + klog.V(3).Infof("Hns LoadBalancer resource created for nodePort resources %v, Id [%s]", svcInfo.clusterIP, hnsLoadBalancer.hnsID) } // Create a Load Balancer Policy for each external IP for _, externalIp := range svcInfo.externalIPs { // Try loading existing policies, if already available - hnsLoadBalancer, err := getHnsLoadBalancer( + hnsLoadBalancer, err = hns.getLoadBalancer( hnsEndpoints, false, + false, + proxier.sourceVip, externalIp.ip, Enum(svcInfo.protocol), uint16(svcInfo.targetPort), @@ -1096,15 +1162,17 @@ func (proxier *Proxier) syncProxyRules() { klog.Errorf("Policy creation failed: %v", err) continue } - externalIp.hnsID = hnsLoadBalancer.ID - klog.V(3).Infof("Hns LoadBalancer resource created for externalIp resources %v, Id[%s]", externalIp, hnsLoadBalancer.ID) + externalIp.hnsID = hnsLoadBalancer.hnsID + klog.V(3).Infof("Hns LoadBalancer resource created for externalIp resources %v, Id[%s]", externalIp, hnsLoadBalancer.hnsID) } // Create a Load Balancer Policy for each loadbalancer ingress for _, lbIngressIp := range svcInfo.loadBalancerIngressIPs { // Try loading existing policies, if already available - hnsLoadBalancer, err := getHnsLoadBalancer( + hnsLoadBalancer, err := hns.getLoadBalancer( hnsEndpoints, false, + false, + proxier.sourceVip, lbIngressIp.ip, Enum(svcInfo.protocol), uint16(svcInfo.targetPort), @@ -1114,7 +1182,7 @@ func (proxier *Proxier) syncProxyRules() { klog.Errorf("Policy creation failed: %v", err) continue } - lbIngressIp.hnsID = hnsLoadBalancer.ID + lbIngressIp.hnsID = hnsLoadBalancer.hnsID klog.V(3).Infof("Hns LoadBalancer resource created for loadBalancer Ingress resources %v", lbIngressIp) } svcInfo.policyApplied = true diff --git a/pkg/proxy/winkernel/proxier_test.go b/pkg/proxy/winkernel/proxier_test.go new file mode 100644 index 00000000000..8c6cc3b7478 --- /dev/null +++ b/pkg/proxy/winkernel/proxier_test.go @@ -0,0 +1,379 @@ +// +build windows + +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package winkernel + +import ( + "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/kubernetes/pkg/proxy" + + "net" + "strings" + "testing" + "time" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const testHostName = "test-hostname" +const macAddress = "00-11-22-33-44-55" +const clusterCIDR = "192.168.1.0/24" +const destinationPrefix = "192.168.2.0/24" +const providerAddress = "10.0.0.3" +const guid = "123ABC" + +type fakeHealthChecker struct { + services map[types.NamespacedName]uint16 + endpoints map[types.NamespacedName]int +} + +func newFakeHealthChecker() *fakeHealthChecker { + return &fakeHealthChecker{ + services: map[types.NamespacedName]uint16{}, + endpoints: map[types.NamespacedName]int{}, + } +} +func (fake *fakeHealthChecker) SyncServices(newServices map[types.NamespacedName]uint16) error { + fake.services = newServices + return nil +} + +func (fake *fakeHealthChecker) SyncEndpoints(newEndpoints map[types.NamespacedName]int) error { + fake.endpoints = newEndpoints + return nil +} + +type fakeHNS struct{} + +func newFakeHNS() *fakeHNS { + return &fakeHNS{} +} +func (hns fakeHNS) getNetworkByName(name string) (*hnsNetworkInfo, error) { + var remoteSubnets []*remoteSubnetInfo + rs := &remoteSubnetInfo{ + destinationPrefix: destinationPrefix, + isolationId: 4096, + providerAddress: providerAddress, + drMacAddress: macAddress, + } + remoteSubnets = append(remoteSubnets, rs) + return &hnsNetworkInfo{ + id: strings.ToUpper(guid), + name: name, + networkType: "Overlay", + remoteSubnets: remoteSubnets, + }, nil +} +func (hns fakeHNS) getEndpointByID(id string) (*endpointsInfo, error) { + return nil, nil +} +func (hns fakeHNS) getEndpointByIpAddress(ip string, networkName string) (*endpointsInfo, error) { + _, ipNet, _ := net.ParseCIDR(destinationPrefix) + + if ipNet.Contains(net.ParseIP(ip)) { + return &endpointsInfo{ + ip: ip, + isLocal: true, + macAddress: macAddress, + hnsID: guid, + hns: hns, + }, nil + } + return nil, nil + +} +func (hns fakeHNS) createEndpoint(ep *endpointsInfo, networkName string) (*endpointsInfo, error) { + return &endpointsInfo{ + ip: ep.ip, + isLocal: ep.isLocal, + macAddress: ep.macAddress, + hnsID: guid, + hns: hns, + }, nil +} +func (hns fakeHNS) deleteEndpoint(hnsID string) error { + return nil +} +func (hns fakeHNS) getLoadBalancer(endpoints []endpointsInfo, isILB bool, isDSR bool, sourceVip string, vip string, protocol uint16, internalPort uint16, externalPort uint16) (*loadBalancerInfo, error) { + return &loadBalancerInfo{ + hnsID: guid, + }, nil +} +func (hns fakeHNS) deleteLoadBalancer(hnsID string) error { + return nil +} +func NewFakeProxier(syncPeriod time.Duration, minSyncPeriod time.Duration, clusterCIDR string, hostname string, nodeIP net.IP, networkType string) *Proxier { + sourceVip := "192.168.1.2" + hnsNetworkInfo := &hnsNetworkInfo{ + name: "TestNetwork", + networkType: networkType, + } + proxier := &Proxier{ + portsMap: make(map[localPort]closeable), + serviceMap: make(proxyServiceMap), + serviceChanges: newServiceChangeMap(), + endpointsMap: make(proxyEndpointsMap), + endpointsChanges: newEndpointsChangeMap(hostname), + clusterCIDR: clusterCIDR, + hostname: testHostName, + nodeIP: nodeIP, + healthChecker: newFakeHealthChecker(), + network: *hnsNetworkInfo, + sourceVip: sourceVip, + hostMac: macAddress, + isDSR: false, + hns: newFakeHNS(), + } + return proxier +} + +func TestCreateServiceVip(t *testing.T) { + syncPeriod := 30 * time.Second + proxier := NewFakeProxier(syncPeriod, syncPeriod, clusterCIDR, "testhost", net.ParseIP("10.0.0.1"), "Overlay") + if proxier == nil { + t.Error() + } + + svcIP := "10.20.30.41" + svcPort := 80 + svcNodePort := 3001 + svcExternalIPs := "50.60.70.81" + svcPortName := proxy.ServicePortName{ + NamespacedName: makeNSN("ns1", "svc1"), + Port: "p80", + } + timeoutSeconds := v1.DefaultClientIPServiceAffinitySeconds + + makeServiceMap(proxier, + makeTestService(svcPortName.Namespace, svcPortName.Name, func(svc *v1.Service) { + svc.Spec.Type = "NodePort" + svc.Spec.ClusterIP = svcIP + svc.Spec.ExternalIPs = []string{svcExternalIPs} + svc.Spec.SessionAffinity = v1.ServiceAffinityClientIP + svc.Spec.SessionAffinityConfig = &v1.SessionAffinityConfig{ + ClientIP: &v1.ClientIPConfig{ + TimeoutSeconds: &timeoutSeconds, + }, + } + svc.Spec.Ports = []v1.ServicePort{{ + Name: svcPortName.Port, + Port: int32(svcPort), + Protocol: v1.ProtocolTCP, + NodePort: int32(svcNodePort), + }} + }), + ) + makeEndpointsMap(proxier) + + proxier.syncProxyRules() + + if proxier.serviceMap[svcPortName].remoteEndpoint == nil { + t.Error() + } + if proxier.serviceMap[svcPortName].remoteEndpoint.ip != svcIP { + t.Error() + } +} +func TestCreateRemoteEndpointOverlay(t *testing.T) { + syncPeriod := 30 * time.Second + proxier := NewFakeProxier(syncPeriod, syncPeriod, clusterCIDR, "testhost", net.ParseIP("10.0.0.1"), "Overlay") + if proxier == nil { + t.Error() + } + + svcIP := "10.20.30.41" + svcPort := 80 + svcNodePort := 3001 + svcPortName := proxy.ServicePortName{ + NamespacedName: makeNSN("ns1", "svc1"), + Port: "p80", + } + + makeServiceMap(proxier, + makeTestService(svcPortName.Namespace, svcPortName.Name, func(svc *v1.Service) { + svc.Spec.Type = "NodePort" + svc.Spec.ClusterIP = svcIP + svc.Spec.Ports = []v1.ServicePort{{ + Name: svcPortName.Port, + Port: int32(svcPort), + Protocol: v1.ProtocolTCP, + NodePort: int32(svcNodePort), + }} + }), + ) + makeEndpointsMap(proxier, + makeTestEndpoints(svcPortName.Namespace, svcPortName.Name, func(ept *v1.Endpoints) { + ept.Subsets = []v1.EndpointSubset{{ + Addresses: []v1.EndpointAddress{{ + IP: epIpAddressRemote, + }}, + Ports: []v1.EndpointPort{{ + Name: svcPortName.Port, + Port: int32(svcPort), + }}, + }} + }), + ) + + proxier.syncProxyRules() + + if proxier.endpointsMap[svcPortName][0].hnsID != guid { + t.Errorf("%v does not match %v", proxier.endpointsMap[svcPortName][0].hnsID, guid) + } +} +func TestCreateRemoteEndpointL2Bridge(t *testing.T) { + syncPeriod := 30 * time.Second + proxier := NewFakeProxier(syncPeriod, syncPeriod, clusterCIDR, "testhost", net.ParseIP("10.0.0.1"), "L2Bridge") + if proxier == nil { + t.Error() + } + + svcIP := "10.20.30.41" + svcPort := 80 + svcNodePort := 3001 + svcPortName := proxy.ServicePortName{ + NamespacedName: makeNSN("ns1", "svc1"), + Port: "p80", + } + + makeServiceMap(proxier, + makeTestService(svcPortName.Namespace, svcPortName.Name, func(svc *v1.Service) { + svc.Spec.Type = "NodePort" + svc.Spec.ClusterIP = svcIP + svc.Spec.Ports = []v1.ServicePort{{ + Name: svcPortName.Port, + Port: int32(svcPort), + Protocol: v1.ProtocolTCP, + NodePort: int32(svcNodePort), + }} + }), + ) + makeEndpointsMap(proxier, + makeTestEndpoints(svcPortName.Namespace, svcPortName.Name, func(ept *v1.Endpoints) { + ept.Subsets = []v1.EndpointSubset{{ + Addresses: []v1.EndpointAddress{{ + IP: epIpAddressRemote, + }}, + Ports: []v1.EndpointPort{{ + Name: svcPortName.Port, + Port: int32(svcPort), + }}, + }} + }), + ) + + proxier.syncProxyRules() + + if proxier.endpointsMap[svcPortName][0].hnsID != guid { + t.Errorf("%v does not match %v", proxier.endpointsMap[svcPortName][0].hnsID, guid) + } +} +func TestCreateLoadBalancer(t *testing.T) { + syncPeriod := 30 * time.Second + proxier := NewFakeProxier(syncPeriod, syncPeriod, clusterCIDR, "testhost", net.ParseIP("10.0.0.1"), "Overlay") + if proxier == nil { + t.Error() + } + + svcIP := "10.20.30.41" + svcPort := 80 + svcNodePort := 3001 + svcPortName := proxy.ServicePortName{ + NamespacedName: makeNSN("ns1", "svc1"), + Port: "p80", + } + + makeServiceMap(proxier, + makeTestService(svcPortName.Namespace, svcPortName.Name, func(svc *v1.Service) { + svc.Spec.Type = "NodePort" + svc.Spec.ClusterIP = svcIP + svc.Spec.Ports = []v1.ServicePort{{ + Name: svcPortName.Port, + Port: int32(svcPort), + Protocol: v1.ProtocolTCP, + NodePort: int32(svcNodePort), + }} + }), + ) + makeEndpointsMap(proxier, + makeTestEndpoints(svcPortName.Namespace, svcPortName.Name, func(ept *v1.Endpoints) { + ept.Subsets = []v1.EndpointSubset{{ + Addresses: []v1.EndpointAddress{{ + IP: epIpAddressRemote, + }}, + Ports: []v1.EndpointPort{{ + Name: svcPortName.Port, + Port: int32(svcPort), + }}, + }} + }), + ) + + proxier.syncProxyRules() + + if proxier.serviceMap[svcPortName].hnsID != guid { + t.Errorf("%v does not match %v", proxier.serviceMap[svcPortName].hnsID, guid) + } +} +func makeNSN(namespace, name string) types.NamespacedName { + return types.NamespacedName{Namespace: namespace, Name: name} +} +func makeServiceMap(proxier *Proxier, allServices ...*v1.Service) { + for i := range allServices { + proxier.OnServiceAdd(allServices[i]) + } + + proxier.mu.Lock() + defer proxier.mu.Unlock() + proxier.servicesSynced = true +} +func makeTestService(namespace, name string, svcFunc func(*v1.Service)) *v1.Service { + svc := &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + Annotations: map[string]string{}, + }, + Spec: v1.ServiceSpec{}, + Status: v1.ServiceStatus{}, + } + svcFunc(svc) + return svc +} + +func makeEndpointsMap(proxier *Proxier, allEndpoints ...*v1.Endpoints) { + for i := range allEndpoints { + proxier.OnEndpointsAdd(allEndpoints[i]) + } + + proxier.mu.Lock() + defer proxier.mu.Unlock() + proxier.endpointsSynced = true +} + +func makeTestEndpoints(namespace, name string, eptFunc func(*v1.Endpoints)) *v1.Endpoints { + ept := &v1.Endpoints{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + } + eptFunc(ept) + return ept +} diff --git a/pkg/quota/v1/OWNERS b/pkg/quota/v1/OWNERS index 3c805833bcc..d812b5d3ee6 100644 --- a/pkg/quota/v1/OWNERS +++ b/pkg/quota/v1/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - derekwaynecarr diff --git a/pkg/quota/v1/evaluator/OWNERS b/pkg/quota/v1/evaluator/OWNERS old mode 100755 new mode 100644 index 722f2bb06ed..906f73ebd4d --- a/pkg/quota/v1/evaluator/OWNERS +++ b/pkg/quota/v1/evaluator/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - deads2k diff --git a/pkg/quota/v1/generic/OWNERS b/pkg/quota/v1/generic/OWNERS old mode 100755 new mode 100644 index 240668b642b..b24e7293ed2 --- a/pkg/quota/v1/generic/OWNERS +++ b/pkg/quota/v1/generic/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - derekwaynecarr diff --git a/pkg/quota/v1/install/OWNERS b/pkg/quota/v1/install/OWNERS old mode 100755 new mode 100644 index 70524d0dad4..622ac58d3ee --- a/pkg/quota/v1/install/OWNERS +++ b/pkg/quota/v1/install/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - derekwaynecarr diff --git a/pkg/registry/BUILD b/pkg/registry/BUILD index ad23225f579..acf2054ffbb 100644 --- a/pkg/registry/BUILD +++ b/pkg/registry/BUILD @@ -72,8 +72,8 @@ filegroup( "//pkg/registry/events/event:all-srcs", "//pkg/registry/events/rest:all-srcs", "//pkg/registry/extensions/controller/storage:all-srcs", - "//pkg/registry/extensions/ingress:all-srcs", "//pkg/registry/extensions/rest:all-srcs", + "//pkg/registry/networking/ingress:all-srcs", "//pkg/registry/networking/networkpolicy:all-srcs", "//pkg/registry/networking/rest:all-srcs", "//pkg/registry/policy/poddisruptionbudget:all-srcs", diff --git a/pkg/registry/OWNERS b/pkg/registry/OWNERS index bb7e84caade..e74d02d1784 100644 --- a/pkg/registry/OWNERS +++ b/pkg/registry/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - lavalamp diff --git a/pkg/registry/apps/OWNERS b/pkg/registry/apps/OWNERS old mode 100755 new mode 100644 index f65afe9ed9a..8af01ebfbdd --- a/pkg/registry/apps/OWNERS +++ b/pkg/registry/apps/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - hongchaodeng diff --git a/pkg/registry/apps/daemonset/BUILD b/pkg/registry/apps/daemonset/BUILD index 68ae8aefac1..97fd09d50ad 100644 --- a/pkg/registry/apps/daemonset/BUILD +++ b/pkg/registry/apps/daemonset/BUILD @@ -18,6 +18,7 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", + "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", diff --git a/pkg/registry/apps/daemonset/strategy.go b/pkg/registry/apps/daemonset/strategy.go index 4edba00eec9..cb621d695af 100644 --- a/pkg/registry/apps/daemonset/strategy.go +++ b/pkg/registry/apps/daemonset/strategy.go @@ -33,6 +33,7 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" + corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // daemonSetStrategy implements verification logic for daemon sets. @@ -115,7 +116,9 @@ func (daemonSetStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime. // Validate validates a new daemon set. func (daemonSetStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { daemonSet := obj.(*apps.DaemonSet) - return validation.ValidateDaemonSet(daemonSet) + allErrs := validation.ValidateDaemonSet(daemonSet) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&daemonSet.Spec.Template, nil, field.NewPath("spec.template"))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -134,6 +137,7 @@ func (daemonSetStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Ob oldDaemonSet := old.(*apps.DaemonSet) allErrs := validation.ValidateDaemonSet(obj.(*apps.DaemonSet)) allErrs = append(allErrs, validation.ValidateDaemonSetUpdate(newDaemonSet, oldDaemonSet)...) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&newDaemonSet.Spec.Template, &oldDaemonSet.Spec.Template, field.NewPath("spec.template"))...) // Update is not allowed to set Spec.Selector for apps/v1 and apps/v1beta2 (allowed for extensions/v1beta1). // If RequestInfo is nil, it is better to revert to old behavior (i.e. allow update to set Spec.Selector) diff --git a/pkg/registry/apps/deployment/BUILD b/pkg/registry/apps/deployment/BUILD index 1ba9a291035..8e67835fde4 100644 --- a/pkg/registry/apps/deployment/BUILD +++ b/pkg/registry/apps/deployment/BUILD @@ -18,6 +18,7 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", + "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/pkg/registry/apps/deployment/strategy.go b/pkg/registry/apps/deployment/strategy.go index f5e9cfe7115..6477a05c906 100644 --- a/pkg/registry/apps/deployment/strategy.go +++ b/pkg/registry/apps/deployment/strategy.go @@ -34,6 +34,7 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" + corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // deploymentStrategy implements behavior for Deployments. @@ -79,7 +80,9 @@ func (deploymentStrategy) PrepareForCreate(ctx context.Context, obj runtime.Obje // Validate validates a new deployment. func (deploymentStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { deployment := obj.(*apps.Deployment) - return validation.ValidateDeployment(deployment) + allErrs := validation.ValidateDeployment(deployment) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&deployment.Spec.Template, nil, field.NewPath("spec.template"))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -113,6 +116,7 @@ func (deploymentStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.O newDeployment := obj.(*apps.Deployment) oldDeployment := old.(*apps.Deployment) allErrs := validation.ValidateDeploymentUpdate(newDeployment, oldDeployment) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&newDeployment.Spec.Template, &oldDeployment.Spec.Template, field.NewPath("spec.template"))...) // Update is not allowed to set Spec.Selector for all groups/versions except extensions/v1beta1. // If RequestInfo is nil, it is better to revert to old behavior (i.e. allow update to set Spec.Selector) diff --git a/pkg/registry/apps/replicaset/BUILD b/pkg/registry/apps/replicaset/BUILD index bce7b57ba80..5784b261e9b 100644 --- a/pkg/registry/apps/replicaset/BUILD +++ b/pkg/registry/apps/replicaset/BUILD @@ -18,6 +18,7 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", + "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", diff --git a/pkg/registry/apps/replicaset/strategy.go b/pkg/registry/apps/replicaset/strategy.go index 57aa5ab81ca..2c83176876f 100644 --- a/pkg/registry/apps/replicaset/strategy.go +++ b/pkg/registry/apps/replicaset/strategy.go @@ -41,6 +41,7 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" + corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // rsStrategy implements verification logic for ReplicaSets. @@ -108,7 +109,9 @@ func (rsStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) // Validate validates a new ReplicaSet. func (rsStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { rs := obj.(*apps.ReplicaSet) - return validation.ValidateReplicaSet(rs) + allErrs := validation.ValidateReplicaSet(rs) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&rs.Spec.Template, nil, field.NewPath("spec.template"))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -127,6 +130,7 @@ func (rsStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) f oldReplicaSet := old.(*apps.ReplicaSet) allErrs := validation.ValidateReplicaSet(obj.(*apps.ReplicaSet)) allErrs = append(allErrs, validation.ValidateReplicaSetUpdate(newReplicaSet, oldReplicaSet)...) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&newReplicaSet.Spec.Template, &oldReplicaSet.Spec.Template, field.NewPath("spec.template"))...) // Update is not allowed to set Spec.Selector for all groups/versions except extensions/v1beta1. // If RequestInfo is nil, it is better to revert to old behavior (i.e. allow update to set Spec.Selector) diff --git a/pkg/registry/apps/statefulset/BUILD b/pkg/registry/apps/statefulset/BUILD index 91d62f93092..b20cedbfc39 100644 --- a/pkg/registry/apps/statefulset/BUILD +++ b/pkg/registry/apps/statefulset/BUILD @@ -18,6 +18,7 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", + "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", diff --git a/pkg/registry/apps/statefulset/strategy.go b/pkg/registry/apps/statefulset/strategy.go index c3dc71d1188..2925702fe41 100644 --- a/pkg/registry/apps/statefulset/strategy.go +++ b/pkg/registry/apps/statefulset/strategy.go @@ -32,6 +32,7 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" + corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // statefulSetStrategy implements verification logic for Replication StatefulSets. @@ -96,7 +97,9 @@ func (statefulSetStrategy) PrepareForUpdate(ctx context.Context, obj, old runtim // Validate validates a new StatefulSet. func (statefulSetStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { statefulSet := obj.(*apps.StatefulSet) - return validation.ValidateStatefulSet(statefulSet) + allErrs := validation.ValidateStatefulSet(statefulSet) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&statefulSet.Spec.Template, nil, field.NewPath("spec.template"))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -110,8 +113,11 @@ func (statefulSetStrategy) AllowCreateOnUpdate() bool { // ValidateUpdate is the default update validation for an end user. func (statefulSetStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - validationErrorList := validation.ValidateStatefulSet(obj.(*apps.StatefulSet)) - updateErrorList := validation.ValidateStatefulSetUpdate(obj.(*apps.StatefulSet), old.(*apps.StatefulSet)) + newStatefulSet := obj.(*apps.StatefulSet) + oldStatefulSet := old.(*apps.StatefulSet) + validationErrorList := validation.ValidateStatefulSet(newStatefulSet) + updateErrorList := validation.ValidateStatefulSetUpdate(newStatefulSet, oldStatefulSet) + updateErrorList = append(updateErrorList, corevalidation.ValidateConditionalPodTemplate(&newStatefulSet.Spec.Template, &oldStatefulSet.Spec.Template, field.NewPath("spec.template"))...) return append(validationErrorList, updateErrorList...) } diff --git a/pkg/registry/authentication/OWNERS b/pkg/registry/authentication/OWNERS old mode 100755 new mode 100644 index c607d2aa8c5..3e05d309be5 --- a/pkg/registry/authentication/OWNERS +++ b/pkg/registry/authentication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/pkg/registry/authorization/OWNERS b/pkg/registry/authorization/OWNERS old mode 100755 new mode 100644 index cd0d70a0f8f..7b3130fdcbc --- a/pkg/registry/authorization/OWNERS +++ b/pkg/registry/authorization/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/pkg/registry/autoscaling/OWNERS b/pkg/registry/autoscaling/OWNERS old mode 100755 new mode 100644 index f65afe9ed9a..8af01ebfbdd --- a/pkg/registry/autoscaling/OWNERS +++ b/pkg/registry/autoscaling/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - hongchaodeng diff --git a/pkg/registry/batch/OWNERS b/pkg/registry/batch/OWNERS old mode 100755 new mode 100644 index f65afe9ed9a..8af01ebfbdd --- a/pkg/registry/batch/OWNERS +++ b/pkg/registry/batch/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - hongchaodeng diff --git a/pkg/registry/batch/cronjob/BUILD b/pkg/registry/batch/cronjob/BUILD index 40cc472645c..f92330d56ad 100644 --- a/pkg/registry/batch/cronjob/BUILD +++ b/pkg/registry/batch/cronjob/BUILD @@ -18,6 +18,7 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/batch/validation:go_default_library", + "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/batch/v1beta1:go_default_library", "//staging/src/k8s.io/api/batch/v2alpha1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", diff --git a/pkg/registry/batch/cronjob/strategy.go b/pkg/registry/batch/cronjob/strategy.go index d23a5cdbdf2..a261bc548de 100644 --- a/pkg/registry/batch/cronjob/strategy.go +++ b/pkg/registry/batch/cronjob/strategy.go @@ -31,6 +31,7 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/batch" "k8s.io/kubernetes/pkg/apis/batch/validation" + corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // cronJobStrategy implements verification logic for Replication Controllers. @@ -83,7 +84,9 @@ func (cronJobStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Ob // Validate validates a new scheduled job. func (cronJobStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { cronJob := obj.(*batch.CronJob) - return validation.ValidateCronJob(cronJob) + allErrs := validation.ValidateCronJob(cronJob) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&cronJob.Spec.JobTemplate.Spec.Template, nil, field.NewPath("spec.jobTemplate.spec.template"))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -101,7 +104,14 @@ func (cronJobStrategy) AllowCreateOnUpdate() bool { // ValidateUpdate is the default update validation for an end user. func (cronJobStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - return validation.ValidateCronJobUpdate(obj.(*batch.CronJob), old.(*batch.CronJob)) + newCronJob := obj.(*batch.CronJob) + oldCronJob := old.(*batch.CronJob) + allErrs := validation.ValidateCronJobUpdate(newCronJob, oldCronJob) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate( + &newCronJob.Spec.JobTemplate.Spec.Template, + &oldCronJob.Spec.JobTemplate.Spec.Template, + field.NewPath("spec.jobTemplate.spec.template"))...) + return allErrs } type cronJobStatusStrategy struct { diff --git a/pkg/registry/batch/job/BUILD b/pkg/registry/batch/job/BUILD index d61f5bae717..b70fed923a1 100644 --- a/pkg/registry/batch/job/BUILD +++ b/pkg/registry/batch/job/BUILD @@ -18,6 +18,7 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/batch/validation:go_default_library", + "//pkg/apis/core/validation:go_default_library", "//pkg/features:go_default_library", "//staging/src/k8s.io/api/batch/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/pkg/registry/batch/job/strategy.go b/pkg/registry/batch/job/strategy.go index 4f4acaa5cfd..e6ece3d538d 100644 --- a/pkg/registry/batch/job/strategy.go +++ b/pkg/registry/batch/job/strategy.go @@ -38,6 +38,7 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/batch" "k8s.io/kubernetes/pkg/apis/batch/validation" + corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" "k8s.io/kubernetes/pkg/features" ) @@ -103,7 +104,9 @@ func (jobStrategy) Validate(ctx context.Context, obj runtime.Object) field.Error if job.Spec.ManualSelector == nil || *job.Spec.ManualSelector == false { generateSelector(job) } - return validation.ValidateJob(job) + allErrs := validation.ValidateJob(job) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&job.Spec.Template, nil, field.NewPath("spec.template"))...) + return allErrs } // generateSelector adds a selector to a job and labels to its template @@ -171,8 +174,11 @@ func (jobStrategy) AllowCreateOnUpdate() bool { // ValidateUpdate is the default update validation for an end user. func (jobStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - validationErrorList := validation.ValidateJob(obj.(*batch.Job)) - updateErrorList := validation.ValidateJobUpdate(obj.(*batch.Job), old.(*batch.Job)) + job := obj.(*batch.Job) + oldJob := old.(*batch.Job) + validationErrorList := validation.ValidateJob(job) + updateErrorList := validation.ValidateJobUpdate(job, oldJob) + updateErrorList = append(updateErrorList, corevalidation.ValidateConditionalPodTemplate(&job.Spec.Template, &oldJob.Spec.Template, field.NewPath("spec.template"))...) return append(validationErrorList, updateErrorList...) } diff --git a/pkg/registry/cachesize/OWNERS b/pkg/registry/cachesize/OWNERS old mode 100755 new mode 100644 index 9ab7358dc06..1306faffe2c --- a/pkg/registry/cachesize/OWNERS +++ b/pkg/registry/cachesize/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - wojtek-t - gmarek diff --git a/pkg/registry/certificates/OWNERS b/pkg/registry/certificates/OWNERS old mode 100755 new mode 100644 index 470b7a1c92d..3cf03643835 --- a/pkg/registry/certificates/OWNERS +++ b/pkg/registry/certificates/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-certificates-approvers reviewers: diff --git a/pkg/registry/certificates/certificates/strategy.go b/pkg/registry/certificates/certificates/strategy.go index 82830ea6ee3..7bfbd537532 100644 --- a/pkg/registry/certificates/certificates/strategy.go +++ b/pkg/registry/certificates/certificates/strategy.go @@ -40,7 +40,7 @@ type csrStrategy struct { // CSR objects. var Strategy = csrStrategy{legacyscheme.Scheme, names.SimpleNameGenerator} -// NamespaceScoped is true for CSRs. +// NamespaceScoped is false for CSRs. func (csrStrategy) NamespaceScoped() bool { return false } diff --git a/pkg/registry/core/OWNERS b/pkg/registry/core/OWNERS old mode 100755 new mode 100644 index 351e0076895..a10065cc7af --- a/pkg/registry/core/OWNERS +++ b/pkg/registry/core/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - wojtek-t - deads2k diff --git a/pkg/registry/core/endpoint/strategy.go b/pkg/registry/core/endpoint/strategy.go index bd6ede7cd87..3b90fe6afd2 100644 --- a/pkg/registry/core/endpoint/strategy.go +++ b/pkg/registry/core/endpoint/strategy.go @@ -53,7 +53,9 @@ func (endpointsStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime. // Validate validates a new endpoints. func (endpointsStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { - return validation.ValidateEndpoints(obj.(*api.Endpoints)) + allErrs := validation.ValidateEndpoints(obj.(*api.Endpoints)) + allErrs = append(allErrs, validation.ValidateConditionalEndpoints(obj.(*api.Endpoints), nil)...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -70,7 +72,9 @@ func (endpointsStrategy) AllowCreateOnUpdate() bool { // ValidateUpdate is the default update validation for an end user. func (endpointsStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { errorList := validation.ValidateEndpoints(obj.(*api.Endpoints)) - return append(errorList, validation.ValidateEndpointsUpdate(obj.(*api.Endpoints), old.(*api.Endpoints))...) + errorList = append(errorList, validation.ValidateEndpointsUpdate(obj.(*api.Endpoints), old.(*api.Endpoints))...) + errorList = append(errorList, validation.ValidateConditionalEndpoints(obj.(*api.Endpoints), old.(*api.Endpoints))...) + return errorList } func (endpointsStrategy) AllowUnconditionalUpdate() bool { diff --git a/pkg/registry/core/pod/strategy.go b/pkg/registry/core/pod/strategy.go index eed0d70b861..086b0850d51 100644 --- a/pkg/registry/core/pod/strategy.go +++ b/pkg/registry/core/pod/strategy.go @@ -84,7 +84,9 @@ func (podStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object // Validate validates a new pod. func (podStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { pod := obj.(*api.Pod) - return validation.ValidatePod(pod) + allErrs := validation.ValidatePod(pod) + allErrs = append(allErrs, validation.ValidateConditionalPod(pod, nil, field.NewPath(""))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -99,7 +101,9 @@ func (podStrategy) AllowCreateOnUpdate() bool { // ValidateUpdate is the default update validation for an end user. func (podStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { errorList := validation.ValidatePod(obj.(*api.Pod)) - return append(errorList, validation.ValidatePodUpdate(obj.(*api.Pod), old.(*api.Pod))...) + errorList = append(errorList, validation.ValidatePodUpdate(obj.(*api.Pod), old.(*api.Pod))...) + errorList = append(errorList, validation.ValidateConditionalPod(obj.(*api.Pod), old.(*api.Pod), field.NewPath(""))...) + return errorList } // AllowUnconditionalUpdate allows pods to be overwritten diff --git a/pkg/registry/core/podtemplate/strategy.go b/pkg/registry/core/podtemplate/strategy.go index 8ce614cbf3d..ef18f87effb 100644 --- a/pkg/registry/core/podtemplate/strategy.go +++ b/pkg/registry/core/podtemplate/strategy.go @@ -26,6 +26,7 @@ import ( "k8s.io/kubernetes/pkg/api/pod" api "k8s.io/kubernetes/pkg/apis/core" "k8s.io/kubernetes/pkg/apis/core/validation" + corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // podTemplateStrategy implements behavior for PodTemplates @@ -52,8 +53,10 @@ func (podTemplateStrategy) PrepareForCreate(ctx context.Context, obj runtime.Obj // Validate validates a new pod template. func (podTemplateStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { - pod := obj.(*api.PodTemplate) - return validation.ValidatePodTemplate(pod) + template := obj.(*api.PodTemplate) + allErrs := validation.ValidatePodTemplate(template) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&template.Template, nil, field.NewPath("template"))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -75,7 +78,11 @@ func (podTemplateStrategy) PrepareForUpdate(ctx context.Context, obj, old runtim // ValidateUpdate is the default update validation for an end user. func (podTemplateStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - return validation.ValidatePodTemplateUpdate(obj.(*api.PodTemplate), old.(*api.PodTemplate)) + template := obj.(*api.PodTemplate) + oldTemplate := old.(*api.PodTemplate) + allErrs := validation.ValidatePodTemplateUpdate(template, oldTemplate) + allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&template.Template, &oldTemplate.Template, field.NewPath("template"))...) + return allErrs } func (podTemplateStrategy) AllowUnconditionalUpdate() bool { diff --git a/pkg/registry/core/replicationcontroller/strategy.go b/pkg/registry/core/replicationcontroller/strategy.go index 9a718f2a26a..f52bab09358 100644 --- a/pkg/registry/core/replicationcontroller/strategy.go +++ b/pkg/registry/core/replicationcontroller/strategy.go @@ -108,7 +108,9 @@ func (rcStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) // Validate validates a new replication controller. func (rcStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { controller := obj.(*api.ReplicationController) - return validation.ValidateReplicationController(controller) + allErrs := validation.ValidateReplicationController(controller) + allErrs = append(allErrs, validation.ValidateConditionalPodTemplate(controller.Spec.Template, nil, field.NewPath("spec.template"))...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -128,6 +130,7 @@ func (rcStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) f validationErrorList := validation.ValidateReplicationController(newRc) updateErrorList := validation.ValidateReplicationControllerUpdate(newRc, oldRc) + updateErrorList = append(updateErrorList, validation.ValidateConditionalPodTemplate(newRc.Spec.Template, oldRc.Spec.Template, field.NewPath("spec.template"))...) errs := append(validationErrorList, updateErrorList...) for key, value := range helper.NonConvertibleFields(oldRc.Annotations) { diff --git a/pkg/registry/core/service/storage/rest.go b/pkg/registry/core/service/storage/rest.go index b0a54a21951..fe337d247f7 100644 --- a/pkg/registry/core/service/storage/rest.go +++ b/pkg/registry/core/service/storage/rest.go @@ -337,6 +337,18 @@ func (rs *REST) healthCheckNodePortUpdate(oldService, service *api.Service, node func (rs *REST) Update(ctx context.Context, name string, objInfo rest.UpdatedObjectInfo, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc, forceAllowCreate bool, options *metav1.UpdateOptions) (runtime.Object, bool, error) { oldObj, err := rs.services.Get(ctx, name, &metav1.GetOptions{}) if err != nil { + // Support create on update, if forced to. + if forceAllowCreate { + obj, err := objInfo.UpdatedObject(ctx, nil) + if err != nil { + return nil, false, err + } + createdObj, err := rs.Create(ctx, obj, createValidation, &metav1.CreateOptions{DryRun: options.DryRun}) + if err != nil { + return nil, false, err + } + return createdObj, true, nil + } return nil, false, err } oldService := oldObj.(*api.Service) diff --git a/pkg/registry/core/service/strategy.go b/pkg/registry/core/service/strategy.go index 71cdda7f1c5..d296a613116 100644 --- a/pkg/registry/core/service/strategy.go +++ b/pkg/registry/core/service/strategy.go @@ -59,7 +59,9 @@ func (svcStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object // Validate validates a new service. func (svcStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { service := obj.(*api.Service) - return validation.ValidateService(service) + allErrs := validation.ValidateService(service) + allErrs = append(allErrs, validation.ValidateConditionalService(service, nil)...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -71,7 +73,9 @@ func (svcStrategy) AllowCreateOnUpdate() bool { } func (svcStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - return validation.ValidateServiceUpdate(obj.(*api.Service), old.(*api.Service)) + allErrs := validation.ValidateServiceUpdate(obj.(*api.Service), old.(*api.Service)) + allErrs = append(allErrs, validation.ValidateConditionalService(obj.(*api.Service), old.(*api.Service))...) + return allErrs } func (svcStrategy) AllowUnconditionalUpdate() bool { diff --git a/pkg/registry/core/serviceaccount/OWNERS b/pkg/registry/core/serviceaccount/OWNERS index 1d5fd2603f2..d41c6a96bd1 100644 --- a/pkg/registry/core/serviceaccount/OWNERS +++ b/pkg/registry/core/serviceaccount/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - mikedanese - liggitt diff --git a/pkg/registry/events/OWNERS b/pkg/registry/events/OWNERS index d9ecd88564b..809c2fc457c 100644 --- a/pkg/registry/events/OWNERS +++ b/pkg/registry/events/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - gmarek - deads2k diff --git a/pkg/registry/extensions/OWNERS b/pkg/registry/extensions/OWNERS old mode 100755 new mode 100644 index 56781122598..bd48884cc9e --- a/pkg/registry/extensions/OWNERS +++ b/pkg/registry/extensions/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - hongchaodeng diff --git a/pkg/registry/extensions/rest/BUILD b/pkg/registry/extensions/rest/BUILD index 175438fc64e..35f0f05f267 100644 --- a/pkg/registry/extensions/rest/BUILD +++ b/pkg/registry/extensions/rest/BUILD @@ -16,7 +16,7 @@ go_library( "//pkg/registry/apps/deployment/storage:go_default_library", "//pkg/registry/apps/replicaset/storage:go_default_library", "//pkg/registry/extensions/controller/storage:go_default_library", - "//pkg/registry/extensions/ingress/storage:go_default_library", + "//pkg/registry/networking/ingress/storage:go_default_library", "//pkg/registry/networking/networkpolicy/storage:go_default_library", "//pkg/registry/policy/podsecuritypolicy/storage:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/pkg/registry/extensions/rest/storage_extensions.go b/pkg/registry/extensions/rest/storage_extensions.go index 83bdce27c31..0a1fa286dcb 100644 --- a/pkg/registry/extensions/rest/storage_extensions.go +++ b/pkg/registry/extensions/rest/storage_extensions.go @@ -28,7 +28,7 @@ import ( deploymentstore "k8s.io/kubernetes/pkg/registry/apps/deployment/storage" replicasetstore "k8s.io/kubernetes/pkg/registry/apps/replicaset/storage" expcontrollerstore "k8s.io/kubernetes/pkg/registry/extensions/controller/storage" - ingressstore "k8s.io/kubernetes/pkg/registry/extensions/ingress/storage" + ingressstore "k8s.io/kubernetes/pkg/registry/networking/ingress/storage" networkpolicystore "k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage" pspstore "k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy/storage" ) diff --git a/pkg/registry/extensions/ingress/BUILD b/pkg/registry/networking/ingress/BUILD similarity index 81% rename from pkg/registry/extensions/ingress/BUILD rename to pkg/registry/networking/ingress/BUILD index 51441e648db..21dca0ec848 100644 --- a/pkg/registry/extensions/ingress/BUILD +++ b/pkg/registry/networking/ingress/BUILD @@ -12,11 +12,11 @@ go_library( "doc.go", "strategy.go", ], - importpath = "k8s.io/kubernetes/pkg/registry/extensions/ingress", + importpath = "k8s.io/kubernetes/pkg/registry/networking/ingress", deps = [ "//pkg/api/legacyscheme:go_default_library", - "//pkg/apis/extensions:go_default_library", - "//pkg/apis/extensions/validation:go_default_library", + "//pkg/apis/networking:go_default_library", + "//pkg/apis/networking/validation:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", @@ -30,7 +30,7 @@ go_test( embed = [":go_default_library"], deps = [ "//pkg/apis/core:go_default_library", - "//pkg/apis/extensions:go_default_library", + "//pkg/apis/networking:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", "//staging/src/k8s.io/apiserver/pkg/endpoints/request:go_default_library", @@ -48,7 +48,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//pkg/registry/extensions/ingress/storage:all-srcs", + "//pkg/registry/networking/ingress/storage:all-srcs", ], tags = ["automanaged"], ) diff --git a/pkg/registry/extensions/ingress/doc.go b/pkg/registry/networking/ingress/doc.go similarity index 87% rename from pkg/registry/extensions/ingress/doc.go rename to pkg/registry/networking/ingress/doc.go index b8c38ed3854..c89d1f09e4a 100644 --- a/pkg/registry/extensions/ingress/doc.go +++ b/pkg/registry/networking/ingress/doc.go @@ -14,4 +14,4 @@ See the License for the specific language governing permissions and limitations under the License. */ -package ingress // import "k8s.io/kubernetes/pkg/registry/extensions/ingress" +package ingress // import "k8s.io/kubernetes/pkg/registry/networking/ingress" diff --git a/pkg/registry/extensions/ingress/storage/BUILD b/pkg/registry/networking/ingress/storage/BUILD similarity index 89% rename from pkg/registry/extensions/ingress/storage/BUILD rename to pkg/registry/networking/ingress/storage/BUILD index 9c27165f713..36786231d03 100644 --- a/pkg/registry/extensions/ingress/storage/BUILD +++ b/pkg/registry/networking/ingress/storage/BUILD @@ -13,6 +13,7 @@ go_test( deps = [ "//pkg/apis/core:go_default_library", "//pkg/apis/extensions:go_default_library", + "//pkg/apis/networking:go_default_library", "//pkg/registry/registrytest:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/fields:go_default_library", @@ -28,13 +29,14 @@ go_test( go_library( name = "go_default_library", srcs = ["storage.go"], - importpath = "k8s.io/kubernetes/pkg/registry/extensions/ingress/storage", + importpath = "k8s.io/kubernetes/pkg/registry/networking/ingress/storage", deps = [ "//pkg/apis/extensions:go_default_library", + "//pkg/apis/networking:go_default_library", "//pkg/printers:go_default_library", "//pkg/printers/internalversion:go_default_library", "//pkg/printers/storage:go_default_library", - "//pkg/registry/extensions/ingress:go_default_library", + "//pkg/registry/networking/ingress:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", diff --git a/pkg/registry/extensions/ingress/storage/storage.go b/pkg/registry/networking/ingress/storage/storage.go similarity index 88% rename from pkg/registry/extensions/ingress/storage/storage.go rename to pkg/registry/networking/ingress/storage/storage.go index da7da8574ab..bf19d3d0f0a 100644 --- a/pkg/registry/extensions/ingress/storage/storage.go +++ b/pkg/registry/networking/ingress/storage/storage.go @@ -25,13 +25,14 @@ import ( genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "k8s.io/kubernetes/pkg/apis/extensions" + "k8s.io/kubernetes/pkg/apis/networking" "k8s.io/kubernetes/pkg/printers" printersinternal "k8s.io/kubernetes/pkg/printers/internalversion" printerstorage "k8s.io/kubernetes/pkg/printers/storage" - "k8s.io/kubernetes/pkg/registry/extensions/ingress" + "k8s.io/kubernetes/pkg/registry/networking/ingress" ) -// rest implements a RESTStorage for replication controllers +// REST implements a RESTStorage for replication controllers type REST struct { *genericregistry.Store } @@ -39,8 +40,8 @@ type REST struct { // NewREST returns a RESTStorage object that will work against replication controllers. func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) { store := &genericregistry.Store{ - NewFunc: func() runtime.Object { return &extensions.Ingress{} }, - NewListFunc: func() runtime.Object { return &extensions.IngressList{} }, + NewFunc: func() runtime.Object { return &networking.Ingress{} }, + NewListFunc: func() runtime.Object { return &networking.IngressList{} }, DefaultQualifiedResource: extensions.Resource("ingresses"), CreateStrategy: ingress.Strategy, @@ -72,8 +73,9 @@ type StatusREST struct { store *genericregistry.Store } +// New creates an instance of the StatusREST object func (r *StatusREST) New() runtime.Object { - return &extensions.Ingress{} + return &networking.Ingress{} } // Get retrieves the object from the storage. It is required to support Patch. diff --git a/pkg/registry/extensions/ingress/storage/storage_test.go b/pkg/registry/networking/ingress/storage/storage_test.go similarity index 83% rename from pkg/registry/extensions/ingress/storage/storage_test.go rename to pkg/registry/networking/ingress/storage/storage_test.go index f1643f59de6..cb38d59bd72 100644 --- a/pkg/registry/extensions/ingress/storage/storage_test.go +++ b/pkg/registry/networking/ingress/storage/storage_test.go @@ -29,6 +29,7 @@ import ( etcdtesting "k8s.io/apiserver/pkg/storage/etcd/testing" api "k8s.io/kubernetes/pkg/apis/core" "k8s.io/kubernetes/pkg/apis/extensions" + "k8s.io/kubernetes/pkg/apis/networking" "k8s.io/kubernetes/pkg/registry/registrytest" ) @@ -53,19 +54,19 @@ var ( defaultLoadBalancer = "127.0.0.1" defaultPath = "/foo" defaultPathMap = map[string]string{defaultPath: defaultBackendName} - defaultTLS = []extensions.IngressTLS{ + defaultTLS = []networking.IngressTLS{ {Hosts: []string{"foo.bar.com", "*.bar.com"}, SecretName: "fooSecret"}, } ) type IngressRuleValues map[string]string -func toHTTPIngressPaths(pathMap map[string]string) []extensions.HTTPIngressPath { - httpPaths := []extensions.HTTPIngressPath{} +func toHTTPIngressPaths(pathMap map[string]string) []networking.HTTPIngressPath { + httpPaths := []networking.HTTPIngressPath{} for path, backend := range pathMap { - httpPaths = append(httpPaths, extensions.HTTPIngressPath{ + httpPaths = append(httpPaths, networking.HTTPIngressPath{ Path: path, - Backend: extensions.IngressBackend{ + Backend: networking.IngressBackend{ ServiceName: backend, ServicePort: defaultBackendPort, }, @@ -74,13 +75,13 @@ func toHTTPIngressPaths(pathMap map[string]string) []extensions.HTTPIngressPath return httpPaths } -func toIngressRules(hostRules map[string]IngressRuleValues) []extensions.IngressRule { - rules := []extensions.IngressRule{} +func toIngressRules(hostRules map[string]IngressRuleValues) []networking.IngressRule { + rules := []networking.IngressRule{} for host, pathMap := range hostRules { - rules = append(rules, extensions.IngressRule{ + rules = append(rules, networking.IngressRule{ Host: host, - IngressRuleValue: extensions.IngressRuleValue{ - HTTP: &extensions.HTTPIngressRuleValue{ + IngressRuleValue: networking.IngressRuleValue{ + HTTP: &networking.HTTPIngressRuleValue{ Paths: toHTTPIngressPaths(pathMap), }, }, @@ -89,14 +90,14 @@ func toIngressRules(hostRules map[string]IngressRuleValues) []extensions.Ingress return rules } -func newIngress(pathMap map[string]string) *extensions.Ingress { - return &extensions.Ingress{ +func newIngress(pathMap map[string]string) *networking.Ingress { + return &networking.Ingress{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: extensions.IngressSpec{ - Backend: &extensions.IngressBackend{ + Spec: networking.IngressSpec{ + Backend: &networking.IngressBackend{ ServiceName: defaultBackendName, ServicePort: defaultBackendPort, }, @@ -105,7 +106,7 @@ func newIngress(pathMap map[string]string) *extensions.Ingress { }), TLS: defaultTLS, }, - Status: extensions.IngressStatus{ + Status: networking.IngressStatus{ LoadBalancer: api.LoadBalancerStatus{ Ingress: []api.LoadBalancerIngress{ {IP: defaultLoadBalancer}, @@ -115,7 +116,7 @@ func newIngress(pathMap map[string]string) *extensions.Ingress { } } -func validIngress() *extensions.Ingress { +func validIngress() *networking.Ingress { return newIngress(defaultPathMap) } @@ -126,8 +127,8 @@ func TestCreate(t *testing.T) { test := genericregistrytest.New(t, storage.Store) ingress := validIngress() noDefaultBackendAndRules := validIngress() - noDefaultBackendAndRules.Spec.Backend = &extensions.IngressBackend{} - noDefaultBackendAndRules.Spec.Rules = []extensions.IngressRule{} + noDefaultBackendAndRules.Spec.Backend = &networking.IngressBackend{} + noDefaultBackendAndRules.Spec.Rules = []networking.IngressRule{} badPath := validIngress() badPath.Spec.Rules = toIngressRules(map[string]IngressRuleValues{ "foo.bar.com": {"/invalid[": "svc"}}) @@ -149,11 +150,11 @@ func TestUpdate(t *testing.T) { validIngress(), // updateFunc func(obj runtime.Object) runtime.Object { - object := obj.(*extensions.Ingress) + object := obj.(*networking.Ingress) object.Spec.Rules = toIngressRules(map[string]IngressRuleValues{ "bar.foo.com": {"/bar": defaultBackendName}, }) - object.Spec.TLS = append(object.Spec.TLS, extensions.IngressTLS{ + object.Spec.TLS = append(object.Spec.TLS, networking.IngressTLS{ Hosts: []string{"*.google.com"}, SecretName: "googleSecret", }) @@ -161,13 +162,13 @@ func TestUpdate(t *testing.T) { }, // invalid updateFunc: ObjeceMeta is not to be tampered with. func(obj runtime.Object) runtime.Object { - object := obj.(*extensions.Ingress) + object := obj.(*networking.Ingress) object.Name = "" return object }, func(obj runtime.Object) runtime.Object { - object := obj.(*extensions.Ingress) + object := obj.(*networking.Ingress) object.Spec.Rules = toIngressRules(map[string]IngressRuleValues{ "foo.bar.com": {"/invalid[": "svc"}}) return object diff --git a/pkg/registry/extensions/ingress/strategy.go b/pkg/registry/networking/ingress/strategy.go similarity index 82% rename from pkg/registry/extensions/ingress/strategy.go rename to pkg/registry/networking/ingress/strategy.go index 1dc2efbd47e..a8c3696ce89 100644 --- a/pkg/registry/extensions/ingress/strategy.go +++ b/pkg/registry/networking/ingress/strategy.go @@ -24,8 +24,8 @@ import ( "k8s.io/apimachinery/pkg/util/validation/field" "k8s.io/apiserver/pkg/storage/names" "k8s.io/kubernetes/pkg/api/legacyscheme" - "k8s.io/kubernetes/pkg/apis/extensions" - "k8s.io/kubernetes/pkg/apis/extensions/validation" + "k8s.io/kubernetes/pkg/apis/networking" + "k8s.io/kubernetes/pkg/apis/networking/validation" ) // ingressStrategy implements verification logic for Replication Ingresss. @@ -44,17 +44,17 @@ func (ingressStrategy) NamespaceScoped() bool { // PrepareForCreate clears the status of an Ingress before creation. func (ingressStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) { - ingress := obj.(*extensions.Ingress) + ingress := obj.(*networking.Ingress) // create cannot set status - ingress.Status = extensions.IngressStatus{} + ingress.Status = networking.IngressStatus{} ingress.Generation = 1 } // PrepareForUpdate clears fields that are not allowed to be set by end users on update. func (ingressStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { - newIngress := obj.(*extensions.Ingress) - oldIngress := old.(*extensions.Ingress) + newIngress := obj.(*networking.Ingress) + oldIngress := old.(*networking.Ingress) // Update is not allowed to set status newIngress.Status = oldIngress.Status @@ -69,7 +69,7 @@ func (ingressStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Ob // Validate validates a new Ingress. func (ingressStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { - ingress := obj.(*extensions.Ingress) + ingress := obj.(*networking.Ingress) err := validation.ValidateIngress(ingress) return err } @@ -85,8 +85,8 @@ func (ingressStrategy) AllowCreateOnUpdate() bool { // ValidateUpdate is the default update validation for an end user. func (ingressStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - validationErrorList := validation.ValidateIngress(obj.(*extensions.Ingress)) - updateErrorList := validation.ValidateIngressUpdate(obj.(*extensions.Ingress), old.(*extensions.Ingress)) + validationErrorList := validation.ValidateIngress(obj.(*networking.Ingress)) + updateErrorList := validation.ValidateIngressUpdate(obj.(*networking.Ingress), old.(*networking.Ingress)) return append(validationErrorList, updateErrorList...) } @@ -99,17 +99,18 @@ type ingressStatusStrategy struct { ingressStrategy } +// StatusStrategy implements logic used to validate and prepare for updates of the status subresource var StatusStrategy = ingressStatusStrategy{Strategy} // PrepareForUpdate clears fields that are not allowed to be set by end users on update of status func (ingressStatusStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { - newIngress := obj.(*extensions.Ingress) - oldIngress := old.(*extensions.Ingress) + newIngress := obj.(*networking.Ingress) + oldIngress := old.(*networking.Ingress) // status changes are not allowed to update spec newIngress.Spec = oldIngress.Spec } // ValidateUpdate is the default update validation for an end user updating status func (ingressStatusStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - return validation.ValidateIngressStatusUpdate(obj.(*extensions.Ingress), old.(*extensions.Ingress)) + return validation.ValidateIngressStatusUpdate(obj.(*networking.Ingress), old.(*networking.Ingress)) } diff --git a/pkg/registry/extensions/ingress/strategy_test.go b/pkg/registry/networking/ingress/strategy_test.go similarity index 86% rename from pkg/registry/extensions/ingress/strategy_test.go rename to pkg/registry/networking/ingress/strategy_test.go index e12b79ff912..ed8ff18de85 100644 --- a/pkg/registry/extensions/ingress/strategy_test.go +++ b/pkg/registry/networking/ingress/strategy_test.go @@ -23,30 +23,30 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" genericapirequest "k8s.io/apiserver/pkg/endpoints/request" api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/extensions" + "k8s.io/kubernetes/pkg/apis/networking" ) -func newIngress() extensions.Ingress { - defaultBackend := extensions.IngressBackend{ +func newIngress() networking.Ingress { + defaultBackend := networking.IngressBackend{ ServiceName: "default-backend", ServicePort: intstr.FromInt(80), } - return extensions.Ingress{ + return networking.Ingress{ ObjectMeta: metav1.ObjectMeta{ Name: "foo", Namespace: metav1.NamespaceDefault, }, - Spec: extensions.IngressSpec{ - Backend: &extensions.IngressBackend{ + Spec: networking.IngressSpec{ + Backend: &networking.IngressBackend{ ServiceName: "default-backend", ServicePort: intstr.FromInt(80), }, - Rules: []extensions.IngressRule{ + Rules: []networking.IngressRule{ { Host: "foo.bar.com", - IngressRuleValue: extensions.IngressRuleValue{ - HTTP: &extensions.HTTPIngressRuleValue{ - Paths: []extensions.HTTPIngressPath{ + IngressRuleValue: networking.IngressRuleValue{ + HTTP: &networking.HTTPIngressRuleValue{ + Paths: []networking.HTTPIngressPath{ { Path: "/foo", Backend: defaultBackend, @@ -57,7 +57,7 @@ func newIngress() extensions.Ingress { }, }, }, - Status: extensions.IngressStatus{ + Status: networking.IngressStatus{ LoadBalancer: api.LoadBalancerStatus{ Ingress: []api.LoadBalancerIngress{ {IP: "127.0.0.1"}, @@ -87,7 +87,7 @@ func TestIngressStrategy(t *testing.T) { } invalidIngress := newIngress() invalidIngress.ResourceVersion = "4" - invalidIngress.Spec = extensions.IngressSpec{} + invalidIngress.Spec = networking.IngressSpec{} Strategy.PrepareForUpdate(ctx, &invalidIngress, &ingress) errs = Strategy.ValidateUpdate(ctx, &invalidIngress, &ingress) if len(errs) == 0 { @@ -111,7 +111,7 @@ func TestIngressStatusStrategy(t *testing.T) { oldIngress.ResourceVersion = "4" newIngress.ResourceVersion = "4" newIngress.Spec.Backend.ServiceName = "ignore" - newIngress.Status = extensions.IngressStatus{ + newIngress.Status = networking.IngressStatus{ LoadBalancer: api.LoadBalancerStatus{ Ingress: []api.LoadBalancerIngress{ {IP: "127.0.0.2"}, diff --git a/pkg/registry/networking/networkpolicy/strategy.go b/pkg/registry/networking/networkpolicy/strategy.go index 8dc3ea7edea..521c37585b8 100644 --- a/pkg/registry/networking/networkpolicy/strategy.go +++ b/pkg/registry/networking/networkpolicy/strategy.go @@ -64,7 +64,9 @@ func (networkPolicyStrategy) PrepareForUpdate(ctx context.Context, obj, old runt // Validate validates a new NetworkPolicy. func (networkPolicyStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { networkPolicy := obj.(*networking.NetworkPolicy) - return validation.ValidateNetworkPolicy(networkPolicy) + allErrs := validation.ValidateNetworkPolicy(networkPolicy) + allErrs = append(allErrs, validation.ValidateConditionalNetworkPolicy(networkPolicy, nil)...) + return allErrs } // Canonicalize normalizes the object after validation. @@ -79,6 +81,7 @@ func (networkPolicyStrategy) AllowCreateOnUpdate() bool { func (networkPolicyStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { validationErrorList := validation.ValidateNetworkPolicy(obj.(*networking.NetworkPolicy)) updateErrorList := validation.ValidateNetworkPolicyUpdate(obj.(*networking.NetworkPolicy), old.(*networking.NetworkPolicy)) + updateErrorList = append(updateErrorList, validation.ValidateConditionalNetworkPolicy(obj.(*networking.NetworkPolicy), old.(*networking.NetworkPolicy))...) return append(validationErrorList, updateErrorList...) } diff --git a/pkg/registry/networking/rest/BUILD b/pkg/registry/networking/rest/BUILD index 22c073bd164..81632678d72 100644 --- a/pkg/registry/networking/rest/BUILD +++ b/pkg/registry/networking/rest/BUILD @@ -12,8 +12,10 @@ go_library( deps = [ "//pkg/api/legacyscheme:go_default_library", "//pkg/apis/networking:go_default_library", + "//pkg/registry/networking/ingress/storage:go_default_library", "//pkg/registry/networking/networkpolicy/storage:go_default_library", "//staging/src/k8s.io/api/networking/v1:go_default_library", + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", "//staging/src/k8s.io/apiserver/pkg/registry/rest:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", diff --git a/pkg/registry/networking/rest/storage_settings.go b/pkg/registry/networking/rest/storage_settings.go index 40cf8c525ec..fc892bf66ec 100644 --- a/pkg/registry/networking/rest/storage_settings.go +++ b/pkg/registry/networking/rest/storage_settings.go @@ -18,12 +18,14 @@ package rest import ( networkingapiv1 "k8s.io/api/networking/v1" + networkingapiv1beta1 "k8s.io/api/networking/v1beta1" "k8s.io/apiserver/pkg/registry/generic" "k8s.io/apiserver/pkg/registry/rest" genericapiserver "k8s.io/apiserver/pkg/server" serverstorage "k8s.io/apiserver/pkg/server/storage" "k8s.io/kubernetes/pkg/api/legacyscheme" "k8s.io/kubernetes/pkg/apis/networking" + ingressstore "k8s.io/kubernetes/pkg/registry/networking/ingress/storage" networkpolicystore "k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage" ) @@ -35,13 +37,17 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag // TODO refactor the plumbing to provide the information in the APIGroupInfo if apiResourceConfigSource.VersionEnabled(networkingapiv1.SchemeGroupVersion) { - apiGroupInfo.VersionedResourcesStorageMap[networkingapiv1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter) + apiGroupInfo.VersionedResourcesStorageMap[networkingapiv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter) + } + + if apiResourceConfigSource.VersionEnabled(networkingapiv1beta1.SchemeGroupVersion) { + apiGroupInfo.VersionedResourcesStorageMap[networkingapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter) } return apiGroupInfo, true } -func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage { +func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage { storage := map[string]rest.Storage{} // networkpolicies networkPolicyStorage := networkpolicystore.NewREST(restOptionsGetter) @@ -50,6 +56,15 @@ func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstora return storage } +func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage { + storage := map[string]rest.Storage{} + // ingresses + ingressStorage, ingressStatusStorage := ingressstore.NewREST(restOptionsGetter) + storage["ingresses"] = ingressStorage + storage["ingresses/status"] = ingressStatusStorage + return storage +} + func (p RESTStorageProvider) GroupName() string { return networking.GroupName } diff --git a/pkg/registry/policy/OWNERS b/pkg/registry/policy/OWNERS old mode 100755 new mode 100644 index 787630abd2f..f558c884f12 --- a/pkg/registry/policy/OWNERS +++ b/pkg/registry/policy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-policy-approvers reviewers: diff --git a/pkg/registry/rbac/OWNERS b/pkg/registry/rbac/OWNERS old mode 100755 new mode 100644 index cd0d70a0f8f..7b3130fdcbc --- a/pkg/registry/rbac/OWNERS +++ b/pkg/registry/rbac/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/pkg/registry/rbac/clusterrole/strategy.go b/pkg/registry/rbac/clusterrole/strategy.go index eb547579359..10a3f850b60 100644 --- a/pkg/registry/rbac/clusterrole/strategy.go +++ b/pkg/registry/rbac/clusterrole/strategy.go @@ -44,7 +44,7 @@ var _ rest.RESTCreateStrategy = Strategy // Strategy should implement rest.RESTUpdateStrategy var _ rest.RESTUpdateStrategy = Strategy -// NamespaceScoped is true for ClusterRoles. +// NamespaceScoped is false for ClusterRoles. func (strategy) NamespaceScoped() bool { return false } diff --git a/pkg/registry/rbac/clusterrolebinding/strategy.go b/pkg/registry/rbac/clusterrolebinding/strategy.go index e7be7a634ab..3e3b44c93f9 100644 --- a/pkg/registry/rbac/clusterrolebinding/strategy.go +++ b/pkg/registry/rbac/clusterrolebinding/strategy.go @@ -44,7 +44,7 @@ var _ rest.RESTCreateStrategy = Strategy // Strategy should implement rest.RESTUpdateStrategy var _ rest.RESTUpdateStrategy = Strategy -// NamespaceScoped is true for ClusterRoleBindings. +// NamespaceScoped is false for ClusterRoleBindings. func (strategy) NamespaceScoped() bool { return false } diff --git a/pkg/registry/rbac/reconciliation/reconcile_role.go b/pkg/registry/rbac/reconciliation/reconcile_role.go index 8197b9f7596..e46848dd529 100644 --- a/pkg/registry/rbac/reconciliation/reconcile_role.go +++ b/pkg/registry/rbac/reconciliation/reconcile_role.go @@ -194,7 +194,10 @@ func computeReconciledRole(existing, expected RuleOwner, removeExtraPermissions } // Compute extra and missing rules - _, result.ExtraRules = validation.Covers(expected.GetRules(), existing.GetRules()) + // Don't compute extra permissions if expected and existing roles are both aggregated + if expected.GetAggregationRule() == nil || existing.GetAggregationRule() == nil { + _, result.ExtraRules = validation.Covers(expected.GetRules(), existing.GetRules()) + } _, result.MissingRules = validation.Covers(existing.GetRules(), expected.GetRules()) switch { diff --git a/pkg/registry/registrytest/OWNERS b/pkg/registry/registrytest/OWNERS old mode 100755 new mode 100644 index c00d143160e..495777f79b4 --- a/pkg/registry/registrytest/OWNERS +++ b/pkg/registry/registrytest/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/pkg/registry/storage/OWNERS b/pkg/registry/storage/OWNERS old mode 100755 new mode 100644 index f65afe9ed9a..8af01ebfbdd --- a/pkg/registry/storage/OWNERS +++ b/pkg/registry/storage/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - hongchaodeng diff --git a/pkg/routes/OWNERS b/pkg/routes/OWNERS index 20f71c30f38..42704a64ed6 100644 --- a/pkg/routes/OWNERS +++ b/pkg/routes/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - lavalamp diff --git a/pkg/routes/logs.go b/pkg/routes/logs.go index cfe9b27de8b..1922a381ede 100644 --- a/pkg/routes/logs.go +++ b/pkg/routes/logs.go @@ -26,6 +26,7 @@ import ( // Logs adds handlers for the /logs path serving log files from /var/log. type Logs struct{} +// Install func registers the logs handler. func (l Logs) Install(c *restful.Container) { // use restful: ws.Route(ws.GET("/logs/{logpath:*}").To(fileHandler)) // See github.com/emicklei/go-restful/blob/master/examples/restful-serve-static.go diff --git a/pkg/scheduler/BUILD b/pkg/scheduler/BUILD index 5a587510e66..648ed2f9cf7 100644 --- a/pkg/scheduler/BUILD +++ b/pkg/scheduler/BUILD @@ -10,7 +10,6 @@ go_library( importpath = "k8s.io/kubernetes/pkg/scheduler", visibility = ["//visibility:public"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/algorithm:go_default_library", "//pkg/scheduler/algorithm/predicates:go_default_library", "//pkg/scheduler/api:go_default_library", diff --git a/pkg/scheduler/OWNERS b/pkg/scheduler/OWNERS index fe768eadb54..e6772b3d810 100644 --- a/pkg/scheduler/OWNERS +++ b/pkg/scheduler/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-scheduling-maintainers reviewers: diff --git a/pkg/scheduler/algorithm/predicates/BUILD b/pkg/scheduler/algorithm/predicates/BUILD index 4f979a11c77..2e2853ccf97 100644 --- a/pkg/scheduler/algorithm/predicates/BUILD +++ b/pkg/scheduler/algorithm/predicates/BUILD @@ -21,7 +21,6 @@ go_library( "//pkg/apis/core/v1/helper:go_default_library", "//pkg/apis/core/v1/helper/qos:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/algorithm:go_default_library", "//pkg/scheduler/algorithm/priorities/util:go_default_library", "//pkg/scheduler/api:go_default_library", @@ -41,6 +40,7 @@ go_library( "//staging/src/k8s.io/client-go/listers/core/v1:go_default_library", "//staging/src/k8s.io/client-go/listers/storage/v1:go_default_library", "//staging/src/k8s.io/client-go/util/workqueue:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) @@ -58,7 +58,6 @@ go_test( deps = [ "//pkg/apis/core/v1/helper:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/api:go_default_library", "//pkg/scheduler/nodeinfo:go_default_library", "//pkg/scheduler/testing:go_default_library", diff --git a/pkg/scheduler/algorithm/predicates/max_attachable_volume_predicate_test.go b/pkg/scheduler/algorithm/predicates/max_attachable_volume_predicate_test.go index b734ddd68e1..4da8962ad0b 100644 --- a/pkg/scheduler/algorithm/predicates/max_attachable_volume_predicate_test.go +++ b/pkg/scheduler/algorithm/predicates/max_attachable_volume_predicate_test.go @@ -29,7 +29,6 @@ import ( utilfeature "k8s.io/apiserver/pkg/util/feature" utilfeaturetesting "k8s.io/apiserver/pkg/util/feature/testing" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" schedulernodeinfo "k8s.io/kubernetes/pkg/scheduler/nodeinfo" volumeutil "k8s.io/kubernetes/pkg/volume/util" ) @@ -875,7 +874,7 @@ func TestMaxVolumeFuncM5(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "node-for-m5-instance", Labels: map[string]string{ - kubeletapis.LabelInstanceType: "m5.large", + v1.LabelInstanceType: "m5.large", }, }, } @@ -892,7 +891,7 @@ func TestMaxVolumeFuncT3(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "node-for-t3-instance", Labels: map[string]string{ - kubeletapis.LabelInstanceType: "t3.medium", + v1.LabelInstanceType: "t3.medium", }, }, } @@ -909,7 +908,7 @@ func TestMaxVolumeFuncR5(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "node-for-r5-instance", Labels: map[string]string{ - kubeletapis.LabelInstanceType: "r5d.xlarge", + v1.LabelInstanceType: "r5d.xlarge", }, }, } @@ -926,7 +925,7 @@ func TestMaxVolumeFuncM4(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "node-for-m4-instance", Labels: map[string]string{ - kubeletapis.LabelInstanceType: "m4.2xlarge", + v1.LabelInstanceType: "m4.2xlarge", }, }, } diff --git a/pkg/scheduler/algorithm/predicates/predicates.go b/pkg/scheduler/algorithm/predicates/predicates.go index 61967923eff..ec30d9a288e 100644 --- a/pkg/scheduler/algorithm/predicates/predicates.go +++ b/pkg/scheduler/algorithm/predicates/predicates.go @@ -36,10 +36,10 @@ import ( utilfeature "k8s.io/apiserver/pkg/util/feature" corelisters "k8s.io/client-go/listers/core/v1" storagelisters "k8s.io/client-go/listers/storage/v1" + volumehelpers "k8s.io/cloud-provider/volume/helpers" v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" v1qos "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/scheduler/algorithm" priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util" schedulerapi "k8s.io/kubernetes/pkg/scheduler/api" @@ -366,7 +366,7 @@ func getMaxVolumeFunc(filterName string) func(node *v1.Node) int { var nodeInstanceType string for k, v := range node.ObjectMeta.Labels { - if k == kubeletapis.LabelInstanceType { + if k == v1.LabelInstanceType { nodeInstanceType = v } } @@ -629,7 +629,7 @@ func (c *VolumeZoneChecker) predicate(pod *v1.Pod, meta PredicateMetadata, nodeI nodeConstraints := make(map[string]string) for k, v := range node.ObjectMeta.Labels { - if k != kubeletapis.LabelZoneFailureDomain && k != kubeletapis.LabelZoneRegion { + if k != v1.LabelZoneFailureDomain && k != v1.LabelZoneRegion { continue } nodeConstraints[k] = v @@ -688,11 +688,11 @@ func (c *VolumeZoneChecker) predicate(pod *v1.Pod, meta PredicateMetadata, nodeI } for k, v := range pv.ObjectMeta.Labels { - if k != kubeletapis.LabelZoneFailureDomain && k != kubeletapis.LabelZoneRegion { + if k != v1.LabelZoneFailureDomain && k != v1.LabelZoneRegion { continue } nodeV, _ := nodeConstraints[k] - volumeVSet, err := volumeutil.LabelZonesToSet(v) + volumeVSet, err := volumehelpers.LabelZonesToSet(v) if err != nil { klog.Warningf("Failed to parse label for %q: %q. Ignoring the label. err=%v. ", k, v, err) continue diff --git a/pkg/scheduler/algorithm/predicates/predicates_test.go b/pkg/scheduler/algorithm/predicates/predicates_test.go index 0a9305aa8e1..4e7720413fe 100644 --- a/pkg/scheduler/algorithm/predicates/predicates_test.go +++ b/pkg/scheduler/algorithm/predicates/predicates_test.go @@ -30,7 +30,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" schedulerapi "k8s.io/kubernetes/pkg/scheduler/api" schedulernodeinfo "k8s.io/kubernetes/pkg/scheduler/nodeinfo" schedulertesting "k8s.io/kubernetes/pkg/scheduler/testing" @@ -3445,7 +3444,7 @@ func TestInterPodAffinityWithMultipleNodes(t *testing.T) { "nodeA": true, "nodeB": true, }, - name: "Test incoming pod's anti-affinity: even if lableSelector matches, we still check if topologyKey matches", + name: "Test incoming pod's anti-affinity: even if labelSelector matches, we still check if topologyKey matches", }, { pod: &v1.Pod{ @@ -4565,13 +4564,13 @@ func createPodWithVolume(pod, pv, pvc string) *v1.Pod { func TestVolumeZonePredicate(t *testing.T) { pvInfo := FakePersistentVolumeInfo{ { - ObjectMeta: metav1.ObjectMeta{Name: "Vol_1", Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-a"}}, + ObjectMeta: metav1.ObjectMeta{Name: "Vol_1", Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-a"}}, }, { - ObjectMeta: metav1.ObjectMeta{Name: "Vol_2", Labels: map[string]string{kubeletapis.LabelZoneRegion: "us-west1-b", "uselessLabel": "none"}}, + ObjectMeta: metav1.ObjectMeta{Name: "Vol_2", Labels: map[string]string{v1.LabelZoneRegion: "us-west1-b", "uselessLabel": "none"}}, }, { - ObjectMeta: metav1.ObjectMeta{Name: "Vol_3", Labels: map[string]string{kubeletapis.LabelZoneRegion: "us-west1-c"}}, + ObjectMeta: metav1.ObjectMeta{Name: "Vol_3", Labels: map[string]string{v1.LabelZoneRegion: "us-west1-c"}}, }, } @@ -4608,7 +4607,7 @@ func TestVolumeZonePredicate(t *testing.T) { Node: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-a"}, + Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-a"}, }, }, Fits: true, @@ -4629,7 +4628,7 @@ func TestVolumeZonePredicate(t *testing.T) { Node: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-a", "uselessLabel": "none"}, + Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-a", "uselessLabel": "none"}, }, }, Fits: true, @@ -4640,7 +4639,7 @@ func TestVolumeZonePredicate(t *testing.T) { Node: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneRegion: "us-west1-b", "uselessLabel": "none"}, + Labels: map[string]string{v1.LabelZoneRegion: "us-west1-b", "uselessLabel": "none"}, }, }, Fits: true, @@ -4651,7 +4650,7 @@ func TestVolumeZonePredicate(t *testing.T) { Node: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneRegion: "no_us-west1-b", "uselessLabel": "none"}, + Labels: map[string]string{v1.LabelZoneRegion: "no_us-west1-b", "uselessLabel": "none"}, }, }, Fits: false, @@ -4662,7 +4661,7 @@ func TestVolumeZonePredicate(t *testing.T) { Node: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "no_us-west1-a", "uselessLabel": "none"}, + Labels: map[string]string{v1.LabelZoneFailureDomain: "no_us-west1-a", "uselessLabel": "none"}, }, }, Fits: false, @@ -4694,13 +4693,13 @@ func TestVolumeZonePredicate(t *testing.T) { func TestVolumeZonePredicateMultiZone(t *testing.T) { pvInfo := FakePersistentVolumeInfo{ { - ObjectMeta: metav1.ObjectMeta{Name: "Vol_1", Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-a"}}, + ObjectMeta: metav1.ObjectMeta{Name: "Vol_1", Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-a"}}, }, { - ObjectMeta: metav1.ObjectMeta{Name: "Vol_2", Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-b", "uselessLabel": "none"}}, + ObjectMeta: metav1.ObjectMeta{Name: "Vol_2", Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-b", "uselessLabel": "none"}}, }, { - ObjectMeta: metav1.ObjectMeta{Name: "Vol_3", Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-c__us-west1-a"}}, + ObjectMeta: metav1.ObjectMeta{Name: "Vol_3", Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-c__us-west1-a"}}, }, } @@ -4745,7 +4744,7 @@ func TestVolumeZonePredicateMultiZone(t *testing.T) { Node: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-a", "uselessLabel": "none"}, + Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-a", "uselessLabel": "none"}, }, }, Fits: true, @@ -4756,7 +4755,7 @@ func TestVolumeZonePredicateMultiZone(t *testing.T) { Node: &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-b", "uselessLabel": "none"}, + Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-b", "uselessLabel": "none"}, }, }, Fits: false, @@ -4806,7 +4805,7 @@ func TestVolumeZonePredicateWithVolumeBinding(t *testing.T) { pvInfo := FakePersistentVolumeInfo{ { - ObjectMeta: metav1.ObjectMeta{Name: "Vol_1", Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-a"}}, + ObjectMeta: metav1.ObjectMeta{Name: "Vol_1", Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-a"}}, }, } @@ -4835,7 +4834,7 @@ func TestVolumeZonePredicateWithVolumeBinding(t *testing.T) { testNode := &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "host1", - Labels: map[string]string{kubeletapis.LabelZoneFailureDomain: "us-west1-a", "uselessLabel": "none"}, + Labels: map[string]string{v1.LabelZoneFailureDomain: "us-west1-a", "uselessLabel": "none"}, }, } diff --git a/pkg/scheduler/algorithm/priorities/BUILD b/pkg/scheduler/algorithm/priorities/BUILD index 5050bba242a..ffdac256a90 100644 --- a/pkg/scheduler/algorithm/priorities/BUILD +++ b/pkg/scheduler/algorithm/priorities/BUILD @@ -71,7 +71,6 @@ go_test( embed = [":go_default_library"], deps = [ "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/algorithm:go_default_library", "//pkg/scheduler/algorithm/priorities/util:go_default_library", "//pkg/scheduler/api:go_default_library", diff --git a/pkg/scheduler/algorithm/priorities/selector_spreading_test.go b/pkg/scheduler/algorithm/priorities/selector_spreading_test.go index eacc7bd768b..173fd0bf4ce 100644 --- a/pkg/scheduler/algorithm/priorities/selector_spreading_test.go +++ b/pkg/scheduler/algorithm/priorities/selector_spreading_test.go @@ -24,7 +24,6 @@ import ( apps "k8s.io/api/apps/v1" "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" schedulerapi "k8s.io/kubernetes/pkg/scheduler/api" schedulernodeinfo "k8s.io/kubernetes/pkg/scheduler/nodeinfo" schedulertesting "k8s.io/kubernetes/pkg/scheduler/testing" @@ -392,7 +391,7 @@ func TestZoneSelectorSpreadPriority(t *testing.T) { buildNodeLabels := func(failureDomain string) map[string]string { labels := map[string]string{ - kubeletapis.LabelZoneFailureDomain: failureDomain, + v1.LabelZoneFailureDomain: failureDomain, } return labels } diff --git a/pkg/scheduler/algorithm/priorities/util/topologies_test.go b/pkg/scheduler/algorithm/priorities/util/topologies_test.go index 6aee723e468..b72296afddd 100644 --- a/pkg/scheduler/algorithm/priorities/util/topologies_test.go +++ b/pkg/scheduler/algorithm/priorities/util/topologies_test.go @@ -220,7 +220,7 @@ func TestNodesHaveSameTopologyKey(t *testing.T) { topologyKey: "", }, { - name: "nodeA lable nil vs. nodeB{'a':''} by key('a')", + name: "nodeA label nil vs. nodeB{'a':''} by key('a')", nodeA: &v1.Node{ ObjectMeta: metav1.ObjectMeta{}, }, diff --git a/pkg/scheduler/apis/config/OWNERS b/pkg/scheduler/apis/config/OWNERS old mode 100755 new mode 100644 index 1efb6b4a64c..17b616c71cc --- a/pkg/scheduler/apis/config/OWNERS +++ b/pkg/scheduler/apis/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - api-approvers - sig-scheduling-maintainers diff --git a/pkg/scheduler/apis/config/v1alpha1/BUILD b/pkg/scheduler/apis/config/v1alpha1/BUILD index 1d778ff9f61..87559a24756 100644 --- a/pkg/scheduler/apis/config/v1alpha1/BUILD +++ b/pkg/scheduler/apis/config/v1alpha1/BUILD @@ -14,9 +14,9 @@ go_library( visibility = ["//visibility:public"], deps = [ "//pkg/apis/core:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/master/ports:go_default_library", "//pkg/scheduler/apis/config:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/conversion:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", diff --git a/pkg/scheduler/apis/config/v1alpha1/defaults.go b/pkg/scheduler/apis/config/v1alpha1/defaults.go index f6a08af34aa..9fa898f5446 100644 --- a/pkg/scheduler/apis/config/v1alpha1/defaults.go +++ b/pkg/scheduler/apis/config/v1alpha1/defaults.go @@ -20,16 +20,20 @@ import ( "net" "strconv" + "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" componentbaseconfigv1alpha1 "k8s.io/component-base/config/v1alpha1" kubescedulerconfigv1alpha1 "k8s.io/kube-scheduler/config/v1alpha1" // this package shouldn't really depend on other k8s.io/kubernetes code api "k8s.io/kubernetes/pkg/apis/core" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/master/ports" ) +// When the --failure-domains scheduler flag is not specified, +// DefaultFailureDomains defines the set of label keys used when TopologyKey is empty in PreferredDuringScheduling anti-affinity. +var defaultFailureDomains string = v1.LabelHostname + "," + v1.LabelZoneFailureDomain + "," + v1.LabelZoneRegion + func addDefaultingFuncs(scheme *runtime.Scheme) error { return RegisterDefaults(scheme) } @@ -82,7 +86,7 @@ func SetDefaults_KubeSchedulerConfiguration(obj *kubescedulerconfigv1alpha1.Kube } if len(obj.FailureDomains) == 0 { - obj.FailureDomains = kubeletapis.DefaultFailureDomains + obj.FailureDomains = defaultFailureDomains } if len(obj.ClientConnection.ContentType) == 0 { diff --git a/pkg/scheduler/core/generic_scheduler.go b/pkg/scheduler/core/generic_scheduler.go index 59a4d40179e..d11ee4f915a 100644 --- a/pkg/scheduler/core/generic_scheduler.go +++ b/pkg/scheduler/core/generic_scheduler.go @@ -141,7 +141,7 @@ type genericScheduler struct { extenders []algorithm.SchedulerExtender lastNodeIndex uint64 alwaysCheckAllPredicates bool - cachedNodeInfoMap map[string]*schedulernodeinfo.NodeInfo + nodeInfoSnapshot schedulerinternalcache.NodeInfoSnapshot volumeBinder *volumebinder.VolumeBinder pvcLister corelisters.PersistentVolumeClaimLister pdbLister algorithm.PDBLister @@ -153,7 +153,7 @@ type genericScheduler struct { // functions. func (g *genericScheduler) snapshot() error { // Used for all fit and priority funcs. - return g.cache.UpdateNodeNameToInfoMap(g.cachedNodeInfoMap) + return g.cache.UpdateNodeInfoSnapshot(&g.nodeInfoSnapshot) } // Schedule tries to schedule the given pod to one of the nodes in the node list. @@ -210,8 +210,8 @@ func (g *genericScheduler) Schedule(pod *v1.Pod, nodeLister algorithm.NodeLister }, nil } - metaPrioritiesInterface := g.priorityMetaProducer(pod, g.cachedNodeInfoMap) - priorityList, err := PrioritizeNodes(pod, g.cachedNodeInfoMap, metaPrioritiesInterface, g.prioritizers, filteredNodes, g.extenders) + metaPrioritiesInterface := g.priorityMetaProducer(pod, g.nodeInfoSnapshot.NodeInfoMap) + priorityList, err := PrioritizeNodes(pod, g.nodeInfoSnapshot.NodeInfoMap, metaPrioritiesInterface, g.prioritizers, filteredNodes, g.extenders) if err != nil { return result, err } @@ -290,7 +290,7 @@ func (g *genericScheduler) Preempt(pod *v1.Pod, nodeLister algorithm.NodeLister, if !ok || fitError == nil { return nil, nil, nil, nil } - if !podEligibleToPreemptOthers(pod, g.cachedNodeInfoMap) { + if !podEligibleToPreemptOthers(pod, g.nodeInfoSnapshot.NodeInfoMap) { klog.V(5).Infof("Pod %v/%v is not eligible for more preemption.", pod.Namespace, pod.Name) return nil, nil, nil, nil } @@ -311,7 +311,7 @@ func (g *genericScheduler) Preempt(pod *v1.Pod, nodeLister algorithm.NodeLister, if err != nil { return nil, nil, nil, err } - nodeToVictims, err := selectNodesForPreemption(pod, g.cachedNodeInfoMap, potentialNodes, g.predicates, + nodeToVictims, err := selectNodesForPreemption(pod, g.nodeInfoSnapshot.NodeInfoMap, potentialNodes, g.predicates, g.predicateMetaProducer, g.schedulingQueue, pdbs) if err != nil { return nil, nil, nil, err @@ -335,7 +335,7 @@ func (g *genericScheduler) Preempt(pod *v1.Pod, nodeLister algorithm.NodeLister, // nomination updates these pods and moves them to the active queue. It // lets scheduler find another place for them. nominatedPods := g.getLowerPriorityNominatedPods(pod, candidateNode.Name) - if nodeInfo, ok := g.cachedNodeInfoMap[candidateNode.Name]; ok { + if nodeInfo, ok := g.nodeInfoSnapshot.NodeInfoMap[candidateNode.Name]; ok { return nodeInfo.Node(), nodeToVictims[candidateNode].Pods, nominatedPods, nil } @@ -355,7 +355,7 @@ func (g *genericScheduler) processPreemptionWithExtenders( newNodeToVictims, err := extender.ProcessPreemption( pod, nodeToVictims, - g.cachedNodeInfoMap, + g.nodeInfoSnapshot.NodeInfoMap, ) if err != nil { if extender.IsIgnorable() { @@ -452,14 +452,14 @@ func (g *genericScheduler) findNodesThatFit(pod *v1.Pod, nodes []*v1.Node) ([]*v ctx, cancel := context.WithCancel(context.Background()) // We can use the same metadata producer for all nodes. - meta := g.predicateMetaProducer(pod, g.cachedNodeInfoMap) + meta := g.predicateMetaProducer(pod, g.nodeInfoSnapshot.NodeInfoMap) checkNode := func(i int) { nodeName := g.cache.NodeTree().Next() fits, failedPredicates, err := podFitsOnNode( pod, meta, - g.cachedNodeInfoMap[nodeName], + g.nodeInfoSnapshot.NodeInfoMap[nodeName], g.predicates, g.schedulingQueue, g.alwaysCheckAllPredicates, @@ -476,7 +476,7 @@ func (g *genericScheduler) findNodesThatFit(pod *v1.Pod, nodes []*v1.Node) ([]*v cancel() atomic.AddInt32(&filteredLen, -1) } else { - filtered[length-1] = g.cachedNodeInfoMap[nodeName].Node() + filtered[length-1] = g.nodeInfoSnapshot.NodeInfoMap[nodeName].Node() } } else { predicateResultLock.Lock() @@ -500,7 +500,7 @@ func (g *genericScheduler) findNodesThatFit(pod *v1.Pod, nodes []*v1.Node) ([]*v if !extender.IsInterested(pod) { continue } - filteredList, failedMap, err := extender.Filter(pod, filtered, g.cachedNodeInfoMap) + filteredList, failedMap, err := extender.Filter(pod, filtered, g.nodeInfoSnapshot.NodeInfoMap) if err != nil { if extender.IsIgnorable() { klog.Warningf("Skipping extender %v as it returned error %v and has ignorable flag set", @@ -1193,7 +1193,7 @@ func NewGenericScheduler( priorityMetaProducer: priorityMetaProducer, pluginSet: pluginSet, extenders: extenders, - cachedNodeInfoMap: make(map[string]*schedulernodeinfo.NodeInfo), + nodeInfoSnapshot: schedulerinternalcache.NewNodeInfoSnapshot(), volumeBinder: volumeBinder, pvcLister: pvcLister, pdbLister: pdbLister, diff --git a/pkg/scheduler/core/generic_scheduler_test.go b/pkg/scheduler/core/generic_scheduler_test.go index 73e3ce75fdc..2efdfe2edde 100644 --- a/pkg/scheduler/core/generic_scheduler_test.go +++ b/pkg/scheduler/core/generic_scheduler_test.go @@ -513,7 +513,7 @@ func makeScheduler(predicates map[string]algorithmpredicates.FitPredicate, nodes emptyPluginSet, nil, nil, nil, nil, false, false, schedulerapi.DefaultPercentageOfNodesToScore) - cache.UpdateNodeNameToInfoMap(s.(*genericScheduler).cachedNodeInfoMap) + cache.UpdateNodeInfoSnapshot(&s.(*genericScheduler).nodeInfoSnapshot) return s.(*genericScheduler) } diff --git a/pkg/scheduler/eventhandlers.go b/pkg/scheduler/eventhandlers.go index 5c00f04b9d5..4cf52f381e2 100644 --- a/pkg/scheduler/eventhandlers.go +++ b/pkg/scheduler/eventhandlers.go @@ -29,14 +29,13 @@ import ( policyinformers "k8s.io/client-go/informers/policy/v1beta1" storageinformers "k8s.io/client-go/informers/storage/v1" "k8s.io/client-go/tools/cache" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) func (sched *Scheduler) onPvAdd(obj interface{}) { // Pods created when there are no PVs available will be stuck in // unschedulable queue. But unbound PVs created for static provisioning and // delay binding storage class are skipped in PV controller dynamic - // provisiong and binding process, will not trigger events to schedule pod + // provisioning and binding process, will not trigger events to schedule pod // again. So we need to move pods to active queue on PV add for this // scenario. sched.config.SchedulingQueue.MoveAllToActiveQueue() @@ -270,11 +269,6 @@ func responsibleForPod(pod *v1.Pod, schedulerName string) bool { return schedulerName == pod.Spec.SchedulerName } -// isZoneRegionLabel check if given key of label is zone or region label. -func isZoneRegionLabel(k string) bool { - return k == kubeletapis.LabelZoneFailureDomain || k == kubeletapis.LabelZoneRegion -} - // skipPodUpdate checks whether the specified pod update should be ignored. // This function will return true if // - The pod has already been assumed, AND diff --git a/pkg/scheduler/factory/plugins.go b/pkg/scheduler/factory/plugins.go index b5127aba554..e6db5d106dc 100644 --- a/pkg/scheduler/factory/plugins.go +++ b/pkg/scheduler/factory/plugins.go @@ -412,23 +412,23 @@ func getFitPredicateFunctions(names sets.String, args PluginFactoryArgs) (map[st schedulerFactoryMutex.Lock() defer schedulerFactoryMutex.Unlock() - predicates := map[string]predicates.FitPredicate{} + fitPredicates := map[string]predicates.FitPredicate{} for _, name := range names.List() { factory, ok := fitPredicateMap[name] if !ok { - return nil, fmt.Errorf("Invalid predicate name %q specified - no corresponding function found", name) + return nil, fmt.Errorf("invalid predicate name %q specified - no corresponding function found", name) } - predicates[name] = factory(args) + fitPredicates[name] = factory(args) } // Always include mandatory fit predicates. for name := range mandatoryFitPredicates { if factory, found := fitPredicateMap[name]; found { - predicates[name] = factory(args) + fitPredicates[name] = factory(args) } } - return predicates, nil + return fitPredicates, nil } func getPriorityMetadataProducer(args PluginFactoryArgs) (priorities.PriorityMetadataProducer, error) { @@ -455,11 +455,11 @@ func getPriorityFunctionConfigs(names sets.String, args PluginFactoryArgs) ([]pr schedulerFactoryMutex.Lock() defer schedulerFactoryMutex.Unlock() - configs := []priorities.PriorityConfig{} + var configs []priorities.PriorityConfig for _, name := range names.List() { factory, ok := priorityFunctionMap[name] if !ok { - return nil, fmt.Errorf("Invalid priority name %s specified - no corresponding function found", name) + return nil, fmt.Errorf("invalid priority name %s specified - no corresponding function found", name) } if factory.Function != nil { configs = append(configs, priorities.PriorityConfig{ @@ -489,7 +489,7 @@ func validateSelectedConfigs(configs []priorities.PriorityConfig) error { for _, config := range configs { // Checks totalPriority against MaxTotalPriority to avoid overflow if config.Weight*schedulerapi.MaxPriority > schedulerapi.MaxTotalPriority-totalPriority { - return fmt.Errorf("Total priority of priority functions has overflown") + return fmt.Errorf("total priority of priority functions has overflown") } totalPriority += config.Weight * schedulerapi.MaxPriority } @@ -542,7 +542,7 @@ func ListRegisteredFitPredicates() []string { schedulerFactoryMutex.Lock() defer schedulerFactoryMutex.Unlock() - names := []string{} + var names []string for name := range fitPredicateMap { names = append(names, name) } @@ -554,7 +554,7 @@ func ListRegisteredPriorityFunctions() []string { schedulerFactoryMutex.Lock() defer schedulerFactoryMutex.Unlock() - names := []string{} + var names []string for name := range priorityFunctionMap { names = append(names, name) } diff --git a/pkg/scheduler/internal/cache/BUILD b/pkg/scheduler/internal/cache/BUILD index 0f710594d20..ec7d7f756ff 100644 --- a/pkg/scheduler/internal/cache/BUILD +++ b/pkg/scheduler/internal/cache/BUILD @@ -32,7 +32,6 @@ go_test( embed = [":go_default_library"], deps = [ "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/algorithm/priorities/util:go_default_library", "//pkg/scheduler/nodeinfo:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", diff --git a/pkg/scheduler/internal/cache/cache.go b/pkg/scheduler/internal/cache/cache.go index 3245378869a..790a3bcc6e3 100644 --- a/pkg/scheduler/internal/cache/cache.go +++ b/pkg/scheduler/internal/cache/cache.go @@ -47,6 +47,15 @@ func New(ttl time.Duration, stop <-chan struct{}) Cache { return cache } +// nodeInfoListItem holds a NodeInfo pointer and acts as an item in a doubly +// linked list. When a NodeInfo is updated, it goes to the head of the list. +// The items closer to the head are the most recently updated items. +type nodeInfoListItem struct { + info *schedulernodeinfo.NodeInfo + next *nodeInfoListItem + prev *nodeInfoListItem +} + type schedulerCache struct { stop <-chan struct{} ttl time.Duration @@ -59,8 +68,11 @@ type schedulerCache struct { assumedPods map[string]bool // a map from pod key to podState. podStates map[string]*podState - nodes map[string]*schedulernodeinfo.NodeInfo - nodeTree *NodeTree + nodes map[string]*nodeInfoListItem + // headNode points to the most recently updated NodeInfo in "nodes". It is the + // head of the linked list. + headNode *nodeInfoListItem + nodeTree *NodeTree // A map from image name to its imageState. imageStates map[string]*imageState } @@ -94,7 +106,7 @@ func newSchedulerCache(ttl, period time.Duration, stop <-chan struct{}) *schedul period: period, stop: stop, - nodes: make(map[string]*schedulernodeinfo.NodeInfo), + nodes: make(map[string]*nodeInfoListItem), nodeTree: newNodeTree(nil), assumedPods: make(map[string]bool), podStates: make(map[string]*podState), @@ -102,15 +114,82 @@ func newSchedulerCache(ttl, period time.Duration, stop <-chan struct{}) *schedul } } -// Snapshot takes a snapshot of the current schedulerinternalcache. The method has performance impact, -// and should be only used in non-critical path. +// newNodeInfoListItem initializes a new nodeInfoListItem. +func newNodeInfoListItem(ni *schedulernodeinfo.NodeInfo) *nodeInfoListItem { + return &nodeInfoListItem{ + info: ni, + } +} + +// NewNodeInfoSnapshot initializes a NodeInfoSnapshot struct and returns it. +func NewNodeInfoSnapshot() NodeInfoSnapshot { + return NodeInfoSnapshot{ + NodeInfoMap: make(map[string]*schedulernodeinfo.NodeInfo), + } +} + +// moveNodeInfoToHead moves a NodeInfo to the head of "cache.nodes" doubly +// linked list. The head is the most recently updated NodeInfo. +// We assume cache lock is already acquired. +func (cache *schedulerCache) moveNodeInfoToHead(name string) { + ni, ok := cache.nodes[name] + if !ok { + klog.Errorf("No NodeInfo with name %v found in the cache", name) + return + } + // if the node info list item is already at the head, we are done. + if ni == cache.headNode { + return + } + + if ni.prev != nil { + ni.prev.next = ni.next + } + if ni.next != nil { + ni.next.prev = ni.prev + } + if cache.headNode != nil { + cache.headNode.prev = ni + } + ni.next = cache.headNode + ni.prev = nil + cache.headNode = ni +} + +// removeNodeInfoFromList removes a NodeInfo from the "cache.nodes" doubly +// linked list. +// We assume cache lock is already acquired. +func (cache *schedulerCache) removeNodeInfoFromList(name string) { + ni, ok := cache.nodes[name] + if !ok { + klog.Errorf("No NodeInfo with name %v found in the cache", name) + return + } + + if ni.prev != nil { + ni.prev.next = ni.next + } + if ni.next != nil { + ni.next.prev = ni.prev + } + // if the removed item was at the head, we must update the head. + if ni == cache.headNode { + cache.headNode = ni.next + } + delete(cache.nodes, name) +} + +// Snapshot takes a snapshot of the current scheduler cache. This is used for +// debugging purposes only and shouldn't be confused with UpdateNodeInfoSnapshot +// function. +// This method is expensive, and should be only used in non-critical path. func (cache *schedulerCache) Snapshot() *Snapshot { cache.mu.RLock() defer cache.mu.RUnlock() nodes := make(map[string]*schedulernodeinfo.NodeInfo, len(cache.nodes)) for k, v := range cache.nodes { - nodes[k] = v.Clone() + nodes[k] = v.info.Clone() } assumedPods := make(map[string]bool, len(cache.assumedPods)) @@ -124,22 +203,43 @@ func (cache *schedulerCache) Snapshot() *Snapshot { } } -func (cache *schedulerCache) UpdateNodeNameToInfoMap(nodeNameToInfo map[string]*schedulernodeinfo.NodeInfo) error { +// UpdateNodeInfoSnapshot takes a snapshot of cached NodeInfo map. This is called at +// beginning of every scheduling cycle. +// This function tracks generation number of NodeInfo and updates only the +// entries of an existing snapshot that have changed after the snapshot was taken. +func (cache *schedulerCache) UpdateNodeInfoSnapshot(nodeSnapshot *NodeInfoSnapshot) error { cache.mu.Lock() defer cache.mu.Unlock() + balancedVolumesEnabled := utilfeature.DefaultFeatureGate.Enabled(features.BalanceAttachedNodeVolumes) - for name, info := range cache.nodes { - if utilfeature.DefaultFeatureGate.Enabled(features.BalanceAttachedNodeVolumes) && info.TransientInfo != nil { - // Transient scheduler info is reset here. - info.TransientInfo.ResetTransientSchedulerInfo() + // Get the last generation of the the snapshot. + snapshotGeneration := nodeSnapshot.Generation + + // Start from the head of the NodeInfo doubly linked list and update snapshot + // of NodeInfos updated after the last snapshot. + for node := cache.headNode; node != nil; node = node.next { + if node.info.GetGeneration() <= snapshotGeneration { + // all the nodes are updated before the existing snapshot. We are done. + break } - if current, ok := nodeNameToInfo[name]; !ok || current.GetGeneration() != info.GetGeneration() { - nodeNameToInfo[name] = info.Clone() + if balancedVolumesEnabled && node.info.TransientInfo != nil { + // Transient scheduler info is reset here. + node.info.TransientInfo.ResetTransientSchedulerInfo() + } + if np := node.info.Node(); np != nil { + nodeSnapshot.NodeInfoMap[np.Name] = node.info.Clone() } } - for name := range nodeNameToInfo { - if _, ok := cache.nodes[name]; !ok { - delete(nodeNameToInfo, name) + // Update the snapshot generation with the latest NodeInfo generation. + if cache.headNode != nil { + nodeSnapshot.Generation = cache.headNode.info.GetGeneration() + } + + if len(nodeSnapshot.NodeInfoMap) > len(cache.nodes) { + for name := range nodeSnapshot.NodeInfoMap { + if _, ok := cache.nodes[name]; !ok { + delete(nodeSnapshot.NodeInfoMap, name) + } } } return nil @@ -157,12 +257,12 @@ func (cache *schedulerCache) FilteredList(podFilter algorithm.PodFilter, selecto // can avoid expensive array growth without wasting too much memory by // pre-allocating capacity. maxSize := 0 - for _, info := range cache.nodes { - maxSize += len(info.Pods()) + for _, n := range cache.nodes { + maxSize += len(n.info.Pods()) } pods := make([]*v1.Pod, 0, maxSize) - for _, info := range cache.nodes { - for _, pod := range info.Pods() { + for _, n := range cache.nodes { + for _, pod := range n.info.Pods() { if podFilter(pod) && selector.Matches(labels.Set(pod.Labels)) { pods = append(pods, pod) } @@ -249,10 +349,11 @@ func (cache *schedulerCache) ForgetPod(pod *v1.Pod) error { func (cache *schedulerCache) addPod(pod *v1.Pod) { n, ok := cache.nodes[pod.Spec.NodeName] if !ok { - n = schedulernodeinfo.NewNodeInfo() + n = newNodeInfoListItem(schedulernodeinfo.NewNodeInfo()) cache.nodes[pod.Spec.NodeName] = n } - n.AddPod(pod) + n.info.AddPod(pod) + cache.moveNodeInfoToHead(pod.Spec.NodeName) } // Assumes that lock is already acquired. @@ -266,12 +367,17 @@ func (cache *schedulerCache) updatePod(oldPod, newPod *v1.Pod) error { // Assumes that lock is already acquired. func (cache *schedulerCache) removePod(pod *v1.Pod) error { - n := cache.nodes[pod.Spec.NodeName] - if err := n.RemovePod(pod); err != nil { + n, ok := cache.nodes[pod.Spec.NodeName] + if !ok { + return fmt.Errorf("node %v is not found", pod.Spec.NodeName) + } + if err := n.info.RemovePod(pod); err != nil { return err } - if len(n.Pods()) == 0 && n.Node() == nil { - delete(cache.nodes, pod.Spec.NodeName) + if len(n.info.Pods()) == 0 && n.info.Node() == nil { + cache.removeNodeInfoFromList(pod.Spec.NodeName) + } else { + cache.moveNodeInfoToHead(pod.Spec.NodeName) } return nil } @@ -407,15 +513,16 @@ func (cache *schedulerCache) AddNode(node *v1.Node) error { n, ok := cache.nodes[node.Name] if !ok { - n = schedulernodeinfo.NewNodeInfo() + n = newNodeInfoListItem(schedulernodeinfo.NewNodeInfo()) cache.nodes[node.Name] = n } else { - cache.removeNodeImageStates(n.Node()) + cache.removeNodeImageStates(n.info.Node()) } + cache.moveNodeInfoToHead(node.Name) cache.nodeTree.AddNode(node) - cache.addNodeImageStates(node, n) - return n.SetNode(node) + cache.addNodeImageStates(node, n.info) + return n.info.SetNode(node) } func (cache *schedulerCache) UpdateNode(oldNode, newNode *v1.Node) error { @@ -424,31 +531,37 @@ func (cache *schedulerCache) UpdateNode(oldNode, newNode *v1.Node) error { n, ok := cache.nodes[newNode.Name] if !ok { - n = schedulernodeinfo.NewNodeInfo() + n = newNodeInfoListItem(schedulernodeinfo.NewNodeInfo()) cache.nodes[newNode.Name] = n } else { - cache.removeNodeImageStates(n.Node()) + cache.removeNodeImageStates(n.info.Node()) } + cache.moveNodeInfoToHead(newNode.Name) cache.nodeTree.UpdateNode(oldNode, newNode) - cache.addNodeImageStates(newNode, n) - return n.SetNode(newNode) + cache.addNodeImageStates(newNode, n.info) + return n.info.SetNode(newNode) } func (cache *schedulerCache) RemoveNode(node *v1.Node) error { cache.mu.Lock() defer cache.mu.Unlock() - n := cache.nodes[node.Name] - if err := n.RemoveNode(node); err != nil { + n, ok := cache.nodes[node.Name] + if !ok { + return fmt.Errorf("node %v is not found", node.Name) + } + if err := n.info.RemoveNode(node); err != nil { return err } // We remove NodeInfo for this node only if there aren't any pods on this node. // We can't do it unconditionally, because notifications about pods are delivered // in a different watch, and thus can potentially be observed later, even though // they happened before node removal. - if len(n.Pods()) == 0 && n.Node() == nil { - delete(cache.nodes, node.Name) + if len(n.info.Pods()) == 0 && n.info.Node() == nil { + cache.removeNodeInfoFromList(node.Name) + } else { + cache.moveNodeInfoToHead(node.Name) } cache.nodeTree.RemoveNode(node) diff --git a/pkg/scheduler/internal/cache/cache_test.go b/pkg/scheduler/internal/cache/cache_test.go index e7f15291c65..1964b00e1b8 100644 --- a/pkg/scheduler/internal/cache/cache_test.go +++ b/pkg/scheduler/internal/cache/cache_test.go @@ -35,16 +35,19 @@ import ( schedulernodeinfo "k8s.io/kubernetes/pkg/scheduler/nodeinfo" ) -func deepEqualWithoutGeneration(t *testing.T, testcase int, actual, expected *schedulernodeinfo.NodeInfo) { +func deepEqualWithoutGeneration(t *testing.T, testcase int, actual *nodeInfoListItem, expected *schedulernodeinfo.NodeInfo) { + if (actual == nil) != (expected == nil) { + t.Error("One of the actual or expeted is nil and the other is not!") + } // Ignore generation field. if actual != nil { - actual.SetGeneration(0) + actual.info.SetGeneration(0) } if expected != nil { expected.SetGeneration(0) } - if !reflect.DeepEqual(actual, expected) { - t.Errorf("#%d: node info get=%s, want=%s", testcase, actual, expected) + if actual != nil && !reflect.DeepEqual(actual.info, expected) { + t.Errorf("#%d: node info get=%s, want=%s", testcase, actual.info, expected) } } @@ -372,21 +375,27 @@ func TestSnapshot(t *testing.T) { cache := newSchedulerCache(ttl, time.Second, nil) for _, podToAssume := range tt.podsToAssume { if err := assumeAndFinishBinding(cache, podToAssume, now); err != nil { - t.Fatalf("assumePod failed: %v", err) + t.Errorf("assumePod failed: %v", err) } } for _, podToAdd := range tt.podsToAdd { if err := cache.AddPod(podToAdd); err != nil { - t.Fatalf("AddPod failed: %v", err) + t.Errorf("AddPod failed: %v", err) } } snapshot := cache.Snapshot() - if !reflect.DeepEqual(snapshot.Nodes, cache.nodes) { - t.Fatalf("expect \n%+v; got \n%+v", cache.nodes, snapshot.Nodes) + if len(snapshot.Nodes) != len(cache.nodes) { + t.Errorf("Unequal number of nodes in the cache and its snapshot. expeted: %v, got: %v", len(cache.nodes), len(snapshot.Nodes)) + } + for name, ni := range snapshot.Nodes { + nItem := cache.nodes[name] + if !reflect.DeepEqual(ni, nItem.info) { + t.Errorf("expect \n%+v; got \n%+v", nItem.info, ni) + } } if !reflect.DeepEqual(snapshot.AssumedPods, cache.assumedPods) { - t.Fatalf("expect \n%+v; got \n%+v", cache.assumedPods, snapshot.AssumedPods) + t.Errorf("expect \n%+v; got \n%+v", cache.assumedPods, snapshot.AssumedPods) } } } @@ -765,7 +774,7 @@ func TestEphemeralStorageResource(t *testing.T) { n = cache.nodes[nodeName] if n != nil { - t.Errorf("#%d: expecting pod deleted and nil node info, get=%s", i, n) + t.Errorf("#%d: expecting pod deleted and nil node info, get=%s", i, n.info) } } } @@ -810,7 +819,7 @@ func TestRemovePod(t *testing.T) { n = cache.nodes[nodeName] if n != nil { - t.Errorf("#%d: expecting pod deleted and nil node info, get=%s", i, n) + t.Errorf("#%d: expecting pod deleted and nil node info, get=%s", i, n.info) } } } @@ -864,7 +873,7 @@ func TestForgetPod(t *testing.T) { } cache.cleanupAssumedPods(now.Add(2 * ttl)) if n := cache.nodes[nodeName]; n != nil { - t.Errorf("#%d: expecting pod deleted and nil node info, get=%s", i, n) + t.Errorf("#%d: expecting pod deleted and nil node info, get=%s", i, n.info) } } } @@ -1062,16 +1071,16 @@ func TestNodeOperators(t *testing.T) { } // Generations are globally unique. We check in our unit tests that they are incremented correctly. - expected.SetGeneration(got.GetGeneration()) - if !reflect.DeepEqual(got, expected) { + expected.SetGeneration(got.info.GetGeneration()) + if !reflect.DeepEqual(got.info, expected) { t.Errorf("Failed to add node into schedulercache:\n got: %+v \nexpected: %+v", got, expected) } // Case 2: dump cached nodes successfully. - cachedNodes := map[string]*schedulernodeinfo.NodeInfo{} - cache.UpdateNodeNameToInfoMap(cachedNodes) - newNode, found := cachedNodes[node.Name] - if !found || len(cachedNodes) != 1 { + cachedNodes := NewNodeInfoSnapshot() + cache.UpdateNodeInfoSnapshot(&cachedNodes) + newNode, found := cachedNodes.NodeInfoMap[node.Name] + if !found || len(cachedNodes.NodeInfoMap) != 1 { t.Errorf("failed to dump cached nodes:\n got: %v \nexpected: %v", cachedNodes, cache.nodes) } expected.SetGeneration(newNode.GetGeneration()) @@ -1091,12 +1100,12 @@ func TestNodeOperators(t *testing.T) { if !found { t.Errorf("Failed to find node %v in schedulernodeinfo after UpdateNode.", node.Name) } - if got.GetGeneration() <= expected.GetGeneration() { - t.Errorf("Generation is not incremented. got: %v, expected: %v", got.GetGeneration(), expected.GetGeneration()) + if got.info.GetGeneration() <= expected.GetGeneration() { + t.Errorf("Generation is not incremented. got: %v, expected: %v", got.info.GetGeneration(), expected.GetGeneration()) } - expected.SetGeneration(got.GetGeneration()) + expected.SetGeneration(got.info.GetGeneration()) - if !reflect.DeepEqual(got, expected) { + if !reflect.DeepEqual(got.info, expected) { t.Errorf("Failed to update node in schedulernodeinfo:\n got: %+v \nexpected: %+v", got, expected) } // Check nodeTree after update @@ -1117,6 +1126,256 @@ func TestNodeOperators(t *testing.T) { } } +// TestSchedulerCache_UpdateNodeInfoSnapshot tests UpdateNodeInfoSnapshot function of cache. +func TestSchedulerCache_UpdateNodeInfoSnapshot(t *testing.T) { + // Create a few nodes to be used in tests. + nodes := []*v1.Node{} + for i := 0; i < 10; i++ { + node := &v1.Node{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("test-node%v", i), + }, + Status: v1.NodeStatus{ + Allocatable: v1.ResourceList{ + v1.ResourceCPU: resource.MustParse("1000m"), + v1.ResourceMemory: resource.MustParse("100m"), + }, + }, + } + nodes = append(nodes, node) + } + // Create a few nodes as updated versions of the above nodes + updatedNodes := []*v1.Node{} + for _, n := range nodes { + updatedNode := n.DeepCopy() + updatedNode.Status.Allocatable = v1.ResourceList{ + v1.ResourceCPU: resource.MustParse("2000m"), + v1.ResourceMemory: resource.MustParse("500m"), + } + updatedNodes = append(updatedNodes, updatedNode) + } + + // Create a few pods for tests. + pods := []*v1.Pod{} + for i := 0; i < 10; i++ { + pod := &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("test-pod%v", i), + Namespace: "test-ns", + UID: types.UID(fmt.Sprintf("test-puid%v", i)), + }, + Spec: v1.PodSpec{ + NodeName: fmt.Sprintf("test-node%v", i), + }, + } + pods = append(pods, pod) + } + // Create a few pods as updated versions of the above pods. + updatedPods := []*v1.Pod{} + for _, p := range pods { + updatedPod := p.DeepCopy() + priority := int32(1000) + updatedPod.Spec.Priority = &priority + updatedPods = append(updatedPods, updatedPod) + } + + var cache *schedulerCache + var snapshot NodeInfoSnapshot + type operation = func() + + addNode := func(i int) operation { + return func() { + cache.AddNode(nodes[i]) + } + } + removeNode := func(i int) operation { + return func() { + cache.RemoveNode(nodes[i]) + } + } + updateNode := func(i int) operation { + return func() { + cache.UpdateNode(nodes[i], updatedNodes[i]) + } + } + addPod := func(i int) operation { + return func() { + cache.AddPod(pods[i]) + } + } + removePod := func(i int) operation { + return func() { + cache.RemovePod(pods[i]) + } + } + updatePod := func(i int) operation { + return func() { + cache.UpdatePod(pods[i], updatedPods[i]) + } + } + updateSnapshot := func() operation { + return func() { + cache.UpdateNodeInfoSnapshot(&snapshot) + if err := compareCacheWithNodeInfoSnapshot(cache, &snapshot); err != nil { + t.Error(err) + } + } + } + + tests := []struct { + name string + operations []operation + expected []*v1.Node + }{ + { + name: "Empty cache", + operations: []operation{}, + expected: []*v1.Node{}, + }, + { + name: "Single node", + operations: []operation{addNode(1)}, + expected: []*v1.Node{nodes[1]}, + }, + { + name: "Add node, remove it, add it again", + operations: []operation{ + addNode(1), updateSnapshot(), removeNode(1), addNode(1), + }, + expected: []*v1.Node{nodes[1]}, + }, + { + name: "Add a few nodes, and snapshot in the middle", + operations: []operation{ + addNode(0), updateSnapshot(), addNode(1), updateSnapshot(), addNode(2), + updateSnapshot(), addNode(3), + }, + expected: []*v1.Node{nodes[3], nodes[2], nodes[1], nodes[0]}, + }, + { + name: "Add a few nodes, and snapshot in the end", + operations: []operation{ + addNode(0), addNode(2), addNode(5), addNode(6), + }, + expected: []*v1.Node{nodes[6], nodes[5], nodes[2], nodes[0]}, + }, + { + name: "Remove non-existing node", + operations: []operation{ + addNode(0), addNode(1), updateSnapshot(), removeNode(8), + }, + expected: []*v1.Node{nodes[1], nodes[0]}, + }, + { + name: "Update some nodes", + operations: []operation{ + addNode(0), addNode(1), addNode(5), updateSnapshot(), updateNode(1), + }, + expected: []*v1.Node{nodes[1], nodes[5], nodes[0]}, + }, + { + name: "Add a few nodes, and remove all of them", + operations: []operation{ + addNode(0), addNode(2), addNode(5), addNode(6), updateSnapshot(), + removeNode(0), removeNode(2), removeNode(5), removeNode(6), + }, + expected: []*v1.Node{}, + }, + { + name: "Add a few nodes, and remove some of them", + operations: []operation{ + addNode(0), addNode(2), addNode(5), addNode(6), updateSnapshot(), + removeNode(0), removeNode(6), + }, + expected: []*v1.Node{nodes[5], nodes[2]}, + }, + { + name: "Add a few nodes, remove all of them, and add more", + operations: []operation{ + addNode(2), addNode(5), addNode(6), updateSnapshot(), + removeNode(2), removeNode(5), removeNode(6), updateSnapshot(), + addNode(7), addNode(9), + }, + expected: []*v1.Node{nodes[9], nodes[7]}, + }, + { + name: "Update nodes in particular order", + operations: []operation{ + addNode(8), updateNode(2), updateNode(8), updateSnapshot(), + addNode(1), + }, + expected: []*v1.Node{nodes[1], nodes[8], nodes[2]}, + }, + { + name: "Add some nodes and some pods", + operations: []operation{ + addNode(0), addNode(2), addNode(8), updateSnapshot(), + addPod(8), addPod(2), + }, + expected: []*v1.Node{nodes[2], nodes[8], nodes[0]}, + }, + { + name: "Updating a pod moves its node to the head", + operations: []operation{ + addNode(0), addPod(0), addNode(2), addNode(4), updatePod(0), + }, + expected: []*v1.Node{nodes[0], nodes[4], nodes[2]}, + }, + { + name: "Remove pod from non-existing node", + operations: []operation{ + addNode(0), addPod(0), addNode(2), updateSnapshot(), removePod(3), + }, + expected: []*v1.Node{nodes[2], nodes[0]}, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + cache = newSchedulerCache(time.Second, time.Second, nil) + snapshot = NewNodeInfoSnapshot() + + for _, op := range test.operations { + op() + } + + if len(test.expected) != len(cache.nodes) { + t.Errorf("unexpected number of nodes. Expected: %v, got: %v", len(test.expected), len(cache.nodes)) + } + var i int + // Check that cache is in the expected state. + for node := cache.headNode; node != nil; node = node.next { + if node.info.Node().Name != test.expected[i].Name { + t.Errorf("unexpected node. Expected: %v, got: %v, index: %v", test.expected[i].Name, node.info.Node().Name, i) + } + i++ + } + // Make sure we visited all the cached nodes in the above for loop. + if i != len(cache.nodes) { + t.Errorf("Not all the nodes were visited by following the NodeInfo linked list. Expected to see %v nodes, saw %v.", len(cache.nodes), i) + } + + // Always update the snapshot at the end of operations and compare it. + cache.UpdateNodeInfoSnapshot(&snapshot) + if err := compareCacheWithNodeInfoSnapshot(cache, &snapshot); err != nil { + t.Error(err) + } + }) + } +} + +func compareCacheWithNodeInfoSnapshot(cache *schedulerCache, snapshot *NodeInfoSnapshot) error { + if len(snapshot.NodeInfoMap) != len(cache.nodes) { + return fmt.Errorf("unexpected number of nodes in the snapshot. Expected: %v, got: %v", len(cache.nodes), len(snapshot.NodeInfoMap)) + } + for name, ni := range cache.nodes { + if !reflect.DeepEqual(snapshot.NodeInfoMap[name], ni.info) { + return fmt.Errorf("unexpected node info. Expected: %v, got: %v", ni.info, snapshot.NodeInfoMap[name]) + } + } + return nil +} + func BenchmarkList1kNodes30kPods(b *testing.B) { cache := setupCacheOf1kNodes30kPods(b) b.ResetTimer() @@ -1131,8 +1390,8 @@ func BenchmarkUpdate1kNodes30kPods(b *testing.B) { cache := setupCacheOf1kNodes30kPods(b) b.ResetTimer() for n := 0; n < b.N; n++ { - cachedNodes := map[string]*schedulernodeinfo.NodeInfo{} - cache.UpdateNodeNameToInfoMap(cachedNodes) + cachedNodes := NewNodeInfoSnapshot() + cache.UpdateNodeInfoSnapshot(&cachedNodes) } } diff --git a/pkg/scheduler/internal/cache/fake/BUILD b/pkg/scheduler/internal/cache/fake/BUILD index 06c1d501a8a..caed79bb710 100644 --- a/pkg/scheduler/internal/cache/fake/BUILD +++ b/pkg/scheduler/internal/cache/fake/BUILD @@ -8,7 +8,6 @@ go_library( deps = [ "//pkg/scheduler/algorithm:go_default_library", "//pkg/scheduler/internal/cache:go_default_library", - "//pkg/scheduler/nodeinfo:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", ], diff --git a/pkg/scheduler/internal/cache/fake/fake_cache.go b/pkg/scheduler/internal/cache/fake/fake_cache.go index 05873d35cb7..fe814d8766e 100644 --- a/pkg/scheduler/internal/cache/fake/fake_cache.go +++ b/pkg/scheduler/internal/cache/fake/fake_cache.go @@ -21,7 +21,6 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/kubernetes/pkg/scheduler/algorithm" schedulerinternalcache "k8s.io/kubernetes/pkg/scheduler/internal/cache" - schedulernodeinfo "k8s.io/kubernetes/pkg/scheduler/nodeinfo" ) // Cache is used for testing @@ -75,8 +74,8 @@ func (c *Cache) UpdateNode(oldNode, newNode *v1.Node) error { return nil } // RemoveNode is a fake method for testing. func (c *Cache) RemoveNode(node *v1.Node) error { return nil } -// UpdateNodeNameToInfoMap is a fake method for testing. -func (c *Cache) UpdateNodeNameToInfoMap(infoMap map[string]*schedulernodeinfo.NodeInfo) error { +// UpdateNodeInfoSnapshot is a fake method for testing. +func (c *Cache) UpdateNodeInfoSnapshot(nodeSnapshot *schedulerinternalcache.NodeInfoSnapshot) error { return nil } diff --git a/pkg/scheduler/internal/cache/interface.go b/pkg/scheduler/internal/cache/interface.go index 204659d8625..699818b1e6e 100644 --- a/pkg/scheduler/internal/cache/interface.go +++ b/pkg/scheduler/internal/cache/interface.go @@ -95,10 +95,10 @@ type Cache interface { // RemoveNode removes overall information about node. RemoveNode(node *v1.Node) error - // UpdateNodeNameToInfoMap updates the passed infoMap to the current contents of Cache. + // UpdateNodeInfoSnapshot updates the passed infoSnapshot to the current contents of Cache. // The node info contains aggregated information of pods scheduled (including assumed to be) // on this node. - UpdateNodeNameToInfoMap(infoMap map[string]*schedulernodeinfo.NodeInfo) error + UpdateNodeInfoSnapshot(nodeSnapshot *NodeInfoSnapshot) error // List lists all cached pods (including assumed ones). List(labels.Selector) ([]*v1.Pod, error) @@ -118,3 +118,11 @@ type Snapshot struct { AssumedPods map[string]bool Nodes map[string]*schedulernodeinfo.NodeInfo } + +// NodeInfoSnapshot is a snapshot of cache NodeInfo. The scheduler takes a +// snapshot at the beginning of each scheduling cycle and uses it for its +// operations in that cycle. +type NodeInfoSnapshot struct { + NodeInfoMap map[string]*schedulernodeinfo.NodeInfo + Generation int64 +} diff --git a/pkg/scheduler/internal/cache/node_tree_test.go b/pkg/scheduler/internal/cache/node_tree_test.go index 9b4371589fa..e8cb35ba78a 100644 --- a/pkg/scheduler/internal/cache/node_tree_test.go +++ b/pkg/scheduler/internal/cache/node_tree_test.go @@ -22,7 +22,6 @@ import ( "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) var allNodes = []*v1.Node{ @@ -37,7 +36,7 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-1", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-1", + v1.LabelZoneRegion: "region-1", }, }, }, @@ -46,7 +45,7 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-2", Labels: map[string]string{ - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, @@ -55,8 +54,8 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-3", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-1", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-1", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, @@ -65,8 +64,8 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-4", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-1", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-1", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, @@ -75,8 +74,8 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-5", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-1", - kubeletapis.LabelZoneFailureDomain: "zone-3", + v1.LabelZoneRegion: "region-1", + v1.LabelZoneFailureDomain: "zone-3", }, }, }, @@ -85,8 +84,8 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-6", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-2", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-2", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, @@ -95,8 +94,8 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-7", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-2", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-2", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, @@ -105,8 +104,8 @@ var allNodes = []*v1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "node-8", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-2", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-2", + v1.LabelZoneFailureDomain: "zone-2", }, }, }} @@ -252,8 +251,8 @@ func TestNodeTree_UpdateNode(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "node-0", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-1", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-1", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, @@ -272,8 +271,8 @@ func TestNodeTree_UpdateNode(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "node-0", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-1", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-1", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, @@ -288,8 +287,8 @@ func TestNodeTree_UpdateNode(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "node-new", Labels: map[string]string{ - kubeletapis.LabelZoneRegion: "region-1", - kubeletapis.LabelZoneFailureDomain: "zone-2", + v1.LabelZoneRegion: "region-1", + v1.LabelZoneFailureDomain: "zone-2", }, }, }, diff --git a/pkg/scheduler/internal/queue/scheduling_queue_test.go b/pkg/scheduler/internal/queue/scheduling_queue_test.go index f0ca6751fec..d2f43f9b54f 100644 --- a/pkg/scheduler/internal/queue/scheduling_queue_test.go +++ b/pkg/scheduler/internal/queue/scheduling_queue_test.go @@ -443,18 +443,26 @@ func TestPriorityQueue_NominatedPodsForNode(t *testing.T) { } func TestPriorityQueue_PendingPods(t *testing.T) { + makeSet := func(pods []*v1.Pod) map[*v1.Pod]struct{} { + pendingSet := map[*v1.Pod]struct{}{} + for _, p := range pods { + pendingSet[p] = struct{}{} + } + return pendingSet + } + q := NewPriorityQueue(nil) q.Add(&medPriorityPod) addOrUpdateUnschedulablePod(q, &unschedulablePod) addOrUpdateUnschedulablePod(q, &highPriorityPod) - expectedList := []*v1.Pod{&medPriorityPod, &unschedulablePod, &highPriorityPod} - if !reflect.DeepEqual(expectedList, q.PendingPods()) { - t.Error("Unexpected list of pending Pods for node.") + expectedSet := makeSet([]*v1.Pod{&medPriorityPod, &unschedulablePod, &highPriorityPod}) + if !reflect.DeepEqual(expectedSet, makeSet(q.PendingPods())) { + t.Error("Unexpected list of pending Pods.") } // Move all to active queue. We should still see the same set of pods. q.MoveAllToActiveQueue() - if !reflect.DeepEqual(expectedList, q.PendingPods()) { - t.Error("Unexpected list of pending Pods for node.") + if !reflect.DeepEqual(expectedSet, makeSet(q.PendingPods())) { + t.Error("Unexpected list of pending Pods...") } } @@ -954,8 +962,8 @@ func TestHighProirotyFlushUnschedulableQLeftover(t *testing.T) { }, } - q.unschedulableQ.addOrUpdate(&highPod) - q.unschedulableQ.addOrUpdate(&midPod) + addOrUpdateUnschedulablePod(q, &highPod) + addOrUpdateUnschedulablePod(q, &midPod) // Update pod condition to highPod. podutil.UpdatePodCondition(&highPod.Status, &v1.PodCondition{ diff --git a/pkg/scheduler/testutil.go b/pkg/scheduler/testutil.go index 641bf88cf5a..86a89f6fd13 100644 --- a/pkg/scheduler/testutil.go +++ b/pkg/scheduler/testutil.go @@ -92,7 +92,7 @@ func (fc *FakeConfigurator) CreateFromKeys(predicateKeys, priorityKeys sets.Stri return fc.Config, nil } -// EmptyPluginSet is the default plugin restirar used by the default scheduler. +// EmptyPluginSet is the default plugin registrar used by the default scheduler. type EmptyPluginSet struct{} var _ = plugins.PluginSet(EmptyPluginSet{}) diff --git a/pkg/security/podsecuritypolicy/OWNERS b/pkg/security/podsecuritypolicy/OWNERS index 787630abd2f..f558c884f12 100644 --- a/pkg/security/podsecuritypolicy/OWNERS +++ b/pkg/security/podsecuritypolicy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-policy-approvers reviewers: diff --git a/pkg/securitycontext/util.go b/pkg/securitycontext/util.go index 07489baf56e..f324f7d1216 100644 --- a/pkg/securitycontext/util.go +++ b/pkg/securitycontext/util.go @@ -17,9 +17,6 @@ limitations under the License. package securitycontext import ( - "fmt" - "strings" - "k8s.io/api/core/v1" ) @@ -47,26 +44,6 @@ func HasCapabilitiesRequest(container *v1.Container) bool { return len(container.SecurityContext.Capabilities.Add) > 0 || len(container.SecurityContext.Capabilities.Drop) > 0 } -const expectedSELinuxFields = 4 - -// ParseSELinuxOptions parses a string containing a full SELinux context -// (user, role, type, and level) into an SELinuxOptions object. If the -// context is malformed, an error is returned. -func ParseSELinuxOptions(context string) (*v1.SELinuxOptions, error) { - fields := strings.SplitN(context, ":", expectedSELinuxFields) - - if len(fields) != expectedSELinuxFields { - return nil, fmt.Errorf("expected %v fields in selinux; got %v (context: %v)", expectedSELinuxFields, len(fields), context) - } - - return &v1.SELinuxOptions{ - User: fields[0], - Role: fields[1], - Type: fields[2], - Level: fields[3], - }, nil -} - func DetermineEffectiveSecurityContext(pod *v1.Pod, container *v1.Container) *v1.SecurityContext { effectiveSc := securityContextFromPodSecurityContext(pod) containerSc := container.SecurityContext diff --git a/pkg/securitycontext/util_test.go b/pkg/securitycontext/util_test.go index 21eafb51e4d..0f875334d42 100644 --- a/pkg/securitycontext/util_test.go +++ b/pkg/securitycontext/util_test.go @@ -23,68 +23,6 @@ import ( "k8s.io/api/core/v1" ) -func TestParseSELinuxOptions(t *testing.T) { - cases := []struct { - name string - input string - expected *v1.SELinuxOptions - }{ - { - name: "simple", - input: "user_t:role_t:type_t:s0", - expected: &v1.SELinuxOptions{ - User: "user_t", - Role: "role_t", - Type: "type_t", - Level: "s0", - }, - }, - { - name: "simple + categories", - input: "user_t:role_t:type_t:s0:c0", - expected: &v1.SELinuxOptions{ - User: "user_t", - Role: "role_t", - Type: "type_t", - Level: "s0:c0", - }, - }, - { - name: "not enough fields", - input: "type_t:s0:c0", - }, - } - - for _, tc := range cases { - result, err := ParseSELinuxOptions(tc.input) - - if err != nil { - if tc.expected == nil { - continue - } else { - t.Errorf("%v: unexpected error: %v", tc.name, err) - } - } - - compareContexts(tc.name, tc.expected, result, t) - } -} - -func compareContexts(name string, ex, ac *v1.SELinuxOptions, t *testing.T) { - if e, a := ex.User, ac.User; e != a { - t.Errorf("%v: expected user: %v, got: %v", name, e, a) - } - if e, a := ex.Role, ac.Role; e != a { - t.Errorf("%v: expected role: %v, got: %v", name, e, a) - } - if e, a := ex.Type, ac.Type; e != a { - t.Errorf("%v: expected type: %v, got: %v", name, e, a) - } - if e, a := ex.Level, ac.Level; e != a { - t.Errorf("%v: expected level: %v, got: %v", name, e, a) - } -} - func TestAddNoNewPrivileges(t *testing.T) { pfalse := false ptrue := true diff --git a/pkg/serviceaccount/OWNERS b/pkg/serviceaccount/OWNERS index d914c0d7195..c6c376de4e1 100644 --- a/pkg/serviceaccount/OWNERS +++ b/pkg/serviceaccount/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-serviceaccounts-approvers reviewers: diff --git a/pkg/util/coverage/OWNERS b/pkg/util/coverage/OWNERS index f517735525c..87df89cdb57 100644 --- a/pkg/util/coverage/OWNERS +++ b/pkg/util/coverage/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - bentheelder - spiffxp diff --git a/pkg/util/goroutinemap/OWNERS b/pkg/util/goroutinemap/OWNERS index 9d44e9cec07..1bbf5cf2efa 100644 --- a/pkg/util/goroutinemap/OWNERS +++ b/pkg/util/goroutinemap/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali reviewers: diff --git a/pkg/util/ipset/OWNERS b/pkg/util/ipset/OWNERS index 32ba0746b78..bda6c6ad919 100644 --- a/pkg/util/ipset/OWNERS +++ b/pkg/util/ipset/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - brendandburns @@ -7,3 +9,5 @@ approvers: - thockin - brendandburns - m1093782566 +labels: +- sig/network diff --git a/pkg/util/iptables/OWNERS b/pkg/util/iptables/OWNERS index 55d0a0de083..fc29299e675 100644 --- a/pkg/util/iptables/OWNERS +++ b/pkg/util/iptables/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - dcbw - thockin @@ -7,3 +9,5 @@ approvers: - dcbw - thockin - eparis +labels: +- sig/network diff --git a/pkg/util/ipvs/OWNERS b/pkg/util/ipvs/OWNERS index fce2911d6a2..1acba6eb4d5 100644 --- a/pkg/util/ipvs/OWNERS +++ b/pkg/util/ipvs/OWNERS @@ -1,7 +1,10 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - m1093782566 approvers: - thockin - m1093782566 - +labels: +- sig/network diff --git a/pkg/util/mount/OWNERS b/pkg/util/mount/OWNERS index 2d6f262fbff..c8821ce7354 100644 --- a/pkg/util/mount/OWNERS +++ b/pkg/util/mount/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - jingxu97 - saad-ali diff --git a/pkg/util/mount/mount_windows.go b/pkg/util/mount/mount_windows.go index 89d09c45ab9..917d0ce5114 100644 --- a/pkg/util/mount/mount_windows.go +++ b/pkg/util/mount/mount_windows.go @@ -49,12 +49,13 @@ func New(mounterPath string) Interface { } } -// Mount : mounts source to target as NTFS with given options. +// Mount : mounts source to target with given options. +// currently only supports cifs(smb), bind mount(for disk) func (mounter *Mounter) Mount(source string, target string, fstype string, options []string) error { target = normalizeWindowsPath(target) if source == "tmpfs" { - klog.V(3).Infof("azureMount: mounting source (%q), target (%q), with options (%q)", source, target, options) + klog.V(3).Infof("mounting source (%q), target (%q), with options (%q)", source, target, options) return os.MkdirAll(target, 0755) } @@ -63,9 +64,9 @@ func (mounter *Mounter) Mount(source string, target string, fstype string, optio return err } - klog.V(4).Infof("azureMount: mount options(%q) source:%q, target:%q, fstype:%q, begin to mount", + klog.V(4).Infof("mount options(%q) source:%q, target:%q, fstype:%q, begin to mount", options, source, target, fstype) - bindSource := "" + bindSource := source // tell it's going to mount azure disk or azure file according to options if bind, _, _ := isBind(options); bind { @@ -73,31 +74,28 @@ func (mounter *Mounter) Mount(source string, target string, fstype string, optio bindSource = normalizeWindowsPath(source) } else { if len(options) < 2 { - klog.Warningf("azureMount: mount options(%q) command number(%d) less than 2, source:%q, target:%q, skip mounting", + klog.Warningf("mount options(%q) command number(%d) less than 2, source:%q, target:%q, skip mounting", options, len(options), source, target) return nil } // currently only cifs mount is supported if strings.ToLower(fstype) != "cifs" { - return fmt.Errorf("azureMount: only cifs mount is supported now, fstype: %q, mounting source (%q), target (%q), with options (%q)", fstype, source, target, options) + return fmt.Errorf("only cifs mount is supported now, fstype: %q, mounting source (%q), target (%q), with options (%q)", fstype, source, target, options) } - bindSource = source - - // use PowerShell Environment Variables to store user input string to prevent command line injection - // https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_environment_variables?view=powershell-5.1 - cmdLine := fmt.Sprintf(`$PWord = ConvertTo-SecureString -String $Env:smbpassword -AsPlainText -Force` + - `;$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Env:smbuser, $PWord` + - `;New-SmbGlobalMapping -RemotePath $Env:smbremotepath -Credential $Credential`) - - cmd := exec.Command("powershell", "/c", cmdLine) - cmd.Env = append(os.Environ(), - fmt.Sprintf("smbuser=%s", options[0]), - fmt.Sprintf("smbpassword=%s", options[1]), - fmt.Sprintf("smbremotepath=%s", source)) - if output, err := cmd.CombinedOutput(); err != nil { - return fmt.Errorf("azureMount: SmbGlobalMapping failed: %v, only SMB mount is supported now, output: %q", err, string(output)) + if output, err := newSMBMapping(options[0], options[1], source); err != nil { + if isSMBMappingExist(source) { + klog.V(2).Infof("SMB Mapping(%s) already exists, now begin to remove and remount", source) + if output, err := removeSMBMapping(source); err != nil { + return fmt.Errorf("Remove-SmbGlobalMapping failed: %v, output: %q", err, output) + } + if output, err := newSMBMapping(options[0], options[1], source); err != nil { + return fmt.Errorf("New-SmbGlobalMapping remount failed: %v, output: %q", err, output) + } + } else { + return fmt.Errorf("New-SmbGlobalMapping failed: %v, output: %q", err, output) + } } } @@ -109,6 +107,44 @@ func (mounter *Mounter) Mount(source string, target string, fstype string, optio return nil } +// do the SMB mount with username, password, remotepath +// return (output, error) +func newSMBMapping(username, password, remotepath string) (string, error) { + if username == "" || password == "" || remotepath == "" { + return "", fmt.Errorf("invalid parameter(username: %s, password: %s, remoteapth: %s)", username, password, remotepath) + } + + // use PowerShell Environment Variables to store user input string to prevent command line injection + // https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_environment_variables?view=powershell-5.1 + cmdLine := `$PWord = ConvertTo-SecureString -String $Env:smbpassword -AsPlainText -Force` + + `;$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Env:smbuser, $PWord` + + `;New-SmbGlobalMapping -RemotePath $Env:smbremotepath -Credential $Credential` + cmd := exec.Command("powershell", "/c", cmdLine) + cmd.Env = append(os.Environ(), + fmt.Sprintf("smbuser=%s", username), + fmt.Sprintf("smbpassword=%s", password), + fmt.Sprintf("smbremotepath=%s", remotepath)) + + output, err := cmd.CombinedOutput() + return string(output), err +} + +// check whether remotepath is already mounted +func isSMBMappingExist(remotepath string) bool { + cmd := exec.Command("powershell", "/c", `Get-SmbGlobalMapping -RemotePath $Env:smbremotepath`) + cmd.Env = append(os.Environ(), fmt.Sprintf("smbremotepath=%s", remotepath)) + _, err := cmd.CombinedOutput() + return err == nil +} + +// remove SMB mapping +func removeSMBMapping(remotepath string) (string, error) { + cmd := exec.Command("powershell", "/c", `Remove-SmbGlobalMapping -RemotePath $Env:smbremotepath -Force`) + cmd.Env = append(os.Environ(), fmt.Sprintf("smbremotepath=%s", remotepath)) + output, err := cmd.CombinedOutput() + return string(output), err +} + // Unmount unmounts the target. func (mounter *Mounter) Unmount(target string) error { klog.V(4).Infof("azureMount: Unmount target (%q)", target) diff --git a/pkg/util/mount/mount_windows_test.go b/pkg/util/mount/mount_windows_test.go index c70f2778609..e918f3f9efa 100644 --- a/pkg/util/mount/mount_windows_test.go +++ b/pkg/util/mount/mount_windows_test.go @@ -788,3 +788,40 @@ func TestFormatAndMount(t *testing.T) { } } } + +func TestNewSMBMapping(t *testing.T) { + tests := []struct { + username string + password string + remotepath string + expectError bool + }{ + { + "", + "password", + `\\remotepath`, + true, + }, + { + "username", + "", + `\\remotepath`, + true, + }, + { + "username", + "password", + "", + true, + }, + } + + for _, test := range tests { + _, err := newSMBMapping(test.username, test.password, test.remotepath) + if test.expectError { + assert.NotNil(t, err, "Expect error during newSMBMapping(%s, %s, %s, %v)", test.username, test.password, test.remotepath) + } else { + assert.Nil(t, err, "Expect error is nil during newSMBMapping(%s, %s, %s, %v)", test.username, test.password, test.remotepath) + } + } +} diff --git a/pkg/util/node/BUILD b/pkg/util/node/BUILD index 7e1696cefea..08692c148a7 100644 --- a/pkg/util/node/BUILD +++ b/pkg/util/node/BUILD @@ -11,7 +11,6 @@ go_library( srcs = ["node.go"], importpath = "k8s.io/kubernetes/pkg/util/node", deps = [ - "//pkg/kubelet/apis:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", @@ -27,7 +26,6 @@ go_test( srcs = ["node_test.go"], embed = [":go_default_library"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", ], diff --git a/pkg/util/node/node.go b/pkg/util/node/node.go index ce9ce636a9d..087a0bc82dd 100644 --- a/pkg/util/node/node.go +++ b/pkg/util/node/node.go @@ -32,7 +32,6 @@ import ( "k8s.io/apimachinery/pkg/util/strategicpatch" clientset "k8s.io/client-go/kubernetes" v1core "k8s.io/client-go/kubernetes/typed/core/v1" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) const ( @@ -130,8 +129,8 @@ func GetZoneKey(node *v1.Node) string { return "" } - region, _ := labels[kubeletapis.LabelZoneRegion] - failureDomain, _ := labels[kubeletapis.LabelZoneFailureDomain] + region, _ := labels[v1.LabelZoneRegion] + failureDomain, _ := labels[v1.LabelZoneFailureDomain] if region == "" && failureDomain == "" { return "" diff --git a/pkg/util/node/node_test.go b/pkg/util/node/node_test.go index 964bf732792..2d7d2d62775 100644 --- a/pkg/util/node/node_test.go +++ b/pkg/util/node/node_test.go @@ -21,7 +21,6 @@ import ( "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) func TestGetPreferredAddress(t *testing.T) { @@ -53,7 +52,7 @@ func TestGetPreferredAddress(t *testing.T) { ExpectAddress: "1.2.3.5", }, "found hostname address": { - Labels: map[string]string{kubeletapis.LabelHostname: "label-hostname"}, + Labels: map[string]string{v1.LabelHostname: "label-hostname"}, Addresses: []v1.NodeAddress{ {Type: v1.NodeExternalIP, Address: "1.2.3.5"}, {Type: v1.NodeHostName, Address: "status-hostname"}, @@ -62,7 +61,7 @@ func TestGetPreferredAddress(t *testing.T) { ExpectAddress: "status-hostname", }, "label address ignored": { - Labels: map[string]string{kubeletapis.LabelHostname: "label-hostname"}, + Labels: map[string]string{v1.LabelHostname: "label-hostname"}, Addresses: []v1.NodeAddress{ {Type: v1.NodeExternalIP, Address: "1.2.3.5"}, }, diff --git a/pkg/volume/OWNERS b/pkg/volume/OWNERS index 67d216eb056..c655baa605c 100644 --- a/pkg/volume/OWNERS +++ b/pkg/volume/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - thockin diff --git a/pkg/volume/awsebs/BUILD b/pkg/volume/awsebs/BUILD index 92bd082e7a9..2186097271b 100644 --- a/pkg/volume/awsebs/BUILD +++ b/pkg/volume/awsebs/BUILD @@ -30,6 +30,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/strings:go_default_library", ], diff --git a/pkg/volume/awsebs/OWNERS b/pkg/volume/awsebs/OWNERS index daa4c09affe..002a3cb5c1c 100644 --- a/pkg/volume/awsebs/OWNERS +++ b/pkg/volume/awsebs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - gnufied - jingxu97 diff --git a/pkg/volume/awsebs/attacher.go b/pkg/volume/awsebs/attacher.go index 1f5eeebc563..0cf2062573d 100644 --- a/pkg/volume/awsebs/attacher.go +++ b/pkg/volume/awsebs/attacher.go @@ -277,6 +277,10 @@ func (detacher *awsElasticBlockStoreDetacher) UnmountDevice(deviceMountPath stri return mount.CleanupMountPoint(deviceMountPath, detacher.mounter, false) } +func (plugin *awsElasticBlockStorePlugin) CanAttach(spec *volume.Spec) bool { + return true +} + func setNodeDisk( nodeDiskMap map[types.NodeName]map[*volume.Spec]bool, volumeSpec *volume.Spec, diff --git a/pkg/volume/awsebs/aws_util.go b/pkg/volume/awsebs/aws_util.go index 812c061c0f3..67fe8d9cb47 100644 --- a/pkg/volume/awsebs/aws_util.go +++ b/pkg/volume/awsebs/aws_util.go @@ -30,6 +30,7 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/util/sets" cloudprovider "k8s.io/cloud-provider" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/kubernetes/pkg/cloudprovider/providers/aws" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" @@ -132,7 +133,7 @@ func (util *AWSDiskUtil) CreateVolume(c *awsElasticBlockStoreProvisioner, node * // returns volumeOptions for EBS based on storageclass parameters and node configuration func populateVolumeOptions(pluginName, pvcName string, capacityGB resource.Quantity, tags map[string]string, storageParams map[string]string, node *v1.Node, allowedTopologies []v1.TopologySelectorTerm, zonesWithNodes sets.String) (*aws.VolumeOptions, error) { - requestGiB, err := volumeutil.RoundUpToGiBInt(capacityGB) + requestGiB, err := volumehelpers.RoundUpToGiBInt(capacityGB) if err != nil { return nil, err } @@ -157,7 +158,7 @@ func populateVolumeOptions(pluginName, pvcName string, capacityGB resource.Quant zone = v case "zones": zonesPresent = true - zones, err = volumeutil.ZonesToSet(v) + zones, err = volumehelpers.ZonesToSet(v) if err != nil { return nil, fmt.Errorf("error parsing zones %s, must be strings separated by commas: %v", zones, err) } @@ -180,7 +181,7 @@ func populateVolumeOptions(pluginName, pvcName string, capacityGB resource.Quant } } - volumeOptions.AvailabilityZone, err = volumeutil.SelectZoneForVolume(zonePresent, zonesPresent, zone, zones, zonesWithNodes, node, allowedTopologies, pvcName) + volumeOptions.AvailabilityZone, err = volumehelpers.SelectZoneForVolume(zonePresent, zonesPresent, zone, zones, zonesWithNodes, node, allowedTopologies, pvcName) if err != nil { return nil, err } diff --git a/pkg/volume/azure_dd/BUILD b/pkg/volume/azure_dd/BUILD index 74dd5b980ae..d45498cd240 100644 --- a/pkg/volume/azure_dd/BUILD +++ b/pkg/volume/azure_dd/BUILD @@ -24,7 +24,6 @@ go_library( "//pkg/apis/core:go_default_library", "//pkg/cloudprovider/providers/azure:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/volume:go_default_library", "//pkg/volume/util:go_default_library", @@ -37,6 +36,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-10-01/compute:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/pkg/volume/azure_dd/OWNERS b/pkg/volume/azure_dd/OWNERS old mode 100755 new mode 100644 index 635cdd060b4..af9e45f73f1 --- a/pkg/volume/azure_dd/OWNERS +++ b/pkg/volume/azure_dd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - andyzhangx - brendandburns diff --git a/pkg/volume/azure_dd/azure_dd.go b/pkg/volume/azure_dd/azure_dd.go index 0a2dfa18420..b130c3ca355 100644 --- a/pkg/volume/azure_dd/azure_dd.go +++ b/pkg/volume/azure_dd/azure_dd.go @@ -235,6 +235,10 @@ func (plugin *azureDataDiskPlugin) NewDetacher() (volume.Detacher, error) { }, nil } +func (plugin *azureDataDiskPlugin) CanAttach(spec *volume.Spec) bool { + return true +} + func (plugin *azureDataDiskPlugin) NewDeleter(spec *volume.Spec) (volume.Deleter, error) { volumeSource, _, err := getVolumeSource(spec) if err != nil { diff --git a/pkg/volume/azure_dd/azure_provision.go b/pkg/volume/azure_dd/azure_provision.go index c915f7b47c9..ffe3e77e8b6 100644 --- a/pkg/volume/azure_dd/azure_provision.go +++ b/pkg/volume/azure_dd/azure_provision.go @@ -28,9 +28,9 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" utilfeature "k8s.io/apiserver/pkg/util/feature" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/kubernetes/pkg/cloudprovider/providers/azure" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume/util" ) @@ -135,7 +135,7 @@ func (p *azureDiskProvisioner) Provision(selectedNode *v1.Node, allowedTopologie // maxLength = 79 - (4 for ".vhd") = 75 name := util.GenerateVolumeName(p.options.ClusterName, p.options.PVName, 75) capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] - requestGiB, err := util.RoundUpToGiBInt(capacity) + requestGiB, err := volumehelpers.RoundUpToGiBInt(capacity) if err != nil { return nil, err } @@ -163,7 +163,7 @@ func (p *azureDiskProvisioner) Provision(selectedNode *v1.Node, allowedTopologie availabilityZone = v case "zones": zonesPresent = true - availabilityZones, err = util.ZonesToSet(v) + availabilityZones, err = volumehelpers.ZonesToSet(v) if err != nil { return nil, fmt.Errorf("error parsing zones %s, must be strings separated by commas: %v", v, err) } @@ -225,7 +225,7 @@ func (p *azureDiskProvisioner) Provision(selectedNode *v1.Node, allowedTopologie } if availabilityZone != "" || availabilityZones.Len() != 0 || activeZones.Len() != 0 || len(allowedTopologies) != 0 { - selectedAvailabilityZone, err = util.SelectZoneForVolume(zonePresent, zonesPresent, availabilityZone, availabilityZones, activeZones, selectedNode, allowedTopologies, p.options.PVC.Name) + selectedAvailabilityZone, err = volumehelpers.SelectZoneForVolume(zonePresent, zonesPresent, availabilityZone, availabilityZones, activeZones, selectedNode, allowedTopologies, p.options.PVC.Name) if err != nil { return nil, err } @@ -333,12 +333,12 @@ func (p *azureDiskProvisioner) Provision(selectedNode *v1.Node, allowedTopologie for i := 0; i < 3; i++ { requirements := []v1.NodeSelectorRequirement{ { - Key: kubeletapis.LabelZoneRegion, + Key: v1.LabelZoneRegion, Operator: v1.NodeSelectorOpIn, Values: []string{diskController.GetLocation()}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: v1.NodeSelectorOpIn, Values: []string{strconv.Itoa(i)}, }, diff --git a/pkg/volume/azure_file/BUILD b/pkg/volume/azure_file/BUILD index bfa63a9b61b..aa15bf7ec9c 100644 --- a/pkg/volume/azure_file/BUILD +++ b/pkg/volume/azure_file/BUILD @@ -26,6 +26,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2018-07-01/storage:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/strings:go_default_library", diff --git a/pkg/volume/azure_file/OWNERS b/pkg/volume/azure_file/OWNERS index c71485c993a..f31baacd7f2 100644 --- a/pkg/volume/azure_file/OWNERS +++ b/pkg/volume/azure_file/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - andyzhangx - brendandburns diff --git a/pkg/volume/azure_file/azure_file.go b/pkg/volume/azure_file/azure_file.go index 92984f8f039..32a849612c4 100644 --- a/pkg/volume/azure_file/azure_file.go +++ b/pkg/volume/azure_file/azure_file.go @@ -27,6 +27,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" cloudprovider "k8s.io/cloud-provider" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/cloudprovider/providers/azure" "k8s.io/kubernetes/pkg/util/mount" @@ -173,7 +174,7 @@ func (plugin *azureFilePlugin) ExpandVolumeDevice( return oldSize, err } - if err := azure.ResizeFileShare(accountName, accountKey, shareName, int(volutil.RoundUpToGiB(newSize))); err != nil { + if err := azure.ResizeFileShare(accountName, accountKey, shareName, int(volumehelpers.RoundUpToGiB(newSize))); err != nil { return oldSize, err } diff --git a/pkg/volume/azure_file/azure_provision.go b/pkg/volume/azure_file/azure_provision.go index dab5ff341ac..dd687c72f99 100644 --- a/pkg/volume/azure_file/azure_provision.go +++ b/pkg/volume/azure_file/azure_provision.go @@ -27,6 +27,7 @@ import ( "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" cloudprovider "k8s.io/cloud-provider" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/kubernetes/pkg/cloudprovider/providers/azure" "k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume/util" @@ -147,8 +148,7 @@ func (a *azureFileProvisioner) Provision(selectedNode *v1.Node, allowedTopologie name := util.GenerateVolumeName(a.options.ClusterName, a.options.PVName, 63) name = strings.Replace(name, "--", "-", -1) capacity := a.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] - requestBytes := capacity.Value() - requestGiB := int(util.RoundUpSize(requestBytes, 1024*1024*1024)) + requestGiB := int(volumehelpers.RoundUpToGiB(capacity)) secretNamespace := a.options.PVC.Namespace // Apply ProvisionerParameters (case-insensitive). We leave validation of // the values to the cloud provider. diff --git a/pkg/volume/cephfs/OWNERS b/pkg/volume/cephfs/OWNERS index 5562ca53f16..7f2065bec2e 100644 --- a/pkg/volume/cephfs/OWNERS +++ b/pkg/volume/cephfs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - rootfs - jsafrane diff --git a/pkg/volume/cinder/BUILD b/pkg/volume/cinder/BUILD index 8b99eb6451c..3c955991a02 100644 --- a/pkg/volume/cinder/BUILD +++ b/pkg/volume/cinder/BUILD @@ -19,7 +19,6 @@ go_library( deps = [ "//pkg/cloudprovider/providers/openstack:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/volume:go_default_library", "//pkg/volume/util:go_default_library", @@ -33,6 +32,7 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/exec:go_default_library", "//vendor/k8s.io/utils/keymutex:go_default_library", @@ -49,7 +49,6 @@ go_test( ], embed = [":go_default_library"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/volume:go_default_library", "//pkg/volume/testing:go_default_library", diff --git a/pkg/volume/cinder/OWNERS b/pkg/volume/cinder/OWNERS index d8cc02546b2..0e41158224c 100644 --- a/pkg/volume/cinder/OWNERS +++ b/pkg/volume/cinder/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - jsafrane - anguslees diff --git a/pkg/volume/cinder/attacher.go b/pkg/volume/cinder/attacher.go index 06dab4fbf86..218aaeeb53a 100644 --- a/pkg/volume/cinder/attacher.go +++ b/pkg/volume/cinder/attacher.go @@ -406,6 +406,10 @@ func (detacher *cinderDiskDetacher) UnmountDevice(deviceMountPath string) error return mount.CleanupMountPoint(deviceMountPath, detacher.mounter, false) } +func (plugin *cinderPlugin) CanAttach(spec *volume.Spec) bool { + return true +} + func (attacher *cinderDiskAttacher) nodeInstanceID(nodeName types.NodeName) (string, error) { instances, res := attacher.cinderProvider.Instances() if !res { diff --git a/pkg/volume/cinder/cinder_test.go b/pkg/volume/cinder/cinder_test.go index 7a4a5266771..df1b08f8839 100644 --- a/pkg/volume/cinder/cinder_test.go +++ b/pkg/volume/cinder/cinder_test.go @@ -26,7 +26,6 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" utiltesting "k8s.io/client-go/util/testing" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" volumetest "k8s.io/kubernetes/pkg/volume/testing" @@ -119,7 +118,7 @@ func (fake *fakePDManager) DetachDisk(c *cinderVolumeUnmounter) error { func (fake *fakePDManager) CreateVolume(c *cinderVolumeProvisioner, node *v1.Node, allowedTopologies []v1.TopologySelectorTerm) (volumeID string, volumeSizeGB int, labels map[string]string, fstype string, err error) { labels = make(map[string]string) - labels[kubeletapis.LabelZoneFailureDomain] = "nova" + labels[v1.LabelZoneFailureDomain] = "nova" return "test-volume-name", 1, labels, "", nil } @@ -234,7 +233,7 @@ func TestPlugin(t *testing.T) { req := persistentSpec.Spec.NodeAffinity.Required.NodeSelectorTerms[0].MatchExpressions[0] - if req.Key != kubeletapis.LabelZoneFailureDomain { + if req.Key != v1.LabelZoneFailureDomain { t.Errorf("Provision() returned unexpected requirement key in NodeAffinity %v", req.Key) } diff --git a/pkg/volume/cinder/cinder_util.go b/pkg/volume/cinder/cinder_util.go index 57c5254e80b..7c461473178 100644 --- a/pkg/volume/cinder/cinder_util.go +++ b/pkg/volume/cinder/cinder_util.go @@ -30,7 +30,7 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" clientset "k8s.io/client-go/kubernetes" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/kubernetes/pkg/volume" volutil "k8s.io/kubernetes/pkg/volume/util" "k8s.io/utils/exec" @@ -153,7 +153,7 @@ func getZonesFromNodes(kubeClient clientset.Interface) (sets.String, error) { return zones, err } for _, node := range nodes.Items { - if zone, ok := node.Labels[kubeletapis.LabelZoneFailureDomain]; ok { + if zone, ok := node.Labels[v1.LabelZoneFailureDomain]; ok { zones.Insert(zone) } } @@ -170,7 +170,7 @@ func (util *DiskUtil) CreateVolume(c *cinderVolumeProvisioner, node *v1.Node, al capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] // Cinder works with gigabytes, convert to GiB with rounding up - volSizeGiB, err := volutil.RoundUpToGiBInt(capacity) + volSizeGiB, err := volumehelpers.RoundUpToGiBInt(capacity) if err != nil { return "", 0, nil, "", err } @@ -207,7 +207,7 @@ func (util *DiskUtil) CreateVolume(c *cinderVolumeProvisioner, node *v1.Node, al // if we did not get any zones, lets leave it blank and gophercloud will // use zone "nova" as default if len(zones) > 0 { - availability, err = volutil.SelectZoneForVolume(false, false, "", nil, zones, node, allowedTopologies, c.options.PVC.Name) + availability, err = volumehelpers.SelectZoneForVolume(false, false, "", nil, zones, node, allowedTopologies, c.options.PVC.Name) if err != nil { klog.V(2).Infof("error selecting zone for volume: %v", err) return "", 0, nil, "", err @@ -226,10 +226,10 @@ func (util *DiskUtil) CreateVolume(c *cinderVolumeProvisioner, node *v1.Node, al volumeLabels = make(map[string]string) if IgnoreVolumeAZ == false { if volumeAZ != "" { - volumeLabels[kubeletapis.LabelZoneFailureDomain] = volumeAZ + volumeLabels[v1.LabelZoneFailureDomain] = volumeAZ } if volumeRegion != "" { - volumeLabels[kubeletapis.LabelZoneRegion] = volumeRegion + volumeLabels[v1.LabelZoneRegion] = volumeRegion } } return volumeID, volSizeGiB, volumeLabels, fstype, nil diff --git a/pkg/volume/configmap/OWNERS b/pkg/volume/configmap/OWNERS index baaff6ff460..93c0d5e773d 100644 --- a/pkg/volume/configmap/OWNERS +++ b/pkg/volume/configmap/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/csi/BUILD b/pkg/volume/csi/BUILD index d2e218ef380..a0dd1c8e6bf 100644 --- a/pkg/volume/csi/BUILD +++ b/pkg/volume/csi/BUILD @@ -6,6 +6,7 @@ go_library( "csi_attacher.go", "csi_block.go", "csi_client.go", + "csi_drivers_store.go", "csi_mounter.go", "csi_plugin.go", "csi_util.go", @@ -44,6 +45,7 @@ go_test( "csi_attacher_test.go", "csi_block_test.go", "csi_client_test.go", + "csi_drivers_store_test.go", "csi_mounter_test.go", "csi_plugin_test.go", ], diff --git a/pkg/volume/csi/OWNERS b/pkg/volume/csi/OWNERS index 7d0605ba3dd..668ad7b2b14 100644 --- a/pkg/volume/csi/OWNERS +++ b/pkg/volume/csi/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - jsafrane - saad-ali diff --git a/pkg/volume/csi/csi_attacher.go b/pkg/volume/csi/csi_attacher.go index d13a7310120..68464eace8c 100644 --- a/pkg/volume/csi/csi_attacher.go +++ b/pkg/volume/csi/csi_attacher.go @@ -69,16 +69,6 @@ func (c *csiAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) (string return "", err } - skip, err := c.plugin.skipAttach(csiSource.Driver) - if err != nil { - klog.Error(log("attacher.Attach failed to find if driver is attachable: %v", err)) - return "", err - } - if skip { - klog.V(4).Infof(log("skipping attach for driver %s", csiSource.Driver)) - return "", nil - } - node := string(nodeName) pvName := spec.PersistentVolume.GetName() attachID := getAttachmentName(csiSource.VolumeHandle, csiSource.Driver, node) @@ -131,16 +121,6 @@ func (c *csiAttacher) WaitForAttach(spec *volume.Spec, _ string, pod *v1.Pod, ti attachID := getAttachmentName(source.VolumeHandle, source.Driver, string(c.plugin.host.GetNodeName())) - skip, err := c.plugin.skipAttach(source.Driver) - if err != nil { - klog.Error(log("attacher.Attach failed to find if driver is attachable: %v", err)) - return "", err - } - if skip { - klog.V(4).Infof(log("Driver is not attachable, skip waiting for attach")) - return "", nil - } - return c.waitForVolumeAttachment(source.VolumeHandle, attachID, timeout) } @@ -405,20 +385,38 @@ var _ volume.Detacher = &csiAttacher{} var _ volume.DeviceUnmounter = &csiAttacher{} func (c *csiAttacher) Detach(volumeName string, nodeName types.NodeName) error { - // volumeName in format driverNamevolumeHandle generated by plugin.GetVolumeName() + var attachID string + var volID string + if volumeName == "" { klog.Error(log("detacher.Detach missing value for parameter volumeName")) return errors.New("missing expected parameter volumeName") } - parts := strings.Split(volumeName, volNameSep) - if len(parts) != 2 { - klog.Error(log("detacher.Detach insufficient info encoded in volumeName")) - return errors.New("volumeName missing expected data") + + if isAttachmentName(volumeName) { + // Detach can also be called with the attach ID as the `volumeName`. This codepath is + // hit only when we have migrated an in-tree volume to CSI and the A/D Controller is shut + // down, the pod with the volume is deleted, and the A/D Controller starts back up in that + // order. + attachID = volumeName + + // Vol ID should be the volume handle, except that is not available here. + // It is only used in log messages so in the event that this happens log messages will be + // printing out the attachID instead of the volume handle. + volID = volumeName + } else { + // volumeName in format driverNamevolumeHandle generated by plugin.GetVolumeName() + parts := strings.Split(volumeName, volNameSep) + if len(parts) != 2 { + klog.Error(log("detacher.Detach insufficient info encoded in volumeName")) + return errors.New("volumeName missing expected data") + } + + driverName := parts[0] + volID = parts[1] + attachID = getAttachmentName(volID, driverName, string(nodeName)) } - driverName := parts[0] - volID := parts[1] - attachID := getAttachmentName(volID, driverName, string(nodeName)) if err := c.k8s.StorageV1beta1().VolumeAttachments().Delete(attachID, nil); err != nil { if apierrs.IsNotFound(err) { // object deleted or never existed, done @@ -570,12 +568,22 @@ func (c *csiAttacher) UnmountDevice(deviceMountPath string) error { return nil } -// getAttachmentName returns csi- +// getAttachmentName returns csi- func getAttachmentName(volName, csiDriverName, nodeName string) string { result := sha256.Sum256([]byte(fmt.Sprintf("%s%s%s", volName, csiDriverName, nodeName))) return fmt.Sprintf("csi-%x", result) } +// isAttachmentName returns true if the string given is of the form of an Attach ID +// and false otherwise +func isAttachmentName(unknownString string) bool { + // 68 == "csi-" + len(sha256hash) + if strings.HasPrefix(unknownString, "csi-") && len(unknownString) == 68 { + return true + } + return false +} + func makeDeviceMountPath(plugin *csiPlugin, spec *volume.Spec) (string, error) { if spec == nil { return "", fmt.Errorf("makeDeviceMountPath failed, spec is nil") diff --git a/pkg/volume/csi/csi_attacher_test.go b/pkg/volume/csi/csi_attacher_test.go index c34008b6244..6715a53f9c1 100644 --- a/pkg/volume/csi/csi_attacher_test.go +++ b/pkg/volume/csi/csi_attacher_test.go @@ -251,6 +251,16 @@ func TestAttacherWithCSIDriver(t *testing.T) { csiAttacher := attacher.(*csiAttacher) spec := volume.NewSpecFromPersistentVolume(makeTestPV("test-pv", 10, test.driver, "test-vol"), false) + pluginCanAttach := plug.CanAttach(spec) + if pluginCanAttach != test.expectVolumeAttachment { + t.Errorf("attacher.CanAttach does not match expected attachment status %t", test.expectVolumeAttachment) + } + + if !pluginCanAttach { + t.Log("plugin is not attachable") + return + } + expectedAttachID := getAttachmentName("test-vol", test.driver, "node") status := storage.VolumeAttachmentStatus{ Attached: true, @@ -258,6 +268,7 @@ func TestAttacherWithCSIDriver(t *testing.T) { if test.expectVolumeAttachment { go markVolumeAttached(t, csiAttacher.k8s, fakeWatcher, expectedAttachID, status) } + attachID, err := csiAttacher.Attach(spec, types.NodeName("node")) if err != nil { t.Errorf("Attach() failed: %s", err) @@ -321,6 +332,13 @@ func TestAttacherWaitForVolumeAttachmentWithCSIDriver(t *testing.T) { } csiAttacher := attacher.(*csiAttacher) spec := volume.NewSpecFromPersistentVolume(makeTestPV("test-pv", 10, test.driver, "test-vol"), false) + + pluginCanAttach := plug.CanAttach(spec) + if !pluginCanAttach { + t.Log("plugin is not attachable") + return + } + _, err = csiAttacher.WaitForAttach(spec, "", nil, time.Second) if err != nil && !test.expectError { t.Errorf("Unexpected error: %s", err) @@ -986,9 +1004,9 @@ func newTestWatchPlugin(t *testing.T, csiClient *fakecsi.Clientset) (*csiPlugin, plugMgr := &volume.VolumePluginMgr{} plugMgr.InitPlugins(ProbeVolumePlugins(), nil /* prober */, host) - plug, err := plugMgr.FindPluginByName(csiPluginName) + plug, err := plugMgr.FindPluginByName(CSIPluginName) if err != nil { - t.Fatalf("can't find plugin %v", csiPluginName) + t.Fatalf("can't find plugin %v", CSIPluginName) } csiPlug, ok := plug.(*csiPlugin) diff --git a/pkg/volume/csi/csi_block.go b/pkg/volume/csi/csi_block.go index fa52af425a7..1e4553ff4df 100644 --- a/pkg/volume/csi/csi_block.go +++ b/pkg/volume/csi/csi_block.go @@ -63,20 +63,20 @@ func (m *csiBlockMapper) GetGlobalMapPath(spec *volume.Spec) (string, error) { // Example: plugins/kubernetes.io/csi/volumeDevices/staging/{pvname} func (m *csiBlockMapper) getStagingPath() string { sanitizedSpecVolID := utilstrings.EscapeQualifiedName(m.specName) - return path.Join(m.plugin.host.GetVolumeDevicePluginDir(csiPluginName), "staging", sanitizedSpecVolID) + return path.Join(m.plugin.host.GetVolumeDevicePluginDir(CSIPluginName), "staging", sanitizedSpecVolID) } // getPublishPath returns a publish path for a file (on the node) that should be used on NodePublishVolume/NodeUnpublishVolume // Example: plugins/kubernetes.io/csi/volumeDevices/publish/{pvname} func (m *csiBlockMapper) getPublishPath() string { sanitizedSpecVolID := utilstrings.EscapeQualifiedName(m.specName) - return path.Join(m.plugin.host.GetVolumeDevicePluginDir(csiPluginName), "publish", sanitizedSpecVolID) + return path.Join(m.plugin.host.GetVolumeDevicePluginDir(CSIPluginName), "publish", sanitizedSpecVolID) } // GetPodDeviceMapPath returns pod's device file which will be mapped to a volume // returns: pods/{podUid}/volumeDevices/kubernetes.io~csi, {pvname} func (m *csiBlockMapper) GetPodDeviceMapPath() (string, string) { - path := m.plugin.host.GetPodVolumeDeviceDir(m.podUID, utilstrings.EscapeQualifiedName(csiPluginName)) + path := m.plugin.host.GetPodVolumeDeviceDir(m.podUID, utilstrings.EscapeQualifiedName(CSIPluginName)) specName := m.specName klog.V(4).Infof(log("blockMapper.GetPodDeviceMapPath [path=%s; name=%s]", path, specName)) return path, specName diff --git a/pkg/volume/csi/csi_client.go b/pkg/volume/csi/csi_client.go index 1fdc55359c7..16a46b527d0 100644 --- a/pkg/volume/csi/csi_client.go +++ b/pkg/volume/csi/csi_client.go @@ -147,19 +147,12 @@ func newCsiDriverClient(driverName csiDriverName) (*csiDriverClient, error) { addr := fmt.Sprintf(csiAddrTemplate, driverName) requiresV0Client := true if utilfeature.DefaultFeatureGate.Enabled(features.KubeletPluginsWatcher) { - var existingDriver csiDriver - driverExists := false - func() { - csiDrivers.RLock() - defer csiDrivers.RUnlock() - existingDriver, driverExists = csiDrivers.driversMap[string(driverName)] - }() - + existingDriver, driverExists := csiDrivers.Get(string(driverName)) if !driverExists { return nil, fmt.Errorf("driver name %s not found in the list of registered CSI drivers", driverName) } - addr = existingDriver.driverEndpoint + addr = existingDriver.endpoint requiresV0Client = versionRequiresV0Client(existingDriver.highestSupportedVersion) } diff --git a/pkg/volume/csi/csi_drivers_store.go b/pkg/volume/csi/csi_drivers_store.go new file mode 100644 index 00000000000..70bfd1b383d --- /dev/null +++ b/pkg/volume/csi/csi_drivers_store.go @@ -0,0 +1,79 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package csi + +import ( + "sync" + + utilversion "k8s.io/apimachinery/pkg/util/version" +) + +// Driver is a description of a CSI Driver, defined by an enpoint and the +// highest CSI version supported +type Driver struct { + endpoint string + highestSupportedVersion *utilversion.Version +} + +// DriversStore holds a list of CSI Drivers +type DriversStore struct { + store + sync.RWMutex +} + +type store map[string]Driver + +// Get lets you retrieve a CSI Driver by name. +// This method is protected by a mutex. +func (s *DriversStore) Get(driverName string) (Driver, bool) { + s.RLock() + defer s.RUnlock() + + driver, ok := s.store[driverName] + return driver, ok +} + +// Set lets you save a CSI Driver to the list and give it a specific name. +// This method is protected by a mutex. +func (s *DriversStore) Set(driverName string, driver Driver) { + s.Lock() + defer s.Unlock() + + if s.store == nil { + s.store = store{} + } + + s.store[driverName] = driver +} + +// Delete lets you delete a CSI Driver by name. +// This method is protected by a mutex. +func (s *DriversStore) Delete(driverName string) { + s.Lock() + defer s.Unlock() + + delete(s.store, driverName) +} + +// Clear deletes all entries in the store. +// This methiod is protected by a mutex. +func (s *DriversStore) Clear() { + s.Lock() + defer s.Unlock() + + s.store = store{} +} diff --git a/pkg/volume/csi/csi_drivers_store_test.go b/pkg/volume/csi/csi_drivers_store_test.go new file mode 100644 index 00000000000..d7e5c17b628 --- /dev/null +++ b/pkg/volume/csi/csi_drivers_store_test.go @@ -0,0 +1,64 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package csi_test + +import ( + "reflect" + "testing" + + "k8s.io/kubernetes/pkg/volume/csi" +) + +func TestDriversStore(t *testing.T) { + store := &csi.DriversStore{} + someDriver := csi.Driver{} + + expectAbsent(t, store, "does-not-exist") + + store.Set("some-driver", someDriver) + expectPresent(t, store, "some-driver", someDriver) + + store.Delete("some-driver") + expectAbsent(t, store, "some-driver") + + store.Set("some-driver", someDriver) + + store.Clear() + expectAbsent(t, store, "some-driver") +} + +func expectPresent(t *testing.T, store *csi.DriversStore, name string, expected csi.Driver) { + t.Helper() + + retrieved, ok := store.Get(name) + + if !ok { + t.Fatalf("expected driver '%s' to exist", name) + } + + if !reflect.DeepEqual(retrieved, expected) { + t.Fatalf("expected driver '%s' to be equal to %v", name, expected) + } +} + +func expectAbsent(t *testing.T, store *csi.DriversStore, name string) { + t.Helper() + + if _, ok := store.Get(name); ok { + t.Fatalf("expected driver '%s' not to exist in store", name) + } +} diff --git a/pkg/volume/csi/csi_mounter.go b/pkg/volume/csi/csi_mounter.go index 53fcbadcd69..4e0dbe59df3 100644 --- a/pkg/volume/csi/csi_mounter.go +++ b/pkg/volume/csi/csi_mounter.go @@ -80,7 +80,7 @@ func (c *csiMountMgr) GetPath() string { func getTargetPath(uid types.UID, specVolumeID string, host volume.VolumeHost) string { specVolID := utilstrings.EscapeQualifiedName(specVolumeID) - return host.GetPodVolumeDir(uid, utilstrings.EscapeQualifiedName(csiPluginName), specVolID) + return host.GetPodVolumeDir(uid, utilstrings.EscapeQualifiedName(CSIPluginName), specVolID) } // volume.Mounter methods diff --git a/pkg/volume/csi/csi_mounter_test.go b/pkg/volume/csi/csi_mounter_test.go index 4a5d55f619c..938e5b78761 100644 --- a/pkg/volume/csi/csi_mounter_test.go +++ b/pkg/volume/csi/csi_mounter_test.go @@ -197,7 +197,7 @@ func MounterSetUpTests(t *testing.T, podInfoEnabled bool) { }, Spec: storage.VolumeAttachmentSpec{ NodeName: "test-node", - Attacher: csiPluginName, + Attacher: CSIPluginName, Source: storage.VolumeAttachmentSource{ PersistentVolumeName: &pvName, }, diff --git a/pkg/volume/csi/csi_plugin.go b/pkg/volume/csi/csi_plugin.go index dcb15f28e85..78e5d341d2c 100644 --- a/pkg/volume/csi/csi_plugin.go +++ b/pkg/volume/csi/csi_plugin.go @@ -23,7 +23,6 @@ import ( "path" "sort" "strings" - "sync" "time" "context" @@ -47,7 +46,8 @@ import ( ) const ( - csiPluginName = "kubernetes.io/csi" + // CSIPluginName is the name of the in-tree CSI Plugin + CSIPluginName = "kubernetes.io/csi" // TODO (vladimirvivien) implement a more dynamic way to discover // the unix domain socket path for each installed csi driver. @@ -84,17 +84,6 @@ func ProbeVolumePlugins() []volume.VolumePlugin { // volume.VolumePlugin methods var _ volume.VolumePlugin = &csiPlugin{} -type csiDriver struct { - driverName string - driverEndpoint string - highestSupportedVersion *utilversion.Version -} - -type csiDriversStore struct { - driversMap map[string]csiDriver - sync.RWMutex -} - // RegistrationHandler is the handler which is fed to the pluginwatcher API. type RegistrationHandler struct { } @@ -102,7 +91,7 @@ type RegistrationHandler struct { // TODO (verult) consider using a struct instead of global variables // csiDrivers map keep track of all registered CSI drivers on the node and their // corresponding sockets -var csiDrivers csiDriversStore +var csiDrivers = &DriversStore{} var nim nodeinfomanager.Interface @@ -141,17 +130,12 @@ func (h *RegistrationHandler) RegisterPlugin(pluginName string, endpoint string, return err } - func() { - // Storing endpoint of newly registered CSI driver into the map, where CSI driver name will be the key - // all other CSI components will be able to get the actual socket of CSI drivers by its name. - - // It's not necessary to lock the entire RegistrationCallback() function because only the CSI - // client depends on this driver map, and the CSI client does not depend on node information - // updated in the rest of the function. - csiDrivers.Lock() - defer csiDrivers.Unlock() - csiDrivers.driversMap[pluginName] = csiDriver{driverName: pluginName, driverEndpoint: endpoint, highestSupportedVersion: highestSupportedVersion} - }() + // Storing endpoint of newly registered CSI driver into the map, where CSI driver name will be the key + // all other CSI components will be able to get the actual socket of CSI drivers by its name. + csiDrivers.Set(pluginName, Driver{ + endpoint: endpoint, + highestSupportedVersion: highestSupportedVersion, + }) // Get node info from the driver. csi, err := newCsiDriverClient(csiDriverName(pluginName)) @@ -164,20 +148,16 @@ func (h *RegistrationHandler) RegisterPlugin(pluginName string, endpoint string, driverNodeID, maxVolumePerNode, accessibleTopology, err := csi.NodeGetInfo(ctx) if err != nil { - klog.Error(log("registrationHandler.RegisterPlugin failed at CSI.NodeGetInfo: %v", err)) if unregErr := unregisterDriver(pluginName); unregErr != nil { klog.Error(log("registrationHandler.RegisterPlugin failed to unregister plugin due to previous error: %v", unregErr)) - return unregErr } return err } err = nim.InstallCSIDriver(pluginName, driverNodeID, maxVolumePerNode, accessibleTopology) if err != nil { - klog.Error(log("registrationHandler.RegisterPlugin failed at AddNodeInfo: %v", err)) if unregErr := unregisterDriver(pluginName); unregErr != nil { klog.Error(log("registrationHandler.RegisterPlugin failed to unregister plugin due to previous error: %v", unregErr)) - return unregErr } return err } @@ -200,15 +180,7 @@ func (h *RegistrationHandler) validateVersions(callerName, pluginName string, en return nil, err } - // Check for existing drivers with the same name - var existingDriver csiDriver - driverExists := false - func() { - csiDrivers.RLock() - defer csiDrivers.RUnlock() - existingDriver, driverExists = csiDrivers.driversMap[pluginName] - }() - + existingDriver, driverExists := csiDrivers.Get(pluginName) if driverExists { if !existingDriver.highestSupportedVersion.LessThan(newDriverHighestVersion) { err := fmt.Errorf("%s for CSI driver %q failed. Another driver with the same name is already registered with a higher supported version: %q", callerName, pluginName, existingDriver.highestSupportedVersion) @@ -245,8 +217,7 @@ func (p *csiPlugin) Init(host volume.VolumeHost) error { } } - // Initializing csiDrivers map and label management channels - csiDrivers = csiDriversStore{driversMap: map[string]csiDriver{}} + // Initializing the label management channels nim = nodeinfomanager.NewNodeInfoManager(host.GetNodeName(), host) // TODO(#70514) Init CSINodeInfo object if the CRD exists and create Driver @@ -256,7 +227,7 @@ func (p *csiPlugin) Init(host volume.VolumeHost) error { } func (p *csiPlugin) GetPluginName() string { - return csiPluginName + return CSIPluginName } // GetvolumeName returns a concatenated string of CSIVolumeSource.DriverCSIVolumeSource.VolumeHandle @@ -465,6 +436,29 @@ func (p *csiPlugin) NewDetacher() (volume.Detacher, error) { }, nil } +func (p *csiPlugin) CanAttach(spec *volume.Spec) bool { + if spec.PersistentVolume == nil { + klog.Error(log("plugin.CanAttach test failed, spec missing PersistentVolume")) + return false + } + + var driverName string + if spec.PersistentVolume.Spec.CSI != nil { + driverName = spec.PersistentVolume.Spec.CSI.Driver + } else { + klog.Error(log("plugin.CanAttach test failed, spec missing CSIPersistentVolume")) + return false + } + + skipAttach, err := p.skipAttach(driverName) + + if err != nil { + klog.Error(log("plugin.CanAttach error when calling plugin.skipAttach for driver %s: %s", driverName, err)) + } + + return !skipAttach +} + func (p *csiPlugin) NewDeviceUnmounter() (volume.DeviceUnmounter, error) { return p.NewDetacher() } @@ -657,11 +651,7 @@ func (p *csiPlugin) getPublishContext(client clientset.Interface, handle, driver } func unregisterDriver(driverName string) error { - func() { - csiDrivers.Lock() - defer csiDrivers.Unlock() - delete(csiDrivers.driversMap, driverName) - }() + csiDrivers.Delete(driverName) if err := nim.UninstallCSIDriver(driverName); err != nil { klog.Errorf("Error uninstalling CSI driver: %v", err) diff --git a/pkg/volume/csi/csi_plugin_test.go b/pkg/volume/csi/csi_plugin_test.go index ab82fde6455..48d77b10ef0 100644 --- a/pkg/volume/csi/csi_plugin_test.go +++ b/pkg/volume/csi/csi_plugin_test.go @@ -61,9 +61,9 @@ func newTestPlugin(t *testing.T, client *fakeclient.Clientset, csiClient *fakecs plugMgr := &volume.VolumePluginMgr{} plugMgr.InitPlugins(ProbeVolumePlugins(), nil /* prober */, host) - plug, err := plugMgr.FindPluginByName(csiPluginName) + plug, err := plugMgr.FindPluginByName(CSIPluginName) if err != nil { - t.Fatalf("can't find plugin %v", csiPluginName) + t.Fatalf("can't find plugin %v", CSIPluginName) } csiPlug, ok := plug.(*csiPlugin) @@ -105,13 +105,16 @@ func makeTestPV(name string, sizeGig int, driverName, volID string) *api.Persist } func registerFakePlugin(pluginName, endpoint string, versions []string, t *testing.T) { - csiDrivers = csiDriversStore{driversMap: map[string]csiDriver{}} highestSupportedVersions, err := highestSupportedVersion(versions) if err != nil { t.Fatalf("unexpected error parsing versions (%v) for pluginName % q endpoint %q: %#v", versions, pluginName, endpoint, err) } - csiDrivers.driversMap[pluginName] = csiDriver{driverName: pluginName, driverEndpoint: endpoint, highestSupportedVersion: highestSupportedVersions} + csiDrivers.Clear() + csiDrivers.Set(pluginName, Driver{ + endpoint: endpoint, + highestSupportedVersion: highestSupportedVersions, + }) } func TestPluginGetPluginName(t *testing.T) { @@ -372,6 +375,36 @@ func TestPluginNewDetacher(t *testing.T) { } } +func TestPluginCanAttach(t *testing.T) { + tests := []struct { + name string + driverName string + canAttach bool + }{ + { + name: "attachable", + driverName: "attachble-driver", + canAttach: true, + }, + } + + for _, test := range tests { + csiDriver := getCSIDriver(test.driverName, nil, &test.canAttach) + t.Run(test.name, func(t *testing.T) { + fakeCSIClient := fakecsi.NewSimpleClientset(csiDriver) + plug, tmpDir := newTestPlugin(t, nil, fakeCSIClient) + defer os.RemoveAll(tmpDir) + spec := volume.NewSpecFromPersistentVolume(makeTestPV("test-pv", 10, test.driverName, "test-vol"), false) + + pluginCanAttach := plug.CanAttach(spec) + if pluginCanAttach != test.canAttach { + t.Fatalf("expecting plugin.CanAttach %t got %t", test.canAttach, pluginCanAttach) + return + } + }) + } +} + func TestPluginNewBlockMapper(t *testing.T) { defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSIBlockVolume, true)() @@ -839,13 +872,16 @@ func TestValidatePluginExistingDriver(t *testing.T) { for _, tc := range testCases { // Arrange & Act - csiDrivers = csiDriversStore{driversMap: map[string]csiDriver{}} highestSupportedVersions1, err := highestSupportedVersion(tc.versions1) if err != nil { t.Fatalf("unexpected error parsing version for testcase: %#v", tc) } - csiDrivers.driversMap[tc.pluginName1] = csiDriver{driverName: tc.pluginName1, driverEndpoint: tc.endpoint1, highestSupportedVersion: highestSupportedVersions1} + csiDrivers.Clear() + csiDrivers.Set(tc.pluginName1, Driver{ + endpoint: tc.endpoint1, + highestSupportedVersion: highestSupportedVersions1, + }) // Arrange & Act err = PluginHandler.ValidatePlugin(tc.pluginName2, tc.endpoint2, tc.versions2, tc.foundInDeprecatedDir2) diff --git a/pkg/volume/csi/csi_util.go b/pkg/volume/csi/csi_util.go index b87cfe9cc4b..5d343e4c59e 100644 --- a/pkg/volume/csi/csi_util.go +++ b/pkg/volume/csi/csi_util.go @@ -109,7 +109,7 @@ func getReadOnlyFromSpec(spec *volume.Spec) (bool, error) { // log prepends log string with `kubernetes.io/csi` func log(msg string, parts ...interface{}) string { - return fmt.Sprintf(fmt.Sprintf("%s: %s", csiPluginName, msg), parts...) + return fmt.Sprintf(fmt.Sprintf("%s: %s", CSIPluginName, msg), parts...) } // getVolumeDevicePluginDir returns the path where the CSI plugin keeps the @@ -117,7 +117,7 @@ func log(msg string, parts ...interface{}) string { // path: plugins/kubernetes.io/csi/volumeDevices/{specVolumeID}/dev func getVolumeDevicePluginDir(specVolID string, host volume.VolumeHost) string { sanitizedSpecVolID := utilstrings.EscapeQualifiedName(specVolID) - return path.Join(host.GetVolumeDevicePluginDir(csiPluginName), sanitizedSpecVolID, "dev") + return path.Join(host.GetVolumeDevicePluginDir(CSIPluginName), sanitizedSpecVolID, "dev") } // getVolumeDeviceDataDir returns the path where the CSI plugin keeps the @@ -125,7 +125,7 @@ func getVolumeDevicePluginDir(specVolID string, host volume.VolumeHost) string { // path: plugins/kubernetes.io/csi/volumeDevices/{specVolumeID}/data func getVolumeDeviceDataDir(specVolID string, host volume.VolumeHost) string { sanitizedSpecVolID := utilstrings.EscapeQualifiedName(specVolID) - return path.Join(host.GetVolumeDevicePluginDir(csiPluginName), sanitizedSpecVolID, "data") + return path.Join(host.GetVolumeDevicePluginDir(CSIPluginName), sanitizedSpecVolID, "data") } // hasReadWriteOnce returns true if modes contains v1.ReadWriteOnce diff --git a/pkg/volume/downwardapi/OWNERS b/pkg/volume/downwardapi/OWNERS index baaff6ff460..93c0d5e773d 100644 --- a/pkg/volume/downwardapi/OWNERS +++ b/pkg/volume/downwardapi/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/emptydir/OWNERS b/pkg/volume/emptydir/OWNERS index baaff6ff460..93c0d5e773d 100644 --- a/pkg/volume/emptydir/OWNERS +++ b/pkg/volume/emptydir/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/fc/OWNERS b/pkg/volume/fc/OWNERS index 5c95f6dfc50..92597fc28a5 100644 --- a/pkg/volume/fc/OWNERS +++ b/pkg/volume/fc/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - rootfs - saad-ali diff --git a/pkg/volume/fc/attacher.go b/pkg/volume/fc/attacher.go index 052567beb11..01a02617e86 100644 --- a/pkg/volume/fc/attacher.go +++ b/pkg/volume/fc/attacher.go @@ -175,6 +175,10 @@ func (detacher *fcDetacher) UnmountDevice(deviceMountPath string) error { return nil } +func (plugin *fcPlugin) CanAttach(spec *volume.Spec) bool { + return true +} + func volumeSpecToMounter(spec *volume.Spec, host volume.VolumeHost) (*fcDiskMounter, error) { fc, readOnly, err := getVolumeSource(spec) if err != nil { diff --git a/pkg/volume/fc/fc.go b/pkg/volume/fc/fc.go index 6b2afafc6f4..3086743d7a5 100644 --- a/pkg/volume/fc/fc.go +++ b/pkg/volume/fc/fc.go @@ -19,6 +19,7 @@ package fc import ( "fmt" "os" + "path/filepath" "strconv" "strings" @@ -257,40 +258,20 @@ func (plugin *fcPlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volu if len(globalPDPath) == 0 { return nil, fmt.Errorf("couldn't fetch globalPDPath. failed to obtain volume spec") } - arr := strings.Split(globalPDPath, "/") - if len(arr) < 1 { - return nil, fmt.Errorf("failed to retrieve volume plugin information from globalPDPath: %v", globalPDPath) + + wwns, lun, wwids, err := parsePDName(globalPDPath) + if err != nil { + return nil, fmt.Errorf("failed to retrieve volume plugin information from globalPDPath: %s", err) } - volumeInfo := arr[len(arr)-1] // Create volume from wwn+lun or wwid - var fcVolume *v1.Volume - if strings.Contains(volumeInfo, "-lun-") { - wwnLun := strings.Split(volumeInfo, "-lun-") - if len(wwnLun) < 2 { - return nil, fmt.Errorf("failed to retrieve TargetWWN and Lun. volumeInfo is invalid: %v", volumeInfo) - } - lun, err := strconv.Atoi(wwnLun[1]) - if err != nil { - return nil, err - } - lun32 := int32(lun) - fcVolume = &v1.Volume{ - Name: volumeName, - VolumeSource: v1.VolumeSource{ - FC: &v1.FCVolumeSource{TargetWWNs: []string{wwnLun[0]}, Lun: &lun32}, - }, - } - klog.V(5).Infof("ConstructVolumeSpec: TargetWWNs: %v, Lun: %v", - fcVolume.VolumeSource.FC.TargetWWNs, *fcVolume.VolumeSource.FC.Lun) - } else { - fcVolume = &v1.Volume{ - Name: volumeName, - VolumeSource: v1.VolumeSource{ - FC: &v1.FCVolumeSource{WWIDs: []string{volumeInfo}}, - }, - } - klog.V(5).Infof("ConstructVolumeSpec: WWIDs: %v", fcVolume.VolumeSource.FC.WWIDs) + fcVolume := &v1.Volume{ + Name: volumeName, + VolumeSource: v1.VolumeSource{ + FC: &v1.FCVolumeSource{WWIDs: wwids, Lun: &lun, TargetWWNs: wwns}, + }, } + klog.V(5).Infof("ConstructVolumeSpec: TargetWWNs: %v, Lun: %v, WWIDs: %v", + fcVolume.VolumeSource.FC.TargetWWNs, *fcVolume.VolumeSource.FC.Lun, fcVolume.VolumeSource.FC.WWIDs) return volume.NewSpecFromVolume(fcVolume), nil } @@ -310,36 +291,23 @@ func (plugin *fcPlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName, m } klog.V(5).Infof("globalMapPathUUID: %v, err: %v", globalMapPathUUID, err) - // Retrieve volumePluginDependentPath from globalMapPathUUID + // Retrieve globalPDPath from globalMapPathUUID // globalMapPathUUID examples: // wwn+lun: plugins/kubernetes.io/fc/volumeDevices/50060e801049cfd1-lun-0/{pod uuid} // wwid: plugins/kubernetes.io/fc/volumeDevices/3600508b400105e210000900000490000/{pod uuid} - arr := strings.Split(globalMapPathUUID, "/") - if len(arr) < 2 { - return nil, fmt.Errorf("Fail to retrieve volume plugin information from globalMapPathUUID: %v", globalMapPathUUID) - } - l := len(arr) - 2 - volumeInfo := arr[l] - + globalPDPath := filepath.Dir(globalMapPathUUID) // Create volume from wwn+lun or wwid - var fcPV *v1.PersistentVolume - if strings.Contains(volumeInfo, "-lun-") { - wwnLun := strings.Split(volumeInfo, "-lun-") - lun, err := strconv.Atoi(wwnLun[1]) - if err != nil { - return nil, err - } - lun32 := int32(lun) - fcPV = createPersistentVolumeFromFCVolumeSource(volumeName, - v1.FCVolumeSource{TargetWWNs: []string{wwnLun[0]}, Lun: &lun32}) - klog.V(5).Infof("ConstructBlockVolumeSpec: TargetWWNs: %v, Lun: %v", - fcPV.Spec.PersistentVolumeSource.FC.TargetWWNs, - *fcPV.Spec.PersistentVolumeSource.FC.Lun) - } else { - fcPV = createPersistentVolumeFromFCVolumeSource(volumeName, - v1.FCVolumeSource{WWIDs: []string{volumeInfo}}) - klog.V(5).Infof("ConstructBlockVolumeSpec: WWIDs: %v", fcPV.Spec.PersistentVolumeSource.FC.WWIDs) + wwns, lun, wwids, err := parsePDName(globalPDPath) + if err != nil { + return nil, fmt.Errorf("failed to retrieve volume plugin information from globalPDPath: %s", err) } + fcPV := createPersistentVolumeFromFCVolumeSource(volumeName, + v1.FCVolumeSource{TargetWWNs: wwns, Lun: &lun, WWIDs: wwids}) + klog.V(5).Infof("ConstructBlockVolumeSpec: TargetWWNs: %v, Lun: %v, WWIDs: %v", + fcPV.Spec.PersistentVolumeSource.FC.TargetWWNs, + *fcPV.Spec.PersistentVolumeSource.FC.Lun, + fcPV.Spec.PersistentVolumeSource.FC.WWIDs) + return volume.NewSpecFromPersistentVolume(fcPV, false), nil } diff --git a/pkg/volume/fc/fc_util.go b/pkg/volume/fc/fc_util.go index 9c08d52ffe4..71c72071cef 100644 --- a/pkg/volume/fc/fc_util.go +++ b/pkg/volume/fc/fc_util.go @@ -22,6 +22,7 @@ import ( "os" "path" "path/filepath" + "strconv" "strings" "k8s.io/api/core/v1" @@ -131,20 +132,47 @@ func scsiHostRescan(io ioHandler) { } } -// make a directory like /var/lib/kubelet/plugins/kubernetes.io/fc/target-lun-0 +// make a directory like /var/lib/kubelet/plugins/kubernetes.io/fc/target1-target2-lun-0 func makePDNameInternal(host volume.VolumeHost, wwns []string, lun string, wwids []string) string { if len(wwns) != 0 { - return path.Join(host.GetPluginDir(fcPluginName), wwns[0]+"-lun-"+lun) + w := strings.Join(wwns, "-") + return path.Join(host.GetPluginDir(fcPluginName), w+"-lun-"+lun) } - return path.Join(host.GetPluginDir(fcPluginName), wwids[0]) + return path.Join(host.GetPluginDir(fcPluginName), strings.Join(wwids, "-")) } // make a directory like /var/lib/kubelet/plugins/kubernetes.io/fc/volumeDevices/target-lun-0 func makeVDPDNameInternal(host volume.VolumeHost, wwns []string, lun string, wwids []string) string { if len(wwns) != 0 { - return path.Join(host.GetVolumeDevicePluginDir(fcPluginName), wwns[0]+"-lun-"+lun) + w := strings.Join(wwns, "-") + return path.Join(host.GetVolumeDevicePluginDir(fcPluginName), w+"-lun-"+lun) } - return path.Join(host.GetVolumeDevicePluginDir(fcPluginName), wwids[0]) + return path.Join(host.GetVolumeDevicePluginDir(fcPluginName), strings.Join(wwids, "-")) +} + +func parsePDName(path string) (wwns []string, lun int32, wwids []string, err error) { + // parse directory name created by makePDNameInternal or makeVDPDNameInternal + dirname := filepath.Base(path) + components := strings.Split(dirname, "-") + l := len(components) + if l == 1 { + // No '-', it must be single WWID + return nil, 0, components, nil + } + if components[l-2] == "lun" { + // it has -lun-, it's list of WWNs + lun number as the last component + if l == 2 { + return nil, 0, nil, fmt.Errorf("no wwn in: %s", dirname) + } + lun, err := strconv.Atoi(components[l-1]) + if err != nil { + return nil, 0, nil, err + } + + return components[:l-2], int32(lun), nil, nil + } + // no -lun-, it's just list of WWIDs + return nil, 0, components, nil } type fcUtil struct{} @@ -320,7 +348,7 @@ func (util *fcUtil) DetachBlockFCDisk(c fcDiskUnmapper, mapPath, devicePath stri } volumeInfo := arr[len(arr)-1] - // Search symbolick link which matches volumeInfo under /dev/disk/by-path or /dev/disk/by-id + // Search symbolic link which matches volumeInfo under /dev/disk/by-path or /dev/disk/by-id // then find destination device path from the link searchPath := byID if strings.Contains(volumeInfo, "-lun-") { diff --git a/pkg/volume/fc/fc_util_test.go b/pkg/volume/fc/fc_util_test.go index 50c5308b940..537d4ea2d26 100644 --- a/pkg/volume/fc/fc_util_test.go +++ b/pkg/volume/fc/fc_util_test.go @@ -18,6 +18,7 @@ package fc import ( "os" + "reflect" "testing" "time" @@ -116,3 +117,68 @@ func TestSearchDiskWWID(t *testing.T) { t.Errorf("no fc disk found") } } + +func TestParsePDName(t *testing.T) { + tests := []struct { + name string + path string + wwns []string + lun int32 + wwids []string + expectError bool + }{ + { + name: "single WWID", + path: "/var/lib/kubelet/plugins/kubernetes.io/fc/60050763008084e6e0000000000001ae", + wwids: []string{"60050763008084e6e0000000000001ae"}, + }, + { + name: "multiple WWID", + path: "/var/lib/kubelet/plugins/kubernetes.io/fc/60050763008084e6e0000000000001ae-60050763008084e6e0000000000001af", + wwids: []string{"60050763008084e6e0000000000001ae", "60050763008084e6e0000000000001af"}, + }, + { + name: "single WWN", + path: "/var/lib/kubelet/plugins/kubernetes.io/fc/50050768030539b6-lun-0", + wwns: []string{"50050768030539b6"}, + lun: 0, + }, + { + name: "multiple WWNs", + path: "/var/lib/kubelet/plugins/kubernetes.io/fc/50050768030539b6-50050768030539b7-lun-0", + wwns: []string{"50050768030539b6", "50050768030539b7"}, + lun: 0, + }, + { + name: "no WWNs", + path: "/var/lib/kubelet/plugins/kubernetes.io/fc/lun-0", + expectError: true, + }, + { + name: "invalid lun", + path: "/var/lib/kubelet/plugins/kubernetes.io/fc/50050768030539b6-lun-x", + expectError: true, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + wwns, lun, wwids, err := parsePDName(test.path) + if test.expectError && err == nil { + t.Errorf("expected error but got none") + } + if !test.expectError && err != nil { + t.Errorf("got unexpected error: %s", err) + } + if !reflect.DeepEqual(wwns, test.wwns) { + t.Errorf("expected WWNs %+v, got %+v", test.wwns, wwns) + } + if lun != test.lun { + t.Errorf("expected lun %d, got %d", test.lun, lun) + } + if !reflect.DeepEqual(wwids, test.wwids) { + t.Errorf("expected WWIDs %+v, got %+v", test.wwids, wwids) + } + }) + } +} diff --git a/pkg/volume/flexvolume/OWNERS b/pkg/volume/flexvolume/OWNERS index 3342c22c4c4..6caf661b0a6 100644 --- a/pkg/volume/flexvolume/OWNERS +++ b/pkg/volume/flexvolume/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - chakri-nelluri - saad-ali diff --git a/pkg/volume/flexvolume/plugin.go b/pkg/volume/flexvolume/plugin.go index 5527dba8a9a..e907485a0f9 100644 --- a/pkg/volume/flexvolume/plugin.go +++ b/pkg/volume/flexvolume/plugin.go @@ -256,6 +256,10 @@ func (plugin *flexVolumeAttachablePlugin) NewDeviceUnmounter() (volume.DeviceUnm return plugin.NewDetacher() } +func (plugin *flexVolumeAttachablePlugin) CanAttach(spec *volume.Spec) bool { + return true +} + // ConstructVolumeSpec is part of the volume.AttachableVolumePlugin interface. func (plugin *flexVolumePlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volume.Spec, error) { flexVolume := &api.Volume{ diff --git a/pkg/volume/flocker/BUILD b/pkg/volume/flocker/BUILD index d58059aa58b..2f6c2b70a21 100644 --- a/pkg/volume/flocker/BUILD +++ b/pkg/volume/flocker/BUILD @@ -25,6 +25,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/rand:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/clusterhq/flocker-go:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/strings:go_default_library", diff --git a/pkg/volume/flocker/OWNERS b/pkg/volume/flocker/OWNERS index f9f7cef504e..0de8788a33e 100644 --- a/pkg/volume/flocker/OWNERS +++ b/pkg/volume/flocker/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - rootfs - saad-ali diff --git a/pkg/volume/flocker/flocker_util.go b/pkg/volume/flocker/flocker_util.go index e753da9acd0..529a9e4c168 100644 --- a/pkg/volume/flocker/flocker_util.go +++ b/pkg/volume/flocker/flocker_util.go @@ -22,7 +22,7 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/rand" - volutil "k8s.io/kubernetes/pkg/volume/util" + volumehelpers "k8s.io/cloud-provider/volume/helpers" flockerapi "github.com/clusterhq/flocker-go" "k8s.io/klog" @@ -72,7 +72,7 @@ func (util *flockerUtil) CreateVolume(c *flockerVolumeProvisioner) (datasetUUID capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] requestBytes := capacity.Value() - volumeSizeGiB, err = volutil.RoundUpToGiBInt(capacity) + volumeSizeGiB, err = volumehelpers.RoundUpToGiBInt(capacity) if err != nil { return } diff --git a/pkg/volume/gcepd/BUILD b/pkg/volume/gcepd/BUILD index f4ff333f4e5..cd4489dc075 100644 --- a/pkg/volume/gcepd/BUILD +++ b/pkg/volume/gcepd/BUILD @@ -19,7 +19,6 @@ go_library( deps = [ "//pkg/cloudprovider/providers/gce:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/volume:go_default_library", "//pkg/volume/util:go_default_library", @@ -32,6 +31,8 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", "//staging/src/k8s.io/cloud-provider/features:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/exec:go_default_library", "//vendor/k8s.io/utils/path:go_default_library", @@ -49,11 +50,9 @@ go_test( ], embed = [":go_default_library"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/volume:go_default_library", "//pkg/volume/testing:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -61,6 +60,8 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library", "//staging/src/k8s.io/client-go/util/testing:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) diff --git a/pkg/volume/gcepd/OWNERS b/pkg/volume/gcepd/OWNERS index 5fa7bd72c20..2b190e19582 100644 --- a/pkg/volume/gcepd/OWNERS +++ b/pkg/volume/gcepd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - thockin diff --git a/pkg/volume/gcepd/attacher.go b/pkg/volume/gcepd/attacher.go index 4a998579c05..266647c0932 100644 --- a/pkg/volume/gcepd/attacher.go +++ b/pkg/volume/gcepd/attacher.go @@ -288,3 +288,7 @@ func (detacher *gcePersistentDiskDetacher) Detach(volumeName string, nodeName ty func (detacher *gcePersistentDiskDetacher) UnmountDevice(deviceMountPath string) error { return mount.CleanupMountPoint(deviceMountPath, detacher.host.GetMounter(gcePersistentDiskPluginName), false) } + +func (plugin *gcePersistentDiskPlugin) CanAttach(spec *volume.Spec) bool { + return true +} diff --git a/pkg/volume/gcepd/attacher_test.go b/pkg/volume/gcepd/attacher_test.go index 6f9ab41c829..c067f07c27a 100644 --- a/pkg/volume/gcepd/attacher_test.go +++ b/pkg/volume/gcepd/attacher_test.go @@ -24,12 +24,12 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/util/sets" + cloudvolume "k8s.io/cloud-provider/volume" "k8s.io/kubernetes/pkg/volume" volumetest "k8s.io/kubernetes/pkg/volume/testing" "k8s.io/apimachinery/pkg/types" "k8s.io/klog" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "strings" ) @@ -284,9 +284,9 @@ func createPVSpec(name string, readOnly bool, zones []string) *volume.Spec { } if zones != nil { - zonesLabel := strings.Join(zones, kubeletapis.LabelMultiZoneDelimiter) + zonesLabel := strings.Join(zones, cloudvolume.LabelMultiZoneDelimiter) spec.PersistentVolume.ObjectMeta.Labels = map[string]string{ - kubeletapis.LabelZoneFailureDomain: zonesLabel, + v1.LabelZoneFailureDomain: zonesLabel, } } diff --git a/pkg/volume/gcepd/gce_pd.go b/pkg/volume/gcepd/gce_pd.go index bf1bf9ccb4c..a39085efb62 100644 --- a/pkg/volume/gcepd/gce_pd.go +++ b/pkg/volume/gcepd/gce_pd.go @@ -29,10 +29,10 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" utilfeature "k8s.io/apiserver/pkg/util/feature" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" gcecloud "k8s.io/kubernetes/pkg/cloudprovider/providers/gce" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume/util" @@ -544,8 +544,8 @@ func (c *gcePersistentDiskProvisioner) Provision(selectedNode *v1.Node, allowedT for k, v := range labels { pv.Labels[k] = v var values []string - if k == kubeletapis.LabelZoneFailureDomain { - values, err = util.LabelZonesToList(v) + if k == v1.LabelZoneFailureDomain { + values, err = volumehelpers.LabelZonesToList(v) if err != nil { return nil, fmt.Errorf("failed to convert label string for Zone: %s to a List: %v", v, err) } diff --git a/pkg/volume/gcepd/gce_pd_test.go b/pkg/volume/gcepd/gce_pd_test.go index a3200de5795..be7aaa217aa 100644 --- a/pkg/volume/gcepd/gce_pd_test.go +++ b/pkg/volume/gcepd/gce_pd_test.go @@ -29,12 +29,10 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes/fake" utiltesting "k8s.io/client-go/util/testing" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" volumetest "k8s.io/kubernetes/pkg/volume/testing" - "k8s.io/kubernetes/pkg/volume/util" - volumeutil "k8s.io/kubernetes/pkg/volume/util" ) func TestCanSupport(t *testing.T) { @@ -85,7 +83,7 @@ type fakePDManager struct { func (fake *fakePDManager) CreateVolume(c *gcePersistentDiskProvisioner, node *v1.Node, allowedTopologies []v1.TopologySelectorTerm) (volumeID string, volumeSizeGB int, labels map[string]string, fstype string, err error) { labels = make(map[string]string) labels["fakepdmanager"] = "yes" - labels[kubeletapis.LabelZoneFailureDomain] = "zone1__zone2" + labels[v1.LabelZoneFailureDomain] = "zone1__zone2" return "test-gce-volume-name", 100, labels, "", nil } @@ -191,7 +189,7 @@ func TestPlugin(t *testing.T) { } cap := persistentSpec.Spec.Capacity[v1.ResourceStorage] size := cap.Value() - if size != 100*util.GIB { + if size != 100*volumehelpers.GiB { t.Errorf("Provision() returned unexpected volume size: %v", size) } @@ -199,8 +197,8 @@ func TestPlugin(t *testing.T) { t.Errorf("Provision() returned unexpected value for fakepdmanager: %v", persistentSpec.Labels["fakepdmanager"]) } - if persistentSpec.Labels[kubeletapis.LabelZoneFailureDomain] != "zone1__zone2" { - t.Errorf("Provision() returned unexpected value for %s: %v", kubeletapis.LabelZoneFailureDomain, persistentSpec.Labels[kubeletapis.LabelZoneFailureDomain]) + if persistentSpec.Labels[v1.LabelZoneFailureDomain] != "zone1__zone2" { + t.Errorf("Provision() returned unexpected value for %s: %v", v1.LabelZoneFailureDomain, persistentSpec.Labels[v1.LabelZoneFailureDomain]) } if persistentSpec.Spec.NodeAffinity == nil { @@ -217,10 +215,10 @@ func TestPlugin(t *testing.T) { if r == nil || r.Values[0] != "yes" || r.Operator != v1.NodeSelectorOpIn { t.Errorf("NodeSelectorRequirement fakepdmanager-in-yes not found in volume NodeAffinity") } - zones, _ := volumeutil.ZonesToSet("zone1,zone2") - r, _ = getNodeSelectorRequirementWithKey(kubeletapis.LabelZoneFailureDomain, term) + zones, _ := volumehelpers.ZonesToSet("zone1,zone2") + r, _ = getNodeSelectorRequirementWithKey(v1.LabelZoneFailureDomain, term) if r == nil { - t.Errorf("NodeSelectorRequirement %s-in-%v not found in volume NodeAffinity", kubeletapis.LabelZoneFailureDomain, zones) + t.Errorf("NodeSelectorRequirement %s-in-%v not found in volume NodeAffinity", v1.LabelZoneFailureDomain, zones) } sort.Strings(r.Values) if !reflect.DeepEqual(r.Values, zones.List()) { diff --git a/pkg/volume/gcepd/gce_util.go b/pkg/volume/gcepd/gce_util.go index bb5ff8c8447..a53eaf23da6 100644 --- a/pkg/volume/gcepd/gce_util.go +++ b/pkg/volume/gcepd/gce_util.go @@ -29,9 +29,10 @@ import ( utilfeature "k8s.io/apiserver/pkg/util/feature" cloudprovider "k8s.io/cloud-provider" cloudfeatures "k8s.io/cloud-provider/features" + cloudvolume "k8s.io/cloud-provider/volume" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" gcecloud "k8s.io/kubernetes/pkg/cloudprovider/providers/gce" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" volumeutil "k8s.io/kubernetes/pkg/volume/util" @@ -100,7 +101,7 @@ func (util *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner, node *v1. name := volumeutil.GenerateVolumeName(c.options.ClusterName, c.options.PVName, 63) // GCE PD name can have up to 63 characters capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] // GCE PDs are allocated in chunks of GiBs - requestGB := volumeutil.RoundUpToGiB(capacity) + requestGB := volumehelpers.RoundUpToGiB(capacity) // Apply Parameters. // Values for parameter "replication-type" are canonicalized to lower case. @@ -122,7 +123,7 @@ func (util *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner, node *v1. configuredZone = v case "zones": zonesPresent = true - configuredZones, err = volumeutil.ZonesToSet(v) + configuredZones, err = volumehelpers.ZonesToSet(v) if err != nil { return "", 0, nil, "", err } @@ -153,7 +154,7 @@ func (util *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner, node *v1. switch replicationType { case replicationTypeRegionalPD: - selectedZones, err := volumeutil.SelectZonesForVolume(zonePresent, zonesPresent, configuredZone, configuredZones, activezones, node, allowedTopologies, c.options.PVC.Name, maxRegionalPDZones) + selectedZones, err := volumehelpers.SelectZonesForVolume(zonePresent, zonesPresent, configuredZone, configuredZones, activezones, node, allowedTopologies, c.options.PVC.Name, maxRegionalPDZones) if err != nil { klog.V(2).Infof("Error selecting zones for regional GCE PD volume: %v", err) return "", 0, nil, "", err @@ -170,7 +171,7 @@ func (util *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner, node *v1. klog.V(2).Infof("Successfully created Regional GCE PD volume %s", name) case replicationTypeNone: - selectedZone, err := volumeutil.SelectZoneForVolume(zonePresent, zonesPresent, configuredZone, configuredZones, activezones, node, allowedTopologies, c.options.PVC.Name) + selectedZone, err := volumehelpers.SelectZoneForVolume(zonePresent, zonesPresent, configuredZone, configuredZones, activezones, node, allowedTopologies, c.options.PVC.Name) if err != nil { return "", 0, nil, "", err } @@ -354,8 +355,8 @@ func udevadmChangeToDrive(drivePath string) error { // Checks whether the given GCE PD volume spec is associated with a regional PD. func isRegionalPD(spec *volume.Spec) bool { if spec.PersistentVolume != nil { - zonesLabel := spec.PersistentVolume.Labels[kubeletapis.LabelZoneFailureDomain] - zones := strings.Split(zonesLabel, kubeletapis.LabelMultiZoneDelimiter) + zonesLabel := spec.PersistentVolume.Labels[v1.LabelZoneFailureDomain] + zones := strings.Split(zonesLabel, cloudvolume.LabelMultiZoneDelimiter) return len(zones) > 1 } return false diff --git a/pkg/volume/git_repo/OWNERS b/pkg/volume/git_repo/OWNERS index 27d4e921659..5604dadfc90 100644 --- a/pkg/volume/git_repo/OWNERS +++ b/pkg/volume/git_repo/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin - saad-ali diff --git a/pkg/volume/glusterfs/BUILD b/pkg/volume/glusterfs/BUILD index bc684f32846..5774416506f 100644 --- a/pkg/volume/glusterfs/BUILD +++ b/pkg/volume/glusterfs/BUILD @@ -29,6 +29,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/uuid:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/heketi/heketi/client/api/go-client:go_default_library", "//vendor/github.com/heketi/heketi/pkg/glusterfs/api:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/pkg/volume/glusterfs/OWNERS b/pkg/volume/glusterfs/OWNERS index 080b69b30fb..d4b7ff4f26c 100644 --- a/pkg/volume/glusterfs/OWNERS +++ b/pkg/volume/glusterfs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - rootfs - saad-ali diff --git a/pkg/volume/glusterfs/glusterfs.go b/pkg/volume/glusterfs/glusterfs.go index d7bf9242209..47a10cf6f90 100644 --- a/pkg/volume/glusterfs/glusterfs.go +++ b/pkg/volume/glusterfs/glusterfs.go @@ -37,6 +37,7 @@ import ( "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/uuid" clientset "k8s.io/client-go/kubernetes" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" "k8s.io/kubernetes/pkg/util/mount" @@ -811,7 +812,7 @@ func (p *glusterfsVolumeProvisioner) CreateVolume(gid int) (r *v1.GlusterfsPersi capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] // GlusterFS/heketi creates volumes in units of GiB. - sz, err := volutil.RoundUpToGiBInt(capacity) + sz, err := volumehelpers.RoundUpToGiBInt(capacity) if err != nil { return nil, 0, "", err } @@ -1240,11 +1241,11 @@ func (plugin *glusterfsPlugin) ExpandVolumeDevice(spec *volume.Spec, newSize res } // Find out delta size - expansionSize := (newSize.Value() - oldSize.Value()) - expansionSizeGiB := int(volutil.RoundUpSize(expansionSize, volutil.GIB)) + expansionSize := resource.NewScaledQuantity((newSize.Value() - oldSize.Value()), 0) + expansionSizeGiB := int(volumehelpers.RoundUpToGiB(*expansionSize)) // Find out requested Size - requestGiB := volutil.RoundUpToGiB(newSize) + requestGiB := volumehelpers.RoundUpToGiB(newSize) //Check the existing volume size currentVolumeInfo, err := cli.VolumeInfo(volumeID) diff --git a/pkg/volume/host_path/OWNERS b/pkg/volume/host_path/OWNERS index 17c11a8181f..5ffca544da9 100644 --- a/pkg/volume/host_path/OWNERS +++ b/pkg/volume/host_path/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/iscsi/OWNERS b/pkg/volume/iscsi/OWNERS index 9e7d3d1eb33..16ec3af13c0 100644 --- a/pkg/volume/iscsi/OWNERS +++ b/pkg/volume/iscsi/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/iscsi/attacher.go b/pkg/volume/iscsi/attacher.go index 2a59a3047e9..f5be5b9fb72 100644 --- a/pkg/volume/iscsi/attacher.go +++ b/pkg/volume/iscsi/attacher.go @@ -176,6 +176,10 @@ func (detacher *iscsiDetacher) UnmountDevice(deviceMountPath string) error { return nil } +func (plugin *iscsiPlugin) CanAttach(spec *volume.Spec) bool { + return true +} + func volumeSpecToMounter(spec *volume.Spec, host volume.VolumeHost, targetLocks keymutex.KeyMutex, pod *v1.Pod) (*iscsiDiskMounter, error) { var secret map[string]string readOnly, fsType, err := getISCSIVolumeInfo(spec) diff --git a/pkg/volume/local/OWNERS b/pkg/volume/local/OWNERS index c995ab66a9e..ef8701c1ac5 100644 --- a/pkg/volume/local/OWNERS +++ b/pkg/volume/local/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - thockin diff --git a/pkg/volume/nfs/OWNERS b/pkg/volume/nfs/OWNERS index 025423a9fb6..c5f0087b760 100644 --- a/pkg/volume/nfs/OWNERS +++ b/pkg/volume/nfs/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - rootfs - saad-ali diff --git a/pkg/volume/photon_pd/BUILD b/pkg/volume/photon_pd/BUILD index 97ee8e7fd96..4f5ddfbde1a 100644 --- a/pkg/volume/photon_pd/BUILD +++ b/pkg/volume/photon_pd/BUILD @@ -24,6 +24,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/strings:go_default_library", ], diff --git a/pkg/volume/photon_pd/OWNERS b/pkg/volume/photon_pd/OWNERS index b8170a5d6d4..36c201edd9a 100644 --- a/pkg/volume/photon_pd/OWNERS +++ b/pkg/volume/photon_pd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + maintainers: - luomiao - kerneltime diff --git a/pkg/volume/photon_pd/attacher.go b/pkg/volume/photon_pd/attacher.go index 3592e7ce8e3..dcecf3ac71a 100644 --- a/pkg/volume/photon_pd/attacher.go +++ b/pkg/volume/photon_pd/attacher.go @@ -307,3 +307,7 @@ func (detacher *photonPersistentDiskDetacher) WaitForDetach(devicePath string, t func (detacher *photonPersistentDiskDetacher) UnmountDevice(deviceMountPath string) error { return mount.CleanupMountPoint(deviceMountPath, detacher.mounter, false) } + +func (plugin *photonPersistentDiskPlugin) CanAttach(spec *volume.Spec) bool { + return true +} diff --git a/pkg/volume/photon_pd/photon_util.go b/pkg/volume/photon_pd/photon_util.go index 23ebf92d033..b9865d24472 100644 --- a/pkg/volume/photon_pd/photon_util.go +++ b/pkg/volume/photon_pd/photon_util.go @@ -25,6 +25,7 @@ import ( "k8s.io/api/core/v1" cloudprovider "k8s.io/cloud-provider" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/cloudprovider/providers/photon" "k8s.io/kubernetes/pkg/util/mount" @@ -90,7 +91,7 @@ func (util *PhotonDiskUtil) CreateVolume(p *photonPersistentDiskProvisioner) (pd capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] // PhotonController works with GiB, convert to GiB with rounding up - volSizeGB, err := volumeutil.RoundUpToGiBInt(capacity) + volSizeGB, err := volumehelpers.RoundUpToGiBInt(capacity) if err != nil { return "", 0, "", err } diff --git a/pkg/volume/plugins.go b/pkg/volume/plugins.go index b80149718ef..90b7efd9502 100644 --- a/pkg/volume/plugins.go +++ b/pkg/volume/plugins.go @@ -188,12 +188,6 @@ type DeletableVolumePlugin interface { NewDeleter(spec *Spec) (Deleter, error) } -const ( - // Name of a volume in external cloud that is being provisioned and thus - // should be ignored by rest of Kubernetes. - ProvisionedVolumeName = "placeholder-for-provisioning" -) - // ProvisionableVolumePlugin is an extended interface of VolumePlugin and is // used to create volumes for the cluster. type ProvisionableVolumePlugin interface { @@ -210,6 +204,8 @@ type AttachableVolumePlugin interface { DeviceMountableVolumePlugin NewAttacher() (Attacher, error) NewDetacher() (Detacher, error) + // CanAttach tests if provided volume spec is attachable + CanAttach(spec *Spec) bool } // DeviceMountableVolumePlugin is an extended interface of VolumePlugin and is used @@ -823,7 +819,9 @@ func (pm *VolumePluginMgr) FindAttachablePluginBySpec(spec *Spec) (AttachableVol return nil, err } if attachableVolumePlugin, ok := volumePlugin.(AttachableVolumePlugin); ok { - return attachableVolumePlugin, nil + if attachableVolumePlugin.CanAttach(spec) { + return attachableVolumePlugin, nil + } } return nil, nil } @@ -874,10 +872,10 @@ func (pm *VolumePluginMgr) FindExpandablePluginBySpec(spec *Spec) (ExpandableVol if spec.IsKubeletExpandable() { // for kubelet expandable volumes, return a noop plugin that // returns success for expand on the controller - klog.Warningf("FindExpandablePluginBySpec(%s) -> returning noopExpandableVolumePluginInstance", spec.Name()) + klog.V(4).Infof("FindExpandablePluginBySpec(%s) -> returning noopExpandableVolumePluginInstance", spec.Name()) return &noopExpandableVolumePluginInstance{spec}, nil } - klog.Warningf("FindExpandablePluginBySpec(%s) -> err:%v", spec.Name(), err) + klog.V(4).Infof("FindExpandablePluginBySpec(%s) -> err:%v", spec.Name(), err) return nil, err } diff --git a/pkg/volume/portworx/BUILD b/pkg/volume/portworx/BUILD index 63053513b77..6925d5f355e 100644 --- a/pkg/volume/portworx/BUILD +++ b/pkg/volume/portworx/BUILD @@ -38,6 +38,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/libopenstorage/openstorage/api:go_default_library", "//vendor/github.com/libopenstorage/openstorage/api/client:go_default_library", "//vendor/github.com/libopenstorage/openstorage/api/client/volume:go_default_library", diff --git a/pkg/volume/portworx/OWNERS b/pkg/volume/portworx/OWNERS index 4bd62b711bb..bb1a19f21de 100644 --- a/pkg/volume/portworx/OWNERS +++ b/pkg/volume/portworx/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + maintainers: - adityadani diff --git a/pkg/volume/portworx/portworx_util.go b/pkg/volume/portworx/portworx_util.go index 7ac5522dac1..6c4cec1b395 100644 --- a/pkg/volume/portworx/portworx_util.go +++ b/pkg/volume/portworx/portworx_util.go @@ -27,10 +27,10 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" api "k8s.io/kubernetes/pkg/apis/core" "k8s.io/kubernetes/pkg/volume" - volutil "k8s.io/kubernetes/pkg/volume/util" ) const ( @@ -59,7 +59,7 @@ func (util *portworxVolumeUtil) CreateVolume(p *portworxVolumeProvisioner) (stri capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] // Portworx Volumes are specified in GiB - requestGiB := volutil.RoundUpToGiB(capacity) + requestGiB := volumehelpers.RoundUpToGiB(capacity) // Perform a best-effort parsing of parameters. Portworx 1.2.9 and later parses volume parameters from // spec.VolumeLabels. So even if below SpecFromOpts() fails to parse certain parameters or @@ -79,7 +79,7 @@ func (util *portworxVolumeUtil) CreateVolume(p *portworxVolumeProvisioner) (stri } // Update the requested size in the spec - spec.Size = uint64(requestGiB * volutil.GIB) + spec.Size = uint64(requestGiB * volumehelpers.GiB) // Change the Portworx Volume name to PV name if locator == nil { @@ -208,7 +208,7 @@ func (util *portworxVolumeUtil) ResizeVolume(spec *volume.Spec, newSize resource } vol := vols[0] - newSizeInBytes := uint64(volutil.RoundUpToGiB(newSize) * volutil.GIB) + newSizeInBytes := uint64(volumehelpers.RoundUpToGiB(newSize) * volumehelpers.GiB) if vol.Spec.Size >= newSizeInBytes { klog.Infof("Portworx volume: %s already at size: %d greater than or equal to new "+ "requested size: %d. Skipping resize.", spec.Name(), vol.Spec.Size, newSizeInBytes) diff --git a/pkg/volume/quobyte/BUILD b/pkg/volume/quobyte/BUILD index fe0c047f720..f194dfe9e1b 100644 --- a/pkg/volume/quobyte/BUILD +++ b/pkg/volume/quobyte/BUILD @@ -22,6 +22,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/pborman/uuid:go_default_library", "//vendor/github.com/quobyte/api:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/pkg/volume/quobyte/OWNERS b/pkg/volume/quobyte/OWNERS index 331e3c38d44..5f264f22105 100644 --- a/pkg/volume/quobyte/OWNERS +++ b/pkg/volume/quobyte/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - rootfs - saad-ali diff --git a/pkg/volume/quobyte/quobyte_util.go b/pkg/volume/quobyte/quobyte_util.go index 107c1454bed..69925b4c7c1 100644 --- a/pkg/volume/quobyte/quobyte_util.go +++ b/pkg/volume/quobyte/quobyte_util.go @@ -23,7 +23,7 @@ import ( "strings" "k8s.io/api/core/v1" - "k8s.io/kubernetes/pkg/volume/util" + volumehelpers "k8s.io/cloud-provider/volume/helpers" quobyteapi "github.com/quobyte/api" "k8s.io/klog" @@ -35,7 +35,7 @@ type quobyteVolumeManager struct { func (manager *quobyteVolumeManager) createVolume(provisioner *quobyteVolumeProvisioner, createQuota bool) (quobyte *v1.QuobyteVolumeSource, size int, err error) { capacity := provisioner.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] - volumeSize, err := util.RoundUpToGiBInt(capacity) + volumeSize, err := volumehelpers.RoundUpToGiBInt(capacity) if err != nil { return nil, 0, err } diff --git a/pkg/volume/rbd/BUILD b/pkg/volume/rbd/BUILD index d50005da483..94917607158 100644 --- a/pkg/volume/rbd/BUILD +++ b/pkg/volume/rbd/BUILD @@ -33,6 +33,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/path:go_default_library", "//vendor/k8s.io/utils/strings:go_default_library", diff --git a/pkg/volume/rbd/OWNERS b/pkg/volume/rbd/OWNERS index 9e353b18127..659b0638de7 100644 --- a/pkg/volume/rbd/OWNERS +++ b/pkg/volume/rbd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - rootfs - jsafrane diff --git a/pkg/volume/rbd/attacher.go b/pkg/volume/rbd/attacher.go index c82a20e40f3..c265211e86f 100644 --- a/pkg/volume/rbd/attacher.go +++ b/pkg/volume/rbd/attacher.go @@ -71,6 +71,10 @@ func (plugin *rbdPlugin) GetDeviceMountRefs(deviceMountPath string) ([]string, e return mounter.GetMountRefs(deviceMountPath) } +func (plugin *rbdPlugin) CanAttach(spec *volume.Spec) bool { + return true +} + // rbdAttacher implements volume.Attacher interface. type rbdAttacher struct { plugin *rbdPlugin diff --git a/pkg/volume/rbd/rbd_util.go b/pkg/volume/rbd/rbd_util.go index 613987279f5..e16327bf323 100644 --- a/pkg/volume/rbd/rbd_util.go +++ b/pkg/volume/rbd/rbd_util.go @@ -36,11 +36,11 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/util/errors" "k8s.io/apimachinery/pkg/util/wait" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/util/node" "k8s.io/kubernetes/pkg/volume" - volutil "k8s.io/kubernetes/pkg/volume/util" utilpath "k8s.io/utils/path" ) @@ -580,9 +580,8 @@ func (util *RBDUtil) cleanOldRBDFile(plugin *rbdPlugin, rbdFile string) error { func (util *RBDUtil) CreateImage(p *rbdVolumeProvisioner) (r *v1.RBDPersistentVolumeSource, size int, err error) { var output []byte capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] - volSizeBytes := capacity.Value() // Convert to MB that rbd defaults on. - sz, err := volutil.RoundUpSizeInt(volSizeBytes, 1024*1024) + sz, err := volumehelpers.RoundUpToMiBInt(capacity) if err != nil { return nil, 0, err } @@ -641,9 +640,9 @@ func (util *RBDUtil) DeleteImage(p *rbdVolumeDeleter) error { func (util *RBDUtil) ExpandImage(rbdExpander *rbdVolumeExpander, oldSize resource.Quantity, newSize resource.Quantity) (resource.Quantity, error) { var output []byte var err error - volSizeBytes := newSize.Value() + // Convert to MB that rbd defaults on. - sz := int(volutil.RoundUpSize(volSizeBytes, 1024*1024)) + sz := int(volumehelpers.RoundUpToMiB(newSize)) newVolSz := fmt.Sprintf("%d", sz) newSizeQuant := resource.MustParse(fmt.Sprintf("%dMi", sz)) diff --git a/pkg/volume/scaleio/BUILD b/pkg/volume/scaleio/BUILD index a5c98810a21..cc6c67f4f31 100644 --- a/pkg/volume/scaleio/BUILD +++ b/pkg/volume/scaleio/BUILD @@ -48,6 +48,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/uuid:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/codedellemc/goscaleio:go_default_library", "//vendor/github.com/codedellemc/goscaleio/types/v1:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/pkg/volume/scaleio/sio_volume.go b/pkg/volume/scaleio/sio_volume.go index 926005cbd77..767450aba53 100644 --- a/pkg/volume/scaleio/sio_volume.go +++ b/pkg/volume/scaleio/sio_volume.go @@ -28,6 +28,7 @@ import ( meta "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/uuid" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" @@ -265,19 +266,20 @@ func (v *sioVolume) Provision(selectedNode *api.Node, allowedTopologies []api.To // setup volume attrributes genName := v.generateName("k8svol", 11) - var oneGig int64 = 1024 * 1024 * 1024 - eightGig := 8 * oneGig + eightGig := int64(8 * volumehelpers.GiB) capacity := v.options.PVC.Spec.Resources.Requests[api.ResourceName(api.ResourceStorage)] + volSizeBytes := capacity.Value() - volSizeGB := int64(util.RoundUpSize(volSizeBytes, oneGig)) + volSizeGB := int64(volumehelpers.RoundUpToGiB(capacity)) if volSizeBytes == 0 { return nil, fmt.Errorf("invalid volume size of 0 specified") } if volSizeBytes < eightGig { - volSizeGB = int64(util.RoundUpSize(eightGig, oneGig)) + eightGiBCapacity := resource.NewQuantity(eightGig, resource.BinarySI) + volSizeGB = int64(volumehelpers.RoundUpToGiB(*eightGiBCapacity)) klog.V(4).Info(log("capacity less than 8Gi found, adjusted to %dGi", volSizeGB)) } diff --git a/pkg/volume/secret/OWNERS b/pkg/volume/secret/OWNERS index baaff6ff460..93c0d5e773d 100644 --- a/pkg/volume/secret/OWNERS +++ b/pkg/volume/secret/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/storageos/BUILD b/pkg/volume/storageos/BUILD index ebfc86e0b3d..db9aeeb6dec 100644 --- a/pkg/volume/storageos/BUILD +++ b/pkg/volume/storageos/BUILD @@ -23,6 +23,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/github.com/storageos/go-api:go_default_library", "//vendor/github.com/storageos/go-api/types:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/pkg/volume/storageos/OWNERS b/pkg/volume/storageos/OWNERS index 5d97458018c..7fa4df36eb1 100644 --- a/pkg/volume/storageos/OWNERS +++ b/pkg/volume/storageos/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + maintainers: - croomes - rusenask diff --git a/pkg/volume/storageos/storageos.go b/pkg/volume/storageos/storageos.go index b2619b07b07..f9ad832013b 100644 --- a/pkg/volume/storageos/storageos.go +++ b/pkg/volume/storageos/storageos.go @@ -29,6 +29,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" clientset "k8s.io/client-go/kubernetes" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" @@ -280,6 +281,8 @@ type storageosManager interface { CreateVolume(provisioner *storageosProvisioner) (*storageosVolume, error) // Attaches the disk to the kubelet's host machine. AttachVolume(mounter *storageosMounter) (string, error) + // Attaches the device to the host at a mount path. + AttachDevice(mounter *storageosMounter, deviceMountPath string) error // Detaches the disk from the kubelet's host machine. DetachVolume(unmounter *storageosUnmounter, dir string) error // Mounts the disk on the Kubelet's host machine. @@ -350,6 +353,14 @@ func (b *storageosMounter) SetUp(fsGroup *int64) error { b.volNamespace = b.podNamespace } + targetPath := makeGlobalPDName(b.plugin.host, b.pvName, b.volNamespace, b.volName) + + // Attach the device to the host. + if err := b.manager.AttachDevice(b, targetPath); err != nil { + klog.Errorf("Failed to attach device at %s: %s", targetPath, err.Error()) + return err + } + // Attach the StorageOS volume as a block device devicePath, err := b.manager.AttachVolume(b) if err != nil { @@ -358,8 +369,7 @@ func (b *storageosMounter) SetUp(fsGroup *int64) error { } // Mount the loop device into the plugin's disk global mount dir. - globalPDPath := makeGlobalPDName(b.plugin.host, b.pvName, b.podNamespace, b.volName) - err = b.manager.MountVolume(b, devicePath, globalPDPath) + err = b.manager.MountVolume(b, devicePath, targetPath) if err != nil { return err } @@ -606,7 +616,7 @@ func (c *storageosProvisioner) Provision(selectedNode *v1.Node, allowedTopologie } capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] var err error - c.sizeGB, err = util.RoundUpToGiBInt(capacity) + c.sizeGB, err = volumehelpers.RoundUpToGiBInt(capacity) if err != nil { return nil, err } diff --git a/pkg/volume/storageos/storageos_test.go b/pkg/volume/storageos/storageos_test.go index a5732fff7a1..2b448bc9167 100644 --- a/pkg/volume/storageos/storageos_test.go +++ b/pkg/volume/storageos/storageos_test.go @@ -75,13 +75,14 @@ func TestGetAccessModes(t *testing.T) { } type fakePDManager struct { - api apiImplementer - attachCalled bool - detachCalled bool - mountCalled bool - unmountCalled bool - createCalled bool - deleteCalled bool + api apiImplementer + attachCalled bool + attachDeviceCalled bool + detachCalled bool + mountCalled bool + unmountCalled bool + createCalled bool + deleteCalled bool } func (fake *fakePDManager) NewAPI(apiCfg *storageosAPIConfig) error { @@ -108,6 +109,11 @@ func (fake *fakePDManager) AttachVolume(b *storageosMounter) (string, error) { return "", nil } +func (fake *fakePDManager) AttachDevice(b *storageosMounter, dir string) error { + fake.attachDeviceCalled = true + return nil +} + func (fake *fakePDManager) DetachVolume(b *storageosUnmounter, loopDevice string) error { fake.detachCalled = true return nil @@ -213,6 +219,9 @@ func TestPlugin(t *testing.T) { } } + if !fakeManager.attachDeviceCalled { + t.Errorf("AttachDevice not called") + } if !fakeManager.attachCalled { t.Errorf("Attach not called") } diff --git a/pkg/volume/storageos/storageos_util.go b/pkg/volume/storageos/storageos_util.go index c102e4226d5..eb669186f61 100644 --- a/pkg/volume/storageos/storageos_util.go +++ b/pkg/volume/storageos/storageos_util.go @@ -69,7 +69,7 @@ type apiImplementer interface { VolumeMount(opts storageostypes.VolumeMountOptions) error VolumeUnmount(opts storageostypes.VolumeUnmountOptions) error VolumeDelete(opt storageostypes.DeleteOptions) error - Controller(ref string) (*storageostypes.Controller, error) + Node(ref string) (*storageostypes.Node, error) } // storageosUtil is the utility structure to interact with the StorageOS API. @@ -203,6 +203,25 @@ func (u *storageosUtil) DetachVolume(b *storageosUnmounter, devicePath string) e return removeLoopDevice(devicePath, b.exec) } +// AttachDevice attaches the volume device to the host at a given mount path. +func (u *storageosUtil) AttachDevice(b *storageosMounter, deviceMountPath string) error { + if err := u.NewAPI(b.apiCfg); err != nil { + return err + } + + opts := storageostypes.VolumeMountOptions{ + Name: b.volName, + Namespace: b.volNamespace, + FsType: b.fsType, + Mountpoint: deviceMountPath, + Client: b.plugin.host.GetHostName(), + } + if err := u.api.VolumeMount(opts); err != nil { + return err + } + return nil +} + // Mount mounts the volume on the host. func (u *storageosUtil) MountVolume(b *storageosMounter, mntDevice, deviceMountPath string) error { notMnt, err := b.mounter.IsLikelyNotMountPoint(deviceMountPath) @@ -231,22 +250,7 @@ func (u *storageosUtil) MountVolume(b *storageosMounter, mntDevice, deviceMountP return err } } - if err != nil { - return err - } - - if err := u.NewAPI(b.apiCfg); err != nil { - return err - } - - opts := storageostypes.VolumeMountOptions{ - Name: b.volName, - Namespace: b.volNamespace, - FsType: b.fsType, - Mountpoint: deviceMountPath, - Client: b.plugin.host.GetHostName(), - } - return u.api.VolumeMount(opts) + return err } // Unmount removes the mount reference from the volume allowing it to be @@ -289,7 +293,7 @@ func (u *storageosUtil) DeleteVolume(d *storageosDeleter) error { // specified. func (u *storageosUtil) DeviceDir(b *storageosMounter) string { - ctrl, err := u.api.Controller(b.plugin.host.GetHostName()) + ctrl, err := u.api.Node(b.plugin.host.GetHostName()) if err != nil { klog.Warningf("node device path lookup failed: %v", err) return defaultDeviceDir diff --git a/pkg/volume/storageos/storageos_util_test.go b/pkg/volume/storageos/storageos_util_test.go index e4800cbe51e..b3dabba28a1 100644 --- a/pkg/volume/storageos/storageos_util_test.go +++ b/pkg/volume/storageos/storageos_util_test.go @@ -108,8 +108,8 @@ func (f fakeAPI) VolumeUnmount(opts storageostypes.VolumeUnmountOptions) error { func (f fakeAPI) VolumeDelete(opts storageostypes.DeleteOptions) error { return nil } -func (f fakeAPI) Controller(ref string) (*storageostypes.Controller, error) { - return &storageostypes.Controller{}, nil +func (f fakeAPI) Node(ref string) (*storageostypes.Node, error) { + return &storageostypes.Node{}, nil } func TestCreateVolume(t *testing.T) { diff --git a/pkg/volume/testing/OWNERS b/pkg/volume/testing/OWNERS old mode 100755 new mode 100644 index fcb4625ad6d..883d4af6c20 --- a/pkg/volume/testing/OWNERS +++ b/pkg/volume/testing/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/testing/testing.go b/pkg/volume/testing/testing.go index 1628585cd34..b294f21bc44 100644 --- a/pkg/volume/testing/testing.go +++ b/pkg/volume/testing/testing.go @@ -484,6 +484,10 @@ func (plugin *FakeVolumePlugin) GetNewDetacherCallCount() int { return plugin.NewDetacherCallCount } +func (plugin *FakeVolumePlugin) CanAttach(spec *Spec) bool { + return true +} + func (plugin *FakeVolumePlugin) Recycle(pvName string, spec *Spec, eventRecorder recyclerclient.RecycleEventRecorder) error { return nil } @@ -634,6 +638,10 @@ func (f *FakeAttachableVolumePlugin) NewDetacher() (Detacher, error) { return f.Plugin.NewDetacher() } +func (f *FakeAttachableVolumePlugin) CanAttach(spec *Spec) bool { + return true +} + var _ VolumePlugin = &FakeAttachableVolumePlugin{} var _ AttachableVolumePlugin = &FakeAttachableVolumePlugin{} diff --git a/pkg/volume/util/BUILD b/pkg/volume/util/BUILD index d325599af33..dd48f977e19 100644 --- a/pkg/volume/util/BUILD +++ b/pkg/volume/util/BUILD @@ -9,7 +9,6 @@ go_library( "device_util_linux.go", "device_util_unsupported.go", "doc.go", - "error.go", "finalizer.go", "io_util.go", "metrics.go", @@ -23,7 +22,6 @@ go_library( "//pkg/api/legacyscheme:go_default_library", "//pkg/apis/core/v1/helper:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/util/resizefs:go_default_library", "//pkg/volume:go_default_library", @@ -60,7 +58,6 @@ go_test( deps = [ "//pkg/apis/core/install:go_default_library", "//pkg/apis/core/v1/helper:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/util/slice:go_default_library", "//pkg/volume:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", diff --git a/pkg/volume/util/OWNERS b/pkg/volume/util/OWNERS old mode 100755 new mode 100644 index 7a41ec511a7..9485dfe9514 --- a/pkg/volume/util/OWNERS +++ b/pkg/volume/util/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali reviewers: diff --git a/pkg/volume/util/nestedpendingoperations/OWNERS b/pkg/volume/util/nestedpendingoperations/OWNERS index 4739819ce0c..8bfe4a88f49 100644 --- a/pkg/volume/util/nestedpendingoperations/OWNERS +++ b/pkg/volume/util/nestedpendingoperations/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali diff --git a/pkg/volume/util/operationexecutor/BUILD b/pkg/volume/util/operationexecutor/BUILD index a4a97f9db85..d87b21c447b 100644 --- a/pkg/volume/util/operationexecutor/BUILD +++ b/pkg/volume/util/operationexecutor/BUILD @@ -19,6 +19,7 @@ go_library( "//pkg/kubelet/events:go_default_library", "//pkg/util/mount:go_default_library", "//pkg/volume:go_default_library", + "//pkg/volume/csi:go_default_library", "//pkg/volume/util:go_default_library", "//pkg/volume/util/nestedpendingoperations:go_default_library", "//pkg/volume/util/types:go_default_library", @@ -30,6 +31,7 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/errors:go_default_library", "//staging/src/k8s.io/csi-translation-lib:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], diff --git a/pkg/volume/util/operationexecutor/OWNERS b/pkg/volume/util/operationexecutor/OWNERS index 4739819ce0c..8bfe4a88f49 100644 --- a/pkg/volume/util/operationexecutor/OWNERS +++ b/pkg/volume/util/operationexecutor/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali diff --git a/pkg/volume/util/operationexecutor/operation_generator.go b/pkg/volume/util/operationexecutor/operation_generator.go index 182792378d4..7a9fffab4a2 100644 --- a/pkg/volume/util/operationexecutor/operation_generator.go +++ b/pkg/volume/util/operationexecutor/operation_generator.go @@ -29,6 +29,7 @@ import ( utilfeature "k8s.io/apiserver/pkg/util/feature" clientset "k8s.io/client-go/kubernetes" "k8s.io/client-go/tools/record" + volerr "k8s.io/cloud-provider/volume/errors" csilib "k8s.io/csi-translation-lib" "k8s.io/klog" expandcache "k8s.io/kubernetes/pkg/controller/volume/expand/cache" @@ -36,6 +37,7 @@ import ( kevents "k8s.io/kubernetes/pkg/kubelet/events" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" + "k8s.io/kubernetes/pkg/volume/csi" "k8s.io/kubernetes/pkg/volume/util" volumetypes "k8s.io/kubernetes/pkg/volume/util/types" "k8s.io/kubernetes/pkg/volume/util/volumepathhandler" @@ -288,6 +290,9 @@ func (og *operationGenerator) GenerateBulkVolumeVerifyFunc( func (og *operationGenerator) GenerateAttachVolumeFunc( volumeToAttach VolumeToAttach, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error) { + var err error + var attachableVolumePlugin volume.AttachableVolumePlugin + // Get attacher plugin eventRecorderFunc := func(err *error) { if *err != nil { @@ -297,11 +302,29 @@ func (og *operationGenerator) GenerateAttachVolumeFunc( } } - attachableVolumePlugin, err := - og.volumePluginMgr.FindAttachablePluginBySpec(volumeToAttach.VolumeSpec) - if err != nil || attachableVolumePlugin == nil { - eventRecorderFunc(&err) - return volumetypes.GeneratedOperations{}, volumeToAttach.GenerateErrorDetailed("AttachVolume.FindAttachablePluginBySpec failed", err) + originalSpec := volumeToAttach.VolumeSpec + // useCSIPlugin will check both CSIMigration and the plugin specific feature gate + if useCSIPlugin(og.volumePluginMgr, volumeToAttach.VolumeSpec) { + // The volume represented by this spec is CSI and thus should be migrated + attachableVolumePlugin, err = og.volumePluginMgr.FindAttachablePluginByName(csi.CSIPluginName) + if err != nil || attachableVolumePlugin == nil { + eventRecorderFunc(&err) + return volumetypes.GeneratedOperations{}, volumeToAttach.GenerateErrorDetailed("AttachVolume.FindAttachablePluginByName failed", err) + } + + csiSpec, err := translateSpec(volumeToAttach.VolumeSpec) + if err != nil { + return volumetypes.GeneratedOperations{}, volumeToAttach.GenerateErrorDetailed("AttachVolume.TranslateSpec failed", err) + } + + volumeToAttach.VolumeSpec = csiSpec + } else { + attachableVolumePlugin, err = + og.volumePluginMgr.FindAttachablePluginBySpec(volumeToAttach.VolumeSpec) + if err != nil || attachableVolumePlugin == nil { + eventRecorderFunc(&err) + return volumetypes.GeneratedOperations{}, volumeToAttach.GenerateErrorDetailed("AttachVolume.FindAttachablePluginBySpec failed", err) + } } volumeAttacher, newAttacherErr := attachableVolumePlugin.NewAttacher() @@ -316,10 +339,10 @@ func (og *operationGenerator) GenerateAttachVolumeFunc( volumeToAttach.VolumeSpec, volumeToAttach.NodeName) if attachErr != nil { - if derr, ok := attachErr.(*util.DanglingAttachError); ok { + if derr, ok := attachErr.(*volerr.DanglingAttachError); ok { addErr := actualStateOfWorld.MarkVolumeAsAttached( v1.UniqueVolumeName(""), - volumeToAttach.VolumeSpec, + originalSpec, derr.CurrentNode, derr.DevicePath) @@ -329,7 +352,7 @@ func (og *operationGenerator) GenerateAttachVolumeFunc( } else { addErr := actualStateOfWorld.MarkVolumeAsUncertain( - v1.UniqueVolumeName(""), volumeToAttach.VolumeSpec, volumeToAttach.NodeName) + v1.UniqueVolumeName(""), originalSpec, volumeToAttach.NodeName) if addErr != nil { klog.Errorf("AttachVolume.MarkVolumeAsUncertain fail to add the volume %q to actual state with %s", volumeToAttach.VolumeName, addErr) } @@ -347,7 +370,7 @@ func (og *operationGenerator) GenerateAttachVolumeFunc( // Update actual state of world addVolumeNodeErr := actualStateOfWorld.MarkVolumeAsAttached( - v1.UniqueVolumeName(""), volumeToAttach.VolumeSpec, volumeToAttach.NodeName, devicePath) + v1.UniqueVolumeName(""), originalSpec, volumeToAttach.NodeName, devicePath) if addVolumeNodeErr != nil { // On failure, return error. Caller will log and retry. return volumeToAttach.GenerateError("AttachVolume.MarkVolumeAsAttached failed", addVolumeNodeErr) @@ -378,10 +401,26 @@ func (og *operationGenerator) GenerateDetachVolumeFunc( if volumeToDetach.VolumeSpec != nil { // Get attacher plugin - attachableVolumePlugin, err = - og.volumePluginMgr.FindAttachablePluginBySpec(volumeToDetach.VolumeSpec) - if err != nil || attachableVolumePlugin == nil { - return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginBySpec failed", err) + // useCSIPlugin will check both CSIMigration and the plugin specific feature gate + if useCSIPlugin(og.volumePluginMgr, volumeToDetach.VolumeSpec) { + // The volume represented by this spec is CSI and thus should be migrated + attachableVolumePlugin, err = og.volumePluginMgr.FindAttachablePluginByName(csi.CSIPluginName) + if err != nil || attachableVolumePlugin == nil { + return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("AttachVolume.FindAttachablePluginBySpec failed", err) + } + + csiSpec, err := translateSpec(volumeToDetach.VolumeSpec) + if err != nil { + return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("AttachVolume.TranslateSpec failed", err) + } + + volumeToDetach.VolumeSpec = csiSpec + } else { + attachableVolumePlugin, err = + og.volumePluginMgr.FindAttachablePluginBySpec(volumeToDetach.VolumeSpec) + if err != nil || attachableVolumePlugin == nil { + return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginBySpec failed", err) + } } volumeName, err = @@ -397,10 +436,28 @@ func (og *operationGenerator) GenerateDetachVolumeFunc( if err != nil { return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.SplitUniqueName failed", err) } - attachableVolumePlugin, err = og.volumePluginMgr.FindAttachablePluginByName(pluginName) - if err != nil || attachableVolumePlugin == nil { - return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginByName failed", err) + + // TODO(dyzz): This case can't distinguish between PV and In-line which is necessary because + // if it was PV it may have been migrated, but the same plugin with in-line may not have been. + // Suggestions welcome... + if csilib.IsMigratableByName(pluginName) && utilfeature.DefaultFeatureGate.Enabled(features.CSIMigration) { + // The volume represented by this spec is CSI and thus should be migrated + attachableVolumePlugin, err = og.volumePluginMgr.FindAttachablePluginByName(csi.CSIPluginName) + if err != nil || attachableVolumePlugin == nil { + return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("AttachVolume.FindAttachablePluginBySpec failed", err) + } + // volumeToDetach.VolumeName here is always the in-tree volume name + // therefore a workaround is required. volumeToDetach.DevicePath + // is the attachID which happens to be what volumeName is needed for in Detach. + // Therefore we set volumeName to the attachID. And CSI Detach can detect and use that. + volumeName = volumeToDetach.DevicePath + } else { + attachableVolumePlugin, err = og.volumePluginMgr.FindAttachablePluginByName(pluginName) + if err != nil || attachableVolumePlugin == nil { + return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginByName failed", err) + } } + } if pluginName == "" { @@ -457,6 +514,17 @@ func (og *operationGenerator) GenerateMountVolumeFunc( } mountVolumeFunc := func() (error, error) { + originalSpec := volumeToMount.VolumeSpec + // Get mounter plugin + if useCSIPlugin(og.volumePluginMgr, volumeToMount.VolumeSpec) { + csiSpec, err := translateSpec(volumeToMount.VolumeSpec) + if err != nil { + return volumeToMount.GenerateError("MountVolume.TranslateSpec failed", err) + } + volumeToMount.VolumeSpec = csiSpec + } + + volumePlugin, err := og.volumePluginMgr.FindPluginBySpec(volumeToMount.VolumeSpec) if err != nil || volumePlugin == nil { return volumeToMount.GenerateError("MountVolume.FindPluginBySpec failed", err) } @@ -586,7 +654,7 @@ func (og *operationGenerator) GenerateMountVolumeFunc( nil, volumeToMount.OuterVolumeSpecName, volumeToMount.VolumeGidValue, - volumeToMount.VolumeSpec) + originalSpec) if markVolMountedErr != nil { // On failure, return error. Caller will log and retry. return volumeToMount.GenerateError("MountVolume.MarkVolumeAsMounted failed", markVolMountedErr) @@ -662,13 +730,19 @@ func (og *operationGenerator) GenerateUnmountVolumeFunc( volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) (volumetypes.GeneratedOperations, error) { + + var pluginName string + if useCSIPlugin(og.volumePluginMgr, volumeToUnmount.VolumeSpec) { + pluginName = csi.CSIPluginName + } else { + pluginName = volumeToUnmount.PluginName + } + // Get mountable plugin - volumePlugin, err := - og.volumePluginMgr.FindPluginByName(volumeToUnmount.PluginName) + volumePlugin, err := og.volumePluginMgr.FindPluginByName(pluginName) if err != nil || volumePlugin == nil { return volumetypes.GeneratedOperations{}, volumeToUnmount.GenerateErrorDetailed("UnmountVolume.FindPluginByName failed", err) } - volumeUnmounter, newUnmounterErr := volumePlugin.NewUnmounter( volumeToUnmount.InnerVolumeSpecName, volumeToUnmount.PodUID) if newUnmounterErr != nil { @@ -723,12 +797,26 @@ func (og *operationGenerator) GenerateUnmountDeviceFunc( deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) (volumetypes.GeneratedOperations, error) { + + var pluginName string + if useCSIPlugin(og.volumePluginMgr, deviceToDetach.VolumeSpec) { + pluginName = csi.CSIPluginName + csiSpec, err := translateSpec(deviceToDetach.VolumeSpec) + if err != nil { + return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmountDevice.TranslateSpec failed", err) + } + deviceToDetach.VolumeSpec = csiSpec + } else { + pluginName = deviceToDetach.PluginName + } + // Get DeviceMounter plugin deviceMountableVolumePlugin, err := - og.volumePluginMgr.FindDeviceMountablePluginByName(deviceToDetach.PluginName) + og.volumePluginMgr.FindDeviceMountablePluginByName(pluginName) if err != nil || deviceMountableVolumePlugin == nil { return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmountDevice.FindDeviceMountablePluginByName failed", err) } + volumeDeviceUmounter, err := deviceMountableVolumePlugin.NewDeviceUnmounter() if err != nil { return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmountDevice.NewDeviceUmounter failed", err) @@ -803,7 +891,7 @@ func (og *operationGenerator) GenerateUnmountDeviceFunc( // After setup is done, create symbolic links on both global map path and pod // device map path. Once symbolic links are created, take fd lock by // loopback for the device to avoid silent volume replacement. This lock -// will be realased once no one uses the device. +// will be released once no one uses the device. // If all steps are completed, the volume is marked as mounted. func (og *operationGenerator) GenerateMapVolumeFunc( waitForAttachTimeout time.Duration, @@ -1033,7 +1121,7 @@ func (og *operationGenerator) GenerateUnmapVolumeFunc( // GenerateUnmapDeviceFunc marks device as unmounted based on following steps. // Check under globalMapPath dir if there isn't pod's symbolic links in it. -// If symbolick link isn't there, the device isn't referenced from Pods. +// If symbolic link isn't there, the device isn't referenced from Pods. // Call plugin TearDownDevice to clean-up device connection, stored data under // globalMapPath, these operations depend on plugin implementation. // Once TearDownDevice is completed, remove globalMapPath dir. @@ -1064,7 +1152,7 @@ func (og *operationGenerator) GenerateUnmapDeviceFunc( unmapDeviceFunc := func() (error, error) { // Search under globalMapPath dir if all symbolic links from pods have been removed already. - // If symbolick links are there, pods may still refer the volume. + // If symbolic links are there, pods may still refer the volume. globalMapPath := deviceToDetach.DeviceMountPath refs, err := og.blkUtil.GetDeviceSymlinkRefs(deviceToDetach.DevicePath, globalMapPath) if err != nil { diff --git a/pkg/volume/util/recyclerclient/recycler_client_test.go b/pkg/volume/util/recyclerclient/recycler_client_test.go index 64e04fbcc28..e4182dd0f31 100644 --- a/pkg/volume/util/recyclerclient/recycler_client_test.go +++ b/pkg/volume/util/recyclerclient/recycler_client_test.go @@ -20,7 +20,7 @@ import ( "fmt" "testing" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/watch" @@ -88,7 +88,7 @@ func TestRecyclerPod(t *testing.T) { // Pod gets Running and Succeeded newPodEvent(watch.Added, "podRecyclerSuccess", v1.PodPending, ""), newEvent(v1.EventTypeNormal, "Successfully assigned recycler-for-podRecyclerSuccess to 127.0.0.1"), - newEvent(v1.EventTypeNormal, "pulling image \"k8s.gcr.io/busybox\""), + newEvent(v1.EventTypeNormal, "Pulling image \"k8s.gcr.io/busybox\""), newEvent(v1.EventTypeNormal, "Successfully pulled image \"k8s.gcr.io/busybox\""), newEvent(v1.EventTypeNormal, "Created container with docker id 83d929aeac82"), newEvent(v1.EventTypeNormal, "Started container with docker id 83d929aeac82"), @@ -97,7 +97,7 @@ func TestRecyclerPod(t *testing.T) { }, expectedEvents: []mockEvent{ {v1.EventTypeNormal, "Successfully assigned recycler-for-podRecyclerSuccess to 127.0.0.1"}, - {v1.EventTypeNormal, "pulling image \"k8s.gcr.io/busybox\""}, + {v1.EventTypeNormal, "Pulling image \"k8s.gcr.io/busybox\""}, {v1.EventTypeNormal, "Successfully pulled image \"k8s.gcr.io/busybox\""}, {v1.EventTypeNormal, "Created container with docker id 83d929aeac82"}, {v1.EventTypeNormal, "Started container with docker id 83d929aeac82"}, diff --git a/pkg/volume/util/util.go b/pkg/volume/util/util.go index 34018f8f0ee..2565c6b07f4 100644 --- a/pkg/volume/util/util.go +++ b/pkg/volume/util/util.go @@ -18,14 +18,11 @@ package util import ( "fmt" - "hash/fnv" "io/ioutil" - "math/rand" "os" "path" "path/filepath" "reflect" - "strconv" "strings" v1 "k8s.io/api/core/v1" @@ -42,7 +39,6 @@ import ( "k8s.io/kubernetes/pkg/api/legacyscheme" v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/util/mount" "k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume/util/types" @@ -51,11 +47,6 @@ import ( ) const ( - // GB - GigaByte size - GB = 1000 * 1000 * 1000 - // GIB - GibiByte size - GIB = 1024 * 1024 * 1024 - readyFileName = "ready" // ControllerManagedAttachAnnotation is the key of the annotation on Node @@ -76,16 +67,6 @@ const ( VolumeDynamicallyCreatedByKey = "kubernetes.io/createdby" ) -// VolumeZoneConfig contains config information about zonal volume. -type VolumeZoneConfig struct { - ZonePresent bool - ZonesPresent bool - ReplicaZoneFromNodePresent bool - Zone string - Zones string - ReplicaZoneFromNode string -} - // IsReady checks for the existence of a regular file // called 'ready' in the given directory and returns // true if that file exists. @@ -217,174 +198,6 @@ func LoadPodFromFile(filePath string) (*v1.Pod, error) { return pod, nil } -// SelectZoneForVolume is a wrapper around SelectZonesForVolume -// to select a single zone for a volume based on parameters -func SelectZoneForVolume(zoneParameterPresent, zonesParameterPresent bool, zoneParameter string, zonesParameter, zonesWithNodes sets.String, node *v1.Node, allowedTopologies []v1.TopologySelectorTerm, pvcName string) (string, error) { - zones, err := SelectZonesForVolume(zoneParameterPresent, zonesParameterPresent, zoneParameter, zonesParameter, zonesWithNodes, node, allowedTopologies, pvcName, 1) - if err != nil { - return "", err - } - zone, ok := zones.PopAny() - if !ok { - return "", fmt.Errorf("could not determine a zone to provision volume in") - } - return zone, nil -} - -// SelectZonesForVolume selects zones for a volume based on several factors: -// node.zone, allowedTopologies, zone/zones parameters from storageclass, -// zones with active nodes from the cluster. The number of zones = replicas. -func SelectZonesForVolume(zoneParameterPresent, zonesParameterPresent bool, zoneParameter string, zonesParameter, zonesWithNodes sets.String, node *v1.Node, allowedTopologies []v1.TopologySelectorTerm, pvcName string, numReplicas uint32) (sets.String, error) { - if zoneParameterPresent && zonesParameterPresent { - return nil, fmt.Errorf("both zone and zones StorageClass parameters must not be used at the same time") - } - - var zoneFromNode string - // pick one zone from node if present - if node != nil { - // VolumeScheduling implicit since node is not nil - if zoneParameterPresent || zonesParameterPresent { - return nil, fmt.Errorf("zone[s] cannot be specified in StorageClass if VolumeBindingMode is set to WaitForFirstConsumer. Please specify allowedTopologies in StorageClass for constraining zones") - } - - // pick node's zone for one of the replicas - var ok bool - zoneFromNode, ok = node.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] - if !ok { - return nil, fmt.Errorf("%s Label for node missing", kubeletapis.LabelZoneFailureDomain) - } - // if single replica volume and node with zone found, return immediately - if numReplicas == 1 { - return sets.NewString(zoneFromNode), nil - } - } - - // pick zone from allowedZones if specified - allowedZones, err := ZonesFromAllowedTopologies(allowedTopologies) - if err != nil { - return nil, err - } - - if (len(allowedTopologies) > 0) && (allowedZones.Len() == 0) { - return nil, fmt.Errorf("no matchLabelExpressions with %s key found in allowedTopologies. Please specify matchLabelExpressions with %s key", kubeletapis.LabelZoneFailureDomain, kubeletapis.LabelZoneFailureDomain) - } - - if allowedZones.Len() > 0 { - // VolumeScheduling implicit since allowedZones present - if zoneParameterPresent || zonesParameterPresent { - return nil, fmt.Errorf("zone[s] cannot be specified in StorageClass if allowedTopologies specified") - } - // scheduler will guarantee if node != null above, zoneFromNode is member of allowedZones. - // so if zoneFromNode != "", we can safely assume it is part of allowedZones. - zones, err := chooseZonesForVolumeIncludingZone(allowedZones, pvcName, zoneFromNode, numReplicas) - if err != nil { - return nil, fmt.Errorf("cannot process zones in allowedTopologies: %v", err) - } - return zones, nil - } - - // pick zone from parameters if present - if zoneParameterPresent { - if numReplicas > 1 { - return nil, fmt.Errorf("zone cannot be specified if desired number of replicas for pv is greather than 1. Please specify zones or allowedTopologies to specify desired zones") - } - return sets.NewString(zoneParameter), nil - } - - if zonesParameterPresent { - if uint32(zonesParameter.Len()) < numReplicas { - return nil, fmt.Errorf("not enough zones found in zones parameter to provision a volume with %d replicas. Found %d zones, need %d zones", numReplicas, zonesParameter.Len(), numReplicas) - } - // directly choose from zones parameter; no zone from node need to be considered - return ChooseZonesForVolume(zonesParameter, pvcName, numReplicas), nil - } - - // pick zone from zones with nodes - if zonesWithNodes.Len() > 0 { - // If node != null (and thus zoneFromNode != ""), zoneFromNode will be member of zonesWithNodes - zones, err := chooseZonesForVolumeIncludingZone(zonesWithNodes, pvcName, zoneFromNode, numReplicas) - if err != nil { - return nil, fmt.Errorf("cannot process zones where nodes exist in the cluster: %v", err) - } - return zones, nil - } - return nil, fmt.Errorf("cannot determine zones to provision volume in") -} - -// ZonesFromAllowedTopologies returns a list of zones specified in allowedTopologies -func ZonesFromAllowedTopologies(allowedTopologies []v1.TopologySelectorTerm) (sets.String, error) { - zones := make(sets.String) - for _, term := range allowedTopologies { - for _, exp := range term.MatchLabelExpressions { - if exp.Key == kubeletapis.LabelZoneFailureDomain { - for _, value := range exp.Values { - zones.Insert(value) - } - } else { - return nil, fmt.Errorf("unsupported key found in matchLabelExpressions: %s", exp.Key) - } - } - } - return zones, nil -} - -// ZonesSetToLabelValue converts zones set to label value -func ZonesSetToLabelValue(strSet sets.String) string { - return strings.Join(strSet.UnsortedList(), kubeletapis.LabelMultiZoneDelimiter) -} - -// ZonesToSet converts a string containing a comma separated list of zones to set -func ZonesToSet(zonesString string) (sets.String, error) { - zones, err := stringToSet(zonesString, ",") - if err != nil { - return nil, fmt.Errorf("error parsing zones %s, must be strings separated by commas: %v", zonesString, err) - } - return zones, nil -} - -// LabelZonesToSet converts a PV label value from string containing a delimited list of zones to set -func LabelZonesToSet(labelZonesValue string) (sets.String, error) { - return stringToSet(labelZonesValue, kubeletapis.LabelMultiZoneDelimiter) -} - -// StringToSet converts a string containing list separated by specified delimiter to a set -func stringToSet(str, delimiter string) (sets.String, error) { - zonesSlice := strings.Split(str, delimiter) - zonesSet := make(sets.String) - for _, zone := range zonesSlice { - trimmedZone := strings.TrimSpace(zone) - if trimmedZone == "" { - return make(sets.String), fmt.Errorf( - "%q separated list (%q) must not contain an empty string", - delimiter, - str) - } - zonesSet.Insert(trimmedZone) - } - return zonesSet, nil -} - -// LabelZonesToList converts a PV label value from string containing a delimited list of zones to list -func LabelZonesToList(labelZonesValue string) ([]string, error) { - return stringToList(labelZonesValue, kubeletapis.LabelMultiZoneDelimiter) -} - -// StringToList converts a string containing list separated by specified delimiter to a list -func stringToList(str, delimiter string) ([]string, error) { - zonesSlice := make([]string, 0) - for _, zone := range strings.Split(str, delimiter) { - trimmedZone := strings.TrimSpace(zone) - if trimmedZone == "" { - return nil, fmt.Errorf( - "%q separated list (%q) must not contain an empty string", - delimiter, - str) - } - zonesSlice = append(zonesSlice, trimmedZone) - } - return zonesSlice, nil -} - // CalculateTimeoutForVolume calculates time for a Recycler pod to complete a // recycle operation. The calculation and return value is either the // minimumTimeout or the timeoutIncrement per Gi of storage size, whichever is @@ -401,57 +214,6 @@ func CalculateTimeoutForVolume(minimumTimeout, timeoutIncrement int, pv *v1.Pers return timeout } -// RoundUpSize calculates how many allocation units are needed to accommodate -// a volume of given size. E.g. when user wants 1500MiB volume, while AWS EBS -// allocates volumes in gibibyte-sized chunks, -// RoundUpSize(1500 * 1024*1024, 1024*1024*1024) returns '2' -// (2 GiB is the smallest allocatable volume that can hold 1500MiB) -func RoundUpSize(volumeSizeBytes int64, allocationUnitBytes int64) int64 { - roundedUp := volumeSizeBytes / allocationUnitBytes - if volumeSizeBytes%allocationUnitBytes > 0 { - roundedUp++ - } - return roundedUp -} - -// RoundUpToGB rounds up given quantity to chunks of GB -func RoundUpToGB(size resource.Quantity) int64 { - requestBytes := size.Value() - return RoundUpSize(requestBytes, GB) -} - -// RoundUpToGiB rounds up given quantity upto chunks of GiB -func RoundUpToGiB(size resource.Quantity) int64 { - requestBytes := size.Value() - return RoundUpSize(requestBytes, GIB) -} - -// RoundUpSizeInt calculates how many allocation units are needed to accommodate -// a volume of given size. It returns an int instead of an int64 and an error if -// there's overflow -func RoundUpSizeInt(volumeSizeBytes int64, allocationUnitBytes int64) (int, error) { - roundedUp := RoundUpSize(volumeSizeBytes, allocationUnitBytes) - roundedUpInt := int(roundedUp) - if int64(roundedUpInt) != roundedUp { - return 0, fmt.Errorf("capacity %v is too great, casting results in integer overflow", roundedUp) - } - return roundedUpInt, nil -} - -// RoundUpToGBInt rounds up given quantity to chunks of GB. It returns an -// int instead of an int64 and an error if there's overflow -func RoundUpToGBInt(size resource.Quantity) (int, error) { - requestBytes := size.Value() - return RoundUpSizeInt(requestBytes, GB) -} - -// RoundUpToGiBInt rounds up given quantity upto chunks of GiB. It returns an -// int instead of an int64 and an error if there's overflow -func RoundUpToGiBInt(size resource.Quantity) (int, error) { - requestBytes := size.Value() - return RoundUpSizeInt(requestBytes, GIB) -} - // GenerateVolumeName returns a PV name with clusterName prefix. The function // should be used to generate a name of GCE PD or Cinder volume. It basically // adds "-dynamic-" before the PV name, making sure the resulting @@ -477,148 +239,6 @@ func GetPath(mounter volume.Mounter) (string, error) { return path, nil } -// ChooseZoneForVolume implements our heuristics for choosing a zone for volume creation based on the volume name -// Volumes are generally round-robin-ed across all active zones, using the hash of the PVC Name. -// However, if the PVCName ends with `-`, we will hash the prefix, and then add the integer to the hash. -// This means that a StatefulSet's volumes (`claimname-statefulsetname-id`) will spread across available zones, -// assuming the id values are consecutive. -func ChooseZoneForVolume(zones sets.String, pvcName string) string { - // No zones available, return empty string. - if zones.Len() == 0 { - return "" - } - - // We create the volume in a zone determined by the name - // Eventually the scheduler will coordinate placement into an available zone - hash, index := getPVCNameHashAndIndexOffset(pvcName) - - // Zones.List returns zones in a consistent order (sorted) - // We do have a potential failure case where volumes will not be properly spread, - // if the set of zones changes during StatefulSet volume creation. However, this is - // probably relatively unlikely because we expect the set of zones to be essentially - // static for clusters. - // Hopefully we can address this problem if/when we do full scheduler integration of - // PVC placement (which could also e.g. avoid putting volumes in overloaded or - // unhealthy zones) - zoneSlice := zones.List() - zone := zoneSlice[(hash+index)%uint32(len(zoneSlice))] - - klog.V(2).Infof("Creating volume for PVC %q; chose zone=%q from zones=%q", pvcName, zone, zoneSlice) - return zone -} - -// chooseZonesForVolumeIncludingZone is a wrapper around ChooseZonesForVolume that ensures zoneToInclude is chosen -// zoneToInclude can either be empty in which case it is ignored. If non-empty, zoneToInclude is expected to be member of zones. -// numReplicas is expected to be > 0 and <= zones.Len() -func chooseZonesForVolumeIncludingZone(zones sets.String, pvcName, zoneToInclude string, numReplicas uint32) (sets.String, error) { - if numReplicas == 0 { - return nil, fmt.Errorf("invalid number of replicas passed") - } - if uint32(zones.Len()) < numReplicas { - return nil, fmt.Errorf("not enough zones found to provision a volume with %d replicas. Need at least %d distinct zones for a volume with %d replicas", numReplicas, numReplicas, numReplicas) - } - if zoneToInclude != "" && !zones.Has(zoneToInclude) { - return nil, fmt.Errorf("zone to be included: %s needs to be member of set: %v", zoneToInclude, zones) - } - if uint32(zones.Len()) == numReplicas { - return zones, nil - } - if zoneToInclude != "" { - zones.Delete(zoneToInclude) - numReplicas = numReplicas - 1 - } - zonesChosen := ChooseZonesForVolume(zones, pvcName, numReplicas) - if zoneToInclude != "" { - zonesChosen.Insert(zoneToInclude) - } - return zonesChosen, nil -} - -// ChooseZonesForVolume is identical to ChooseZoneForVolume, but selects a multiple zones, for multi-zone disks. -func ChooseZonesForVolume(zones sets.String, pvcName string, numZones uint32) sets.String { - // No zones available, return empty set. - replicaZones := sets.NewString() - if zones.Len() == 0 { - return replicaZones - } - - // We create the volume in a zone determined by the name - // Eventually the scheduler will coordinate placement into an available zone - hash, index := getPVCNameHashAndIndexOffset(pvcName) - - // Zones.List returns zones in a consistent order (sorted) - // We do have a potential failure case where volumes will not be properly spread, - // if the set of zones changes during StatefulSet volume creation. However, this is - // probably relatively unlikely because we expect the set of zones to be essentially - // static for clusters. - // Hopefully we can address this problem if/when we do full scheduler integration of - // PVC placement (which could also e.g. avoid putting volumes in overloaded or - // unhealthy zones) - zoneSlice := zones.List() - - startingIndex := index * numZones - for index = startingIndex; index < startingIndex+numZones; index++ { - zone := zoneSlice[(hash+index)%uint32(len(zoneSlice))] - replicaZones.Insert(zone) - } - - klog.V(2).Infof("Creating volume for replicated PVC %q; chosen zones=%q from zones=%q", - pvcName, replicaZones.UnsortedList(), zoneSlice) - return replicaZones -} - -func getPVCNameHashAndIndexOffset(pvcName string) (hash uint32, index uint32) { - if pvcName == "" { - // We should always be called with a name; this shouldn't happen - klog.Warningf("No name defined during volume create; choosing random zone") - - hash = rand.Uint32() - } else { - hashString := pvcName - - // Heuristic to make sure that volumes in a StatefulSet are spread across zones - // StatefulSet PVCs are (currently) named ClaimName-StatefulSetName-Id, - // where Id is an integer index. - // Note though that if a StatefulSet pod has multiple claims, we need them to be - // in the same zone, because otherwise the pod will be unable to mount both volumes, - // and will be unschedulable. So we hash _only_ the "StatefulSetName" portion when - // it looks like `ClaimName-StatefulSetName-Id`. - // We continue to round-robin volume names that look like `Name-Id` also; this is a useful - // feature for users that are creating statefulset-like functionality without using statefulsets. - lastDash := strings.LastIndexByte(pvcName, '-') - if lastDash != -1 { - statefulsetIDString := pvcName[lastDash+1:] - statefulsetID, err := strconv.ParseUint(statefulsetIDString, 10, 32) - if err == nil { - // Offset by the statefulsetID, so we round-robin across zones - index = uint32(statefulsetID) - // We still hash the volume name, but only the prefix - hashString = pvcName[:lastDash] - - // In the special case where it looks like `ClaimName-StatefulSetName-Id`, - // hash only the StatefulSetName, so that different claims on the same StatefulSet - // member end up in the same zone. - // Note that StatefulSetName (and ClaimName) might themselves both have dashes. - // We actually just take the portion after the final - of ClaimName-StatefulSetName. - // For our purposes it doesn't much matter (just suboptimal spreading). - lastDash := strings.LastIndexByte(hashString, '-') - if lastDash != -1 { - hashString = hashString[lastDash+1:] - } - - klog.V(2).Infof("Detected StatefulSet-style volume name %q; index=%d", pvcName, index) - } - } - - // We hash the (base) volume name, so we don't bias towards the first N zones - h := fnv.New32() - h.Write([]byte(hashString)) - hash = h.Sum32() - } - - return hash, index -} - // UnmountViaEmptyDir delegates the tear down operation for secret, configmap, git_repo and downwardapi // to empty_dir func UnmountViaEmptyDir(dir string, host volume.VolumeHost, volName string, volSpec volume.Spec, podUID utypes.UID) error { @@ -667,16 +287,6 @@ func JoinMountOptions(userOptions []string, systemOptions []string) []string { return allMountOptions.List() } -// ValidateZone returns: -// - an error in case zone is an empty string or contains only any combination of spaces and tab characters -// - nil otherwise -func ValidateZone(zone string) error { - if strings.TrimSpace(zone) == "" { - return fmt.Errorf("the provided %q zone is not valid, it's an empty string or contains only spaces and tab characters", zone) - } - return nil -} - // AccessModesContains returns whether the requested mode is contained by modes func AccessModesContains(modes []v1.PersistentVolumeAccessMode, mode v1.PersistentVolumeAccessMode) bool { for _, m := range modes { diff --git a/pkg/volume/util/util_test.go b/pkg/volume/util/util_test.go index 257410e226f..3ad893f82a7 100644 --- a/pkg/volume/util/util_test.go +++ b/pkg/volume/util/util_test.go @@ -23,11 +23,6 @@ import ( "testing" v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/util/sets" - - // util.go uses api.Codecs.LegacyCodec so import this package to do some - // resource initialization. - "hash/fnv" _ "k8s.io/kubernetes/pkg/apis/core/install" @@ -36,7 +31,6 @@ import ( "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/util/slice" "k8s.io/kubernetes/pkg/volume" @@ -318,39 +312,6 @@ spec: } } } -func TestZonesToSet(t *testing.T) { - functionUnderTest := "ZonesToSet" - // First part: want an error - sliceOfZones := []string{"", ",", "us-east-1a, , us-east-1d", ", us-west-1b", "us-west-2b,"} - for _, zones := range sliceOfZones { - if got, err := ZonesToSet(zones); err == nil { - t.Errorf("%v(%v) returned (%v), want (%v)", functionUnderTest, zones, got, "an error") - } - } - - // Second part: want no error - tests := []struct { - zones string - want sets.String - }{ - { - zones: "us-east-1a", - want: sets.String{"us-east-1a": sets.Empty{}}, - }, - { - zones: "us-east-1a, us-west-2a", - want: sets.String{ - "us-east-1a": sets.Empty{}, - "us-west-2a": sets.Empty{}, - }, - }, - } - for _, tt := range tests { - if got, err := ZonesToSet(tt.zones); err != nil || !got.Equal(tt.want) { - t.Errorf("%v(%v) returned (%v), want (%v)", functionUnderTest, tt.zones, got, tt.want) - } - } -} func TestCalculateTimeoutForVolume(t *testing.T) { pv := &v1.PersistentVolume{ @@ -471,1753 +432,6 @@ func createVolumeSpecWithMountOption(name string, mountOptions string, spec v1.P return &volume.Spec{PersistentVolume: pv} } -func checkFnv32(t *testing.T, s string, expected uint32) { - h := fnv.New32() - h.Write([]byte(s)) - h.Sum32() - - if h.Sum32() != expected { - t.Fatalf("hash of %q was %v, expected %v", s, h.Sum32(), expected) - } -} - -func TestChooseZoneForVolume(t *testing.T) { - checkFnv32(t, "henley", 1180403676) - // 1180403676 mod 3 == 0, so the offset from "henley" is 0, which makes it easier to verify this by inspection - - // A few others - checkFnv32(t, "henley-", 2652299129) - checkFnv32(t, "henley-a", 1459735322) - checkFnv32(t, "", 2166136261) - - tests := []struct { - Zones sets.String - VolumeName string - Expected string - }{ - // Test for PVC names that don't have a dash - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley", - Expected: "a", // hash("henley") == 0 - }, - // Tests for PVC names that end in - number, but don't look like statefulset PVCs - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-0", - Expected: "a", // hash("henley") == 0 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-1", - Expected: "b", // hash("henley") + 1 == 1 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-2", - Expected: "c", // hash("henley") + 2 == 2 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-3", - Expected: "a", // hash("henley") + 3 == 3 === 0 mod 3 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-4", - Expected: "b", // hash("henley") + 4 == 4 === 1 mod 3 - }, - // Tests for PVC names that are edge cases - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-", - Expected: "c", // hash("henley-") = 2652299129 === 2 mod 3 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-a", - Expected: "c", // hash("henley-a") = 1459735322 === 2 mod 3 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium--1", - Expected: "c", // hash("") + 1 == 2166136261 + 1 === 2 mod 3 - }, - // Tests for PVC names for simple StatefulSet cases - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-1", - Expected: "b", // hash("henley") + 1 == 1 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "loud-henley-1", - Expected: "b", // hash("henley") + 1 == 1 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "quiet-henley-2", - Expected: "c", // hash("henley") + 2 == 2 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-2", - Expected: "c", // hash("henley") + 2 == 2 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-3", - Expected: "a", // hash("henley") + 3 == 3 === 0 mod 3 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-4", - Expected: "b", // hash("henley") + 4 == 4 === 1 mod 3 - }, - // Tests for statefulsets (or claims) with dashes in the names - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-alpha-henley-2", - Expected: "c", // hash("henley") + 2 == 2 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-beta-henley-3", - Expected: "a", // hash("henley") + 3 == 3 === 0 mod 3 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-gamma-henley-4", - Expected: "b", // hash("henley") + 4 == 4 === 1 mod 3 - }, - // Tests for statefulsets name ending in - - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--2", - Expected: "a", // hash("") + 2 == 0 mod 3 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--3", - Expected: "b", // hash("") + 3 == 1 mod 3 - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--4", - Expected: "c", // hash("") + 4 == 2 mod 3 - }, - // Test for no zones - { - Zones: sets.NewString(), - VolumeName: "medium-henley--1", - Expected: "", - }, - { - Zones: nil, - VolumeName: "medium-henley--2", - Expected: "", - }, - } - - for _, test := range tests { - actual := ChooseZoneForVolume(test.Zones, test.VolumeName) - - if actual != test.Expected { - t.Errorf("Test %v failed, expected zone %q, actual %q", test, test.Expected, actual) - } - } -} - -func TestChooseZonesForVolume(t *testing.T) { - checkFnv32(t, "henley", 1180403676) - // 1180403676 mod 3 == 0, so the offset from "henley" is 0, which makes it easier to verify this by inspection - - // A few others - checkFnv32(t, "henley-", 2652299129) - checkFnv32(t, "henley-a", 1459735322) - checkFnv32(t, "", 2166136261) - - tests := []struct { - Zones sets.String - VolumeName string - NumZones uint32 - Expected sets.String - }{ - // Test for PVC names that don't have a dash - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley", - NumZones: 1, - Expected: sets.NewString("a" /* hash("henley") == 0 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley", - NumZones: 2, - Expected: sets.NewString("a" /* hash("henley") == 0 */, "b"), - }, - // Tests for PVC names that end in - number, but don't look like statefulset PVCs - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-0", - NumZones: 1, - Expected: sets.NewString("a" /* hash("henley") == 0 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-0", - NumZones: 2, - Expected: sets.NewString("a" /* hash("henley") == 0 */, "b"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-1", - NumZones: 1, - Expected: sets.NewString("b" /* hash("henley") + 1 == 1 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-1", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley") + 1 + 1(startingIndex) == 2 */, "a"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-2", - NumZones: 1, - Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-2", - NumZones: 2, - Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-3", - NumZones: 1, - Expected: sets.NewString("a" /* hash("henley") + 3 == 3 === 0 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-3", - NumZones: 2, - Expected: sets.NewString("a" /* hash("henley") + 3 + 3(startingIndex) == 6 */, "b"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-4", - NumZones: 1, - Expected: sets.NewString("b" /* hash("henley") + 4 == 4 === 1 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-4", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley") + 4 + 4(startingIndex) == 8 */, "a"), - }, - // Tests for PVC names that are edge cases - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-", - NumZones: 1, - Expected: sets.NewString("c" /* hash("henley-") = 2652299129 === 2 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley-") = 2652299129 === 2 mod 3 = 2 */, "a"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-a", - NumZones: 1, - Expected: sets.NewString("c" /* hash("henley-a") = 1459735322 === 2 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "henley-a", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley-a") = 1459735322 === 2 mod 3 = 2 */, "a"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium--1", - NumZones: 1, - Expected: sets.NewString("c" /* hash("") + 1 == 2166136261 + 1 === 2 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium--1", - NumZones: 2, - Expected: sets.NewString("a" /* hash("") + 1 + 1(startingIndex) == 2166136261 + 1 + 1 === 3 mod 3 = 0 */, "b"), - }, - // Tests for PVC names for simple StatefulSet cases - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-1", - NumZones: 1, - Expected: sets.NewString("b" /* hash("henley") + 1 == 1 */), - }, - // Tests for PVC names for simple StatefulSet cases - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-1", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley") + 1 + 1(startingIndex) == 2 */, "a"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "loud-henley-1", - NumZones: 1, - Expected: sets.NewString("b" /* hash("henley") + 1 == 1 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "loud-henley-1", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley") + 1 + 1(startingIndex) == 2 */, "a"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "quiet-henley-2", - NumZones: 1, - Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "quiet-henley-2", - NumZones: 2, - Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-2", - NumZones: 1, - Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-2", - NumZones: 2, - Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-3", - NumZones: 1, - Expected: sets.NewString("a" /* hash("henley") + 3 == 3 === 0 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-3", - NumZones: 2, - Expected: sets.NewString("a" /* hash("henley") + 3 + 3(startingIndex) == 6 === 6 mod 3 = 0 */, "b"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-4", - NumZones: 1, - Expected: sets.NewString("b" /* hash("henley") + 4 == 4 === 1 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley-4", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley") + 4 + 4(startingIndex) == 8 === 2 mod 3 */, "a"), - }, - // Tests for statefulsets (or claims) with dashes in the names - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-alpha-henley-2", - NumZones: 1, - Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-alpha-henley-2", - NumZones: 2, - Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-beta-henley-3", - NumZones: 1, - Expected: sets.NewString("a" /* hash("henley") + 3 == 3 === 0 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-beta-henley-3", - NumZones: 2, - Expected: sets.NewString("a" /* hash("henley") + 3 + 3(startingIndex) == 6 === 0 mod 3 */, "b"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-gamma-henley-4", - NumZones: 1, - Expected: sets.NewString("b" /* hash("henley") + 4 == 4 === 1 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-gamma-henley-4", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley") + 4 + 4(startingIndex) == 8 === 2 mod 3 */, "a"), - }, - // Tests for statefulsets name ending in - - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--2", - NumZones: 1, - Expected: sets.NewString("a" /* hash("") + 2 == 0 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--2", - NumZones: 2, - Expected: sets.NewString("c" /* hash("") + 2 + 2(startingIndex) == 2 mod 3 */, "a"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--3", - NumZones: 1, - Expected: sets.NewString("b" /* hash("") + 3 == 1 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--3", - NumZones: 2, - Expected: sets.NewString("b" /* hash("") + 3 + 3(startingIndex) == 1 mod 3 */, "c"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--4", - NumZones: 1, - Expected: sets.NewString("c" /* hash("") + 4 == 2 mod 3 */), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--4", - NumZones: 2, - Expected: sets.NewString("a" /* hash("") + 4 + 4(startingIndex) == 0 mod 3 */, "b"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--4", - NumZones: 3, - Expected: sets.NewString("c" /* hash("") + 4 == 2 mod 3 */, "a", "b"), - }, - { - Zones: sets.NewString("a", "b", "c"), - VolumeName: "medium-henley--4", - NumZones: 4, - Expected: sets.NewString("c" /* hash("") + 4 + 9(startingIndex) == 2 mod 3 */, "a", "b", "c"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-0", - NumZones: 2, - Expected: sets.NewString("a" /* hash("henley") == 0 */, "b"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-1", - NumZones: 2, - Expected: sets.NewString("c" /* hash("henley") == 0 + 2 */, "d"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-2", - NumZones: 2, - Expected: sets.NewString("e" /* hash("henley") == 0 + 2 + 2(startingIndex) */, "f"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-3", - NumZones: 2, - Expected: sets.NewString("g" /* hash("henley") == 0 + 2 + 4(startingIndex) */, "h"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-0", - NumZones: 3, - Expected: sets.NewString("a" /* hash("henley") == 0 */, "b", "c"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-1", - NumZones: 3, - Expected: sets.NewString("d" /* hash("henley") == 0 + 1 + 2(startingIndex) */, "e", "f"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-2", - NumZones: 3, - Expected: sets.NewString("g" /* hash("henley") == 0 + 2 + 4(startingIndex) */, "h", "i"), - }, - { - Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), - VolumeName: "henley-3", - NumZones: 3, - Expected: sets.NewString("a" /* hash("henley") == 0 + 3 + 6(startingIndex) */, "b", "c"), - }, - // Test for no zones - { - Zones: sets.NewString(), - VolumeName: "henley-1", - Expected: sets.NewString(), - }, - { - Zones: nil, - VolumeName: "henley-2", - Expected: sets.NewString(), - }, - } - - for _, test := range tests { - actual := ChooseZonesForVolume(test.Zones, test.VolumeName, test.NumZones) - - if !actual.Equal(test.Expected) { - t.Errorf("Test %v failed, expected zone %#v, actual %#v", test, test.Expected, actual) - } - } -} - -func TestValidateZone(t *testing.T) { - functionUnderTest := "ValidateZone" - - // First part: want an error - errCases := []string{"", " "} - for _, errCase := range errCases { - if got := ValidateZone(errCase); got == nil { - t.Errorf("%v(%v) returned (%v), want (%v)", functionUnderTest, errCase, got, "an error") - } - } - - // Second part: want no error - succCases := []string{" us-east-1a "} - for _, succCase := range succCases { - if got := ValidateZone(succCase); got != nil { - t.Errorf("%v(%v) returned (%v), want (%v)", functionUnderTest, succCase, got, nil) - } - } -} - -func TestSelectZoneForVolume(t *testing.T) { - - nodeWithZoneLabels := &v1.Node{} - nodeWithZoneLabels.Labels = map[string]string{kubeletapis.LabelZoneFailureDomain: "zoneX"} - - nodeWithNoLabels := &v1.Node{} - - tests := []struct { - // Parameters passed by test to SelectZoneForVolume - Name string - ZonePresent bool - Zone string - ZonesPresent bool - Zones string - ZonesWithNodes string - Node *v1.Node - AllowedTopologies []v1.TopologySelectorTerm - // Expectations around returned zone from SelectZoneForVolume - Reject bool // expect error due to validation failing - ExpectSpecificZone bool // expect returned zone to specifically match a single zone (rather than one from a set) - ExpectedZone string // single zone that should perfectly match returned zone (requires ExpectSpecificZone to be true) - ExpectedZones string // set of zones one of whose members should match returned zone (requires ExpectSpecificZone to be false) - }{ - // NEGATIVE TESTS - - // Zone and Zones are both specified [Fail] - // [1] Node irrelevant - // [2] Zone and Zones parameters presents - // [3] AllowedTopologies irrelevant - { - Name: "Nil_Node_with_Zone_Zones_parameters_present", - ZonePresent: true, - Zone: "zoneX", - ZonesPresent: true, - Zones: "zoneX,zoneY", - Reject: true, - }, - - // Node has no zone labels [Fail] - // [1] Node with no zone labels - // [2] Zone/Zones parameter irrelevant - // [3] AllowedTopologies irrelevant - { - Name: "Node_with_no_Zone_labels", - Node: nodeWithNoLabels, - Reject: true, - }, - - // Node with Zone labels as well as Zone parameter specified [Fail] - // [1] Node with zone labels - // [2] Zone parameter specified - // [3] AllowedTopologies irrelevant - { - Name: "Node_with_Zone_labels_and_Zone_parameter_present", - Node: nodeWithZoneLabels, - ZonePresent: true, - Zone: "zoneX", - Reject: true, - }, - - // Node with Zone labels as well as Zones parameter specified [Fail] - // [1] Node with zone labels - // [2] Zones parameter specified - // [3] AllowedTopologies irrelevant - { - Name: "Node_with_Zone_labels_and_Zones_parameter_present", - Node: nodeWithZoneLabels, - ZonesPresent: true, - Zones: "zoneX,zoneY", - Reject: true, - }, - - // Zone parameter as well as AllowedTopologies specified [Fail] - // [1] nil Node - // [2] Zone parameter specified - // [3] AllowedTopologies specified - { - Name: "Nil_Node_and_Zone_parameter_and_Allowed_Topology_term", - Node: nil, - ZonePresent: true, - Zone: "zoneX", - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - }, - Reject: true, - }, - - // Zones parameter as well as AllowedTopologies specified [Fail] - // [1] nil Node - // [2] Zones parameter specified - // [3] AllowedTopologies specified - { - Name: "Nil_Node_and_Zones_parameter_and_Allowed_Topology_term", - Node: nil, - ZonesPresent: true, - Zones: "zoneX,zoneY", - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - }, - Reject: true, - }, - - // Key specified in AllowedTopologies is not LabelZoneFailureDomain [Fail] - // [1] nil Node - // [2] no Zone/Zones parameter - // [3] AllowedTopologies with invalid key specified - { - Name: "Nil_Node_and_Invalid_Allowed_Topology_Key", - Node: nil, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: "invalid_key", - Values: []string{"zoneX"}, - }, - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneY"}, - }, - }, - }, - }, - Reject: true, - }, - - // AllowedTopologies without keys specifying LabelZoneFailureDomain [Fail] - // [1] nil Node - // [2] no Zone/Zones parameter - // [3] Invalid AllowedTopologies - { - Name: "Nil_Node_and_Invalid_AllowedTopologies", - Node: nil, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{}, - }, - }, - Reject: true, - }, - - // POSITIVE TESTS WITH VolumeScheduling ENABLED - - // Select zone from active zones [Pass] - // [1] nil Node - // [2] no Zone parameter specified - // [3] no AllowedTopologies - { - Name: "Nil_Node_and_No_Zone_Zones_parameter_and_no_Allowed_topologies_and_VolumeScheduling_enabled", - Node: nil, - ZonesWithNodes: "zoneX,zoneY", - Reject: false, - ExpectedZones: "zoneX,zoneY", - }, - - // Select zone from single zone parameter [Pass] - // [1] nil Node - // [2] Zone parameter specified - // [3] no AllowedTopology specified - { - Name: "Nil_Node_and_Zone_parameter_present_and_VolumeScheduling_enabled", - ZonePresent: true, - Zone: "zoneX", - Node: nil, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - }, - - // Select zone from zones parameter [Pass] - // [1] nil Node - // [2] Zones parameter specified - // [3] no AllowedTopology - { - Name: "Nil_Node_and_Zones_parameter_present_and_VolumeScheduling_enabled", - ZonesPresent: true, - Zones: "zoneX,zoneY", - Node: nil, - Reject: false, - ExpectedZones: "zoneX,zoneY", - }, - - // Select zone from node label [Pass] - // [1] Node with zone labels - // [2] no zone/zones parameters - // [3] no AllowedTopology - { - Name: "Node_with_Zone_labels_and_VolumeScheduling_enabled", - Node: nodeWithZoneLabels, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - }, - - // Select zone from node label [Pass] - // [1] Node with zone labels - // [2] no Zone/Zones parameters - // [3] AllowedTopology with single term with multiple values specified (ignored) - { - Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_values_and_VolumeScheduling_enabled", - Node: nodeWithZoneLabels, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneZ", "zoneY"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - }, - - // Select Zone from AllowedTopologies [Pass] - // [1] nil Node - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with single term with multiple values specified - { - Name: "Nil_Node_with_Multiple_Allowed_Topology_values_and_VolumeScheduling_enabled", - Node: nil, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX", "zoneY"}, - }, - }, - }, - }, - Reject: false, - ExpectedZones: "zoneX,zoneY", - }, - - // Select zone from AllowedTopologies [Pass] - // [1] nil Node - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with multiple terms specified - { - Name: "Nil_Node_and_Multiple_Allowed_Topology_terms_and_VolumeScheduling_enabled", - Node: nil, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneY"}, - }, - }, - }, - }, - Reject: false, - ExpectedZones: "zoneX,zoneY", - }, - - // Select Zone from AllowedTopologies [Pass] - // Note: Dual replica with same AllowedTopologies will fail: Nil_Node_and_Single_Allowed_Topology_term_value_and_Dual_replicas - // [1] nil Node - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with single term and value specified - { - Name: "Nil_Node_and_Single_Allowed_Topology_term_value_and_VolumeScheduling_enabled", - Node: nil, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - }, - } - - for _, test := range tests { - t.Run(test.Name, func(t *testing.T) { - var zonesParameter, zonesWithNodes sets.String - var err error - - if test.Zones != "" { - zonesParameter, err = ZonesToSet(test.Zones) - if err != nil { - t.Fatalf("Could not convert Zones to a set: %s. This is a test error %s", test.Zones, test.Name) - } - } - - if test.ZonesWithNodes != "" { - zonesWithNodes, err = ZonesToSet(test.ZonesWithNodes) - if err != nil { - t.Fatalf("Could not convert specified ZonesWithNodes to a set: %s. This is a test error %s", test.ZonesWithNodes, test.Name) - } - } - - zone, err := SelectZoneForVolume(test.ZonePresent, test.ZonesPresent, test.Zone, zonesParameter, zonesWithNodes, test.Node, test.AllowedTopologies, test.Name) - - if test.Reject && err == nil { - t.Errorf("Unexpected zone from SelectZoneForVolume for %s", zone) - } - - if !test.Reject { - if err != nil { - t.Errorf("Unexpected error from SelectZoneForVolume for %s; Error: %v", test.Name, err) - } - - if test.ExpectSpecificZone == true { - if zone != test.ExpectedZone { - t.Errorf("Expected zone %v does not match obtained zone %v for %s", test.ExpectedZone, zone, test.Name) - } - } - - if test.ExpectedZones != "" { - expectedZones, err := ZonesToSet(test.ExpectedZones) - if err != nil { - t.Fatalf("Could not convert ExpectedZones to a set: %s. This is a test error", test.ExpectedZones) - } - if !expectedZones.Has(zone) { - t.Errorf("Obtained zone %s not member of expectedZones %s", zone, expectedZones) - } - } - } - }) - } -} - -func TestSelectZonesForVolume(t *testing.T) { - - nodeWithZoneLabels := &v1.Node{} - nodeWithZoneLabels.Labels = map[string]string{kubeletapis.LabelZoneFailureDomain: "zoneX"} - - nodeWithNoLabels := &v1.Node{} - - tests := []struct { - // Parameters passed by test to SelectZonesForVolume - Name string - ReplicaCount uint32 - ZonePresent bool - Zone string - ZonesPresent bool - Zones string - ZonesWithNodes string - Node *v1.Node - AllowedTopologies []v1.TopologySelectorTerm - // Expectations around returned zones from SelectZonesForVolume - Reject bool // expect error due to validation failing - ExpectSpecificZones bool // expect set of returned zones to be equal to ExpectedZones (rather than subset of ExpectedZones) - ExpectedZones string // set of zones that is a superset of returned zones or equal to returned zones (if ExpectSpecificZones is set) - ExpectSpecificZone bool // expect set of returned zones to include ExpectedZone as a member - ExpectedZone string // zone that should be a member of returned zones - }{ - // NEGATIVE TESTS - - // Zone and Zones are both specified [Fail] - // [1] Node irrelevant - // [2] Zone and Zones parameters presents - // [3] AllowedTopologies irrelevant - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_with_Zone_Zones_parameters_present", - ZonePresent: true, - Zone: "zoneX", - ZonesPresent: true, - Zones: "zoneX,zoneY", - Reject: true, - }, - - // Node has no zone labels [Fail] - // [1] Node with no zone labels - // [2] Zone/Zones parameter irrelevant - // [3] AllowedTopologies irrelevant - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Node_with_no_Zone_labels", - Node: nodeWithNoLabels, - Reject: true, - }, - - // Node with Zone labels as well as Zone parameter specified [Fail] - // [1] Node with zone labels - // [2] Zone parameter specified - // [3] AllowedTopologies irrelevant - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Node_with_Zone_labels_and_Zone_parameter_present", - Node: nodeWithZoneLabels, - ZonePresent: true, - Zone: "zoneX", - Reject: true, - }, - - // Node with Zone labels as well as Zones parameter specified [Fail] - // [1] Node with zone labels - // [2] Zones parameter specified - // [3] AllowedTopologies irrelevant - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Node_with_Zone_labels_and_Zones_parameter_present", - Node: nodeWithZoneLabels, - ZonesPresent: true, - Zones: "zoneX,zoneY", - Reject: true, - }, - - // Zone parameter as well as AllowedTopologies specified [Fail] - // [1] nil Node - // [2] Zone parameter specified - // [3] AllowedTopologies specified - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_and_Zone_parameter_and_Allowed_Topology_term", - Node: nil, - ZonePresent: true, - Zone: "zoneX", - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - }, - Reject: true, - }, - - // Zones parameter as well as AllowedTopologies specified [Fail] - // [1] nil Node - // [2] Zones parameter specified - // [3] AllowedTopologies specified - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_and_Zones_parameter_and_Allowed_Topology_term", - Node: nil, - ZonesPresent: true, - Zones: "zoneX,zoneY", - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - }, - Reject: true, - }, - - // Key specified in AllowedTopologies is not LabelZoneFailureDomain [Fail] - // [1] nil Node - // [2] no Zone/Zones parameter - // [3] AllowedTopologies with invalid key specified - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_and_Invalid_Allowed_Topology_Key", - Node: nil, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: "invalid_key", - Values: []string{"zoneX"}, - }, - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneY"}, - }, - }, - }, - }, - Reject: true, - }, - - // AllowedTopologies without keys specifying LabelZoneFailureDomain [Fail] - // [1] nil Node - // [2] no Zone/Zones parameter - // [3] Invalid AllowedTopologies - // [4] ReplicaCount irrelevant - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_and_Invalid_AllowedTopologies", - Node: nil, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{}, - }, - }, - Reject: true, - }, - - // Zone specified with ReplicaCount > 1 [Fail] - // [1] nil Node - // [2] Zone/Zones parameter specified - // [3] AllowedTopologies irrelevant - // [4] ReplicaCount > 1 - // [5] ZonesWithNodes irrelevant - { - Name: "Zone_and_Replicas_mismatched", - Node: nil, - ZonePresent: true, - Zone: "zoneX", - ReplicaCount: 2, - Reject: true, - }, - - // Not enough zones in Zones parameter to satisfy ReplicaCount [Fail] - // [1] nil Node - // [2] Zone/Zones parameter specified - // [3] AllowedTopologies irrelevant - // [4] ReplicaCount > zones - // [5] ZonesWithNodes irrelevant - { - Name: "Zones_and_Replicas_mismatched", - Node: nil, - ZonesPresent: true, - Zones: "zoneX", - ReplicaCount: 2, - Reject: true, - }, - - // Not enough zones in ZonesWithNodes to satisfy ReplicaCount [Fail] - // [1] nil Node - // [2] no Zone/Zones parameter specified - // [3] AllowedTopologies irrelevant - // [4] ReplicaCount > ZonesWithNodes - // [5] ZonesWithNodes specified but not enough - { - Name: "Zones_and_Replicas_mismatched", - Node: nil, - ZonesWithNodes: "zoneX", - ReplicaCount: 2, - Reject: true, - }, - - // Not enough zones in AllowedTopologies to satisfy ReplicaCount [Fail] - // [1] nil Node - // [2] Zone/Zones parameter specified - // [3] Invalid AllowedTopologies - // [4] ReplicaCount > zones - // [5] ZonesWithNodes irrelevant - { - Name: "AllowedTopologies_and_Replicas_mismatched", - Node: nil, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - }, - Reject: true, - }, - - // POSITIVE TESTS - - // Select zones from zones parameter [Pass] - // [1] nil Node (Node irrelevant) - // [2] Zones parameter specified - // [3] no AllowedTopologies - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Zones_parameter_Dual_replica_Superset", - ZonesPresent: true, - Zones: "zoneW,zoneX,zoneY,zoneZ", - ReplicaCount: 2, - Reject: false, - ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", - }, - - // Select zones from zones parameter [Pass] - // [1] nil Node (Node irrelevant) - // [2] Zones parameter specified - // [3] no AllowedTopologies - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Zones_parameter_Dual_replica_Match", - ZonesPresent: true, - Zones: "zoneX,zoneY", - ReplicaCount: 2, - Reject: false, - ExpectSpecificZones: true, - ExpectedZones: "zoneX,zoneY", - }, - - // Select zones from active zones with nodes [Pass] - // [1] nil Node (Node irrelevant) - // [2] no Zone parameter - // [3] no AllowedTopologies - // [4] ReplicaCount specified - // [5] ZonesWithNodes specified - { - Name: "Active_zones_Nil_node_Dual_replica_Superset", - ZonesWithNodes: "zoneW,zoneX,zoneY,zoneZ", - ReplicaCount: 2, - Reject: false, - ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", - }, - - // Select zones from active zones [Pass] - // [1] nil Node (Node irrelevant) - // [2] no Zone[s] parameter - // [3] no AllowedTopologies - // [4] ReplicaCount specified - // [5] ZonesWithNodes specified - { - Name: "Active_zones_Nil_node_Dual_replica_Match", - ZonesWithNodes: "zoneW,zoneX", - ReplicaCount: 2, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectSpecificZones: true, - ExpectedZones: "zoneW,zoneX", - }, - - // Select zones from node label and active zones [Pass] - // [1] Node with zone labels - // [2] no Zone parameter - // [3] no AllowedTopologies - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Active_zones_Node_with_Zone_labels_Dual_replica_Superset", - Node: nodeWithZoneLabels, - ZonesWithNodes: "zoneW,zoneX,zoneY,zoneZ", - ReplicaCount: 2, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", - }, - - // Select zones from node label and active zones [Pass] - // [1] Node with zone labels - // [2] no Zone[s] parameter - // [3] no AllowedTopologies - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Active_zones_Node_with_Zone_labels_Dual_replica_Match", - Node: nodeWithZoneLabels, - ZonesWithNodes: "zoneW,zoneX", - ReplicaCount: 2, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectSpecificZones: true, - ExpectedZones: "zoneW,zoneX", - }, - - // Select zones from node label and AllowedTopologies [Pass] - // [1] Node with zone labels - // [2] no Zone/Zones parameters - // [3] AllowedTopologies with single term with multiple values specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - // Note: the test Name suffix is used as the pvcname and it's suffix is important to influence ChooseZonesForVolume - // to NOT pick zoneX from AllowedTopologies if zoneFromNode is incorrectly set or not set at all. - { - Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_values_Superset-1", - Node: nodeWithZoneLabels, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneV", "zoneW", "zoneX", "zoneY", "zoneZ"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectedZones: "zoneV,zoneW,zoneX,zoneY,zoneZ", - }, - - // Select zones from node label and AllowedTopologies [Pass] - // [1] Node with zone labels - // [2] no Zone/Zones parameters - // [3] AllowedTopologies with single term with multiple values specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_values_Match", - Node: nodeWithZoneLabels, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX", "zoneY"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectSpecificZones: true, - ExpectedZones: "zoneX,zoneY", - }, - - // Select Zones from AllowedTopologies [Pass] - // [1] nil Node - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with single term with multiple values specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_with_Multiple_Allowed_Topology_values_Superset", - Node: nil, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX", "zoneY", "zoneZ"}, - }, - }, - }, - }, - Reject: false, - ExpectedZones: "zoneX,zoneY,zoneZ", - }, - - // Select Zones from AllowedTopologies [Pass] - // [1] nil Node - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with single term with multiple values specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_with_Multiple_Allowed_Topology_values_Match", - Node: nil, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX", "zoneY"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZones: true, - ExpectedZones: "zoneX,zoneY", - }, - - // Select zones from node label and AllowedTopologies [Pass] - // [1] Node with zone labels - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with multiple terms specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - // Note: the test Name is used as the pvcname and it's hash is important to influence ChooseZonesForVolume - // to NOT pick zoneX from AllowedTopologies of 5 zones. If zoneFromNode (zoneX) is incorrectly set or - // not set at all in SelectZonesForVolume it will be detected. - { - Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_terms_Superset-2", - Node: nodeWithZoneLabels, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneV"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneW"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneY"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneZ"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectedZones: "zoneV,zoneW,zoneX,zoneY,zoneZ", - }, - - // Select zones from node label and AllowedTopologies [Pass] - // [1] Node with zone labels - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with multiple terms specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_terms_Match", - Node: nodeWithZoneLabels, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneY"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectSpecificZones: true, - ExpectedZones: "zoneX,zoneY", - }, - - // Select zones from AllowedTopologies [Pass] - // [1] nil Node - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with multiple terms specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_and_Multiple_Allowed_Topology_terms_Superset", - Node: nil, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneY"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneZ"}, - }, - }, - }, - }, - Reject: false, - ExpectedZones: "zoneX,zoneY,zoneZ", - }, - - // Select zones from AllowedTopologies [Pass] - // [1] nil Node - // [2] no Zone/Zones parametes specified - // [3] AllowedTopologies with multiple terms specified - // [4] ReplicaCount specified - // [5] ZonesWithNodes irrelevant - { - Name: "Nil_Node_and_Multiple_Allowed_Topology_terms_Match", - Node: nil, - ReplicaCount: 2, - AllowedTopologies: []v1.TopologySelectorTerm{ - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneX"}, - }, - }, - }, - { - MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ - { - Key: kubeletapis.LabelZoneFailureDomain, - Values: []string{"zoneY"}, - }, - }, - }, - }, - Reject: false, - ExpectSpecificZones: true, - ExpectedZones: "zoneX,zoneY", - }, - } - - for _, test := range tests { - var zonesParameter, zonesWithNodes sets.String - var err error - - if test.Zones != "" { - zonesParameter, err = ZonesToSet(test.Zones) - if err != nil { - t.Errorf("Could not convert Zones to a set: %s. This is a test error %s", test.Zones, test.Name) - continue - } - } - - if test.ZonesWithNodes != "" { - zonesWithNodes, err = ZonesToSet(test.ZonesWithNodes) - if err != nil { - t.Errorf("Could not convert specified ZonesWithNodes to a set: %s. This is a test error %s", test.ZonesWithNodes, test.Name) - continue - } - } - - zones, err := SelectZonesForVolume(test.ZonePresent, test.ZonesPresent, test.Zone, zonesParameter, zonesWithNodes, test.Node, test.AllowedTopologies, test.Name, test.ReplicaCount) - - if test.Reject && err == nil { - t.Errorf("Unexpected zones from SelectZonesForVolume in %s. Zones: %v", test.Name, zones) - continue - } - - if !test.Reject { - if err != nil { - t.Errorf("Unexpected error from SelectZonesForVolume in %s; Error: %v", test.Name, err) - continue - } - - if uint32(zones.Len()) != test.ReplicaCount { - t.Errorf("Number of elements in returned zones %v does not equal replica count %d in %s", zones, test.ReplicaCount, test.Name) - continue - } - - expectedZones, err := ZonesToSet(test.ExpectedZones) - if err != nil { - t.Errorf("Could not convert ExpectedZones to a set: %v. This is a test error in %s", test.ExpectedZones, test.Name) - continue - } - - if test.ExpectSpecificZones && !zones.Equal(expectedZones) { - t.Errorf("Expected zones %v does not match obtained zones %v in %s", expectedZones, zones, test.Name) - continue - } - - if test.ExpectSpecificZone && !zones.Has(test.ExpectedZone) { - t.Errorf("Expected zone %s not found in obtained zones %v in %s", test.ExpectedZone, zones, test.Name) - continue - } - - if !expectedZones.IsSuperset(zones) { - t.Errorf("Obtained zones %v not subset of of expectedZones %v in %s", zones, expectedZones, test.Name) - } - } - } -} - -func TestChooseZonesForVolumeIncludingZone(t *testing.T) { - tests := []struct { - // Parameters passed by test to chooseZonesForVolumeIncludingZone - Name string - ReplicaCount uint32 - Zones string - ZoneToInclude string - // Expectations around returned zones from chooseZonesForVolumeIncludingZone - Reject bool // expect error due to validation failing - ExpectSpecificZones bool // expect set of returned zones to be equal to ExpectedZones (rather than subset of ExpectedZones) - ExpectedZones string // set of zones that is a superset of returned zones or equal to returned zones (if ExpectSpecificZones is set) - ExpectSpecificZone bool // expect set of returned zones to include ExpectedZone as a member - ExpectedZone string // zone that should be a member of returned zones - }{ - // NEGATIVE TESTS - - // Not enough zones specified to fit ReplicaCount [Fail] - { - Name: "Too_Few_Zones", - ReplicaCount: 2, - Zones: "zoneX", - Reject: true, - }, - - // Invalid ReplicaCount [Fail] - { - Name: "Zero_Replica_Count", - ReplicaCount: 0, - Zones: "zoneY,zoneZ", - Reject: true, - }, - - // Invalid ZoneToInclude [Fail] - { - Name: "ZoneToInclude_Not_In_Zones_Single_replica_Dual_zones", - ReplicaCount: 1, - ZoneToInclude: "zoneX", - Zones: "zoneY,zoneZ", - Reject: true, - }, - - // Invalid ZoneToInclude [Fail] - { - Name: "ZoneToInclude_Not_In_Zones_Single_replica_Single_zone", - ReplicaCount: 1, - ZoneToInclude: "zoneX", - Zones: "zoneY", - Reject: true, - }, - - // Invalid ZoneToInclude [Fail] - { - Name: "ZoneToInclude_Not_In_Zones_Dual_replica_Multiple_zones", - ReplicaCount: 2, - ZoneToInclude: "zoneX", - Zones: "zoneY,zoneZ,zoneW", - Reject: true, - }, - - // POSITIVE TESTS - - // Pick any one zone from Zones - { - Name: "No_zones_to_include_and_Single_replica_and_Superset", - ReplicaCount: 1, - Zones: "zoneX,zoneY,zoneZ", - Reject: false, - ExpectedZones: "zoneX,zoneY,zoneZ", - }, - - // Pick any two zones from Zones - { - Name: "No_zones_to_include_and_Dual_replicas_and_Superset", - ReplicaCount: 2, - Zones: "zoneW,zoneX,zoneY,zoneZ", - Reject: false, - ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", - }, - - // Pick the two zones from Zones - { - Name: "No_zones_to_include_and_Dual_replicas_and_Match", - ReplicaCount: 2, - Zones: "zoneX,zoneY", - Reject: false, - ExpectSpecificZones: true, - ExpectedZones: "zoneX,zoneY", - }, - - // Pick one zone from ZoneToInclude (other zones ignored) - { - Name: "Include_zone_and_Single_replica_and_Match", - ReplicaCount: 1, - Zones: "zoneW,zoneX,zoneY,zoneZ", - ZoneToInclude: "zoneX", - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectSpecificZones: true, - ExpectedZones: "zoneX", - }, - - // Pick one zone from ZoneToInclude (other zones ignored) - { - Name: "Include_zone_and_single_replica_and_Match", - ReplicaCount: 1, - Zones: "zoneX", - ZoneToInclude: "zoneX", - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectSpecificZones: true, - ExpectedZones: "zoneX", - }, - - // Pick one zone from Zones and the other from ZoneToInclude - { - Name: "Include_zone_and_dual_replicas_and_Superset", - ReplicaCount: 2, - Zones: "zoneW,zoneX,zoneY,zoneZ", - ZoneToInclude: "zoneX", - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", - }, - - // Pick one zone from Zones and the other from ZoneToInclude - { - Name: "Include_zone_and_dual_replicas_and_Match", - ReplicaCount: 2, - Zones: "zoneX,zoneY", - ZoneToInclude: "zoneX", - Reject: false, - ExpectSpecificZone: true, - ExpectedZone: "zoneX", - ExpectSpecificZones: true, - ExpectedZones: "zoneX,zoneY", - }, - } - for _, test := range tests { - zonesParameter, err := ZonesToSet(test.Zones) - if err != nil { - t.Errorf("Could not convert Zones to a set: %s. This is a test error %s", test.Zones, test.Name) - continue - } - - zones, err := chooseZonesForVolumeIncludingZone(zonesParameter, test.Name, test.ZoneToInclude, test.ReplicaCount) - if test.Reject && err == nil { - t.Errorf("Unexpected zones from chooseZonesForVolumeIncludingZone in %s. Zones: %v", test.Name, zones) - continue - } - if !test.Reject { - if err != nil { - t.Errorf("Unexpected error from chooseZonesForVolumeIncludingZone in %s; Error: %v", test.Name, err) - continue - } - - if uint32(zones.Len()) != test.ReplicaCount { - t.Errorf("Number of elements in returned zones %v does not equal replica count %d in %s", zones, test.ReplicaCount, test.Name) - continue - } - - expectedZones, err := ZonesToSet(test.ExpectedZones) - if err != nil { - t.Errorf("Could not convert ExpectedZones to a set: %v. This is a test error in %s", test.ExpectedZones, test.Name) - continue - } - - if test.ExpectSpecificZones && !zones.Equal(expectedZones) { - t.Errorf("Expected zones %v does not match obtained zones %v in %s", expectedZones, zones, test.Name) - continue - } - - if test.ExpectSpecificZone && !zones.Has(test.ExpectedZone) { - t.Errorf("Expected zone %s not found in obtained zones %v in %s", test.ExpectedZone, zones, test.Name) - continue - } - - if !expectedZones.IsSuperset(zones) { - t.Errorf("Obtained zones %v not subset of of expectedZones %v in %s", zones, expectedZones, test.Name) - } - } - } -} - func TestGetWindowsPath(t *testing.T) { tests := []struct { path string diff --git a/pkg/volume/util/volumepathhandler/volume_path_handler.go b/pkg/volume/util/volumepathhandler/volume_path_handler.go index a7822efc3e5..acaa6c3ab84 100644 --- a/pkg/volume/util/volumepathhandler/volume_path_handler.go +++ b/pkg/volume/util/volumepathhandler/volume_path_handler.go @@ -144,16 +144,16 @@ func (v VolumePathHandler) RemoveMapPath(mapPath string) error { } // IsSymlinkExist returns true if specified file exists and the type is symbolik link. -// If file doesn't exist, or file exists but not symbolick link, return false with no error. +// If file doesn't exist, or file exists but not symbolic link, return false with no error. // On other cases, return false with error from Lstat(). func (v VolumePathHandler) IsSymlinkExist(mapPath string) (bool, error) { fi, err := os.Lstat(mapPath) if err == nil { - // If file exits and it's symbolick link, return true and no error + // If file exits and it's symbolic link, return true and no error if fi.Mode()&os.ModeSymlink == os.ModeSymlink { return true, nil } - // If file exits but it's not symbolick link, return fale and no error + // If file exits but it's not symbolic link, return fale and no error return false, nil } // If file doesn't exist, return false and no error diff --git a/pkg/volume/volume.go b/pkg/volume/volume.go index 013e0dc4195..f597ba1662d 100644 --- a/pkg/volume/volume.go +++ b/pkg/volume/volume.go @@ -260,28 +260,3 @@ type DeviceUnmounter interface { // unmounted. UnmountDevice(deviceMountPath string) error } - -// NewDeletedVolumeInUseError returns a new instance of DeletedVolumeInUseError -// error. -func NewDeletedVolumeInUseError(message string) error { - return deletedVolumeInUseError(message) -} - -type deletedVolumeInUseError string - -var _ error = deletedVolumeInUseError("") - -// IsDeletedVolumeInUse returns true if an error returned from Delete() is -// deletedVolumeInUseError -func IsDeletedVolumeInUse(err error) bool { - switch err.(type) { - case deletedVolumeInUseError: - return true - default: - return false - } -} - -func (err deletedVolumeInUseError) Error() string { - return string(err) -} diff --git a/pkg/volume/volume_linux.go b/pkg/volume/volume_linux.go index eb44d5f162f..18981b9e9f8 100644 --- a/pkg/volume/volume_linux.go +++ b/pkg/volume/volume_linux.go @@ -28,8 +28,9 @@ import ( ) const ( - rwMask = os.FileMode(0660) - roMask = os.FileMode(0440) + rwMask = os.FileMode(0660) + roMask = os.FileMode(0440) + execMask = os.FileMode(0110) ) // SetVolumeOwnership modifies the given volume to be owned by @@ -79,6 +80,7 @@ func SetVolumeOwnership(mounter Mounter, fsGroup *int64) error { if info.IsDir() { mask |= os.ModeSetgid + mask |= execMask } err = os.Chmod(path, info.Mode()|mask) diff --git a/pkg/volume/vsphere_volume/BUILD b/pkg/volume/vsphere_volume/BUILD index bbdbdd4e471..660ee835a6d 100644 --- a/pkg/volume/vsphere_volume/BUILD +++ b/pkg/volume/vsphere_volume/BUILD @@ -29,6 +29,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/keymutex:go_default_library", "//vendor/k8s.io/utils/strings:go_default_library", diff --git a/pkg/volume/vsphere_volume/OWNERS b/pkg/volume/vsphere_volume/OWNERS old mode 100755 new mode 100644 index d72ca010291..816453043f4 --- a/pkg/volume/vsphere_volume/OWNERS +++ b/pkg/volume/vsphere_volume/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pmorie - saad-ali diff --git a/pkg/volume/vsphere_volume/attacher.go b/pkg/volume/vsphere_volume/attacher.go index 1551d981d54..ca0e895014e 100644 --- a/pkg/volume/vsphere_volume/attacher.go +++ b/pkg/volume/vsphere_volume/attacher.go @@ -295,6 +295,10 @@ func (detacher *vsphereVMDKDetacher) UnmountDevice(deviceMountPath string) error return mount.CleanupMountPoint(deviceMountPath, detacher.mounter, false) } +func (plugin *vsphereVolumePlugin) CanAttach(spec *volume.Spec) bool { + return true +} + func setNodeVolume( nodeVolumeMap map[types.NodeName]map[*volume.Spec]bool, volumeSpec *volume.Spec, diff --git a/pkg/volume/vsphere_volume/vsphere_volume.go b/pkg/volume/vsphere_volume/vsphere_volume.go index c9a96ae90f4..31473d58dce 100644 --- a/pkg/volume/vsphere_volume/vsphere_volume.go +++ b/pkg/volume/vsphere_volume/vsphere_volume.go @@ -27,6 +27,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" utilfeature "k8s.io/apiserver/pkg/util/feature" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/features" "k8s.io/kubernetes/pkg/util/mount" @@ -165,7 +166,7 @@ func (plugin *vsphereVolumePlugin) ConstructVolumeSpec(volumeName, mountPath str // Abstract interface to disk operations. type vdManager interface { // Creates a volume - CreateVolume(provisioner *vsphereVolumeProvisioner) (volSpec *VolumeSpec, err error) + CreateVolume(provisioner *vsphereVolumeProvisioner, selectedZone []string) (volSpec *VolumeSpec, err error) // Deletes a volume DeleteVolume(deleter *vsphereVolumeDeleter) error } @@ -362,8 +363,14 @@ func (v *vsphereVolumeProvisioner) Provision(selectedNode *v1.Node, allowedTopol if !util.AccessModesContainedInAll(v.plugin.GetAccessModes(), v.options.PVC.Spec.AccessModes) { return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", v.options.PVC.Spec.AccessModes, v.plugin.GetAccessModes()) } + klog.V(1).Infof("Provision with allowedTopologies : %s", allowedTopologies) + selectedZones, err := volumehelpers.ZonesFromAllowedTopologies(allowedTopologies) + if err != nil { + return nil, err + } - volSpec, err := v.manager.CreateVolume(v) + klog.V(4).Infof("Selected zones for volume : %s", selectedZones) + volSpec, err := v.manager.CreateVolume(v, selectedZones.List()) if err != nil { return nil, err } @@ -411,6 +418,34 @@ func (v *vsphereVolumeProvisioner) Provision(selectedNode *v1.Node, allowedTopol pv.Spec.AccessModes = v.plugin.GetAccessModes() } + labels := volSpec.Labels + requirements := make([]v1.NodeSelectorRequirement, 0) + if len(labels) != 0 { + if pv.Labels == nil { + pv.Labels = make(map[string]string) + } + for k, v := range labels { + pv.Labels[k] = v + var values []string + if k == v1.LabelZoneFailureDomain { + values, err = volumehelpers.LabelZonesToList(v) + if err != nil { + return nil, fmt.Errorf("failed to convert label string for Zone: %s to a List: %v", v, err) + } + } else { + values = []string{v} + } + requirements = append(requirements, v1.NodeSelectorRequirement{Key: k, Operator: v1.NodeSelectorOpIn, Values: values}) + } + } + + if len(requirements) > 0 { + pv.Spec.NodeAffinity = new(v1.VolumeNodeAffinity) + pv.Spec.NodeAffinity.Required = new(v1.NodeSelector) + pv.Spec.NodeAffinity.Required.NodeSelectorTerms = make([]v1.NodeSelectorTerm, 1) + pv.Spec.NodeAffinity.Required.NodeSelectorTerms[0].MatchExpressions = requirements + } + return pv, nil } diff --git a/pkg/volume/vsphere_volume/vsphere_volume_test.go b/pkg/volume/vsphere_volume/vsphere_volume_test.go index 89ea6d20556..09cbe4ed420 100644 --- a/pkg/volume/vsphere_volume/vsphere_volume_test.go +++ b/pkg/volume/vsphere_volume/vsphere_volume_test.go @@ -66,7 +66,7 @@ func getFakeDeviceName(host volume.VolumeHost, volPath string) string { return path.Join(host.GetPluginDir(vsphereVolumePluginName), "device", volPath) } -func (fake *fakePDManager) CreateVolume(v *vsphereVolumeProvisioner) (volSpec *VolumeSpec, err error) { +func (fake *fakePDManager) CreateVolume(v *vsphereVolumeProvisioner, selectedZone []string) (volSpec *VolumeSpec, err error) { volSpec = &VolumeSpec{ Path: "[local] test-volume-name.vmdk", Size: 100, diff --git a/pkg/volume/vsphere_volume/vsphere_volume_util.go b/pkg/volume/vsphere_volume/vsphere_volume_util.go index 4c87623326c..35dacb5ce9f 100644 --- a/pkg/volume/vsphere_volume/vsphere_volume_util.go +++ b/pkg/volume/vsphere_volume/vsphere_volume_util.go @@ -25,6 +25,7 @@ import ( "k8s.io/api/core/v1" cloudprovider "k8s.io/cloud-provider" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere" "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib" @@ -71,6 +72,7 @@ type VolumeSpec struct { Fstype string StoragePolicyID string StoragePolicyName string + Labels map[string]string } func verifyDevicePath(path string) (string, error) { @@ -84,7 +86,7 @@ func verifyDevicePath(path string) (string, error) { } // CreateVolume creates a vSphere volume. -func (util *VsphereDiskUtil) CreateVolume(v *vsphereVolumeProvisioner) (volSpec *VolumeSpec, err error) { +func (util *VsphereDiskUtil) CreateVolume(v *vsphereVolumeProvisioner, selectedZone []string) (volSpec *VolumeSpec, err error) { var fstype string cloud, err := getCloudProvider(v.plugin.host.GetCloudProvider()) if err != nil { @@ -92,9 +94,8 @@ func (util *VsphereDiskUtil) CreateVolume(v *vsphereVolumeProvisioner) (volSpec } capacity := v.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)] - volSizeBytes := capacity.Value() // vSphere works with kilobytes, convert to KiB with rounding up - volSizeKiB, err := volumeutil.RoundUpSizeInt(volSizeBytes, 1024) + volSizeKiB, err := volumehelpers.RoundUpToKiBInt(capacity) if err != nil { return nil, err } @@ -105,6 +106,7 @@ func (util *VsphereDiskUtil) CreateVolume(v *vsphereVolumeProvisioner) (volSpec Name: name, } + volumeOptions.Zone = selectedZone // Apply Parameters (case-insensitive). We leave validation of // the values to the cloud provider. for parameter, value := range v.options.Parameters { @@ -148,12 +150,17 @@ func (util *VsphereDiskUtil) CreateVolume(v *vsphereVolumeProvisioner) (volSpec if err != nil { return nil, err } + labels, err := cloud.GetVolumeLabels(vmDiskPath) + if err != nil { + return nil, err + } volSpec = &VolumeSpec{ Path: vmDiskPath, Size: volSizeKiB, Fstype: fstype, StoragePolicyName: volumeOptions.StoragePolicyName, StoragePolicyID: volumeOptions.StoragePolicyID, + Labels: labels, } klog.V(2).Infof("Successfully created vsphere volume %s", name) return volSpec, nil diff --git a/pkg/windows/service/BUILD b/pkg/windows/service/BUILD index e64c40488b4..e518a527080 100644 --- a/pkg/windows/service/BUILD +++ b/pkg/windows/service/BUILD @@ -11,6 +11,7 @@ go_library( importpath = "k8s.io/kubernetes/pkg/windows/service", deps = select({ "@io_bazel_rules_go//go/platform:windows": [ + "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", "//vendor/golang.org/x/sys/windows:go_default_library", "//vendor/golang.org/x/sys/windows/svc:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/pkg/windows/service/service.go b/pkg/windows/service/service.go index a5bffa1822e..47961b842ef 100644 --- a/pkg/windows/service/service.go +++ b/pkg/windows/service/service.go @@ -20,7 +20,9 @@ package service import ( "os" + "time" + "k8s.io/apiserver/pkg/server" "k8s.io/klog" "golang.org/x/sys/windows" @@ -80,9 +82,31 @@ Loop: case svc.Interrogate: s <- c.CurrentStatus case svc.Stop, svc.Shutdown: - s <- svc.Status{State: svc.Stopped} - // TODO: Stop the kubelet gracefully instead of killing the process - os.Exit(0) + klog.Infof("Service stopping") + // We need to translate this request into a signal that can be handled by the the signal handler + // handling shutdowns normally (currently apiserver/pkg/server/signal.go). + // If we do not do this, our main threads won't be notified of the upcoming shutdown. + // Since Windows services do not use any console, we cannot simply generate a CTRL_BREAK_EVENT + // but need a dedicated notification mechanism. + graceful := server.RequestShutdown() + + // Free up the control handler and let us terminate as gracefully as possible. + // If that takes too long, the service controller will kill the remaining threads. + // As per https://docs.microsoft.com/en-us/windows/desktop/services/service-control-handler-function + s <- svc.Status{State: svc.StopPending} + + // If we cannot exit gracefully, we really only can exit our process, so atleast the + // service manager will think that we gracefully exited. At the time of writing this comment this is + // needed for applications that do not use signals (e.g. kube-proxy) + if !graceful { + go func() { + // Ensure the SCM was notified (The operation above (send to s) was received and communicated to the + // service control manager - so it doesn't look like the service crashes) + time.Sleep(1 * time.Second) + os.Exit(0) + }() + } + break Loop } } } diff --git a/plugin/OWNERS b/plugin/OWNERS index 1f32c648a18..6c485ee2533 100644 --- a/plugin/OWNERS +++ b/plugin/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - brendandburns - davidopp diff --git a/plugin/pkg/admission/OWNERS b/plugin/pkg/admission/OWNERS index f7617ae1cc9..1c6453325d0 100644 --- a/plugin/pkg/admission/OWNERS +++ b/plugin/pkg/admission/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - derekwaynecarr - deads2k diff --git a/plugin/pkg/admission/admit/admission.go b/plugin/pkg/admission/admit/admission.go index 867bbcdae4d..83d8c639030 100644 --- a/plugin/pkg/admission/admit/admission.go +++ b/plugin/pkg/admission/admit/admission.go @@ -40,12 +40,12 @@ var _ admission.MutationInterface = alwaysAdmit{} var _ admission.ValidationInterface = alwaysAdmit{} // Admit makes an admission decision based on the request attributes -func (alwaysAdmit) Admit(a admission.Attributes) (err error) { +func (alwaysAdmit) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return nil } // Validate makes an admission decision based on the request attributes. It is NOT allowed to mutate. -func (alwaysAdmit) Validate(a admission.Attributes) (err error) { +func (alwaysAdmit) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return nil } diff --git a/plugin/pkg/admission/admit/admission_test.go b/plugin/pkg/admission/admit/admission_test.go index cabd9cfc71d..6721aaf4eb5 100644 --- a/plugin/pkg/admission/admit/admission_test.go +++ b/plugin/pkg/admission/admit/admission_test.go @@ -25,7 +25,7 @@ import ( func TestAdmissionNonNilAttribute(t *testing.T) { handler := NewAlwaysAdmit() - err := handler.(*alwaysAdmit).Admit(admission.NewAttributesRecord(nil, nil, api.Kind("kind").WithVersion("version"), "namespace", "name", api.Resource("resource").WithVersion("version"), "subresource", admission.Create, false, nil)) + err := handler.(*alwaysAdmit).Admit(admission.NewAttributesRecord(nil, nil, api.Kind("kind").WithVersion("version"), "namespace", "name", api.Resource("resource").WithVersion("version"), "subresource", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error returned from admission handler") } @@ -33,7 +33,7 @@ func TestAdmissionNonNilAttribute(t *testing.T) { func TestAdmissionNilAttribute(t *testing.T) { handler := NewAlwaysAdmit() - err := handler.(*alwaysAdmit).Admit(nil) + err := handler.(*alwaysAdmit).Admit(nil, nil) if err != nil { t.Errorf("Unexpected error returned from admission handler") } diff --git a/plugin/pkg/admission/alwayspullimages/admission.go b/plugin/pkg/admission/alwayspullimages/admission.go index 3024c98562b..9f751a48126 100644 --- a/plugin/pkg/admission/alwayspullimages/admission.go +++ b/plugin/pkg/admission/alwayspullimages/admission.go @@ -53,7 +53,7 @@ var _ admission.MutationInterface = &AlwaysPullImages{} var _ admission.ValidationInterface = &AlwaysPullImages{} // Admit makes an admission decision based on the request attributes -func (a *AlwaysPullImages) Admit(attributes admission.Attributes) (err error) { +func (a *AlwaysPullImages) Admit(attributes admission.Attributes, o admission.ObjectInterfaces) (err error) { // Ignore all calls to subresources or resources other than pods. if shouldIgnore(attributes) { return nil @@ -75,7 +75,7 @@ func (a *AlwaysPullImages) Admit(attributes admission.Attributes) (err error) { } // Validate makes sure that all containers are set to always pull images -func (*AlwaysPullImages) Validate(attributes admission.Attributes) (err error) { +func (*AlwaysPullImages) Validate(attributes admission.Attributes, o admission.ObjectInterfaces) (err error) { if shouldIgnore(attributes) { return nil } diff --git a/plugin/pkg/admission/alwayspullimages/admission_test.go b/plugin/pkg/admission/alwayspullimages/admission_test.go index 9d5ebbd6f4f..6f0756e30e8 100644 --- a/plugin/pkg/admission/alwayspullimages/admission_test.go +++ b/plugin/pkg/admission/alwayspullimages/admission_test.go @@ -47,7 +47,7 @@ func TestAdmission(t *testing.T) { }, }, } - err := handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error returned from admission handler") } @@ -84,7 +84,7 @@ func TestValidate(t *testing.T) { }, } expectedError := `pods "123" is forbidden: spec.initContainers[0].imagePullPolicy: Unsupported value: "": supported values: "Always"` - err := handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Fatal("missing expected error") } @@ -139,7 +139,7 @@ func TestOtherResources(t *testing.T) { for _, tc := range tests { handler := &AlwaysPullImages{} - err := handler.Admit(admission.NewAttributesRecord(tc.object, nil, api.Kind(tc.kind).WithVersion("version"), namespace, name, api.Resource(tc.resource).WithVersion("version"), tc.subresource, admission.Create, false, nil)) + err := handler.Admit(admission.NewAttributesRecord(tc.object, nil, api.Kind(tc.kind).WithVersion("version"), namespace, name, api.Resource(tc.resource).WithVersion("version"), tc.subresource, admission.Create, false, nil), nil) if tc.expectError { if err == nil { diff --git a/plugin/pkg/admission/antiaffinity/BUILD b/plugin/pkg/admission/antiaffinity/BUILD index a9dcc98505c..3a6b033752b 100644 --- a/plugin/pkg/admission/antiaffinity/BUILD +++ b/plugin/pkg/admission/antiaffinity/BUILD @@ -15,7 +15,7 @@ go_library( importpath = "k8s.io/kubernetes/plugin/pkg/admission/antiaffinity", deps = [ "//pkg/apis/core:go_default_library", - "//pkg/kubelet/apis:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", ], @@ -27,7 +27,7 @@ go_test( embed = [":go_default_library"], deps = [ "//pkg/apis/core:go_default_library", - "//pkg/kubelet/apis:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", diff --git a/plugin/pkg/admission/antiaffinity/admission.go b/plugin/pkg/admission/antiaffinity/admission.go index b3376973977..9e7e5592c0b 100644 --- a/plugin/pkg/admission/antiaffinity/admission.go +++ b/plugin/pkg/admission/antiaffinity/admission.go @@ -20,10 +20,10 @@ import ( "fmt" "io" + "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apiserver/pkg/admission" api "k8s.io/kubernetes/pkg/apis/core" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) const PluginName = "LimitPodHardAntiAffinityTopology" @@ -49,9 +49,9 @@ func NewInterPodAntiAffinity() *Plugin { } } -// Validate will deny any pod that defines AntiAffinity topology key other than kubeletapis.LabelHostname i.e. "kubernetes.io/hostname" +// Validate will deny any pod that defines AntiAffinity topology key other than v1.LabelHostname i.e. "kubernetes.io/hostname" // in requiredDuringSchedulingRequiredDuringExecution and requiredDuringSchedulingIgnoredDuringExecution. -func (p *Plugin) Validate(attributes admission.Attributes) (err error) { +func (p *Plugin) Validate(attributes admission.Attributes, o admission.ObjectInterfaces) (err error) { // Ignore all calls to subresources or resources other than pods. if len(attributes.GetSubresource()) != 0 || attributes.GetResource().GroupResource() != api.Resource("pods") { return nil @@ -71,8 +71,8 @@ func (p *Plugin) Validate(attributes admission.Attributes) (err error) { // podAntiAffinityTerms = append(podAntiAffinityTerms, affinity.PodAntiAffinity.RequiredDuringSchedulingRequiredDuringExecution...) //} for _, v := range podAntiAffinityTerms { - if v.TopologyKey != kubeletapis.LabelHostname { - return apierrors.NewForbidden(attributes.GetResource().GroupResource(), pod.Name, fmt.Errorf("affinity.PodAntiAffinity.RequiredDuringScheduling has TopologyKey %v but only key %v is allowed", v.TopologyKey, kubeletapis.LabelHostname)) + if v.TopologyKey != v1.LabelHostname { + return apierrors.NewForbidden(attributes.GetResource().GroupResource(), pod.Name, fmt.Errorf("affinity.PodAntiAffinity.RequiredDuringScheduling has TopologyKey %v but only key %v is allowed", v.TopologyKey, v1.LabelHostname)) } } } diff --git a/plugin/pkg/admission/antiaffinity/admission_test.go b/plugin/pkg/admission/antiaffinity/admission_test.go index 6d59059a95e..9772716c255 100644 --- a/plugin/pkg/admission/antiaffinity/admission_test.go +++ b/plugin/pkg/admission/antiaffinity/admission_test.go @@ -19,11 +19,11 @@ package antiaffinity import ( "testing" + "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/admission" api "k8s.io/kubernetes/pkg/apis/core" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) // ensures the hard PodAntiAffinity is denied if it defines TopologyKey other than kubernetes.io/hostname. @@ -101,7 +101,7 @@ func TestInterPodAffinityAdmission(t *testing.T) { }, }, }, - TopologyKey: kubeletapis.LabelHostname, + TopologyKey: v1.LabelHostname, }, }, }, @@ -123,7 +123,7 @@ func TestInterPodAffinityAdmission(t *testing.T) { }, }, }, - TopologyKey: kubeletapis.LabelHostname, + TopologyKey: v1.LabelHostname, }, }, }, @@ -167,7 +167,7 @@ func TestInterPodAffinityAdmission(t *testing.T) { }, }, }, - TopologyKey: kubeletapis.LabelHostname, + TopologyKey: v1.LabelHostname, }, { LabelSelector: &metav1.LabelSelector{ MatchExpressions: []metav1.LabelSelectorRequirement{ @@ -189,7 +189,7 @@ func TestInterPodAffinityAdmission(t *testing.T) { }, }, }, - TopologyKey: kubeletapis.LabelHostname, + TopologyKey: v1.LabelHostname, }, }, }, @@ -199,7 +199,7 @@ func TestInterPodAffinityAdmission(t *testing.T) { } for _, test := range tests { pod.Spec.Affinity = test.affinity - err := handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil)) + err := handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil), nil) if test.errorExpected && err == nil { t.Errorf("Expected error for Anti Affinity %+v but did not get an error", test.affinity) @@ -267,7 +267,7 @@ func TestOtherResources(t *testing.T) { for _, tc := range tests { handler := &Plugin{} - err := handler.Validate(admission.NewAttributesRecord(tc.object, nil, api.Kind(tc.kind).WithVersion("version"), namespace, name, api.Resource(tc.resource).WithVersion("version"), tc.subresource, admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(tc.object, nil, api.Kind(tc.kind).WithVersion("version"), namespace, name, api.Resource(tc.resource).WithVersion("version"), tc.subresource, admission.Create, false, nil), nil) if tc.expectError { if err == nil { diff --git a/plugin/pkg/admission/antiaffinity/doc.go b/plugin/pkg/admission/antiaffinity/doc.go index d8a9b87ede9..28db3a0434f 100644 --- a/plugin/pkg/admission/antiaffinity/doc.go +++ b/plugin/pkg/admission/antiaffinity/doc.go @@ -16,7 +16,7 @@ limitations under the License. // LimitPodHardAntiAffinityTopology admission controller rejects any pod // that specifies "hard" (RequiredDuringScheduling) anti-affinity -// with a TopologyKey other than kubeletapis.LabelHostname. +// with a TopologyKey other than v1.LabelHostname. // Because anti-affinity is symmetric, without this admission controller, // a user could maliciously or accidentally specify that their pod (once it has scheduled) // should block other pods from scheduling into the same zone or some other large topology, diff --git a/plugin/pkg/admission/defaulttolerationseconds/admission.go b/plugin/pkg/admission/defaulttolerationseconds/admission.go index c92b9d1b1f1..1bff0d701b2 100644 --- a/plugin/pkg/admission/defaulttolerationseconds/admission.go +++ b/plugin/pkg/admission/defaulttolerationseconds/admission.go @@ -81,7 +81,7 @@ func NewDefaultTolerationSeconds() *Plugin { } // Admit makes an admission decision based on the request attributes -func (p *Plugin) Admit(attributes admission.Attributes) (err error) { +func (p *Plugin) Admit(attributes admission.Attributes, o admission.ObjectInterfaces) (err error) { if attributes.GetResource().GroupResource() != api.Resource("pods") { return nil } diff --git a/plugin/pkg/admission/defaulttolerationseconds/admission_test.go b/plugin/pkg/admission/defaulttolerationseconds/admission_test.go index c6f9a00d38f..09f0fcd944a 100644 --- a/plugin/pkg/admission/defaulttolerationseconds/admission_test.go +++ b/plugin/pkg/admission/defaulttolerationseconds/admission_test.go @@ -263,7 +263,7 @@ func TestForgivenessAdmission(t *testing.T) { } for _, test := range tests { - err := handler.Admit(admission.NewAttributesRecord(&test.requestedPod, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil)) + err := handler.Admit(admission.NewAttributesRecord(&test.requestedPod, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil), nil) if err != nil { t.Errorf("[%s]: unexpected error %v for pod %+v", test.description, err, test.requestedPod) } diff --git a/plugin/pkg/admission/deny/admission.go b/plugin/pkg/admission/deny/admission.go index bf484590cbe..4c9a85e366c 100644 --- a/plugin/pkg/admission/deny/admission.go +++ b/plugin/pkg/admission/deny/admission.go @@ -42,12 +42,12 @@ var _ admission.MutationInterface = alwaysDeny{} var _ admission.ValidationInterface = alwaysDeny{} // Admit makes an admission decision based on the request attributes. -func (alwaysDeny) Admit(a admission.Attributes) (err error) { +func (alwaysDeny) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return admission.NewForbidden(a, errors.New("admission control is denying all modifications")) } // Validate makes an admission decision based on the request attributes. It is NOT allowed to mutate. -func (alwaysDeny) Validate(a admission.Attributes) (err error) { +func (alwaysDeny) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return admission.NewForbidden(a, errors.New("admission control is denying all modifications")) } diff --git a/plugin/pkg/admission/deny/admission_test.go b/plugin/pkg/admission/deny/admission_test.go index 1573a7f7937..1eb7e9928ae 100644 --- a/plugin/pkg/admission/deny/admission_test.go +++ b/plugin/pkg/admission/deny/admission_test.go @@ -25,7 +25,7 @@ import ( func TestAdmission(t *testing.T) { handler := NewAlwaysDeny() - err := handler.(*alwaysDeny).Admit(admission.NewAttributesRecord(nil, nil, api.Kind("kind").WithVersion("version"), "namespace", "name", api.Resource("resource").WithVersion("version"), "subresource", admission.Create, false, nil)) + err := handler.(*alwaysDeny).Admit(admission.NewAttributesRecord(nil, nil, api.Kind("kind").WithVersion("version"), "namespace", "name", api.Resource("resource").WithVersion("version"), "subresource", admission.Create, false, nil), nil) if err == nil { t.Error("Expected error returned from admission handler") } diff --git a/plugin/pkg/admission/eventratelimit/admission.go b/plugin/pkg/admission/eventratelimit/admission.go index 84e92db09d6..00506240556 100644 --- a/plugin/pkg/admission/eventratelimit/admission.go +++ b/plugin/pkg/admission/eventratelimit/admission.go @@ -81,7 +81,7 @@ func newEventRateLimit(config *eventratelimitapi.Configuration, clock flowcontro } // Validate makes admission decisions while enforcing event rate limits -func (a *Plugin) Validate(attr admission.Attributes) (err error) { +func (a *Plugin) Validate(attr admission.Attributes, o admission.ObjectInterfaces) (err error) { // ignore all operations that do not correspond to an Event kind if attr.GetKind().GroupKind() != api.Kind("Event") { return nil diff --git a/plugin/pkg/admission/eventratelimit/admission_test.go b/plugin/pkg/admission/eventratelimit/admission_test.go index f684852046e..468c3ad5c45 100644 --- a/plugin/pkg/admission/eventratelimit/admission_test.go +++ b/plugin/pkg/admission/eventratelimit/admission_test.go @@ -504,7 +504,7 @@ func TestEventRateLimiting(t *testing.T) { clock.Step(rq.delay) } attributes := attributesForRequest(rq) - err = eventratelimit.Validate(attributes) + err = eventratelimit.Validate(attributes, nil) if rq.accepted != (err == nil) { expectedAction := "admitted" if !rq.accepted { diff --git a/plugin/pkg/admission/eventratelimit/apis/eventratelimit/OWNERS b/plugin/pkg/admission/eventratelimit/apis/eventratelimit/OWNERS old mode 100755 new mode 100644 index 6c48a1a83ef..cc22b22270e --- a/plugin/pkg/admission/eventratelimit/apis/eventratelimit/OWNERS +++ b/plugin/pkg/admission/eventratelimit/apis/eventratelimit/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - derekwaynecarr diff --git a/plugin/pkg/admission/exec/admission.go b/plugin/pkg/admission/exec/admission.go index c4ed9282fb4..a90581a07ad 100644 --- a/plugin/pkg/admission/exec/admission.go +++ b/plugin/pkg/admission/exec/admission.go @@ -111,7 +111,7 @@ func (d *DenyExec) ValidateInitialization() error { } // Validate makes an admission decision based on the request attributes -func (d *DenyExec) Validate(a admission.Attributes) (err error) { +func (d *DenyExec) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { path := a.GetResource().Resource if subresource := a.GetSubresource(); subresource != "" { path = path + "/" + subresource diff --git a/plugin/pkg/admission/exec/admission_test.go b/plugin/pkg/admission/exec/admission_test.go index c8d0b665c1b..14f29abf4af 100644 --- a/plugin/pkg/admission/exec/admission_test.go +++ b/plugin/pkg/admission/exec/admission_test.go @@ -120,7 +120,7 @@ func testAdmission(t *testing.T, pod *corev1.Pod, handler *DenyExec, shouldAccep // pods/exec { - err := handler.Validate(admission.NewAttributesRecord(nil, nil, api.Kind("Pod").WithVersion("version"), "test", pod.Name, api.Resource("pods").WithVersion("version"), "exec", admission.Connect, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(nil, nil, api.Kind("Pod").WithVersion("version"), "test", pod.Name, api.Resource("pods").WithVersion("version"), "exec", admission.Connect, false, nil), nil) if shouldAccept && err != nil { t.Errorf("Unexpected error returned from admission handler: %v", err) } @@ -131,7 +131,7 @@ func testAdmission(t *testing.T, pod *corev1.Pod, handler *DenyExec, shouldAccep // pods/attach { - err := handler.Validate(admission.NewAttributesRecord(nil, nil, api.Kind("Pod").WithVersion("version"), "test", pod.Name, api.Resource("pods").WithVersion("version"), "attach", admission.Connect, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(nil, nil, api.Kind("Pod").WithVersion("version"), "test", pod.Name, api.Resource("pods").WithVersion("version"), "attach", admission.Connect, false, nil), nil) if shouldAccept && err != nil { t.Errorf("Unexpected error returned from admission handler: %v", err) } diff --git a/plugin/pkg/admission/extendedresourcetoleration/admission.go b/plugin/pkg/admission/extendedresourcetoleration/admission.go index 207922a4787..b0bff24518e 100644 --- a/plugin/pkg/admission/extendedresourcetoleration/admission.go +++ b/plugin/pkg/admission/extendedresourcetoleration/admission.go @@ -56,7 +56,7 @@ type plugin struct { // a toleration with key "example.com/device", operator "Exists" and effect "NoSchedule". // The rationale for this is described in: // https://github.com/kubernetes/kubernetes/issues/55080 -func (p *plugin) Admit(attributes admission.Attributes) error { +func (p *plugin) Admit(attributes admission.Attributes, o admission.ObjectInterfaces) error { // Ignore all calls to subresources or resources other than pods. if len(attributes.GetSubresource()) != 0 || attributes.GetResource().GroupResource() != core.Resource("pods") { return nil diff --git a/plugin/pkg/admission/extendedresourcetoleration/admission_test.go b/plugin/pkg/admission/extendedresourcetoleration/admission_test.go index 7c8f6450345..b177950b225 100644 --- a/plugin/pkg/admission/extendedresourcetoleration/admission_test.go +++ b/plugin/pkg/admission/extendedresourcetoleration/admission_test.go @@ -354,7 +354,7 @@ func TestAdmit(t *testing.T) { }, } for i, test := range tests { - err := plugin.Admit(admission.NewAttributesRecord(&test.requestedPod, nil, core.Kind("Pod").WithVersion("version"), "foo", "name", core.Resource("pods").WithVersion("version"), "", "ignored", false, nil)) + err := plugin.Admit(admission.NewAttributesRecord(&test.requestedPod, nil, core.Kind("Pod").WithVersion("version"), "foo", "name", core.Resource("pods").WithVersion("version"), "", "ignored", false, nil), nil) if err != nil { t.Errorf("[%d: %s] unexpected error %v for pod %+v", i, test.description, err, test.requestedPod) } diff --git a/plugin/pkg/admission/gc/gc_admission.go b/plugin/pkg/admission/gc/gc_admission.go index 89122da5a68..4036a2642c6 100644 --- a/plugin/pkg/admission/gc/gc_admission.go +++ b/plugin/pkg/admission/gc/gc_admission.go @@ -84,7 +84,7 @@ func (a *gcPermissionsEnforcement) isWhiteListed(groupResource schema.GroupResou return false } -func (a *gcPermissionsEnforcement) Validate(attributes admission.Attributes) (err error) { +func (a *gcPermissionsEnforcement) Validate(attributes admission.Attributes, o admission.ObjectInterfaces) (err error) { // // if the request is in the whitelist, we skip mutation checks for this resource. if a.isWhiteListed(attributes.GetResource().GroupResource(), attributes.GetSubresource()) { return nil diff --git a/plugin/pkg/admission/gc/gc_admission_test.go b/plugin/pkg/admission/gc/gc_admission_test.go index a7d51cd0ef1..8e0ef132ed7 100644 --- a/plugin/pkg/admission/gc/gc_admission_test.go +++ b/plugin/pkg/admission/gc/gc_admission_test.go @@ -100,7 +100,7 @@ func newGCPermissionsEnforcement() (*gcPermissionsEnforcement, error) { whiteList: whiteList, } - genericPluginInitializer := initializer.New(nil, nil, fakeAuthorizer{}, nil) + genericPluginInitializer := initializer.New(nil, nil, fakeAuthorizer{}) fakeDiscoveryClient := &fakediscovery.FakeDiscovery{Fake: &coretesting.Fake{}} fakeDiscoveryClient.Resources = []*metav1.APIResourceList{ { @@ -308,7 +308,7 @@ func TestGCAdmission(t *testing.T) { user := &user.DefaultInfo{Name: tc.username} attributes := admission.NewAttributesRecord(tc.newObj, tc.oldObj, schema.GroupVersionKind{}, metav1.NamespaceDefault, "foo", tc.resource, tc.subresource, operation, false, user) - err = gcAdmit.Validate(attributes) + err = gcAdmit.Validate(attributes, nil) if !tc.checkError(err) { t.Errorf("unexpected err: %v", err) } @@ -611,7 +611,7 @@ func TestBlockOwnerDeletionAdmission(t *testing.T) { user := &user.DefaultInfo{Name: tc.username} attributes := admission.NewAttributesRecord(tc.newObj, tc.oldObj, schema.GroupVersionKind{}, metav1.NamespaceDefault, "foo", tc.resource, tc.subresource, operation, false, user) - err := gcAdmit.Validate(attributes) + err := gcAdmit.Validate(attributes, nil) if !tc.checkError(err) { t.Errorf("%v: unexpected err: %v", tc.name, err) } diff --git a/plugin/pkg/admission/imagepolicy/admission.go b/plugin/pkg/admission/imagepolicy/admission.go index cfcb70a0472..bf79294022a 100644 --- a/plugin/pkg/admission/imagepolicy/admission.go +++ b/plugin/pkg/admission/imagepolicy/admission.go @@ -131,7 +131,7 @@ func (a *Plugin) webhookError(pod *api.Pod, attributes admission.Attributes, err } // Validate makes an admission decision based on the request attributes -func (a *Plugin) Validate(attributes admission.Attributes) (err error) { +func (a *Plugin) Validate(attributes admission.Attributes, o admission.ObjectInterfaces) (err error) { // Ignore all calls to subresources or resources other than pods. if attributes.GetSubresource() != "" || attributes.GetResource().GroupResource() != api.Resource("pods") { return nil diff --git a/plugin/pkg/admission/imagepolicy/admission_test.go b/plugin/pkg/admission/imagepolicy/admission_test.go index 3bb47380b8d..3d748082a15 100644 --- a/plugin/pkg/admission/imagepolicy/admission_test.go +++ b/plugin/pkg/admission/imagepolicy/admission_test.go @@ -487,7 +487,7 @@ func TestTLSConfig(t *testing.T) { // Allow all and see if we get an error. service.Allow() - err = wh.Validate(attr) + err = wh.Validate(attr, nil) if tt.wantAllowed { if err != nil { t.Errorf("expected successful admission") @@ -509,7 +509,7 @@ func TestTLSConfig(t *testing.T) { } service.Deny() - if err := wh.Validate(attr); err == nil { + if err := wh.Validate(attr, nil); err == nil { t.Errorf("%s: incorrectly admitted with DenyAll policy", tt.test) } }) @@ -526,7 +526,7 @@ type webhookCacheTestCase struct { func testWebhookCacheCases(t *testing.T, serv *mockService, wh *Plugin, attr admission.Attributes, tests []webhookCacheTestCase) { for _, test := range tests { serv.statusCode = test.statusCode - err := wh.Validate(attr) + err := wh.Validate(attr, nil) authorized := err == nil if test.expectedErr && err == nil { @@ -759,7 +759,7 @@ func TestContainerCombinations(t *testing.T) { attr := admission.NewAttributesRecord(tt.pod, nil, api.Kind("Pod").WithVersion("version"), "namespace", "", api.Resource("pods").WithVersion("version"), "", admission.Create, false, &user.DefaultInfo{}) - err = wh.Validate(attr) + err = wh.Validate(attr, nil) if tt.wantAllowed { if err != nil { t.Errorf("expected successful admission: %s", tt.test) @@ -855,7 +855,7 @@ func TestDefaultAllow(t *testing.T) { annotations := make(map[string]string) attr = &fakeAttributes{attr, annotations} - err = wh.Validate(attr) + err = wh.Validate(attr, nil) if tt.wantAllowed { if err != nil { t.Errorf("expected successful admission") @@ -963,7 +963,7 @@ func TestAnnotationFiltering(t *testing.T) { attr := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "namespace", "", api.Resource("pods").WithVersion("version"), "", admission.Create, false, &user.DefaultInfo{}) - err = wh.Validate(attr) + err = wh.Validate(attr, nil) if err != nil { t.Errorf("expected successful admission") } @@ -1055,7 +1055,7 @@ func TestReturnedAnnotationAdd(t *testing.T) { annotations := make(map[string]string) attr = &fakeAttributes{attr, annotations} - err = wh.Validate(attr) + err = wh.Validate(attr, nil) if !reflect.DeepEqual(annotations, tt.expectedAnnotations) { t.Errorf("got audit annotations: %v; want: %v", annotations, tt.expectedAnnotations) } diff --git a/plugin/pkg/admission/limitranger/admission.go b/plugin/pkg/admission/limitranger/admission.go index 99356487d09..3e2d7613316 100644 --- a/plugin/pkg/admission/limitranger/admission.go +++ b/plugin/pkg/admission/limitranger/admission.go @@ -99,12 +99,12 @@ func (l *LimitRanger) ValidateInitialization() error { } // Admit admits resources into cluster that do not violate any defined LimitRange in the namespace -func (l *LimitRanger) Admit(a admission.Attributes) (err error) { +func (l *LimitRanger) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return l.runLimitFunc(a, l.actions.MutateLimit) } // Validate admits resources into cluster that do not violate any defined LimitRange in the namespace -func (l *LimitRanger) Validate(a admission.Attributes) (err error) { +func (l *LimitRanger) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return l.runLimitFunc(a, l.actions.ValidateLimit) } diff --git a/plugin/pkg/admission/limitranger/admission_test.go b/plugin/pkg/admission/limitranger/admission_test.go index 21515e2fd91..ec184e4dfc7 100644 --- a/plugin/pkg/admission/limitranger/admission_test.go +++ b/plugin/pkg/admission/limitranger/admission_test.go @@ -705,20 +705,20 @@ func TestLimitRangerIgnoresSubresource(t *testing.T) { informerFactory.Start(wait.NeverStop) testPod := validPod("testPod", 1, api.ResourceRequirements{}) - err = handler.Admit(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Fatal(err) } - err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected an error since the pod did not specify resource limits in its create call") } - err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("Expected not to call limitranger actions on pod updates") } - err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "status", admission.Update, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "status", admission.Update, false, nil), nil) if err != nil { t.Errorf("Should have ignored calls to any subresource of pod %v", err) } @@ -735,20 +735,20 @@ func TestLimitRangerAdmitPod(t *testing.T) { informerFactory.Start(wait.NeverStop) testPod := validPod("testPod", 1, api.ResourceRequirements{}) - err = handler.Admit(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Fatal(err) } - err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected an error since the pod did not specify resource limits in its create call") } - err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("Expected not to call limitranger actions on pod updates") } - err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "status", admission.Update, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "status", admission.Update, false, nil), nil) if err != nil { t.Errorf("Should have ignored calls to any subresource of pod %v", err) } @@ -757,7 +757,7 @@ func TestLimitRangerAdmitPod(t *testing.T) { terminatingPod := validPod("terminatingPod", 1, api.ResourceRequirements{}) now := metav1.Now() terminatingPod.DeletionTimestamp = &now - err = handler.Validate(admission.NewAttributesRecord(&terminatingPod, &terminatingPod, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "terminatingPod", api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&terminatingPod, &terminatingPod, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "terminatingPod", api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("LimitRange should ignore a pod marked for termination") } @@ -788,7 +788,7 @@ func newHandlerForTest(c clientset.Interface) (*LimitRanger, informers.SharedInf if err != nil { return nil, f, err } - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, f, nil) pluginInitializer.Initialize(handler) err = admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/namespace/autoprovision/admission.go b/plugin/pkg/admission/namespace/autoprovision/admission.go index 07bb104fcc7..2c95f49e895 100644 --- a/plugin/pkg/admission/namespace/autoprovision/admission.go +++ b/plugin/pkg/admission/namespace/autoprovision/admission.go @@ -55,7 +55,7 @@ var _ = genericadmissioninitializer.WantsExternalKubeInformerFactory(&Provision{ var _ = genericadmissioninitializer.WantsExternalKubeClientSet(&Provision{}) // Admit makes an admission decision based on the request attributes -func (p *Provision) Admit(a admission.Attributes) error { +func (p *Provision) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { // Don't create a namespace if the request is for a dry-run. if a.IsDryRun() { return nil diff --git a/plugin/pkg/admission/namespace/autoprovision/admission_test.go b/plugin/pkg/admission/namespace/autoprovision/admission_test.go index 8e5e0dca5f4..cde6f315bf8 100644 --- a/plugin/pkg/admission/namespace/autoprovision/admission_test.go +++ b/plugin/pkg/admission/namespace/autoprovision/admission_test.go @@ -39,7 +39,7 @@ import ( func newHandlerForTest(c clientset.Interface) (admission.MutationInterface, informers.SharedInformerFactory, error) { f := informers.NewSharedInformerFactory(c, 5*time.Minute) handler := NewProvision() - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, f, nil) pluginInitializer.Initialize(handler) err := admission.ValidateInitialization(handler) return handler, f, err @@ -99,7 +99,7 @@ func TestAdmission(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("unexpected error returned from admission handler") } @@ -119,7 +119,7 @@ func TestAdmissionNamespaceExists(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("unexpected error returned from admission handler") } @@ -139,7 +139,7 @@ func TestAdmissionDryRun(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, true, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, true, nil), nil) if err != nil { t.Errorf("unexpected error returned from admission handler") } @@ -160,7 +160,7 @@ func TestIgnoreAdmission(t *testing.T) { chainHandler := admission.NewChainHandler(handler) pod := newPod(namespace) - err = chainHandler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil)) + err = chainHandler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("unexpected error returned from admission handler") } @@ -182,7 +182,7 @@ func TestAdmissionWithLatentCache(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("unexpected error returned from admission handler") } diff --git a/plugin/pkg/admission/namespace/exists/admission.go b/plugin/pkg/admission/namespace/exists/admission.go index 40f76a47337..703081747d1 100644 --- a/plugin/pkg/admission/namespace/exists/admission.go +++ b/plugin/pkg/admission/namespace/exists/admission.go @@ -54,7 +54,7 @@ var _ = genericadmissioninitializer.WantsExternalKubeInformerFactory(&Exists{}) var _ = genericadmissioninitializer.WantsExternalKubeClientSet(&Exists{}) // Validate makes an admission decision based on the request attributes -func (e *Exists) Validate(a admission.Attributes) error { +func (e *Exists) Validate(a admission.Attributes, o admission.ObjectInterfaces) error { // if we're here, then we've already passed authentication, so we're allowed to do what we're trying to do // if we're here, then the API server has found a route, which means that if we have a non-empty namespace // its a namespaced resource. diff --git a/plugin/pkg/admission/namespace/exists/admission_test.go b/plugin/pkg/admission/namespace/exists/admission_test.go index 2aa72bc89c7..c1cbfa5b188 100644 --- a/plugin/pkg/admission/namespace/exists/admission_test.go +++ b/plugin/pkg/admission/namespace/exists/admission_test.go @@ -38,7 +38,7 @@ import ( func newHandlerForTest(c kubernetes.Interface) (admission.ValidationInterface, informers.SharedInformerFactory, error) { f := informers.NewSharedInformerFactory(c, 5*time.Minute) handler := NewExists() - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, f, nil) pluginInitializer.Initialize(handler) err := admission.ValidateInitialization(handler) return handler, f, err @@ -88,7 +88,7 @@ func TestAdmissionNamespaceExists(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("unexpected error returned from admission handler") } @@ -108,7 +108,7 @@ func TestAdmissionNamespaceDoesNotExist(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { actions := "" for _, action := range mockClient.Actions() { diff --git a/plugin/pkg/admission/noderestriction/BUILD b/plugin/pkg/admission/noderestriction/BUILD index 5c3bd1e93dc..6a632ef2722 100644 --- a/plugin/pkg/admission/noderestriction/BUILD +++ b/plugin/pkg/admission/noderestriction/BUILD @@ -19,6 +19,7 @@ go_library( "//pkg/auth/nodeidentifier:go_default_library", "//pkg/features:go_default_library", "//pkg/kubelet/apis:go_default_library", + "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", diff --git a/plugin/pkg/admission/noderestriction/OWNERS b/plugin/pkg/admission/noderestriction/OWNERS index 5a7794867cf..8ce6a83f6bd 100644 --- a/plugin/pkg/admission/noderestriction/OWNERS +++ b/plugin/pkg/admission/noderestriction/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-node-isolation-approvers reviewers: diff --git a/plugin/pkg/admission/noderestriction/admission.go b/plugin/pkg/admission/noderestriction/admission.go index e44f0263924..305fdddad66 100644 --- a/plugin/pkg/admission/noderestriction/admission.go +++ b/plugin/pkg/admission/noderestriction/admission.go @@ -21,6 +21,7 @@ import ( "io" "strings" + "k8s.io/api/core/v1" apiequality "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" @@ -101,7 +102,7 @@ var ( csiNodeInfoResource = csiv1alpha1.Resource("csinodeinfos") ) -func (c *nodePlugin) Admit(a admission.Attributes) error { +func (c *nodePlugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { nodeName, isNode := c.nodeIdentifier.NodeIdentity(a.GetUserInfo()) // Our job is just to restrict nodes @@ -434,7 +435,7 @@ func (c *nodePlugin) getForbiddenCreateLabels(modifiedLabels sets.String) sets.S for label := range modifiedLabels { namespace := getLabelNamespace(label) // forbid kubelets from setting node-restriction labels - if namespace == kubeletapis.LabelNamespaceNodeRestriction || strings.HasSuffix(namespace, "."+kubeletapis.LabelNamespaceNodeRestriction) { + if namespace == v1.LabelNamespaceNodeRestriction || strings.HasSuffix(namespace, "."+v1.LabelNamespaceNodeRestriction) { forbiddenLabels.Insert(label) } } @@ -451,7 +452,7 @@ func (c *nodePlugin) getForbiddenUpdateLabels(modifiedLabels sets.String) sets.S for label := range modifiedLabels { namespace := getLabelNamespace(label) // forbid kubelets from setting node-restriction labels - if namespace == kubeletapis.LabelNamespaceNodeRestriction || strings.HasSuffix(namespace, "."+kubeletapis.LabelNamespaceNodeRestriction) { + if namespace == v1.LabelNamespaceNodeRestriction || strings.HasSuffix(namespace, "."+v1.LabelNamespaceNodeRestriction) { forbiddenLabels.Insert(label) } // forbid kubelets from setting unknown kubernetes.io and k8s.io labels on update diff --git a/plugin/pkg/admission/noderestriction/admission_test.go b/plugin/pkg/admission/noderestriction/admission_test.go index 1ebadaf9f94..a81d9fa7dd9 100644 --- a/plugin/pkg/admission/noderestriction/admission_test.go +++ b/plugin/pkg/admission/noderestriction/admission_test.go @@ -1234,7 +1234,7 @@ func Test_nodePlugin_Admit(t *testing.T) { c.features = tt.features } c.podsGetter = tt.podsGetter - err := c.Admit(tt.attributes) + err := c.Admit(tt.attributes, nil) if (err == nil) != (len(tt.err) == 0) { t.Errorf("nodePlugin.Admit() error = %v, expected %v", err, tt.err) return diff --git a/plugin/pkg/admission/nodetaint/admission.go b/plugin/pkg/admission/nodetaint/admission.go index 71cce0d9e21..dbf0931ba2e 100644 --- a/plugin/pkg/admission/nodetaint/admission.go +++ b/plugin/pkg/admission/nodetaint/admission.go @@ -64,7 +64,7 @@ var ( ) // Admit is the main function that checks node identity and adds taints as needed. -func (p *Plugin) Admit(a admission.Attributes) error { +func (p *Plugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { // If TaintNodesByCondition is not enabled, we don't need to do anything. if !p.features.Enabled(features.TaintNodesByCondition) { return nil diff --git a/plugin/pkg/admission/nodetaint/admission_test.go b/plugin/pkg/admission/nodetaint/admission_test.go index 28c5a2da8c6..8cd075c21ef 100644 --- a/plugin/pkg/admission/nodetaint/admission_test.go +++ b/plugin/pkg/admission/nodetaint/admission_test.go @@ -100,7 +100,7 @@ func Test_nodeTaints(t *testing.T) { if tt.features != nil { c.features = tt.features } - err := c.Admit(attributes) + err := c.Admit(attributes, nil) if err != nil { t.Errorf("nodePlugin.Admit() error = %v", err) } diff --git a/plugin/pkg/admission/podnodeselector/admission.go b/plugin/pkg/admission/podnodeselector/admission.go index e3e81ea7164..94fe90ec7d0 100644 --- a/plugin/pkg/admission/podnodeselector/admission.go +++ b/plugin/pkg/admission/podnodeselector/admission.go @@ -94,7 +94,7 @@ func readConfig(config io.Reader) *pluginConfig { } // Admit enforces that pod and its namespace node label selectors matches at least a node in the cluster. -func (p *podNodeSelector) Admit(a admission.Attributes) error { +func (p *podNodeSelector) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { if shouldIgnore(a) { return nil } @@ -117,11 +117,11 @@ func (p *podNodeSelector) Admit(a admission.Attributes) error { // second selector wins podNodeSelectorLabels := labels.Merge(namespaceNodeSelector, pod.Spec.NodeSelector) pod.Spec.NodeSelector = map[string]string(podNodeSelectorLabels) - return p.Validate(a) + return p.Validate(a, o) } // Validate ensures that the pod node selector is allowed -func (p *podNodeSelector) Validate(a admission.Attributes) error { +func (p *podNodeSelector) Validate(a admission.Attributes, o admission.ObjectInterfaces) error { if shouldIgnore(a) { return nil } diff --git a/plugin/pkg/admission/podnodeselector/admission_test.go b/plugin/pkg/admission/podnodeselector/admission_test.go index 398ef18fb1f..73f1da09834 100644 --- a/plugin/pkg/admission/podnodeselector/admission_test.go +++ b/plugin/pkg/admission/podnodeselector/admission_test.go @@ -161,7 +161,7 @@ func TestPodAdmission(t *testing.T) { handler.clusterNodeSelectors[namespace.Name] = test.whitelist pod.Spec = api.PodSpec{NodeSelector: test.podNodeSelector} - err := handler.Admit(admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "testNamespace", namespace.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Admit(admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "testNamespace", namespace.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if test.admit && err != nil { t.Errorf("Test: %s, expected no error but got: %s", test.testName, err) } else if !test.admit && err == nil { @@ -170,7 +170,7 @@ func TestPodAdmission(t *testing.T) { if test.admit && !labels.Equals(test.mergedNodeSelector, labels.Set(pod.Spec.NodeSelector)) { t.Errorf("Test: %s, expected: %s but got: %s", test.testName, test.mergedNodeSelector, pod.Spec.NodeSelector) } - err = handler.Validate(admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "testNamespace", namespace.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "testNamespace", namespace.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if test.admit && err != nil { t.Errorf("Test: %s, expected no error but got: %s", test.testName, err) } else if !test.admit && err == nil { @@ -197,7 +197,7 @@ func TestHandles(t *testing.T) { func newHandlerForTest(c kubernetes.Interface) (*podNodeSelector, informers.SharedInformerFactory, error) { f := informers.NewSharedInformerFactory(c, 5*time.Minute) handler := NewPodNodeSelector(nil) - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, f, nil) pluginInitializer.Initialize(handler) err := admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/podpreset/admission.go b/plugin/pkg/admission/podpreset/admission.go index e86f4511c4d..db53562b9c4 100644 --- a/plugin/pkg/admission/podpreset/admission.go +++ b/plugin/pkg/admission/podpreset/admission.go @@ -90,7 +90,7 @@ func (a *podPresetPlugin) SetExternalKubeInformerFactory(f informers.SharedInfor } // Admit injects a pod with the specific fields for each pod preset it matches. -func (c *podPresetPlugin) Admit(a admission.Attributes) error { +func (c *podPresetPlugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { // Ignore all calls to subresources or resources other than pods. // Ignore all operations other than CREATE. if len(a.GetSubresource()) != 0 || a.GetResource().GroupResource() != api.Resource("pods") || a.GetOperation() != admission.Create { diff --git a/plugin/pkg/admission/podpreset/admission_test.go b/plugin/pkg/admission/podpreset/admission_test.go index 8e1a7fa4cc7..3dd8692fd99 100644 --- a/plugin/pkg/admission/podpreset/admission_test.go +++ b/plugin/pkg/admission/podpreset/admission_test.go @@ -823,7 +823,7 @@ func admitPod(pod *api.Pod, pip *settingsv1alpha1.PodPreset) error { &user.DefaultInfo{}, ) - err := plugin.Admit(attrs) + err := plugin.Admit(attrs, nil) if err != nil { return err } diff --git a/plugin/pkg/admission/podtolerationrestriction/admission.go b/plugin/pkg/admission/podtolerationrestriction/admission.go index 92ae3726cbc..12d7beb5a51 100644 --- a/plugin/pkg/admission/podtolerationrestriction/admission.go +++ b/plugin/pkg/admission/podtolerationrestriction/admission.go @@ -81,7 +81,7 @@ type podTolerationsPlugin struct { // instead if specified. Tolerations to a namespace are assigned via // scheduler.alpha.kubernetes.io/defaultTolerations and scheduler.alpha.kubernetes.io/tolerationsWhitelist // annotations keys. -func (p *podTolerationsPlugin) Admit(a admission.Attributes) error { +func (p *podTolerationsPlugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { if shouldIgnore(a) { return nil } @@ -134,9 +134,9 @@ func (p *podTolerationsPlugin) Admit(a admission.Attributes) error { } pod.Spec.Tolerations = finalTolerations - return p.Validate(a) + return p.Validate(a, o) } -func (p *podTolerationsPlugin) Validate(a admission.Attributes) error { +func (p *podTolerationsPlugin) Validate(a admission.Attributes, o admission.ObjectInterfaces) error { if shouldIgnore(a) { return nil } diff --git a/plugin/pkg/admission/podtolerationrestriction/admission_test.go b/plugin/pkg/admission/podtolerationrestriction/admission_test.go index 8736d2de03a..7b7d9d88034 100644 --- a/plugin/pkg/admission/podtolerationrestriction/admission_test.go +++ b/plugin/pkg/admission/podtolerationrestriction/admission_test.go @@ -254,7 +254,7 @@ func TestPodAdmission(t *testing.T) { pod := test.pod pod.Spec.Tolerations = test.podTolerations - err = handler.Admit(admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "testNamespace", namespace.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "testNamespace", namespace.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if test.admit && err != nil { t.Errorf("Test: %s, expected no error but got: %s", test.testName, err) } else if !test.admit && err == nil { @@ -331,7 +331,7 @@ func TestIgnoreUpdatingInitializedPod(t *testing.T) { } // if the update of initialized pod is not ignored, an error will be returned because the pod's Tolerations conflicts with namespace's Tolerations. - err = handler.Admit(admission.NewAttributesRecord(pod, pod, api.Kind("Pod").WithVersion("version"), "testNamespace", pod.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(pod, pod, api.Kind("Pod").WithVersion("version"), "testNamespace", pod.ObjectMeta.Name, api.Resource("pods").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("expected no error, got: %v", err) } @@ -346,7 +346,7 @@ func newHandlerForTest(c kubernetes.Interface) (*podTolerationsPlugin, informers return nil, nil, err } handler := NewPodTolerationsPlugin(pluginConfig) - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, f, nil) pluginInitializer.Initialize(handler) err = admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/OWNERS b/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/OWNERS index 2563b9f7668..477188cc1d3 100644 --- a/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/OWNERS +++ b/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: approvers: diff --git a/plugin/pkg/admission/priority/admission.go b/plugin/pkg/admission/priority/admission.go index 11ade693533..16e7e85d198 100644 --- a/plugin/pkg/admission/priority/admission.go +++ b/plugin/pkg/admission/priority/admission.go @@ -97,7 +97,7 @@ var ( // Admit checks Pods and admits or rejects them. It also resolves the priority of pods based on their PriorityClass. // Note that pod validation mechanism prevents update of a pod priority. -func (p *priorityPlugin) Admit(a admission.Attributes) error { +func (p *priorityPlugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { if !utilfeature.DefaultFeatureGate.Enabled(features.PodPriority) { return nil } @@ -121,7 +121,7 @@ func (p *priorityPlugin) Admit(a admission.Attributes) error { } // Validate checks PriorityClasses and admits or rejects them. -func (p *priorityPlugin) Validate(a admission.Attributes) error { +func (p *priorityPlugin) Validate(a admission.Attributes, o admission.ObjectInterfaces) error { operation := a.GetOperation() // Ignore all calls to subresources if len(a.GetSubresource()) != 0 { diff --git a/plugin/pkg/admission/priority/admission_test.go b/plugin/pkg/admission/priority/admission_test.go index 8404467c82c..95b53a96dde 100644 --- a/plugin/pkg/admission/priority/admission_test.go +++ b/plugin/pkg/admission/priority/admission_test.go @@ -158,7 +158,7 @@ func TestPriorityClassAdmission(t *testing.T) { false, test.userInfo, ) - err := ctrl.Validate(attrs) + err := ctrl.Validate(attrs, nil) klog.Infof("Got %v", err) if err != nil && !test.expectError { t.Errorf("Test %q: unexpected error received: %v", test.name, err) @@ -254,7 +254,7 @@ func TestDefaultPriority(t *testing.T) { test.name, test.expectedDefaultNameBefore, test.expectedDefaultBefore, pcName, defaultPriority) } if test.attributes != nil { - err := ctrl.Validate(test.attributes) + err := ctrl.Validate(test.attributes, nil) if err != nil { t.Errorf("Test %q: unexpected error received: %v", test.name, err) } @@ -603,7 +603,7 @@ func TestPodAdmission(t *testing.T) { false, nil, ) - err := ctrl.Admit(attrs) + err := ctrl.Admit(attrs, nil) klog.Infof("Got %v", err) if !test.expectError { if err != nil { diff --git a/plugin/pkg/admission/resourcequota/admission.go b/plugin/pkg/admission/resourcequota/admission.go index 43097ef5569..0fad34051fb 100644 --- a/plugin/pkg/admission/resourcequota/admission.go +++ b/plugin/pkg/admission/resourcequota/admission.go @@ -127,7 +127,7 @@ func (a *QuotaAdmission) ValidateInitialization() error { } // Validate makes admission decisions while enforcing quota -func (a *QuotaAdmission) Validate(attr admission.Attributes) (err error) { +func (a *QuotaAdmission) Validate(attr admission.Attributes, o admission.ObjectInterfaces) (err error) { // ignore all operations that correspond to sub-resource actions if attr.GetSubresource() != "" { return nil diff --git a/plugin/pkg/admission/resourcequota/admission_test.go b/plugin/pkg/admission/resourcequota/admission_test.go index be7a8af6bb1..5de5a0eab4d 100644 --- a/plugin/pkg/admission/resourcequota/admission_test.go +++ b/plugin/pkg/admission/resourcequota/admission_test.go @@ -153,7 +153,7 @@ func TestAdmissionIgnoresDelete(t *testing.T) { evaluator: evaluator, } namespace := "default" - err := handler.Validate(admission.NewAttributesRecord(nil, nil, api.Kind("Pod").WithVersion("version"), namespace, "name", corev1.Resource("pods").WithVersion("version"), "", admission.Delete, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(nil, nil, api.Kind("Pod").WithVersion("version"), namespace, "name", corev1.Resource("pods").WithVersion("version"), "", admission.Delete, false, nil), nil) if err != nil { t.Errorf("ResourceQuota should admit all deletes: %v", err) } @@ -190,11 +190,11 @@ func TestAdmissionIgnoresSubresources(t *testing.T) { } informerFactory.Core().V1().ResourceQuotas().Informer().GetIndexer().Add(resourceQuota) newPod := validPod("123", 1, getResourceRequirements(getResourceList("100m", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected an error because the pod exceeded allowed quota") } - err = handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "subresource", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "subresource", admission.Create, false, nil), nil) if err != nil { t.Errorf("Did not expect an error because the action went to a subresource: %v", err) } @@ -235,7 +235,7 @@ func TestAdmitBelowQuotaLimit(t *testing.T) { } informerFactory.Core().V1().ResourceQuotas().Informer().GetIndexer().Add(resourceQuota) newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("100m", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -318,13 +318,13 @@ func TestAdmitDryRun(t *testing.T) { informerFactory.Core().V1().ResourceQuotas().Informer().GetIndexer().Add(resourceQuota) newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("100m", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, true, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, true, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } newPod = validPod("too-large-pod", 1, getResourceRequirements(getResourceList("100m", "60Gi"), getResourceList("", ""))) - err = handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, true, nil)) + err = handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, true, nil), nil) if err == nil { t.Errorf("Expected error but got none") } @@ -384,7 +384,7 @@ func TestAdmitHandlesOldObjects(t *testing.T) { Ports: []api.ServicePort{{Port: 1234}}, }, } - err := handler.Validate(admission.NewAttributesRecord(newService, existingService, api.Kind("Service").WithVersion("version"), newService.Namespace, newService.Name, corev1.Resource("services").WithVersion("version"), "", admission.Update, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newService, existingService, api.Kind("Service").WithVersion("version"), newService.Namespace, newService.Name, corev1.Resource("services").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -485,7 +485,7 @@ func TestAdmitHandlesNegativePVCUpdates(t *testing.T) { }, } - err := handler.Validate(admission.NewAttributesRecord(newPVC, oldPVC, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPVC.Namespace, newPVC.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Update, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPVC, oldPVC, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPVC.Namespace, newPVC.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -544,7 +544,7 @@ func TestAdmitHandlesPVCUpdates(t *testing.T) { }, } - err := handler.Validate(admission.NewAttributesRecord(newPVC, oldPVC, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPVC.Namespace, newPVC.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Update, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPVC, oldPVC, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPVC.Namespace, newPVC.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -641,7 +641,7 @@ func TestAdmitHandlesCreatingUpdates(t *testing.T) { Ports: []api.ServicePort{{Port: 1234}}, }, } - err := handler.Validate(admission.NewAttributesRecord(newService, oldService, api.Kind("Service").WithVersion("version"), newService.Namespace, newService.Name, corev1.Resource("services").WithVersion("version"), "", admission.Update, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newService, oldService, api.Kind("Service").WithVersion("version"), newService.Namespace, newService.Name, corev1.Resource("services").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -724,7 +724,7 @@ func TestAdmitExceedQuotaLimit(t *testing.T) { } informerFactory.Core().V1().ResourceQuotas().Informer().GetIndexer().Add(resourceQuota) newPod := validPod("not-allowed-pod", 1, getResourceRequirements(getResourceList("3", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected an error exceeding quota") } @@ -770,7 +770,7 @@ func TestAdmitEnforceQuotaConstraints(t *testing.T) { informerFactory.Core().V1().ResourceQuotas().Informer().GetIndexer().Add(resourceQuota) // verify all values are specified as required on the quota newPod := validPod("not-allowed-pod", 1, getResourceRequirements(getResourceList("100m", "2Gi"), getResourceList("200m", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected an error because the pod does not specify a memory limit") } @@ -821,7 +821,7 @@ func TestAdmitPodInNamespaceWithoutQuota(t *testing.T) { newPod := validPod("not-allowed-pod", 1, getResourceRequirements(getResourceList("100m", "2Gi"), getResourceList("200m", ""))) // Add to the lru cache so we do not do a live client lookup liveLookupCache.Add(newPod.Namespace, liveLookupEntry{expiry: time.Now().Add(time.Duration(30 * time.Second)), items: []*corev1.ResourceQuota{}}) - err = handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Did not expect an error because the pod is in a different namespace than the quota") } @@ -890,7 +890,7 @@ func TestAdmitBelowTerminatingQuotaLimit(t *testing.T) { newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("100m", "2Gi"), getResourceList("", ""))) activeDeadlineSeconds := int64(30) newPod.Spec.ActiveDeadlineSeconds = &activeDeadlineSeconds - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -994,7 +994,7 @@ func TestAdmitBelowBestEffortQuotaLimit(t *testing.T) { // create a pod that is best effort because it does not make a request for anything newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("", ""), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -1084,7 +1084,7 @@ func TestAdmitBestEffortQuotaLimitIgnoresBurstable(t *testing.T) { } informerFactory.Core().V1().ResourceQuotas().Informer().GetIndexer().Add(resourceQuota) newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("100m", "1Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -1174,7 +1174,7 @@ func TestAdmissionSetsMissingNamespace(t *testing.T) { // unset the namespace newPod.ObjectMeta.Namespace = "" - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Got unexpected error: %v", err) } @@ -1217,14 +1217,14 @@ func TestAdmitRejectsNegativeUsage(t *testing.T) { informerFactory.Core().V1().ResourceQuotas().Informer().GetIndexer().Add(resourceQuota) // verify quota rejects negative pvc storage requests newPvc := validPersistentVolumeClaim("not-allowed-pvc", getResourceRequirements(api.ResourceList{api.ResourceStorage: resource.MustParse("-1Gi")}, api.ResourceList{})) - err := handler.Validate(admission.NewAttributesRecord(newPvc, nil, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPvc.Namespace, newPvc.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPvc, nil, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPvc.Namespace, newPvc.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected an error because the pvc has negative storage usage") } // verify quota accepts non-negative pvc storage requests newPvc = validPersistentVolumeClaim("not-allowed-pvc", getResourceRequirements(api.ResourceList{api.ResourceStorage: resource.MustParse("1Gi")}, api.ResourceList{})) - err = handler.Validate(admission.NewAttributesRecord(newPvc, nil, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPvc.Namespace, newPvc.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Validate(admission.NewAttributesRecord(newPvc, nil, api.Kind("PersistentVolumeClaim").WithVersion("version"), newPvc.Namespace, newPvc.Name, corev1.Resource("persistentvolumeclaims").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -1265,7 +1265,7 @@ func TestAdmitWhenUnrelatedResourceExceedsQuota(t *testing.T) { // create a pod that should pass existing quota newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("", ""), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -1299,7 +1299,7 @@ func TestAdmitLimitedResourceNoQuota(t *testing.T) { evaluator: evaluator, } newPod := validPod("not-allowed-pod", 1, getResourceRequirements(getResourceList("3", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected an error for consuming a limited resource without quota.") } @@ -1333,7 +1333,7 @@ func TestAdmitLimitedResourceNoQuotaIgnoresNonMatchingResources(t *testing.T) { evaluator: evaluator, } newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("3", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Fatalf("Unexpected error: %v", err) } @@ -1381,7 +1381,7 @@ func TestAdmitLimitedResourceWithQuota(t *testing.T) { } indexer.Add(resourceQuota) newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("3", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("unexpected error: %v", err) } @@ -1441,7 +1441,7 @@ func TestAdmitLimitedResourceWithMultipleQuota(t *testing.T) { indexer.Add(resourceQuota1) indexer.Add(resourceQuota2) newPod := validPod("allowed-pod", 1, getResourceRequirements(getResourceList("3", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("unexpected error: %v", err) } @@ -1489,7 +1489,7 @@ func TestAdmitLimitedResourceWithQuotaThatDoesNotCover(t *testing.T) { } indexer.Add(resourceQuota) newPod := validPod("not-allowed-pod", 1, getResourceRequirements(getResourceList("3", "2Gi"), getResourceList("", ""))) - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Fatalf("Expected an error since the quota did not cover cpu") } @@ -2150,7 +2150,7 @@ func TestAdmitLimitedScopeWithCoverQuota(t *testing.T) { if testCase.anotherQuota != nil { indexer.Add(testCase.anotherQuota) } - err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Validate(admission.NewAttributesRecord(newPod, nil, api.Kind("Pod").WithVersion("version"), newPod.Namespace, newPod.Name, corev1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if testCase.expErr == "" { if err != nil { t.Fatalf("Testcase, %v, failed with unexpected error: %v. ExpErr: %v", testCase.description, err, testCase.expErr) diff --git a/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS b/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS old mode 100755 new mode 100644 index 6c48a1a83ef..cc22b22270e --- a/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS +++ b/plugin/pkg/admission/resourcequota/apis/resourcequota/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - derekwaynecarr diff --git a/plugin/pkg/admission/security/podsecuritypolicy/OWNERS b/plugin/pkg/admission/security/podsecuritypolicy/OWNERS index 787630abd2f..f558c884f12 100644 --- a/plugin/pkg/admission/security/podsecuritypolicy/OWNERS +++ b/plugin/pkg/admission/security/podsecuritypolicy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-policy-approvers reviewers: diff --git a/plugin/pkg/admission/security/podsecuritypolicy/admission.go b/plugin/pkg/admission/security/podsecuritypolicy/admission.go index f980b932212..4f28229d57d 100644 --- a/plugin/pkg/admission/security/podsecuritypolicy/admission.go +++ b/plugin/pkg/admission/security/podsecuritypolicy/admission.go @@ -109,7 +109,7 @@ func (a *PodSecurityPolicyPlugin) SetExternalKubeInformerFactory(f informers.Sha // 3. Try to generate and validate a PSP with providers. If we find one then admit the pod // with the validated PSP. If we don't find any reject the pod and give all errors from the // failed attempts. -func (c *PodSecurityPolicyPlugin) Admit(a admission.Attributes) error { +func (c *PodSecurityPolicyPlugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { if ignore, err := shouldIgnore(a); err != nil { return err } else if ignore { @@ -149,7 +149,7 @@ func (c *PodSecurityPolicyPlugin) Admit(a admission.Attributes) error { return admission.NewForbidden(a, fmt.Errorf("unable to validate against any pod security policy: %v", validationErrs)) } -func (c *PodSecurityPolicyPlugin) Validate(a admission.Attributes) error { +func (c *PodSecurityPolicyPlugin) Validate(a admission.Attributes, o admission.ObjectInterfaces) error { if ignore, err := shouldIgnore(a); err != nil { return err } else if ignore { diff --git a/plugin/pkg/admission/security/podsecuritypolicy/admission_test.go b/plugin/pkg/admission/security/podsecuritypolicy/admission_test.go index a0ce808020e..6712ab1ee1c 100644 --- a/plugin/pkg/admission/security/podsecuritypolicy/admission_test.go +++ b/plugin/pkg/admission/security/podsecuritypolicy/admission_test.go @@ -475,7 +475,7 @@ func TestFailClosedOnInvalidPod(t *testing.T) { pod := &v1.Pod{} attrs := kadmission.NewAttributesRecord(pod, nil, kapi.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, false, &user.DefaultInfo{}) - err := plugin.Admit(attrs) + err := plugin.Admit(attrs, nil) if err == nil { t.Fatalf("expected versioned pod object to fail mutating admission") } @@ -483,7 +483,7 @@ func TestFailClosedOnInvalidPod(t *testing.T) { t.Errorf("expected type error on Admit but got: %v", err) } - err = plugin.Validate(attrs) + err = plugin.Validate(attrs, nil) if err == nil { t.Fatalf("expected versioned pod object to fail validating admission") } @@ -1779,7 +1779,7 @@ func testPSPAdmitAdvanced(testCaseName string, op kadmission.Operation, psps []* attrs := kadmission.NewAttributesRecord(pod, oldPod, kapi.Kind("Pod").WithVersion("version"), pod.Namespace, "", kapi.Resource("pods").WithVersion("version"), "", op, false, userInfo) annotations := make(map[string]string) attrs = &fakeAttributes{attrs, annotations} - err := plugin.Admit(attrs) + err := plugin.Admit(attrs, nil) if shouldPassAdmit && err != nil { t.Errorf("%s: expected no errors on Admit but received %v", testCaseName, err) @@ -1807,7 +1807,7 @@ func testPSPAdmitAdvanced(testCaseName string, op kadmission.Operation, psps []* t.Errorf("%s: expected errors on Admit but received none", testCaseName) } - err = plugin.Validate(attrs) + err = plugin.Validate(attrs, nil) psp := "" if shouldPassAdmit && op == kadmission.Create { psp = expectedPSP diff --git a/plugin/pkg/admission/securitycontext/scdeny/admission.go b/plugin/pkg/admission/securitycontext/scdeny/admission.go index 5ff6c07a0fd..f17ce851573 100644 --- a/plugin/pkg/admission/securitycontext/scdeny/admission.go +++ b/plugin/pkg/admission/securitycontext/scdeny/admission.go @@ -50,7 +50,7 @@ func NewSecurityContextDeny() *Plugin { } // Validate will deny any pod that defines SupplementalGroups, SELinuxOptions, RunAsUser or FSGroup -func (p *Plugin) Validate(a admission.Attributes) (err error) { +func (p *Plugin) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if a.GetSubresource() != "" || a.GetResource().GroupResource() != api.Resource("pods") { return nil } diff --git a/plugin/pkg/admission/securitycontext/scdeny/admission_test.go b/plugin/pkg/admission/securitycontext/scdeny/admission_test.go index aca4352bec5..65d7ad1d169 100644 --- a/plugin/pkg/admission/securitycontext/scdeny/admission_test.go +++ b/plugin/pkg/admission/securitycontext/scdeny/admission_test.go @@ -82,7 +82,7 @@ func TestAdmission(t *testing.T) { p.Spec.SecurityContext = tc.podSc p.Spec.Containers[0].SecurityContext = tc.sc - err := handler.Validate(admission.NewAttributesRecord(p, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil)) + err := handler.Validate(admission.NewAttributesRecord(p, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil), nil) if err != nil && !tc.expectError { t.Errorf("%v: unexpected error: %v", tc.name, err) } else if err == nil && tc.expectError { @@ -96,7 +96,7 @@ func TestAdmission(t *testing.T) { p.Spec.InitContainers = p.Spec.Containers p.Spec.Containers = nil - err = handler.Validate(admission.NewAttributesRecord(p, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil)) + err = handler.Validate(admission.NewAttributesRecord(p, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil), nil) if err != nil && !tc.expectError { t.Errorf("%v: unexpected error: %v", tc.name, err) } else if err == nil && tc.expectError { @@ -140,7 +140,7 @@ func TestPodSecurityContextAdmission(t *testing.T) { } for _, test := range tests { pod.Spec.SecurityContext = &test.securityContext - err := handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil)) + err := handler.Validate(admission.NewAttributesRecord(&pod, nil, api.Kind("Pod").WithVersion("version"), "foo", "name", api.Resource("pods").WithVersion("version"), "", "ignored", false, nil), nil) if test.errorExpected && err == nil { t.Errorf("Expected error for security context %+v but did not get an error", test.securityContext) diff --git a/plugin/pkg/admission/serviceaccount/OWNERS b/plugin/pkg/admission/serviceaccount/OWNERS index d914c0d7195..c6c376de4e1 100644 --- a/plugin/pkg/admission/serviceaccount/OWNERS +++ b/plugin/pkg/admission/serviceaccount/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-serviceaccounts-approvers reviewers: diff --git a/plugin/pkg/admission/serviceaccount/admission.go b/plugin/pkg/admission/serviceaccount/admission.go index 007e20bf40b..eb9418805b1 100644 --- a/plugin/pkg/admission/serviceaccount/admission.go +++ b/plugin/pkg/admission/serviceaccount/admission.go @@ -148,7 +148,7 @@ func (a *serviceAccount) ValidateInitialization() error { return nil } -func (s *serviceAccount) Admit(a admission.Attributes) (err error) { +func (s *serviceAccount) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if shouldIgnore(a) { return nil } @@ -159,7 +159,7 @@ func (s *serviceAccount) Admit(a admission.Attributes) (err error) { // That makes the kubelet very angry and confused, and it immediately deletes the pod (because the spec doesn't match) // That said, don't allow mirror pods to reference ServiceAccounts or SecretVolumeSources either if _, isMirrorPod := pod.Annotations[api.MirrorPodAnnotationKey]; isMirrorPod { - return s.Validate(a) + return s.Validate(a, o) } // Set the default service account if needed @@ -186,10 +186,10 @@ func (s *serviceAccount) Admit(a admission.Attributes) (err error) { } } - return s.Validate(a) + return s.Validate(a, o) } -func (s *serviceAccount) Validate(a admission.Attributes) (err error) { +func (s *serviceAccount) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if shouldIgnore(a) { return nil } diff --git a/plugin/pkg/admission/serviceaccount/admission_test.go b/plugin/pkg/admission/serviceaccount/admission_test.go index 79ae943d7ee..3caec44f6f8 100644 --- a/plugin/pkg/admission/serviceaccount/admission_test.go +++ b/plugin/pkg/admission/serviceaccount/admission_test.go @@ -65,7 +65,7 @@ func TestIgnoresNonCreate(t *testing.T) { func TestIgnoresNonPodResource(t *testing.T) { pod := &api.Pod{} attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "myns", "myname", api.Resource("CustomResource").WithVersion("version"), "", admission.Create, false, nil) - err := NewServiceAccount().Admit(attrs) + err := NewServiceAccount().Admit(attrs, nil) if err != nil { t.Errorf("Expected non-pod resource allowed, got err: %v", err) } @@ -73,7 +73,7 @@ func TestIgnoresNonPodResource(t *testing.T) { func TestIgnoresNilObject(t *testing.T) { attrs := admission.NewAttributesRecord(nil, nil, api.Kind("Pod").WithVersion("version"), "myns", "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := NewServiceAccount().Admit(attrs) + err := NewServiceAccount().Admit(attrs, nil) if err != nil { t.Errorf("Expected nil object allowed allowed, got err: %v", err) } @@ -82,7 +82,7 @@ func TestIgnoresNilObject(t *testing.T) { func TestIgnoresNonPodObject(t *testing.T) { obj := &api.Namespace{} attrs := admission.NewAttributesRecord(obj, nil, api.Kind("Pod").WithVersion("version"), "myns", "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := NewServiceAccount().Admit(attrs) + err := NewServiceAccount().Admit(attrs, nil) if err != nil { t.Errorf("Expected non pod object allowed, got err: %v", err) } @@ -102,7 +102,7 @@ func TestIgnoresMirrorPod(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "myns", "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := NewServiceAccount().Admit(attrs) + err := NewServiceAccount().Admit(attrs, nil) if err != nil { t.Errorf("Expected mirror pod without service account or secrets allowed, got err: %v", err) } @@ -120,7 +120,7 @@ func TestRejectsMirrorPodWithServiceAccount(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "myns", "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := NewServiceAccount().Admit(attrs) + err := NewServiceAccount().Admit(attrs, nil) if err == nil { t.Errorf("Expected a mirror pod to be prevented from referencing a service account") } @@ -140,7 +140,7 @@ func TestRejectsMirrorPodWithSecretVolumes(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "myns", "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := NewServiceAccount().Admit(attrs) + err := NewServiceAccount().Admit(attrs, nil) if err == nil { t.Errorf("Expected a mirror pod to be prevented from referencing a secret volume") } @@ -165,7 +165,7 @@ func TestRejectsMirrorPodWithServiceAccountTokenVolumeProjections(t *testing.T) }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), "myns", "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := NewServiceAccount().Admit(attrs) + err := NewServiceAccount().Admit(attrs, nil) if err == nil { t.Errorf("Expected a mirror pod to be prevented from referencing a ServiceAccountToken volume projection") } @@ -190,7 +190,7 @@ func TestAssignsDefaultServiceAccountAndToleratesMissingAPIToken(t *testing.T) { pod := &api.Pod{} attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -218,7 +218,7 @@ func TestAssignsDefaultServiceAccountAndRejectsMissingAPIToken(t *testing.T) { pod := &api.Pod{} attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err == nil || !errors.IsServerTimeout(err) { t.Errorf("Expected server timeout error for missing API token: %v", err) } @@ -243,7 +243,7 @@ func TestFetchesUncachedServiceAccount(t *testing.T) { pod := &api.Pod{} attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -265,7 +265,7 @@ func TestDeniesInvalidServiceAccount(t *testing.T) { pod := &api.Pod{} attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err == nil { t.Errorf("Expected error for missing service account, got none") } @@ -331,7 +331,7 @@ func TestAutomountsAPIToken(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -360,7 +360,7 @@ func TestAutomountsAPIToken(t *testing.T) { }, } attrs = admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err != nil { + if err := admit.Admit(attrs, nil); err != nil { t.Errorf("Unexpected error: %v", err) } if pod.Spec.ServiceAccountName != DefaultServiceAccountName { @@ -442,7 +442,7 @@ func TestRespectsExistingMount(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -472,7 +472,7 @@ func TestRespectsExistingMount(t *testing.T) { }, } attrs = admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err != nil { + if err := admit.Admit(attrs, nil); err != nil { t.Errorf("Unexpected error: %v", err) } if pod.Spec.ServiceAccountName != DefaultServiceAccountName { @@ -518,7 +518,7 @@ func TestAllowsReferencedSecret(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod1, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err != nil { + if err := admit.Admit(attrs, nil); err != nil { t.Errorf("Unexpected error: %v", err) } @@ -542,7 +542,7 @@ func TestAllowsReferencedSecret(t *testing.T) { }, } attrs = admission.NewAttributesRecord(pod2, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err != nil { + if err := admit.Admit(attrs, nil); err != nil { t.Errorf("Unexpected error: %v", err) } @@ -566,7 +566,7 @@ func TestAllowsReferencedSecret(t *testing.T) { }, } attrs = admission.NewAttributesRecord(pod2, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err != nil { + if err := admit.Admit(attrs, nil); err != nil { t.Errorf("Unexpected error: %v", err) } } @@ -596,7 +596,7 @@ func TestRejectsUnreferencedSecretVolumes(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod1, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err == nil { + if err := admit.Admit(attrs, nil); err == nil { t.Errorf("Expected rejection for using a secret the service account does not reference") } @@ -620,7 +620,7 @@ func TestRejectsUnreferencedSecretVolumes(t *testing.T) { }, } attrs = admission.NewAttributesRecord(pod2, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err == nil || !strings.Contains(err.Error(), "with envVar") { + if err := admit.Admit(attrs, nil); err == nil || !strings.Contains(err.Error(), "with envVar") { t.Errorf("Unexpected error: %v", err) } @@ -644,7 +644,7 @@ func TestRejectsUnreferencedSecretVolumes(t *testing.T) { }, } attrs = admission.NewAttributesRecord(pod2, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err == nil || !strings.Contains(err.Error(), "with envVar") { + if err := admit.Admit(attrs, nil); err == nil || !strings.Contains(err.Error(), "with envVar") { t.Errorf("Unexpected error: %v", err) } } @@ -675,7 +675,7 @@ func TestAllowUnreferencedSecretVolumesForPermissiveSAs(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err == nil { t.Errorf("Expected rejection for using a secret the service account does not reference") } @@ -707,7 +707,7 @@ func TestAllowsReferencedImagePullSecrets(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -736,7 +736,7 @@ func TestRejectsUnreferencedImagePullSecrets(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err == nil { t.Errorf("Expected rejection for using a secret the service account does not reference") } @@ -769,7 +769,7 @@ func TestDoNotAddImagePullSecrets(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -803,7 +803,7 @@ func TestAddImagePullSecrets(t *testing.T) { pod := &api.Pod{} attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } @@ -884,7 +884,7 @@ func TestMultipleReferencedSecrets(t *testing.T) { } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - if err := admit.Admit(attrs); err != nil { + if err := admit.Admit(attrs, nil); err != nil { t.Fatal(err) } @@ -1038,7 +1038,7 @@ func TestAutomountIsBackwardsCompatible(t *testing.T) { }, } attrs := admission.NewAttributesRecord(pod, nil, api.Kind("Pod").WithVersion("version"), ns, "myname", api.Resource("pods").WithVersion("version"), "", admission.Create, false, nil) - err := admit.Admit(attrs) + err := admit.Admit(attrs, nil) if err != nil { t.Errorf("Unexpected error: %v", err) } diff --git a/plugin/pkg/admission/storage/persistentvolume/label/BUILD b/plugin/pkg/admission/storage/persistentvolume/label/BUILD index 115603d0cf8..ba34eb7fb11 100644 --- a/plugin/pkg/admission/storage/persistentvolume/label/BUILD +++ b/plugin/pkg/admission/storage/persistentvolume/label/BUILD @@ -17,12 +17,11 @@ go_library( "//pkg/apis/core:go_default_library", "//pkg/apis/core/v1:go_default_library", "//pkg/kubeapiserver/admission:go_default_library", - "//pkg/kubelet/apis:go_default_library", - "//pkg/volume:go_default_library", - "//pkg/volume/util:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) @@ -33,7 +32,6 @@ go_test( embed = [":go_default_library"], deps = [ "//pkg/apis/core:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/plugin/pkg/admission/storage/persistentvolume/label/OWNERS b/plugin/pkg/admission/storage/persistentvolume/label/OWNERS index cbf8f2b48e7..8debd4060f2 100644 --- a/plugin/pkg/admission/storage/persistentvolume/label/OWNERS +++ b/plugin/pkg/admission/storage/persistentvolume/label/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - andrewsykim - dims diff --git a/plugin/pkg/admission/storage/persistentvolume/label/admission.go b/plugin/pkg/admission/storage/persistentvolume/label/admission.go index ddaa5189e05..e0b11581012 100644 --- a/plugin/pkg/admission/storage/persistentvolume/label/admission.go +++ b/plugin/pkg/admission/storage/persistentvolume/label/admission.go @@ -27,13 +27,12 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/apiserver/pkg/admission" cloudprovider "k8s.io/cloud-provider" + cloudvolume "k8s.io/cloud-provider/volume" + volumehelpers "k8s.io/cloud-provider/volume/helpers" "k8s.io/klog" api "k8s.io/kubernetes/pkg/apis/core" k8s_api_v1 "k8s.io/kubernetes/pkg/apis/core/v1" kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - vol "k8s.io/kubernetes/pkg/volume" - volumeutil "k8s.io/kubernetes/pkg/volume/util" ) const ( @@ -60,6 +59,7 @@ type persistentVolumeLabel struct { gcePVLabeler cloudprovider.PVLabeler azurePVLabeler cloudprovider.PVLabeler openStackPVLabeler cloudprovider.PVLabeler + vspherePVLabeler cloudprovider.PVLabeler } var _ admission.MutationInterface = &persistentVolumeLabel{} @@ -97,7 +97,7 @@ func nodeSelectorRequirementKeysExistInNodeSelectorTerms(reqs []api.NodeSelector return false } -func (l *persistentVolumeLabel) Admit(a admission.Attributes) (err error) { +func (l *persistentVolumeLabel) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if a.GetResource().GroupResource() != api.Resource("persistentvolumes") { return nil } @@ -139,7 +139,13 @@ func (l *persistentVolumeLabel) Admit(a admission.Attributes) (err error) { } volumeLabels = labels } - + if volume.Spec.VsphereVolume != nil { + labels, err := l.findVsphereVolumeLabels(volume) + if err != nil { + return admission.NewForbidden(a, fmt.Errorf("error querying vSphere Volume %s: %v", volume.Spec.VsphereVolume.VolumePath, err)) + } + volumeLabels = labels + } requirements := make([]api.NodeSelectorRequirement, 0) if len(volumeLabels) != 0 { if volume.Labels == nil { @@ -153,8 +159,8 @@ func (l *persistentVolumeLabel) Admit(a admission.Attributes) (err error) { // Set NodeSelectorRequirements based on the labels var values []string - if k == kubeletapis.LabelZoneFailureDomain { - zones, err := volumeutil.LabelZonesToSet(v) + if k == v1.LabelZoneFailureDomain { + zones, err := volumehelpers.LabelZonesToSet(v) if err != nil { return admission.NewForbidden(a, fmt.Errorf("failed to convert label string for Zone: %s to a Set", v)) } @@ -193,7 +199,7 @@ func (l *persistentVolumeLabel) Admit(a admission.Attributes) (err error) { func (l *persistentVolumeLabel) findAWSEBSLabels(volume *api.PersistentVolume) (map[string]string, error) { // Ignore any volumes that are being provisioned - if volume.Spec.AWSElasticBlockStore.VolumeID == vol.ProvisionedVolumeName { + if volume.Spec.AWSElasticBlockStore.VolumeID == cloudvolume.ProvisionedVolumeName { return nil, nil } pvlabler, err := l.getAWSPVLabeler() @@ -241,7 +247,7 @@ func (l *persistentVolumeLabel) getAWSPVLabeler() (cloudprovider.PVLabeler, erro func (l *persistentVolumeLabel) findGCEPDLabels(volume *api.PersistentVolume) (map[string]string, error) { // Ignore any volumes that are being provisioned - if volume.Spec.GCEPersistentDisk.PDName == vol.ProvisionedVolumeName { + if volume.Spec.GCEPersistentDisk.PDName == cloudvolume.ProvisionedVolumeName { return nil, nil } @@ -316,7 +322,7 @@ func (l *persistentVolumeLabel) getAzurePVLabeler() (cloudprovider.PVLabeler, er func (l *persistentVolumeLabel) findAzureDiskLabels(volume *api.PersistentVolume) (map[string]string, error) { // Ignore any volumes that are being provisioned - if volume.Spec.AzureDisk.DiskName == vol.ProvisionedVolumeName { + if volume.Spec.AzureDisk.DiskName == cloudvolume.ProvisionedVolumeName { return nil, nil } @@ -365,7 +371,7 @@ func (l *persistentVolumeLabel) getOpenStackPVLabeler() (cloudprovider.PVLabeler func (l *persistentVolumeLabel) findCinderDiskLabels(volume *api.PersistentVolume) (map[string]string, error) { // Ignore any volumes that are being provisioned - if volume.Spec.Cinder.VolumeID == vol.ProvisionedVolumeName { + if volume.Spec.Cinder.VolumeID == cloudvolume.ProvisionedVolumeName { return nil, nil } @@ -385,3 +391,48 @@ func (l *persistentVolumeLabel) findCinderDiskLabels(volume *api.PersistentVolum return pvlabler.GetLabelsForVolume(context.TODO(), pv) } + +func (l *persistentVolumeLabel) findVsphereVolumeLabels(volume *api.PersistentVolume) (map[string]string, error) { + pvlabler, err := l.getVspherePVLabeler() + if err != nil { + return nil, err + } + if pvlabler == nil { + return nil, fmt.Errorf("unable to build vSphere cloud provider") + } + + pv := &v1.PersistentVolume{} + err = k8s_api_v1.Convert_core_PersistentVolume_To_v1_PersistentVolume(volume, pv, nil) + if err != nil { + return nil, fmt.Errorf("failed to convert PersistentVolume to core/v1: %q", err) + } + labels, err := pvlabler.GetLabelsForVolume(context.TODO(), pv) + if err != nil { + return nil, err + } + + return labels, nil +} + +func (l *persistentVolumeLabel) getVspherePVLabeler() (cloudprovider.PVLabeler, error) { + l.mutex.Lock() + defer l.mutex.Unlock() + + if l.vspherePVLabeler == nil { + var cloudConfigReader io.Reader + if len(l.cloudConfig) > 0 { + cloudConfigReader = bytes.NewReader(l.cloudConfig) + } + cloudProvider, err := cloudprovider.GetCloudProvider("vsphere", cloudConfigReader) + if err != nil || cloudProvider == nil { + return nil, err + } + vspherePVLabeler, ok := cloudProvider.(cloudprovider.PVLabeler) + if !ok { + // GetCloudProvider failed + return nil, errors.New("vSphere Cloud Provider does not implement PV labeling") + } + l.vspherePVLabeler = vspherePVLabeler + } + return l.vspherePVLabeler, nil +} diff --git a/plugin/pkg/admission/storage/persistentvolume/label/admission_test.go b/plugin/pkg/admission/storage/persistentvolume/label/admission_test.go index a35a845971a..c066d5d7bf5 100644 --- a/plugin/pkg/admission/storage/persistentvolume/label/admission_test.go +++ b/plugin/pkg/admission/storage/persistentvolume/label/admission_test.go @@ -30,7 +30,6 @@ import ( "k8s.io/apiserver/pkg/admission" cloudprovider "k8s.io/cloud-provider" api "k8s.io/kubernetes/pkg/apis/core" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) type mockVolumes struct { @@ -65,9 +64,9 @@ func Test_PVLAdmission(t *testing.T) { name: "non-cloud PV ignored", handler: newPersistentVolumeLabel(), pvlabeler: mockVolumeLabels(map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }), preAdmissionPV: &api.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{Name: "noncloud", Namespace: "myns"}, @@ -173,9 +172,9 @@ func Test_PVLAdmission(t *testing.T) { name: "AWS EBS PV labeled correctly", handler: newPersistentVolumeLabel(), pvlabeler: mockVolumeLabels(map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }), preAdmissionPV: &api.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{Name: "awsebs", Namespace: "myns"}, @@ -192,9 +191,9 @@ func Test_PVLAdmission(t *testing.T) { Name: "awsebs", Namespace: "myns", Labels: map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }, }, Spec: api.PersistentVolumeSpec{ @@ -219,7 +218,7 @@ func Test_PVLAdmission(t *testing.T) { Values: []string{"2"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: api.NodeSelectorOpIn, Values: []string{"1", "2", "3"}, }, @@ -236,9 +235,9 @@ func Test_PVLAdmission(t *testing.T) { name: "GCE PD PV labeled correctly", handler: newPersistentVolumeLabel(), pvlabeler: mockVolumeLabels(map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }), preAdmissionPV: &api.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{Name: "gcepd", Namespace: "myns"}, @@ -255,9 +254,9 @@ func Test_PVLAdmission(t *testing.T) { Name: "gcepd", Namespace: "myns", Labels: map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }, }, Spec: api.PersistentVolumeSpec{ @@ -282,7 +281,7 @@ func Test_PVLAdmission(t *testing.T) { Values: []string{"2"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: api.NodeSelectorOpIn, Values: []string{"1", "2", "3"}, }, @@ -299,9 +298,9 @@ func Test_PVLAdmission(t *testing.T) { name: "Azure Disk PV labeled correctly", handler: newPersistentVolumeLabel(), pvlabeler: mockVolumeLabels(map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }), preAdmissionPV: &api.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ @@ -321,9 +320,9 @@ func Test_PVLAdmission(t *testing.T) { Name: "azurepd", Namespace: "myns", Labels: map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }, }, Spec: api.PersistentVolumeSpec{ @@ -348,7 +347,7 @@ func Test_PVLAdmission(t *testing.T) { Values: []string{"2"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: api.NodeSelectorOpIn, Values: []string{"1", "2", "3"}, }, @@ -365,9 +364,9 @@ func Test_PVLAdmission(t *testing.T) { name: "Cinder Disk PV labeled correctly", handler: newPersistentVolumeLabel(), pvlabeler: mockVolumeLabels(map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }), preAdmissionPV: &api.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ @@ -387,9 +386,9 @@ func Test_PVLAdmission(t *testing.T) { Name: "azurepd", Namespace: "myns", Labels: map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }, }, Spec: api.PersistentVolumeSpec{ @@ -414,7 +413,7 @@ func Test_PVLAdmission(t *testing.T) { Values: []string{"2"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: api.NodeSelectorOpIn, Values: []string{"1", "2", "3"}, }, @@ -431,9 +430,9 @@ func Test_PVLAdmission(t *testing.T) { name: "AWS EBS PV overrides user applied labels", handler: newPersistentVolumeLabel(), pvlabeler: mockVolumeLabels(map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }), preAdmissionPV: &api.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ @@ -456,9 +455,9 @@ func Test_PVLAdmission(t *testing.T) { Name: "awsebs", Namespace: "myns", Labels: map[string]string{ - "a": "1", - "b": "2", - kubeletapis.LabelZoneFailureDomain: "1__2__3", + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", }, }, Spec: api.PersistentVolumeSpec{ @@ -483,7 +482,7 @@ func Test_PVLAdmission(t *testing.T) { Values: []string{"2"}, }, { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Operator: api.NodeSelectorOpIn, Values: []string{"1", "2", "3"}, }, @@ -684,6 +683,72 @@ func Test_PVLAdmission(t *testing.T) { }, err: nil, }, + { + name: "vSphere PV labeled correctly", + handler: newPersistentVolumeLabel(), + pvlabeler: mockVolumeLabels(map[string]string{ + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", + }), + preAdmissionPV: &api.PersistentVolume{ + ObjectMeta: metav1.ObjectMeta{ + Name: "vSpherePV", + Namespace: "myns", + }, + Spec: api.PersistentVolumeSpec{ + PersistentVolumeSource: api.PersistentVolumeSource{ + VsphereVolume: &api.VsphereVirtualDiskVolumeSource{ + VolumePath: "123", + }, + }, + }, + }, + postAdmissionPV: &api.PersistentVolume{ + ObjectMeta: metav1.ObjectMeta{ + Name: "vSpherePV", + Namespace: "myns", + Labels: map[string]string{ + "a": "1", + "b": "2", + v1.LabelZoneFailureDomain: "1__2__3", + }, + }, + Spec: api.PersistentVolumeSpec{ + PersistentVolumeSource: api.PersistentVolumeSource{ + VsphereVolume: &api.VsphereVirtualDiskVolumeSource{ + VolumePath: "123", + }, + }, + NodeAffinity: &api.VolumeNodeAffinity{ + Required: &api.NodeSelector{ + NodeSelectorTerms: []api.NodeSelectorTerm{ + { + MatchExpressions: []api.NodeSelectorRequirement{ + { + Key: "a", + Operator: api.NodeSelectorOpIn, + Values: []string{"1"}, + }, + { + Key: "b", + Operator: api.NodeSelectorOpIn, + Values: []string{"2"}, + }, + { + Key: v1.LabelZoneFailureDomain, + Operator: api.NodeSelectorOpIn, + Values: []string{"1", "2", "3"}, + }, + }, + }, + }, + }, + }, + }, + }, + err: nil, + }, } for _, testcase := range testcases { @@ -691,7 +756,7 @@ func Test_PVLAdmission(t *testing.T) { setPVLabeler(testcase.handler, testcase.pvlabeler) handler := admission.NewChainHandler(testcase.handler) - err := handler.Admit(admission.NewAttributesRecord(testcase.preAdmissionPV, nil, api.Kind("PersistentVolume").WithVersion("version"), testcase.preAdmissionPV.Namespace, testcase.preAdmissionPV.Name, api.Resource("persistentvolumes").WithVersion("version"), "", admission.Create, false, nil)) + err := handler.Admit(admission.NewAttributesRecord(testcase.preAdmissionPV, nil, api.Kind("PersistentVolume").WithVersion("version"), testcase.preAdmissionPV.Namespace, testcase.preAdmissionPV.Name, api.Resource("persistentvolumes").WithVersion("version"), "", admission.Create, false, nil), nil) if !reflect.DeepEqual(err, testcase.err) { t.Logf("expected error: %q", testcase.err) t.Logf("actual error: %q", err) @@ -719,6 +784,7 @@ func setPVLabeler(handler *persistentVolumeLabel, pvlabeler cloudprovider.PVLabe handler.gcePVLabeler = pvlabeler handler.azurePVLabeler = pvlabeler handler.openStackPVLabeler = pvlabeler + handler.vspherePVLabeler = pvlabeler } // sortMatchExpressions sorts a PV's node selector match expressions by key name if it is not nil diff --git a/plugin/pkg/admission/storage/persistentvolume/resize/admission.go b/plugin/pkg/admission/storage/persistentvolume/resize/admission.go index 3a945ea9dcc..e616826faea 100644 --- a/plugin/pkg/admission/storage/persistentvolume/resize/admission.go +++ b/plugin/pkg/admission/storage/persistentvolume/resize/admission.go @@ -71,7 +71,7 @@ func (pvcr *persistentVolumeClaimResize) ValidateInitialization() error { return nil } -func (pvcr *persistentVolumeClaimResize) Validate(a admission.Attributes) error { +func (pvcr *persistentVolumeClaimResize) Validate(a admission.Attributes, o admission.ObjectInterfaces) error { if a.GetResource().GroupResource() != api.Resource("persistentvolumeclaims") { return nil } diff --git a/plugin/pkg/admission/storage/persistentvolume/resize/admission_test.go b/plugin/pkg/admission/storage/persistentvolume/resize/admission_test.go index 0eed48a5c58..e0cb263bddb 100644 --- a/plugin/pkg/admission/storage/persistentvolume/resize/admission_test.go +++ b/plugin/pkg/admission/storage/persistentvolume/resize/admission_test.go @@ -256,7 +256,7 @@ func TestPVCResizeAdmission(t *testing.T) { operation := admission.Update attributes := admission.NewAttributesRecord(tc.newObj, tc.oldObj, schema.GroupVersionKind{}, metav1.NamespaceDefault, "foo", tc.resource, tc.subresource, operation, false, nil) - err := ctrl.Validate(attributes) + err := ctrl.Validate(attributes, nil) if !tc.checkError(err) { t.Errorf("%v: unexpected err: %v", tc.name, err) } diff --git a/plugin/pkg/admission/storage/storageclass/setdefault/admission.go b/plugin/pkg/admission/storage/storageclass/setdefault/admission.go index 98610ae060e..9366312c935 100644 --- a/plugin/pkg/admission/storage/storageclass/setdefault/admission.go +++ b/plugin/pkg/admission/storage/storageclass/setdefault/admission.go @@ -85,7 +85,7 @@ func (a *claimDefaulterPlugin) ValidateInitialization() error { // 1. Find available StorageClasses. // 2. Figure which is the default // 3. Write to the PVClaim -func (a *claimDefaulterPlugin) Admit(attr admission.Attributes) error { +func (a *claimDefaulterPlugin) Admit(attr admission.Attributes, o admission.ObjectInterfaces) error { if attr.GetResource().GroupResource() != api.Resource("persistentvolumeclaims") { return nil } diff --git a/plugin/pkg/admission/storage/storageclass/setdefault/admission_test.go b/plugin/pkg/admission/storage/storageclass/setdefault/admission_test.go index e9d5fcbaf43..45152522f2b 100644 --- a/plugin/pkg/admission/storage/storageclass/setdefault/admission_test.go +++ b/plugin/pkg/admission/storage/storageclass/setdefault/admission_test.go @@ -211,7 +211,7 @@ func TestAdmission(t *testing.T) { false, // dryRun nil, // userInfo ) - err := ctrl.Admit(attrs) + err := ctrl.Admit(attrs, nil) klog.Infof("Got %v", err) if err != nil && !test.expectError { t.Errorf("Test %q: unexpected error received: %v", test.name, err) diff --git a/plugin/pkg/admission/storage/storageobjectinuseprotection/admission.go b/plugin/pkg/admission/storage/storageobjectinuseprotection/admission.go index f9d769c3266..8c70d927c8f 100644 --- a/plugin/pkg/admission/storage/storageobjectinuseprotection/admission.go +++ b/plugin/pkg/admission/storage/storageobjectinuseprotection/admission.go @@ -65,7 +65,7 @@ var ( // // This prevents users from deleting a PVC that's used by a running pod. // This also prevents admin from deleting a PV that's bound by a PVC -func (c *storageProtectionPlugin) Admit(a admission.Attributes) error { +func (c *storageProtectionPlugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { if !feature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) { return nil } diff --git a/plugin/pkg/admission/storage/storageobjectinuseprotection/admission_test.go b/plugin/pkg/admission/storage/storageobjectinuseprotection/admission_test.go index 54ee9da6ae7..1870ea46dee 100644 --- a/plugin/pkg/admission/storage/storageobjectinuseprotection/admission_test.go +++ b/plugin/pkg/admission/storage/storageobjectinuseprotection/admission_test.go @@ -135,7 +135,7 @@ func TestAdmit(t *testing.T) { nil, // userInfo ) - err := ctrl.Admit(attrs) + err := ctrl.Admit(attrs, nil) if err != nil { t.Errorf("Test %q: got unexpected error: %v", test.name, err) } diff --git a/plugin/pkg/auth/OWNERS b/plugin/pkg/auth/OWNERS index 54da3e8166e..4c81dde8eaa 100644 --- a/plugin/pkg/auth/OWNERS +++ b/plugin/pkg/auth/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - erictune - liggitt diff --git a/plugin/pkg/auth/authenticator/OWNERS b/plugin/pkg/auth/authenticator/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/plugin/pkg/auth/authenticator/OWNERS +++ b/plugin/pkg/auth/authenticator/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/plugin/pkg/auth/authorizer/OWNERS b/plugin/pkg/auth/authorizer/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/plugin/pkg/auth/authorizer/OWNERS +++ b/plugin/pkg/auth/authorizer/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/plugin/pkg/auth/authorizer/node/OWNERS b/plugin/pkg/auth/authorizer/node/OWNERS index 5a7794867cf..8ce6a83f6bd 100644 --- a/plugin/pkg/auth/authorizer/node/OWNERS +++ b/plugin/pkg/auth/authorizer/node/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-node-isolation-approvers reviewers: diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go index 31ca13db521..b2983c44e45 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go @@ -23,6 +23,7 @@ import ( rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apiserver/pkg/authentication/user" rbacv1helpers "k8s.io/kubernetes/pkg/apis/rbac/v1" ) @@ -119,10 +120,15 @@ func init() { rbacv1helpers.NewRule("get", "update").Groups(legacyGroup).Resources("configmaps").Names("kube-scheduler").RuleOrDie(), }, }) + + delegatedAuthBinding := rbacv1helpers.NewRoleBinding("extension-apiserver-authentication-reader", metav1.NamespaceSystem).Users(user.KubeControllerManager, user.KubeScheduler).BindingOrDie() + delegatedAuthBinding.Name = "system::extension-apiserver-authentication-reader" + addNamespaceRoleBinding(metav1.NamespaceSystem, delegatedAuthBinding) + addNamespaceRoleBinding(metav1.NamespaceSystem, - rbacv1helpers.NewRoleBinding("system::leader-locking-kube-controller-manager", metav1.NamespaceSystem).SAs(metav1.NamespaceSystem, "kube-controller-manager").BindingOrDie()) + rbacv1helpers.NewRoleBinding("system::leader-locking-kube-controller-manager", metav1.NamespaceSystem).Users(user.KubeControllerManager).SAs(metav1.NamespaceSystem, "kube-controller-manager").BindingOrDie()) addNamespaceRoleBinding(metav1.NamespaceSystem, - rbacv1helpers.NewRoleBinding("system::leader-locking-kube-scheduler", metav1.NamespaceSystem).SAs(metav1.NamespaceSystem, "kube-scheduler").BindingOrDie()) + rbacv1helpers.NewRoleBinding("system::leader-locking-kube-scheduler", metav1.NamespaceSystem).Users(user.KubeScheduler).SAs(metav1.NamespaceSystem, "kube-scheduler").BindingOrDie()) addNamespaceRoleBinding(metav1.NamespaceSystem, rbacv1helpers.NewRoleBinding(saRolePrefix+"bootstrap-signer", metav1.NamespaceSystem).SAs(metav1.NamespaceSystem, "bootstrap-signer").BindingOrDie()) // cloud-provider is deprecated starting Kubernetes 1.10 and will be deleted according to GA deprecation policy. diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go index 6f5ebcac807..6366dc1c836 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go @@ -402,6 +402,7 @@ func ClusterRoles() []rbacv1.ClusterRole { rbacv1helpers.NewRule("update").Groups(legacyGroup).Resources("endpoints", "secrets", "serviceaccounts").RuleOrDie(), // Needed to check API access. These creates are non-mutating rbacv1helpers.NewRule("create").Groups(authenticationGroup).Resources("tokenreviews").RuleOrDie(), + rbacv1helpers.NewRule("create").Groups(authorizationGroup).Resources("subjectaccessreviews").RuleOrDie(), // Needed for all shared informers rbacv1helpers.NewRule("list", "watch").Groups("*").Resources("*").RuleOrDie(), }, @@ -429,6 +430,9 @@ func ClusterRoles() []rbacv1.ClusterRole { // things that pods use or applies to them rbacv1helpers.NewRule(Read...).Groups(policyGroup).Resources("poddisruptionbudgets").RuleOrDie(), rbacv1helpers.NewRule(Read...).Groups(legacyGroup).Resources("persistentvolumeclaims", "persistentvolumes").RuleOrDie(), + // Needed to check API access. These creates are non-mutating + rbacv1helpers.NewRule("create").Groups(authenticationGroup).Resources("tokenreviews").RuleOrDie(), + rbacv1helpers.NewRule("create").Groups(authorizationGroup).Resources("subjectaccessreviews").RuleOrDie(), }, }, { diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml index ea35a1b4b48..f00ff04eb6f 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml @@ -658,6 +658,12 @@ items: - tokenreviews verbs: - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create - apiGroups: - '*' resources: @@ -792,6 +798,18 @@ items: - get - list - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/namespace-role-bindings.yaml b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/namespace-role-bindings.yaml index f0e126d1e82..01216c1cd52 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/namespace-role-bindings.yaml +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/namespace-role-bindings.yaml @@ -18,6 +18,27 @@ items: - kind: ServiceAccount name: bootstrap-signer namespace: kube-system +- apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + creationTimestamp: null + labels: + kubernetes.io/bootstrapping: rbac-defaults + name: system::extension-apiserver-authentication-reader + namespace: kube-system + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader + subjects: + - apiGroup: rbac.authorization.k8s.io + kind: User + name: system:kube-controller-manager + - apiGroup: rbac.authorization.k8s.io + kind: User + name: system:kube-scheduler - apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -33,6 +54,9 @@ items: kind: Role name: system::leader-locking-kube-controller-manager subjects: + - apiGroup: rbac.authorization.k8s.io + kind: User + name: system:kube-controller-manager - kind: ServiceAccount name: kube-controller-manager namespace: kube-system @@ -51,6 +75,9 @@ items: kind: Role name: system::leader-locking-kube-scheduler subjects: + - apiGroup: rbac.authorization.k8s.io + kind: User + name: system:kube-scheduler - kind: ServiceAccount name: kube-scheduler namespace: kube-system diff --git a/staging/OWNERS b/staging/OWNERS index 334c90bd404..0a9750f0234 100644 --- a/staging/OWNERS +++ b/staging/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - lavalamp - smarterclayton diff --git a/staging/publishing/OWNERS b/staging/publishing/OWNERS index 1dda04169ea..96c3d1de06e 100644 --- a/staging/publishing/OWNERS +++ b/staging/publishing/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sttts - nikhita diff --git a/staging/publishing/import-restrictions.yaml b/staging/publishing/import-restrictions.yaml index 2ed1a8a1f61..135d86454b5 100644 --- a/staging/publishing/import-restrictions.yaml +++ b/staging/publishing/import-restrictions.yaml @@ -190,6 +190,7 @@ - k8s.io/apimachinery - k8s.io/apiserver - k8s.io/client-go + - k8s.io/cloud-provider - k8s.io/klog - k8s.io/utils @@ -213,4 +214,5 @@ - k8s.io/api - k8s.io/apimachinery - k8s.io/klog + - k8s.io/cloud-provider - k8s.io/csi-translation-lib diff --git a/staging/publishing/rules.yaml b/staging/publishing/rules.yaml index d2f5735e393..3c3116b9da6 100644 --- a/staging/publishing/rules.yaml +++ b/staging/publishing/rules.yaml @@ -11,11 +11,6 @@ rules: branch: master dir: staging/src/k8s.io/code-generator name: master - - source: - branch: release-1.10 - dir: staging/src/k8s.io/code-generator - name: release-1.10 - go: 1.9.7 - source: branch: release-1.11 dir: staging/src/k8s.io/code-generator @@ -38,11 +33,6 @@ rules: branch: master dir: staging/src/k8s.io/apimachinery name: master - - source: - branch: release-1.10 - dir: staging/src/k8s.io/apimachinery - name: release-1.10 - go: 1.9.7 - source: branch: release-1.11 dir: staging/src/k8s.io/apimachinery @@ -68,14 +58,6 @@ rules: dependencies: - repository: apimachinery branch: master - - source: - branch: release-1.10 - dir: staging/src/k8s.io/api - name: release-1.10 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - source: branch: release-1.11 dir: staging/src/k8s.io/api @@ -112,16 +94,6 @@ rules: branch: master - repository: api branch: master - - source: - branch: release-1.10 - dir: staging/src/k8s.io/client-go - name: release-7.0 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - - repository: api - branch: release-1.10 - source: branch: release-1.11 dir: staging/src/k8s.io/client-go @@ -186,18 +158,6 @@ rules: branch: master - repository: component-base branch: master - - source: - branch: release-1.10 - dir: staging/src/k8s.io/apiserver - name: release-1.10 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - - repository: api - branch: release-1.10 - - repository: client-go - branch: release-7.0 - source: branch: release-1.11 dir: staging/src/k8s.io/apiserver @@ -251,20 +211,6 @@ rules: branch: master - repository: component-base branch: master - - source: - branch: release-1.10 - dir: staging/src/k8s.io/kube-aggregator - name: release-1.10 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - - repository: api - branch: release-1.10 - - repository: client-go - branch: release-7.0 - - repository: apiserver - branch: release-1.10 - source: branch: release-1.11 dir: staging/src/k8s.io/kube-aggregator @@ -328,24 +274,6 @@ rules: branch: master required-packages: - k8s.io/code-generator - - source: - branch: release-1.10 - dir: staging/src/k8s.io/sample-apiserver - name: release-1.10 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - - repository: api - branch: release-1.10 - - repository: client-go - branch: release-7.0 - - repository: apiserver - branch: release-1.10 - - repository: code-generator - branch: release-1.10 - required-packages: - - k8s.io/code-generator - source: branch: release-1.11 dir: staging/src/k8s.io/sample-apiserver @@ -427,22 +355,6 @@ rules: branch: master required-packages: - k8s.io/code-generator - - source: - branch: release-1.10 - dir: staging/src/k8s.io/sample-controller - name: release-1.10 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - - repository: api - branch: release-1.10 - - repository: client-go - branch: release-7.0 - - repository: code-generator - branch: release-1.10 - required-packages: - - k8s.io/code-generator - source: branch: release-1.11 dir: staging/src/k8s.io/sample-controller @@ -521,24 +433,6 @@ rules: branch: master required-packages: - k8s.io/code-generator - - source: - branch: release-1.10 - dir: staging/src/k8s.io/apiextensions-apiserver - name: release-1.10 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - - repository: api - branch: release-1.10 - - repository: client-go - branch: release-7.0 - - repository: apiserver - branch: release-1.10 - - repository: code-generator - branch: release-1.10 - required-packages: - - k8s.io/code-generator - source: branch: release-1.11 dir: staging/src/k8s.io/apiextensions-apiserver @@ -607,18 +501,6 @@ rules: branch: master - repository: client-go branch: master - - source: - branch: release-1.10 - dir: staging/src/k8s.io/metrics - name: release-1.10 - go: 1.9.7 - dependencies: - - repository: apimachinery - branch: release-1.10 - - repository: api - branch: release-1.10 - - repository: client-go - branch: release-7.0 - source: branch: release-1.11 dir: staging/src/k8s.io/metrics @@ -989,3 +871,5 @@ rules: branch: master - repository: apimachinery branch: master + - repository: cloud-provider + branch: master diff --git a/staging/src/BUILD b/staging/src/BUILD index 730d52d8dde..d95371408f7 100644 --- a/staging/src/BUILD +++ b/staging/src/BUILD @@ -98,11 +98,10 @@ filegroup( "//staging/src/k8s.io/apiserver/pkg/storage:all-srcs", "//staging/src/k8s.io/apiserver/pkg/util/dryrun:all-srcs", "//staging/src/k8s.io/apiserver/pkg/util/feature:all-srcs", - "//staging/src/k8s.io/apiserver/pkg/util/flag:all-srcs", "//staging/src/k8s.io/apiserver/pkg/util/flushwriter:all-srcs", - "//staging/src/k8s.io/apiserver/pkg/util/globalflag:all-srcs", "//staging/src/k8s.io/apiserver/pkg/util/openapi:all-srcs", "//staging/src/k8s.io/apiserver/pkg/util/proxy:all-srcs", + "//staging/src/k8s.io/apiserver/pkg/util/term:all-srcs", "//staging/src/k8s.io/apiserver/pkg/util/webhook:all-srcs", "//staging/src/k8s.io/apiserver/pkg/util/wsstream:all-srcs", "//staging/src/k8s.io/apiserver/plugin/pkg/audit:all-srcs", @@ -110,6 +109,7 @@ filegroup( "//staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook:all-srcs", "//staging/src/k8s.io/cli-runtime/artifacts:all-srcs", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:all-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize:all-srcs", "//staging/src/k8s.io/client-go/deprecated-dynamic:all-srcs", "//staging/src/k8s.io/client-go/discovery:all-srcs", "//staging/src/k8s.io/client-go/dynamic:all-srcs", @@ -144,6 +144,7 @@ filegroup( "//staging/src/k8s.io/client-go/listers/extensions/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/listers/imagepolicy/v1alpha1:all-srcs", "//staging/src/k8s.io/client-go/listers/networking/v1:all-srcs", + "//staging/src/k8s.io/client-go/listers/networking/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/listers/policy/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/listers/rbac/v1:all-srcs", "//staging/src/k8s.io/client-go/listers/rbac/v1alpha1:all-srcs", @@ -201,6 +202,8 @@ filegroup( "//staging/src/k8s.io/code-generator/pkg/namer:all-srcs", "//staging/src/k8s.io/code-generator/pkg/util:all-srcs", "//staging/src/k8s.io/code-generator/third_party/forked/golang/reflect:all-srcs", + "//staging/src/k8s.io/component-base/cli/flag:all-srcs", + "//staging/src/k8s.io/component-base/cli/globalflag:all-srcs", "//staging/src/k8s.io/component-base/config:all-srcs", "//staging/src/k8s.io/component-base/logs:all-srcs", "//staging/src/k8s.io/csi-api/pkg/apis/csi/v1alpha1:all-srcs", diff --git a/staging/src/k8s.io/api/BUILD b/staging/src/k8s.io/api/BUILD index 557356468e3..b0d15d0ab9e 100644 --- a/staging/src/k8s.io/api/BUILD +++ b/staging/src/k8s.io/api/BUILD @@ -80,6 +80,7 @@ filegroup( "//staging/src/k8s.io/api/extensions/v1beta1:all-srcs", "//staging/src/k8s.io/api/imagepolicy/v1alpha1:all-srcs", "//staging/src/k8s.io/api/networking/v1:all-srcs", + "//staging/src/k8s.io/api/networking/v1beta1:all-srcs", "//staging/src/k8s.io/api/policy/v1beta1:all-srcs", "//staging/src/k8s.io/api/rbac/v1:all-srcs", "//staging/src/k8s.io/api/rbac/v1alpha1:all-srcs", diff --git a/staging/src/k8s.io/api/CONTRIBUTING.md b/staging/src/k8s.io/api/CONTRIBUTING.md index 094efca3d9f..7cdb7ceda7a 100644 --- a/staging/src/k8s.io/api/CONTRIBUTING.md +++ b/staging/src/k8s.io/api/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/api](https://git.k8s.io/kubernetes/staging/src/k8s.io/api) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/api/Godeps/Godeps.json b/staging/src/k8s.io/api/Godeps/Godeps.json index ba7a314593f..5eeedb72f8f 100644 --- a/staging/src/k8s.io/api/Godeps/Godeps.json +++ b/staging/src/k8s.io/api/Godeps/Godeps.json @@ -40,7 +40,7 @@ }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/spf13/pflag", diff --git a/staging/src/k8s.io/api/Godeps/OWNERS b/staging/src/k8s.io/api/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/api/Godeps/OWNERS +++ b/staging/src/k8s.io/api/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/api/OWNERS b/staging/src/k8s.io/api/OWNERS index 67952cace29..18f847ce7b6 100644 --- a/staging/src/k8s.io/api/OWNERS +++ b/staging/src/k8s.io/api/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/api/apps/OWNERS b/staging/src/k8s.io/api/apps/OWNERS old mode 100755 new mode 100644 index 2f260571a70..5bc3cdabf72 --- a/staging/src/k8s.io/api/apps/OWNERS +++ b/staging/src/k8s.io/api/apps/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/api/apps/v1/types.go b/staging/src/k8s.io/api/apps/v1/types.go index 68ac55bf17a..2fe85745812 100644 --- a/staging/src/k8s.io/api/apps/v1/types.go +++ b/staging/src/k8s.io/api/apps/v1/types.go @@ -69,7 +69,7 @@ const ( // ParallelPodManagement will create and delete pods as soon as the stateful set // replica count is changed, and will not wait for pods to be ready or complete // termination. - ParallelPodManagement = "Parallel" + ParallelPodManagement PodManagementPolicyType = "Parallel" ) // StatefulSetUpdateStrategy indicates the strategy that the StatefulSet diff --git a/staging/src/k8s.io/api/apps/v1beta1/generated.proto b/staging/src/k8s.io/api/apps/v1beta1/generated.proto index f87f39fe94e..7942b997b60 100644 --- a/staging/src/k8s.io/api/apps/v1beta1/generated.proto +++ b/staging/src/k8s.io/api/apps/v1beta1/generated.proto @@ -263,7 +263,7 @@ message RollingUpdateDeployment { // the rolling update starts, such that the total number of old and new pods do not exceed // 130% of desired pods. Once old pods have been killed, // new ReplicaSet can be scaled up further, ensuring that total number of pods running - // at any time during the update is atmost 130% of desired pods. + // at any time during the update is at most 130% of desired pods. // +optional optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2; } diff --git a/staging/src/k8s.io/api/apps/v1beta1/types.go b/staging/src/k8s.io/api/apps/v1beta1/types.go index 326902fd0f8..cf6039df693 100644 --- a/staging/src/k8s.io/api/apps/v1beta1/types.go +++ b/staging/src/k8s.io/api/apps/v1beta1/types.go @@ -17,7 +17,7 @@ limitations under the License. package v1beta1 import ( - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" @@ -111,7 +111,7 @@ const ( // ParallelPodManagement will create and delete pods as soon as the stateful set // replica count is changed, and will not wait for pods to be ready or complete // termination. - ParallelPodManagement = "Parallel" + ParallelPodManagement PodManagementPolicyType = "Parallel" ) // StatefulSetUpdateStrategy indicates the strategy that the StatefulSet @@ -433,7 +433,7 @@ type RollingUpdateDeployment struct { // the rolling update starts, such that the total number of old and new pods do not exceed // 130% of desired pods. Once old pods have been killed, // new ReplicaSet can be scaled up further, ensuring that total number of pods running - // at any time during the update is atmost 130% of desired pods. + // at any time during the update is at most 130% of desired pods. // +optional MaxSurge *intstr.IntOrString `json:"maxSurge,omitempty" protobuf:"bytes,2,opt,name=maxSurge"` } diff --git a/staging/src/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go index 68ebef3487e..da1eb5996eb 100644 --- a/staging/src/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go @@ -149,7 +149,7 @@ func (RollbackConfig) SwaggerDoc() map[string]string { var map_RollingUpdateDeployment = map[string]string{ "": "Spec to control the desired behavior of rolling update.", "maxUnavailable": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", - "maxSurge": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.", + "maxSurge": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.", } func (RollingUpdateDeployment) SwaggerDoc() map[string]string { diff --git a/staging/src/k8s.io/api/apps/v1beta2/generated.proto b/staging/src/k8s.io/api/apps/v1beta2/generated.proto index 5d11cbe8d81..17e43970fa8 100644 --- a/staging/src/k8s.io/api/apps/v1beta2/generated.proto +++ b/staging/src/k8s.io/api/apps/v1beta2/generated.proto @@ -43,7 +43,7 @@ option go_package = "v1beta2"; // depend on its stability. It is primarily for internal use by controllers. message ControllerRevision { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; @@ -56,7 +56,7 @@ message ControllerRevision { // ControllerRevisionList is a resource containing a list of ControllerRevision objects. message ControllerRevisionList { - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -69,12 +69,12 @@ message ControllerRevisionList { // DaemonSet represents the configuration of a daemon set. message DaemonSet { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // The desired behavior of this daemon set. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional DaemonSetSpec spec = 2; @@ -82,7 +82,7 @@ message DaemonSet { // out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional DaemonSetStatus status = 3; } @@ -111,7 +111,7 @@ message DaemonSetCondition { // DaemonSetList is a collection of daemon sets. message DaemonSetList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -374,12 +374,12 @@ message DeploymentStrategy { message ReplicaSet { // If the Labels of a ReplicaSet are empty, they are defaulted to // be the same as the Pod(s) that the ReplicaSet manages. - // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // Spec defines the specification of the desired behavior of the ReplicaSet. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional ReplicaSetSpec spec = 2; @@ -387,7 +387,7 @@ message ReplicaSet { // This data may be out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional ReplicaSetStatus status = 3; } @@ -416,7 +416,7 @@ message ReplicaSetCondition { // ReplicaSetList is a collection of ReplicaSets. message ReplicaSetList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -527,7 +527,7 @@ message RollingUpdateDeployment { // the rolling update starts, such that the total number of old and new pods do not exceed // 130% of desired pods. Once old pods have been killed, // new ReplicaSet can be scaled up further, ensuring that total number of pods running - // at any time during the update is atmost 130% of desired pods. + // at any time during the update is at most 130% of desired pods. // +optional optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2; } @@ -543,15 +543,15 @@ message RollingUpdateStatefulSetStrategy { // Scale represents a scaling request for a resource. message Scale { - // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata. + // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata. // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; - // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. + // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. // +optional optional ScaleSpec spec = 2; - // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only. + // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only. // +optional optional ScaleStatus status = 3; } diff --git a/staging/src/k8s.io/api/apps/v1beta2/types.go b/staging/src/k8s.io/api/apps/v1beta2/types.go index e75589adc54..39e07e278ae 100644 --- a/staging/src/k8s.io/api/apps/v1beta2/types.go +++ b/staging/src/k8s.io/api/apps/v1beta2/types.go @@ -17,7 +17,7 @@ limitations under the License. package v1beta2 import ( - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" @@ -62,15 +62,15 @@ type ScaleStatus struct { // Scale represents a scaling request for a resource. type Scale struct { metav1.TypeMeta `json:",inline"` - // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata. + // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata. // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` - // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. + // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. // +optional Spec ScaleSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` - // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only. + // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only. // +optional Status ScaleStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } @@ -115,7 +115,7 @@ const ( // ParallelPodManagement will create and delete pods as soon as the stateful set // replica count is changed, and will not wait for pods to be ready or complete // termination. - ParallelPodManagement = "Parallel" + ParallelPodManagement PodManagementPolicyType = "Parallel" ) // StatefulSetUpdateStrategy indicates the strategy that the StatefulSet @@ -413,7 +413,7 @@ type RollingUpdateDeployment struct { // the rolling update starts, such that the total number of old and new pods do not exceed // 130% of desired pods. Once old pods have been killed, // new ReplicaSet can be scaled up further, ensuring that total number of pods running - // at any time during the update is atmost 130% of desired pods. + // at any time during the update is at most 130% of desired pods. // +optional MaxSurge *intstr.IntOrString `json:"maxSurge,omitempty" protobuf:"bytes,2,opt,name=maxSurge"` } @@ -666,12 +666,12 @@ type DaemonSetCondition struct { type DaemonSet struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // The desired behavior of this daemon set. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Spec DaemonSetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` @@ -679,7 +679,7 @@ type DaemonSet struct { // out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Status DaemonSetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } @@ -697,7 +697,7 @@ const ( type DaemonSetList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -716,12 +716,12 @@ type ReplicaSet struct { // If the Labels of a ReplicaSet are empty, they are defaulted to // be the same as the Pod(s) that the ReplicaSet manages. - // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // Spec defines the specification of the desired behavior of the ReplicaSet. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Spec ReplicaSetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` @@ -729,7 +729,7 @@ type ReplicaSet struct { // This data may be out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Status ReplicaSetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } @@ -740,7 +740,7 @@ type ReplicaSet struct { type ReplicaSetList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -850,7 +850,7 @@ type ReplicaSetCondition struct { type ControllerRevision struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -867,7 +867,7 @@ type ControllerRevision struct { type ControllerRevisionList struct { metav1.TypeMeta `json:",inline"` - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` diff --git a/staging/src/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go b/staging/src/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go index f8229ceda82..822158a186b 100644 --- a/staging/src/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go @@ -29,7 +29,7 @@ package v1beta2 // AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT. var map_ControllerRevision = map[string]string{ "": "DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1/ControllerRevision. See the release notes for more information. ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "data": "Data is the serialized representation of the state.", "revision": "Revision indicates the revision of the state represented by Data.", } @@ -40,7 +40,7 @@ func (ControllerRevision) SwaggerDoc() map[string]string { var map_ControllerRevisionList = map[string]string{ "": "ControllerRevisionList is a resource containing a list of ControllerRevision objects.", - "metadata": "More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "Items is the list of ControllerRevisions", } @@ -50,9 +50,9 @@ func (ControllerRevisionList) SwaggerDoc() map[string]string { var map_DaemonSet = map[string]string{ "": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "spec": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "status": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "status": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", } func (DaemonSet) SwaggerDoc() map[string]string { @@ -74,7 +74,7 @@ func (DaemonSetCondition) SwaggerDoc() map[string]string { var map_DaemonSetList = map[string]string{ "": "DaemonSetList is a collection of daemon sets.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "A list of daemon sets.", } @@ -202,9 +202,9 @@ func (DeploymentStrategy) SwaggerDoc() map[string]string { var map_ReplicaSet = map[string]string{ "": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.", - "metadata": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "spec": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "status": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "metadata": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "status": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", } func (ReplicaSet) SwaggerDoc() map[string]string { @@ -226,7 +226,7 @@ func (ReplicaSetCondition) SwaggerDoc() map[string]string { var map_ReplicaSetList = map[string]string{ "": "ReplicaSetList is a collection of ReplicaSets.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "items": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", } @@ -272,7 +272,7 @@ func (RollingUpdateDaemonSet) SwaggerDoc() map[string]string { var map_RollingUpdateDeployment = map[string]string{ "": "Spec to control the desired behavior of rolling update.", "maxUnavailable": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", - "maxSurge": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.", + "maxSurge": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.", } func (RollingUpdateDeployment) SwaggerDoc() map[string]string { @@ -290,9 +290,9 @@ func (RollingUpdateStatefulSetStrategy) SwaggerDoc() map[string]string { var map_Scale = map[string]string{ "": "Scale represents a scaling request for a resource.", - "metadata": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "spec": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "status": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.", + "metadata": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.", + "spec": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.", + "status": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only.", } func (Scale) SwaggerDoc() map[string]string { diff --git a/staging/src/k8s.io/api/auditregistration/OWNERS b/staging/src/k8s.io/api/auditregistration/OWNERS index c342e5e0cb7..3ff06a10f52 100644 --- a/staging/src/k8s.io/api/auditregistration/OWNERS +++ b/staging/src/k8s.io/api/auditregistration/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sig-auth-audit-approvers - sig-auth-audit-reviewers diff --git a/staging/src/k8s.io/api/authentication/OWNERS b/staging/src/k8s.io/api/authentication/OWNERS old mode 100755 new mode 100644 index 1b888f0b803..7926aa4d912 --- a/staging/src/k8s.io/api/authentication/OWNERS +++ b/staging/src/k8s.io/api/authentication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sig-auth-authenticators-approvers - sig-auth-authenticators-reviewers diff --git a/staging/src/k8s.io/api/authorization/OWNERS b/staging/src/k8s.io/api/authorization/OWNERS old mode 100755 new mode 100644 index ff4a7f4bf9a..dbc9a28c6f2 --- a/staging/src/k8s.io/api/authorization/OWNERS +++ b/staging/src/k8s.io/api/authorization/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-authorizers-approvers diff --git a/staging/src/k8s.io/api/autoscaling/OWNERS b/staging/src/k8s.io/api/autoscaling/OWNERS old mode 100755 new mode 100644 index 4a495ec2532..dbc1e02356f --- a/staging/src/k8s.io/api/autoscaling/OWNERS +++ b/staging/src/k8s.io/api/autoscaling/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/api/batch/OWNERS b/staging/src/k8s.io/api/batch/OWNERS old mode 100755 new mode 100644 index 38935ff169a..521cd97a2cd --- a/staging/src/k8s.io/api/batch/OWNERS +++ b/staging/src/k8s.io/api/batch/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/api/certificates/OWNERS b/staging/src/k8s.io/api/certificates/OWNERS old mode 100755 new mode 100644 index 1d1ab36e756..d5e6cd985df --- a/staging/src/k8s.io/api/certificates/OWNERS +++ b/staging/src/k8s.io/api/certificates/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/api/core/v1/BUILD b/staging/src/k8s.io/api/core/v1/BUILD index b4b965ad5f2..ee4450562a0 100644 --- a/staging/src/k8s.io/api/core/v1/BUILD +++ b/staging/src/k8s.io/api/core/v1/BUILD @@ -28,6 +28,7 @@ go_library( "toleration.go", "types.go", "types_swagger_doc_generated.go", + "well_known_labels.go", "zz_generated.deepcopy.go", ], importmap = "k8s.io/kubernetes/vendor/k8s.io/api/core/v1", diff --git a/staging/src/k8s.io/api/core/v1/generated.pb.go b/staging/src/k8s.io/api/core/v1/generated.pb.go index 2d79edfcd04..46299a67c50 100644 --- a/staging/src/k8s.io/api/core/v1/generated.pb.go +++ b/staging/src/k8s.io/api/core/v1/generated.pb.go @@ -10545,6 +10545,10 @@ func (m *VolumeMount) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintGenerated(dAtA, i, uint64(len(*m.MountPropagation))) i += copy(dAtA[i:], *m.MountPropagation) } + dAtA[i] = 0x32 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.SubPathExpr))) + i += copy(dAtA[i:], m.SubPathExpr) return i, nil } @@ -14396,6 +14400,8 @@ func (m *VolumeMount) Size() (n int) { l = len(*m.MountPropagation) n += 1 + l + sovGenerated(uint64(l)) } + l = len(m.SubPathExpr) + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -17280,6 +17286,7 @@ func (this *VolumeMount) String() string { `MountPath:` + fmt.Sprintf("%v", this.MountPath) + `,`, `SubPath:` + fmt.Sprintf("%v", this.SubPath) + `,`, `MountPropagation:` + valueToStringGenerated(this.MountPropagation) + `,`, + `SubPathExpr:` + fmt.Sprintf("%v", this.SubPathExpr) + `,`, `}`, }, "") return s @@ -50082,6 +50089,35 @@ func (m *VolumeMount) Unmarshal(dAtA []byte) error { s := MountPropagationMode(dAtA[iNdEx:postIndex]) m.MountPropagation = &s iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SubPathExpr", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.SubPathExpr = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -51684,809 +51720,810 @@ func init() { } var fileDescriptorGenerated = []byte{ - // 12856 bytes of a gzipped FileDescriptorProto + // 12871 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0xbd, 0x6b, 0x90, 0x24, 0x57, 0x56, 0x18, 0xbc, 0x59, 0x55, 0xfd, 0xa8, 0xd3, 0xef, 0x3b, 0x33, 0x52, 0x4f, 0x4b, 0x33, 0x35, 0x4a, 0xed, 0x8e, 0x46, 0x2b, 0xa9, 0x67, 0x35, 0x92, 0x56, 0x62, 0xa5, 0x15, 0x74, 0x77, 0x75, 0xcf, 0x94, 0x66, 0xba, 0xa7, 0x74, 0xab, 0x67, 0xb4, 0x2b, 0xb4, 0xcb, 0x66, 0x57, 0xdd, 0xee, 0x4e, 0x75, 0x76, 0x66, 0x29, 0x33, 0xab, 0x67, 0x5a, 0x1f, 0x44, 0x7c, 0x5e, 0x0c, 0x66, 0x0d, - 0xe1, 0xd8, 0x30, 0x1b, 0x7e, 0x00, 0x81, 0x23, 0x30, 0x0e, 0xc0, 0xd8, 0x0e, 0x63, 0x30, 0x60, - 0x16, 0x6c, 0x0c, 0xfe, 0x81, 0xff, 0xac, 0xb1, 0x23, 0x1c, 0x4b, 0x04, 0xe1, 0x36, 0x34, 0x0e, - 0x3b, 0xf8, 0x61, 0x70, 0x18, 0xff, 0x30, 0x6d, 0xc2, 0x38, 0xee, 0x33, 0xef, 0xcd, 0xca, 0xac, - 0xaa, 0x1e, 0xf5, 0xb4, 0x04, 0xb1, 0xff, 0xaa, 0xee, 0x39, 0xf7, 0xdc, 0x9b, 0xf7, 0x79, 0xce, - 0xb9, 0xe7, 0x01, 0xaf, 0xee, 0xbc, 0x12, 0xcd, 0xbb, 0xc1, 0xd5, 0x9d, 0xce, 0x06, 0x09, 0x7d, - 0x12, 0x93, 0xe8, 0xea, 0x1e, 0xf1, 0x5b, 0x41, 0x78, 0x55, 0x00, 0x9c, 0xb6, 0x7b, 0xb5, 0x19, - 0x84, 0xe4, 0xea, 0xde, 0xf3, 0x57, 0xb7, 0x88, 0x4f, 0x42, 0x27, 0x26, 0xad, 0xf9, 0x76, 0x18, - 0xc4, 0x01, 0x42, 0x1c, 0x67, 0xde, 0x69, 0xbb, 0xf3, 0x14, 0x67, 0x7e, 0xef, 0xf9, 0xb9, 0xe7, - 0xb6, 0xdc, 0x78, 0xbb, 0xb3, 0x31, 0xdf, 0x0c, 0x76, 0xaf, 0x6e, 0x05, 0x5b, 0xc1, 0x55, 0x86, - 0xba, 0xd1, 0xd9, 0x64, 0xff, 0xd8, 0x1f, 0xf6, 0x8b, 0x93, 0x98, 0x7b, 0x31, 0x69, 0x66, 0xd7, - 0x69, 0x6e, 0xbb, 0x3e, 0x09, 0xf7, 0xaf, 0xb6, 0x77, 0xb6, 0x58, 0xbb, 0x21, 0x89, 0x82, 0x4e, - 0xd8, 0x24, 0xe9, 0x86, 0x7b, 0xd6, 0x8a, 0xae, 0xee, 0x92, 0xd8, 0xc9, 0xe8, 0xee, 0xdc, 0xd5, - 0xbc, 0x5a, 0x61, 0xc7, 0x8f, 0xdd, 0xdd, 0xee, 0x66, 0x3e, 0xdd, 0xaf, 0x42, 0xd4, 0xdc, 0x26, - 0xbb, 0x4e, 0x57, 0xbd, 0x17, 0xf2, 0xea, 0x75, 0x62, 0xd7, 0xbb, 0xea, 0xfa, 0x71, 0x14, 0x87, - 0xe9, 0x4a, 0xf6, 0x37, 0x2d, 0xb8, 0xb4, 0xf0, 0x56, 0x63, 0xd9, 0x73, 0xa2, 0xd8, 0x6d, 0x2e, - 0x7a, 0x41, 0x73, 0xa7, 0x11, 0x07, 0x21, 0xb9, 0x1b, 0x78, 0x9d, 0x5d, 0xd2, 0x60, 0x03, 0x81, - 0x9e, 0x85, 0xd1, 0x3d, 0xf6, 0xbf, 0x56, 0x9d, 0xb5, 0x2e, 0x59, 0x57, 0xca, 0x8b, 0xd3, 0xbf, - 0x75, 0x50, 0xf9, 0xd8, 0xe1, 0x41, 0x65, 0xf4, 0xae, 0x28, 0xc7, 0x0a, 0x03, 0x5d, 0x86, 0xe1, - 0xcd, 0x68, 0x7d, 0xbf, 0x4d, 0x66, 0x0b, 0x0c, 0x77, 0x52, 0xe0, 0x0e, 0xaf, 0x34, 0x68, 0x29, - 0x16, 0x50, 0x74, 0x15, 0xca, 0x6d, 0x27, 0x8c, 0xdd, 0xd8, 0x0d, 0xfc, 0xd9, 0xe2, 0x25, 0xeb, - 0xca, 0xd0, 0xe2, 0x8c, 0x40, 0x2d, 0xd7, 0x25, 0x00, 0x27, 0x38, 0xb4, 0x1b, 0x21, 0x71, 0x5a, - 0xb7, 0x7d, 0x6f, 0x7f, 0xb6, 0x74, 0xc9, 0xba, 0x32, 0x9a, 0x74, 0x03, 0x8b, 0x72, 0xac, 0x30, - 0xec, 0x1f, 0x29, 0xc0, 0xe8, 0xc2, 0xe6, 0xa6, 0xeb, 0xbb, 0xf1, 0x3e, 0xba, 0x0b, 0xe3, 0x7e, - 0xd0, 0x22, 0xf2, 0x3f, 0xfb, 0x8a, 0xb1, 0x6b, 0x97, 0xe6, 0xbb, 0x97, 0xd2, 0xfc, 0x9a, 0x86, - 0xb7, 0x38, 0x7d, 0x78, 0x50, 0x19, 0xd7, 0x4b, 0xb0, 0x41, 0x07, 0x61, 0x18, 0x6b, 0x07, 0x2d, - 0x45, 0xb6, 0xc0, 0xc8, 0x56, 0xb2, 0xc8, 0xd6, 0x13, 0xb4, 0xc5, 0xa9, 0xc3, 0x83, 0xca, 0x98, - 0x56, 0x80, 0x75, 0x22, 0x68, 0x03, 0xa6, 0xe8, 0x5f, 0x3f, 0x76, 0x15, 0xdd, 0x22, 0xa3, 0xfb, - 0x64, 0x1e, 0x5d, 0x0d, 0x75, 0xf1, 0xcc, 0xe1, 0x41, 0x65, 0x2a, 0x55, 0x88, 0xd3, 0x04, 0xed, - 0xf7, 0x61, 0x72, 0x21, 0x8e, 0x9d, 0xe6, 0x36, 0x69, 0xf1, 0x19, 0x44, 0x2f, 0x42, 0xc9, 0x77, - 0x76, 0x89, 0x98, 0xdf, 0x4b, 0x62, 0x60, 0x4b, 0x6b, 0xce, 0x2e, 0x39, 0x3a, 0xa8, 0x4c, 0xdf, - 0xf1, 0xdd, 0xf7, 0x3a, 0x62, 0x55, 0xd0, 0x32, 0xcc, 0xb0, 0xd1, 0x35, 0x80, 0x16, 0xd9, 0x73, - 0x9b, 0xa4, 0xee, 0xc4, 0xdb, 0x62, 0xbe, 0x91, 0xa8, 0x0b, 0x55, 0x05, 0xc1, 0x1a, 0x96, 0x7d, - 0x1f, 0xca, 0x0b, 0x7b, 0x81, 0xdb, 0xaa, 0x07, 0xad, 0x08, 0xed, 0xc0, 0x54, 0x3b, 0x24, 0x9b, - 0x24, 0x54, 0x45, 0xb3, 0xd6, 0xa5, 0xe2, 0x95, 0xb1, 0x6b, 0x57, 0x32, 0x3f, 0xd6, 0x44, 0x5d, - 0xf6, 0xe3, 0x70, 0x7f, 0xf1, 0x51, 0xd1, 0xde, 0x54, 0x0a, 0x8a, 0xd3, 0x94, 0xed, 0x7f, 0x53, - 0x80, 0x73, 0x0b, 0xef, 0x77, 0x42, 0x52, 0x75, 0xa3, 0x9d, 0xf4, 0x0a, 0x6f, 0xb9, 0xd1, 0xce, - 0x5a, 0x32, 0x02, 0x6a, 0x69, 0x55, 0x45, 0x39, 0x56, 0x18, 0xe8, 0x39, 0x18, 0xa1, 0xbf, 0xef, - 0xe0, 0x9a, 0xf8, 0xe4, 0x33, 0x02, 0x79, 0xac, 0xea, 0xc4, 0x4e, 0x95, 0x83, 0xb0, 0xc4, 0x41, - 0xab, 0x30, 0xd6, 0x64, 0x1b, 0x72, 0x6b, 0x35, 0x68, 0x11, 0x36, 0x99, 0xe5, 0xc5, 0x67, 0x28, - 0xfa, 0x52, 0x52, 0x7c, 0x74, 0x50, 0x99, 0xe5, 0x7d, 0x13, 0x24, 0x34, 0x18, 0xd6, 0xeb, 0x23, - 0x5b, 0xed, 0xaf, 0x12, 0xa3, 0x04, 0x19, 0x7b, 0xeb, 0x8a, 0xb6, 0x55, 0x86, 0xd8, 0x56, 0x19, - 0xcf, 0xde, 0x26, 0xe8, 0x79, 0x28, 0xed, 0xb8, 0x7e, 0x6b, 0x76, 0x98, 0xd1, 0xba, 0x40, 0xe7, - 0xfc, 0xa6, 0xeb, 0xb7, 0x8e, 0x0e, 0x2a, 0x33, 0x46, 0x77, 0x68, 0x21, 0x66, 0xa8, 0xf6, 0x9f, - 0x58, 0x50, 0x61, 0xb0, 0x15, 0xd7, 0x23, 0x75, 0x12, 0x46, 0x6e, 0x14, 0x13, 0x3f, 0x36, 0x06, - 0xf4, 0x1a, 0x40, 0x44, 0x9a, 0x21, 0x89, 0xb5, 0x21, 0x55, 0x0b, 0xa3, 0xa1, 0x20, 0x58, 0xc3, - 0xa2, 0x07, 0x42, 0xb4, 0xed, 0x84, 0x6c, 0x7d, 0x89, 0x81, 0x55, 0x07, 0x42, 0x43, 0x02, 0x70, - 0x82, 0x63, 0x1c, 0x08, 0xc5, 0x7e, 0x07, 0x02, 0xfa, 0x2c, 0x4c, 0x25, 0x8d, 0x45, 0x6d, 0xa7, - 0x29, 0x07, 0x90, 0x6d, 0x99, 0x86, 0x09, 0xc2, 0x69, 0x5c, 0xfb, 0x1f, 0x5a, 0x62, 0xf1, 0xd0, - 0xaf, 0xfe, 0x88, 0x7f, 0xab, 0xfd, 0xcb, 0x16, 0x8c, 0x2c, 0xba, 0x7e, 0xcb, 0xf5, 0xb7, 0xd0, - 0x97, 0x60, 0x94, 0xde, 0x4d, 0x2d, 0x27, 0x76, 0xc4, 0xb9, 0xf7, 0x29, 0x6d, 0x6f, 0xa9, 0xab, - 0x62, 0xbe, 0xbd, 0xb3, 0x45, 0x0b, 0xa2, 0x79, 0x8a, 0x4d, 0x77, 0xdb, 0xed, 0x8d, 0x77, 0x49, - 0x33, 0x5e, 0x25, 0xb1, 0x93, 0x7c, 0x4e, 0x52, 0x86, 0x15, 0x55, 0x74, 0x13, 0x86, 0x63, 0x27, - 0xdc, 0x22, 0xb1, 0x38, 0x00, 0x33, 0x0f, 0x2a, 0x5e, 0x13, 0xd3, 0x1d, 0x49, 0xfc, 0x26, 0x49, - 0xae, 0x85, 0x75, 0x56, 0x15, 0x0b, 0x12, 0xf6, 0x5f, 0x1f, 0x86, 0xf3, 0x4b, 0x8d, 0x5a, 0xce, - 0xba, 0xba, 0x0c, 0xc3, 0xad, 0xd0, 0xdd, 0x23, 0xa1, 0x18, 0x67, 0x45, 0xa5, 0xca, 0x4a, 0xb1, - 0x80, 0xa2, 0x57, 0x60, 0x9c, 0x5f, 0x48, 0x37, 0x1c, 0xbf, 0xe5, 0xc9, 0x21, 0x3e, 0x2b, 0xb0, - 0xc7, 0xef, 0x6a, 0x30, 0x6c, 0x60, 0x1e, 0x73, 0x51, 0x5d, 0x4e, 0x6d, 0xc6, 0xbc, 0xcb, 0xee, - 0x2b, 0x16, 0x4c, 0xf3, 0x66, 0x16, 0xe2, 0x38, 0x74, 0x37, 0x3a, 0x31, 0x89, 0x66, 0x87, 0xd8, - 0x49, 0xb7, 0x94, 0x35, 0x5a, 0xb9, 0x23, 0x30, 0x7f, 0x37, 0x45, 0x85, 0x1f, 0x82, 0xb3, 0xa2, - 0xdd, 0xe9, 0x34, 0x18, 0x77, 0x35, 0x8b, 0xbe, 0xd7, 0x82, 0xb9, 0x66, 0xe0, 0xc7, 0x61, 0xe0, - 0x79, 0x24, 0xac, 0x77, 0x36, 0x3c, 0x37, 0xda, 0xe6, 0xeb, 0x14, 0x93, 0x4d, 0x76, 0x12, 0xe4, - 0xcc, 0xa1, 0x42, 0x12, 0x73, 0x78, 0xf1, 0xf0, 0xa0, 0x32, 0xb7, 0x94, 0x4b, 0x0a, 0xf7, 0x68, - 0x06, 0xed, 0x00, 0xa2, 0x57, 0x69, 0x23, 0x76, 0xb6, 0x48, 0xd2, 0xf8, 0xc8, 0xe0, 0x8d, 0x3f, - 0x72, 0x78, 0x50, 0x41, 0x6b, 0x5d, 0x24, 0x70, 0x06, 0x59, 0xf4, 0x1e, 0x9c, 0xa5, 0xa5, 0x5d, - 0xdf, 0x3a, 0x3a, 0x78, 0x73, 0xb3, 0x87, 0x07, 0x95, 0xb3, 0x6b, 0x19, 0x44, 0x70, 0x26, 0xe9, - 0xb9, 0x25, 0x38, 0x97, 0x39, 0x55, 0x68, 0x1a, 0x8a, 0x3b, 0x84, 0xb3, 0x20, 0x65, 0x4c, 0x7f, - 0xa2, 0xb3, 0x30, 0xb4, 0xe7, 0x78, 0x1d, 0xb1, 0x4a, 0x31, 0xff, 0xf3, 0x99, 0xc2, 0x2b, 0x96, - 0xdd, 0x84, 0xf1, 0x25, 0xa7, 0xed, 0x6c, 0xb8, 0x9e, 0x1b, 0xbb, 0x24, 0x42, 0x4f, 0x41, 0xd1, - 0x69, 0xb5, 0xd8, 0x15, 0x59, 0x5e, 0x3c, 0x77, 0x78, 0x50, 0x29, 0x2e, 0xb4, 0xe8, 0x59, 0x0d, - 0x0a, 0x6b, 0x1f, 0x53, 0x0c, 0xf4, 0x49, 0x28, 0xb5, 0xc2, 0xa0, 0x3d, 0x5b, 0x60, 0x98, 0x74, - 0xa8, 0x4a, 0xd5, 0x30, 0x68, 0xa7, 0x50, 0x19, 0x8e, 0xfd, 0xeb, 0x05, 0x78, 0x7c, 0x89, 0xb4, - 0xb7, 0x57, 0x1a, 0x39, 0x9b, 0xee, 0x0a, 0x8c, 0xee, 0x06, 0xbe, 0x1b, 0x07, 0x61, 0x24, 0x9a, - 0x66, 0xb7, 0xc9, 0xaa, 0x28, 0xc3, 0x0a, 0x8a, 0x2e, 0x41, 0xa9, 0x9d, 0x70, 0x02, 0xe3, 0x92, - 0x8b, 0x60, 0x3c, 0x00, 0x83, 0x50, 0x8c, 0x4e, 0x44, 0x42, 0x71, 0x0b, 0x2a, 0x8c, 0x3b, 0x11, - 0x09, 0x31, 0x83, 0x24, 0xc7, 0x29, 0x3d, 0x68, 0xc5, 0xb6, 0x4a, 0x1d, 0xa7, 0x14, 0x82, 0x35, - 0x2c, 0x54, 0x87, 0x72, 0xa4, 0x26, 0x75, 0x68, 0xf0, 0x49, 0x9d, 0x60, 0xe7, 0xad, 0x9a, 0xc9, - 0x84, 0x88, 0x71, 0x0c, 0x0c, 0xf7, 0x3d, 0x6f, 0xbf, 0x5e, 0x00, 0xc4, 0x87, 0xf0, 0x2f, 0xd8, - 0xc0, 0xdd, 0xe9, 0x1e, 0xb8, 0x4c, 0xce, 0xeb, 0x56, 0xd0, 0x74, 0xbc, 0xf4, 0x11, 0x7e, 0x52, - 0xa3, 0xf7, 0xbf, 0x2c, 0x78, 0x7c, 0xc9, 0xf5, 0x5b, 0x24, 0xcc, 0x59, 0x80, 0x0f, 0x47, 0x00, - 0x39, 0xde, 0x49, 0x6f, 0x2c, 0xb1, 0xd2, 0x09, 0x2c, 0x31, 0xfb, 0x8f, 0x2d, 0x40, 0xfc, 0xb3, - 0x3f, 0x72, 0x1f, 0x7b, 0xa7, 0xfb, 0x63, 0x4f, 0x60, 0x59, 0xd8, 0xb7, 0x60, 0x72, 0xc9, 0x73, - 0x89, 0x1f, 0xd7, 0xea, 0x4b, 0x81, 0xbf, 0xe9, 0x6e, 0xa1, 0xcf, 0xc0, 0x24, 0x95, 0x69, 0x83, - 0x4e, 0xdc, 0x20, 0xcd, 0xc0, 0x67, 0xec, 0x3f, 0x95, 0x04, 0xd1, 0xe1, 0x41, 0x65, 0x72, 0xdd, - 0x80, 0xe0, 0x14, 0xa6, 0xfd, 0xbb, 0x74, 0xfc, 0x82, 0xdd, 0x76, 0xe0, 0x13, 0x3f, 0x5e, 0x0a, - 0xfc, 0x16, 0x17, 0x13, 0x3f, 0x03, 0xa5, 0x98, 0x8e, 0x07, 0x1f, 0xbb, 0xcb, 0x72, 0xa3, 0xd0, - 0x51, 0x38, 0x3a, 0xa8, 0x3c, 0xd2, 0x5d, 0x83, 0x8d, 0x13, 0xab, 0x83, 0xbe, 0x0d, 0x86, 0xa3, - 0xd8, 0x89, 0x3b, 0x91, 0x18, 0xcd, 0x27, 0xe4, 0x68, 0x36, 0x58, 0xe9, 0xd1, 0x41, 0x65, 0x4a, - 0x55, 0xe3, 0x45, 0x58, 0x54, 0x40, 0x4f, 0xc3, 0xc8, 0x2e, 0x89, 0x22, 0x67, 0x4b, 0x72, 0xf8, - 0x53, 0xa2, 0xee, 0xc8, 0x2a, 0x2f, 0xc6, 0x12, 0x8e, 0x9e, 0x84, 0x21, 0x12, 0x86, 0x41, 0x28, - 0xf6, 0xe8, 0x84, 0x40, 0x1c, 0x5a, 0xa6, 0x85, 0x98, 0xc3, 0xec, 0x7f, 0x67, 0xc1, 0x94, 0xea, - 0x2b, 0x6f, 0xeb, 0x14, 0x58, 0xb9, 0xb7, 0x01, 0x9a, 0xf2, 0x03, 0x23, 0x76, 0x7b, 0x8c, 0x5d, - 0xbb, 0x9c, 0xc9, 0xa0, 0x74, 0x0d, 0x63, 0x42, 0x59, 0x15, 0x45, 0x58, 0xa3, 0x66, 0xff, 0x9a, - 0x05, 0x67, 0x52, 0x5f, 0x74, 0xcb, 0x8d, 0x62, 0xf4, 0x4e, 0xd7, 0x57, 0xcd, 0x0f, 0xf6, 0x55, - 0xb4, 0x36, 0xfb, 0x26, 0xb5, 0x94, 0x65, 0x89, 0xf6, 0x45, 0x37, 0x60, 0xc8, 0x8d, 0xc9, 0xae, - 0xfc, 0x98, 0x27, 0x7b, 0x7e, 0x0c, 0xef, 0x55, 0x32, 0x23, 0x35, 0x5a, 0x13, 0x73, 0x02, 0xf6, - 0x0f, 0x17, 0xa1, 0xcc, 0x97, 0xed, 0xaa, 0xd3, 0x3e, 0x85, 0xb9, 0xa8, 0x41, 0x89, 0x51, 0xe7, - 0x1d, 0x7f, 0x2a, 0xbb, 0xe3, 0xa2, 0x3b, 0xf3, 0x54, 0x4e, 0xe3, 0xac, 0xa0, 0xba, 0x1a, 0x68, - 0x11, 0x66, 0x24, 0x90, 0x03, 0xb0, 0xe1, 0xfa, 0x4e, 0xb8, 0x4f, 0xcb, 0x66, 0x8b, 0x8c, 0xe0, - 0x73, 0xbd, 0x09, 0x2e, 0x2a, 0x7c, 0x4e, 0x56, 0xf5, 0x35, 0x01, 0x60, 0x8d, 0xe8, 0xdc, 0xcb, - 0x50, 0x56, 0xc8, 0xc7, 0xe1, 0x71, 0xe6, 0x3e, 0x0b, 0x53, 0xa9, 0xb6, 0xfa, 0x55, 0x1f, 0xd7, - 0x59, 0xa4, 0x5f, 0x61, 0xa7, 0x80, 0xe8, 0xf5, 0xb2, 0xbf, 0x27, 0x4e, 0xd1, 0xf7, 0xe1, 0xac, - 0x97, 0x71, 0x38, 0x89, 0xa9, 0x1a, 0xfc, 0x30, 0x7b, 0x5c, 0x7c, 0xf6, 0xd9, 0x2c, 0x28, 0xce, - 0x6c, 0x83, 0x5e, 0xfb, 0x41, 0x9b, 0xae, 0x79, 0xc7, 0x63, 0xfd, 0x15, 0xd2, 0xf7, 0x6d, 0x51, - 0x86, 0x15, 0x94, 0x1e, 0x61, 0x67, 0x55, 0xe7, 0x6f, 0x92, 0xfd, 0x06, 0xf1, 0x48, 0x33, 0x0e, - 0xc2, 0x0f, 0xb5, 0xfb, 0x17, 0xf8, 0xe8, 0xf3, 0x13, 0x70, 0x4c, 0x10, 0x28, 0xde, 0x24, 0xfb, - 0x7c, 0x2a, 0xf4, 0xaf, 0x2b, 0xf6, 0xfc, 0xba, 0x9f, 0xb3, 0x60, 0x42, 0x7d, 0xdd, 0x29, 0x6c, - 0xf5, 0x45, 0x73, 0xab, 0x5f, 0xe8, 0xb9, 0xc0, 0x73, 0x36, 0xf9, 0xd7, 0x0b, 0x70, 0x5e, 0xe1, - 0x50, 0x76, 0x9f, 0xff, 0x11, 0xab, 0xea, 0x2a, 0x94, 0x7d, 0xa5, 0x3d, 0xb0, 0x4c, 0xb1, 0x3d, - 0xd1, 0x1d, 0x24, 0x38, 0x94, 0x6b, 0xf3, 0x13, 0x11, 0x7f, 0x5c, 0x57, 0xab, 0x09, 0x15, 0xda, - 0x22, 0x14, 0x3b, 0x6e, 0x4b, 0xdc, 0x19, 0x9f, 0x92, 0xa3, 0x7d, 0xa7, 0x56, 0x3d, 0x3a, 0xa8, - 0x3c, 0x91, 0xa7, 0xd2, 0xa5, 0x97, 0x55, 0x34, 0x7f, 0xa7, 0x56, 0xc5, 0xb4, 0x32, 0x5a, 0x80, - 0x29, 0xa9, 0xb5, 0xbe, 0x4b, 0x39, 0xa8, 0xc0, 0x17, 0x57, 0x8b, 0xd2, 0x8d, 0x61, 0x13, 0x8c, - 0xd3, 0xf8, 0xa8, 0x0a, 0xd3, 0x3b, 0x9d, 0x0d, 0xe2, 0x91, 0x98, 0x7f, 0xf0, 0x4d, 0xc2, 0x35, - 0x47, 0xe5, 0x44, 0xb4, 0xbc, 0x99, 0x82, 0xe3, 0xae, 0x1a, 0xf6, 0x9f, 0xb3, 0x23, 0x5e, 0x8c, - 0x5e, 0x3d, 0x0c, 0xe8, 0xc2, 0xa2, 0xd4, 0x3f, 0xcc, 0xe5, 0x3c, 0xc8, 0xaa, 0xb8, 0x49, 0xf6, - 0xd7, 0x03, 0xca, 0x6c, 0x67, 0xaf, 0x0a, 0x63, 0xcd, 0x97, 0x7a, 0xae, 0xf9, 0x5f, 0x28, 0xc0, - 0x39, 0x35, 0x02, 0x06, 0x5f, 0xf7, 0x17, 0x7d, 0x0c, 0x9e, 0x87, 0xb1, 0x16, 0xd9, 0x74, 0x3a, - 0x5e, 0xac, 0xd4, 0x98, 0x43, 0x5c, 0x95, 0x5d, 0x4d, 0x8a, 0xb1, 0x8e, 0x73, 0x8c, 0x61, 0xfb, - 0xc9, 0x31, 0x76, 0xb7, 0xc6, 0x0e, 0x5d, 0xe3, 0x6a, 0xd7, 0x58, 0xb9, 0xbb, 0xe6, 0x49, 0x18, - 0x72, 0x77, 0x29, 0xaf, 0x55, 0x30, 0x59, 0xa8, 0x1a, 0x2d, 0xc4, 0x1c, 0x86, 0x3e, 0x01, 0x23, - 0xcd, 0x60, 0x77, 0xd7, 0xf1, 0x5b, 0xec, 0xca, 0x2b, 0x2f, 0x8e, 0x51, 0x76, 0x6c, 0x89, 0x17, - 0x61, 0x09, 0x43, 0x8f, 0x43, 0xc9, 0x09, 0xb7, 0xa2, 0xd9, 0x12, 0xc3, 0x19, 0xa5, 0x2d, 0x2d, - 0x84, 0x5b, 0x11, 0x66, 0xa5, 0x54, 0xaa, 0xba, 0x17, 0x84, 0x3b, 0xae, 0xbf, 0x55, 0x75, 0x43, - 0xb1, 0x25, 0xd4, 0x5d, 0xf8, 0x96, 0x82, 0x60, 0x0d, 0x0b, 0xad, 0xc0, 0x50, 0x3b, 0x08, 0xe3, - 0x68, 0x76, 0x98, 0x0d, 0xf7, 0x13, 0x39, 0x07, 0x11, 0xff, 0xda, 0x7a, 0x10, 0xc6, 0xc9, 0x07, - 0xd0, 0x7f, 0x11, 0xe6, 0xd5, 0xd1, 0xb7, 0x41, 0x91, 0xf8, 0x7b, 0xb3, 0x23, 0x8c, 0xca, 0x5c, - 0x16, 0x95, 0x65, 0x7f, 0xef, 0xae, 0x13, 0x26, 0xa7, 0xf4, 0xb2, 0xbf, 0x87, 0x69, 0x1d, 0xf4, - 0x79, 0x28, 0xcb, 0x2d, 0x1e, 0x09, 0x35, 0x47, 0xe6, 0x12, 0x93, 0x07, 0x03, 0x26, 0xef, 0x75, - 0xdc, 0x90, 0xec, 0x12, 0x3f, 0x8e, 0x92, 0x33, 0x4d, 0x42, 0x23, 0x9c, 0x50, 0x43, 0x9f, 0x97, - 0xba, 0xb5, 0xd5, 0xa0, 0xe3, 0xc7, 0xd1, 0x6c, 0x99, 0x75, 0x2f, 0xf3, 0xd5, 0xe3, 0x6e, 0x82, - 0x97, 0x56, 0xbe, 0xf1, 0xca, 0xd8, 0x20, 0x85, 0x30, 0x4c, 0x78, 0xee, 0x1e, 0xf1, 0x49, 0x14, - 0xd5, 0xc3, 0x60, 0x83, 0xcc, 0x02, 0xeb, 0xf9, 0xf9, 0xec, 0xc7, 0x80, 0x60, 0x83, 0x2c, 0xce, - 0x1c, 0x1e, 0x54, 0x26, 0x6e, 0xe9, 0x75, 0xb0, 0x49, 0x02, 0xdd, 0x81, 0x49, 0x2a, 0xd7, 0xb8, - 0x09, 0xd1, 0xb1, 0x7e, 0x44, 0x99, 0xf4, 0x81, 0x8d, 0x4a, 0x38, 0x45, 0x04, 0xbd, 0x01, 0x65, - 0xcf, 0xdd, 0x24, 0xcd, 0xfd, 0xa6, 0x47, 0x66, 0xc7, 0x19, 0xc5, 0xcc, 0x6d, 0x75, 0x4b, 0x22, - 0x71, 0xb9, 0x48, 0xfd, 0xc5, 0x49, 0x75, 0x74, 0x17, 0x1e, 0x89, 0x49, 0xb8, 0xeb, 0xfa, 0x0e, - 0xdd, 0x0e, 0x42, 0x5e, 0x60, 0x4f, 0x2a, 0x13, 0x6c, 0xbd, 0x5d, 0x14, 0x43, 0xf7, 0xc8, 0x7a, - 0x26, 0x16, 0xce, 0xa9, 0x8d, 0x6e, 0xc3, 0x14, 0xdb, 0x09, 0xf5, 0x8e, 0xe7, 0xd5, 0x03, 0xcf, - 0x6d, 0xee, 0xcf, 0x4e, 0x32, 0x82, 0x9f, 0x90, 0xf7, 0x42, 0xcd, 0x04, 0x1f, 0x1d, 0x54, 0x20, - 0xf9, 0x87, 0xd3, 0xb5, 0xd1, 0x06, 0xd3, 0xa1, 0x77, 0x42, 0x37, 0xde, 0xa7, 0xeb, 0x97, 0xdc, - 0x8f, 0x67, 0xa7, 0x7a, 0x8a, 0xc2, 0x3a, 0xaa, 0x52, 0xb4, 0xeb, 0x85, 0x38, 0x4d, 0x90, 0x6e, - 0xed, 0x28, 0x6e, 0xb9, 0xfe, 0xec, 0x34, 0x3b, 0x31, 0xd4, 0xce, 0x68, 0xd0, 0x42, 0xcc, 0x61, - 0x4c, 0x7f, 0x4e, 0x7f, 0xdc, 0xa6, 0x27, 0xe8, 0x0c, 0x43, 0x4c, 0xf4, 0xe7, 0x12, 0x80, 0x13, - 0x1c, 0xca, 0xd4, 0xc4, 0xf1, 0xfe, 0x2c, 0x62, 0xa8, 0x6a, 0xbb, 0xac, 0xaf, 0x7f, 0x1e, 0xd3, - 0x72, 0x74, 0x0b, 0x46, 0x88, 0xbf, 0xb7, 0x12, 0x06, 0xbb, 0xb3, 0x67, 0xf2, 0xf7, 0xec, 0x32, - 0x47, 0xe1, 0x07, 0x7a, 0x22, 0xe0, 0x89, 0x62, 0x2c, 0x49, 0xa0, 0xfb, 0x30, 0x9b, 0x31, 0x23, - 0x7c, 0x02, 0xce, 0xb2, 0x09, 0x78, 0x4d, 0xd4, 0x9d, 0x5d, 0xcf, 0xc1, 0x3b, 0xea, 0x01, 0xc3, - 0xb9, 0xd4, 0xd1, 0x17, 0x60, 0x82, 0x6f, 0x28, 0xfe, 0xf8, 0x16, 0xcd, 0x9e, 0x63, 0x5f, 0x73, - 0x29, 0x7f, 0x73, 0x72, 0xc4, 0xc5, 0x73, 0xa2, 0x43, 0x13, 0x7a, 0x69, 0x84, 0x4d, 0x6a, 0xf6, - 0x06, 0x4c, 0xaa, 0x73, 0x8b, 0x2d, 0x1d, 0x54, 0x81, 0x21, 0xc6, 0xed, 0x08, 0xfd, 0x56, 0x99, - 0xce, 0x14, 0xe3, 0x84, 0x30, 0x2f, 0x67, 0x33, 0xe5, 0xbe, 0x4f, 0x16, 0xf7, 0x63, 0xc2, 0xa5, - 0xea, 0xa2, 0x36, 0x53, 0x12, 0x80, 0x13, 0x1c, 0xfb, 0xff, 0x72, 0xae, 0x31, 0x39, 0x1c, 0x07, - 0xb8, 0x0e, 0x9e, 0x85, 0xd1, 0xed, 0x20, 0x8a, 0x29, 0x36, 0x6b, 0x63, 0x28, 0xe1, 0x13, 0x6f, - 0x88, 0x72, 0xac, 0x30, 0xd0, 0xab, 0x30, 0xd1, 0xd4, 0x1b, 0x10, 0x77, 0x99, 0x1a, 0x02, 0xa3, - 0x75, 0x6c, 0xe2, 0xa2, 0x57, 0x60, 0x94, 0x3d, 0x9d, 0x37, 0x03, 0x4f, 0x30, 0x59, 0xf2, 0x42, - 0x1e, 0xad, 0x8b, 0xf2, 0x23, 0xed, 0x37, 0x56, 0xd8, 0xe8, 0x32, 0x0c, 0xd3, 0x2e, 0xd4, 0xea, - 0xe2, 0x16, 0x51, 0xaa, 0x9a, 0x1b, 0xac, 0x14, 0x0b, 0xa8, 0xfd, 0x37, 0x0b, 0xda, 0x28, 0x53, - 0x89, 0x94, 0xa0, 0x3a, 0x8c, 0xdc, 0x73, 0xdc, 0xd8, 0xf5, 0xb7, 0x04, 0xbb, 0xf0, 0x74, 0xcf, - 0x2b, 0x85, 0x55, 0x7a, 0x8b, 0x57, 0xe0, 0x97, 0x9e, 0xf8, 0x83, 0x25, 0x19, 0x4a, 0x31, 0xec, - 0xf8, 0x3e, 0xa5, 0x58, 0x18, 0x94, 0x22, 0xe6, 0x15, 0x38, 0x45, 0xf1, 0x07, 0x4b, 0x32, 0xe8, - 0x1d, 0x00, 0xb9, 0x2c, 0x49, 0x4b, 0x3c, 0x59, 0x3f, 0xdb, 0x9f, 0xe8, 0xba, 0xaa, 0xb3, 0x38, - 0x49, 0xaf, 0xd4, 0xe4, 0x3f, 0xd6, 0xe8, 0xd9, 0x31, 0x63, 0xab, 0xba, 0x3b, 0x83, 0xbe, 0x93, - 0x9e, 0x04, 0x4e, 0x18, 0x93, 0xd6, 0x42, 0x2c, 0x06, 0xe7, 0x93, 0x83, 0xc9, 0x14, 0xeb, 0xee, - 0x2e, 0xd1, 0x4f, 0x0d, 0x41, 0x04, 0x27, 0xf4, 0xec, 0x5f, 0x2a, 0xc2, 0x6c, 0x5e, 0x77, 0xe9, - 0xa2, 0x23, 0xf7, 0xdd, 0x78, 0x89, 0x72, 0x43, 0x96, 0xb9, 0xe8, 0x96, 0x45, 0x39, 0x56, 0x18, - 0x74, 0xf6, 0x23, 0x77, 0x4b, 0x8a, 0x84, 0x43, 0xc9, 0xec, 0x37, 0x58, 0x29, 0x16, 0x50, 0x8a, - 0x17, 0x12, 0x27, 0x12, 0x36, 0x11, 0xda, 0x2a, 0xc1, 0xac, 0x14, 0x0b, 0xa8, 0xae, 0x6f, 0x2a, - 0xf5, 0xd1, 0x37, 0x19, 0x43, 0x34, 0x74, 0xb2, 0x43, 0x84, 0xbe, 0x08, 0xb0, 0xe9, 0xfa, 0x6e, - 0xb4, 0xcd, 0xa8, 0x0f, 0x1f, 0x9b, 0xba, 0xe2, 0xa5, 0x56, 0x14, 0x15, 0xac, 0x51, 0x44, 0x2f, - 0xc1, 0x98, 0xda, 0x80, 0xb5, 0x2a, 0x7b, 0x20, 0xd2, 0x1e, 0xdc, 0x93, 0xd3, 0xa8, 0x8a, 0x75, - 0x3c, 0xfb, 0xdd, 0xf4, 0x7a, 0x11, 0x3b, 0x40, 0x1b, 0x5f, 0x6b, 0xd0, 0xf1, 0x2d, 0xf4, 0x1e, - 0x5f, 0xfb, 0x37, 0x8a, 0x30, 0x65, 0x34, 0xd6, 0x89, 0x06, 0x38, 0xb3, 0xae, 0xd3, 0x7b, 0xce, - 0x89, 0x89, 0xd8, 0x7f, 0x76, 0xff, 0xad, 0xa2, 0xdf, 0x85, 0x74, 0x07, 0xf0, 0xfa, 0xe8, 0x8b, - 0x50, 0xf6, 0x9c, 0x88, 0xe9, 0xae, 0x88, 0xd8, 0x77, 0x83, 0x10, 0x4b, 0xe4, 0x08, 0x27, 0x8a, - 0xb5, 0xab, 0x86, 0xd3, 0x4e, 0x48, 0xd2, 0x0b, 0x99, 0xf2, 0x3e, 0xd2, 0xe8, 0x46, 0x75, 0x82, - 0x32, 0x48, 0xfb, 0x98, 0xc3, 0xd0, 0x2b, 0x30, 0x1e, 0x12, 0xb6, 0x2a, 0x96, 0x28, 0x2b, 0xc7, - 0x96, 0xd9, 0x50, 0xc2, 0xf3, 0x61, 0x0d, 0x86, 0x0d, 0xcc, 0x84, 0x95, 0x1f, 0xee, 0xc1, 0xca, - 0x3f, 0x0d, 0x23, 0xec, 0x87, 0x5a, 0x01, 0x6a, 0x36, 0x6a, 0xbc, 0x18, 0x4b, 0x78, 0x7a, 0xc1, - 0x8c, 0x0e, 0xb8, 0x60, 0x3e, 0x09, 0x93, 0x55, 0x87, 0xec, 0x06, 0xfe, 0xb2, 0xdf, 0x6a, 0x07, - 0xae, 0x1f, 0xa3, 0x59, 0x28, 0xb1, 0xdb, 0x81, 0xef, 0xed, 0x12, 0xa5, 0x80, 0x4b, 0x94, 0x31, - 0xb7, 0xb7, 0xe0, 0x5c, 0x35, 0xb8, 0xe7, 0xdf, 0x73, 0xc2, 0xd6, 0x42, 0xbd, 0xa6, 0xc9, 0xb9, - 0x6b, 0x52, 0xce, 0xe2, 0x46, 0x2c, 0x99, 0x67, 0xaa, 0x56, 0x93, 0xdf, 0xb5, 0x2b, 0xae, 0x47, - 0x72, 0xb4, 0x11, 0x7f, 0xbb, 0x60, 0xb4, 0x94, 0xe0, 0xab, 0x07, 0x23, 0x2b, 0xf7, 0xc1, 0xe8, - 0x4d, 0x18, 0xdd, 0x74, 0x89, 0xd7, 0xc2, 0x64, 0x53, 0x2c, 0xb1, 0xa7, 0xf2, 0xdf, 0xe5, 0x57, - 0x28, 0xa6, 0xd4, 0x3e, 0x71, 0x29, 0x6d, 0x45, 0x54, 0xc6, 0x8a, 0x0c, 0xda, 0x81, 0x69, 0x29, - 0x06, 0x48, 0xa8, 0x58, 0x70, 0x4f, 0xf7, 0x92, 0x2d, 0x4c, 0xe2, 0x67, 0x0f, 0x0f, 0x2a, 0xd3, - 0x38, 0x45, 0x06, 0x77, 0x11, 0xa6, 0x62, 0xd9, 0x2e, 0x3d, 0x5a, 0x4b, 0x6c, 0xf8, 0x99, 0x58, - 0xc6, 0x24, 0x4c, 0x56, 0x6a, 0xff, 0x98, 0x05, 0x8f, 0x76, 0x8d, 0x8c, 0x90, 0xb4, 0x4f, 0x78, - 0x16, 0xd2, 0x92, 0x6f, 0xa1, 0xbf, 0xe4, 0x6b, 0xff, 0x23, 0x0b, 0xce, 0x2e, 0xef, 0xb6, 0xe3, - 0xfd, 0xaa, 0x6b, 0xbe, 0xee, 0xbc, 0x0c, 0xc3, 0xbb, 0xa4, 0xe5, 0x76, 0x76, 0xc5, 0xcc, 0x55, - 0xe4, 0xf1, 0xb3, 0xca, 0x4a, 0x8f, 0x0e, 0x2a, 0x13, 0x8d, 0x38, 0x08, 0x9d, 0x2d, 0xc2, 0x0b, - 0xb0, 0x40, 0x67, 0x87, 0xb8, 0xfb, 0x3e, 0xb9, 0xe5, 0xee, 0xba, 0xd2, 0xce, 0xa2, 0xa7, 0xee, - 0x6c, 0x5e, 0x0e, 0xe8, 0xfc, 0x9b, 0x1d, 0xc7, 0x8f, 0xdd, 0x78, 0x5f, 0x3c, 0xcc, 0x48, 0x22, - 0x38, 0xa1, 0x67, 0x7f, 0xd3, 0x82, 0x29, 0xb9, 0xee, 0x17, 0x5a, 0xad, 0x90, 0x44, 0x11, 0x9a, - 0x83, 0x82, 0xdb, 0x16, 0xbd, 0x04, 0xd1, 0xcb, 0x42, 0xad, 0x8e, 0x0b, 0x6e, 0x1b, 0xd5, 0xa1, - 0xcc, 0xcd, 0x35, 0x92, 0xc5, 0x35, 0x90, 0xd1, 0x07, 0xeb, 0xc1, 0xba, 0xac, 0x89, 0x13, 0x22, - 0x92, 0x83, 0x63, 0x67, 0x66, 0xd1, 0x7c, 0xf5, 0xba, 0x21, 0xca, 0xb1, 0xc2, 0x40, 0x57, 0x60, - 0xd4, 0x0f, 0x5a, 0xdc, 0x7a, 0x86, 0xdf, 0x7e, 0x6c, 0xc9, 0xae, 0x89, 0x32, 0xac, 0xa0, 0xf6, - 0x0f, 0x59, 0x30, 0x2e, 0xbf, 0x6c, 0x40, 0x66, 0x92, 0x6e, 0xad, 0x84, 0x91, 0x4c, 0xb6, 0x16, - 0x65, 0x06, 0x19, 0xc4, 0xe0, 0x01, 0x8b, 0xc7, 0xe1, 0x01, 0xed, 0x1f, 0x2d, 0xc0, 0xa4, 0xec, - 0x4e, 0xa3, 0xb3, 0x11, 0x91, 0x18, 0xad, 0x43, 0xd9, 0xe1, 0x43, 0x4e, 0xe4, 0x8a, 0x7d, 0x32, - 0x5b, 0xf8, 0x30, 0xe6, 0x27, 0xb9, 0x96, 0x17, 0x64, 0x6d, 0x9c, 0x10, 0x42, 0x1e, 0xcc, 0xf8, - 0x41, 0xcc, 0x8e, 0x68, 0x05, 0xef, 0xf5, 0x04, 0x92, 0xa6, 0x7e, 0x5e, 0x50, 0x9f, 0x59, 0x4b, - 0x53, 0xc1, 0xdd, 0x84, 0xd1, 0xb2, 0x54, 0x78, 0x14, 0xf3, 0xc5, 0x0d, 0x7d, 0x16, 0xb2, 0xf5, - 0x1d, 0xf6, 0xaf, 0x5a, 0x50, 0x96, 0x68, 0xa7, 0xf1, 0xda, 0xb5, 0x0a, 0x23, 0x11, 0x9b, 0x04, - 0x39, 0x34, 0x76, 0xaf, 0x8e, 0xf3, 0xf9, 0x4a, 0x6e, 0x1e, 0xfe, 0x3f, 0xc2, 0x92, 0x06, 0xd3, - 0x77, 0xab, 0xee, 0x7f, 0x44, 0xf4, 0xdd, 0xaa, 0x3f, 0x39, 0x37, 0xcc, 0x7f, 0x63, 0x7d, 0xd6, - 0xc4, 0x5a, 0xca, 0x20, 0xb5, 0x43, 0xb2, 0xe9, 0xde, 0x4f, 0x33, 0x48, 0x75, 0x56, 0x8a, 0x05, - 0x14, 0xbd, 0x03, 0xe3, 0x4d, 0xa9, 0xe8, 0x4c, 0x8e, 0x81, 0xcb, 0x3d, 0x95, 0xee, 0xea, 0x7d, - 0x86, 0x5b, 0xd6, 0x2e, 0x69, 0xf5, 0xb1, 0x41, 0xcd, 0x7c, 0x6e, 0x2f, 0xf6, 0x7b, 0x6e, 0x4f, - 0xe8, 0xe6, 0x3f, 0x3e, 0xff, 0xb8, 0x05, 0xc3, 0x5c, 0x5d, 0x36, 0x98, 0x7e, 0x51, 0x7b, 0xae, - 0x4a, 0xc6, 0xee, 0x2e, 0x2d, 0x14, 0xcf, 0x4f, 0x68, 0x15, 0xca, 0xec, 0x07, 0x53, 0x1b, 0x14, - 0xf3, 0x4d, 0x8a, 0x79, 0xab, 0x7a, 0x07, 0xef, 0xca, 0x6a, 0x38, 0xa1, 0x60, 0x7f, 0xad, 0x48, - 0x8f, 0xaa, 0x04, 0xd5, 0xb8, 0xc1, 0xad, 0x87, 0x77, 0x83, 0x17, 0x1e, 0xd6, 0x0d, 0xbe, 0x05, - 0x53, 0x4d, 0xed, 0x71, 0x2b, 0x99, 0xc9, 0x2b, 0x3d, 0x17, 0x89, 0xf6, 0x0e, 0xc6, 0x55, 0x46, - 0x4b, 0x26, 0x11, 0x9c, 0xa6, 0x8a, 0xbe, 0x13, 0xc6, 0xf9, 0x3c, 0x8b, 0x56, 0xb8, 0xc5, 0xc2, - 0x27, 0xf2, 0xd7, 0x8b, 0xde, 0x04, 0x5b, 0x89, 0x0d, 0xad, 0x3a, 0x36, 0x88, 0xd9, 0xbf, 0x34, - 0x0a, 0x43, 0xcb, 0x7b, 0xc4, 0x8f, 0x4f, 0xe1, 0x40, 0x6a, 0xc2, 0xa4, 0xeb, 0xef, 0x05, 0xde, - 0x1e, 0x69, 0x71, 0xf8, 0x71, 0x2e, 0xd7, 0x47, 0x04, 0xe9, 0xc9, 0x9a, 0x41, 0x02, 0xa7, 0x48, - 0x3e, 0x0c, 0x09, 0xf3, 0x3a, 0x0c, 0xf3, 0xb9, 0x17, 0xe2, 0x65, 0xa6, 0x32, 0x98, 0x0d, 0xa2, - 0xd8, 0x05, 0x89, 0xf4, 0xcb, 0xb5, 0xcf, 0xa2, 0x3a, 0x7a, 0x17, 0x26, 0x37, 0xdd, 0x30, 0x8a, - 0xa9, 0x68, 0x18, 0xc5, 0xce, 0x6e, 0xfb, 0x01, 0x24, 0x4a, 0x35, 0x0e, 0x2b, 0x06, 0x25, 0x9c, - 0xa2, 0x8c, 0xb6, 0x60, 0x82, 0x0a, 0x39, 0x49, 0x53, 0x23, 0xc7, 0x6e, 0x4a, 0xa9, 0x8c, 0x6e, - 0xe9, 0x84, 0xb0, 0x49, 0x97, 0x1e, 0x26, 0x4d, 0x26, 0x14, 0x8d, 0x32, 0x8e, 0x42, 0x1d, 0x26, - 0x5c, 0x1a, 0xe2, 0x30, 0x7a, 0x26, 0x31, 0xb3, 0x95, 0xb2, 0x79, 0x26, 0x69, 0xc6, 0x29, 0x5f, - 0x82, 0x32, 0xa1, 0x43, 0x48, 0x09, 0x0b, 0xc5, 0xf8, 0xd5, 0xc1, 0xfa, 0xba, 0xea, 0x36, 0xc3, - 0xc0, 0x94, 0xe5, 0x97, 0x25, 0x25, 0x9c, 0x10, 0x45, 0x4b, 0x30, 0x1c, 0x91, 0xd0, 0x25, 0x91, - 0x50, 0x91, 0xf7, 0x98, 0x46, 0x86, 0xc6, 0x6d, 0xcf, 0xf9, 0x6f, 0x2c, 0xaa, 0xd2, 0xe5, 0xe5, - 0x30, 0x69, 0x88, 0x69, 0xc5, 0xb5, 0xe5, 0xb5, 0xc0, 0x4a, 0xb1, 0x80, 0xa2, 0x37, 0x60, 0x24, - 0x24, 0x1e, 0x53, 0x16, 0x4d, 0x0c, 0xbe, 0xc8, 0xb9, 0xee, 0x89, 0xd7, 0xc3, 0x92, 0x00, 0xba, - 0x09, 0x28, 0x24, 0x94, 0x87, 0x70, 0xfd, 0x2d, 0x65, 0xcc, 0x21, 0x74, 0xdd, 0x8f, 0x89, 0xf6, - 0xcf, 0xe0, 0x04, 0x43, 0x5a, 0xa5, 0xe2, 0x8c, 0x6a, 0xe8, 0x3a, 0xcc, 0xa8, 0xd2, 0x9a, 0x1f, - 0xc5, 0x8e, 0xdf, 0x24, 0x4c, 0xcd, 0x5d, 0x4e, 0xb8, 0x22, 0x9c, 0x46, 0xc0, 0xdd, 0x75, 0xec, - 0x9f, 0xa1, 0xec, 0x0c, 0x1d, 0xad, 0x53, 0xe0, 0x05, 0x5e, 0x37, 0x79, 0x81, 0xf3, 0xb9, 0x33, - 0x97, 0xc3, 0x07, 0x1c, 0x5a, 0x30, 0xa6, 0xcd, 0x6c, 0xb2, 0x66, 0xad, 0x1e, 0x6b, 0xb6, 0x03, - 0xd3, 0x74, 0xa5, 0xdf, 0xde, 0x88, 0x48, 0xb8, 0x47, 0x5a, 0x6c, 0x61, 0x16, 0x1e, 0x6c, 0x61, - 0xaa, 0x57, 0xe6, 0x5b, 0x29, 0x82, 0xb8, 0xab, 0x09, 0xf4, 0xb2, 0xd4, 0x9c, 0x14, 0x0d, 0x23, - 0x2d, 0xae, 0x15, 0x39, 0x3a, 0xa8, 0x4c, 0x6b, 0x1f, 0xa2, 0x6b, 0x4a, 0xec, 0x2f, 0xc9, 0x6f, - 0x54, 0xaf, 0xf9, 0x4d, 0xb5, 0x58, 0x52, 0xaf, 0xf9, 0x6a, 0x39, 0xe0, 0x04, 0x87, 0xee, 0x51, - 0x2a, 0x82, 0xa4, 0x5f, 0xf3, 0xa9, 0x80, 0x82, 0x19, 0xc4, 0x7e, 0x01, 0x60, 0xf9, 0x3e, 0x69, - 0xf2, 0xa5, 0xae, 0x3f, 0x40, 0x5a, 0xf9, 0x0f, 0x90, 0xf6, 0x7f, 0xb0, 0x60, 0x72, 0x65, 0xc9, - 0x10, 0x13, 0xe7, 0x01, 0xb8, 0x6c, 0xf4, 0xd6, 0x5b, 0x6b, 0x52, 0xb7, 0xce, 0xd5, 0xa3, 0xaa, - 0x14, 0x6b, 0x18, 0xe8, 0x3c, 0x14, 0xbd, 0x8e, 0x2f, 0x44, 0x96, 0x91, 0xc3, 0x83, 0x4a, 0xf1, - 0x56, 0xc7, 0xc7, 0xb4, 0x4c, 0xb3, 0x10, 0x2c, 0x0e, 0x6c, 0x21, 0xd8, 0xd7, 0xbd, 0x0a, 0x55, - 0x60, 0xe8, 0xde, 0x3d, 0xb7, 0xc5, 0x8d, 0xd8, 0x85, 0xde, 0xff, 0xad, 0xb7, 0x6a, 0xd5, 0x08, - 0xf3, 0x72, 0xfb, 0xab, 0x45, 0x98, 0x5b, 0xf1, 0xc8, 0xfd, 0x0f, 0x68, 0xc8, 0x3f, 0xa8, 0x7d, - 0xe3, 0xf1, 0xf8, 0xc5, 0xe3, 0xda, 0xb0, 0xf6, 0x1f, 0x8f, 0x4d, 0x18, 0xe1, 0x8f, 0xd9, 0xd2, - 0xac, 0xff, 0xd5, 0xac, 0xd6, 0xf3, 0x07, 0x64, 0x9e, 0x3f, 0x8a, 0x0b, 0x73, 0x7e, 0x75, 0xd3, - 0x8a, 0x52, 0x2c, 0x89, 0xcf, 0x7d, 0x06, 0xc6, 0x75, 0xcc, 0x63, 0x59, 0x93, 0xff, 0x95, 0x22, - 0x4c, 0xd3, 0x1e, 0x3c, 0xd4, 0x89, 0xb8, 0xd3, 0x3d, 0x11, 0x27, 0x6d, 0x51, 0xdc, 0x7f, 0x36, - 0xde, 0x49, 0xcf, 0xc6, 0xf3, 0x79, 0xb3, 0x71, 0xda, 0x73, 0xf0, 0xbd, 0x16, 0x9c, 0x59, 0xf1, - 0x82, 0xe6, 0x4e, 0xca, 0xea, 0xf7, 0x25, 0x18, 0xa3, 0xe7, 0x78, 0x64, 0x78, 0x11, 0x19, 0x7e, - 0x65, 0x02, 0x84, 0x75, 0x3c, 0xad, 0xda, 0x9d, 0x3b, 0xb5, 0x6a, 0x96, 0x3b, 0x9a, 0x00, 0x61, - 0x1d, 0xcf, 0xfe, 0x86, 0x05, 0x17, 0xae, 0x2f, 0x2d, 0x27, 0x4b, 0xb1, 0xcb, 0x23, 0x8e, 0x4a, - 0x81, 0x2d, 0xad, 0x2b, 0x89, 0x14, 0x58, 0x65, 0xbd, 0x10, 0xd0, 0x8f, 0x8a, 0xb7, 0xe7, 0x4f, - 0x5b, 0x70, 0xe6, 0xba, 0x1b, 0xd3, 0x6b, 0x39, 0xed, 0x9b, 0x45, 0xef, 0xe5, 0xc8, 0x8d, 0x83, - 0x70, 0x3f, 0xed, 0x9b, 0x85, 0x15, 0x04, 0x6b, 0x58, 0xbc, 0xe5, 0x3d, 0x97, 0x99, 0x51, 0x15, - 0x4c, 0x55, 0x14, 0x16, 0xe5, 0x58, 0x61, 0xd0, 0x0f, 0x6b, 0xb9, 0x21, 0x13, 0x25, 0xf6, 0xc5, - 0x09, 0xab, 0x3e, 0xac, 0x2a, 0x01, 0x38, 0xc1, 0xb1, 0xff, 0xc8, 0x82, 0xca, 0x75, 0xaf, 0x13, - 0xc5, 0x24, 0xdc, 0x8c, 0x72, 0x4e, 0xc7, 0x17, 0xa0, 0x4c, 0xa4, 0xe0, 0x2e, 0x7a, 0xad, 0x58, - 0x4d, 0x25, 0xd1, 0x73, 0x17, 0x31, 0x85, 0x37, 0x80, 0x0f, 0xc1, 0xf1, 0x8c, 0xc0, 0x57, 0x00, - 0x11, 0xbd, 0x2d, 0xdd, 0x67, 0x8e, 0x39, 0xdf, 0x2c, 0x77, 0x41, 0x71, 0x46, 0x0d, 0xfb, 0xc7, - 0x2c, 0x38, 0xa7, 0x3e, 0xf8, 0x23, 0xf7, 0x99, 0xf6, 0xcf, 0x17, 0x60, 0xe2, 0xc6, 0xfa, 0x7a, - 0xfd, 0x3a, 0x89, 0xc5, 0xb5, 0xdd, 0x5f, 0xb7, 0x8e, 0x35, 0x15, 0x61, 0x2f, 0x29, 0xb0, 0x13, - 0xbb, 0xde, 0x3c, 0x77, 0xbd, 0x9e, 0xaf, 0xf9, 0xf1, 0xed, 0xb0, 0x11, 0x87, 0xae, 0xbf, 0x95, - 0xa9, 0x54, 0x94, 0xcc, 0x45, 0x31, 0x8f, 0xb9, 0x40, 0x2f, 0xc0, 0x30, 0xf3, 0xfd, 0x96, 0x93, - 0xf0, 0x98, 0x12, 0xa2, 0x58, 0xe9, 0xd1, 0x41, 0xa5, 0x7c, 0x07, 0xd7, 0xf8, 0x1f, 0x2c, 0x50, - 0xd1, 0x1d, 0x18, 0xdb, 0x8e, 0xe3, 0xf6, 0x0d, 0xe2, 0xb4, 0x48, 0x28, 0x8f, 0xc3, 0x8b, 0x59, - 0xc7, 0x21, 0x1d, 0x04, 0x8e, 0x96, 0x9c, 0x20, 0x49, 0x59, 0x84, 0x75, 0x3a, 0x76, 0x03, 0x20, - 0x81, 0x9d, 0x90, 0x42, 0xc5, 0xfe, 0x03, 0x0b, 0x46, 0xb8, 0x1b, 0x5e, 0x88, 0x5e, 0x83, 0x12, - 0xb9, 0x4f, 0x9a, 0x82, 0x55, 0xce, 0xec, 0x70, 0xc2, 0x69, 0xf1, 0xe7, 0x01, 0xfa, 0x1f, 0xb3, - 0x5a, 0xe8, 0x06, 0x8c, 0xd0, 0xde, 0x5e, 0x57, 0x3e, 0x89, 0x4f, 0xe4, 0x7d, 0xb1, 0x9a, 0x76, - 0xce, 0x9c, 0x89, 0x22, 0x2c, 0xab, 0x33, 0x55, 0x77, 0xb3, 0xdd, 0xa0, 0x27, 0x76, 0xdc, 0x8b, - 0xb1, 0x58, 0x5f, 0xaa, 0x73, 0x24, 0x41, 0x8d, 0xab, 0xba, 0x65, 0x21, 0x4e, 0x88, 0xd8, 0xeb, - 0x50, 0xa6, 0x93, 0xba, 0xe0, 0xb9, 0x4e, 0x6f, 0x2d, 0xfb, 0x33, 0x50, 0x96, 0x1a, 0xef, 0x48, - 0x78, 0x72, 0x31, 0xaa, 0x52, 0x21, 0x1e, 0xe1, 0x04, 0x6e, 0x6f, 0xc2, 0x59, 0x66, 0xea, 0xe0, - 0xc4, 0xdb, 0xc6, 0x1e, 0xeb, 0xbf, 0x98, 0x9f, 0x15, 0x92, 0x27, 0x9f, 0x99, 0x59, 0xcd, 0x59, - 0x62, 0x5c, 0x52, 0x4c, 0xa4, 0x50, 0xfb, 0x0f, 0x4b, 0xf0, 0x58, 0xad, 0x91, 0xef, 0xa1, 0xf9, - 0x0a, 0x8c, 0x73, 0xbe, 0x94, 0x2e, 0x6d, 0xc7, 0x13, 0xed, 0xaa, 0x87, 0xc0, 0x75, 0x0d, 0x86, - 0x0d, 0x4c, 0x74, 0x01, 0x8a, 0xee, 0x7b, 0x7e, 0xda, 0xee, 0xb8, 0xf6, 0xe6, 0x1a, 0xa6, 0xe5, - 0x14, 0x4c, 0x59, 0x5c, 0x7e, 0x77, 0x28, 0xb0, 0x62, 0x73, 0x5f, 0x87, 0x49, 0x37, 0x6a, 0x46, - 0x6e, 0xcd, 0xa7, 0xe7, 0x8c, 0x76, 0x52, 0x29, 0xad, 0x08, 0xed, 0xb4, 0x82, 0xe2, 0x14, 0xb6, - 0x76, 0x91, 0x0d, 0x0d, 0xcc, 0x26, 0xf7, 0x75, 0x6d, 0xa2, 0x12, 0x40, 0x9b, 0x7d, 0x5d, 0xc4, - 0xac, 0xf8, 0x84, 0x04, 0xc0, 0x3f, 0x38, 0xc2, 0x12, 0x46, 0x45, 0xce, 0xe6, 0xb6, 0xd3, 0x5e, - 0xe8, 0xc4, 0xdb, 0x55, 0x37, 0x6a, 0x06, 0x7b, 0x24, 0xdc, 0x67, 0xda, 0x82, 0xd1, 0x44, 0xe4, - 0x54, 0x80, 0xa5, 0x1b, 0x0b, 0x75, 0x8a, 0x89, 0xbb, 0xeb, 0x98, 0x6c, 0x30, 0x9c, 0x04, 0x1b, - 0xbc, 0x00, 0x53, 0xb2, 0x99, 0x06, 0x89, 0xd8, 0xa5, 0x38, 0xc6, 0x3a, 0xa6, 0x6c, 0x8b, 0x45, - 0xb1, 0xea, 0x56, 0x1a, 0x1f, 0xbd, 0x0c, 0x13, 0xae, 0xef, 0xc6, 0xae, 0x13, 0x07, 0x21, 0x63, - 0x29, 0xb8, 0x62, 0x80, 0x99, 0xee, 0xd5, 0x74, 0x00, 0x36, 0xf1, 0xec, 0xff, 0x52, 0x82, 0x19, - 0x36, 0x6d, 0xdf, 0x5a, 0x61, 0x1f, 0x99, 0x15, 0x76, 0xa7, 0x7b, 0x85, 0x9d, 0x04, 0x7f, 0xff, - 0x61, 0x2e, 0xb3, 0x77, 0xa1, 0xac, 0x8c, 0x9f, 0xa5, 0xf7, 0x83, 0x95, 0xe3, 0xfd, 0xd0, 0x9f, - 0xfb, 0x90, 0xef, 0xd6, 0xc5, 0xcc, 0x77, 0xeb, 0xbf, 0x6b, 0x41, 0x62, 0x03, 0x8a, 0x6e, 0x40, - 0xb9, 0x1d, 0x30, 0x3b, 0x8b, 0x50, 0x1a, 0x2f, 0x3d, 0x96, 0x79, 0x51, 0xf1, 0x4b, 0x91, 0x8f, - 0x5f, 0x5d, 0xd6, 0xc0, 0x49, 0x65, 0xb4, 0x08, 0x23, 0xed, 0x90, 0x34, 0x62, 0xe6, 0xf3, 0xdb, - 0x97, 0x0e, 0x5f, 0x23, 0x1c, 0x1f, 0xcb, 0x8a, 0xf6, 0x2f, 0x58, 0x00, 0xfc, 0x69, 0xd8, 0xf1, - 0xb7, 0xc8, 0x29, 0xa8, 0xbb, 0xab, 0x50, 0x8a, 0xda, 0xa4, 0xd9, 0xcb, 0x02, 0x26, 0xe9, 0x4f, - 0xa3, 0x4d, 0x9a, 0xc9, 0x80, 0xd3, 0x7f, 0x98, 0xd5, 0xb6, 0xbf, 0x0f, 0x60, 0x32, 0x41, 0xab, - 0xc5, 0x64, 0x17, 0x3d, 0x67, 0xf8, 0x00, 0x9e, 0x4f, 0xf9, 0x00, 0x96, 0x19, 0xb6, 0xa6, 0x59, - 0x7d, 0x17, 0x8a, 0xbb, 0xce, 0x7d, 0xa1, 0x3a, 0x7b, 0xa6, 0x77, 0x37, 0x28, 0xfd, 0xf9, 0x55, - 0xe7, 0x3e, 0x17, 0x12, 0x9f, 0x91, 0x0b, 0x64, 0xd5, 0xb9, 0x7f, 0xc4, 0xed, 0x5c, 0xd8, 0x21, - 0x75, 0xcb, 0x8d, 0xe2, 0x2f, 0xff, 0xe7, 0xe4, 0x3f, 0x5b, 0x76, 0xb4, 0x11, 0xd6, 0x96, 0xeb, - 0x8b, 0x87, 0xd2, 0x81, 0xda, 0x72, 0xfd, 0x74, 0x5b, 0xae, 0x3f, 0x40, 0x5b, 0xae, 0x8f, 0xde, - 0x87, 0x11, 0x61, 0x94, 0xc0, 0x8c, 0xdb, 0x4d, 0xb5, 0x5c, 0x5e, 0x7b, 0xc2, 0xa6, 0x81, 0xb7, - 0x79, 0x55, 0x0a, 0xc1, 0xa2, 0xb4, 0x6f, 0xbb, 0xb2, 0x41, 0xf4, 0xb7, 0x2c, 0x98, 0x14, 0xbf, - 0x31, 0x79, 0xaf, 0x43, 0xa2, 0x58, 0xf0, 0x9e, 0x9f, 0x1e, 0xbc, 0x0f, 0xa2, 0x22, 0xef, 0xca, - 0xa7, 0xe5, 0x31, 0x6b, 0x02, 0xfb, 0xf6, 0x28, 0xd5, 0x0b, 0xf4, 0x4f, 0x2c, 0x38, 0xbb, 0xeb, - 0xdc, 0xe7, 0x2d, 0xf2, 0x32, 0xec, 0xc4, 0x6e, 0x20, 0x8c, 0xf5, 0x5f, 0x1b, 0x6c, 0xfa, 0xbb, - 0xaa, 0xf3, 0x4e, 0x4a, 0xbb, 0xde, 0xb3, 0x59, 0x28, 0x7d, 0xbb, 0x9a, 0xd9, 0xaf, 0xb9, 0x4d, - 0x18, 0x95, 0xeb, 0x2d, 0x43, 0xd5, 0x50, 0xd5, 0x19, 0xeb, 0x63, 0xdb, 0x84, 0xe8, 0x8e, 0x78, - 0xb4, 0x1d, 0xb1, 0xd6, 0x1e, 0x6a, 0x3b, 0xef, 0xc2, 0xb8, 0xbe, 0xc6, 0x1e, 0x6a, 0x5b, 0xef, - 0xc1, 0x99, 0x8c, 0xb5, 0xf4, 0x50, 0x9b, 0xbc, 0x07, 0xe7, 0x73, 0xd7, 0xc7, 0xc3, 0x6c, 0xd8, - 0xfe, 0x79, 0x4b, 0x3f, 0x07, 0x4f, 0xe1, 0xcd, 0x61, 0xc9, 0x7c, 0x73, 0xb8, 0xd8, 0x7b, 0xe7, - 0xe4, 0x3c, 0x3c, 0xbc, 0xa3, 0x77, 0x9a, 0x9e, 0xea, 0xe8, 0x0d, 0x18, 0xf6, 0x68, 0x89, 0xb4, - 0x86, 0xb1, 0xfb, 0xef, 0xc8, 0x84, 0x97, 0x62, 0xe5, 0x11, 0x16, 0x14, 0xec, 0x5f, 0xb6, 0xa0, - 0x74, 0x0a, 0x23, 0x81, 0xcd, 0x91, 0x78, 0x2e, 0x97, 0xb4, 0x88, 0xe1, 0x36, 0x8f, 0x9d, 0x7b, - 0xcb, 0xf7, 0x63, 0xe2, 0x47, 0x4c, 0x54, 0xcc, 0x1c, 0x98, 0xef, 0x82, 0x33, 0xb7, 0x02, 0xa7, - 0xb5, 0xe8, 0x78, 0x8e, 0xdf, 0x24, 0x61, 0xcd, 0xdf, 0xea, 0x6b, 0x96, 0xa5, 0x1b, 0x51, 0x15, - 0xfa, 0x19, 0x51, 0xd9, 0xdb, 0x80, 0xf4, 0x06, 0x84, 0xe1, 0x2a, 0x86, 0x11, 0x97, 0x37, 0x25, - 0x86, 0xff, 0xa9, 0x6c, 0xee, 0xae, 0xab, 0x67, 0x9a, 0x49, 0x26, 0x2f, 0xc0, 0x92, 0x90, 0xfd, - 0x0a, 0x64, 0x3a, 0xab, 0xf5, 0x57, 0x1b, 0xd8, 0x9f, 0x87, 0x19, 0x56, 0xf3, 0x98, 0x22, 0xad, - 0x9d, 0xd2, 0x4a, 0x66, 0xc4, 0xc8, 0xb2, 0xbf, 0x62, 0xc1, 0xd4, 0x5a, 0x2a, 0x60, 0xc7, 0x65, - 0xf6, 0x00, 0x9a, 0xa1, 0x0c, 0x6f, 0xb0, 0x52, 0x2c, 0xa0, 0x27, 0xae, 0x83, 0xfa, 0x73, 0x0b, - 0x12, 0xff, 0xd1, 0x53, 0x60, 0xbc, 0x96, 0x0c, 0xc6, 0x2b, 0x53, 0x37, 0xa2, 0xba, 0x93, 0xc7, - 0x77, 0xa1, 0x9b, 0x2a, 0x58, 0x42, 0x0f, 0xb5, 0x48, 0x42, 0x86, 0xbb, 0xd6, 0x4f, 0x9a, 0x11, - 0x15, 0x64, 0xf8, 0x04, 0x66, 0x3b, 0xa5, 0x70, 0x3f, 0x22, 0xb6, 0x53, 0xaa, 0x3f, 0x39, 0x3b, - 0xb4, 0xae, 0x75, 0x99, 0x9d, 0x5c, 0xdf, 0xce, 0x6c, 0xe1, 0x1d, 0xcf, 0x7d, 0x9f, 0xa8, 0x88, - 0x2f, 0x15, 0x61, 0xdb, 0x2e, 0x4a, 0x8f, 0x0e, 0x2a, 0x13, 0xea, 0x1f, 0x0f, 0x0b, 0x96, 0x54, - 0xb1, 0x6f, 0xc0, 0x54, 0x6a, 0xc0, 0xd0, 0x4b, 0x30, 0xd4, 0xde, 0x76, 0x22, 0x92, 0xb2, 0x17, - 0x1d, 0xaa, 0xd3, 0xc2, 0xa3, 0x83, 0xca, 0xa4, 0xaa, 0xc0, 0x4a, 0x30, 0xc7, 0xb6, 0xff, 0x87, - 0x05, 0xa5, 0xb5, 0xa0, 0x75, 0x1a, 0x8b, 0xe9, 0x75, 0x63, 0x31, 0x3d, 0x9e, 0x17, 0x54, 0x31, - 0x77, 0x1d, 0xad, 0xa4, 0xd6, 0xd1, 0xc5, 0x5c, 0x0a, 0xbd, 0x97, 0xd0, 0x2e, 0x8c, 0xb1, 0x50, - 0x8d, 0xc2, 0x7e, 0xf5, 0x05, 0x43, 0x06, 0xa8, 0xa4, 0x64, 0x80, 0x29, 0x0d, 0x55, 0x93, 0x04, - 0x9e, 0x86, 0x11, 0x61, 0x43, 0x99, 0xb6, 0xfa, 0x17, 0xb8, 0x58, 0xc2, 0xed, 0x1f, 0x2f, 0x82, - 0x11, 0x1a, 0x12, 0xfd, 0xaa, 0x05, 0xf3, 0x21, 0x77, 0xa3, 0x6c, 0x55, 0x3b, 0xa1, 0xeb, 0x6f, - 0x35, 0x9a, 0xdb, 0xa4, 0xd5, 0xf1, 0x5c, 0x7f, 0xab, 0xb6, 0xe5, 0x07, 0xaa, 0x78, 0xf9, 0x3e, - 0x69, 0x76, 0xd8, 0x43, 0x48, 0x9f, 0x38, 0x94, 0xca, 0x46, 0xe9, 0xda, 0xe1, 0x41, 0x65, 0x1e, - 0x1f, 0x8b, 0x36, 0x3e, 0x66, 0x5f, 0xd0, 0x37, 0x2c, 0xb8, 0xca, 0x23, 0x26, 0x0e, 0xde, 0xff, - 0x1e, 0x12, 0x53, 0x5d, 0x92, 0x4a, 0x88, 0xac, 0x93, 0x70, 0x77, 0xf1, 0x65, 0x31, 0xa0, 0x57, - 0xeb, 0xc7, 0x6b, 0x0b, 0x1f, 0xb7, 0x73, 0xf6, 0xbf, 0x2e, 0xc2, 0x84, 0xf0, 0xe0, 0x17, 0xa1, - 0x61, 0x5e, 0x32, 0x96, 0xc4, 0x13, 0xa9, 0x25, 0x31, 0x63, 0x20, 0x9f, 0x4c, 0x54, 0x98, 0x08, - 0x66, 0x3c, 0x27, 0x8a, 0x6f, 0x10, 0x27, 0x8c, 0x37, 0x88, 0xc3, 0x6d, 0x77, 0x8a, 0xc7, 0xb6, - 0x33, 0x52, 0x2a, 0x9a, 0x5b, 0x69, 0x62, 0xb8, 0x9b, 0x3e, 0xda, 0x03, 0xc4, 0x0c, 0x90, 0x42, - 0xc7, 0x8f, 0xf8, 0xb7, 0xb8, 0xe2, 0xcd, 0xe0, 0x78, 0xad, 0xce, 0x89, 0x56, 0xd1, 0xad, 0x2e, - 0x6a, 0x38, 0xa3, 0x05, 0xcd, 0xb0, 0x6c, 0x68, 0x50, 0xc3, 0xb2, 0xe1, 0x3e, 0xae, 0x35, 0x3e, - 0x4c, 0x77, 0x05, 0x61, 0x78, 0x1b, 0xca, 0xca, 0x00, 0x50, 0x1c, 0x3a, 0xbd, 0x63, 0x99, 0xa4, - 0x29, 0x70, 0x35, 0x4a, 0x62, 0x7c, 0x9a, 0x90, 0xb3, 0xff, 0x69, 0xc1, 0x68, 0x90, 0x4f, 0xe2, - 0x1a, 0x8c, 0x3a, 0x51, 0xe4, 0x6e, 0xf9, 0xa4, 0x25, 0x76, 0xec, 0xc7, 0xf3, 0x76, 0xac, 0xd1, - 0x0c, 0x33, 0xc2, 0x5c, 0x10, 0x35, 0xb1, 0xa2, 0x81, 0x6e, 0x70, 0x0b, 0xa9, 0x3d, 0xc9, 0xf3, - 0x0f, 0x46, 0x0d, 0xa4, 0x0d, 0xd5, 0x1e, 0xc1, 0xa2, 0x3e, 0xfa, 0x02, 0x37, 0x61, 0xbb, 0xe9, - 0x07, 0xf7, 0xfc, 0xeb, 0x41, 0x20, 0xdd, 0xee, 0x06, 0x23, 0x38, 0x23, 0x0d, 0xd7, 0x54, 0x75, - 0x6c, 0x52, 0x1b, 0x2c, 0x50, 0xd1, 0x77, 0xc3, 0x19, 0x4a, 0xda, 0x74, 0x9e, 0x89, 0x10, 0x81, - 0x29, 0x11, 0x1e, 0x42, 0x96, 0x89, 0xb1, 0xcb, 0x64, 0xe7, 0xcd, 0xda, 0x89, 0xd2, 0xef, 0xa6, - 0x49, 0x02, 0xa7, 0x69, 0xda, 0x3f, 0x65, 0x01, 0x33, 0xfb, 0x3f, 0x05, 0x96, 0xe1, 0xb3, 0x26, - 0xcb, 0x30, 0x9b, 0x37, 0xc8, 0x39, 0xdc, 0xc2, 0x8b, 0x7c, 0x65, 0xd5, 0xc3, 0xe0, 0xfe, 0xbe, - 0x30, 0x1f, 0xe8, 0xcf, 0xc9, 0xda, 0xff, 0xc7, 0xe2, 0x87, 0x98, 0xf2, 0xc4, 0x47, 0xdf, 0x03, - 0xa3, 0x4d, 0xa7, 0xed, 0x34, 0x79, 0x1c, 0xe3, 0x5c, 0xad, 0x8e, 0x51, 0x69, 0x7e, 0x49, 0xd4, - 0xe0, 0x5a, 0x0a, 0x19, 0x66, 0x64, 0x54, 0x16, 0xf7, 0xd5, 0x4c, 0xa8, 0x26, 0xe7, 0x76, 0x60, - 0xc2, 0x20, 0xf6, 0x50, 0x45, 0xda, 0xef, 0xe1, 0x57, 0xac, 0x0a, 0x8b, 0xb3, 0x0b, 0x33, 0xbe, - 0xf6, 0x9f, 0x5e, 0x28, 0x52, 0x4c, 0xf9, 0x78, 0xbf, 0x4b, 0x94, 0xdd, 0x3e, 0x9a, 0x5b, 0x43, - 0x8a, 0x0c, 0xee, 0xa6, 0x6c, 0xff, 0x84, 0x05, 0x8f, 0xea, 0x88, 0x5a, 0x90, 0x84, 0x7e, 0x7a, - 0xe2, 0x2a, 0x8c, 0x06, 0x6d, 0x12, 0x3a, 0x71, 0x10, 0x8a, 0x5b, 0xe3, 0x8a, 0x1c, 0xf4, 0xdb, - 0xa2, 0xfc, 0x48, 0x04, 0x94, 0x94, 0xd4, 0x65, 0x39, 0x56, 0x35, 0xa9, 0x1c, 0xc3, 0x06, 0x23, - 0x12, 0x01, 0x2c, 0xd8, 0x19, 0xc0, 0x9e, 0x4c, 0x23, 0x2c, 0x20, 0xf6, 0x1f, 0x5a, 0x7c, 0x61, - 0xe9, 0x5d, 0x47, 0xef, 0xc1, 0xf4, 0xae, 0x13, 0x37, 0xb7, 0x97, 0xef, 0xb7, 0x43, 0xae, 0x1e, - 0x97, 0xe3, 0xf4, 0x4c, 0xbf, 0x71, 0xd2, 0x3e, 0x32, 0xb1, 0xca, 0x5b, 0x4d, 0x11, 0xc3, 0x5d, - 0xe4, 0xd1, 0x06, 0x8c, 0xb1, 0x32, 0x66, 0xfe, 0x1d, 0xf5, 0x62, 0x0d, 0xf2, 0x5a, 0x53, 0xaf, - 0xce, 0xab, 0x09, 0x1d, 0xac, 0x13, 0xb5, 0xbf, 0x5c, 0xe4, 0xbb, 0x9d, 0x71, 0xdb, 0x4f, 0xc3, - 0x48, 0x3b, 0x68, 0x2d, 0xd5, 0xaa, 0x58, 0xcc, 0x82, 0xba, 0x46, 0xea, 0xbc, 0x18, 0x4b, 0x38, - 0x7a, 0x15, 0x80, 0xdc, 0x8f, 0x49, 0xe8, 0x3b, 0x9e, 0xb2, 0x92, 0x51, 0x76, 0xa1, 0xd5, 0x60, - 0x2d, 0x88, 0xef, 0x44, 0xe4, 0xbb, 0x96, 0x15, 0x0a, 0xd6, 0xd0, 0xd1, 0x35, 0x80, 0x76, 0x18, - 0xec, 0xb9, 0x2d, 0xe6, 0x4f, 0x58, 0x34, 0x6d, 0x48, 0xea, 0x0a, 0x82, 0x35, 0x2c, 0xf4, 0x2a, - 0x4c, 0x74, 0xfc, 0x88, 0x73, 0x28, 0xce, 0x86, 0x08, 0xc7, 0x38, 0x9a, 0x58, 0x37, 0xdc, 0xd1, - 0x81, 0xd8, 0xc4, 0x45, 0x0b, 0x30, 0x1c, 0x3b, 0xcc, 0x26, 0x62, 0x28, 0xdf, 0x98, 0x73, 0x9d, - 0x62, 0xe8, 0x51, 0x74, 0x69, 0x05, 0x2c, 0x2a, 0xa2, 0xb7, 0xa5, 0x73, 0x06, 0x3f, 0xeb, 0x85, - 0x15, 0xf5, 0x60, 0xf7, 0x82, 0xe6, 0x9a, 0x21, 0xac, 0xb3, 0x0d, 0x5a, 0xf6, 0x37, 0xca, 0x00, - 0x09, 0x3b, 0x8e, 0xde, 0xef, 0x3a, 0x8f, 0x9e, 0xed, 0xcd, 0xc0, 0x9f, 0xdc, 0x61, 0x84, 0xbe, - 0xdf, 0x82, 0x31, 0xc7, 0xf3, 0x82, 0xa6, 0x13, 0xb3, 0x51, 0x2e, 0xf4, 0x3e, 0x0f, 0x45, 0xfb, - 0x0b, 0x49, 0x0d, 0xde, 0x85, 0x17, 0xe4, 0xc2, 0xd3, 0x20, 0x7d, 0x7b, 0xa1, 0x37, 0x8c, 0x3e, - 0x25, 0xa5, 0x34, 0xbe, 0x3c, 0xe6, 0xd2, 0x52, 0x5a, 0x99, 0x1d, 0xfd, 0x9a, 0x80, 0x86, 0xee, - 0x18, 0x91, 0xf6, 0x4a, 0xf9, 0x41, 0x27, 0x0c, 0xae, 0xb4, 0x5f, 0x90, 0x3d, 0x54, 0xd7, 0xbd, - 0xc9, 0x86, 0xf2, 0x23, 0xb3, 0x68, 0xe2, 0x4f, 0x1f, 0x4f, 0xb2, 0x77, 0x61, 0xaa, 0x65, 0xde, - 0xed, 0x62, 0x35, 0x3d, 0x95, 0x47, 0x37, 0xc5, 0x0a, 0x24, 0xb7, 0x79, 0x0a, 0x80, 0xd3, 0x84, - 0x51, 0x9d, 0xfb, 0xf5, 0xd5, 0xfc, 0xcd, 0x40, 0x58, 0xe3, 0xdb, 0xb9, 0x73, 0xb9, 0x1f, 0xc5, - 0x64, 0x97, 0x62, 0x26, 0x97, 0xf6, 0x9a, 0xa8, 0x8b, 0x15, 0x15, 0xf4, 0x06, 0x0c, 0x33, 0xc7, - 0xe0, 0x68, 0x76, 0x34, 0x5f, 0x99, 0x68, 0xc6, 0xb4, 0x48, 0x36, 0x15, 0xfb, 0x1b, 0x61, 0x41, - 0x01, 0xdd, 0x90, 0x81, 0x6f, 0xa2, 0x9a, 0x7f, 0x27, 0x22, 0x2c, 0xf0, 0x4d, 0x79, 0xf1, 0xe3, - 0x49, 0x4c, 0x1b, 0x5e, 0x9e, 0x19, 0x2f, 0xdf, 0xa8, 0x49, 0x99, 0x23, 0xf1, 0x5f, 0x86, 0xe1, - 0x9f, 0x85, 0xfc, 0xee, 0x99, 0xa1, 0xfa, 0x93, 0xe1, 0xbc, 0x6b, 0x92, 0xc0, 0x69, 0x9a, 0x94, - 0xd1, 0xe4, 0x3b, 0x57, 0xd8, 0xf3, 0xf7, 0xdb, 0xff, 0x5c, 0xbe, 0x66, 0x97, 0x0c, 0x2f, 0xc1, - 0xa2, 0xfe, 0xa9, 0xde, 0xfa, 0x73, 0x3e, 0x4c, 0xa7, 0xb7, 0xe8, 0x43, 0xe5, 0x32, 0xfe, 0xa0, - 0x04, 0x93, 0xe6, 0x92, 0x42, 0x57, 0xa1, 0x2c, 0x88, 0xa8, 0x28, 0xac, 0x6a, 0x97, 0xac, 0x4a, - 0x00, 0x4e, 0x70, 0x58, 0xf0, 0x5d, 0x56, 0x5d, 0xb3, 0xc3, 0x4c, 0x82, 0xef, 0x2a, 0x08, 0xd6, - 0xb0, 0xa8, 0xbc, 0xb4, 0x11, 0x04, 0xb1, 0xba, 0x54, 0xd4, 0xba, 0x5b, 0x64, 0xa5, 0x58, 0x40, - 0xe9, 0x65, 0xb2, 0x43, 0x42, 0x9f, 0x78, 0x66, 0x70, 0x37, 0x75, 0x99, 0xdc, 0xd4, 0x81, 0xd8, - 0xc4, 0xa5, 0xb7, 0x64, 0x10, 0xb1, 0x85, 0x2c, 0xa4, 0xb2, 0xc4, 0xae, 0xb5, 0xc1, 0x5d, 0xec, - 0x25, 0x1c, 0x7d, 0x1e, 0x1e, 0x55, 0x1e, 0xf1, 0x98, 0x2b, 0xaa, 0x65, 0x8b, 0xc3, 0x86, 0x12, - 0xe5, 0xd1, 0xa5, 0x6c, 0x34, 0x9c, 0x57, 0x1f, 0xbd, 0x0e, 0x93, 0x82, 0x73, 0x97, 0x14, 0x47, - 0x4c, 0xdb, 0x89, 0x9b, 0x06, 0x14, 0xa7, 0xb0, 0x65, 0x78, 0x3a, 0xc6, 0x3c, 0x4b, 0x0a, 0xa3, - 0xdd, 0xe1, 0xe9, 0x74, 0x38, 0xee, 0xaa, 0x81, 0x16, 0x60, 0x8a, 0xb3, 0x56, 0xae, 0xbf, 0xc5, - 0xe7, 0x44, 0xb8, 0xdb, 0xa8, 0x2d, 0x75, 0xdb, 0x04, 0xe3, 0x34, 0x3e, 0x7a, 0x05, 0xc6, 0x9d, - 0xb0, 0xb9, 0xed, 0xc6, 0xa4, 0x19, 0x77, 0x42, 0xee, 0x87, 0xa3, 0x19, 0x9f, 0x2c, 0x68, 0x30, - 0x6c, 0x60, 0xda, 0xef, 0xc3, 0x99, 0x0c, 0x4f, 0x3d, 0xba, 0x70, 0x9c, 0xb6, 0x2b, 0xbf, 0x29, - 0x65, 0xa1, 0xba, 0x50, 0xaf, 0xc9, 0xaf, 0xd1, 0xb0, 0xe8, 0xea, 0x64, 0x1e, 0x7d, 0x5a, 0xd6, - 0x0d, 0xb5, 0x3a, 0x57, 0x24, 0x00, 0x27, 0x38, 0xf6, 0xff, 0x2c, 0xc0, 0x54, 0x86, 0xf2, 0x9d, - 0x65, 0x7e, 0x48, 0xc9, 0x1e, 0x49, 0xa2, 0x07, 0x33, 0xda, 0x61, 0xe1, 0x18, 0xd1, 0x0e, 0x8b, - 0xfd, 0xa2, 0x1d, 0x96, 0x3e, 0x48, 0xb4, 0x43, 0x73, 0xc4, 0x86, 0x06, 0x1a, 0xb1, 0x8c, 0x08, - 0x89, 0xc3, 0xc7, 0x8c, 0x90, 0x68, 0x0c, 0xfa, 0xc8, 0x00, 0x83, 0xfe, 0xb5, 0x02, 0x4c, 0xa7, - 0x8d, 0xe4, 0x4e, 0x41, 0x1d, 0xfb, 0x86, 0xa1, 0x8e, 0xcd, 0xce, 0xa3, 0x92, 0x36, 0xdd, 0xcb, - 0x53, 0xcd, 0xe2, 0x94, 0x6a, 0xf6, 0x93, 0x03, 0x51, 0xeb, 0xad, 0xa6, 0xfd, 0xfb, 0x05, 0x38, - 0x97, 0xae, 0xb2, 0xe4, 0x39, 0xee, 0xee, 0x29, 0x8c, 0xcd, 0x6d, 0x63, 0x6c, 0x9e, 0x1b, 0xe4, - 0x6b, 0x58, 0xd7, 0x72, 0x07, 0xe8, 0xad, 0xd4, 0x00, 0x5d, 0x1d, 0x9c, 0x64, 0xef, 0x51, 0xfa, - 0x66, 0x11, 0x2e, 0x66, 0xd6, 0x4b, 0xb4, 0x99, 0x2b, 0x86, 0x36, 0xf3, 0x5a, 0x4a, 0x9b, 0x69, - 0xf7, 0xae, 0x7d, 0x32, 0xea, 0x4d, 0xe1, 0x42, 0xc9, 0x22, 0xe2, 0x3d, 0xa0, 0x6a, 0xd3, 0x70, - 0xa1, 0x54, 0x84, 0xb0, 0x49, 0xf7, 0x2f, 0x93, 0x4a, 0xf3, 0xdf, 0x5a, 0x70, 0x3e, 0x73, 0x6e, - 0x4e, 0x41, 0x85, 0xb5, 0x66, 0xaa, 0xb0, 0x9e, 0x1e, 0x78, 0xb5, 0xe6, 0xe8, 0xb4, 0x7e, 0xb3, - 0x94, 0xf3, 0x2d, 0x4c, 0x40, 0xbf, 0x0d, 0x63, 0x4e, 0xb3, 0x49, 0xa2, 0x68, 0x35, 0x68, 0xa9, - 0x08, 0x71, 0xcf, 0x31, 0x39, 0x2b, 0x29, 0x3e, 0x3a, 0xa8, 0xcc, 0xa5, 0x49, 0x24, 0x60, 0xac, - 0x53, 0x30, 0x83, 0x5a, 0x16, 0x4e, 0x34, 0xa8, 0xe5, 0x35, 0x80, 0x3d, 0xc5, 0xad, 0xa7, 0x85, - 0x7c, 0x8d, 0x8f, 0xd7, 0xb0, 0xd0, 0x17, 0x60, 0x34, 0x12, 0xd7, 0xb8, 0x58, 0x8a, 0x2f, 0x0c, - 0x38, 0x57, 0xce, 0x06, 0xf1, 0x4c, 0x5f, 0x7d, 0xa5, 0x0f, 0x51, 0x24, 0xd1, 0x77, 0xc0, 0x74, - 0xc4, 0x43, 0xc1, 0x2c, 0x79, 0x4e, 0xc4, 0xfc, 0x20, 0xc4, 0x2a, 0x64, 0x0e, 0xf8, 0x8d, 0x14, - 0x0c, 0x77, 0x61, 0xa3, 0x15, 0xf9, 0x51, 0x2c, 0x6e, 0x0d, 0x5f, 0x98, 0x97, 0x93, 0x0f, 0x12, - 0x79, 0xa7, 0xce, 0xa6, 0x87, 0x9f, 0x0d, 0xbc, 0x56, 0x13, 0x7d, 0x01, 0x80, 0x2e, 0x1f, 0xa1, - 0x4b, 0x18, 0xc9, 0x3f, 0x3c, 0xe9, 0xa9, 0xd2, 0xca, 0xb4, 0xfc, 0x64, 0xce, 0x8b, 0x55, 0x45, - 0x04, 0x6b, 0x04, 0xed, 0xaf, 0x95, 0xe0, 0xb1, 0x1e, 0x67, 0x24, 0x5a, 0x30, 0x9f, 0x40, 0x9f, - 0x49, 0x0b, 0xd7, 0x73, 0x99, 0x95, 0x0d, 0x69, 0x3b, 0xb5, 0x14, 0x0b, 0x1f, 0x78, 0x29, 0xfe, - 0xa0, 0xa5, 0xa9, 0x3d, 0xb8, 0x31, 0xdf, 0x67, 0x8f, 0x79, 0xf6, 0x9f, 0xa0, 0x1e, 0x64, 0x33, - 0x43, 0x99, 0x70, 0x6d, 0xe0, 0xee, 0x0c, 0xac, 0x5d, 0x38, 0x5d, 0xe5, 0xef, 0x97, 0x2d, 0x78, - 0x22, 0xb3, 0xbf, 0x86, 0xc9, 0xc6, 0x55, 0x28, 0x37, 0x69, 0xa1, 0xe6, 0xab, 0x96, 0x38, 0xf1, - 0x4a, 0x00, 0x4e, 0x70, 0x0c, 0xcb, 0x8c, 0x42, 0x5f, 0xcb, 0x8c, 0x7f, 0x65, 0x41, 0xd7, 0xfe, - 0x38, 0x85, 0x83, 0xba, 0x66, 0x1e, 0xd4, 0x1f, 0x1f, 0x64, 0x2e, 0x73, 0xce, 0xe8, 0x3f, 0x9e, - 0x82, 0x47, 0x72, 0x7c, 0x35, 0xf6, 0x60, 0x66, 0xab, 0x49, 0x4c, 0x2f, 0x40, 0xf1, 0x31, 0x99, - 0x0e, 0x93, 0x3d, 0x5d, 0x06, 0x59, 0x3e, 0xa2, 0x99, 0x2e, 0x14, 0xdc, 0xdd, 0x04, 0xfa, 0xb2, - 0x05, 0x67, 0x9d, 0x7b, 0x51, 0x57, 0xd6, 0x49, 0xb1, 0x66, 0x5e, 0xcc, 0x54, 0x82, 0xf4, 0xc9, - 0x52, 0xc9, 0x13, 0x34, 0x65, 0x61, 0xe1, 0xcc, 0xb6, 0x10, 0x16, 0x31, 0x43, 0x29, 0x3b, 0xdf, - 0xc3, 0x4f, 0x35, 0xcb, 0xa9, 0x86, 0x1f, 0xd9, 0x12, 0x82, 0x15, 0x1d, 0xf4, 0x25, 0x28, 0x6f, - 0x49, 0x4f, 0xb7, 0x8c, 0x2b, 0x21, 0x19, 0xc8, 0xde, 0xfe, 0x7f, 0xfc, 0x81, 0x52, 0x21, 0xe1, - 0x84, 0x28, 0x7a, 0x1d, 0x8a, 0xfe, 0x66, 0xd4, 0x2b, 0xc7, 0x51, 0xca, 0xa6, 0x89, 0x7b, 0x83, - 0xaf, 0xad, 0x34, 0x30, 0xad, 0x88, 0x6e, 0x40, 0x31, 0xdc, 0x68, 0x09, 0x0d, 0x5e, 0xe6, 0x19, - 0x8e, 0x17, 0xab, 0x39, 0xbd, 0x62, 0x94, 0xf0, 0x62, 0x15, 0x53, 0x12, 0xa8, 0x0e, 0x43, 0xcc, - 0xc1, 0x41, 0xdc, 0x07, 0x99, 0x9c, 0x6f, 0x0f, 0x47, 0x21, 0xee, 0x32, 0xce, 0x10, 0x30, 0x27, - 0x84, 0xd6, 0x61, 0xb8, 0xc9, 0xf2, 0xe1, 0x88, 0x80, 0xd5, 0x9f, 0xca, 0xd4, 0xd5, 0xf5, 0x48, - 0x14, 0x24, 0x54, 0x57, 0x0c, 0x03, 0x0b, 0x5a, 0x8c, 0x2a, 0x69, 0x6f, 0x6f, 0x46, 0x4c, 0xd6, - 0xcf, 0xa3, 0xda, 0x23, 0xff, 0x95, 0xa0, 0xca, 0x30, 0xb0, 0xa0, 0x85, 0x3e, 0x03, 0x85, 0xcd, - 0xa6, 0xf0, 0x7f, 0xc8, 0x54, 0xda, 0x99, 0x0e, 0xfd, 0x8b, 0xc3, 0x87, 0x07, 0x95, 0xc2, 0xca, - 0x12, 0x2e, 0x6c, 0x36, 0xd1, 0x1a, 0x8c, 0x6c, 0x72, 0x17, 0x60, 0xa1, 0x97, 0x7b, 0x2a, 0xdb, - 0x3b, 0xb9, 0xcb, 0x4b, 0x98, 0xdb, 0xed, 0x0b, 0x00, 0x96, 0x44, 0x58, 0x08, 0x4e, 0xe5, 0xca, - 0x2c, 0x62, 0x51, 0xcf, 0x1f, 0xcf, 0xfd, 0x9c, 0xdf, 0xcf, 0x89, 0x43, 0x34, 0xd6, 0x28, 0xd2, - 0x55, 0xed, 0xc8, 0xcc, 0x87, 0x22, 0x56, 0x47, 0xe6, 0xaa, 0xee, 0x93, 0x14, 0x92, 0xaf, 0x6a, - 0x85, 0x84, 0x13, 0xa2, 0x68, 0x07, 0x26, 0xf6, 0xa2, 0xf6, 0x36, 0x91, 0x5b, 0x9a, 0x85, 0xee, - 0xc8, 0xb9, 0xc2, 0xee, 0x0a, 0x44, 0x37, 0x8c, 0x3b, 0x8e, 0xd7, 0x75, 0x0a, 0xb1, 0x57, 0xed, - 0xbb, 0x3a, 0x31, 0x6c, 0xd2, 0xa6, 0xc3, 0xff, 0x5e, 0x27, 0xd8, 0xd8, 0x8f, 0x89, 0x08, 0x5e, - 0x9d, 0x39, 0xfc, 0x6f, 0x72, 0x94, 0xee, 0xe1, 0x17, 0x00, 0x2c, 0x89, 0xa0, 0xbb, 0x62, 0x78, - 0xd8, 0xe9, 0x39, 0x9d, 0x1f, 0x4c, 0x29, 0x33, 0xf5, 0xa8, 0x36, 0x28, 0xec, 0xb4, 0x4c, 0x48, - 0xb1, 0x53, 0xb2, 0xbd, 0x1d, 0xc4, 0x81, 0x9f, 0x3a, 0xa1, 0x67, 0xf2, 0x4f, 0xc9, 0x7a, 0x06, - 0x7e, 0xf7, 0x29, 0x99, 0x85, 0x85, 0x33, 0xdb, 0x42, 0x2d, 0x98, 0x6c, 0x07, 0x61, 0x7c, 0x2f, - 0x08, 0xe5, 0xfa, 0x42, 0x3d, 0xf4, 0x0a, 0x06, 0xa6, 0x68, 0x91, 0x05, 0x53, 0x37, 0x21, 0x38, - 0x45, 0x13, 0x7d, 0x0e, 0x46, 0xa2, 0xa6, 0xe3, 0x91, 0xda, 0xed, 0xd9, 0x33, 0xf9, 0xd7, 0x4f, - 0x83, 0xa3, 0xe4, 0xac, 0x2e, 0x36, 0x39, 0x02, 0x05, 0x4b, 0x72, 0x68, 0x05, 0x86, 0x58, 0x46, - 0x04, 0x16, 0x77, 0x3b, 0x27, 0x26, 0x54, 0x97, 0x85, 0x29, 0x3f, 0x9b, 0x58, 0x31, 0xe6, 0xd5, - 0xe9, 0x1e, 0x10, 0xec, 0x75, 0x10, 0xcd, 0x9e, 0xcb, 0xdf, 0x03, 0x82, 0x2b, 0xbf, 0xdd, 0xe8, - 0xb5, 0x07, 0x14, 0x12, 0x4e, 0x88, 0xd2, 0x93, 0x99, 0x9e, 0xa6, 0x8f, 0xf4, 0x30, 0x68, 0xc9, - 0x3d, 0x4b, 0xd9, 0xc9, 0x4c, 0x4f, 0x52, 0x4a, 0xc2, 0xfe, 0xbd, 0x91, 0x6e, 0x9e, 0x85, 0x09, - 0x64, 0x7f, 0xd5, 0xea, 0x7a, 0xab, 0xfb, 0xf4, 0xa0, 0xfa, 0xa1, 0x13, 0xe4, 0x56, 0xbf, 0x6c, - 0xc1, 0x23, 0xed, 0xcc, 0x0f, 0x11, 0x0c, 0xc0, 0x60, 0x6a, 0x26, 0xfe, 0xe9, 0x2a, 0x36, 0x7e, - 0x36, 0x1c, 0xe7, 0xb4, 0x94, 0x96, 0x08, 0x8a, 0x1f, 0x58, 0x22, 0x58, 0x85, 0x51, 0xc6, 0x64, - 0xf6, 0xc9, 0x0f, 0x97, 0x16, 0x8c, 0x18, 0x2b, 0xb1, 0x24, 0x2a, 0x62, 0x45, 0x02, 0xfd, 0x90, - 0x05, 0x17, 0xd2, 0x5d, 0xc7, 0x84, 0x81, 0x45, 0x24, 0x79, 0x2e, 0x0b, 0xae, 0x88, 0xef, 0xbf, - 0x50, 0xef, 0x85, 0x7c, 0xd4, 0x0f, 0x01, 0xf7, 0x6e, 0x0c, 0x55, 0x33, 0x84, 0xd1, 0x61, 0x53, - 0x01, 0x3f, 0x80, 0x40, 0xfa, 0x22, 0x8c, 0xef, 0x06, 0x1d, 0x3f, 0x16, 0xf6, 0x2f, 0xc2, 0x63, - 0x91, 0x3d, 0x38, 0xaf, 0x6a, 0xe5, 0xd8, 0xc0, 0x4a, 0x89, 0xb1, 0xa3, 0x0f, 0x2c, 0xc6, 0xbe, - 0x93, 0xca, 0x02, 0x5e, 0xce, 0x8f, 0x58, 0x28, 0x24, 0xfe, 0x63, 0xe4, 0x02, 0x3f, 0x5d, 0xd9, - 0xe8, 0x67, 0xac, 0x0c, 0xa6, 0x9e, 0x4b, 0xcb, 0xaf, 0x99, 0xd2, 0xf2, 0xe5, 0xb4, 0xb4, 0xdc, - 0xa5, 0x7c, 0x35, 0x04, 0xe5, 0xc1, 0xc3, 0x5e, 0x0f, 0x1a, 0x47, 0xce, 0xf6, 0xe0, 0x52, 0xbf, - 0x6b, 0x89, 0x19, 0x42, 0xb5, 0xd4, 0x53, 0x5b, 0x62, 0x08, 0xd5, 0xaa, 0x55, 0x31, 0x83, 0x0c, - 0x1a, 0x68, 0xc4, 0xfe, 0xef, 0x16, 0x14, 0xeb, 0x41, 0xeb, 0x14, 0x94, 0xc9, 0x9f, 0x35, 0x94, - 0xc9, 0x8f, 0xe5, 0x64, 0x67, 0xcf, 0x55, 0x1d, 0x2f, 0xa7, 0x54, 0xc7, 0x17, 0xf2, 0x08, 0xf4, - 0x56, 0x14, 0xff, 0x64, 0x11, 0xf4, 0x5c, 0xf2, 0xe8, 0x37, 0x1f, 0xc4, 0x0a, 0xb9, 0xd8, 0x2b, - 0xbd, 0xbc, 0xa0, 0xcc, 0xec, 0xa7, 0xa4, 0x13, 0xde, 0x5f, 0x30, 0x63, 0xe4, 0xb7, 0x88, 0xbb, - 0xb5, 0x1d, 0x93, 0x56, 0xfa, 0x73, 0x4e, 0xcf, 0x18, 0xf9, 0xbf, 0x5a, 0x30, 0x95, 0x6a, 0x1d, - 0x79, 0x30, 0xe1, 0xe9, 0x9a, 0x40, 0xb1, 0x4e, 0x1f, 0x48, 0x89, 0x28, 0x8c, 0x39, 0xb5, 0x22, - 0x6c, 0x12, 0x47, 0xf3, 0x00, 0xea, 0xa5, 0x4e, 0x6a, 0xc0, 0x18, 0xd7, 0xaf, 0x9e, 0xf2, 0x22, - 0xac, 0x61, 0xa0, 0x97, 0x60, 0x2c, 0x0e, 0xda, 0x81, 0x17, 0x6c, 0xed, 0xdf, 0x24, 0x32, 0xb4, - 0x8d, 0x32, 0xd1, 0x5a, 0x4f, 0x40, 0x58, 0xc7, 0xb3, 0x7f, 0xba, 0xc8, 0x3f, 0xd4, 0x8f, 0xdd, - 0x6f, 0xad, 0xc9, 0x8f, 0xf6, 0x9a, 0xfc, 0xa6, 0x05, 0xd3, 0xb4, 0x75, 0x66, 0x2e, 0x22, 0x2f, - 0x5b, 0x95, 0x7e, 0xc7, 0xea, 0x91, 0x7e, 0xe7, 0x32, 0x3d, 0xbb, 0x5a, 0x41, 0x27, 0x16, 0x1a, - 0x34, 0xed, 0x70, 0xa2, 0xa5, 0x58, 0x40, 0x05, 0x1e, 0x09, 0x43, 0xe1, 0x03, 0xa5, 0xe3, 0x91, - 0x30, 0xc4, 0x02, 0x2a, 0xb3, 0xf3, 0x94, 0x72, 0xb2, 0xf3, 0xb0, 0x40, 0x7d, 0xc2, 0xb0, 0x40, - 0xb0, 0x3d, 0x5a, 0xa0, 0x3e, 0x69, 0x71, 0x90, 0xe0, 0xd8, 0x3f, 0x5f, 0x84, 0xf1, 0x7a, 0xd0, - 0x4a, 0xde, 0xca, 0x5e, 0x34, 0xde, 0xca, 0x2e, 0xa5, 0xde, 0xca, 0xa6, 0x75, 0xdc, 0x6f, 0xbd, - 0x8c, 0x7d, 0x58, 0x2f, 0x63, 0xff, 0xd2, 0x62, 0xb3, 0x56, 0x5d, 0x6b, 0x88, 0xec, 0xc0, 0xcf, - 0xc3, 0x18, 0x3b, 0x90, 0x98, 0xd3, 0x9d, 0x7c, 0x40, 0x62, 0x81, 0xf7, 0xd7, 0x92, 0x62, 0xac, - 0xe3, 0xa0, 0x2b, 0x30, 0x1a, 0x11, 0x27, 0x6c, 0x6e, 0xab, 0x33, 0x4e, 0x3c, 0xaf, 0xf0, 0x32, - 0xac, 0xa0, 0xe8, 0xcd, 0x24, 0x46, 0x5c, 0x31, 0x3f, 0xcf, 0xad, 0xde, 0x1f, 0xbe, 0x45, 0xf2, - 0x03, 0xc3, 0xd9, 0x6f, 0x01, 0xea, 0xc6, 0x1f, 0x20, 0x38, 0x52, 0xc5, 0x0c, 0x8e, 0x54, 0xee, - 0x0a, 0x8c, 0xf4, 0x67, 0x16, 0x4c, 0xd6, 0x83, 0x16, 0xdd, 0xba, 0x7f, 0x99, 0xf6, 0xa9, 0x1e, - 0x20, 0x73, 0xb8, 0x47, 0x80, 0xcc, 0x7f, 0x60, 0xc1, 0x48, 0x3d, 0x68, 0x9d, 0x82, 0xde, 0xfd, - 0x35, 0x53, 0xef, 0xfe, 0x68, 0xce, 0x92, 0xc8, 0x51, 0xb5, 0xff, 0x62, 0x11, 0x26, 0x68, 0x3f, - 0x83, 0x2d, 0x39, 0x4b, 0xc6, 0x88, 0x58, 0x03, 0x8c, 0x08, 0x65, 0x73, 0x03, 0xcf, 0x0b, 0xee, - 0xa5, 0x67, 0x6c, 0x85, 0x95, 0x62, 0x01, 0x45, 0xcf, 0xc2, 0x68, 0x3b, 0x24, 0x7b, 0x6e, 0x20, - 0xf8, 0x47, 0xed, 0x15, 0xa3, 0x2e, 0xca, 0xb1, 0xc2, 0xa0, 0x72, 0x57, 0xe4, 0xfa, 0x4d, 0x22, - 0x93, 0x6c, 0x97, 0x58, 0x1e, 0x2e, 0x1e, 0xf9, 0x5a, 0x2b, 0xc7, 0x06, 0x16, 0x7a, 0x0b, 0xca, - 0xec, 0x3f, 0x3b, 0x51, 0x8e, 0x9f, 0x37, 0x48, 0xa4, 0x9b, 0x10, 0x04, 0x70, 0x42, 0x0b, 0x5d, - 0x03, 0x88, 0x65, 0x74, 0xe4, 0x48, 0xc4, 0xb8, 0x51, 0xbc, 0xb6, 0x8a, 0x9b, 0x1c, 0x61, 0x0d, - 0x0b, 0x3d, 0x03, 0xe5, 0xd8, 0x71, 0xbd, 0x5b, 0xae, 0x4f, 0x22, 0xa6, 0x72, 0x2e, 0xca, 0x6c, - 0x12, 0xa2, 0x10, 0x27, 0x70, 0xca, 0xeb, 0x30, 0x07, 0x70, 0x9e, 0x75, 0x6c, 0x94, 0x61, 0x33, - 0x5e, 0xe7, 0x96, 0x2a, 0xc5, 0x1a, 0x86, 0xfd, 0x0a, 0x9c, 0xab, 0x07, 0xad, 0x7a, 0x10, 0xc6, - 0x2b, 0x41, 0x78, 0xcf, 0x09, 0x5b, 0x72, 0xfe, 0x2a, 0x32, 0xb1, 0x01, 0x3d, 0x7b, 0x86, 0xf8, - 0xce, 0x34, 0x52, 0x16, 0xbc, 0xc0, 0xb8, 0x9d, 0x63, 0x3a, 0x75, 0x34, 0xd9, 0xbd, 0xab, 0x12, - 0x0c, 0x5e, 0x77, 0x62, 0x82, 0x6e, 0xb3, 0xa4, 0x64, 0xc9, 0x15, 0x24, 0xaa, 0x3f, 0xad, 0x25, - 0x25, 0x4b, 0x80, 0x99, 0x77, 0x96, 0x59, 0xdf, 0xfe, 0xb5, 0x22, 0x3b, 0x8d, 0x52, 0xf9, 0xf6, - 0xd0, 0x17, 0x61, 0x32, 0x22, 0xb7, 0x5c, 0xbf, 0x73, 0x5f, 0x0a, 0xe1, 0x3d, 0xdc, 0x72, 0x1a, - 0xcb, 0x3a, 0x26, 0x57, 0xe5, 0x99, 0x65, 0x38, 0x45, 0x8d, 0xce, 0x53, 0xd8, 0xf1, 0x17, 0xa2, - 0x3b, 0x11, 0x09, 0x45, 0xbe, 0x37, 0x36, 0x4f, 0x58, 0x16, 0xe2, 0x04, 0x4e, 0xd7, 0x25, 0xfb, - 0xb3, 0x16, 0xf8, 0x38, 0x08, 0x62, 0xb9, 0x92, 0x59, 0xc6, 0x20, 0xad, 0x1c, 0x1b, 0x58, 0x68, - 0x05, 0x50, 0xd4, 0x69, 0xb7, 0x3d, 0xf6, 0xb0, 0xef, 0x78, 0xd7, 0xc3, 0xa0, 0xd3, 0xe6, 0xaf, - 0x9e, 0x45, 0x1e, 0x98, 0xb0, 0xd1, 0x05, 0xc5, 0x19, 0x35, 0xe8, 0xe9, 0xb3, 0x19, 0xb1, 0xdf, - 0x6c, 0x75, 0x17, 0x85, 0x7a, 0xbd, 0xc1, 0x8a, 0xb0, 0x84, 0xd1, 0xc5, 0xc4, 0x9a, 0xe7, 0x98, - 0xc3, 0xc9, 0x62, 0xc2, 0xaa, 0x14, 0x6b, 0x18, 0x68, 0x19, 0x46, 0xa2, 0xfd, 0xa8, 0x19, 0x8b, - 0x88, 0x4c, 0x39, 0x99, 0x3b, 0x1b, 0x0c, 0x45, 0xcb, 0x26, 0xc1, 0xab, 0x60, 0x59, 0xd7, 0xfe, - 0x1e, 0x76, 0x19, 0xb2, 0xec, 0x60, 0x71, 0x27, 0x24, 0x68, 0x17, 0x26, 0xda, 0x6c, 0xca, 0x45, - 0xec, 0x6a, 0x31, 0x6f, 0x2f, 0x0e, 0x28, 0xd5, 0xde, 0xa3, 0x07, 0x8d, 0xd2, 0x3a, 0x31, 0x71, - 0xa1, 0xae, 0x93, 0xc3, 0x26, 0x75, 0xfb, 0x6b, 0x88, 0x9d, 0xb9, 0x0d, 0x2e, 0xaa, 0x8e, 0x08, - 0xd3, 0x62, 0xc1, 0x97, 0xcf, 0xe5, 0xeb, 0x4c, 0x92, 0x2f, 0x12, 0xe6, 0xc9, 0x58, 0xd6, 0x45, - 0x6f, 0xb2, 0x57, 0x6a, 0x7e, 0xd0, 0xf5, 0x4b, 0xd2, 0xcc, 0xb1, 0x8c, 0x07, 0x69, 0x51, 0x11, - 0x6b, 0x44, 0xd0, 0x2d, 0x98, 0x10, 0xc9, 0xa4, 0x84, 0x52, 0xac, 0x68, 0x28, 0x3d, 0x26, 0xb0, - 0x0e, 0x3c, 0x4a, 0x17, 0x60, 0xb3, 0x32, 0xda, 0x82, 0x0b, 0x5a, 0x66, 0xc5, 0xeb, 0xa1, 0xc3, - 0x5e, 0x2e, 0x5d, 0xb6, 0x89, 0xb4, 0x73, 0xf3, 0x89, 0xc3, 0x83, 0xca, 0x85, 0xf5, 0x5e, 0x88, - 0xb8, 0x37, 0x1d, 0x74, 0x1b, 0xce, 0x71, 0x0f, 0xbe, 0x2a, 0x71, 0x5a, 0x9e, 0xeb, 0xab, 0x83, - 0x99, 0xaf, 0xc3, 0xf3, 0x87, 0x07, 0x95, 0x73, 0x0b, 0x59, 0x08, 0x38, 0xbb, 0x1e, 0x7a, 0x0d, - 0xca, 0x2d, 0x3f, 0x12, 0x63, 0x30, 0x6c, 0x24, 0x0d, 0x2d, 0x57, 0xd7, 0x1a, 0xea, 0xfb, 0x93, - 0x3f, 0x38, 0xa9, 0x80, 0xb6, 0xb8, 0x62, 0x4c, 0xc9, 0xa1, 0x23, 0xf9, 0x09, 0xe2, 0xc5, 0x92, - 0x30, 0x7c, 0x78, 0xb8, 0x46, 0x58, 0xd9, 0xc0, 0x1a, 0xee, 0x3d, 0x06, 0x61, 0xf4, 0x06, 0x20, - 0xca, 0xa8, 0xb9, 0x4d, 0xb2, 0xd0, 0x64, 0x21, 0xc4, 0x99, 0x1e, 0x71, 0xd4, 0xf0, 0x99, 0x40, - 0x8d, 0x2e, 0x0c, 0x9c, 0x51, 0x0b, 0xdd, 0xa0, 0x07, 0x99, 0x5e, 0x2a, 0x6c, 0x79, 0x25, 0x73, - 0x3f, 0x5b, 0x25, 0xed, 0x90, 0x34, 0x9d, 0x98, 0xb4, 0x4c, 0x8a, 0x38, 0x55, 0x8f, 0xde, 0xa5, - 0x2a, 0x9b, 0x10, 0x98, 0x61, 0x33, 0xba, 0x33, 0x0a, 0x51, 0xb9, 0x78, 0x3b, 0x88, 0xe2, 0x35, - 0x12, 0xdf, 0x0b, 0xc2, 0x1d, 0x11, 0xa5, 0x2c, 0x09, 0x98, 0x99, 0x80, 0xb0, 0x8e, 0x47, 0xf9, - 0x60, 0xf6, 0x4c, 0x5c, 0xab, 0xb2, 0x17, 0xba, 0xd1, 0x64, 0x9f, 0xdc, 0xe0, 0xc5, 0x58, 0xc2, - 0x25, 0x6a, 0xad, 0xbe, 0xc4, 0x5e, 0xdb, 0x52, 0xa8, 0xb5, 0xfa, 0x12, 0x96, 0x70, 0x44, 0xba, - 0x13, 0xb2, 0x4e, 0xe6, 0x6b, 0x35, 0xbb, 0xaf, 0x83, 0x01, 0x73, 0xb2, 0xfa, 0x30, 0xad, 0x52, - 0xc1, 0xf2, 0xf0, 0x6d, 0xd1, 0xec, 0x14, 0x5b, 0x24, 0x83, 0xc7, 0x7e, 0x53, 0x7a, 0xe2, 0x5a, - 0x8a, 0x12, 0xee, 0xa2, 0x6d, 0x04, 0x32, 0x99, 0xee, 0x9b, 0x0d, 0xea, 0x2a, 0x94, 0xa3, 0xce, - 0x46, 0x2b, 0xd8, 0x75, 0x5c, 0x9f, 0x3d, 0x8e, 0x69, 0x4c, 0x56, 0x43, 0x02, 0x70, 0x82, 0x83, - 0x56, 0x60, 0xd4, 0x91, 0x4a, 0x60, 0x94, 0x1f, 0xb5, 0x40, 0xa9, 0x7e, 0xb9, 0x23, 0xaf, 0x54, - 0xfb, 0xaa, 0xba, 0xe8, 0x55, 0x98, 0x10, 0x7e, 0x5b, 0x3c, 0x96, 0x03, 0x7b, 0xbc, 0xd2, 0x0c, - 0xf3, 0x1b, 0x3a, 0x10, 0x9b, 0xb8, 0xe8, 0x0b, 0x30, 0x49, 0xa9, 0x24, 0x07, 0xdb, 0xec, 0xd9, - 0x41, 0x4e, 0x44, 0x2d, 0xcb, 0x87, 0x5e, 0x19, 0xa7, 0x88, 0xa1, 0x16, 0x3c, 0xee, 0x74, 0xe2, - 0x80, 0x29, 0xd2, 0xcd, 0xf5, 0xbf, 0x1e, 0xec, 0x10, 0x9f, 0xbd, 0x61, 0x8d, 0x2e, 0x5e, 0x3a, - 0x3c, 0xa8, 0x3c, 0xbe, 0xd0, 0x03, 0x0f, 0xf7, 0xa4, 0x82, 0xee, 0xc0, 0x58, 0x1c, 0x78, 0xcc, - 0x44, 0x9e, 0xb2, 0x12, 0x8f, 0xe4, 0x07, 0x02, 0x5a, 0x57, 0x68, 0xba, 0x12, 0x49, 0x55, 0xc5, - 0x3a, 0x1d, 0xb4, 0xce, 0xf7, 0x18, 0x0b, 0x91, 0x4a, 0xa2, 0xd9, 0x47, 0xf3, 0x07, 0x46, 0x45, - 0x52, 0x35, 0xb7, 0xa0, 0xa8, 0x89, 0x75, 0x32, 0xe8, 0x3a, 0xcc, 0xb4, 0x43, 0x37, 0x60, 0x0b, - 0x5b, 0x3d, 0x62, 0xcc, 0x9a, 0x89, 0x1d, 0xea, 0x69, 0x04, 0xdc, 0x5d, 0x87, 0x0a, 0x99, 0xb2, - 0x70, 0xf6, 0x3c, 0xcf, 0x12, 0xc6, 0x19, 0x6f, 0x5e, 0x86, 0x15, 0x14, 0xad, 0xb2, 0x73, 0x99, - 0x8b, 0x83, 0xb3, 0x73, 0xf9, 0xd1, 0x1e, 0x74, 0xb1, 0x91, 0xf3, 0x4b, 0xea, 0x2f, 0x4e, 0x28, - 0xd0, 0x7b, 0x23, 0xda, 0x76, 0x42, 0x52, 0x0f, 0x83, 0x26, 0x89, 0xb4, 0xa8, 0xcc, 0x8f, 0xf1, - 0x48, 0x8e, 0xf4, 0xde, 0x68, 0x64, 0x21, 0xe0, 0xec, 0x7a, 0xa8, 0xa5, 0x25, 0xc7, 0xa6, 0x6c, - 0x68, 0x34, 0xfb, 0x78, 0x0f, 0x83, 0xa3, 0x14, 0xcf, 0x9a, 0xac, 0x45, 0xa3, 0x38, 0xc2, 0x29, - 0x9a, 0xe8, 0x3b, 0x60, 0x5a, 0x04, 0x3e, 0x4a, 0xc6, 0xfd, 0x42, 0x62, 0xc9, 0x88, 0x53, 0x30, - 0xdc, 0x85, 0xcd, 0x63, 0x51, 0x3b, 0x1b, 0x1e, 0x11, 0x8b, 0xf0, 0x96, 0xeb, 0xef, 0x44, 0xb3, - 0x17, 0xd9, 0x57, 0x8b, 0x58, 0xd4, 0x69, 0x28, 0xce, 0xa8, 0x31, 0xf7, 0xed, 0x30, 0xd3, 0x75, - 0x73, 0x1d, 0x2b, 0x7e, 0xfb, 0x9f, 0x0e, 0x41, 0x59, 0x29, 0xe5, 0xd1, 0x55, 0xf3, 0xad, 0xe5, - 0x7c, 0xfa, 0xad, 0x65, 0x94, 0xca, 0x06, 0xfa, 0xf3, 0xca, 0xba, 0x61, 0xa8, 0x57, 0xc8, 0xcf, - 0x96, 0xa6, 0x73, 0xf7, 0x7d, 0x9d, 0xfe, 0x34, 0x1d, 0x4b, 0x71, 0xe0, 0x47, 0x9b, 0x52, 0x4f, - 0xb5, 0xcd, 0x80, 0xc9, 0x8a, 0xd1, 0x93, 0x54, 0x40, 0x6a, 0xd5, 0xea, 0xe9, 0xec, 0x9d, 0x75, - 0x5a, 0x88, 0x39, 0x8c, 0x09, 0x92, 0x94, 0xcd, 0x62, 0x82, 0xe4, 0xc8, 0x03, 0x0a, 0x92, 0x92, - 0x00, 0x4e, 0x68, 0x21, 0x0f, 0x66, 0x9a, 0x66, 0xe2, 0x55, 0xe5, 0xe8, 0xf7, 0x64, 0xdf, 0x14, - 0xa8, 0x1d, 0x2d, 0xcb, 0xdd, 0x52, 0x9a, 0x0a, 0xee, 0x26, 0x8c, 0x5e, 0x85, 0xd1, 0xf7, 0x82, - 0x88, 0x2d, 0x4a, 0xc1, 0x6b, 0x48, 0x87, 0xa8, 0xd1, 0x37, 0x6f, 0x37, 0x58, 0xf9, 0xd1, 0x41, - 0x65, 0xac, 0x1e, 0xb4, 0xe4, 0x5f, 0xac, 0x2a, 0xa0, 0xfb, 0x70, 0xce, 0x38, 0xa1, 0x55, 0x77, - 0x61, 0xf0, 0xee, 0x5e, 0x10, 0xcd, 0x9d, 0xab, 0x65, 0x51, 0xc2, 0xd9, 0x0d, 0xd0, 0x63, 0xcf, - 0x0f, 0x44, 0xd2, 0x62, 0xc9, 0xcf, 0x30, 0xb6, 0xa5, 0xac, 0xbb, 0xc3, 0xa7, 0x10, 0x70, 0x77, - 0x1d, 0xfb, 0x57, 0xf8, 0x1b, 0x86, 0xd0, 0x74, 0x92, 0xa8, 0xe3, 0x9d, 0x46, 0x4e, 0xac, 0x65, - 0x43, 0x09, 0xfb, 0xc0, 0xef, 0x64, 0xbf, 0x61, 0xb1, 0x77, 0xb2, 0x75, 0xb2, 0xdb, 0xf6, 0xa8, - 0xbc, 0xfd, 0xf0, 0x3b, 0xfe, 0x26, 0x8c, 0xc6, 0xa2, 0xb5, 0x5e, 0x69, 0xbc, 0xb4, 0x4e, 0xb1, - 0xb7, 0x42, 0xc5, 0xe9, 0xc8, 0x52, 0xac, 0xc8, 0xd8, 0xff, 0x9c, 0xcf, 0x80, 0x84, 0x9c, 0x82, - 0x42, 0xac, 0x6a, 0x2a, 0xc4, 0x2a, 0x7d, 0xbe, 0x20, 0x47, 0x31, 0xf6, 0xcf, 0xcc, 0x7e, 0x33, - 0xa1, 0xf2, 0xa3, 0xfe, 0x40, 0x6b, 0xff, 0x88, 0x05, 0x67, 0xb3, 0x2c, 0x9a, 0x28, 0x77, 0xca, - 0x45, 0x5a, 0xf5, 0x60, 0xad, 0x46, 0xf0, 0xae, 0x28, 0xc7, 0x0a, 0x63, 0xe0, 0x0c, 0x19, 0xc7, - 0x8b, 0x18, 0x77, 0x1b, 0x26, 0xea, 0x21, 0xd1, 0xee, 0x80, 0xd7, 0xb9, 0x67, 0x1d, 0xef, 0xcf, - 0xb3, 0xc7, 0xf6, 0xaa, 0xb3, 0x7f, 0xb6, 0x00, 0x67, 0xf9, 0x8b, 0xd3, 0xc2, 0x5e, 0xe0, 0xb6, - 0xea, 0x41, 0x4b, 0x64, 0x37, 0x79, 0x1b, 0xc6, 0xdb, 0x9a, 0x1e, 0xa2, 0x57, 0xcc, 0x2a, 0x5d, - 0x5f, 0x91, 0xc8, 0x83, 0x7a, 0x29, 0x36, 0x68, 0xa1, 0x16, 0x8c, 0x93, 0x3d, 0xb7, 0xa9, 0x9e, - 0x2d, 0x0a, 0xc7, 0xbe, 0x1b, 0x54, 0x2b, 0xcb, 0x1a, 0x1d, 0x6c, 0x50, 0x7d, 0x08, 0x09, 0xef, - 0xec, 0x1f, 0xb5, 0xe0, 0xd1, 0x9c, 0x08, 0x57, 0xb4, 0xb9, 0x7b, 0xec, 0x6d, 0x4f, 0xe4, 0xce, - 0x52, 0xcd, 0xf1, 0x17, 0x3f, 0x2c, 0xa0, 0xe8, 0x73, 0x00, 0xfc, 0xc5, 0x8e, 0x8a, 0x47, 0xfd, - 0x42, 0x01, 0x19, 0x51, 0x4c, 0xb4, 0xe8, 0x13, 0xb2, 0x3e, 0xd6, 0x68, 0xd9, 0x3f, 0x55, 0x84, - 0x21, 0xf6, 0x42, 0x84, 0x56, 0x60, 0x64, 0x9b, 0xc7, 0x7c, 0x1e, 0x24, 0xbc, 0x74, 0x22, 0x67, - 0xf2, 0x02, 0x2c, 0x2b, 0xa3, 0x55, 0x38, 0xc3, 0x63, 0x66, 0x7b, 0x55, 0xe2, 0x39, 0xfb, 0x52, - 0x5d, 0xc1, 0xf3, 0x4d, 0xa9, 0x48, 0x1a, 0xb5, 0x6e, 0x14, 0x9c, 0x55, 0x0f, 0xbd, 0x0e, 0x93, - 0x94, 0xbf, 0x0b, 0x3a, 0xb1, 0xa4, 0xc4, 0xa3, 0x65, 0x2b, 0x86, 0x72, 0xdd, 0x80, 0xe2, 0x14, - 0x36, 0x15, 0xbc, 0xda, 0x5d, 0x8a, 0x99, 0xa1, 0x44, 0xf0, 0x32, 0x95, 0x31, 0x26, 0x2e, 0x33, - 0x65, 0xea, 0x30, 0xc3, 0xad, 0xf5, 0xed, 0x90, 0x44, 0xdb, 0x81, 0xd7, 0x12, 0xe9, 0xca, 0x13, - 0x53, 0xa6, 0x14, 0x1c, 0x77, 0xd5, 0xa0, 0x54, 0x36, 0x1d, 0xd7, 0xeb, 0x84, 0x24, 0xa1, 0x32, - 0x6c, 0x52, 0x59, 0x49, 0xc1, 0x71, 0x57, 0x0d, 0xba, 0x8e, 0xce, 0x89, 0xfc, 0xe1, 0xd2, 0xbf, - 0x5f, 0xd9, 0xa7, 0x8d, 0x48, 0x4f, 0xa7, 0x1e, 0x01, 0x6e, 0x84, 0x05, 0x8f, 0xca, 0x40, 0xae, - 0xe9, 0x13, 0x85, 0x8f, 0x93, 0xa4, 0xf2, 0x20, 0x59, 0xac, 0x7f, 0xa0, 0x00, 0x67, 0x32, 0xec, - 0x60, 0xf9, 0x51, 0xb5, 0xe5, 0x46, 0xb1, 0xca, 0xa9, 0xa3, 0x1d, 0x55, 0xbc, 0x1c, 0x2b, 0x0c, - 0xba, 0x1f, 0xf8, 0x61, 0x98, 0x3e, 0x00, 0x85, 0x9d, 0x99, 0x80, 0x1e, 0x33, 0x3b, 0xcd, 0x25, - 0x28, 0x75, 0x22, 0x22, 0x43, 0x53, 0xa9, 0xf3, 0x9b, 0x69, 0x98, 0x19, 0x84, 0xb2, 0xa6, 0x5b, - 0x4a, 0xb9, 0xab, 0xb1, 0xa6, 0x5c, 0x63, 0xcb, 0x61, 0xb4, 0x73, 0x31, 0xf1, 0x1d, 0x3f, 0x16, - 0x0c, 0x6c, 0x12, 0x50, 0x85, 0x95, 0x62, 0x01, 0xb5, 0xbf, 0x5a, 0x84, 0xf3, 0xb9, 0x96, 0xf1, - 0xb4, 0xeb, 0xbb, 0x81, 0xef, 0xc6, 0x81, 0x7a, 0xa5, 0xe4, 0x41, 0x54, 0x48, 0x7b, 0x7b, 0x55, - 0x94, 0x63, 0x85, 0x81, 0x2e, 0xcb, 0x8c, 0xf7, 0xe9, 0xec, 0x42, 0x8b, 0x55, 0x23, 0xe9, 0xfd, - 0xa0, 0x99, 0xdb, 0x9e, 0x84, 0x52, 0x3b, 0x08, 0xbc, 0xf4, 0xa1, 0x45, 0xbb, 0x1b, 0x04, 0x1e, - 0x66, 0x40, 0xf4, 0x09, 0x31, 0x5e, 0xa9, 0x67, 0x39, 0xec, 0xb4, 0x82, 0x48, 0x1b, 0xb4, 0xa7, - 0x61, 0x64, 0x87, 0xec, 0x87, 0xae, 0xbf, 0x95, 0x7e, 0xae, 0xbd, 0xc9, 0x8b, 0xb1, 0x84, 0x9b, - 0xb9, 0x26, 0x46, 0x4e, 0x3a, 0xe5, 0xda, 0x68, 0xdf, 0x2b, 0xf0, 0x07, 0x8b, 0x30, 0x85, 0x17, - 0xab, 0xdf, 0x9a, 0x88, 0x3b, 0xdd, 0x13, 0x71, 0xd2, 0x29, 0xd7, 0xfa, 0xcf, 0xc6, 0x2f, 0x5a, - 0x30, 0xc5, 0xe2, 0x31, 0x8b, 0xd0, 0x1d, 0x6e, 0xe0, 0x9f, 0x02, 0x8b, 0xf7, 0x24, 0x0c, 0x85, - 0xb4, 0xd1, 0x74, 0x5a, 0x21, 0xd6, 0x13, 0xcc, 0x61, 0xe8, 0x71, 0x28, 0xb1, 0x2e, 0xd0, 0xc9, - 0x1b, 0xe7, 0x19, 0x19, 0xaa, 0x4e, 0xec, 0x60, 0x56, 0xca, 0xfc, 0xd1, 0x31, 0x69, 0x7b, 0x2e, - 0xef, 0x74, 0xf2, 0x04, 0xf2, 0xd1, 0xf0, 0x47, 0xcf, 0xec, 0xda, 0x07, 0xf3, 0x47, 0xcf, 0x26, - 0xd9, 0x5b, 0x7c, 0xfa, 0xa3, 0x02, 0x5c, 0xcc, 0xac, 0x37, 0xb0, 0x3f, 0x7a, 0xef, 0xda, 0x27, - 0x63, 0x75, 0x93, 0x6d, 0x0c, 0x53, 0x3c, 0x45, 0x63, 0x98, 0xd2, 0xa0, 0x1c, 0xe6, 0xd0, 0x00, - 0x6e, 0xe2, 0x99, 0x43, 0xf6, 0x11, 0x71, 0x13, 0xcf, 0xec, 0x5b, 0x8e, 0xf8, 0xf7, 0xe7, 0x85, - 0x9c, 0x6f, 0x61, 0x82, 0xe0, 0x15, 0x7a, 0xce, 0x30, 0x60, 0x24, 0x38, 0xe6, 0x71, 0x7e, 0xc6, - 0xf0, 0x32, 0xac, 0xa0, 0xc8, 0xd5, 0x1c, 0xae, 0x0b, 0xf9, 0x59, 0x36, 0x73, 0x9b, 0x9a, 0x37, - 0x5f, 0xac, 0xd4, 0x10, 0x64, 0x38, 0x5f, 0xaf, 0x6a, 0xc2, 0x7b, 0x71, 0x70, 0xe1, 0x7d, 0x3c, - 0x5b, 0x70, 0x47, 0x0b, 0x30, 0xb5, 0xeb, 0xfa, 0xf4, 0xd8, 0xdc, 0x37, 0x59, 0x56, 0x15, 0x7f, - 0x64, 0xd5, 0x04, 0xe3, 0x34, 0xfe, 0xdc, 0xab, 0x30, 0xf1, 0xe0, 0x6a, 0xcb, 0x6f, 0x16, 0xe1, - 0xb1, 0x1e, 0xdb, 0x9e, 0x9f, 0xf5, 0xc6, 0x1c, 0x68, 0x67, 0x7d, 0xd7, 0x3c, 0xd4, 0xe1, 0xec, - 0x66, 0xc7, 0xf3, 0xf6, 0x99, 0xbd, 0x29, 0x69, 0x49, 0x0c, 0xc1, 0x53, 0x3e, 0x2e, 0x73, 0x60, - 0xac, 0x64, 0xe0, 0xe0, 0xcc, 0x9a, 0xe8, 0x0d, 0x40, 0x81, 0x48, 0xf1, 0x7b, 0x9d, 0xf8, 0xe2, - 0x1d, 0x80, 0x0d, 0x7c, 0x31, 0xd9, 0x8c, 0xb7, 0xbb, 0x30, 0x70, 0x46, 0x2d, 0x2a, 0x1c, 0xd0, - 0x5b, 0x69, 0x5f, 0x75, 0x2b, 0x25, 0x1c, 0x60, 0x1d, 0x88, 0x4d, 0x5c, 0x74, 0x1d, 0x66, 0x9c, - 0x3d, 0xc7, 0xe5, 0x71, 0xf9, 0x24, 0x01, 0x2e, 0x1d, 0x28, 0x65, 0xd9, 0x42, 0x1a, 0x01, 0x77, - 0xd7, 0x49, 0xb9, 0x64, 0x0f, 0xe7, 0xbb, 0x64, 0xf7, 0x3e, 0x17, 0xfb, 0xe9, 0x7e, 0xed, 0xff, - 0x64, 0xd1, 0xeb, 0x2b, 0x23, 0x4d, 0x3f, 0x1d, 0x07, 0xa5, 0xc3, 0xd4, 0xbc, 0xa3, 0xcf, 0x69, - 0x16, 0x25, 0x09, 0x10, 0x9b, 0xb8, 0x7c, 0x41, 0x44, 0x89, 0x53, 0x8e, 0xc1, 0xe2, 0x8b, 0xe8, - 0x0a, 0x0a, 0x03, 0x7d, 0x1e, 0x46, 0x5a, 0xee, 0x9e, 0x1b, 0x05, 0xa1, 0xd8, 0x2c, 0xc7, 0x74, - 0x6d, 0x48, 0xce, 0xc1, 0x2a, 0x27, 0x83, 0x25, 0x3d, 0xfb, 0x07, 0x0b, 0x30, 0x21, 0x5b, 0x7c, - 0xb3, 0x13, 0xc4, 0xce, 0x29, 0x5c, 0xcb, 0xd7, 0x8d, 0x6b, 0xf9, 0x13, 0xbd, 0x42, 0x4c, 0xb0, - 0x2e, 0xe5, 0x5e, 0xc7, 0xb7, 0x53, 0xd7, 0xf1, 0x53, 0xfd, 0x49, 0xf5, 0xbe, 0x86, 0xff, 0x85, - 0x05, 0x33, 0x06, 0xfe, 0x29, 0xdc, 0x06, 0x2b, 0xe6, 0x6d, 0xf0, 0x44, 0xdf, 0x6f, 0xc8, 0xb9, - 0x05, 0xbe, 0xaf, 0x98, 0xea, 0x3b, 0x3b, 0xfd, 0xdf, 0x83, 0xd2, 0xb6, 0x13, 0xb6, 0x7a, 0x85, - 0xb2, 0xed, 0xaa, 0x34, 0x7f, 0xc3, 0x09, 0x5b, 0xfc, 0x0c, 0x7f, 0x56, 0xe5, 0xc9, 0x74, 0xc2, - 0x56, 0x5f, 0x1f, 0x34, 0xd6, 0x14, 0x7a, 0x05, 0x86, 0xa3, 0x66, 0xd0, 0x56, 0x16, 0xa2, 0x97, - 0x78, 0x0e, 0x4d, 0x5a, 0x72, 0x74, 0x50, 0x41, 0x66, 0x73, 0xb4, 0x18, 0x0b, 0x7c, 0xf4, 0x36, - 0x4c, 0xb0, 0x5f, 0xca, 0x52, 0xa2, 0x98, 0x9f, 0x40, 0xa1, 0xa1, 0x23, 0x72, 0x83, 0x1b, 0xa3, - 0x08, 0x9b, 0xa4, 0xe6, 0xb6, 0xa0, 0xac, 0x3e, 0xeb, 0xa1, 0xfa, 0x0e, 0xfd, 0xfb, 0x22, 0x9c, - 0xc9, 0x58, 0x73, 0x28, 0x32, 0x66, 0xe2, 0xf9, 0x01, 0x97, 0xea, 0x07, 0x9c, 0x8b, 0x88, 0x49, - 0x43, 0x2d, 0xb1, 0xb6, 0x06, 0x6e, 0xf4, 0x4e, 0x44, 0xd2, 0x8d, 0xd2, 0xa2, 0xfe, 0x8d, 0xd2, - 0xc6, 0x4e, 0x6d, 0xa8, 0x69, 0x43, 0xaa, 0xa7, 0x0f, 0x75, 0x4e, 0xff, 0xa4, 0x08, 0x67, 0xb3, - 0xa2, 0xde, 0xa0, 0xef, 0x4e, 0x25, 0xd3, 0x79, 0x71, 0xd0, 0x78, 0x39, 0x3c, 0xc3, 0x8e, 0xc8, - 0x85, 0x3d, 0x6f, 0xa6, 0xd7, 0xe9, 0x3b, 0xcc, 0xa2, 0x4d, 0xe6, 0x70, 0x1a, 0xf2, 0x24, 0x48, - 0xf2, 0xf8, 0xf8, 0xf4, 0xc0, 0x1d, 0x10, 0xd9, 0x93, 0xa2, 0x94, 0xc3, 0xa9, 0x2c, 0xee, 0xef, - 0x70, 0x2a, 0x5b, 0x9e, 0x73, 0x61, 0x4c, 0xfb, 0x9a, 0x87, 0x3a, 0xe3, 0x3b, 0xf4, 0xb6, 0xd2, - 0xfa, 0xfd, 0x50, 0x67, 0xfd, 0x47, 0x2d, 0x48, 0x99, 0x63, 0x2a, 0xb5, 0x98, 0x95, 0xab, 0x16, - 0xbb, 0x04, 0xa5, 0x30, 0xf0, 0x48, 0x3a, 0x77, 0x0d, 0x0e, 0x3c, 0x82, 0x19, 0x84, 0x62, 0xc4, - 0x89, 0xb2, 0x63, 0x5c, 0x17, 0xe4, 0x84, 0x88, 0xf6, 0x24, 0x0c, 0x79, 0x64, 0x8f, 0x78, 0xe9, - 0xc0, 0xf0, 0xb7, 0x68, 0x21, 0xe6, 0x30, 0xfb, 0x17, 0x4b, 0x70, 0xa1, 0xa7, 0xcb, 0x36, 0x15, - 0x87, 0xb6, 0x9c, 0x98, 0xdc, 0x73, 0xf6, 0xd3, 0x11, 0x9c, 0xaf, 0xf3, 0x62, 0x2c, 0xe1, 0xcc, - 0x42, 0x9d, 0x47, 0x6c, 0x4c, 0x29, 0x11, 0x45, 0xa0, 0x46, 0x01, 0x35, 0x95, 0x52, 0xc5, 0x93, - 0x50, 0x4a, 0x5d, 0x03, 0x88, 0x22, 0x8f, 0xdb, 0x17, 0xb4, 0x84, 0xe9, 0x7b, 0x12, 0xd9, 0xb3, - 0x71, 0x4b, 0x40, 0xb0, 0x86, 0x85, 0xaa, 0x30, 0xdd, 0x0e, 0x83, 0x98, 0xeb, 0x64, 0xab, 0xdc, - 0x30, 0x69, 0xc8, 0xf4, 0x96, 0xad, 0xa7, 0xe0, 0xb8, 0xab, 0x06, 0x7a, 0x09, 0xc6, 0x84, 0x07, - 0x6d, 0x3d, 0x08, 0x3c, 0xa1, 0x06, 0x52, 0x66, 0x2e, 0x8d, 0x04, 0x84, 0x75, 0x3c, 0xad, 0x1a, - 0x53, 0xf4, 0x8e, 0x64, 0x56, 0xe3, 0xca, 0x5e, 0x0d, 0x2f, 0x15, 0x01, 0x6b, 0x74, 0xa0, 0x08, - 0x58, 0x89, 0x62, 0xac, 0x3c, 0xf0, 0xdb, 0x16, 0xf4, 0x55, 0x25, 0xfd, 0x5c, 0x09, 0xce, 0x88, - 0x85, 0xf3, 0xb0, 0x97, 0xcb, 0x9d, 0xee, 0xe5, 0x72, 0x12, 0xaa, 0xb3, 0x6f, 0xad, 0x99, 0xd3, - 0x5e, 0x33, 0x3f, 0x64, 0x81, 0xc9, 0x5e, 0xa1, 0xff, 0x2f, 0x37, 0x04, 0xfe, 0x4b, 0xb9, 0xec, - 0x5a, 0x4b, 0x5e, 0x20, 0x1f, 0x30, 0x18, 0xbe, 0xfd, 0x1f, 0x2d, 0x78, 0xa2, 0x2f, 0x45, 0xb4, - 0x0c, 0x65, 0xc6, 0x03, 0x6a, 0xd2, 0xd9, 0x53, 0xca, 0x70, 0x51, 0x02, 0x72, 0x58, 0xd2, 0xa4, - 0x26, 0x5a, 0xee, 0xca, 0x35, 0xf0, 0x74, 0x46, 0xae, 0x81, 0x73, 0xc6, 0xf0, 0x3c, 0x60, 0xb2, - 0x81, 0x5f, 0x29, 0xc2, 0x30, 0x5f, 0xf1, 0xa7, 0x20, 0x86, 0xad, 0x08, 0xbd, 0x6d, 0x8f, 0x18, - 0x58, 0xbc, 0x2f, 0xf3, 0x55, 0x27, 0x76, 0x38, 0x9b, 0xa0, 0x6e, 0xab, 0x44, 0xc3, 0x8b, 0xe6, - 0x8d, 0xfb, 0x6c, 0x2e, 0xa5, 0x98, 0x04, 0x4e, 0x43, 0xbb, 0xdd, 0xbe, 0x08, 0x10, 0xb1, 0x3c, - 0xfd, 0x94, 0x86, 0x88, 0xa6, 0xf6, 0xc9, 0x1e, 0xad, 0x37, 0x14, 0x32, 0xef, 0x43, 0xb2, 0xd3, - 0x15, 0x00, 0x6b, 0x14, 0xe7, 0x5e, 0x86, 0xb2, 0x42, 0xee, 0xa7, 0xc5, 0x19, 0xd7, 0x99, 0x8b, - 0xcf, 0xc2, 0x54, 0xaa, 0xad, 0x63, 0x29, 0x81, 0x7e, 0xc9, 0x82, 0x29, 0xde, 0xe5, 0x65, 0x7f, - 0x4f, 0x9c, 0xa9, 0xef, 0xc3, 0x59, 0x2f, 0xe3, 0x6c, 0x13, 0x33, 0x3a, 0xf8, 0x59, 0xa8, 0x94, - 0x3e, 0x59, 0x50, 0x9c, 0xd9, 0x06, 0xba, 0x42, 0xd7, 0x2d, 0x3d, 0xbb, 0x1c, 0x4f, 0x78, 0x3b, - 0x8d, 0xf3, 0x35, 0xcb, 0xcb, 0xb0, 0x82, 0xda, 0xbf, 0x63, 0xc1, 0x0c, 0xef, 0xf9, 0x4d, 0xb2, - 0xaf, 0x76, 0xf8, 0x87, 0xd9, 0x77, 0x91, 0xfe, 0xa3, 0x90, 0x93, 0xfe, 0x43, 0xff, 0xb4, 0x62, - 0xcf, 0x4f, 0xfb, 0x59, 0x0b, 0xc4, 0x0a, 0x3c, 0x05, 0x51, 0xfe, 0xdb, 0x4d, 0x51, 0x7e, 0x2e, - 0x7f, 0x51, 0xe7, 0xc8, 0xf0, 0x7f, 0x66, 0xc1, 0x34, 0x47, 0x48, 0xde, 0x9c, 0x3f, 0xd4, 0x79, - 0x18, 0x24, 0x8f, 0x9f, 0x4a, 0xee, 0x9d, 0xfd, 0x51, 0xc6, 0x64, 0x95, 0x7a, 0x4e, 0x56, 0x4b, - 0x6e, 0xa0, 0x63, 0xe4, 0xb0, 0x3c, 0x76, 0x18, 0x6d, 0xfb, 0x0f, 0x2d, 0x40, 0xbc, 0x19, 0x83, - 0xfd, 0xa1, 0x4c, 0x05, 0x2b, 0xd5, 0xae, 0x8b, 0xe4, 0xa8, 0x51, 0x10, 0xac, 0x61, 0x9d, 0xc8, - 0xf0, 0xa4, 0x0c, 0x07, 0x8a, 0xfd, 0x0d, 0x07, 0x8e, 0x31, 0xa2, 0xff, 0xbb, 0x04, 0x69, 0xf7, - 0x03, 0x74, 0x17, 0xc6, 0x9b, 0x4e, 0xdb, 0xd9, 0x70, 0x3d, 0x37, 0x76, 0x49, 0xd4, 0xcb, 0xe2, - 0x68, 0x49, 0xc3, 0x13, 0x4f, 0xbd, 0x5a, 0x09, 0x36, 0xe8, 0xa0, 0x79, 0x80, 0x76, 0xe8, 0xee, - 0xb9, 0x1e, 0xd9, 0x62, 0x1a, 0x07, 0xe6, 0x5f, 0xc9, 0xcd, 0x68, 0x64, 0x29, 0xd6, 0x30, 0x32, - 0x5c, 0xe5, 0x8a, 0x0f, 0xcf, 0x55, 0xae, 0x74, 0x4c, 0x57, 0xb9, 0xa1, 0x81, 0x5c, 0xe5, 0x30, - 0x3c, 0x22, 0x59, 0x24, 0xfa, 0x7f, 0xc5, 0xf5, 0x88, 0xe0, 0x8b, 0xb9, 0xd7, 0xe5, 0xdc, 0xe1, - 0x41, 0xe5, 0x11, 0x9c, 0x89, 0x81, 0x73, 0x6a, 0xa2, 0xcf, 0xc1, 0xac, 0xe3, 0x79, 0xc1, 0x3d, - 0x35, 0x6a, 0xcb, 0x51, 0xd3, 0xf1, 0xb8, 0xc6, 0x7e, 0x84, 0x51, 0x7d, 0xfc, 0xf0, 0xa0, 0x32, - 0xbb, 0x90, 0x83, 0x83, 0x73, 0x6b, 0xa7, 0x3c, 0xed, 0x46, 0xfb, 0x7a, 0xda, 0xbd, 0x06, 0xe5, - 0x76, 0x18, 0x34, 0x57, 0x35, 0xef, 0x9f, 0x8b, 0x2c, 0x43, 0xbe, 0x2c, 0x3c, 0x3a, 0xa8, 0x4c, - 0xa8, 0x3f, 0xec, 0x86, 0x4f, 0x2a, 0xd8, 0x3b, 0x70, 0xa6, 0x41, 0x42, 0x97, 0xe5, 0xde, 0x6c, - 0x25, 0x1b, 0x7a, 0x1d, 0xca, 0x61, 0xea, 0x08, 0x1b, 0x28, 0x90, 0x93, 0x16, 0x5f, 0x58, 0x1e, - 0x59, 0x09, 0x21, 0xfb, 0x4f, 0x2d, 0x18, 0x11, 0x96, 0xe8, 0xa7, 0xc0, 0x39, 0x2d, 0x18, 0x0a, - 0xec, 0x4a, 0xf6, 0x31, 0xcf, 0x3a, 0x93, 0xab, 0xba, 0xae, 0xa5, 0x54, 0xd7, 0x4f, 0xf4, 0x22, - 0xd2, 0x5b, 0x69, 0xfd, 0x77, 0x8a, 0x30, 0x69, 0x3a, 0x8f, 0x9c, 0xc2, 0x10, 0xac, 0xc1, 0x48, - 0x24, 0x3c, 0x95, 0x0a, 0xf9, 0x16, 0xd6, 0xe9, 0x49, 0x4c, 0xcc, 0xa7, 0x84, 0x6f, 0x92, 0x24, - 0x92, 0xe9, 0x02, 0x55, 0x7c, 0x88, 0x2e, 0x50, 0xfd, 0xfc, 0x77, 0x4a, 0x27, 0xe1, 0xbf, 0x63, - 0x7f, 0x9d, 0x5d, 0x35, 0x7a, 0xf9, 0x29, 0x70, 0x21, 0xd7, 0xcd, 0x4b, 0xc9, 0xee, 0xb1, 0xb2, - 0x44, 0xa7, 0x72, 0xb8, 0x91, 0x5f, 0xb0, 0xe0, 0x42, 0xc6, 0x57, 0x69, 0xac, 0xc9, 0xb3, 0x30, - 0xea, 0x74, 0x5a, 0xae, 0xda, 0xcb, 0xda, 0x33, 0xd6, 0x82, 0x28, 0xc7, 0x0a, 0x03, 0x2d, 0xc1, - 0x0c, 0xb9, 0xdf, 0x76, 0xf9, 0x3b, 0xa2, 0x6e, 0xe3, 0x58, 0xe4, 0xc1, 0x6d, 0x97, 0xd3, 0x40, - 0xdc, 0x8d, 0xaf, 0xdc, 0xbf, 0x8b, 0xb9, 0xee, 0xdf, 0xff, 0xd8, 0x82, 0x31, 0xe5, 0x95, 0xf2, - 0xd0, 0x47, 0xfb, 0x3b, 0xcc, 0xd1, 0x7e, 0xac, 0xc7, 0x68, 0xe7, 0x0c, 0xf3, 0xdf, 0x2b, 0xa8, - 0xfe, 0xd6, 0x83, 0x30, 0x1e, 0x80, 0xe5, 0x79, 0x05, 0x46, 0xdb, 0x61, 0x10, 0x07, 0xcd, 0xc0, - 0x13, 0x1c, 0xcf, 0xe3, 0x49, 0x74, 0x02, 0x5e, 0x7e, 0xa4, 0xfd, 0xc6, 0x0a, 0x9b, 0x8d, 0x5e, - 0x10, 0xc6, 0x82, 0xcb, 0x48, 0x46, 0x2f, 0x08, 0x63, 0xcc, 0x20, 0xa8, 0x05, 0x10, 0x3b, 0xe1, - 0x16, 0x89, 0x69, 0x99, 0x08, 0x74, 0x92, 0x7f, 0x78, 0x74, 0x62, 0xd7, 0x9b, 0x77, 0xfd, 0x38, - 0x8a, 0xc3, 0xf9, 0x9a, 0x1f, 0xdf, 0x0e, 0xb9, 0x00, 0xa5, 0x85, 0x1b, 0x50, 0xb4, 0xb0, 0x46, - 0x57, 0xfa, 0x84, 0xb2, 0x36, 0x86, 0xcc, 0x07, 0xf1, 0x35, 0x51, 0x8e, 0x15, 0x86, 0xfd, 0x32, - 0xbb, 0x4a, 0xd8, 0x00, 0x1d, 0x2f, 0x12, 0xc0, 0x37, 0x46, 0xd5, 0xd0, 0xb2, 0xd7, 0xb0, 0xaa, - 0x1e, 0x6f, 0xa0, 0xf7, 0xc9, 0x4d, 0x1b, 0xd6, 0xfd, 0x6d, 0x92, 0xa0, 0x04, 0xe8, 0x3b, 0xbb, - 0xec, 0x24, 0x9e, 0xeb, 0x73, 0x05, 0x1c, 0xc3, 0x32, 0x82, 0x05, 0xdc, 0x66, 0xe1, 0x88, 0x6b, - 0x75, 0xb1, 0xc8, 0xb5, 0x80, 0xdb, 0x02, 0x80, 0x13, 0x1c, 0x74, 0x55, 0x88, 0xdf, 0x25, 0x23, - 0xed, 0x9e, 0x14, 0xbf, 0xe5, 0xe7, 0x6b, 0xf2, 0xf7, 0xf3, 0x30, 0xa6, 0xd2, 0xef, 0xd5, 0x79, - 0x16, 0x33, 0x11, 0xf6, 0x65, 0x39, 0x29, 0xc6, 0x3a, 0x0e, 0x5a, 0x87, 0xa9, 0x88, 0xeb, 0x5e, - 0x54, 0x74, 0x3f, 0xae, 0xc3, 0xfa, 0xa4, 0xb4, 0xaf, 0x68, 0x98, 0xe0, 0x23, 0x56, 0xc4, 0x8f, - 0x0e, 0xe9, 0xd8, 0x99, 0x26, 0x81, 0x5e, 0x87, 0x49, 0x4f, 0x4f, 0x74, 0x5f, 0x17, 0x2a, 0x2e, - 0x65, 0xa6, 0x6c, 0xa4, 0xc1, 0xaf, 0xe3, 0x14, 0x36, 0xe5, 0x94, 0xf4, 0x12, 0x11, 0x91, 0xd2, - 0xf1, 0xb7, 0x48, 0x24, 0x92, 0x87, 0x31, 0x4e, 0xe9, 0x56, 0x0e, 0x0e, 0xce, 0xad, 0x8d, 0x5e, - 0x81, 0x71, 0xf9, 0xf9, 0x9a, 0xdb, 0x72, 0x62, 0x0c, 0xaf, 0xc1, 0xb0, 0x81, 0x89, 0xee, 0xc1, - 0x39, 0xf9, 0x7f, 0x3d, 0x74, 0x36, 0x37, 0xdd, 0xa6, 0xf0, 0x1a, 0xe7, 0x1e, 0x41, 0x0b, 0xd2, - 0xc5, 0x68, 0x39, 0x0b, 0xe9, 0xe8, 0xa0, 0x72, 0x49, 0x8c, 0x5a, 0x26, 0x9c, 0x4d, 0x62, 0x36, - 0x7d, 0xb4, 0x0a, 0x67, 0xb6, 0x89, 0xe3, 0xc5, 0xdb, 0x4b, 0xdb, 0xa4, 0xb9, 0x23, 0x37, 0x11, - 0x73, 0x86, 0xd6, 0x4c, 0xc8, 0x6f, 0x74, 0xa3, 0xe0, 0xac, 0x7a, 0xe8, 0x1d, 0x98, 0x6d, 0x77, - 0x36, 0x3c, 0x37, 0xda, 0x5e, 0x0b, 0x62, 0x66, 0xd2, 0xa1, 0xb2, 0xd7, 0x09, 0xaf, 0x69, 0xe5, - 0x08, 0x5e, 0xcf, 0xc1, 0xc3, 0xb9, 0x14, 0xd0, 0xfb, 0x70, 0x2e, 0xb5, 0x18, 0x84, 0x0f, 0xe7, - 0x64, 0x7e, 0x7c, 0xdf, 0x46, 0x56, 0x05, 0xe1, 0x93, 0x99, 0x05, 0xc2, 0xd9, 0x4d, 0x7c, 0x30, - 0x43, 0x9f, 0xf7, 0x68, 0x65, 0x8d, 0x29, 0x43, 0x5f, 0x82, 0x71, 0x7d, 0x15, 0x89, 0x0b, 0xe6, - 0x72, 0x36, 0xcf, 0xa2, 0xad, 0x36, 0xce, 0xd2, 0xa9, 0x15, 0xa5, 0xc3, 0xb0, 0x41, 0xd1, 0x26, - 0x90, 0xfd, 0x7d, 0xe8, 0x16, 0x8c, 0x36, 0x3d, 0x97, 0xf8, 0x71, 0xad, 0xde, 0x2b, 0xc8, 0xc8, - 0x92, 0xc0, 0x11, 0x03, 0x26, 0x02, 0xa2, 0xf2, 0x32, 0xac, 0x28, 0xd8, 0xbf, 0x5e, 0x80, 0x4a, - 0x9f, 0xe8, 0xba, 0x29, 0x7d, 0xb4, 0x35, 0x90, 0x3e, 0x7a, 0x41, 0xe6, 0xe2, 0x5b, 0x4b, 0x09, - 0xe9, 0xa9, 0x3c, 0x7b, 0x89, 0xa8, 0x9e, 0xc6, 0x1f, 0xd8, 0x3e, 0x58, 0x57, 0x69, 0x97, 0xfa, - 0x5a, 0xb8, 0x1b, 0x4f, 0x59, 0x43, 0x83, 0x0b, 0x22, 0xb9, 0xcf, 0x12, 0xf6, 0xd7, 0x0b, 0x70, - 0x4e, 0x0d, 0xe1, 0x5f, 0xde, 0x81, 0xbb, 0xd3, 0x3d, 0x70, 0x27, 0xf0, 0xa8, 0x63, 0xdf, 0x86, - 0x61, 0x1e, 0xa4, 0x65, 0x00, 0x06, 0xe8, 0x49, 0x33, 0xa2, 0x97, 0xba, 0xa6, 0x8d, 0xa8, 0x5e, - 0x7f, 0xcd, 0x82, 0xa9, 0xf5, 0xa5, 0x7a, 0x23, 0x68, 0xee, 0x90, 0x78, 0x81, 0x33, 0xac, 0x58, - 0xf0, 0x3f, 0xd6, 0x03, 0xf2, 0x35, 0x59, 0x1c, 0xd3, 0x25, 0x28, 0x6d, 0x07, 0x51, 0x9c, 0x7e, - 0xf1, 0xbd, 0x11, 0x44, 0x31, 0x66, 0x10, 0xfb, 0x77, 0x2d, 0x18, 0x62, 0x19, 0x64, 0xfb, 0xa5, - 0x35, 0x1e, 0xe4, 0xbb, 0xd0, 0x4b, 0x30, 0x4c, 0x36, 0x37, 0x49, 0x33, 0x16, 0xb3, 0x2a, 0xdd, - 0x56, 0x87, 0x97, 0x59, 0x29, 0xbd, 0xf4, 0x59, 0x63, 0xfc, 0x2f, 0x16, 0xc8, 0xe8, 0x2d, 0x28, - 0xc7, 0xee, 0x2e, 0x59, 0x68, 0xb5, 0xc4, 0x9b, 0xd9, 0x03, 0x78, 0x09, 0xaf, 0x4b, 0x02, 0x38, - 0xa1, 0x65, 0x7f, 0xb5, 0x00, 0x90, 0x84, 0x1a, 0xe8, 0xf7, 0x89, 0x8b, 0x5d, 0xaf, 0x29, 0x97, - 0x33, 0x5e, 0x53, 0x50, 0x42, 0x30, 0xe3, 0x29, 0x45, 0x0d, 0x53, 0x71, 0xa0, 0x61, 0x2a, 0x1d, - 0x67, 0x98, 0x96, 0x60, 0x26, 0x09, 0x95, 0x60, 0xc6, 0x8d, 0x61, 0x42, 0xca, 0x7a, 0x1a, 0x88, - 0xbb, 0xf1, 0x6d, 0x02, 0x97, 0x64, 0x04, 0x4f, 0x79, 0xd7, 0x30, 0x93, 0xcc, 0x63, 0x64, 0xb8, - 0x4e, 0x9e, 0x8b, 0x0a, 0xb9, 0xcf, 0x45, 0x3f, 0x61, 0xc1, 0xd9, 0x74, 0x3b, 0xcc, 0x47, 0xee, - 0x2b, 0x16, 0x9c, 0x63, 0x8f, 0x66, 0xac, 0xd5, 0xee, 0x27, 0xba, 0x17, 0xb3, 0x43, 0x48, 0xf4, - 0xee, 0x71, 0xe2, 0x1f, 0xbd, 0x9a, 0x45, 0x1a, 0x67, 0xb7, 0x68, 0x7f, 0xc5, 0x82, 0xf3, 0xb9, - 0x89, 0x8b, 0xd0, 0x15, 0x18, 0x75, 0xda, 0x2e, 0xd7, 0x48, 0x89, 0xfd, 0xce, 0xa4, 0xc7, 0x7a, - 0x8d, 0xeb, 0xa3, 0x14, 0x54, 0x25, 0x54, 0x2c, 0xe4, 0x26, 0x54, 0xec, 0x9b, 0x1f, 0xd1, 0xfe, - 0x7e, 0x0b, 0x84, 0x5b, 0xd4, 0x00, 0x87, 0xcc, 0xdb, 0x32, 0x1f, 0xad, 0x11, 0x3c, 0xfd, 0x52, - 0xbe, 0x9f, 0x98, 0x08, 0x99, 0xae, 0x2e, 0x75, 0x23, 0x50, 0xba, 0x41, 0xcb, 0x6e, 0x81, 0x80, - 0x56, 0x09, 0xd3, 0x59, 0xf5, 0xef, 0xcd, 0x35, 0x80, 0x16, 0xc3, 0xd5, 0xb2, 0x52, 0xaa, 0x2b, - 0xa4, 0xaa, 0x20, 0x58, 0xc3, 0xb2, 0x7f, 0xb8, 0x00, 0x63, 0x32, 0x58, 0x77, 0xc7, 0x1f, 0x44, - 0xb2, 0x3c, 0x56, 0xf6, 0x1e, 0x96, 0xc6, 0x95, 0x12, 0xae, 0x27, 0x02, 0x79, 0x92, 0xc6, 0x55, - 0x02, 0x70, 0x82, 0x83, 0x9e, 0x86, 0x91, 0xa8, 0xb3, 0xc1, 0xd0, 0x53, 0x4e, 0x3c, 0x0d, 0x5e, - 0x8c, 0x25, 0x1c, 0x7d, 0x0e, 0xa6, 0x79, 0xbd, 0x30, 0x68, 0x3b, 0x5b, 0x5c, 0xfd, 0x39, 0xa4, - 0xbc, 0x6f, 0xa7, 0x57, 0x53, 0xb0, 0xa3, 0x83, 0xca, 0xd9, 0x74, 0x19, 0x53, 0x9c, 0x77, 0x51, - 0xb1, 0xbf, 0x04, 0xa8, 0x3b, 0xfe, 0x38, 0x7a, 0x83, 0x9b, 0x52, 0xb9, 0x21, 0x69, 0xf5, 0xd2, - 0x88, 0xeb, 0xce, 0xa2, 0xd2, 0x90, 0x9e, 0xd7, 0xc2, 0xaa, 0xbe, 0xfd, 0x37, 0x8a, 0x30, 0x9d, - 0x76, 0x1d, 0x44, 0x37, 0x60, 0x98, 0x5f, 0x76, 0x82, 0x7c, 0x8f, 0x07, 0x57, 0xcd, 0xe1, 0x90, - 0x6d, 0x7b, 0x71, 0x5f, 0x8a, 0xfa, 0xe8, 0x1d, 0x18, 0x6b, 0x05, 0xf7, 0xfc, 0x7b, 0x4e, 0xd8, - 0x5a, 0xa8, 0xd7, 0xc4, 0xba, 0xcc, 0xe4, 0x99, 0xab, 0x09, 0x9a, 0xee, 0xc4, 0xc8, 0x1e, 0x17, - 0x12, 0x10, 0xd6, 0xc9, 0xa1, 0x75, 0x16, 0x53, 0x71, 0xd3, 0xdd, 0x5a, 0x75, 0xda, 0xbd, 0xec, - 0x6a, 0x97, 0x24, 0x92, 0x46, 0x79, 0x42, 0x04, 0x5e, 0xe4, 0x00, 0x9c, 0x10, 0x42, 0xdf, 0x0d, - 0x67, 0xa2, 0x1c, 0x35, 0x5b, 0x5e, 0x3a, 0x8a, 0x5e, 0x9a, 0xa7, 0xc5, 0x47, 0xa9, 0x34, 0x93, - 0xa5, 0x90, 0xcb, 0x6a, 0xc6, 0xfe, 0xf2, 0x19, 0x30, 0x76, 0xa3, 0x91, 0x9d, 0xc8, 0x3a, 0xa1, - 0xec, 0x44, 0x18, 0x46, 0xc9, 0x6e, 0x3b, 0xde, 0xaf, 0xba, 0x61, 0xaf, 0xec, 0x79, 0xcb, 0x02, - 0xa7, 0x9b, 0xa6, 0x84, 0x60, 0x45, 0x27, 0x3b, 0x85, 0x54, 0xf1, 0x43, 0x4c, 0x21, 0x55, 0x3a, - 0xc5, 0x14, 0x52, 0x6b, 0x30, 0xb2, 0xe5, 0xc6, 0x98, 0xb4, 0x03, 0xc1, 0x66, 0x66, 0xae, 0xc3, - 0xeb, 0x1c, 0xa5, 0x3b, 0x59, 0x89, 0x00, 0x60, 0x49, 0x04, 0xbd, 0xa1, 0x76, 0xe0, 0x70, 0xbe, - 0x94, 0xd6, 0xfd, 0x32, 0x98, 0xb9, 0x07, 0x45, 0xa2, 0xa8, 0x91, 0x07, 0x4d, 0x14, 0xb5, 0x22, - 0xd3, 0x3b, 0x8d, 0xe6, 0x1b, 0xc1, 0xb3, 0xec, 0x4d, 0x7d, 0x92, 0x3a, 0xdd, 0xd5, 0x53, 0x62, - 0x95, 0xf3, 0x4f, 0x02, 0x95, 0xed, 0x6a, 0xc0, 0x44, 0x58, 0xdf, 0x6f, 0xc1, 0xb9, 0x76, 0x56, - 0x76, 0x38, 0x91, 0x94, 0xe9, 0xa5, 0x81, 0xd3, 0xdf, 0x19, 0x0d, 0x32, 0x71, 0x3d, 0x13, 0x0d, - 0x67, 0x37, 0x47, 0x07, 0x3a, 0xdc, 0x68, 0x89, 0x4c, 0x4e, 0x4f, 0xe6, 0x64, 0xd4, 0xea, 0x91, - 0x47, 0x6b, 0x3d, 0x23, 0x7b, 0xd3, 0xc7, 0xf3, 0xb2, 0x37, 0x0d, 0x9c, 0xb3, 0xe9, 0x0d, 0x95, - 0x4b, 0x6b, 0x22, 0x7f, 0x29, 0xf1, 0x4c, 0x59, 0x7d, 0x33, 0x68, 0xbd, 0xa1, 0x32, 0x68, 0xf5, - 0x88, 0x2d, 0xc7, 0xf3, 0x63, 0xf5, 0xcd, 0x9b, 0xa5, 0xe5, 0xbe, 0x9a, 0x3a, 0x99, 0xdc, 0x57, - 0xc6, 0x55, 0xc3, 0xd3, 0x2f, 0x3d, 0xd3, 0xe7, 0xaa, 0x31, 0xe8, 0xf6, 0xbe, 0x6c, 0x78, 0x9e, - 0xaf, 0x99, 0x07, 0xca, 0xf3, 0x75, 0x57, 0xcf, 0x9b, 0x85, 0xfa, 0x24, 0x86, 0xa2, 0x48, 0x03, - 0x66, 0xcb, 0xba, 0xab, 0x5f, 0x80, 0x67, 0xf2, 0xe9, 0xaa, 0x7b, 0xae, 0x9b, 0x6e, 0xe6, 0x15, - 0xd8, 0x95, 0x85, 0xeb, 0xec, 0xe9, 0x64, 0xe1, 0x3a, 0x77, 0xe2, 0x59, 0xb8, 0x1e, 0x39, 0x85, - 0x2c, 0x5c, 0x8f, 0x7e, 0xa8, 0x59, 0xb8, 0x66, 0x1f, 0x42, 0x16, 0xae, 0xb5, 0x24, 0x0b, 0xd7, - 0xf9, 0xfc, 0x29, 0xc9, 0xb0, 0xcc, 0xcd, 0xc9, 0xbd, 0x75, 0x97, 0x3d, 0xcf, 0xf3, 0xd8, 0x16, - 0x22, 0xf8, 0x5d, 0x76, 0xc6, 0xe1, 0xac, 0x00, 0x18, 0x7c, 0x4a, 0x14, 0x08, 0x27, 0xa4, 0x28, - 0xdd, 0x24, 0x17, 0xd7, 0x63, 0x3d, 0x14, 0xb2, 0x59, 0xaa, 0xae, 0xfc, 0x0c, 0x5c, 0xf6, 0x0f, - 0x14, 0xe0, 0x62, 0xef, 0x75, 0x9d, 0xe8, 0xc9, 0xea, 0xc9, 0xbb, 0x4e, 0x4a, 0x4f, 0xc6, 0x85, - 0x9c, 0x04, 0x6b, 0xe0, 0x00, 0x40, 0xd7, 0x61, 0x46, 0x99, 0xe4, 0x7a, 0x6e, 0x73, 0x5f, 0xcb, - 0x44, 0xac, 0x5c, 0x0f, 0x1b, 0x69, 0x04, 0xdc, 0x5d, 0x07, 0x2d, 0xc0, 0x94, 0x51, 0x58, 0xab, - 0x0a, 0x61, 0x46, 0x29, 0xe6, 0x1a, 0x26, 0x18, 0xa7, 0xf1, 0xed, 0x9f, 0xb1, 0xe0, 0xd1, 0x9c, - 0x04, 0x15, 0x03, 0xc7, 0xb7, 0xd9, 0x84, 0xa9, 0xb6, 0x59, 0xb5, 0x4f, 0x18, 0x2c, 0x23, 0x0d, - 0x86, 0xea, 0x6b, 0x0a, 0x80, 0xd3, 0x44, 0x17, 0xaf, 0xfc, 0xd6, 0xef, 0x5f, 0xfc, 0xd8, 0x6f, - 0xff, 0xfe, 0xc5, 0x8f, 0xfd, 0xce, 0xef, 0x5f, 0xfc, 0xd8, 0xff, 0x7f, 0x78, 0xd1, 0xfa, 0xad, - 0xc3, 0x8b, 0xd6, 0x6f, 0x1f, 0x5e, 0xb4, 0x7e, 0xe7, 0xf0, 0xa2, 0xf5, 0x7b, 0x87, 0x17, 0xad, - 0xaf, 0xfe, 0xc1, 0xc5, 0x8f, 0xbd, 0x5d, 0xd8, 0x7b, 0xfe, 0xff, 0x05, 0x00, 0x00, 0xff, 0xff, - 0xc1, 0x91, 0x66, 0x56, 0x78, 0xe8, 0x00, 0x00, + 0xe1, 0xd8, 0xb0, 0x37, 0xfc, 0x00, 0x02, 0x47, 0x60, 0x1c, 0x80, 0xb1, 0x1d, 0xc6, 0x60, 0xc0, + 0x2c, 0xd8, 0x18, 0xfc, 0x03, 0xfb, 0xc7, 0x1a, 0x3b, 0xc2, 0xb1, 0x44, 0x10, 0x6e, 0x43, 0xe3, + 0xb0, 0x83, 0x1f, 0x06, 0x87, 0xf1, 0x0f, 0xd3, 0x26, 0x8c, 0xe3, 0x3e, 0xf3, 0xde, 0xac, 0xcc, + 0xaa, 0xea, 0x51, 0x4f, 0x4b, 0x10, 0xfb, 0xaf, 0xea, 0x9e, 0x73, 0xcf, 0xbd, 0x79, 0x9f, 0xe7, + 0x9c, 0x7b, 0x1e, 0xf0, 0xea, 0xce, 0x2b, 0xd1, 0xbc, 0x1b, 0x5c, 0xdd, 0xe9, 0x6c, 0x90, 0xd0, + 0x27, 0x31, 0x89, 0xae, 0xee, 0x11, 0xbf, 0x15, 0x84, 0x57, 0x05, 0xc0, 0x69, 0xbb, 0x57, 0x9b, + 0x41, 0x48, 0xae, 0xee, 0x3d, 0x7f, 0x75, 0x8b, 0xf8, 0x24, 0x74, 0x62, 0xd2, 0x9a, 0x6f, 0x87, + 0x41, 0x1c, 0x20, 0xc4, 0x71, 0xe6, 0x9d, 0xb6, 0x3b, 0x4f, 0x71, 0xe6, 0xf7, 0x9e, 0x9f, 0x7b, + 0x6e, 0xcb, 0x8d, 0xb7, 0x3b, 0x1b, 0xf3, 0xcd, 0x60, 0xf7, 0xea, 0x56, 0xb0, 0x15, 0x5c, 0x65, + 0xa8, 0x1b, 0x9d, 0x4d, 0xf6, 0x8f, 0xfd, 0x61, 0xbf, 0x38, 0x89, 0xb9, 0x17, 0x93, 0x66, 0x76, + 0x9d, 0xe6, 0xb6, 0xeb, 0x93, 0x70, 0xff, 0x6a, 0x7b, 0x67, 0x8b, 0xb5, 0x1b, 0x92, 0x28, 0xe8, + 0x84, 0x4d, 0x92, 0x6e, 0xb8, 0x67, 0xad, 0xe8, 0xea, 0x2e, 0x89, 0x9d, 0x8c, 0xee, 0xce, 0x5d, + 0xcd, 0xab, 0x15, 0x76, 0xfc, 0xd8, 0xdd, 0xed, 0x6e, 0xe6, 0xd3, 0xfd, 0x2a, 0x44, 0xcd, 0x6d, + 0xb2, 0xeb, 0x74, 0xd5, 0x7b, 0x21, 0xaf, 0x5e, 0x27, 0x76, 0xbd, 0xab, 0xae, 0x1f, 0x47, 0x71, + 0x98, 0xae, 0x64, 0x7f, 0xd3, 0x82, 0x4b, 0x0b, 0x6f, 0x35, 0x96, 0x3d, 0x27, 0x8a, 0xdd, 0xe6, + 0xa2, 0x17, 0x34, 0x77, 0x1a, 0x71, 0x10, 0x92, 0xbb, 0x81, 0xd7, 0xd9, 0x25, 0x0d, 0x36, 0x10, + 0xe8, 0x59, 0x18, 0xdd, 0x63, 0xff, 0x6b, 0xd5, 0x59, 0xeb, 0x92, 0x75, 0xa5, 0xbc, 0x38, 0xfd, + 0x9b, 0x07, 0x95, 0x8f, 0x1d, 0x1e, 0x54, 0x46, 0xef, 0x8a, 0x72, 0xac, 0x30, 0xd0, 0x65, 0x18, + 0xde, 0x8c, 0xd6, 0xf7, 0xdb, 0x64, 0xb6, 0xc0, 0x70, 0x27, 0x05, 0xee, 0xf0, 0x4a, 0x83, 0x96, + 0x62, 0x01, 0x45, 0x57, 0xa1, 0xdc, 0x76, 0xc2, 0xd8, 0x8d, 0xdd, 0xc0, 0x9f, 0x2d, 0x5e, 0xb2, + 0xae, 0x0c, 0x2d, 0xce, 0x08, 0xd4, 0x72, 0x5d, 0x02, 0x70, 0x82, 0x43, 0xbb, 0x11, 0x12, 0xa7, + 0x75, 0xdb, 0xf7, 0xf6, 0x67, 0x4b, 0x97, 0xac, 0x2b, 0xa3, 0x49, 0x37, 0xb0, 0x28, 0xc7, 0x0a, + 0xc3, 0xfe, 0xe1, 0x02, 0x8c, 0x2e, 0x6c, 0x6e, 0xba, 0xbe, 0x1b, 0xef, 0xa3, 0xbb, 0x30, 0xee, + 0x07, 0x2d, 0x22, 0xff, 0xb3, 0xaf, 0x18, 0xbb, 0x76, 0x69, 0xbe, 0x7b, 0x29, 0xcd, 0xaf, 0x69, + 0x78, 0x8b, 0xd3, 0x87, 0x07, 0x95, 0x71, 0xbd, 0x04, 0x1b, 0x74, 0x10, 0x86, 0xb1, 0x76, 0xd0, + 0x52, 0x64, 0x0b, 0x8c, 0x6c, 0x25, 0x8b, 0x6c, 0x3d, 0x41, 0x5b, 0x9c, 0x3a, 0x3c, 0xa8, 0x8c, + 0x69, 0x05, 0x58, 0x27, 0x82, 0x36, 0x60, 0x8a, 0xfe, 0xf5, 0x63, 0x57, 0xd1, 0x2d, 0x32, 0xba, + 0x4f, 0xe6, 0xd1, 0xd5, 0x50, 0x17, 0xcf, 0x1c, 0x1e, 0x54, 0xa6, 0x52, 0x85, 0x38, 0x4d, 0xd0, + 0x7e, 0x1f, 0x26, 0x17, 0xe2, 0xd8, 0x69, 0x6e, 0x93, 0x16, 0x9f, 0x41, 0xf4, 0x22, 0x94, 0x7c, + 0x67, 0x97, 0x88, 0xf9, 0xbd, 0x24, 0x06, 0xb6, 0xb4, 0xe6, 0xec, 0x92, 0xa3, 0x83, 0xca, 0xf4, + 0x1d, 0xdf, 0x7d, 0xaf, 0x23, 0x56, 0x05, 0x2d, 0xc3, 0x0c, 0x1b, 0x5d, 0x03, 0x68, 0x91, 0x3d, + 0xb7, 0x49, 0xea, 0x4e, 0xbc, 0x2d, 0xe6, 0x1b, 0x89, 0xba, 0x50, 0x55, 0x10, 0xac, 0x61, 0xd9, + 0xf7, 0xa1, 0xbc, 0xb0, 0x17, 0xb8, 0xad, 0x7a, 0xd0, 0x8a, 0xd0, 0x0e, 0x4c, 0xb5, 0x43, 0xb2, + 0x49, 0x42, 0x55, 0x34, 0x6b, 0x5d, 0x2a, 0x5e, 0x19, 0xbb, 0x76, 0x25, 0xf3, 0x63, 0x4d, 0xd4, + 0x65, 0x3f, 0x0e, 0xf7, 0x17, 0x1f, 0x15, 0xed, 0x4d, 0xa5, 0xa0, 0x38, 0x4d, 0xd9, 0xfe, 0xd7, + 0x05, 0x38, 0xb7, 0xf0, 0x7e, 0x27, 0x24, 0x55, 0x37, 0xda, 0x49, 0xaf, 0xf0, 0x96, 0x1b, 0xed, + 0xac, 0x25, 0x23, 0xa0, 0x96, 0x56, 0x55, 0x94, 0x63, 0x85, 0x81, 0x9e, 0x83, 0x11, 0xfa, 0xfb, + 0x0e, 0xae, 0x89, 0x4f, 0x3e, 0x23, 0x90, 0xc7, 0xaa, 0x4e, 0xec, 0x54, 0x39, 0x08, 0x4b, 0x1c, + 0xb4, 0x0a, 0x63, 0x4d, 0xb6, 0x21, 0xb7, 0x56, 0x83, 0x16, 0x61, 0x93, 0x59, 0x5e, 0x7c, 0x86, + 0xa2, 0x2f, 0x25, 0xc5, 0x47, 0x07, 0x95, 0x59, 0xde, 0x37, 0x41, 0x42, 0x83, 0x61, 0xbd, 0x3e, + 0xb2, 0xd5, 0xfe, 0x2a, 0x31, 0x4a, 0x90, 0xb1, 0xb7, 0xae, 0x68, 0x5b, 0x65, 0x88, 0x6d, 0x95, + 0xf1, 0xec, 0x6d, 0x82, 0x9e, 0x87, 0xd2, 0x8e, 0xeb, 0xb7, 0x66, 0x87, 0x19, 0xad, 0x0b, 0x74, + 0xce, 0x6f, 0xba, 0x7e, 0xeb, 0xe8, 0xa0, 0x32, 0x63, 0x74, 0x87, 0x16, 0x62, 0x86, 0x6a, 0xff, + 0xb1, 0x05, 0x15, 0x06, 0x5b, 0x71, 0x3d, 0x52, 0x27, 0x61, 0xe4, 0x46, 0x31, 0xf1, 0x63, 0x63, + 0x40, 0xaf, 0x01, 0x44, 0xa4, 0x19, 0x92, 0x58, 0x1b, 0x52, 0xb5, 0x30, 0x1a, 0x0a, 0x82, 0x35, + 0x2c, 0x7a, 0x20, 0x44, 0xdb, 0x4e, 0xc8, 0xd6, 0x97, 0x18, 0x58, 0x75, 0x20, 0x34, 0x24, 0x00, + 0x27, 0x38, 0xc6, 0x81, 0x50, 0xec, 0x77, 0x20, 0xa0, 0xcf, 0xc2, 0x54, 0xd2, 0x58, 0xd4, 0x76, + 0x9a, 0x72, 0x00, 0xd9, 0x96, 0x69, 0x98, 0x20, 0x9c, 0xc6, 0xb5, 0xff, 0x81, 0x25, 0x16, 0x0f, + 0xfd, 0xea, 0x8f, 0xf8, 0xb7, 0xda, 0xbf, 0x64, 0xc1, 0xc8, 0xa2, 0xeb, 0xb7, 0x5c, 0x7f, 0x0b, + 0x7d, 0x09, 0x46, 0xe9, 0xdd, 0xd4, 0x72, 0x62, 0x47, 0x9c, 0x7b, 0x9f, 0xd2, 0xf6, 0x96, 0xba, + 0x2a, 0xe6, 0xdb, 0x3b, 0x5b, 0xb4, 0x20, 0x9a, 0xa7, 0xd8, 0x74, 0xb7, 0xdd, 0xde, 0x78, 0x97, + 0x34, 0xe3, 0x55, 0x12, 0x3b, 0xc9, 0xe7, 0x24, 0x65, 0x58, 0x51, 0x45, 0x37, 0x61, 0x38, 0x76, + 0xc2, 0x2d, 0x12, 0x8b, 0x03, 0x30, 0xf3, 0xa0, 0xe2, 0x35, 0x31, 0xdd, 0x91, 0xc4, 0x6f, 0x92, + 0xe4, 0x5a, 0x58, 0x67, 0x55, 0xb1, 0x20, 0x61, 0xff, 0xd5, 0x61, 0x38, 0xbf, 0xd4, 0xa8, 0xe5, + 0xac, 0xab, 0xcb, 0x30, 0xdc, 0x0a, 0xdd, 0x3d, 0x12, 0x8a, 0x71, 0x56, 0x54, 0xaa, 0xac, 0x14, + 0x0b, 0x28, 0x7a, 0x05, 0xc6, 0xf9, 0x85, 0x74, 0xc3, 0xf1, 0x5b, 0x9e, 0x1c, 0xe2, 0xb3, 0x02, + 0x7b, 0xfc, 0xae, 0x06, 0xc3, 0x06, 0xe6, 0x31, 0x17, 0xd5, 0xe5, 0xd4, 0x66, 0xcc, 0xbb, 0xec, + 0xbe, 0x62, 0xc1, 0x34, 0x6f, 0x66, 0x21, 0x8e, 0x43, 0x77, 0xa3, 0x13, 0x93, 0x68, 0x76, 0x88, + 0x9d, 0x74, 0x4b, 0x59, 0xa3, 0x95, 0x3b, 0x02, 0xf3, 0x77, 0x53, 0x54, 0xf8, 0x21, 0x38, 0x2b, + 0xda, 0x9d, 0x4e, 0x83, 0x71, 0x57, 0xb3, 0xe8, 0x7b, 0x2d, 0x98, 0x6b, 0x06, 0x7e, 0x1c, 0x06, + 0x9e, 0x47, 0xc2, 0x7a, 0x67, 0xc3, 0x73, 0xa3, 0x6d, 0xbe, 0x4e, 0x31, 0xd9, 0x64, 0x27, 0x41, + 0xce, 0x1c, 0x2a, 0x24, 0x31, 0x87, 0x17, 0x0f, 0x0f, 0x2a, 0x73, 0x4b, 0xb9, 0xa4, 0x70, 0x8f, + 0x66, 0xd0, 0x0e, 0x20, 0x7a, 0x95, 0x36, 0x62, 0x67, 0x8b, 0x24, 0x8d, 0x8f, 0x0c, 0xde, 0xf8, + 0x23, 0x87, 0x07, 0x15, 0xb4, 0xd6, 0x45, 0x02, 0x67, 0x90, 0x45, 0xef, 0xc1, 0x59, 0x5a, 0xda, + 0xf5, 0xad, 0xa3, 0x83, 0x37, 0x37, 0x7b, 0x78, 0x50, 0x39, 0xbb, 0x96, 0x41, 0x04, 0x67, 0x92, + 0x9e, 0x5b, 0x82, 0x73, 0x99, 0x53, 0x85, 0xa6, 0xa1, 0xb8, 0x43, 0x38, 0x0b, 0x52, 0xc6, 0xf4, + 0x27, 0x3a, 0x0b, 0x43, 0x7b, 0x8e, 0xd7, 0x11, 0xab, 0x14, 0xf3, 0x3f, 0x9f, 0x29, 0xbc, 0x62, + 0xd9, 0x4d, 0x18, 0x5f, 0x72, 0xda, 0xce, 0x86, 0xeb, 0xb9, 0xb1, 0x4b, 0x22, 0xf4, 0x14, 0x14, + 0x9d, 0x56, 0x8b, 0x5d, 0x91, 0xe5, 0xc5, 0x73, 0x87, 0x07, 0x95, 0xe2, 0x42, 0x8b, 0x9e, 0xd5, + 0xa0, 0xb0, 0xf6, 0x31, 0xc5, 0x40, 0x9f, 0x84, 0x52, 0x2b, 0x0c, 0xda, 0xb3, 0x05, 0x86, 0x49, + 0x87, 0xaa, 0x54, 0x0d, 0x83, 0x76, 0x0a, 0x95, 0xe1, 0xd8, 0xbf, 0x56, 0x80, 0xc7, 0x97, 0x48, + 0x7b, 0x7b, 0xa5, 0x91, 0xb3, 0xe9, 0xae, 0xc0, 0xe8, 0x6e, 0xe0, 0xbb, 0x71, 0x10, 0x46, 0xa2, + 0x69, 0x76, 0x9b, 0xac, 0x8a, 0x32, 0xac, 0xa0, 0xe8, 0x12, 0x94, 0xda, 0x09, 0x27, 0x30, 0x2e, + 0xb9, 0x08, 0xc6, 0x03, 0x30, 0x08, 0xc5, 0xe8, 0x44, 0x24, 0x14, 0xb7, 0xa0, 0xc2, 0xb8, 0x13, + 0x91, 0x10, 0x33, 0x48, 0x72, 0x9c, 0xd2, 0x83, 0x56, 0x6c, 0xab, 0xd4, 0x71, 0x4a, 0x21, 0x58, + 0xc3, 0x42, 0x75, 0x28, 0x47, 0x6a, 0x52, 0x87, 0x06, 0x9f, 0xd4, 0x09, 0x76, 0xde, 0xaa, 0x99, + 0x4c, 0x88, 0x18, 0xc7, 0xc0, 0x70, 0xdf, 0xf3, 0xf6, 0xeb, 0x05, 0x40, 0x7c, 0x08, 0xff, 0x9c, + 0x0d, 0xdc, 0x9d, 0xee, 0x81, 0xcb, 0xe4, 0xbc, 0x6e, 0x05, 0x4d, 0xc7, 0x4b, 0x1f, 0xe1, 0x27, + 0x35, 0x7a, 0xff, 0xcb, 0x82, 0xc7, 0x97, 0x5c, 0xbf, 0x45, 0xc2, 0x9c, 0x05, 0xf8, 0x70, 0x04, + 0x90, 0xe3, 0x9d, 0xf4, 0xc6, 0x12, 0x2b, 0x9d, 0xc0, 0x12, 0xb3, 0xff, 0xc8, 0x02, 0xc4, 0x3f, + 0xfb, 0x23, 0xf7, 0xb1, 0x77, 0xba, 0x3f, 0xf6, 0x04, 0x96, 0x85, 0x7d, 0x0b, 0x26, 0x97, 0x3c, + 0x97, 0xf8, 0x71, 0xad, 0xbe, 0x14, 0xf8, 0x9b, 0xee, 0x16, 0xfa, 0x0c, 0x4c, 0x52, 0x99, 0x36, + 0xe8, 0xc4, 0x0d, 0xd2, 0x0c, 0x7c, 0xc6, 0xfe, 0x53, 0x49, 0x10, 0x1d, 0x1e, 0x54, 0x26, 0xd7, + 0x0d, 0x08, 0x4e, 0x61, 0xda, 0xbf, 0x43, 0xc7, 0x2f, 0xd8, 0x6d, 0x07, 0x3e, 0xf1, 0xe3, 0xa5, + 0xc0, 0x6f, 0x71, 0x31, 0xf1, 0x33, 0x50, 0x8a, 0xe9, 0x78, 0xf0, 0xb1, 0xbb, 0x2c, 0x37, 0x0a, + 0x1d, 0x85, 0xa3, 0x83, 0xca, 0x23, 0xdd, 0x35, 0xd8, 0x38, 0xb1, 0x3a, 0xe8, 0xdb, 0x60, 0x38, + 0x8a, 0x9d, 0xb8, 0x13, 0x89, 0xd1, 0x7c, 0x42, 0x8e, 0x66, 0x83, 0x95, 0x1e, 0x1d, 0x54, 0xa6, + 0x54, 0x35, 0x5e, 0x84, 0x45, 0x05, 0xf4, 0x34, 0x8c, 0xec, 0x92, 0x28, 0x72, 0xb6, 0x24, 0x87, + 0x3f, 0x25, 0xea, 0x8e, 0xac, 0xf2, 0x62, 0x2c, 0xe1, 0xe8, 0x49, 0x18, 0x22, 0x61, 0x18, 0x84, + 0x62, 0x8f, 0x4e, 0x08, 0xc4, 0xa1, 0x65, 0x5a, 0x88, 0x39, 0xcc, 0xfe, 0x77, 0x16, 0x4c, 0xa9, + 0xbe, 0xf2, 0xb6, 0x4e, 0x81, 0x95, 0x7b, 0x1b, 0xa0, 0x29, 0x3f, 0x30, 0x62, 0xb7, 0xc7, 0xd8, + 0xb5, 0xcb, 0x99, 0x0c, 0x4a, 0xd7, 0x30, 0x26, 0x94, 0x55, 0x51, 0x84, 0x35, 0x6a, 0xf6, 0xaf, + 0x5a, 0x70, 0x26, 0xf5, 0x45, 0xb7, 0xdc, 0x28, 0x46, 0xef, 0x74, 0x7d, 0xd5, 0xfc, 0x60, 0x5f, + 0x45, 0x6b, 0xb3, 0x6f, 0x52, 0x4b, 0x59, 0x96, 0x68, 0x5f, 0x74, 0x03, 0x86, 0xdc, 0x98, 0xec, + 0xca, 0x8f, 0x79, 0xb2, 0xe7, 0xc7, 0xf0, 0x5e, 0x25, 0x33, 0x52, 0xa3, 0x35, 0x31, 0x27, 0x60, + 0xff, 0x8d, 0x22, 0x94, 0xf9, 0xb2, 0x5d, 0x75, 0xda, 0xa7, 0x30, 0x17, 0x35, 0x28, 0x31, 0xea, + 0xbc, 0xe3, 0x4f, 0x65, 0x77, 0x5c, 0x74, 0x67, 0x9e, 0xca, 0x69, 0x9c, 0x15, 0x54, 0x57, 0x03, + 0x2d, 0xc2, 0x8c, 0x04, 0x72, 0x00, 0x36, 0x5c, 0xdf, 0x09, 0xf7, 0x69, 0xd9, 0x6c, 0x91, 0x11, + 0x7c, 0xae, 0x37, 0xc1, 0x45, 0x85, 0xcf, 0xc9, 0xaa, 0xbe, 0x26, 0x00, 0xac, 0x11, 0x9d, 0x7b, + 0x19, 0xca, 0x0a, 0xf9, 0x38, 0x3c, 0xce, 0xdc, 0x67, 0x61, 0x2a, 0xd5, 0x56, 0xbf, 0xea, 0xe3, + 0x3a, 0x8b, 0xf4, 0xcb, 0xec, 0x14, 0x10, 0xbd, 0x5e, 0xf6, 0xf7, 0xc4, 0x29, 0xfa, 0x3e, 0x9c, + 0xf5, 0x32, 0x0e, 0x27, 0x31, 0x55, 0x83, 0x1f, 0x66, 0x8f, 0x8b, 0xcf, 0x3e, 0x9b, 0x05, 0xc5, + 0x99, 0x6d, 0xd0, 0x6b, 0x3f, 0x68, 0xd3, 0x35, 0xef, 0x78, 0xac, 0xbf, 0x42, 0xfa, 0xbe, 0x2d, + 0xca, 0xb0, 0x82, 0xd2, 0x23, 0xec, 0xac, 0xea, 0xfc, 0x4d, 0xb2, 0xdf, 0x20, 0x1e, 0x69, 0xc6, + 0x41, 0xf8, 0xa1, 0x76, 0xff, 0x02, 0x1f, 0x7d, 0x7e, 0x02, 0x8e, 0x09, 0x02, 0xc5, 0x9b, 0x64, + 0x9f, 0x4f, 0x85, 0xfe, 0x75, 0xc5, 0x9e, 0x5f, 0xf7, 0xb3, 0x16, 0x4c, 0xa8, 0xaf, 0x3b, 0x85, + 0xad, 0xbe, 0x68, 0x6e, 0xf5, 0x0b, 0x3d, 0x17, 0x78, 0xce, 0x26, 0xff, 0x7a, 0x01, 0xce, 0x2b, + 0x1c, 0xca, 0xee, 0xf3, 0x3f, 0x62, 0x55, 0x5d, 0x85, 0xb2, 0xaf, 0xb4, 0x07, 0x96, 0x29, 0xb6, + 0x27, 0xba, 0x83, 0x04, 0x87, 0x72, 0x6d, 0x7e, 0x22, 0xe2, 0x8f, 0xeb, 0x6a, 0x35, 0xa1, 0x42, + 0x5b, 0x84, 0x62, 0xc7, 0x6d, 0x89, 0x3b, 0xe3, 0x53, 0x72, 0xb4, 0xef, 0xd4, 0xaa, 0x47, 0x07, + 0x95, 0x27, 0xf2, 0x54, 0xba, 0xf4, 0xb2, 0x8a, 0xe6, 0xef, 0xd4, 0xaa, 0x98, 0x56, 0x46, 0x0b, + 0x30, 0x25, 0xb5, 0xd6, 0x77, 0x29, 0x07, 0x15, 0xf8, 0xe2, 0x6a, 0x51, 0xba, 0x31, 0x6c, 0x82, + 0x71, 0x1a, 0x1f, 0x55, 0x61, 0x7a, 0xa7, 0xb3, 0x41, 0x3c, 0x12, 0xf3, 0x0f, 0xbe, 0x49, 0xb8, + 0xe6, 0xa8, 0x9c, 0x88, 0x96, 0x37, 0x53, 0x70, 0xdc, 0x55, 0xc3, 0xfe, 0x33, 0x76, 0xc4, 0x8b, + 0xd1, 0xab, 0x87, 0x01, 0x5d, 0x58, 0x94, 0xfa, 0x87, 0xb9, 0x9c, 0x07, 0x59, 0x15, 0x37, 0xc9, + 0xfe, 0x7a, 0x40, 0x99, 0xed, 0xec, 0x55, 0x61, 0xac, 0xf9, 0x52, 0xcf, 0x35, 0xff, 0xf3, 0x05, + 0x38, 0xa7, 0x46, 0xc0, 0xe0, 0xeb, 0xfe, 0xbc, 0x8f, 0xc1, 0xf3, 0x30, 0xd6, 0x22, 0x9b, 0x4e, + 0xc7, 0x8b, 0x95, 0x1a, 0x73, 0x88, 0xab, 0xb2, 0xab, 0x49, 0x31, 0xd6, 0x71, 0x8e, 0x31, 0x6c, + 0x3f, 0x31, 0xc6, 0xee, 0xd6, 0xd8, 0xa1, 0x6b, 0x5c, 0xed, 0x1a, 0x2b, 0x77, 0xd7, 0x3c, 0x09, + 0x43, 0xee, 0x2e, 0xe5, 0xb5, 0x0a, 0x26, 0x0b, 0x55, 0xa3, 0x85, 0x98, 0xc3, 0xd0, 0x27, 0x60, + 0xa4, 0x19, 0xec, 0xee, 0x3a, 0x7e, 0x8b, 0x5d, 0x79, 0xe5, 0xc5, 0x31, 0xca, 0x8e, 0x2d, 0xf1, + 0x22, 0x2c, 0x61, 0xe8, 0x71, 0x28, 0x39, 0xe1, 0x56, 0x34, 0x5b, 0x62, 0x38, 0xa3, 0xb4, 0xa5, + 0x85, 0x70, 0x2b, 0xc2, 0xac, 0x94, 0x4a, 0x55, 0xf7, 0x82, 0x70, 0xc7, 0xf5, 0xb7, 0xaa, 0x6e, + 0x28, 0xb6, 0x84, 0xba, 0x0b, 0xdf, 0x52, 0x10, 0xac, 0x61, 0xa1, 0x15, 0x18, 0x6a, 0x07, 0x61, + 0x1c, 0xcd, 0x0e, 0xb3, 0xe1, 0x7e, 0x22, 0xe7, 0x20, 0xe2, 0x5f, 0x5b, 0x0f, 0xc2, 0x38, 0xf9, + 0x00, 0xfa, 0x2f, 0xc2, 0xbc, 0x3a, 0xfa, 0x36, 0x28, 0x12, 0x7f, 0x6f, 0x76, 0x84, 0x51, 0x99, + 0xcb, 0xa2, 0xb2, 0xec, 0xef, 0xdd, 0x75, 0xc2, 0xe4, 0x94, 0x5e, 0xf6, 0xf7, 0x30, 0xad, 0x83, + 0x3e, 0x0f, 0x65, 0xb9, 0xc5, 0x23, 0xa1, 0xe6, 0xc8, 0x5c, 0x62, 0xf2, 0x60, 0xc0, 0xe4, 0xbd, + 0x8e, 0x1b, 0x92, 0x5d, 0xe2, 0xc7, 0x51, 0x72, 0xa6, 0x49, 0x68, 0x84, 0x13, 0x6a, 0xe8, 0xf3, + 0x52, 0xb7, 0xb6, 0x1a, 0x74, 0xfc, 0x38, 0x9a, 0x2d, 0xb3, 0xee, 0x65, 0xbe, 0x7a, 0xdc, 0x4d, + 0xf0, 0xd2, 0xca, 0x37, 0x5e, 0x19, 0x1b, 0xa4, 0x10, 0x86, 0x09, 0xcf, 0xdd, 0x23, 0x3e, 0x89, + 0xa2, 0x7a, 0x18, 0x6c, 0x90, 0x59, 0x60, 0x3d, 0x3f, 0x9f, 0xfd, 0x18, 0x10, 0x6c, 0x90, 0xc5, + 0x99, 0xc3, 0x83, 0xca, 0xc4, 0x2d, 0xbd, 0x0e, 0x36, 0x49, 0xa0, 0x3b, 0x30, 0x49, 0xe5, 0x1a, + 0x37, 0x21, 0x3a, 0xd6, 0x8f, 0x28, 0x93, 0x3e, 0xb0, 0x51, 0x09, 0xa7, 0x88, 0xa0, 0x37, 0xa0, + 0xec, 0xb9, 0x9b, 0xa4, 0xb9, 0xdf, 0xf4, 0xc8, 0xec, 0x38, 0xa3, 0x98, 0xb9, 0xad, 0x6e, 0x49, + 0x24, 0x2e, 0x17, 0xa9, 0xbf, 0x38, 0xa9, 0x8e, 0xee, 0xc2, 0x23, 0x31, 0x09, 0x77, 0x5d, 0xdf, + 0xa1, 0xdb, 0x41, 0xc8, 0x0b, 0xec, 0x49, 0x65, 0x82, 0xad, 0xb7, 0x8b, 0x62, 0xe8, 0x1e, 0x59, + 0xcf, 0xc4, 0xc2, 0x39, 0xb5, 0xd1, 0x6d, 0x98, 0x62, 0x3b, 0xa1, 0xde, 0xf1, 0xbc, 0x7a, 0xe0, + 0xb9, 0xcd, 0xfd, 0xd9, 0x49, 0x46, 0xf0, 0x13, 0xf2, 0x5e, 0xa8, 0x99, 0xe0, 0xa3, 0x83, 0x0a, + 0x24, 0xff, 0x70, 0xba, 0x36, 0xda, 0x60, 0x3a, 0xf4, 0x4e, 0xe8, 0xc6, 0xfb, 0x74, 0xfd, 0x92, + 0xfb, 0xf1, 0xec, 0x54, 0x4f, 0x51, 0x58, 0x47, 0x55, 0x8a, 0x76, 0xbd, 0x10, 0xa7, 0x09, 0xd2, + 0xad, 0x1d, 0xc5, 0x2d, 0xd7, 0x9f, 0x9d, 0x66, 0x27, 0x86, 0xda, 0x19, 0x0d, 0x5a, 0x88, 0x39, + 0x8c, 0xe9, 0xcf, 0xe9, 0x8f, 0xdb, 0xf4, 0x04, 0x9d, 0x61, 0x88, 0x89, 0xfe, 0x5c, 0x02, 0x70, + 0x82, 0x43, 0x99, 0x9a, 0x38, 0xde, 0x9f, 0x45, 0x0c, 0x55, 0x6d, 0x97, 0xf5, 0xf5, 0xcf, 0x63, + 0x5a, 0x8e, 0x6e, 0xc1, 0x08, 0xf1, 0xf7, 0x56, 0xc2, 0x60, 0x77, 0xf6, 0x4c, 0xfe, 0x9e, 0x5d, + 0xe6, 0x28, 0xfc, 0x40, 0x4f, 0x04, 0x3c, 0x51, 0x8c, 0x25, 0x09, 0x74, 0x1f, 0x66, 0x33, 0x66, + 0x84, 0x4f, 0xc0, 0x59, 0x36, 0x01, 0xaf, 0x89, 0xba, 0xb3, 0xeb, 0x39, 0x78, 0x47, 0x3d, 0x60, + 0x38, 0x97, 0x3a, 0xfa, 0x02, 0x4c, 0xf0, 0x0d, 0xc5, 0x1f, 0xdf, 0xa2, 0xd9, 0x73, 0xec, 0x6b, + 0x2e, 0xe5, 0x6f, 0x4e, 0x8e, 0xb8, 0x78, 0x4e, 0x74, 0x68, 0x42, 0x2f, 0x8d, 0xb0, 0x49, 0xcd, + 0xde, 0x80, 0x49, 0x75, 0x6e, 0xb1, 0xa5, 0x83, 0x2a, 0x30, 0xc4, 0xb8, 0x1d, 0xa1, 0xdf, 0x2a, + 0xd3, 0x99, 0x62, 0x9c, 0x10, 0xe6, 0xe5, 0x6c, 0xa6, 0xdc, 0xf7, 0xc9, 0xe2, 0x7e, 0x4c, 0xb8, + 0x54, 0x5d, 0xd4, 0x66, 0x4a, 0x02, 0x70, 0x82, 0x63, 0xff, 0x5f, 0xce, 0x35, 0x26, 0x87, 0xe3, + 0x00, 0xd7, 0xc1, 0xb3, 0x30, 0xba, 0x1d, 0x44, 0x31, 0xc5, 0x66, 0x6d, 0x0c, 0x25, 0x7c, 0xe2, + 0x0d, 0x51, 0x8e, 0x15, 0x06, 0x7a, 0x15, 0x26, 0x9a, 0x7a, 0x03, 0xe2, 0x2e, 0x53, 0x43, 0x60, + 0xb4, 0x8e, 0x4d, 0x5c, 0xf4, 0x0a, 0x8c, 0xb2, 0xa7, 0xf3, 0x66, 0xe0, 0x09, 0x26, 0x4b, 0x5e, + 0xc8, 0xa3, 0x75, 0x51, 0x7e, 0xa4, 0xfd, 0xc6, 0x0a, 0x1b, 0x5d, 0x86, 0x61, 0xda, 0x85, 0x5a, + 0x5d, 0xdc, 0x22, 0x4a, 0x55, 0x73, 0x83, 0x95, 0x62, 0x01, 0xb5, 0xff, 0x7a, 0x41, 0x1b, 0x65, + 0x2a, 0x91, 0x12, 0x54, 0x87, 0x91, 0x7b, 0x8e, 0x1b, 0xbb, 0xfe, 0x96, 0x60, 0x17, 0x9e, 0xee, + 0x79, 0xa5, 0xb0, 0x4a, 0x6f, 0xf1, 0x0a, 0xfc, 0xd2, 0x13, 0x7f, 0xb0, 0x24, 0x43, 0x29, 0x86, + 0x1d, 0xdf, 0xa7, 0x14, 0x0b, 0x83, 0x52, 0xc4, 0xbc, 0x02, 0xa7, 0x28, 0xfe, 0x60, 0x49, 0x06, + 0xbd, 0x03, 0x20, 0x97, 0x25, 0x69, 0x89, 0x27, 0xeb, 0x67, 0xfb, 0x13, 0x5d, 0x57, 0x75, 0x16, + 0x27, 0xe9, 0x95, 0x9a, 0xfc, 0xc7, 0x1a, 0x3d, 0x3b, 0x66, 0x6c, 0x55, 0x77, 0x67, 0xd0, 0x77, + 0xd2, 0x93, 0xc0, 0x09, 0x63, 0xd2, 0x5a, 0x88, 0xc5, 0xe0, 0x7c, 0x72, 0x30, 0x99, 0x62, 0xdd, + 0xdd, 0x25, 0xfa, 0xa9, 0x21, 0x88, 0xe0, 0x84, 0x9e, 0xfd, 0x8b, 0x45, 0x98, 0xcd, 0xeb, 0x2e, + 0x5d, 0x74, 0xe4, 0xbe, 0x1b, 0x2f, 0x51, 0x6e, 0xc8, 0x32, 0x17, 0xdd, 0xb2, 0x28, 0xc7, 0x0a, + 0x83, 0xce, 0x7e, 0xe4, 0x6e, 0x49, 0x91, 0x70, 0x28, 0x99, 0xfd, 0x06, 0x2b, 0xc5, 0x02, 0x4a, + 0xf1, 0x42, 0xe2, 0x44, 0xc2, 0x26, 0x42, 0x5b, 0x25, 0x98, 0x95, 0x62, 0x01, 0xd5, 0xf5, 0x4d, + 0xa5, 0x3e, 0xfa, 0x26, 0x63, 0x88, 0x86, 0x4e, 0x76, 0x88, 0xd0, 0x17, 0x01, 0x36, 0x5d, 0xdf, + 0x8d, 0xb6, 0x19, 0xf5, 0xe1, 0x63, 0x53, 0x57, 0xbc, 0xd4, 0x8a, 0xa2, 0x82, 0x35, 0x8a, 0xe8, + 0x25, 0x18, 0x53, 0x1b, 0xb0, 0x56, 0x65, 0x0f, 0x44, 0xda, 0x83, 0x7b, 0x72, 0x1a, 0x55, 0xb1, + 0x8e, 0x67, 0xbf, 0x9b, 0x5e, 0x2f, 0x62, 0x07, 0x68, 0xe3, 0x6b, 0x0d, 0x3a, 0xbe, 0x85, 0xde, + 0xe3, 0x6b, 0xff, 0x7a, 0x11, 0xa6, 0x8c, 0xc6, 0x3a, 0xd1, 0x00, 0x67, 0xd6, 0x75, 0x7a, 0xcf, + 0x39, 0x31, 0x11, 0xfb, 0xcf, 0xee, 0xbf, 0x55, 0xf4, 0xbb, 0x90, 0xee, 0x00, 0x5e, 0x1f, 0x7d, + 0x11, 0xca, 0x9e, 0x13, 0x31, 0xdd, 0x15, 0x11, 0xfb, 0x6e, 0x10, 0x62, 0x89, 0x1c, 0xe1, 0x44, + 0xb1, 0x76, 0xd5, 0x70, 0xda, 0x09, 0x49, 0x7a, 0x21, 0x53, 0xde, 0x47, 0x1a, 0xdd, 0xa8, 0x4e, + 0x50, 0x06, 0x69, 0x1f, 0x73, 0x18, 0x7a, 0x05, 0xc6, 0x43, 0xc2, 0x56, 0xc5, 0x12, 0x65, 0xe5, + 0xd8, 0x32, 0x1b, 0x4a, 0x78, 0x3e, 0xac, 0xc1, 0xb0, 0x81, 0x99, 0xb0, 0xf2, 0xc3, 0x3d, 0x58, + 0xf9, 0xa7, 0x61, 0x84, 0xfd, 0x50, 0x2b, 0x40, 0xcd, 0x46, 0x8d, 0x17, 0x63, 0x09, 0x4f, 0x2f, + 0x98, 0xd1, 0x01, 0x17, 0xcc, 0x27, 0x61, 0xb2, 0xea, 0x90, 0xdd, 0xc0, 0x5f, 0xf6, 0x5b, 0xed, + 0xc0, 0xf5, 0x63, 0x34, 0x0b, 0x25, 0x76, 0x3b, 0xf0, 0xbd, 0x5d, 0xa2, 0x14, 0x70, 0x89, 0x32, + 0xe6, 0xf6, 0x16, 0x9c, 0xab, 0x06, 0xf7, 0xfc, 0x7b, 0x4e, 0xd8, 0x5a, 0xa8, 0xd7, 0x34, 0x39, + 0x77, 0x4d, 0xca, 0x59, 0xdc, 0x88, 0x25, 0xf3, 0x4c, 0xd5, 0x6a, 0xf2, 0xbb, 0x76, 0xc5, 0xf5, + 0x48, 0x8e, 0x36, 0xe2, 0x6f, 0x15, 0x8c, 0x96, 0x12, 0x7c, 0xf5, 0x60, 0x64, 0xe5, 0x3e, 0x18, + 0xbd, 0x09, 0xa3, 0x9b, 0x2e, 0xf1, 0x5a, 0x98, 0x6c, 0x8a, 0x25, 0xf6, 0x54, 0xfe, 0xbb, 0xfc, + 0x0a, 0xc5, 0x94, 0xda, 0x27, 0x2e, 0xa5, 0xad, 0x88, 0xca, 0x58, 0x91, 0x41, 0x3b, 0x30, 0x2d, + 0xc5, 0x00, 0x09, 0x15, 0x0b, 0xee, 0xe9, 0x5e, 0xb2, 0x85, 0x49, 0xfc, 0xec, 0xe1, 0x41, 0x65, + 0x1a, 0xa7, 0xc8, 0xe0, 0x2e, 0xc2, 0x54, 0x2c, 0xdb, 0xa5, 0x47, 0x6b, 0x89, 0x0d, 0x3f, 0x13, + 0xcb, 0x98, 0x84, 0xc9, 0x4a, 0xed, 0x1f, 0xb5, 0xe0, 0xd1, 0xae, 0x91, 0x11, 0x92, 0xf6, 0x09, + 0xcf, 0x42, 0x5a, 0xf2, 0x2d, 0xf4, 0x97, 0x7c, 0xed, 0x7f, 0x68, 0xc1, 0xd9, 0xe5, 0xdd, 0x76, + 0xbc, 0x5f, 0x75, 0xcd, 0xd7, 0x9d, 0x97, 0x61, 0x78, 0x97, 0xb4, 0xdc, 0xce, 0xae, 0x98, 0xb9, + 0x8a, 0x3c, 0x7e, 0x56, 0x59, 0xe9, 0xd1, 0x41, 0x65, 0xa2, 0x11, 0x07, 0xa1, 0xb3, 0x45, 0x78, + 0x01, 0x16, 0xe8, 0xec, 0x10, 0x77, 0xdf, 0x27, 0xb7, 0xdc, 0x5d, 0x57, 0xda, 0x59, 0xf4, 0xd4, + 0x9d, 0xcd, 0xcb, 0x01, 0x9d, 0x7f, 0xb3, 0xe3, 0xf8, 0xb1, 0x1b, 0xef, 0x8b, 0x87, 0x19, 0x49, + 0x04, 0x27, 0xf4, 0xec, 0x6f, 0x5a, 0x30, 0x25, 0xd7, 0xfd, 0x42, 0xab, 0x15, 0x92, 0x28, 0x42, + 0x73, 0x50, 0x70, 0xdb, 0xa2, 0x97, 0x20, 0x7a, 0x59, 0xa8, 0xd5, 0x71, 0xc1, 0x6d, 0xa3, 0x3a, + 0x94, 0xb9, 0xb9, 0x46, 0xb2, 0xb8, 0x06, 0x32, 0xfa, 0x60, 0x3d, 0x58, 0x97, 0x35, 0x71, 0x42, + 0x44, 0x72, 0x70, 0xec, 0xcc, 0x2c, 0x9a, 0xaf, 0x5e, 0x37, 0x44, 0x39, 0x56, 0x18, 0xe8, 0x0a, + 0x8c, 0xfa, 0x41, 0x8b, 0x5b, 0xcf, 0xf0, 0xdb, 0x8f, 0x2d, 0xd9, 0x35, 0x51, 0x86, 0x15, 0xd4, + 0xfe, 0x21, 0x0b, 0xc6, 0xe5, 0x97, 0x0d, 0xc8, 0x4c, 0xd2, 0xad, 0x95, 0x30, 0x92, 0xc9, 0xd6, + 0xa2, 0xcc, 0x20, 0x83, 0x18, 0x3c, 0x60, 0xf1, 0x38, 0x3c, 0xa0, 0xfd, 0x23, 0x05, 0x98, 0x94, + 0xdd, 0x69, 0x74, 0x36, 0x22, 0x12, 0xa3, 0x75, 0x28, 0x3b, 0x7c, 0xc8, 0x89, 0x5c, 0xb1, 0x4f, + 0x66, 0x0b, 0x1f, 0xc6, 0xfc, 0x24, 0xd7, 0xf2, 0x82, 0xac, 0x8d, 0x13, 0x42, 0xc8, 0x83, 0x19, + 0x3f, 0x88, 0xd9, 0x11, 0xad, 0xe0, 0xbd, 0x9e, 0x40, 0xd2, 0xd4, 0xcf, 0x0b, 0xea, 0x33, 0x6b, + 0x69, 0x2a, 0xb8, 0x9b, 0x30, 0x5a, 0x96, 0x0a, 0x8f, 0x62, 0xbe, 0xb8, 0xa1, 0xcf, 0x42, 0xb6, + 0xbe, 0xc3, 0xfe, 0x15, 0x0b, 0xca, 0x12, 0xed, 0x34, 0x5e, 0xbb, 0x56, 0x61, 0x24, 0x62, 0x93, + 0x20, 0x87, 0xc6, 0xee, 0xd5, 0x71, 0x3e, 0x5f, 0xc9, 0xcd, 0xc3, 0xff, 0x47, 0x58, 0xd2, 0x60, + 0xfa, 0x6e, 0xd5, 0xfd, 0x8f, 0x88, 0xbe, 0x5b, 0xf5, 0x27, 0xe7, 0x86, 0xf9, 0x6f, 0xac, 0xcf, + 0x9a, 0x58, 0x4b, 0x19, 0xa4, 0x76, 0x48, 0x36, 0xdd, 0xfb, 0x69, 0x06, 0xa9, 0xce, 0x4a, 0xb1, + 0x80, 0xa2, 0x77, 0x60, 0xbc, 0x29, 0x15, 0x9d, 0xc9, 0x31, 0x70, 0xb9, 0xa7, 0xd2, 0x5d, 0xbd, + 0xcf, 0x70, 0xcb, 0xda, 0x25, 0xad, 0x3e, 0x36, 0xa8, 0x99, 0xcf, 0xed, 0xc5, 0x7e, 0xcf, 0xed, + 0x09, 0xdd, 0xfc, 0xc7, 0xe7, 0x1f, 0xb3, 0x60, 0x98, 0xab, 0xcb, 0x06, 0xd3, 0x2f, 0x6a, 0xcf, + 0x55, 0xc9, 0xd8, 0xdd, 0xa5, 0x85, 0xe2, 0xf9, 0x09, 0xad, 0x42, 0x99, 0xfd, 0x60, 0x6a, 0x83, + 0x62, 0xbe, 0x49, 0x31, 0x6f, 0x55, 0xef, 0xe0, 0x5d, 0x59, 0x0d, 0x27, 0x14, 0xec, 0xaf, 0x15, + 0xe9, 0x51, 0x95, 0xa0, 0x1a, 0x37, 0xb8, 0xf5, 0xf0, 0x6e, 0xf0, 0xc2, 0xc3, 0xba, 0xc1, 0xb7, + 0x60, 0xaa, 0xa9, 0x3d, 0x6e, 0x25, 0x33, 0x79, 0xa5, 0xe7, 0x22, 0xd1, 0xde, 0xc1, 0xb8, 0xca, + 0x68, 0xc9, 0x24, 0x82, 0xd3, 0x54, 0xd1, 0x77, 0xc2, 0x38, 0x9f, 0x67, 0xd1, 0x0a, 0xb7, 0x58, + 0xf8, 0x44, 0xfe, 0x7a, 0xd1, 0x9b, 0x60, 0x2b, 0xb1, 0xa1, 0x55, 0xc7, 0x06, 0x31, 0xfb, 0x17, + 0x47, 0x61, 0x68, 0x79, 0x8f, 0xf8, 0xf1, 0x29, 0x1c, 0x48, 0x4d, 0x98, 0x74, 0xfd, 0xbd, 0xc0, + 0xdb, 0x23, 0x2d, 0x0e, 0x3f, 0xce, 0xe5, 0xfa, 0x88, 0x20, 0x3d, 0x59, 0x33, 0x48, 0xe0, 0x14, + 0xc9, 0x87, 0x21, 0x61, 0x5e, 0x87, 0x61, 0x3e, 0xf7, 0x42, 0xbc, 0xcc, 0x54, 0x06, 0xb3, 0x41, + 0x14, 0xbb, 0x20, 0x91, 0x7e, 0xb9, 0xf6, 0x59, 0x54, 0x47, 0xef, 0xc2, 0xe4, 0xa6, 0x1b, 0x46, + 0x31, 0x15, 0x0d, 0xa3, 0xd8, 0xd9, 0x6d, 0x3f, 0x80, 0x44, 0xa9, 0xc6, 0x61, 0xc5, 0xa0, 0x84, + 0x53, 0x94, 0xd1, 0x16, 0x4c, 0x50, 0x21, 0x27, 0x69, 0x6a, 0xe4, 0xd8, 0x4d, 0x29, 0x95, 0xd1, + 0x2d, 0x9d, 0x10, 0x36, 0xe9, 0xd2, 0xc3, 0xa4, 0xc9, 0x84, 0xa2, 0x51, 0xc6, 0x51, 0xa8, 0xc3, + 0x84, 0x4b, 0x43, 0x1c, 0x46, 0xcf, 0x24, 0x66, 0xb6, 0x52, 0x36, 0xcf, 0x24, 0xcd, 0x38, 0xe5, + 0x4b, 0x50, 0x26, 0x74, 0x08, 0x29, 0x61, 0xa1, 0x18, 0xbf, 0x3a, 0x58, 0x5f, 0x57, 0xdd, 0x66, + 0x18, 0x98, 0xb2, 0xfc, 0xb2, 0xa4, 0x84, 0x13, 0xa2, 0x68, 0x09, 0x86, 0x23, 0x12, 0xba, 0x24, + 0x12, 0x2a, 0xf2, 0x1e, 0xd3, 0xc8, 0xd0, 0xb8, 0xed, 0x39, 0xff, 0x8d, 0x45, 0x55, 0xba, 0xbc, + 0x1c, 0x26, 0x0d, 0x31, 0xad, 0xb8, 0xb6, 0xbc, 0x16, 0x58, 0x29, 0x16, 0x50, 0xf4, 0x06, 0x8c, + 0x84, 0xc4, 0x63, 0xca, 0xa2, 0x89, 0xc1, 0x17, 0x39, 0xd7, 0x3d, 0xf1, 0x7a, 0x58, 0x12, 0x40, + 0x37, 0x01, 0x85, 0x84, 0xf2, 0x10, 0xae, 0xbf, 0xa5, 0x8c, 0x39, 0x84, 0xae, 0xfb, 0x31, 0xd1, + 0xfe, 0x19, 0x9c, 0x60, 0x48, 0xab, 0x54, 0x9c, 0x51, 0x0d, 0x5d, 0x87, 0x19, 0x55, 0x5a, 0xf3, + 0xa3, 0xd8, 0xf1, 0x9b, 0x84, 0xa9, 0xb9, 0xcb, 0x09, 0x57, 0x84, 0xd3, 0x08, 0xb8, 0xbb, 0x8e, + 0xfd, 0xd3, 0x94, 0x9d, 0xa1, 0xa3, 0x75, 0x0a, 0xbc, 0xc0, 0xeb, 0x26, 0x2f, 0x70, 0x3e, 0x77, + 0xe6, 0x72, 0xf8, 0x80, 0x43, 0x0b, 0xc6, 0xb4, 0x99, 0x4d, 0xd6, 0xac, 0xd5, 0x63, 0xcd, 0x76, + 0x60, 0x9a, 0xae, 0xf4, 0xdb, 0x1b, 0x11, 0x09, 0xf7, 0x48, 0x8b, 0x2d, 0xcc, 0xc2, 0x83, 0x2d, + 0x4c, 0xf5, 0xca, 0x7c, 0x2b, 0x45, 0x10, 0x77, 0x35, 0x81, 0x5e, 0x96, 0x9a, 0x93, 0xa2, 0x61, + 0xa4, 0xc5, 0xb5, 0x22, 0x47, 0x07, 0x95, 0x69, 0xed, 0x43, 0x74, 0x4d, 0x89, 0xfd, 0x25, 0xf9, + 0x8d, 0xea, 0x35, 0xbf, 0xa9, 0x16, 0x4b, 0xea, 0x35, 0x5f, 0x2d, 0x07, 0x9c, 0xe0, 0xd0, 0x3d, + 0x4a, 0x45, 0x90, 0xf4, 0x6b, 0x3e, 0x15, 0x50, 0x30, 0x83, 0xd8, 0x2f, 0x00, 0x2c, 0xdf, 0x27, + 0x4d, 0xbe, 0xd4, 0xf5, 0x07, 0x48, 0x2b, 0xff, 0x01, 0xd2, 0xfe, 0x0f, 0x16, 0x4c, 0xae, 0x2c, + 0x19, 0x62, 0xe2, 0x3c, 0x00, 0x97, 0x8d, 0xde, 0x7a, 0x6b, 0x4d, 0xea, 0xd6, 0xb9, 0x7a, 0x54, + 0x95, 0x62, 0x0d, 0x03, 0x9d, 0x87, 0xa2, 0xd7, 0xf1, 0x85, 0xc8, 0x32, 0x72, 0x78, 0x50, 0x29, + 0xde, 0xea, 0xf8, 0x98, 0x96, 0x69, 0x16, 0x82, 0xc5, 0x81, 0x2d, 0x04, 0xfb, 0xba, 0x57, 0xa1, + 0x0a, 0x0c, 0xdd, 0xbb, 0xe7, 0xb6, 0xb8, 0x11, 0xbb, 0xd0, 0xfb, 0xbf, 0xf5, 0x56, 0xad, 0x1a, + 0x61, 0x5e, 0x6e, 0x7f, 0xb5, 0x08, 0x73, 0x2b, 0x1e, 0xb9, 0xff, 0x01, 0x0d, 0xf9, 0x07, 0xb5, + 0x6f, 0x3c, 0x1e, 0xbf, 0x78, 0x5c, 0x1b, 0xd6, 0xfe, 0xe3, 0xb1, 0x09, 0x23, 0xfc, 0x31, 0x5b, + 0x9a, 0xf5, 0xbf, 0x9a, 0xd5, 0x7a, 0xfe, 0x80, 0xcc, 0xf3, 0x47, 0x71, 0x61, 0xce, 0xaf, 0x6e, + 0x5a, 0x51, 0x8a, 0x25, 0xf1, 0xb9, 0xcf, 0xc0, 0xb8, 0x8e, 0x79, 0x2c, 0x6b, 0xf2, 0xbf, 0x54, + 0x84, 0x69, 0xda, 0x83, 0x87, 0x3a, 0x11, 0x77, 0xba, 0x27, 0xe2, 0xa4, 0x2d, 0x8a, 0xfb, 0xcf, + 0xc6, 0x3b, 0xe9, 0xd9, 0x78, 0x3e, 0x6f, 0x36, 0x4e, 0x7b, 0x0e, 0xbe, 0xd7, 0x82, 0x33, 0x2b, + 0x5e, 0xd0, 0xdc, 0x49, 0x59, 0xfd, 0xbe, 0x04, 0x63, 0xf4, 0x1c, 0x8f, 0x0c, 0x2f, 0x22, 0xc3, + 0xaf, 0x4c, 0x80, 0xb0, 0x8e, 0xa7, 0x55, 0xbb, 0x73, 0xa7, 0x56, 0xcd, 0x72, 0x47, 0x13, 0x20, + 0xac, 0xe3, 0xd9, 0xdf, 0xb0, 0xe0, 0xc2, 0xf5, 0xa5, 0xe5, 0x64, 0x29, 0x76, 0x79, 0xc4, 0x51, + 0x29, 0xb0, 0xa5, 0x75, 0x25, 0x91, 0x02, 0xab, 0xac, 0x17, 0x02, 0xfa, 0x51, 0xf1, 0xf6, 0xfc, + 0x29, 0x0b, 0xce, 0x5c, 0x77, 0x63, 0x7a, 0x2d, 0xa7, 0x7d, 0xb3, 0xe8, 0xbd, 0x1c, 0xb9, 0x71, + 0x10, 0xee, 0xa7, 0x7d, 0xb3, 0xb0, 0x82, 0x60, 0x0d, 0x8b, 0xb7, 0xbc, 0xe7, 0x32, 0x33, 0xaa, + 0x82, 0xa9, 0x8a, 0xc2, 0xa2, 0x1c, 0x2b, 0x0c, 0xfa, 0x61, 0x2d, 0x37, 0x64, 0xa2, 0xc4, 0xbe, + 0x38, 0x61, 0xd5, 0x87, 0x55, 0x25, 0x00, 0x27, 0x38, 0xf6, 0x1f, 0x5a, 0x50, 0xb9, 0xee, 0x75, + 0xa2, 0x98, 0x84, 0x9b, 0x51, 0xce, 0xe9, 0xf8, 0x02, 0x94, 0x89, 0x14, 0xdc, 0x45, 0xaf, 0x15, + 0xab, 0xa9, 0x24, 0x7a, 0xee, 0x22, 0xa6, 0xf0, 0x06, 0xf0, 0x21, 0x38, 0x9e, 0x11, 0xf8, 0x0a, + 0x20, 0xa2, 0xb7, 0xa5, 0xfb, 0xcc, 0x31, 0xe7, 0x9b, 0xe5, 0x2e, 0x28, 0xce, 0xa8, 0x61, 0xff, + 0xa8, 0x05, 0xe7, 0xd4, 0x07, 0x7f, 0xe4, 0x3e, 0xd3, 0xfe, 0xb9, 0x02, 0x4c, 0xdc, 0x58, 0x5f, + 0xaf, 0x5f, 0x27, 0xb1, 0xb8, 0xb6, 0xfb, 0xeb, 0xd6, 0xb1, 0xa6, 0x22, 0xec, 0x25, 0x05, 0x76, + 0x62, 0xd7, 0x9b, 0xe7, 0xae, 0xd7, 0xf3, 0x35, 0x3f, 0xbe, 0x1d, 0x36, 0xe2, 0xd0, 0xf5, 0xb7, + 0x32, 0x95, 0x8a, 0x92, 0xb9, 0x28, 0xe6, 0x31, 0x17, 0xe8, 0x05, 0x18, 0x66, 0xbe, 0xdf, 0x72, + 0x12, 0x1e, 0x53, 0x42, 0x14, 0x2b, 0x3d, 0x3a, 0xa8, 0x94, 0xef, 0xe0, 0x1a, 0xff, 0x83, 0x05, + 0x2a, 0xba, 0x03, 0x63, 0xdb, 0x71, 0xdc, 0xbe, 0x41, 0x9c, 0x16, 0x09, 0xe5, 0x71, 0x78, 0x31, + 0xeb, 0x38, 0xa4, 0x83, 0xc0, 0xd1, 0x92, 0x13, 0x24, 0x29, 0x8b, 0xb0, 0x4e, 0xc7, 0x6e, 0x00, + 0x24, 0xb0, 0x13, 0x52, 0xa8, 0xd8, 0xbf, 0x6f, 0xc1, 0x08, 0x77, 0xc3, 0x0b, 0xd1, 0x6b, 0x50, + 0x22, 0xf7, 0x49, 0x53, 0xb0, 0xca, 0x99, 0x1d, 0x4e, 0x38, 0x2d, 0xfe, 0x3c, 0x40, 0xff, 0x63, + 0x56, 0x0b, 0xdd, 0x80, 0x11, 0xda, 0xdb, 0xeb, 0xca, 0x27, 0xf1, 0x89, 0xbc, 0x2f, 0x56, 0xd3, + 0xce, 0x99, 0x33, 0x51, 0x84, 0x65, 0x75, 0xa6, 0xea, 0x6e, 0xb6, 0x1b, 0xf4, 0xc4, 0x8e, 0x7b, + 0x31, 0x16, 0xeb, 0x4b, 0x75, 0x8e, 0x24, 0xa8, 0x71, 0x55, 0xb7, 0x2c, 0xc4, 0x09, 0x11, 0x7b, + 0x1d, 0xca, 0x74, 0x52, 0x17, 0x3c, 0xd7, 0xe9, 0xad, 0x65, 0x7f, 0x06, 0xca, 0x52, 0xe3, 0x1d, + 0x09, 0x4f, 0x2e, 0x46, 0x55, 0x2a, 0xc4, 0x23, 0x9c, 0xc0, 0xed, 0x4d, 0x38, 0xcb, 0x4c, 0x1d, + 0x9c, 0x78, 0xdb, 0xd8, 0x63, 0xfd, 0x17, 0xf3, 0xb3, 0x42, 0xf2, 0xe4, 0x33, 0x33, 0xab, 0x39, + 0x4b, 0x8c, 0x4b, 0x8a, 0x89, 0x14, 0x6a, 0xff, 0x41, 0x09, 0x1e, 0xab, 0x35, 0xf2, 0x3d, 0x34, + 0x5f, 0x81, 0x71, 0xce, 0x97, 0xd2, 0xa5, 0xed, 0x78, 0xa2, 0x5d, 0xf5, 0x10, 0xb8, 0xae, 0xc1, + 0xb0, 0x81, 0x89, 0x2e, 0x40, 0xd1, 0x7d, 0xcf, 0x4f, 0xdb, 0x1d, 0xd7, 0xde, 0x5c, 0xc3, 0xb4, + 0x9c, 0x82, 0x29, 0x8b, 0xcb, 0xef, 0x0e, 0x05, 0x56, 0x6c, 0xee, 0xeb, 0x30, 0xe9, 0x46, 0xcd, + 0xc8, 0xad, 0xf9, 0xf4, 0x9c, 0xd1, 0x4e, 0x2a, 0xa5, 0x15, 0xa1, 0x9d, 0x56, 0x50, 0x9c, 0xc2, + 0xd6, 0x2e, 0xb2, 0xa1, 0x81, 0xd9, 0xe4, 0xbe, 0xae, 0x4d, 0x54, 0x02, 0x68, 0xb3, 0xaf, 0x8b, + 0x98, 0x15, 0x9f, 0x90, 0x00, 0xf8, 0x07, 0x47, 0x58, 0xc2, 0xa8, 0xc8, 0xd9, 0xdc, 0x76, 0xda, + 0x0b, 0x9d, 0x78, 0xbb, 0xea, 0x46, 0xcd, 0x60, 0x8f, 0x84, 0xfb, 0x4c, 0x5b, 0x30, 0x9a, 0x88, + 0x9c, 0x0a, 0xb0, 0x74, 0x63, 0xa1, 0x4e, 0x31, 0x71, 0x77, 0x1d, 0x93, 0x0d, 0x86, 0x93, 0x60, + 0x83, 0x17, 0x60, 0x4a, 0x36, 0xd3, 0x20, 0x11, 0xbb, 0x14, 0xc7, 0x58, 0xc7, 0x94, 0x6d, 0xb1, + 0x28, 0x56, 0xdd, 0x4a, 0xe3, 0xa3, 0x97, 0x61, 0xc2, 0xf5, 0xdd, 0xd8, 0x75, 0xe2, 0x20, 0x64, + 0x2c, 0x05, 0x57, 0x0c, 0x30, 0xd3, 0xbd, 0x9a, 0x0e, 0xc0, 0x26, 0x9e, 0xfd, 0x5f, 0x4a, 0x30, + 0xc3, 0xa6, 0xed, 0x5b, 0x2b, 0xec, 0x23, 0xb3, 0xc2, 0xee, 0x74, 0xaf, 0xb0, 0x93, 0xe0, 0xef, + 0x3f, 0xcc, 0x65, 0xf6, 0x2e, 0x94, 0x95, 0xf1, 0xb3, 0xf4, 0x7e, 0xb0, 0x72, 0xbc, 0x1f, 0xfa, + 0x73, 0x1f, 0xf2, 0xdd, 0xba, 0x98, 0xf9, 0x6e, 0xfd, 0x77, 0x2c, 0x48, 0x6c, 0x40, 0xd1, 0x0d, + 0x28, 0xb7, 0x03, 0x66, 0x67, 0x11, 0x4a, 0xe3, 0xa5, 0xc7, 0x32, 0x2f, 0x2a, 0x7e, 0x29, 0xf2, + 0xf1, 0xab, 0xcb, 0x1a, 0x38, 0xa9, 0x8c, 0x16, 0x61, 0xa4, 0x1d, 0x92, 0x46, 0xcc, 0x7c, 0x7e, + 0xfb, 0xd2, 0xe1, 0x6b, 0x84, 0xe3, 0x63, 0x59, 0xd1, 0xfe, 0x79, 0x0b, 0x80, 0x3f, 0x0d, 0x3b, + 0xfe, 0x16, 0x39, 0x05, 0x75, 0x77, 0x15, 0x4a, 0x51, 0x9b, 0x34, 0x7b, 0x59, 0xc0, 0x24, 0xfd, + 0x69, 0xb4, 0x49, 0x33, 0x19, 0x70, 0xfa, 0x0f, 0xb3, 0xda, 0xf6, 0xf7, 0x01, 0x4c, 0x26, 0x68, + 0xb5, 0x98, 0xec, 0xa2, 0xe7, 0x0c, 0x1f, 0xc0, 0xf3, 0x29, 0x1f, 0xc0, 0x32, 0xc3, 0xd6, 0x34, + 0xab, 0xef, 0x42, 0x71, 0xd7, 0xb9, 0x2f, 0x54, 0x67, 0xcf, 0xf4, 0xee, 0x06, 0xa5, 0x3f, 0xbf, + 0xea, 0xdc, 0xe7, 0x42, 0xe2, 0x33, 0x72, 0x81, 0xac, 0x3a, 0xf7, 0x8f, 0xb8, 0x9d, 0x0b, 0x3b, + 0xa4, 0x6e, 0xb9, 0x51, 0xfc, 0xe5, 0xff, 0x9c, 0xfc, 0x67, 0xcb, 0x8e, 0x36, 0xc2, 0xda, 0x72, + 0x7d, 0xf1, 0x50, 0x3a, 0x50, 0x5b, 0xae, 0x9f, 0x6e, 0xcb, 0xf5, 0x07, 0x68, 0xcb, 0xf5, 0xd1, + 0xfb, 0x30, 0x22, 0x8c, 0x12, 0x98, 0x71, 0xbb, 0xa9, 0x96, 0xcb, 0x6b, 0x4f, 0xd8, 0x34, 0xf0, + 0x36, 0xaf, 0x4a, 0x21, 0x58, 0x94, 0xf6, 0x6d, 0x57, 0x36, 0x88, 0xfe, 0xa6, 0x05, 0x93, 0xe2, + 0x37, 0x26, 0xef, 0x75, 0x48, 0x14, 0x0b, 0xde, 0xf3, 0xd3, 0x83, 0xf7, 0x41, 0x54, 0xe4, 0x5d, + 0xf9, 0xb4, 0x3c, 0x66, 0x4d, 0x60, 0xdf, 0x1e, 0xa5, 0x7a, 0x81, 0xfe, 0xb1, 0x05, 0x67, 0x77, + 0x9d, 0xfb, 0xbc, 0x45, 0x5e, 0x86, 0x9d, 0xd8, 0x0d, 0x84, 0xb1, 0xfe, 0x6b, 0x83, 0x4d, 0x7f, + 0x57, 0x75, 0xde, 0x49, 0x69, 0xd7, 0x7b, 0x36, 0x0b, 0xa5, 0x6f, 0x57, 0x33, 0xfb, 0x35, 0xb7, + 0x09, 0xa3, 0x72, 0xbd, 0x65, 0xa8, 0x1a, 0xaa, 0x3a, 0x63, 0x7d, 0x6c, 0x9b, 0x10, 0xdd, 0x11, + 0x8f, 0xb6, 0x23, 0xd6, 0xda, 0x43, 0x6d, 0xe7, 0x5d, 0x18, 0xd7, 0xd7, 0xd8, 0x43, 0x6d, 0xeb, + 0x3d, 0x38, 0x93, 0xb1, 0x96, 0x1e, 0x6a, 0x93, 0xf7, 0xe0, 0x7c, 0xee, 0xfa, 0x78, 0x98, 0x0d, + 0xdb, 0x3f, 0x67, 0xe9, 0xe7, 0xe0, 0x29, 0xbc, 0x39, 0x2c, 0x99, 0x6f, 0x0e, 0x17, 0x7b, 0xef, + 0x9c, 0x9c, 0x87, 0x87, 0x77, 0xf4, 0x4e, 0xd3, 0x53, 0x1d, 0xbd, 0x01, 0xc3, 0x1e, 0x2d, 0x91, + 0xd6, 0x30, 0x76, 0xff, 0x1d, 0x99, 0xf0, 0x52, 0xac, 0x3c, 0xc2, 0x82, 0x82, 0xfd, 0x4b, 0x16, + 0x94, 0x4e, 0x61, 0x24, 0xb0, 0x39, 0x12, 0xcf, 0xe5, 0x92, 0x16, 0x31, 0xdc, 0xe6, 0xb1, 0x73, + 0x6f, 0xf9, 0x7e, 0x4c, 0xfc, 0x88, 0x89, 0x8a, 0x99, 0x03, 0xf3, 0x5d, 0x70, 0xe6, 0x56, 0xe0, + 0xb4, 0x16, 0x1d, 0xcf, 0xf1, 0x9b, 0x24, 0xac, 0xf9, 0x5b, 0x7d, 0xcd, 0xb2, 0x74, 0x23, 0xaa, + 0x42, 0x3f, 0x23, 0x2a, 0x7b, 0x1b, 0x90, 0xde, 0x80, 0x30, 0x5c, 0xc5, 0x30, 0xe2, 0xf2, 0xa6, + 0xc4, 0xf0, 0x3f, 0x95, 0xcd, 0xdd, 0x75, 0xf5, 0x4c, 0x33, 0xc9, 0xe4, 0x05, 0x58, 0x12, 0xb2, + 0x5f, 0x81, 0x4c, 0x67, 0xb5, 0xfe, 0x6a, 0x03, 0xfb, 0xf3, 0x30, 0xc3, 0x6a, 0x1e, 0x53, 0xa4, + 0xb5, 0x53, 0x5a, 0xc9, 0x8c, 0x18, 0x59, 0xf6, 0x57, 0x2c, 0x98, 0x5a, 0x4b, 0x05, 0xec, 0xb8, + 0xcc, 0x1e, 0x40, 0x33, 0x94, 0xe1, 0x0d, 0x56, 0x8a, 0x05, 0xf4, 0xc4, 0x75, 0x50, 0x7f, 0x66, + 0x41, 0xe2, 0x3f, 0x7a, 0x0a, 0x8c, 0xd7, 0x92, 0xc1, 0x78, 0x65, 0xea, 0x46, 0x54, 0x77, 0xf2, + 0xf8, 0x2e, 0x74, 0x53, 0x05, 0x4b, 0xe8, 0xa1, 0x16, 0x49, 0xc8, 0x70, 0xd7, 0xfa, 0x49, 0x33, + 0xa2, 0x82, 0x0c, 0x9f, 0xc0, 0x6c, 0xa7, 0x14, 0xee, 0x47, 0xc4, 0x76, 0x4a, 0xf5, 0x27, 0x67, + 0x87, 0xd6, 0xb5, 0x2e, 0xb3, 0x93, 0xeb, 0xdb, 0x99, 0x2d, 0xbc, 0xe3, 0xb9, 0xef, 0x13, 0x15, + 0xf1, 0xa5, 0x22, 0x6c, 0xdb, 0x45, 0xe9, 0xd1, 0x41, 0x65, 0x42, 0xfd, 0xe3, 0x61, 0xc1, 0x92, + 0x2a, 0xf6, 0x0d, 0x98, 0x4a, 0x0d, 0x18, 0x7a, 0x09, 0x86, 0xda, 0xdb, 0x4e, 0x44, 0x52, 0xf6, + 0xa2, 0x43, 0x75, 0x5a, 0x78, 0x74, 0x50, 0x99, 0x54, 0x15, 0x58, 0x09, 0xe6, 0xd8, 0xf6, 0xff, + 0xb0, 0xa0, 0xb4, 0x16, 0xb4, 0x4e, 0x63, 0x31, 0xbd, 0x6e, 0x2c, 0xa6, 0xc7, 0xf3, 0x82, 0x2a, + 0xe6, 0xae, 0xa3, 0x95, 0xd4, 0x3a, 0xba, 0x98, 0x4b, 0xa1, 0xf7, 0x12, 0xda, 0x85, 0x31, 0x16, + 0xaa, 0x51, 0xd8, 0xaf, 0xbe, 0x60, 0xc8, 0x00, 0x95, 0x94, 0x0c, 0x30, 0xa5, 0xa1, 0x6a, 0x92, + 0xc0, 0xd3, 0x30, 0x22, 0x6c, 0x28, 0xd3, 0x56, 0xff, 0x02, 0x17, 0x4b, 0xb8, 0xfd, 0x63, 0x45, + 0x30, 0x42, 0x43, 0xa2, 0x5f, 0xb1, 0x60, 0x3e, 0xe4, 0x6e, 0x94, 0xad, 0x6a, 0x27, 0x74, 0xfd, + 0xad, 0x46, 0x73, 0x9b, 0xb4, 0x3a, 0x9e, 0xeb, 0x6f, 0xd5, 0xb6, 0xfc, 0x40, 0x15, 0x2f, 0xdf, + 0x27, 0xcd, 0x0e, 0x7b, 0x08, 0xe9, 0x13, 0x87, 0x52, 0xd9, 0x28, 0x5d, 0x3b, 0x3c, 0xa8, 0xcc, + 0xe3, 0x63, 0xd1, 0xc6, 0xc7, 0xec, 0x0b, 0xfa, 0x86, 0x05, 0x57, 0x79, 0xc4, 0xc4, 0xc1, 0xfb, + 0xdf, 0x43, 0x62, 0xaa, 0x4b, 0x52, 0x09, 0x91, 0x75, 0x12, 0xee, 0x2e, 0xbe, 0x2c, 0x06, 0xf4, + 0x6a, 0xfd, 0x78, 0x6d, 0xe1, 0xe3, 0x76, 0xce, 0xfe, 0x57, 0x45, 0x98, 0x10, 0x1e, 0xfc, 0x22, + 0x34, 0xcc, 0x4b, 0xc6, 0x92, 0x78, 0x22, 0xb5, 0x24, 0x66, 0x0c, 0xe4, 0x93, 0x89, 0x0a, 0x13, + 0xc1, 0x8c, 0xe7, 0x44, 0xf1, 0x0d, 0xe2, 0x84, 0xf1, 0x06, 0x71, 0xb8, 0xed, 0x4e, 0xf1, 0xd8, + 0x76, 0x46, 0x4a, 0x45, 0x73, 0x2b, 0x4d, 0x0c, 0x77, 0xd3, 0x47, 0x7b, 0x80, 0x98, 0x01, 0x52, + 0xe8, 0xf8, 0x11, 0xff, 0x16, 0x57, 0xbc, 0x19, 0x1c, 0xaf, 0xd5, 0x39, 0xd1, 0x2a, 0xba, 0xd5, + 0x45, 0x0d, 0x67, 0xb4, 0xa0, 0x19, 0x96, 0x0d, 0x0d, 0x6a, 0x58, 0x36, 0xdc, 0xc7, 0xb5, 0xc6, + 0x87, 0xe9, 0xae, 0x20, 0x0c, 0x6f, 0x43, 0x59, 0x19, 0x00, 0x8a, 0x43, 0xa7, 0x77, 0x2c, 0x93, + 0x34, 0x05, 0xae, 0x46, 0x49, 0x8c, 0x4f, 0x13, 0x72, 0xf6, 0x3f, 0x29, 0x18, 0x0d, 0xf2, 0x49, + 0x5c, 0x83, 0x51, 0x27, 0x8a, 0xdc, 0x2d, 0x9f, 0xb4, 0xc4, 0x8e, 0xfd, 0x78, 0xde, 0x8e, 0x35, + 0x9a, 0x61, 0x46, 0x98, 0x0b, 0xa2, 0x26, 0x56, 0x34, 0xd0, 0x0d, 0x6e, 0x21, 0xb5, 0x27, 0x79, + 0xfe, 0xc1, 0xa8, 0x81, 0xb4, 0xa1, 0xda, 0x23, 0x58, 0xd4, 0x47, 0x5f, 0xe0, 0x26, 0x6c, 0x37, + 0xfd, 0xe0, 0x9e, 0x7f, 0x3d, 0x08, 0xa4, 0xdb, 0xdd, 0x60, 0x04, 0x67, 0xa4, 0xe1, 0x9a, 0xaa, + 0x8e, 0x4d, 0x6a, 0x83, 0x05, 0x2a, 0xfa, 0x6e, 0x38, 0x43, 0x49, 0x9b, 0xce, 0x33, 0x11, 0x22, + 0x30, 0x25, 0xc2, 0x43, 0xc8, 0x32, 0x31, 0x76, 0x99, 0xec, 0xbc, 0x59, 0x3b, 0x51, 0xfa, 0xdd, + 0x34, 0x49, 0xe0, 0x34, 0x4d, 0xfb, 0x27, 0x2d, 0x60, 0x66, 0xff, 0xa7, 0xc0, 0x32, 0x7c, 0xd6, + 0x64, 0x19, 0x66, 0xf3, 0x06, 0x39, 0x87, 0x5b, 0x78, 0x91, 0xaf, 0xac, 0x7a, 0x18, 0xdc, 0xdf, + 0x17, 0xe6, 0x03, 0xfd, 0x39, 0x59, 0xfb, 0xff, 0x58, 0xfc, 0x10, 0x53, 0x9e, 0xf8, 0xe8, 0x7b, + 0x60, 0xb4, 0xe9, 0xb4, 0x9d, 0x26, 0x8f, 0x63, 0x9c, 0xab, 0xd5, 0x31, 0x2a, 0xcd, 0x2f, 0x89, + 0x1a, 0x5c, 0x4b, 0x21, 0xc3, 0x8c, 0x8c, 0xca, 0xe2, 0xbe, 0x9a, 0x09, 0xd5, 0xe4, 0xdc, 0x0e, + 0x4c, 0x18, 0xc4, 0x1e, 0xaa, 0x48, 0xfb, 0x3d, 0xfc, 0x8a, 0x55, 0x61, 0x71, 0x76, 0x61, 0xc6, + 0xd7, 0xfe, 0xd3, 0x0b, 0x45, 0x8a, 0x29, 0x1f, 0xef, 0x77, 0x89, 0xb2, 0xdb, 0x47, 0x73, 0x6b, + 0x48, 0x91, 0xc1, 0xdd, 0x94, 0xed, 0x1f, 0xb7, 0xe0, 0x51, 0x1d, 0x51, 0x0b, 0x92, 0xd0, 0x4f, + 0x4f, 0x5c, 0x85, 0xd1, 0xa0, 0x4d, 0x42, 0x27, 0x0e, 0x42, 0x71, 0x6b, 0x5c, 0x91, 0x83, 0x7e, + 0x5b, 0x94, 0x1f, 0x89, 0x80, 0x92, 0x92, 0xba, 0x2c, 0xc7, 0xaa, 0x26, 0x95, 0x63, 0xd8, 0x60, + 0x44, 0x22, 0x80, 0x05, 0x3b, 0x03, 0xd8, 0x93, 0x69, 0x84, 0x05, 0xc4, 0xfe, 0x03, 0x8b, 0x2f, + 0x2c, 0xbd, 0xeb, 0xe8, 0x3d, 0x98, 0xde, 0x75, 0xe2, 0xe6, 0xf6, 0xf2, 0xfd, 0x76, 0xc8, 0xd5, + 0xe3, 0x72, 0x9c, 0x9e, 0xe9, 0x37, 0x4e, 0xda, 0x47, 0x26, 0x56, 0x79, 0xab, 0x29, 0x62, 0xb8, + 0x8b, 0x3c, 0xda, 0x80, 0x31, 0x56, 0xc6, 0xcc, 0xbf, 0xa3, 0x5e, 0xac, 0x41, 0x5e, 0x6b, 0xea, + 0xd5, 0x79, 0x35, 0xa1, 0x83, 0x75, 0xa2, 0xf6, 0x97, 0x8b, 0x7c, 0xb7, 0x33, 0x6e, 0xfb, 0x69, + 0x18, 0x69, 0x07, 0xad, 0xa5, 0x5a, 0x15, 0x8b, 0x59, 0x50, 0xd7, 0x48, 0x9d, 0x17, 0x63, 0x09, + 0x47, 0xaf, 0x02, 0x90, 0xfb, 0x31, 0x09, 0x7d, 0xc7, 0x53, 0x56, 0x32, 0xca, 0x2e, 0xb4, 0x1a, + 0xac, 0x05, 0xf1, 0x9d, 0x88, 0x7c, 0xd7, 0xb2, 0x42, 0xc1, 0x1a, 0x3a, 0xba, 0x06, 0xd0, 0x0e, + 0x83, 0x3d, 0xb7, 0xc5, 0xfc, 0x09, 0x8b, 0xa6, 0x0d, 0x49, 0x5d, 0x41, 0xb0, 0x86, 0x85, 0x5e, + 0x85, 0x89, 0x8e, 0x1f, 0x71, 0x0e, 0xc5, 0xd9, 0x10, 0xe1, 0x18, 0x47, 0x13, 0xeb, 0x86, 0x3b, + 0x3a, 0x10, 0x9b, 0xb8, 0x68, 0x01, 0x86, 0x63, 0x87, 0xd9, 0x44, 0x0c, 0xe5, 0x1b, 0x73, 0xae, + 0x53, 0x0c, 0x3d, 0x8a, 0x2e, 0xad, 0x80, 0x45, 0x45, 0xf4, 0xb6, 0x74, 0xce, 0xe0, 0x67, 0xbd, + 0xb0, 0xa2, 0x1e, 0xec, 0x5e, 0xd0, 0x5c, 0x33, 0x84, 0x75, 0xb6, 0x41, 0xcb, 0xfe, 0x46, 0x19, + 0x20, 0x61, 0xc7, 0xd1, 0xfb, 0x5d, 0xe7, 0xd1, 0xb3, 0xbd, 0x19, 0xf8, 0x93, 0x3b, 0x8c, 0xd0, + 0xf7, 0x5b, 0x30, 0xe6, 0x78, 0x5e, 0xd0, 0x74, 0x62, 0x36, 0xca, 0x85, 0xde, 0xe7, 0xa1, 0x68, + 0x7f, 0x21, 0xa9, 0xc1, 0xbb, 0xf0, 0x82, 0x5c, 0x78, 0x1a, 0xa4, 0x6f, 0x2f, 0xf4, 0x86, 0xd1, + 0xa7, 0xa4, 0x94, 0xc6, 0x97, 0xc7, 0x5c, 0x5a, 0x4a, 0x2b, 0xb3, 0xa3, 0x5f, 0x13, 0xd0, 0xd0, + 0x1d, 0x23, 0xd2, 0x5e, 0x29, 0x3f, 0xe8, 0x84, 0xc1, 0x95, 0xf6, 0x0b, 0xb2, 0x87, 0xea, 0xba, + 0x37, 0xd9, 0x50, 0x7e, 0x64, 0x16, 0x4d, 0xfc, 0xe9, 0xe3, 0x49, 0xf6, 0x2e, 0x4c, 0xb5, 0xcc, + 0xbb, 0x5d, 0xac, 0xa6, 0xa7, 0xf2, 0xe8, 0xa6, 0x58, 0x81, 0xe4, 0x36, 0x4f, 0x01, 0x70, 0x9a, + 0x30, 0xaa, 0x73, 0xbf, 0xbe, 0x9a, 0xbf, 0x19, 0x08, 0x6b, 0x7c, 0x3b, 0x77, 0x2e, 0xf7, 0xa3, + 0x98, 0xec, 0x52, 0xcc, 0xe4, 0xd2, 0x5e, 0x13, 0x75, 0xb1, 0xa2, 0x82, 0xde, 0x80, 0x61, 0xe6, + 0x18, 0x1c, 0xcd, 0x8e, 0xe6, 0x2b, 0x13, 0xcd, 0x98, 0x16, 0xc9, 0xa6, 0x62, 0x7f, 0x23, 0x2c, + 0x28, 0xa0, 0x1b, 0x32, 0xf0, 0x4d, 0x54, 0xf3, 0xef, 0x44, 0x84, 0x05, 0xbe, 0x29, 0x2f, 0x7e, + 0x3c, 0x89, 0x69, 0xc3, 0xcb, 0x33, 0xe3, 0xe5, 0x1b, 0x35, 0x29, 0x73, 0x24, 0xfe, 0xcb, 0x30, + 0xfc, 0xb3, 0x90, 0xdf, 0x3d, 0x33, 0x54, 0x7f, 0x32, 0x9c, 0x77, 0x4d, 0x12, 0x38, 0x4d, 0x93, + 0x32, 0x9a, 0x7c, 0xe7, 0x0a, 0x7b, 0xfe, 0x7e, 0xfb, 0x9f, 0xcb, 0xd7, 0xec, 0x92, 0xe1, 0x25, + 0x58, 0xd4, 0x3f, 0xd5, 0x5b, 0x7f, 0xce, 0x87, 0xe9, 0xf4, 0x16, 0x7d, 0xa8, 0x5c, 0xc6, 0xef, + 0x97, 0x60, 0xd2, 0x5c, 0x52, 0xe8, 0x2a, 0x94, 0x05, 0x11, 0x15, 0x85, 0x55, 0xed, 0x92, 0x55, + 0x09, 0xc0, 0x09, 0x0e, 0x0b, 0xbe, 0xcb, 0xaa, 0x6b, 0x76, 0x98, 0x49, 0xf0, 0x5d, 0x05, 0xc1, + 0x1a, 0x16, 0x95, 0x97, 0x36, 0x82, 0x20, 0x56, 0x97, 0x8a, 0x5a, 0x77, 0x8b, 0xac, 0x14, 0x0b, + 0x28, 0xbd, 0x4c, 0x76, 0x48, 0xe8, 0x13, 0xcf, 0x0c, 0xee, 0xa6, 0x2e, 0x93, 0x9b, 0x3a, 0x10, + 0x9b, 0xb8, 0xf4, 0x96, 0x0c, 0x22, 0xb6, 0x90, 0x85, 0x54, 0x96, 0xd8, 0xb5, 0x36, 0xb8, 0x8b, + 0xbd, 0x84, 0xa3, 0xcf, 0xc3, 0xa3, 0xca, 0x23, 0x1e, 0x73, 0x45, 0xb5, 0x6c, 0x71, 0xd8, 0x50, + 0xa2, 0x3c, 0xba, 0x94, 0x8d, 0x86, 0xf3, 0xea, 0xa3, 0xd7, 0x61, 0x52, 0x70, 0xee, 0x92, 0xe2, + 0x88, 0x69, 0x3b, 0x71, 0xd3, 0x80, 0xe2, 0x14, 0xb6, 0x0c, 0x4f, 0xc7, 0x98, 0x67, 0x49, 0x61, + 0xb4, 0x3b, 0x3c, 0x9d, 0x0e, 0xc7, 0x5d, 0x35, 0xd0, 0x02, 0x4c, 0x71, 0xd6, 0xca, 0xf5, 0xb7, + 0xf8, 0x9c, 0x08, 0x77, 0x1b, 0xb5, 0xa5, 0x6e, 0x9b, 0x60, 0x9c, 0xc6, 0x47, 0xaf, 0xc0, 0xb8, + 0x13, 0x36, 0xb7, 0xdd, 0x98, 0x34, 0xe3, 0x4e, 0xc8, 0xfd, 0x70, 0x34, 0xe3, 0x93, 0x05, 0x0d, + 0x86, 0x0d, 0x4c, 0xfb, 0x7d, 0x38, 0x93, 0xe1, 0xa9, 0x47, 0x17, 0x8e, 0xd3, 0x76, 0xe5, 0x37, + 0xa5, 0x2c, 0x54, 0x17, 0xea, 0x35, 0xf9, 0x35, 0x1a, 0x16, 0x5d, 0x9d, 0xcc, 0xa3, 0x4f, 0xcb, + 0xba, 0xa1, 0x56, 0xe7, 0x8a, 0x04, 0xe0, 0x04, 0xc7, 0xfe, 0x9f, 0x05, 0x98, 0xca, 0x50, 0xbe, + 0xb3, 0xcc, 0x0f, 0x29, 0xd9, 0x23, 0x49, 0xf4, 0x60, 0x46, 0x3b, 0x2c, 0x1c, 0x23, 0xda, 0x61, + 0xb1, 0x5f, 0xb4, 0xc3, 0xd2, 0x07, 0x89, 0x76, 0x68, 0x8e, 0xd8, 0xd0, 0x40, 0x23, 0x96, 0x11, + 0x21, 0x71, 0xf8, 0x98, 0x11, 0x12, 0x8d, 0x41, 0x1f, 0x19, 0x60, 0xd0, 0xbf, 0x56, 0x80, 0xe9, + 0xb4, 0x91, 0xdc, 0x29, 0xa8, 0x63, 0xdf, 0x30, 0xd4, 0xb1, 0xd9, 0x79, 0x54, 0xd2, 0xa6, 0x7b, + 0x79, 0xaa, 0x59, 0x9c, 0x52, 0xcd, 0x7e, 0x72, 0x20, 0x6a, 0xbd, 0xd5, 0xb4, 0x7f, 0xaf, 0x00, + 0xe7, 0xd2, 0x55, 0x96, 0x3c, 0xc7, 0xdd, 0x3d, 0x85, 0xb1, 0xb9, 0x6d, 0x8c, 0xcd, 0x73, 0x83, + 0x7c, 0x0d, 0xeb, 0x5a, 0xee, 0x00, 0xbd, 0x95, 0x1a, 0xa0, 0xab, 0x83, 0x93, 0xec, 0x3d, 0x4a, + 0xdf, 0x2c, 0xc2, 0xc5, 0xcc, 0x7a, 0x89, 0x36, 0x73, 0xc5, 0xd0, 0x66, 0x5e, 0x4b, 0x69, 0x33, + 0xed, 0xde, 0xb5, 0x4f, 0x46, 0xbd, 0x29, 0x5c, 0x28, 0x59, 0x44, 0xbc, 0x07, 0x54, 0x6d, 0x1a, + 0x2e, 0x94, 0x8a, 0x10, 0x36, 0xe9, 0xfe, 0x45, 0x52, 0x69, 0xfe, 0x1b, 0x0b, 0xce, 0x67, 0xce, + 0xcd, 0x29, 0xa8, 0xb0, 0xd6, 0x4c, 0x15, 0xd6, 0xd3, 0x03, 0xaf, 0xd6, 0x1c, 0x9d, 0xd6, 0x6f, + 0x94, 0x72, 0xbe, 0x85, 0x09, 0xe8, 0xb7, 0x61, 0xcc, 0x69, 0x36, 0x49, 0x14, 0xad, 0x06, 0x2d, + 0x15, 0x21, 0xee, 0x39, 0x26, 0x67, 0x25, 0xc5, 0x47, 0x07, 0x95, 0xb9, 0x34, 0x89, 0x04, 0x8c, + 0x75, 0x0a, 0x66, 0x50, 0xcb, 0xc2, 0x89, 0x06, 0xb5, 0xbc, 0x06, 0xb0, 0xa7, 0xb8, 0xf5, 0xb4, + 0x90, 0xaf, 0xf1, 0xf1, 0x1a, 0x16, 0xfa, 0x02, 0x8c, 0x46, 0xe2, 0x1a, 0x17, 0x4b, 0xf1, 0x85, + 0x01, 0xe7, 0xca, 0xd9, 0x20, 0x9e, 0xe9, 0xab, 0xaf, 0xf4, 0x21, 0x8a, 0x24, 0xfa, 0x0e, 0x98, + 0x8e, 0x78, 0x28, 0x98, 0x25, 0xcf, 0x89, 0x98, 0x1f, 0x84, 0x58, 0x85, 0xcc, 0x01, 0xbf, 0x91, + 0x82, 0xe1, 0x2e, 0x6c, 0xb4, 0x22, 0x3f, 0x8a, 0xc5, 0xad, 0xe1, 0x0b, 0xf3, 0x72, 0xf2, 0x41, + 0x22, 0xef, 0xd4, 0xd9, 0xf4, 0xf0, 0xb3, 0x81, 0xd7, 0x6a, 0xa2, 0x2f, 0x00, 0xd0, 0xe5, 0x23, + 0x74, 0x09, 0x23, 0xf9, 0x87, 0x27, 0x3d, 0x55, 0x5a, 0x99, 0x96, 0x9f, 0xcc, 0x79, 0xb1, 0xaa, + 0x88, 0x60, 0x8d, 0xa0, 0xfd, 0xb5, 0x12, 0x3c, 0xd6, 0xe3, 0x8c, 0x44, 0x0b, 0xe6, 0x13, 0xe8, + 0x33, 0x69, 0xe1, 0x7a, 0x2e, 0xb3, 0xb2, 0x21, 0x6d, 0xa7, 0x96, 0x62, 0xe1, 0x03, 0x2f, 0xc5, + 0x1f, 0xb4, 0x34, 0xb5, 0x07, 0x37, 0xe6, 0xfb, 0xec, 0x31, 0xcf, 0xfe, 0x13, 0xd4, 0x83, 0x6c, + 0x66, 0x28, 0x13, 0xae, 0x0d, 0xdc, 0x9d, 0x81, 0xb5, 0x0b, 0xa7, 0xab, 0xfc, 0xfd, 0xb2, 0x05, + 0x4f, 0x64, 0xf6, 0xd7, 0x30, 0xd9, 0xb8, 0x0a, 0xe5, 0x26, 0x2d, 0xd4, 0x7c, 0xd5, 0x12, 0x27, + 0x5e, 0x09, 0xc0, 0x09, 0x8e, 0x61, 0x99, 0x51, 0xe8, 0x6b, 0x99, 0xf1, 0x2f, 0x2d, 0xe8, 0xda, + 0x1f, 0xa7, 0x70, 0x50, 0xd7, 0xcc, 0x83, 0xfa, 0xe3, 0x83, 0xcc, 0x65, 0xce, 0x19, 0xfd, 0x47, + 0x53, 0xf0, 0x48, 0x8e, 0xaf, 0xc6, 0x1e, 0xcc, 0x6c, 0x35, 0x89, 0xe9, 0x05, 0x28, 0x3e, 0x26, + 0xd3, 0x61, 0xb2, 0xa7, 0xcb, 0x20, 0xcb, 0x47, 0x34, 0xd3, 0x85, 0x82, 0xbb, 0x9b, 0x40, 0x5f, + 0xb6, 0xe0, 0xac, 0x73, 0x2f, 0xea, 0xca, 0x3a, 0x29, 0xd6, 0xcc, 0x8b, 0x99, 0x4a, 0x90, 0x3e, + 0x59, 0x2a, 0x79, 0x82, 0xa6, 0x2c, 0x2c, 0x9c, 0xd9, 0x16, 0xc2, 0x22, 0x66, 0x28, 0x65, 0xe7, + 0x7b, 0xf8, 0xa9, 0x66, 0x39, 0xd5, 0xf0, 0x23, 0x5b, 0x42, 0xb0, 0xa2, 0x83, 0xbe, 0x04, 0xe5, + 0x2d, 0xe9, 0xe9, 0x96, 0x71, 0x25, 0x24, 0x03, 0xd9, 0xdb, 0xff, 0x8f, 0x3f, 0x50, 0x2a, 0x24, + 0x9c, 0x10, 0x45, 0xaf, 0x43, 0xd1, 0xdf, 0x8c, 0x7a, 0xe5, 0x38, 0x4a, 0xd9, 0x34, 0x71, 0x6f, + 0xf0, 0xb5, 0x95, 0x06, 0xa6, 0x15, 0xd1, 0x0d, 0x28, 0x86, 0x1b, 0x2d, 0xa1, 0xc1, 0xcb, 0x3c, + 0xc3, 0xf1, 0x62, 0x35, 0xa7, 0x57, 0x8c, 0x12, 0x5e, 0xac, 0x62, 0x4a, 0x02, 0xd5, 0x61, 0x88, + 0x39, 0x38, 0x88, 0xfb, 0x20, 0x93, 0xf3, 0xed, 0xe1, 0x28, 0xc4, 0x5d, 0xc6, 0x19, 0x02, 0xe6, + 0x84, 0xd0, 0x3a, 0x0c, 0x37, 0x59, 0x3e, 0x1c, 0x11, 0xb0, 0xfa, 0x53, 0x99, 0xba, 0xba, 0x1e, + 0x89, 0x82, 0x84, 0xea, 0x8a, 0x61, 0x60, 0x41, 0x8b, 0x51, 0x25, 0xed, 0xed, 0xcd, 0x88, 0xc9, + 0xfa, 0x79, 0x54, 0x7b, 0xe4, 0xbf, 0x12, 0x54, 0x19, 0x06, 0x16, 0xb4, 0xd0, 0x67, 0xa0, 0xb0, + 0xd9, 0x14, 0xfe, 0x0f, 0x99, 0x4a, 0x3b, 0xd3, 0xa1, 0x7f, 0x71, 0xf8, 0xf0, 0xa0, 0x52, 0x58, + 0x59, 0xc2, 0x85, 0xcd, 0x26, 0x5a, 0x83, 0x91, 0x4d, 0xee, 0x02, 0x2c, 0xf4, 0x72, 0x4f, 0x65, + 0x7b, 0x27, 0x77, 0x79, 0x09, 0x73, 0xbb, 0x7d, 0x01, 0xc0, 0x92, 0x08, 0x0b, 0xc1, 0xa9, 0x5c, + 0x99, 0x45, 0x2c, 0xea, 0xf9, 0xe3, 0xb9, 0x9f, 0xf3, 0xfb, 0x39, 0x71, 0x88, 0xc6, 0x1a, 0x45, + 0xba, 0xaa, 0x1d, 0x99, 0xf9, 0x50, 0xc4, 0xea, 0xc8, 0x5c, 0xd5, 0x7d, 0x92, 0x42, 0xf2, 0x55, + 0xad, 0x90, 0x70, 0x42, 0x14, 0xed, 0xc0, 0xc4, 0x5e, 0xd4, 0xde, 0x26, 0x72, 0x4b, 0xb3, 0xd0, + 0x1d, 0x39, 0x57, 0xd8, 0x5d, 0x81, 0xe8, 0x86, 0x71, 0xc7, 0xf1, 0xba, 0x4e, 0x21, 0xf6, 0xaa, + 0x7d, 0x57, 0x27, 0x86, 0x4d, 0xda, 0x74, 0xf8, 0xdf, 0xeb, 0x04, 0x1b, 0xfb, 0x31, 0x11, 0xc1, + 0xab, 0x33, 0x87, 0xff, 0x4d, 0x8e, 0xd2, 0x3d, 0xfc, 0x02, 0x80, 0x25, 0x11, 0x74, 0x57, 0x0c, + 0x0f, 0x3b, 0x3d, 0xa7, 0xf3, 0x83, 0x29, 0x65, 0xa6, 0x1e, 0xd5, 0x06, 0x85, 0x9d, 0x96, 0x09, + 0x29, 0x76, 0x4a, 0xb6, 0xb7, 0x83, 0x38, 0xf0, 0x53, 0x27, 0xf4, 0x4c, 0xfe, 0x29, 0x59, 0xcf, + 0xc0, 0xef, 0x3e, 0x25, 0xb3, 0xb0, 0x70, 0x66, 0x5b, 0xa8, 0x05, 0x93, 0xed, 0x20, 0x8c, 0xef, + 0x05, 0xa1, 0x5c, 0x5f, 0xa8, 0x87, 0x5e, 0xc1, 0xc0, 0x14, 0x2d, 0xb2, 0x60, 0xea, 0x26, 0x04, + 0xa7, 0x68, 0xa2, 0xcf, 0xc1, 0x48, 0xd4, 0x74, 0x3c, 0x52, 0xbb, 0x3d, 0x7b, 0x26, 0xff, 0xfa, + 0x69, 0x70, 0x94, 0x9c, 0xd5, 0xc5, 0x26, 0x47, 0xa0, 0x60, 0x49, 0x0e, 0xad, 0xc0, 0x10, 0xcb, + 0x88, 0xc0, 0xe2, 0x6e, 0xe7, 0xc4, 0x84, 0xea, 0xb2, 0x30, 0xe5, 0x67, 0x13, 0x2b, 0xc6, 0xbc, + 0x3a, 0xdd, 0x03, 0x82, 0xbd, 0x0e, 0xa2, 0xd9, 0x73, 0xf9, 0x7b, 0x40, 0x70, 0xe5, 0xb7, 0x1b, + 0xbd, 0xf6, 0x80, 0x42, 0xc2, 0x09, 0x51, 0x7a, 0x32, 0xd3, 0xd3, 0xf4, 0x91, 0x1e, 0x06, 0x2d, + 0xb9, 0x67, 0x29, 0x3b, 0x99, 0xe9, 0x49, 0x4a, 0x49, 0xd8, 0xbf, 0x3b, 0xd2, 0xcd, 0xb3, 0x30, + 0x81, 0xec, 0x2f, 0x5b, 0x5d, 0x6f, 0x75, 0x9f, 0x1e, 0x54, 0x3f, 0x74, 0x82, 0xdc, 0xea, 0x97, + 0x2d, 0x78, 0xa4, 0x9d, 0xf9, 0x21, 0x82, 0x01, 0x18, 0x4c, 0xcd, 0xc4, 0x3f, 0x5d, 0xc5, 0xc6, + 0xcf, 0x86, 0xe3, 0x9c, 0x96, 0xd2, 0x12, 0x41, 0xf1, 0x03, 0x4b, 0x04, 0xab, 0x30, 0xca, 0x98, + 0xcc, 0x3e, 0xf9, 0xe1, 0xd2, 0x82, 0x11, 0x63, 0x25, 0x96, 0x44, 0x45, 0xac, 0x48, 0xa0, 0x1f, + 0xb2, 0xe0, 0x42, 0xba, 0xeb, 0x98, 0x30, 0xb0, 0x88, 0x24, 0xcf, 0x65, 0xc1, 0x15, 0xf1, 0xfd, + 0x17, 0xea, 0xbd, 0x90, 0x8f, 0xfa, 0x21, 0xe0, 0xde, 0x8d, 0xa1, 0x6a, 0x86, 0x30, 0x3a, 0x6c, + 0x2a, 0xe0, 0x07, 0x10, 0x48, 0x5f, 0x84, 0xf1, 0xdd, 0xa0, 0xe3, 0xc7, 0xc2, 0xfe, 0x45, 0x78, + 0x2c, 0xb2, 0x07, 0xe7, 0x55, 0xad, 0x1c, 0x1b, 0x58, 0x29, 0x31, 0x76, 0xf4, 0x81, 0xc5, 0xd8, + 0x77, 0x52, 0x59, 0xc0, 0xcb, 0xf9, 0x11, 0x0b, 0x85, 0xc4, 0x7f, 0x8c, 0x5c, 0xe0, 0xa7, 0x2b, + 0x1b, 0xfd, 0xb4, 0x95, 0xc1, 0xd4, 0x73, 0x69, 0xf9, 0x35, 0x53, 0x5a, 0xbe, 0x9c, 0x96, 0x96, + 0xbb, 0x94, 0xaf, 0x86, 0xa0, 0x3c, 0x78, 0xd8, 0xeb, 0x41, 0xe3, 0xc8, 0xd9, 0x1e, 0x5c, 0xea, + 0x77, 0x2d, 0x31, 0x43, 0xa8, 0x96, 0x7a, 0x6a, 0x4b, 0x0c, 0xa1, 0x5a, 0xb5, 0x2a, 0x66, 0x90, + 0x41, 0x03, 0x8d, 0xd8, 0xff, 0xdd, 0x82, 0x62, 0x3d, 0x68, 0x9d, 0x82, 0x32, 0xf9, 0xb3, 0x86, + 0x32, 0xf9, 0xb1, 0x9c, 0xec, 0xec, 0xb9, 0xaa, 0xe3, 0xe5, 0x94, 0xea, 0xf8, 0x42, 0x1e, 0x81, + 0xde, 0x8a, 0xe2, 0x9f, 0x28, 0x82, 0x9e, 0x4b, 0x1e, 0xfd, 0xc6, 0x83, 0x58, 0x21, 0x17, 0x7b, + 0xa5, 0x97, 0x17, 0x94, 0x99, 0xfd, 0x94, 0x74, 0xc2, 0xfb, 0x73, 0x66, 0x8c, 0xfc, 0x16, 0x71, + 0xb7, 0xb6, 0x63, 0xd2, 0x4a, 0x7f, 0xce, 0xe9, 0x19, 0x23, 0xff, 0x57, 0x0b, 0xa6, 0x52, 0xad, + 0x23, 0x0f, 0x26, 0x3c, 0x5d, 0x13, 0x28, 0xd6, 0xe9, 0x03, 0x29, 0x11, 0x85, 0x31, 0xa7, 0x56, + 0x84, 0x4d, 0xe2, 0x68, 0x1e, 0x40, 0xbd, 0xd4, 0x49, 0x0d, 0x18, 0xe3, 0xfa, 0xd5, 0x53, 0x5e, + 0x84, 0x35, 0x0c, 0xf4, 0x12, 0x8c, 0xc5, 0x41, 0x3b, 0xf0, 0x82, 0xad, 0xfd, 0x9b, 0x44, 0x86, + 0xb6, 0x51, 0x26, 0x5a, 0xeb, 0x09, 0x08, 0xeb, 0x78, 0xf6, 0x4f, 0x15, 0xf9, 0x87, 0xfa, 0xb1, + 0xfb, 0xad, 0x35, 0xf9, 0xd1, 0x5e, 0x93, 0xdf, 0xb4, 0x60, 0x9a, 0xb6, 0xce, 0xcc, 0x45, 0xe4, + 0x65, 0xab, 0xd2, 0xef, 0x58, 0x3d, 0xd2, 0xef, 0x5c, 0xa6, 0x67, 0x57, 0x2b, 0xe8, 0xc4, 0x42, + 0x83, 0xa6, 0x1d, 0x4e, 0xb4, 0x14, 0x0b, 0xa8, 0xc0, 0x23, 0x61, 0x28, 0x7c, 0xa0, 0x74, 0x3c, + 0x12, 0x86, 0x58, 0x40, 0x65, 0x76, 0x9e, 0x52, 0x4e, 0x76, 0x1e, 0x16, 0xa8, 0x4f, 0x18, 0x16, + 0x08, 0xb6, 0x47, 0x0b, 0xd4, 0x27, 0x2d, 0x0e, 0x12, 0x1c, 0xfb, 0xe7, 0x8a, 0x30, 0x5e, 0x0f, + 0x5a, 0xc9, 0x5b, 0xd9, 0x8b, 0xc6, 0x5b, 0xd9, 0xa5, 0xd4, 0x5b, 0xd9, 0xb4, 0x8e, 0xfb, 0xad, + 0x97, 0xb1, 0x0f, 0xeb, 0x65, 0xec, 0x5f, 0x58, 0x6c, 0xd6, 0xaa, 0x6b, 0x0d, 0x91, 0x1d, 0xf8, + 0x79, 0x18, 0x63, 0x07, 0x12, 0x73, 0xba, 0x93, 0x0f, 0x48, 0x2c, 0xf0, 0xfe, 0x5a, 0x52, 0x8c, + 0x75, 0x1c, 0x74, 0x05, 0x46, 0x23, 0xe2, 0x84, 0xcd, 0x6d, 0x75, 0xc6, 0x89, 0xe7, 0x15, 0x5e, + 0x86, 0x15, 0x14, 0xbd, 0x99, 0xc4, 0x88, 0x2b, 0xe6, 0xe7, 0xb9, 0xd5, 0xfb, 0xc3, 0xb7, 0x48, + 0x7e, 0x60, 0x38, 0xfb, 0x2d, 0x40, 0xdd, 0xf8, 0x03, 0x04, 0x47, 0xaa, 0x98, 0xc1, 0x91, 0xca, + 0x5d, 0x81, 0x91, 0xfe, 0xd4, 0x82, 0xc9, 0x7a, 0xd0, 0xa2, 0x5b, 0xf7, 0x2f, 0xd2, 0x3e, 0xd5, + 0x03, 0x64, 0x0e, 0xf7, 0x08, 0x90, 0xf9, 0xf7, 0x2d, 0x18, 0xa9, 0x07, 0xad, 0x53, 0xd0, 0xbb, + 0xbf, 0x66, 0xea, 0xdd, 0x1f, 0xcd, 0x59, 0x12, 0x39, 0xaa, 0xf6, 0x5f, 0x28, 0xc2, 0x04, 0xed, + 0x67, 0xb0, 0x25, 0x67, 0xc9, 0x18, 0x11, 0x6b, 0x80, 0x11, 0xa1, 0x6c, 0x6e, 0xe0, 0x79, 0xc1, + 0xbd, 0xf4, 0x8c, 0xad, 0xb0, 0x52, 0x2c, 0xa0, 0xe8, 0x59, 0x18, 0x6d, 0x87, 0x64, 0xcf, 0x0d, + 0x04, 0xff, 0xa8, 0xbd, 0x62, 0xd4, 0x45, 0x39, 0x56, 0x18, 0x54, 0xee, 0x8a, 0x5c, 0xbf, 0x49, + 0x64, 0x92, 0xed, 0x12, 0xcb, 0xc3, 0xc5, 0x23, 0x5f, 0x6b, 0xe5, 0xd8, 0xc0, 0x42, 0x6f, 0x41, + 0x99, 0xfd, 0x67, 0x27, 0xca, 0xf1, 0xf3, 0x06, 0x89, 0x74, 0x13, 0x82, 0x00, 0x4e, 0x68, 0xa1, + 0x6b, 0x00, 0xb1, 0x8c, 0x8e, 0x1c, 0x89, 0x18, 0x37, 0x8a, 0xd7, 0x56, 0x71, 0x93, 0x23, 0xac, + 0x61, 0xa1, 0x67, 0xa0, 0x1c, 0x3b, 0xae, 0x77, 0xcb, 0xf5, 0x49, 0xc4, 0x54, 0xce, 0x45, 0x99, + 0x4d, 0x42, 0x14, 0xe2, 0x04, 0x4e, 0x79, 0x1d, 0xe6, 0x00, 0xce, 0xb3, 0x8e, 0x8d, 0x32, 0x6c, + 0xc6, 0xeb, 0xdc, 0x52, 0xa5, 0x58, 0xc3, 0xb0, 0x5f, 0x81, 0x73, 0xf5, 0xa0, 0x55, 0x0f, 0xc2, + 0x78, 0x25, 0x08, 0xef, 0x39, 0x61, 0x4b, 0xce, 0x5f, 0x45, 0x26, 0x36, 0xa0, 0x67, 0xcf, 0x10, + 0xdf, 0x99, 0x46, 0xca, 0x82, 0x17, 0x18, 0xb7, 0x73, 0x4c, 0xa7, 0x8e, 0x26, 0xbb, 0x77, 0x55, + 0x82, 0xc1, 0xeb, 0x4e, 0x4c, 0xd0, 0x6d, 0x96, 0x94, 0x2c, 0xb9, 0x82, 0x44, 0xf5, 0xa7, 0xb5, + 0xa4, 0x64, 0x09, 0x30, 0xf3, 0xce, 0x32, 0xeb, 0xdb, 0xbf, 0x5a, 0x64, 0xa7, 0x51, 0x2a, 0xdf, + 0x1e, 0xfa, 0x22, 0x4c, 0x46, 0xe4, 0x96, 0xeb, 0x77, 0xee, 0x4b, 0x21, 0xbc, 0x87, 0x5b, 0x4e, + 0x63, 0x59, 0xc7, 0xe4, 0xaa, 0x3c, 0xb3, 0x0c, 0xa7, 0xa8, 0xd1, 0x79, 0x0a, 0x3b, 0xfe, 0x42, + 0x74, 0x27, 0x22, 0xa1, 0xc8, 0xf7, 0xc6, 0xe6, 0x09, 0xcb, 0x42, 0x9c, 0xc0, 0xe9, 0xba, 0x64, + 0x7f, 0xd6, 0x02, 0x1f, 0x07, 0x41, 0x2c, 0x57, 0x32, 0xcb, 0x18, 0xa4, 0x95, 0x63, 0x03, 0x0b, + 0xad, 0x00, 0x8a, 0x3a, 0xed, 0xb6, 0xc7, 0x1e, 0xf6, 0x1d, 0xef, 0x7a, 0x18, 0x74, 0xda, 0xfc, + 0xd5, 0xb3, 0xc8, 0x03, 0x13, 0x36, 0xba, 0xa0, 0x38, 0xa3, 0x06, 0x3d, 0x7d, 0x36, 0x23, 0xf6, + 0x9b, 0xad, 0xee, 0xa2, 0x50, 0xaf, 0x37, 0x58, 0x11, 0x96, 0x30, 0xba, 0x98, 0x58, 0xf3, 0x1c, + 0x73, 0x38, 0x59, 0x4c, 0x58, 0x95, 0x62, 0x0d, 0x03, 0x2d, 0xc3, 0x48, 0xb4, 0x1f, 0x35, 0x63, + 0x11, 0x91, 0x29, 0x27, 0x73, 0x67, 0x83, 0xa1, 0x68, 0xd9, 0x24, 0x78, 0x15, 0x2c, 0xeb, 0xda, + 0xdf, 0xc3, 0x2e, 0x43, 0x96, 0x1d, 0x2c, 0xee, 0x84, 0x04, 0xed, 0xc2, 0x44, 0x9b, 0x4d, 0xb9, + 0x88, 0x5d, 0x2d, 0xe6, 0xed, 0xc5, 0x01, 0xa5, 0xda, 0x7b, 0xf4, 0xa0, 0x51, 0x5a, 0x27, 0x26, + 0x2e, 0xd4, 0x75, 0x72, 0xd8, 0xa4, 0x6e, 0x7f, 0x0d, 0xb1, 0x33, 0xb7, 0xc1, 0x45, 0xd5, 0x11, + 0x61, 0x5a, 0x2c, 0xf8, 0xf2, 0xb9, 0x7c, 0x9d, 0x49, 0xf2, 0x45, 0xc2, 0x3c, 0x19, 0xcb, 0xba, + 0xe8, 0x4d, 0xf6, 0x4a, 0xcd, 0x0f, 0xba, 0x7e, 0x49, 0x9a, 0x39, 0x96, 0xf1, 0x20, 0x2d, 0x2a, + 0x62, 0x8d, 0x08, 0xba, 0x05, 0x13, 0x22, 0x99, 0x94, 0x50, 0x8a, 0x15, 0x0d, 0xa5, 0xc7, 0x04, + 0xd6, 0x81, 0x47, 0xe9, 0x02, 0x6c, 0x56, 0x46, 0x5b, 0x70, 0x41, 0xcb, 0xac, 0x78, 0x3d, 0x74, + 0xd8, 0xcb, 0xa5, 0xcb, 0x36, 0x91, 0x76, 0x6e, 0x3e, 0x71, 0x78, 0x50, 0xb9, 0xb0, 0xde, 0x0b, + 0x11, 0xf7, 0xa6, 0x83, 0x6e, 0xc3, 0x39, 0xee, 0xc1, 0x57, 0x25, 0x4e, 0xcb, 0x73, 0x7d, 0x75, + 0x30, 0xf3, 0x75, 0x78, 0xfe, 0xf0, 0xa0, 0x72, 0x6e, 0x21, 0x0b, 0x01, 0x67, 0xd7, 0x43, 0xaf, + 0x41, 0xb9, 0xe5, 0x47, 0x62, 0x0c, 0x86, 0x8d, 0xa4, 0xa1, 0xe5, 0xea, 0x5a, 0x43, 0x7d, 0x7f, + 0xf2, 0x07, 0x27, 0x15, 0xd0, 0x16, 0x57, 0x8c, 0x29, 0x39, 0x74, 0x24, 0x3f, 0x41, 0xbc, 0x58, + 0x12, 0x86, 0x0f, 0x0f, 0xd7, 0x08, 0x2b, 0x1b, 0x58, 0xc3, 0xbd, 0xc7, 0x20, 0x8c, 0xde, 0x00, + 0x44, 0x19, 0x35, 0xb7, 0x49, 0x16, 0x9a, 0x2c, 0x84, 0x38, 0xd3, 0x23, 0x8e, 0x1a, 0x3e, 0x13, + 0xa8, 0xd1, 0x85, 0x81, 0x33, 0x6a, 0xa1, 0x1b, 0xf4, 0x20, 0xd3, 0x4b, 0x85, 0x2d, 0xaf, 0x64, + 0xee, 0x67, 0xab, 0xa4, 0x1d, 0x92, 0xa6, 0x13, 0x93, 0x96, 0x49, 0x11, 0xa7, 0xea, 0xd1, 0xbb, + 0x54, 0x65, 0x13, 0x02, 0x33, 0x6c, 0x46, 0x77, 0x46, 0x21, 0x2a, 0x17, 0x6f, 0x07, 0x51, 0xbc, + 0x46, 0xe2, 0x7b, 0x41, 0xb8, 0x23, 0xa2, 0x94, 0x25, 0x01, 0x33, 0x13, 0x10, 0xd6, 0xf1, 0x28, + 0x1f, 0xcc, 0x9e, 0x89, 0x6b, 0x55, 0xf6, 0x42, 0x37, 0x9a, 0xec, 0x93, 0x1b, 0xbc, 0x18, 0x4b, + 0xb8, 0x44, 0xad, 0xd5, 0x97, 0xd8, 0x6b, 0x5b, 0x0a, 0xb5, 0x56, 0x5f, 0xc2, 0x12, 0x8e, 0x48, + 0x77, 0x42, 0xd6, 0xc9, 0x7c, 0xad, 0x66, 0xf7, 0x75, 0x30, 0x60, 0x4e, 0x56, 0x1f, 0xa6, 0x55, + 0x2a, 0x58, 0x1e, 0xbe, 0x2d, 0x9a, 0x9d, 0x62, 0x8b, 0x64, 0xf0, 0xd8, 0x6f, 0x4a, 0x4f, 0x5c, + 0x4b, 0x51, 0xc2, 0x5d, 0xb4, 0x8d, 0x40, 0x26, 0xd3, 0x7d, 0xb3, 0x41, 0x5d, 0x85, 0x72, 0xd4, + 0xd9, 0x68, 0x05, 0xbb, 0x8e, 0xeb, 0xb3, 0xc7, 0x31, 0x8d, 0xc9, 0x6a, 0x48, 0x00, 0x4e, 0x70, + 0xd0, 0x0a, 0x8c, 0x3a, 0x52, 0x09, 0x8c, 0xf2, 0xa3, 0x16, 0x28, 0xd5, 0x2f, 0x77, 0xe4, 0x95, + 0x6a, 0x5f, 0x55, 0x17, 0xbd, 0x0a, 0x13, 0xc2, 0x6f, 0x8b, 0xc7, 0x72, 0x60, 0x8f, 0x57, 0x9a, + 0x61, 0x7e, 0x43, 0x07, 0x62, 0x13, 0x17, 0x7d, 0x01, 0x26, 0x29, 0x95, 0xe4, 0x60, 0x9b, 0x3d, + 0x3b, 0xc8, 0x89, 0xa8, 0x65, 0xf9, 0xd0, 0x2b, 0xe3, 0x14, 0x31, 0xd4, 0x82, 0xc7, 0x9d, 0x4e, + 0x1c, 0x30, 0x45, 0xba, 0xb9, 0xfe, 0xd7, 0x83, 0x1d, 0xe2, 0xb3, 0x37, 0xac, 0xd1, 0xc5, 0x4b, + 0x87, 0x07, 0x95, 0xc7, 0x17, 0x7a, 0xe0, 0xe1, 0x9e, 0x54, 0xd0, 0x1d, 0x18, 0x8b, 0x03, 0x8f, + 0x99, 0xc8, 0x53, 0x56, 0xe2, 0x91, 0xfc, 0x40, 0x40, 0xeb, 0x0a, 0x4d, 0x57, 0x22, 0xa9, 0xaa, + 0x58, 0xa7, 0x83, 0xd6, 0xf9, 0x1e, 0x63, 0x21, 0x52, 0x49, 0x34, 0xfb, 0x68, 0xfe, 0xc0, 0xa8, + 0x48, 0xaa, 0xe6, 0x16, 0x14, 0x35, 0xb1, 0x4e, 0x06, 0x5d, 0x87, 0x99, 0x76, 0xe8, 0x06, 0x6c, + 0x61, 0xab, 0x47, 0x8c, 0x59, 0x33, 0xb1, 0x43, 0x3d, 0x8d, 0x80, 0xbb, 0xeb, 0x50, 0x21, 0x53, + 0x16, 0xce, 0x9e, 0xe7, 0x59, 0xc2, 0x38, 0xe3, 0xcd, 0xcb, 0xb0, 0x82, 0xa2, 0x55, 0x76, 0x2e, + 0x73, 0x71, 0x70, 0x76, 0x2e, 0x3f, 0xda, 0x83, 0x2e, 0x36, 0x72, 0x7e, 0x49, 0xfd, 0xc5, 0x09, + 0x05, 0x7a, 0x6f, 0x44, 0xdb, 0x4e, 0x48, 0xea, 0x61, 0xd0, 0x24, 0x91, 0x16, 0x95, 0xf9, 0x31, + 0x1e, 0xc9, 0x91, 0xde, 0x1b, 0x8d, 0x2c, 0x04, 0x9c, 0x5d, 0x0f, 0xb5, 0xb4, 0xe4, 0xd8, 0x94, + 0x0d, 0x8d, 0x66, 0x1f, 0xef, 0x61, 0x70, 0x94, 0xe2, 0x59, 0x93, 0xb5, 0x68, 0x14, 0x47, 0x38, + 0x45, 0x13, 0x7d, 0x07, 0x4c, 0x8b, 0xc0, 0x47, 0xc9, 0xb8, 0x5f, 0x48, 0x2c, 0x19, 0x71, 0x0a, + 0x86, 0xbb, 0xb0, 0x79, 0x2c, 0x6a, 0x67, 0xc3, 0x23, 0x62, 0x11, 0xde, 0x72, 0xfd, 0x9d, 0x68, + 0xf6, 0x22, 0xfb, 0x6a, 0x11, 0x8b, 0x3a, 0x0d, 0xc5, 0x19, 0x35, 0xe6, 0xbe, 0x1d, 0x66, 0xba, + 0x6e, 0xae, 0x63, 0xc5, 0x6f, 0xff, 0x93, 0x21, 0x28, 0x2b, 0xa5, 0x3c, 0xba, 0x6a, 0xbe, 0xb5, + 0x9c, 0x4f, 0xbf, 0xb5, 0x8c, 0x52, 0xd9, 0x40, 0x7f, 0x5e, 0x59, 0x37, 0x0c, 0xf5, 0x0a, 0xf9, + 0xd9, 0xd2, 0x74, 0xee, 0xbe, 0xaf, 0xd3, 0x9f, 0xa6, 0x63, 0x29, 0x0e, 0xfc, 0x68, 0x53, 0xea, + 0xa9, 0xb6, 0x19, 0x30, 0x59, 0x31, 0x7a, 0x92, 0x0a, 0x48, 0xad, 0x5a, 0x3d, 0x9d, 0xbd, 0xb3, + 0x4e, 0x0b, 0x31, 0x87, 0x31, 0x41, 0x92, 0xb2, 0x59, 0x4c, 0x90, 0x1c, 0x79, 0x40, 0x41, 0x52, + 0x12, 0xc0, 0x09, 0x2d, 0xe4, 0xc1, 0x4c, 0xd3, 0x4c, 0xbc, 0xaa, 0x1c, 0xfd, 0x9e, 0xec, 0x9b, + 0x02, 0xb5, 0xa3, 0x65, 0xb9, 0x5b, 0x4a, 0x53, 0xc1, 0xdd, 0x84, 0xd1, 0xab, 0x30, 0xfa, 0x5e, + 0x10, 0xb1, 0x45, 0x29, 0x78, 0x0d, 0xe9, 0x10, 0x35, 0xfa, 0xe6, 0xed, 0x06, 0x2b, 0x3f, 0x3a, + 0xa8, 0x8c, 0xd5, 0x83, 0x96, 0xfc, 0x8b, 0x55, 0x05, 0x74, 0x1f, 0xce, 0x19, 0x27, 0xb4, 0xea, + 0x2e, 0x0c, 0xde, 0xdd, 0x0b, 0xa2, 0xb9, 0x73, 0xb5, 0x2c, 0x4a, 0x38, 0xbb, 0x01, 0x7a, 0xec, + 0xf9, 0x81, 0x48, 0x5a, 0x2c, 0xf9, 0x19, 0xc6, 0xb6, 0x94, 0x75, 0x77, 0xf8, 0x14, 0x02, 0xee, + 0xae, 0x63, 0xff, 0x32, 0x7f, 0xc3, 0x10, 0x9a, 0x4e, 0x12, 0x75, 0xbc, 0xd3, 0xc8, 0x89, 0xb5, + 0x6c, 0x28, 0x61, 0x1f, 0xf8, 0x9d, 0xec, 0xd7, 0x2d, 0xf6, 0x4e, 0xb6, 0x4e, 0x76, 0xdb, 0x1e, + 0x95, 0xb7, 0x1f, 0x7e, 0xc7, 0xdf, 0x84, 0xd1, 0x58, 0xb4, 0xd6, 0x2b, 0x8d, 0x97, 0xd6, 0x29, + 0xf6, 0x56, 0xa8, 0x38, 0x1d, 0x59, 0x8a, 0x15, 0x19, 0xfb, 0x9f, 0xf1, 0x19, 0x90, 0x90, 0x53, + 0x50, 0x88, 0x55, 0x4d, 0x85, 0x58, 0xa5, 0xcf, 0x17, 0xe4, 0x28, 0xc6, 0xfe, 0xa9, 0xd9, 0x6f, + 0x26, 0x54, 0x7e, 0xd4, 0x1f, 0x68, 0xed, 0x1f, 0xb6, 0xe0, 0x6c, 0x96, 0x45, 0x13, 0xe5, 0x4e, + 0xb9, 0x48, 0xab, 0x1e, 0xac, 0xd5, 0x08, 0xde, 0x15, 0xe5, 0x58, 0x61, 0x0c, 0x9c, 0x21, 0xe3, + 0x78, 0x11, 0xe3, 0x6e, 0xc3, 0x44, 0x3d, 0x24, 0xda, 0x1d, 0xf0, 0x3a, 0xf7, 0xac, 0xe3, 0xfd, + 0x79, 0xf6, 0xd8, 0x5e, 0x75, 0xf6, 0xcf, 0x14, 0xe0, 0x2c, 0x7f, 0x71, 0x5a, 0xd8, 0x0b, 0xdc, + 0x56, 0x3d, 0x68, 0x89, 0xec, 0x26, 0x6f, 0xc3, 0x78, 0x5b, 0xd3, 0x43, 0xf4, 0x8a, 0x59, 0xa5, + 0xeb, 0x2b, 0x12, 0x79, 0x50, 0x2f, 0xc5, 0x06, 0x2d, 0xd4, 0x82, 0x71, 0xb2, 0xe7, 0x36, 0xd5, + 0xb3, 0x45, 0xe1, 0xd8, 0x77, 0x83, 0x6a, 0x65, 0x59, 0xa3, 0x83, 0x0d, 0xaa, 0x0f, 0x21, 0xe1, + 0x9d, 0xfd, 0x23, 0x16, 0x3c, 0x9a, 0x13, 0xe1, 0x8a, 0x36, 0x77, 0x8f, 0xbd, 0xed, 0x89, 0xdc, + 0x59, 0xaa, 0x39, 0xfe, 0xe2, 0x87, 0x05, 0x14, 0x7d, 0x0e, 0x80, 0xbf, 0xd8, 0x51, 0xf1, 0xa8, + 0x5f, 0x28, 0x20, 0x23, 0x8a, 0x89, 0x16, 0x7d, 0x42, 0xd6, 0xc7, 0x1a, 0x2d, 0xfb, 0x27, 0x8b, + 0x30, 0xc4, 0x5e, 0x88, 0xd0, 0x0a, 0x8c, 0x6c, 0xf3, 0x98, 0xcf, 0x83, 0x84, 0x97, 0x4e, 0xe4, + 0x4c, 0x5e, 0x80, 0x65, 0x65, 0xb4, 0x0a, 0x67, 0x78, 0xcc, 0x6c, 0xaf, 0x4a, 0x3c, 0x67, 0x5f, + 0xaa, 0x2b, 0x78, 0xbe, 0x29, 0x15, 0x49, 0xa3, 0xd6, 0x8d, 0x82, 0xb3, 0xea, 0xa1, 0xd7, 0x61, + 0x92, 0xf2, 0x77, 0x41, 0x27, 0x96, 0x94, 0x78, 0xb4, 0x6c, 0xc5, 0x50, 0xae, 0x1b, 0x50, 0x9c, + 0xc2, 0xa6, 0x82, 0x57, 0xbb, 0x4b, 0x31, 0x33, 0x94, 0x08, 0x5e, 0xa6, 0x32, 0xc6, 0xc4, 0x65, + 0xa6, 0x4c, 0x1d, 0x66, 0xb8, 0xb5, 0xbe, 0x1d, 0x92, 0x68, 0x3b, 0xf0, 0x5a, 0x22, 0x5d, 0x79, + 0x62, 0xca, 0x94, 0x82, 0xe3, 0xae, 0x1a, 0x94, 0xca, 0xa6, 0xe3, 0x7a, 0x9d, 0x90, 0x24, 0x54, + 0x86, 0x4d, 0x2a, 0x2b, 0x29, 0x38, 0xee, 0xaa, 0x41, 0xd7, 0xd1, 0x39, 0x91, 0x3f, 0x5c, 0xfa, + 0xf7, 0x2b, 0xfb, 0xb4, 0x11, 0xe9, 0xe9, 0xd4, 0x23, 0xc0, 0x8d, 0xb0, 0xe0, 0x51, 0x19, 0xc8, + 0x35, 0x7d, 0xa2, 0xf0, 0x71, 0x92, 0x54, 0x1e, 0x24, 0x8b, 0xf5, 0x0f, 0x14, 0xe0, 0x4c, 0x86, + 0x1d, 0x2c, 0x3f, 0xaa, 0xb6, 0xdc, 0x28, 0x56, 0x39, 0x75, 0xb4, 0xa3, 0x8a, 0x97, 0x63, 0x85, + 0x41, 0xf7, 0x03, 0x3f, 0x0c, 0xd3, 0x07, 0xa0, 0xb0, 0x33, 0x13, 0xd0, 0x63, 0x66, 0xa7, 0xb9, + 0x04, 0xa5, 0x4e, 0x44, 0x64, 0x68, 0x2a, 0x75, 0x7e, 0x33, 0x0d, 0x33, 0x83, 0x50, 0xd6, 0x74, + 0x4b, 0x29, 0x77, 0x35, 0xd6, 0x94, 0x6b, 0x6c, 0x39, 0x8c, 0x76, 0x2e, 0x26, 0xbe, 0xe3, 0xc7, + 0x82, 0x81, 0x4d, 0x02, 0xaa, 0xb0, 0x52, 0x2c, 0xa0, 0xf6, 0x57, 0x8b, 0x70, 0x3e, 0xd7, 0x32, + 0x9e, 0x76, 0x7d, 0x37, 0xf0, 0xdd, 0x38, 0x50, 0xaf, 0x94, 0x3c, 0x88, 0x0a, 0x69, 0x6f, 0xaf, + 0x8a, 0x72, 0xac, 0x30, 0xd0, 0x65, 0x99, 0xf1, 0x3e, 0x9d, 0x5d, 0x68, 0xb1, 0x6a, 0x24, 0xbd, + 0x1f, 0x34, 0x73, 0xdb, 0x93, 0x50, 0x6a, 0x07, 0x81, 0x97, 0x3e, 0xb4, 0x68, 0x77, 0x83, 0xc0, + 0xc3, 0x0c, 0x88, 0x3e, 0x21, 0xc6, 0x2b, 0xf5, 0x2c, 0x87, 0x9d, 0x56, 0x10, 0x69, 0x83, 0xf6, + 0x34, 0x8c, 0xec, 0x90, 0xfd, 0xd0, 0xf5, 0xb7, 0xd2, 0xcf, 0xb5, 0x37, 0x79, 0x31, 0x96, 0x70, + 0x33, 0xd7, 0xc4, 0xc8, 0x49, 0xa7, 0x5c, 0x1b, 0xed, 0x7b, 0x05, 0xfe, 0x60, 0x11, 0xa6, 0xf0, + 0x62, 0xf5, 0x5b, 0x13, 0x71, 0xa7, 0x7b, 0x22, 0x4e, 0x3a, 0xe5, 0x5a, 0xff, 0xd9, 0xf8, 0x05, + 0x0b, 0xa6, 0x58, 0x3c, 0x66, 0x11, 0xba, 0xc3, 0x0d, 0xfc, 0x53, 0x60, 0xf1, 0x9e, 0x84, 0xa1, + 0x90, 0x36, 0x9a, 0x4e, 0x2b, 0xc4, 0x7a, 0x82, 0x39, 0x0c, 0x3d, 0x0e, 0x25, 0xd6, 0x05, 0x3a, + 0x79, 0xe3, 0x3c, 0x23, 0x43, 0xd5, 0x89, 0x1d, 0xcc, 0x4a, 0x99, 0x3f, 0x3a, 0x26, 0x6d, 0xcf, + 0xe5, 0x9d, 0x4e, 0x9e, 0x40, 0x3e, 0x1a, 0xfe, 0xe8, 0x99, 0x5d, 0xfb, 0x60, 0xfe, 0xe8, 0xd9, + 0x24, 0x7b, 0x8b, 0x4f, 0x7f, 0x58, 0x80, 0x8b, 0x99, 0xf5, 0x06, 0xf6, 0x47, 0xef, 0x5d, 0xfb, + 0x64, 0xac, 0x6e, 0xb2, 0x8d, 0x61, 0x8a, 0xa7, 0x68, 0x0c, 0x53, 0x1a, 0x94, 0xc3, 0x1c, 0x1a, + 0xc0, 0x4d, 0x3c, 0x73, 0xc8, 0x3e, 0x22, 0x6e, 0xe2, 0x99, 0x7d, 0xcb, 0x11, 0xff, 0xfe, 0xac, + 0x90, 0xf3, 0x2d, 0x4c, 0x10, 0xbc, 0x42, 0xcf, 0x19, 0x06, 0x8c, 0x04, 0xc7, 0x3c, 0xce, 0xcf, + 0x18, 0x5e, 0x86, 0x15, 0x14, 0xb9, 0x9a, 0xc3, 0x75, 0x21, 0x3f, 0xcb, 0x66, 0x6e, 0x53, 0xf3, + 0xe6, 0x8b, 0x95, 0x1a, 0x82, 0x0c, 0xe7, 0xeb, 0x55, 0x4d, 0x78, 0x2f, 0x0e, 0x2e, 0xbc, 0x8f, + 0x67, 0x0b, 0xee, 0x68, 0x01, 0xa6, 0x76, 0x5d, 0x9f, 0x1e, 0x9b, 0xfb, 0x26, 0xcb, 0xaa, 0xe2, + 0x8f, 0xac, 0x9a, 0x60, 0x9c, 0xc6, 0x9f, 0x7b, 0x15, 0x26, 0x1e, 0x5c, 0x6d, 0xf9, 0xcd, 0x22, + 0x3c, 0xd6, 0x63, 0xdb, 0xf3, 0xb3, 0xde, 0x98, 0x03, 0xed, 0xac, 0xef, 0x9a, 0x87, 0x3a, 0x9c, + 0xdd, 0xec, 0x78, 0xde, 0x3e, 0xb3, 0x37, 0x25, 0x2d, 0x89, 0x21, 0x78, 0xca, 0xc7, 0x65, 0x0e, + 0x8c, 0x95, 0x0c, 0x1c, 0x9c, 0x59, 0x13, 0xbd, 0x01, 0x28, 0x10, 0x29, 0x7e, 0xaf, 0x13, 0x5f, + 0xbc, 0x03, 0xb0, 0x81, 0x2f, 0x26, 0x9b, 0xf1, 0x76, 0x17, 0x06, 0xce, 0xa8, 0x45, 0x85, 0x03, + 0x7a, 0x2b, 0xed, 0xab, 0x6e, 0xa5, 0x84, 0x03, 0xac, 0x03, 0xb1, 0x89, 0x8b, 0xae, 0xc3, 0x8c, + 0xb3, 0xe7, 0xb8, 0x3c, 0x2e, 0x9f, 0x24, 0xc0, 0xa5, 0x03, 0xa5, 0x2c, 0x5b, 0x48, 0x23, 0xe0, + 0xee, 0x3a, 0x29, 0x97, 0xec, 0xe1, 0x7c, 0x97, 0xec, 0xde, 0xe7, 0x62, 0x3f, 0xdd, 0xaf, 0xfd, + 0x9f, 0x2c, 0x7a, 0x7d, 0x65, 0xa4, 0xe9, 0xa7, 0xe3, 0xa0, 0x74, 0x98, 0x9a, 0x77, 0xf4, 0x39, + 0xcd, 0xa2, 0x24, 0x01, 0x62, 0x13, 0x97, 0x2f, 0x88, 0x28, 0x71, 0xca, 0x31, 0x58, 0x7c, 0x11, + 0x5d, 0x41, 0x61, 0xa0, 0xcf, 0xc3, 0x48, 0xcb, 0xdd, 0x73, 0xa3, 0x20, 0x14, 0x9b, 0xe5, 0x98, + 0xae, 0x0d, 0xc9, 0x39, 0x58, 0xe5, 0x64, 0xb0, 0xa4, 0x67, 0xff, 0x60, 0x01, 0x26, 0x64, 0x8b, + 0x6f, 0x76, 0x82, 0xd8, 0x39, 0x85, 0x6b, 0xf9, 0xba, 0x71, 0x2d, 0x7f, 0xa2, 0x57, 0x88, 0x09, + 0xd6, 0xa5, 0xdc, 0xeb, 0xf8, 0x76, 0xea, 0x3a, 0x7e, 0xaa, 0x3f, 0xa9, 0xde, 0xd7, 0xf0, 0x3f, + 0xb7, 0x60, 0xc6, 0xc0, 0x3f, 0x85, 0xdb, 0x60, 0xc5, 0xbc, 0x0d, 0x9e, 0xe8, 0xfb, 0x0d, 0x39, + 0xb7, 0xc0, 0xf7, 0x15, 0x53, 0x7d, 0x67, 0xa7, 0xff, 0x7b, 0x50, 0xda, 0x76, 0xc2, 0x56, 0xaf, + 0x50, 0xb6, 0x5d, 0x95, 0xe6, 0x6f, 0x38, 0x61, 0x8b, 0x9f, 0xe1, 0xcf, 0xaa, 0x3c, 0x99, 0x4e, + 0xd8, 0xea, 0xeb, 0x83, 0xc6, 0x9a, 0x42, 0xaf, 0xc0, 0x70, 0xd4, 0x0c, 0xda, 0xca, 0x42, 0xf4, + 0x12, 0xcf, 0xa1, 0x49, 0x4b, 0x8e, 0x0e, 0x2a, 0xc8, 0x6c, 0x8e, 0x16, 0x63, 0x81, 0x8f, 0xde, + 0x86, 0x09, 0xf6, 0x4b, 0x59, 0x4a, 0x14, 0xf3, 0x13, 0x28, 0x34, 0x74, 0x44, 0x6e, 0x70, 0x63, + 0x14, 0x61, 0x93, 0xd4, 0xdc, 0x16, 0x94, 0xd5, 0x67, 0x3d, 0x54, 0xdf, 0xa1, 0x7f, 0x5f, 0x84, + 0x33, 0x19, 0x6b, 0x0e, 0x45, 0xc6, 0x4c, 0x3c, 0x3f, 0xe0, 0x52, 0xfd, 0x80, 0x73, 0x11, 0x31, + 0x69, 0xa8, 0x25, 0xd6, 0xd6, 0xc0, 0x8d, 0xde, 0x89, 0x48, 0xba, 0x51, 0x5a, 0xd4, 0xbf, 0x51, + 0xda, 0xd8, 0xa9, 0x0d, 0x35, 0x6d, 0x48, 0xf5, 0xf4, 0xa1, 0xce, 0xe9, 0x1f, 0x17, 0xe1, 0x6c, + 0x56, 0xd4, 0x1b, 0xf4, 0xdd, 0xa9, 0x64, 0x3a, 0x2f, 0x0e, 0x1a, 0x2f, 0x87, 0x67, 0xd8, 0x11, + 0xb9, 0xb0, 0xe7, 0xcd, 0xf4, 0x3a, 0x7d, 0x87, 0x59, 0xb4, 0xc9, 0x1c, 0x4e, 0x43, 0x9e, 0x04, + 0x49, 0x1e, 0x1f, 0x9f, 0x1e, 0xb8, 0x03, 0x22, 0x7b, 0x52, 0x94, 0x72, 0x38, 0x95, 0xc5, 0xfd, + 0x1d, 0x4e, 0x65, 0xcb, 0x73, 0x2e, 0x8c, 0x69, 0x5f, 0xf3, 0x50, 0x67, 0x7c, 0x87, 0xde, 0x56, + 0x5a, 0xbf, 0x1f, 0xea, 0xac, 0xff, 0x88, 0x05, 0x29, 0x73, 0x4c, 0xa5, 0x16, 0xb3, 0x72, 0xd5, + 0x62, 0x97, 0xa0, 0x14, 0x06, 0x1e, 0x49, 0xe7, 0xae, 0xc1, 0x81, 0x47, 0x30, 0x83, 0x50, 0x8c, + 0x38, 0x51, 0x76, 0x8c, 0xeb, 0x82, 0x9c, 0x10, 0xd1, 0x9e, 0x84, 0x21, 0x8f, 0xec, 0x11, 0x2f, + 0x1d, 0x18, 0xfe, 0x16, 0x2d, 0xc4, 0x1c, 0x66, 0xff, 0x42, 0x09, 0x2e, 0xf4, 0x74, 0xd9, 0xa6, + 0xe2, 0xd0, 0x96, 0x13, 0x93, 0x7b, 0xce, 0x7e, 0x3a, 0x82, 0xf3, 0x75, 0x5e, 0x8c, 0x25, 0x9c, + 0x59, 0xa8, 0xf3, 0x88, 0x8d, 0x29, 0x25, 0xa2, 0x08, 0xd4, 0x28, 0xa0, 0xa6, 0x52, 0xaa, 0x78, + 0x12, 0x4a, 0xa9, 0x6b, 0x00, 0x51, 0xe4, 0x71, 0xfb, 0x82, 0x96, 0x30, 0x7d, 0x4f, 0x22, 0x7b, + 0x36, 0x6e, 0x09, 0x08, 0xd6, 0xb0, 0x50, 0x15, 0xa6, 0xdb, 0x61, 0x10, 0x73, 0x9d, 0x6c, 0x95, + 0x1b, 0x26, 0x0d, 0x99, 0xde, 0xb2, 0xf5, 0x14, 0x1c, 0x77, 0xd5, 0x40, 0x2f, 0xc1, 0x98, 0xf0, + 0xa0, 0xad, 0x07, 0x81, 0x27, 0xd4, 0x40, 0xca, 0xcc, 0xa5, 0x91, 0x80, 0xb0, 0x8e, 0xa7, 0x55, + 0x63, 0x8a, 0xde, 0x91, 0xcc, 0x6a, 0x5c, 0xd9, 0xab, 0xe1, 0xa5, 0x22, 0x60, 0x8d, 0x0e, 0x14, + 0x01, 0x2b, 0x51, 0x8c, 0x95, 0x07, 0x7e, 0xdb, 0x82, 0xbe, 0xaa, 0xa4, 0x9f, 0x2d, 0xc1, 0x19, + 0xb1, 0x70, 0x1e, 0xf6, 0x72, 0xb9, 0xd3, 0xbd, 0x5c, 0x4e, 0x42, 0x75, 0xf6, 0xad, 0x35, 0x73, + 0xda, 0x6b, 0xe6, 0x87, 0x2c, 0x30, 0xd9, 0x2b, 0xf4, 0xff, 0xe5, 0x86, 0xc0, 0x7f, 0x29, 0x97, + 0x5d, 0x6b, 0xc9, 0x0b, 0xe4, 0x03, 0x06, 0xc3, 0xb7, 0xff, 0xa3, 0x05, 0x4f, 0xf4, 0xa5, 0x88, + 0x96, 0xa1, 0xcc, 0x78, 0x40, 0x4d, 0x3a, 0x7b, 0x4a, 0x19, 0x2e, 0x4a, 0x40, 0x0e, 0x4b, 0x9a, + 0xd4, 0x44, 0xcb, 0x5d, 0xb9, 0x06, 0x9e, 0xce, 0xc8, 0x35, 0x70, 0xce, 0x18, 0x9e, 0x07, 0x4c, + 0x36, 0xf0, 0xcb, 0x45, 0x18, 0xe6, 0x2b, 0xfe, 0x14, 0xc4, 0xb0, 0x15, 0xa1, 0xb7, 0xed, 0x11, + 0x03, 0x8b, 0xf7, 0x65, 0xbe, 0xea, 0xc4, 0x0e, 0x67, 0x13, 0xd4, 0x6d, 0x95, 0x68, 0x78, 0xd1, + 0xbc, 0x71, 0x9f, 0xcd, 0xa5, 0x14, 0x93, 0xc0, 0x69, 0x68, 0xb7, 0xdb, 0x17, 0x01, 0x22, 0x96, + 0xa7, 0x9f, 0xd2, 0x10, 0xd1, 0xd4, 0x3e, 0xd9, 0xa3, 0xf5, 0x86, 0x42, 0xe6, 0x7d, 0x48, 0x76, + 0xba, 0x02, 0x60, 0x8d, 0xe2, 0xdc, 0xcb, 0x50, 0x56, 0xc8, 0xfd, 0xb4, 0x38, 0xe3, 0x3a, 0x73, + 0xf1, 0x59, 0x98, 0x4a, 0xb5, 0x75, 0x2c, 0x25, 0xd0, 0x2f, 0x5a, 0x30, 0xc5, 0xbb, 0xbc, 0xec, + 0xef, 0x89, 0x33, 0xf5, 0x7d, 0x38, 0xeb, 0x65, 0x9c, 0x6d, 0x62, 0x46, 0x07, 0x3f, 0x0b, 0x95, + 0xd2, 0x27, 0x0b, 0x8a, 0x33, 0xdb, 0x40, 0x57, 0xe8, 0xba, 0xa5, 0x67, 0x97, 0xe3, 0x09, 0x6f, + 0xa7, 0x71, 0xbe, 0x66, 0x79, 0x19, 0x56, 0x50, 0xfb, 0xb7, 0x2d, 0x98, 0xe1, 0x3d, 0xbf, 0x49, + 0xf6, 0xd5, 0x0e, 0xff, 0x30, 0xfb, 0x2e, 0xd2, 0x7f, 0x14, 0x72, 0xd2, 0x7f, 0xe8, 0x9f, 0x56, + 0xec, 0xf9, 0x69, 0x3f, 0x63, 0x81, 0x58, 0x81, 0xa7, 0x20, 0xca, 0x7f, 0xbb, 0x29, 0xca, 0xcf, + 0xe5, 0x2f, 0xea, 0x1c, 0x19, 0xfe, 0x4f, 0x2d, 0x98, 0xe6, 0x08, 0xc9, 0x9b, 0xf3, 0x87, 0x3a, + 0x0f, 0x83, 0xe4, 0xf1, 0x53, 0xc9, 0xbd, 0xb3, 0x3f, 0xca, 0x98, 0xac, 0x52, 0xcf, 0xc9, 0x6a, + 0xc9, 0x0d, 0x74, 0x8c, 0x1c, 0x96, 0xc7, 0x0e, 0xa3, 0x6d, 0xff, 0x81, 0x05, 0x88, 0x37, 0x63, + 0xb0, 0x3f, 0x94, 0xa9, 0x60, 0xa5, 0xda, 0x75, 0x91, 0x1c, 0x35, 0x0a, 0x82, 0x35, 0xac, 0x13, + 0x19, 0x9e, 0x94, 0xe1, 0x40, 0xb1, 0xbf, 0xe1, 0xc0, 0x31, 0x46, 0xf4, 0x7f, 0x97, 0x20, 0xed, + 0x7e, 0x80, 0xee, 0xc2, 0x78, 0xd3, 0x69, 0x3b, 0x1b, 0xae, 0xe7, 0xc6, 0x2e, 0x89, 0x7a, 0x59, + 0x1c, 0x2d, 0x69, 0x78, 0xe2, 0xa9, 0x57, 0x2b, 0xc1, 0x06, 0x1d, 0x34, 0x0f, 0xd0, 0x0e, 0xdd, + 0x3d, 0xd7, 0x23, 0x5b, 0x4c, 0xe3, 0xc0, 0xfc, 0x2b, 0xb9, 0x19, 0x8d, 0x2c, 0xc5, 0x1a, 0x46, + 0x86, 0xab, 0x5c, 0xf1, 0xe1, 0xb9, 0xca, 0x95, 0x8e, 0xe9, 0x2a, 0x37, 0x34, 0x90, 0xab, 0x1c, + 0x86, 0x47, 0x24, 0x8b, 0x44, 0xff, 0xaf, 0xb8, 0x1e, 0x11, 0x7c, 0x31, 0xf7, 0xba, 0x9c, 0x3b, + 0x3c, 0xa8, 0x3c, 0x82, 0x33, 0x31, 0x70, 0x4e, 0x4d, 0xf4, 0x39, 0x98, 0x75, 0x3c, 0x2f, 0xb8, + 0xa7, 0x46, 0x6d, 0x39, 0x6a, 0x3a, 0x1e, 0xd7, 0xd8, 0x8f, 0x30, 0xaa, 0x8f, 0x1f, 0x1e, 0x54, + 0x66, 0x17, 0x72, 0x70, 0x70, 0x6e, 0xed, 0x94, 0xa7, 0xdd, 0x68, 0x5f, 0x4f, 0xbb, 0xd7, 0xa0, + 0xdc, 0x0e, 0x83, 0xe6, 0xaa, 0xe6, 0xfd, 0x73, 0x91, 0x65, 0xc8, 0x97, 0x85, 0x47, 0x07, 0x95, + 0x09, 0xf5, 0x87, 0xdd, 0xf0, 0x49, 0x05, 0x7b, 0x07, 0xce, 0x34, 0x48, 0xe8, 0xb2, 0xdc, 0x9b, + 0xad, 0x64, 0x43, 0xaf, 0x43, 0x39, 0x4c, 0x1d, 0x61, 0x03, 0x05, 0x72, 0xd2, 0xe2, 0x0b, 0xcb, + 0x23, 0x2b, 0x21, 0x64, 0xff, 0x89, 0x05, 0x23, 0xc2, 0x12, 0xfd, 0x14, 0x38, 0xa7, 0x05, 0x43, + 0x81, 0x5d, 0xc9, 0x3e, 0xe6, 0x59, 0x67, 0x72, 0x55, 0xd7, 0xb5, 0x94, 0xea, 0xfa, 0x89, 0x5e, + 0x44, 0x7a, 0x2b, 0xad, 0xff, 0x76, 0x11, 0x26, 0x4d, 0xe7, 0x91, 0x53, 0x18, 0x82, 0x35, 0x18, + 0x89, 0x84, 0xa7, 0x52, 0x21, 0xdf, 0xc2, 0x3a, 0x3d, 0x89, 0x89, 0xf9, 0x94, 0xf0, 0x4d, 0x92, + 0x44, 0x32, 0x5d, 0xa0, 0x8a, 0x0f, 0xd1, 0x05, 0xaa, 0x9f, 0xff, 0x4e, 0xe9, 0x24, 0xfc, 0x77, + 0xec, 0xaf, 0xb3, 0xab, 0x46, 0x2f, 0x3f, 0x05, 0x2e, 0xe4, 0xba, 0x79, 0x29, 0xd9, 0x3d, 0x56, + 0x96, 0xe8, 0x54, 0x0e, 0x37, 0xf2, 0xf3, 0x16, 0x5c, 0xc8, 0xf8, 0x2a, 0x8d, 0x35, 0x79, 0x16, + 0x46, 0x9d, 0x4e, 0xcb, 0x55, 0x7b, 0x59, 0x7b, 0xc6, 0x5a, 0x10, 0xe5, 0x58, 0x61, 0xa0, 0x25, + 0x98, 0x21, 0xf7, 0xdb, 0x2e, 0x7f, 0x47, 0xd4, 0x6d, 0x1c, 0x8b, 0x3c, 0xb8, 0xed, 0x72, 0x1a, + 0x88, 0xbb, 0xf1, 0x95, 0xfb, 0x77, 0x31, 0xd7, 0xfd, 0xfb, 0x1f, 0x59, 0x30, 0xa6, 0xbc, 0x52, + 0x1e, 0xfa, 0x68, 0x7f, 0x87, 0x39, 0xda, 0x8f, 0xf5, 0x18, 0xed, 0x9c, 0x61, 0xfe, 0xbb, 0x05, + 0xd5, 0xdf, 0x7a, 0x10, 0xc6, 0x03, 0xb0, 0x3c, 0xaf, 0xc0, 0x68, 0x3b, 0x0c, 0xe2, 0xa0, 0x19, + 0x78, 0x82, 0xe3, 0x79, 0x3c, 0x89, 0x4e, 0xc0, 0xcb, 0x8f, 0xb4, 0xdf, 0x58, 0x61, 0xb3, 0xd1, + 0x0b, 0xc2, 0x58, 0x70, 0x19, 0xc9, 0xe8, 0x05, 0x61, 0x8c, 0x19, 0x04, 0xb5, 0x00, 0x62, 0x27, + 0xdc, 0x22, 0x31, 0x2d, 0x13, 0x81, 0x4e, 0xf2, 0x0f, 0x8f, 0x4e, 0xec, 0x7a, 0xf3, 0xae, 0x1f, + 0x47, 0x71, 0x38, 0x5f, 0xf3, 0xe3, 0xdb, 0x21, 0x17, 0xa0, 0xb4, 0x70, 0x03, 0x8a, 0x16, 0xd6, + 0xe8, 0x4a, 0x9f, 0x50, 0xd6, 0xc6, 0x90, 0xf9, 0x20, 0xbe, 0x26, 0xca, 0xb1, 0xc2, 0xb0, 0x5f, + 0x66, 0x57, 0x09, 0x1b, 0xa0, 0xe3, 0x45, 0x02, 0xf8, 0xc6, 0xa8, 0x1a, 0x5a, 0xf6, 0x1a, 0x56, + 0xd5, 0xe3, 0x0d, 0xf4, 0x3e, 0xb9, 0x69, 0xc3, 0xba, 0xbf, 0x4d, 0x12, 0x94, 0x00, 0x7d, 0x67, + 0x97, 0x9d, 0xc4, 0x73, 0x7d, 0xae, 0x80, 0x63, 0x58, 0x46, 0xb0, 0x80, 0xdb, 0x2c, 0x1c, 0x71, + 0xad, 0x2e, 0x16, 0xb9, 0x16, 0x70, 0x5b, 0x00, 0x70, 0x82, 0x83, 0xae, 0x0a, 0xf1, 0xbb, 0x64, + 0xa4, 0xdd, 0x93, 0xe2, 0xb7, 0xfc, 0x7c, 0x4d, 0xfe, 0x7e, 0x1e, 0xc6, 0x54, 0xfa, 0xbd, 0x3a, + 0xcf, 0x62, 0x26, 0xc2, 0xbe, 0x2c, 0x27, 0xc5, 0x58, 0xc7, 0x41, 0xeb, 0x30, 0x15, 0x71, 0xdd, + 0x8b, 0x8a, 0xee, 0xc7, 0x75, 0x58, 0x9f, 0x94, 0xf6, 0x15, 0x0d, 0x13, 0x7c, 0xc4, 0x8a, 0xf8, + 0xd1, 0x21, 0x1d, 0x3b, 0xd3, 0x24, 0xd0, 0xeb, 0x30, 0xe9, 0xe9, 0x89, 0xee, 0xeb, 0x42, 0xc5, + 0xa5, 0xcc, 0x94, 0x8d, 0x34, 0xf8, 0x75, 0x9c, 0xc2, 0xa6, 0x9c, 0x92, 0x5e, 0x22, 0x22, 0x52, + 0x3a, 0xfe, 0x16, 0x89, 0x44, 0xf2, 0x30, 0xc6, 0x29, 0xdd, 0xca, 0xc1, 0xc1, 0xb9, 0xb5, 0xd1, + 0x2b, 0x30, 0x2e, 0x3f, 0x5f, 0x73, 0x5b, 0x4e, 0x8c, 0xe1, 0x35, 0x18, 0x36, 0x30, 0xd1, 0x3d, + 0x38, 0x27, 0xff, 0xaf, 0x87, 0xce, 0xe6, 0xa6, 0xdb, 0x14, 0x5e, 0xe3, 0xdc, 0x23, 0x68, 0x41, + 0xba, 0x18, 0x2d, 0x67, 0x21, 0x1d, 0x1d, 0x54, 0x2e, 0x89, 0x51, 0xcb, 0x84, 0xb3, 0x49, 0xcc, + 0xa6, 0x8f, 0x56, 0xe1, 0xcc, 0x36, 0x71, 0xbc, 0x78, 0x7b, 0x69, 0x9b, 0x34, 0x77, 0xe4, 0x26, + 0x62, 0xce, 0xd0, 0x9a, 0x09, 0xf9, 0x8d, 0x6e, 0x14, 0x9c, 0x55, 0x0f, 0xbd, 0x03, 0xb3, 0xed, + 0xce, 0x86, 0xe7, 0x46, 0xdb, 0x6b, 0x41, 0xcc, 0x4c, 0x3a, 0x54, 0xf6, 0x3a, 0xe1, 0x35, 0xad, + 0x1c, 0xc1, 0xeb, 0x39, 0x78, 0x38, 0x97, 0x02, 0x7a, 0x1f, 0xce, 0xa5, 0x16, 0x83, 0xf0, 0xe1, + 0x9c, 0xcc, 0x8f, 0xef, 0xdb, 0xc8, 0xaa, 0x20, 0x7c, 0x32, 0xb3, 0x40, 0x38, 0xbb, 0x89, 0x0f, + 0x66, 0xe8, 0xf3, 0x1e, 0xad, 0xac, 0x31, 0x65, 0xe8, 0x4b, 0x30, 0xae, 0xaf, 0x22, 0x71, 0xc1, + 0x5c, 0xce, 0xe6, 0x59, 0xb4, 0xd5, 0xc6, 0x59, 0x3a, 0xb5, 0xa2, 0x74, 0x18, 0x36, 0x28, 0xda, + 0x04, 0xb2, 0xbf, 0x0f, 0xdd, 0x82, 0xd1, 0xa6, 0xe7, 0x12, 0x3f, 0xae, 0xd5, 0x7b, 0x05, 0x19, + 0x59, 0x12, 0x38, 0x62, 0xc0, 0x44, 0x40, 0x54, 0x5e, 0x86, 0x15, 0x05, 0xfb, 0xd7, 0x0a, 0x50, + 0xe9, 0x13, 0x5d, 0x37, 0xa5, 0x8f, 0xb6, 0x06, 0xd2, 0x47, 0x2f, 0xc8, 0x5c, 0x7c, 0x6b, 0x29, + 0x21, 0x3d, 0x95, 0x67, 0x2f, 0x11, 0xd5, 0xd3, 0xf8, 0x03, 0xdb, 0x07, 0xeb, 0x2a, 0xed, 0x52, + 0x5f, 0x0b, 0x77, 0xe3, 0x29, 0x6b, 0x68, 0x70, 0x41, 0x24, 0xf7, 0x59, 0xc2, 0xfe, 0x7a, 0x01, + 0xce, 0xa9, 0x21, 0xfc, 0x8b, 0x3b, 0x70, 0x77, 0xba, 0x07, 0xee, 0x04, 0x1e, 0x75, 0xec, 0xdb, + 0x30, 0xcc, 0x83, 0xb4, 0x0c, 0xc0, 0x00, 0x3d, 0x69, 0x46, 0xf4, 0x52, 0xd7, 0xb4, 0x11, 0xd5, + 0xeb, 0xaf, 0x58, 0x30, 0xb5, 0xbe, 0x54, 0x6f, 0x04, 0xcd, 0x1d, 0x12, 0x2f, 0x70, 0x86, 0x15, + 0x0b, 0xfe, 0xc7, 0x7a, 0x40, 0xbe, 0x26, 0x8b, 0x63, 0xba, 0x04, 0xa5, 0xed, 0x20, 0x8a, 0xd3, + 0x2f, 0xbe, 0x37, 0x82, 0x28, 0xc6, 0x0c, 0x62, 0xff, 0x8e, 0x05, 0x43, 0x2c, 0x83, 0x6c, 0xbf, + 0xb4, 0xc6, 0x83, 0x7c, 0x17, 0x7a, 0x09, 0x86, 0xc9, 0xe6, 0x26, 0x69, 0xc6, 0x62, 0x56, 0xa5, + 0xdb, 0xea, 0xf0, 0x32, 0x2b, 0xa5, 0x97, 0x3e, 0x6b, 0x8c, 0xff, 0xc5, 0x02, 0x19, 0xbd, 0x05, + 0xe5, 0xd8, 0xdd, 0x25, 0x0b, 0xad, 0x96, 0x78, 0x33, 0x7b, 0x00, 0x2f, 0xe1, 0x75, 0x49, 0x00, + 0x27, 0xb4, 0xec, 0xaf, 0x16, 0x00, 0x92, 0x50, 0x03, 0xfd, 0x3e, 0x71, 0xb1, 0xeb, 0x35, 0xe5, + 0x72, 0xc6, 0x6b, 0x0a, 0x4a, 0x08, 0x66, 0x3c, 0xa5, 0xa8, 0x61, 0x2a, 0x0e, 0x34, 0x4c, 0xa5, + 0xe3, 0x0c, 0xd3, 0x12, 0xcc, 0x24, 0xa1, 0x12, 0xcc, 0xb8, 0x31, 0x4c, 0x48, 0x59, 0x4f, 0x03, + 0x71, 0x37, 0xbe, 0x4d, 0xe0, 0x92, 0x8c, 0xe0, 0x29, 0xef, 0x1a, 0x66, 0x92, 0x79, 0x8c, 0x0c, + 0xd7, 0xc9, 0x73, 0x51, 0x21, 0xf7, 0xb9, 0xe8, 0xc7, 0x2d, 0x38, 0x9b, 0x6e, 0x87, 0xf9, 0xc8, + 0x7d, 0xc5, 0x82, 0x73, 0xec, 0xd1, 0x8c, 0xb5, 0xda, 0xfd, 0x44, 0xf7, 0x62, 0x76, 0x08, 0x89, + 0xde, 0x3d, 0x4e, 0xfc, 0xa3, 0x57, 0xb3, 0x48, 0xe3, 0xec, 0x16, 0xed, 0xaf, 0x58, 0x70, 0x3e, + 0x37, 0x71, 0x11, 0xba, 0x02, 0xa3, 0x4e, 0xdb, 0xe5, 0x1a, 0x29, 0xb1, 0xdf, 0x99, 0xf4, 0x58, + 0xaf, 0x71, 0x7d, 0x94, 0x82, 0xaa, 0x84, 0x8a, 0x85, 0xdc, 0x84, 0x8a, 0x7d, 0xf3, 0x23, 0xda, + 0xdf, 0x6f, 0x81, 0x70, 0x8b, 0x1a, 0xe0, 0x90, 0x79, 0x5b, 0xe6, 0xa3, 0x35, 0x82, 0xa7, 0x5f, + 0xca, 0xf7, 0x13, 0x13, 0x21, 0xd3, 0xd5, 0xa5, 0x6e, 0x04, 0x4a, 0x37, 0x68, 0xd9, 0x2d, 0x10, + 0xd0, 0x2a, 0x61, 0x3a, 0xab, 0xfe, 0xbd, 0xb9, 0x06, 0xd0, 0x62, 0xb8, 0x5a, 0x56, 0x4a, 0x75, + 0x85, 0x54, 0x15, 0x04, 0x6b, 0x58, 0xf6, 0xbf, 0x2d, 0xc0, 0x98, 0x0c, 0xd6, 0xdd, 0xf1, 0x07, + 0x91, 0x2c, 0x8f, 0x95, 0xbd, 0x87, 0xa5, 0x71, 0xa5, 0x84, 0xeb, 0x89, 0x40, 0x9e, 0xa4, 0x71, + 0x95, 0x00, 0x9c, 0xe0, 0xa0, 0xa7, 0x61, 0x24, 0xea, 0x6c, 0x30, 0xf4, 0x94, 0x13, 0x4f, 0x83, + 0x17, 0x63, 0x09, 0x47, 0x9f, 0x83, 0x69, 0x5e, 0x2f, 0x0c, 0xda, 0xce, 0x16, 0x57, 0x7f, 0x0e, + 0x29, 0xef, 0xdb, 0xe9, 0xd5, 0x14, 0xec, 0xe8, 0xa0, 0x72, 0x36, 0x5d, 0xc6, 0x14, 0xe7, 0x5d, + 0x54, 0xd8, 0x63, 0x3c, 0x6f, 0x84, 0x2e, 0xd3, 0xae, 0x37, 0xfc, 0x04, 0x84, 0x75, 0x3c, 0xfb, + 0x4b, 0x80, 0xba, 0xc3, 0x96, 0xa3, 0x37, 0xb8, 0x05, 0x96, 0x1b, 0x92, 0x56, 0x2f, 0x45, 0xba, + 0xee, 0x63, 0x2a, 0xed, 0xef, 0x79, 0x2d, 0xac, 0xea, 0xdb, 0x7f, 0xad, 0x08, 0xd3, 0x69, 0x8f, + 0x43, 0x74, 0x03, 0x86, 0xf9, 0x1d, 0x29, 0xc8, 0xf7, 0x78, 0xa7, 0xd5, 0xfc, 0x14, 0xd9, 0x69, + 0x21, 0xae, 0x59, 0x51, 0x1f, 0xbd, 0x03, 0x63, 0xad, 0xe0, 0x9e, 0x7f, 0xcf, 0x09, 0x5b, 0x0b, + 0xf5, 0x9a, 0x58, 0xce, 0x99, 0xac, 0x76, 0x35, 0x41, 0xd3, 0x7d, 0x1f, 0xd9, 0x9b, 0x44, 0x02, + 0xc2, 0x3a, 0x39, 0xb4, 0xce, 0x42, 0x31, 0x6e, 0xba, 0x5b, 0xab, 0x4e, 0xbb, 0x97, 0x39, 0xee, + 0x92, 0x44, 0xd2, 0x28, 0x4f, 0x88, 0x78, 0x8d, 0x1c, 0x80, 0x13, 0x42, 0xe8, 0xbb, 0xe1, 0x4c, + 0x94, 0xa3, 0x9d, 0xcb, 0xcb, 0x62, 0xd1, 0x4b, 0x61, 0xb5, 0xf8, 0x28, 0x15, 0x82, 0xb2, 0xf4, + 0x78, 0x59, 0xcd, 0xd8, 0x5f, 0x3e, 0x03, 0xc6, 0x26, 0x36, 0x92, 0x1a, 0x59, 0x27, 0x94, 0xd4, + 0x08, 0xc3, 0x28, 0xd9, 0x6d, 0xc7, 0xfb, 0x55, 0x37, 0xec, 0x95, 0x74, 0x6f, 0x59, 0xe0, 0x74, + 0xd3, 0x94, 0x10, 0xac, 0xe8, 0x64, 0x67, 0x9e, 0x2a, 0x7e, 0x88, 0x99, 0xa7, 0x4a, 0xa7, 0x98, + 0x79, 0x6a, 0x0d, 0x46, 0xb6, 0xdc, 0x18, 0x93, 0x76, 0x20, 0xb8, 0xd3, 0xcc, 0x75, 0x78, 0x9d, + 0xa3, 0x74, 0xe7, 0x38, 0x11, 0x00, 0x2c, 0x89, 0xa0, 0x37, 0xd4, 0x0e, 0x1c, 0xce, 0x17, 0xee, + 0xba, 0x1f, 0x14, 0x33, 0xf7, 0xa0, 0xc8, 0x2f, 0x35, 0xf2, 0xa0, 0xf9, 0xa5, 0x56, 0x64, 0x56, + 0xa8, 0xd1, 0x7c, 0xdb, 0x79, 0x96, 0xf4, 0xa9, 0x4f, 0x2e, 0xa8, 0xbb, 0x7a, 0x26, 0xad, 0x72, + 0xfe, 0x49, 0xa0, 0x92, 0x64, 0x0d, 0x98, 0x3f, 0xeb, 0xfb, 0x2d, 0x38, 0xd7, 0xce, 0x4a, 0x2a, + 0x27, 0x72, 0x39, 0xbd, 0x34, 0x70, 0xd6, 0x3c, 0xa3, 0x41, 0x26, 0xe5, 0x67, 0xa2, 0xe1, 0xec, + 0xe6, 0xe8, 0x40, 0x87, 0x1b, 0x2d, 0x91, 0x00, 0xea, 0xc9, 0x9c, 0x44, 0x5c, 0x3d, 0xd2, 0x6f, + 0xad, 0x67, 0x24, 0x7d, 0xfa, 0x78, 0x5e, 0xd2, 0xa7, 0x81, 0x53, 0x3d, 0xbd, 0xa1, 0x52, 0x70, + 0x4d, 0xe4, 0x2f, 0x25, 0x9e, 0x60, 0xab, 0x6f, 0xe2, 0xad, 0x37, 0x54, 0xe2, 0xad, 0x1e, 0x21, + 0xe9, 0x78, 0x5a, 0xad, 0xbe, 0xe9, 0xb6, 0xb4, 0x94, 0x59, 0x53, 0x27, 0x93, 0x32, 0xcb, 0xb8, + 0x6a, 0x78, 0xd6, 0xa6, 0x67, 0xfa, 0x5c, 0x35, 0x06, 0xdd, 0xde, 0x97, 0x0d, 0x4f, 0x0f, 0x36, + 0xf3, 0x40, 0xe9, 0xc1, 0xee, 0xea, 0xe9, 0xb6, 0x50, 0x9f, 0x7c, 0x52, 0x14, 0x69, 0xc0, 0x24, + 0x5b, 0x77, 0xf5, 0x0b, 0xf0, 0x4c, 0x3e, 0x5d, 0x75, 0xcf, 0x75, 0xd3, 0xcd, 0xbc, 0x02, 0xbb, + 0x92, 0x77, 0x9d, 0x3d, 0x9d, 0xe4, 0x5d, 0xe7, 0x4e, 0x3c, 0x79, 0xd7, 0x23, 0xa7, 0x90, 0xbc, + 0xeb, 0xd1, 0x0f, 0x35, 0x79, 0xd7, 0xec, 0x43, 0x48, 0xde, 0xb5, 0x96, 0x24, 0xef, 0x3a, 0x9f, + 0x3f, 0x25, 0x19, 0x06, 0xbd, 0x39, 0x29, 0xbb, 0xee, 0xb2, 0x57, 0x7d, 0x1e, 0x12, 0x43, 0xc4, + 0xcc, 0xcb, 0x4e, 0x54, 0x9c, 0x15, 0x37, 0x83, 0x4f, 0x89, 0x02, 0xe1, 0x84, 0x14, 0xa5, 0x9b, + 0xa4, 0xf0, 0x7a, 0xac, 0x87, 0x1e, 0x37, 0x4b, 0x43, 0x96, 0x9f, 0xb8, 0xcb, 0xfe, 0x81, 0x02, + 0x5c, 0xec, 0xbd, 0xae, 0x13, 0xf5, 0x5a, 0x3d, 0x79, 0x0e, 0x4a, 0xa9, 0xd7, 0xb8, 0x6c, 0x94, + 0x60, 0x0d, 0x1c, 0x37, 0xe8, 0x3a, 0xcc, 0x28, 0x4b, 0x5e, 0xcf, 0x6d, 0xee, 0x6b, 0x09, 0x8c, + 0x95, 0xc7, 0x62, 0x23, 0x8d, 0x80, 0xbb, 0xeb, 0xa0, 0x05, 0x98, 0x32, 0x0a, 0x6b, 0x55, 0x21, + 0x03, 0x29, 0x7d, 0x5e, 0xc3, 0x04, 0xe3, 0x34, 0xbe, 0xfd, 0xd3, 0x16, 0x3c, 0x9a, 0x93, 0xd7, + 0x62, 0xe0, 0xb0, 0x38, 0x9b, 0x30, 0xd5, 0x36, 0xab, 0xf6, 0x89, 0x9e, 0x65, 0x64, 0xcf, 0x50, + 0x7d, 0x4d, 0x01, 0x70, 0x9a, 0xe8, 0xe2, 0x95, 0xdf, 0xfc, 0xbd, 0x8b, 0x1f, 0xfb, 0xad, 0xdf, + 0xbb, 0xf8, 0xb1, 0xdf, 0xfe, 0xbd, 0x8b, 0x1f, 0xfb, 0xff, 0x0f, 0x2f, 0x5a, 0xbf, 0x79, 0x78, + 0xd1, 0xfa, 0xad, 0xc3, 0x8b, 0xd6, 0x6f, 0x1f, 0x5e, 0xb4, 0x7e, 0xf7, 0xf0, 0xa2, 0xf5, 0xd5, + 0xdf, 0xbf, 0xf8, 0xb1, 0xb7, 0x0b, 0x7b, 0xcf, 0xff, 0xbf, 0x00, 0x00, 0x00, 0xff, 0xff, 0xc4, + 0xcc, 0xdd, 0xd4, 0xaf, 0xe8, 0x00, 0x00, } diff --git a/staging/src/k8s.io/api/core/v1/generated.proto b/staging/src/k8s.io/api/core/v1/generated.proto index 3f6b2c755ed..f7fa8e4a87c 100644 --- a/staging/src/k8s.io/api/core/v1/generated.proto +++ b/staging/src/k8s.io/api/core/v1/generated.proto @@ -3141,7 +3141,7 @@ message PodSpec { // If specified, all readiness gates will be evaluated for pod readiness. // A pod is ready when all its containers are ready AND // all conditions specified in the readiness gates have status equal to "True" - // More info: https://github.com/kubernetes/community/blob/master/keps/sig-network/0007-pod-ready%2B%2B.md + // More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md // +optional repeated PodReadinessGate readinessGates = 28; @@ -3149,7 +3149,7 @@ message PodSpec { // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an // empty definition that uses the default runtime handler. - // More info: https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md + // More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md // This is an alpha feature and may change in the future. // +optional optional string runtimeClassName = 29; @@ -4292,7 +4292,7 @@ message ServiceSpec { // "LoadBalancer" builds on NodePort and creates an // external load-balancer (if supported in the current cloud) which routes // to the clusterIP. - // More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types + // More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types // +optional optional string type = 4; @@ -4604,6 +4604,14 @@ message VolumeMount { // This field is beta in 1.10. // +optional optional string mountPropagation = 5; + + // Expanded path within the volume from which the container's volume should be mounted. + // Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + // Defaults to "" (volume's root). + // SubPathExpr and SubPath are mutually exclusive. + // This field is alpha in 1.14. + // +optional + optional string subPathExpr = 6; } // VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from. diff --git a/staging/src/k8s.io/api/core/v1/types.go b/staging/src/k8s.io/api/core/v1/types.go index c092ae17ee1..d9b89624cef 100644 --- a/staging/src/k8s.io/api/core/v1/types.go +++ b/staging/src/k8s.io/api/core/v1/types.go @@ -523,7 +523,7 @@ type PersistentVolumeClaimStatus struct { type PersistentVolumeAccessMode string const ( - // can be mounted read/write mode to exactly 1 host + // can be mounted in read/write mode to exactly 1 host ReadWriteOnce PersistentVolumeAccessMode = "ReadWriteOnce" // can be mounted in read-only mode to many hosts ReadOnlyMany PersistentVolumeAccessMode = "ReadOnlyMany" @@ -1737,6 +1737,13 @@ type VolumeMount struct { // This field is beta in 1.10. // +optional MountPropagation *MountPropagationMode `json:"mountPropagation,omitempty" protobuf:"bytes,5,opt,name=mountPropagation,casttype=MountPropagationMode"` + // Expanded path within the volume from which the container's volume should be mounted. + // Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + // Defaults to "" (volume's root). + // SubPathExpr and SubPath are mutually exclusive. + // This field is alpha in 1.14. + // +optional + SubPathExpr string `json:"subPathExpr,omitempty" protobuf:"bytes,6,opt,name=subPathExpr"` } // MountPropagationMode describes mount propagation. @@ -2912,14 +2919,14 @@ type PodSpec struct { // If specified, all readiness gates will be evaluated for pod readiness. // A pod is ready when all its containers are ready AND // all conditions specified in the readiness gates have status equal to "True" - // More info: https://github.com/kubernetes/community/blob/master/keps/sig-network/0007-pod-ready%2B%2B.md + // More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md // +optional ReadinessGates []PodReadinessGate `json:"readinessGates,omitempty" protobuf:"bytes,28,opt,name=readinessGates"` // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an // empty definition that uses the default runtime handler. - // More info: https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md + // More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md // This is an alpha feature and may change in the future. // +optional RuntimeClassName *string `json:"runtimeClassName,omitempty" protobuf:"bytes,29,opt,name=runtimeClassName"` @@ -3495,7 +3502,7 @@ type ServiceSpec struct { // "LoadBalancer" builds on NodePort and creates an // external load-balancer (if supported in the current cloud) which routes // to the clusterIP. - // More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types + // More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types // +optional Type ServiceType `json:"type,omitempty" protobuf:"bytes,4,opt,name=type,casttype=ServiceType"` diff --git a/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go index 7acdc2f1af9..af9b825f05c 100644 --- a/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go @@ -1538,8 +1538,8 @@ var map_PodSpec = map[string]string{ "priorityClassName": "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.", "priority": "The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.", "dnsConfig": "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", - "readinessGates": "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://github.com/kubernetes/community/blob/master/keps/sig-network/0007-pod-ready%2B%2B.md", - "runtimeClassName": "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md This is an alpha feature and may change in the future.", + "readinessGates": "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md", + "runtimeClassName": "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md This is an alpha feature and may change in the future.", "enableServiceLinks": "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.", } @@ -2099,7 +2099,7 @@ var map_ServiceSpec = map[string]string{ "ports": "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", "selector": "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/", "clusterIP": "clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field can not be changed through updates. Valid values are \"None\", empty string (\"\"), or a valid IP address. \"None\" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", - "type": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ExternalName\" maps to the specified externalName. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services ", + "type": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ExternalName\" maps to the specified externalName. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types", "externalIPs": "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", "sessionAffinity": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", "loadBalancerIP": "Only applies to Service Type: LoadBalancer LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.", @@ -2260,6 +2260,7 @@ var map_VolumeMount = map[string]string{ "mountPath": "Path within the container at which the volume should be mounted. Must not contain ':'.", "subPath": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", "mountPropagation": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "subPathExpr": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive. This field is alpha in 1.14.", } func (VolumeMount) SwaggerDoc() map[string]string { diff --git a/staging/src/k8s.io/api/core/v1/well_known_labels.go b/staging/src/k8s.io/api/core/v1/well_known_labels.go new file mode 100644 index 00000000000..4497760d3f6 --- /dev/null +++ b/staging/src/k8s.io/api/core/v1/well_known_labels.go @@ -0,0 +1,36 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +const ( + LabelHostname = "kubernetes.io/hostname" + LabelZoneFailureDomain = "failure-domain.beta.kubernetes.io/zone" + LabelZoneRegion = "failure-domain.beta.kubernetes.io/region" + + LabelInstanceType = "beta.kubernetes.io/instance-type" + + LabelOSStable = "kubernetes.io/os" + LabelArchStable = "kubernetes.io/arch" + + // LabelNamespaceSuffixKubelet is an allowed label namespace suffix kubelets can self-set ([*.]kubelet.kubernetes.io/*) + LabelNamespaceSuffixKubelet = "kubelet.kubernetes.io" + // LabelNamespaceSuffixNode is an allowed label namespace suffix kubelets can self-set ([*.]node.kubernetes.io/*) + LabelNamespaceSuffixNode = "node.kubernetes.io" + + // LabelNamespaceNodeRestriction is a forbidden label namespace that kubelets may not self-set when the NodeRestriction admission plugin is enabled + LabelNamespaceNodeRestriction = "node-restriction.kubernetes.io" +) diff --git a/staging/src/k8s.io/api/events/OWNERS b/staging/src/k8s.io/api/events/OWNERS index d9ecd88564b..809c2fc457c 100644 --- a/staging/src/k8s.io/api/events/OWNERS +++ b/staging/src/k8s.io/api/events/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - gmarek - deads2k diff --git a/staging/src/k8s.io/api/extensions/OWNERS b/staging/src/k8s.io/api/extensions/OWNERS old mode 100755 new mode 100644 index cfac471108c..4b2bf8f5829 --- a/staging/src/k8s.io/api/extensions/OWNERS +++ b/staging/src/k8s.io/api/extensions/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/api/extensions/v1beta1/generated.proto b/staging/src/k8s.io/api/extensions/v1beta1/generated.proto index efcda7ebdea..1593f04cd77 100644 --- a/staging/src/k8s.io/api/extensions/v1beta1/generated.proto +++ b/staging/src/k8s.io/api/extensions/v1beta1/generated.proto @@ -60,12 +60,12 @@ message AllowedHostPath { // DaemonSet represents the configuration of a daemon set. message DaemonSet { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // The desired behavior of this daemon set. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional DaemonSetSpec spec = 2; @@ -73,7 +73,7 @@ message DaemonSet { // out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional DaemonSetStatus status = 3; } @@ -102,7 +102,7 @@ message DaemonSetCondition { // DaemonSetList is a collection of daemon sets. message DaemonSetList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -471,19 +471,20 @@ message IPBlock { // endpoints defined by a backend. An Ingress can be configured to give services // externally-reachable urls, load balance traffic, terminate SSL, offer name // based virtual hosting etc. +// DEPRECATED - This group version of Ingress is deprecated by networking.k8s.io/v1beta1 Ingress. See the release notes for more information. message Ingress { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // Spec is the desired state of the Ingress. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional IngressSpec spec = 2; // Status is the current state of the Ingress. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional IngressStatus status = 3; } @@ -500,7 +501,7 @@ message IngressBackend { // IngressList is a collection of Ingress. message IngressList { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -597,7 +598,7 @@ message IngressTLS { // NetworkPolicy describes what network traffic is allowed for a set of Pods message NetworkPolicy { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; @@ -652,7 +653,7 @@ message NetworkPolicyIngressRule { // Network Policy List is a list of NetworkPolicy objects. message NetworkPolicyList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -732,7 +733,7 @@ message NetworkPolicySpec { repeated NetworkPolicyEgressRule egress = 3; // List of rule types that the NetworkPolicy relates to. - // Valid options are Ingress, Egress, or Ingress,Egress. + // Valid options are "Ingress", "Egress", or "Ingress,Egress". // If this field is not specified, it will default based on the existence of Ingress or Egress rules; // policies that contain an Egress section are assumed to affect Egress, and all policies // (whether or not they contain an Ingress section) are assumed to affect Ingress. @@ -750,7 +751,7 @@ message NetworkPolicySpec { // Deprecated: use PodSecurityPolicy from policy API Group instead. message PodSecurityPolicy { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; @@ -763,7 +764,7 @@ message PodSecurityPolicy { // Deprecated: use PodSecurityPolicyList from policy API Group instead. message PodSecurityPolicyList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -898,12 +899,12 @@ message PodSecurityPolicySpec { message ReplicaSet { // If the Labels of a ReplicaSet are empty, they are defaulted to // be the same as the Pod(s) that the ReplicaSet manages. - // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; // Spec defines the specification of the desired behavior of the ReplicaSet. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional ReplicaSetSpec spec = 2; @@ -911,7 +912,7 @@ message ReplicaSet { // This data may be out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional optional ReplicaSetStatus status = 3; } @@ -940,7 +941,7 @@ message ReplicaSetCondition { // ReplicaSetList is a collection of ReplicaSets. message ReplicaSetList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -1063,7 +1064,7 @@ message RollingUpdateDeployment { // the rolling update starts, such that the total number of old and new pods do not exceed // 130% of desired pods. Once old pods have been killed, // new RC can be scaled up further, ensuring that total number of pods running - // at any time during the update is atmost 130% of desired pods. + // at any time during the update is at most 130% of desired pods. // +optional optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2; } @@ -1106,15 +1107,15 @@ message SELinuxStrategyOptions { // represents a scaling request for a resource. message Scale { - // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata. + // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata. // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; - // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. + // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. // +optional optional ScaleSpec spec = 2; - // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only. + // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only. // +optional optional ScaleStatus status = 3; } diff --git a/staging/src/k8s.io/api/extensions/v1beta1/types.go b/staging/src/k8s.io/api/extensions/v1beta1/types.go index 5ba6f958545..7900274d3fc 100644 --- a/staging/src/k8s.io/api/extensions/v1beta1/types.go +++ b/staging/src/k8s.io/api/extensions/v1beta1/types.go @@ -18,7 +18,7 @@ package v1beta1 import ( appsv1beta1 "k8s.io/api/apps/v1beta1" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" ) @@ -54,15 +54,15 @@ type ScaleStatus struct { // represents a scaling request for a resource. type Scale struct { metav1.TypeMeta `json:",inline"` - // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata. + // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata. // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` - // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. + // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. // +optional Spec ScaleSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` - // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only. + // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only. // +optional Status ScaleStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } @@ -229,7 +229,7 @@ type RollingUpdateDeployment struct { // the rolling update starts, such that the total number of old and new pods do not exceed // 130% of desired pods. Once old pods have been killed, // new RC can be scaled up further, ensuring that total number of pods running - // at any time during the update is atmost 130% of desired pods. + // at any time during the update is at most 130% of desired pods. // +optional MaxSurge *intstr.IntOrString `json:"maxSurge,omitempty" protobuf:"bytes,2,opt,name=maxSurge"` } @@ -489,12 +489,12 @@ type DaemonSetCondition struct { type DaemonSet struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // The desired behavior of this daemon set. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Spec DaemonSetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` @@ -502,7 +502,7 @@ type DaemonSet struct { // out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Status DaemonSetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } @@ -526,7 +526,7 @@ const ( type DaemonSetList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -541,20 +541,21 @@ type DaemonSetList struct { // endpoints defined by a backend. An Ingress can be configured to give services // externally-reachable urls, load balance traffic, terminate SSL, offer name // based virtual hosting etc. +// DEPRECATED - This group version of Ingress is deprecated by networking.k8s.io/v1beta1 Ingress. See the release notes for more information. type Ingress struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // Spec is the desired state of the Ingress. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Spec IngressSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` // Status is the current state of the Ingress. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Status IngressStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } @@ -565,7 +566,7 @@ type Ingress struct { type IngressList struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -716,12 +717,12 @@ type ReplicaSet struct { // If the Labels of a ReplicaSet are empty, they are defaulted to // be the same as the Pod(s) that the ReplicaSet manages. - // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // Spec defines the specification of the desired behavior of the ReplicaSet. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Spec ReplicaSetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` @@ -729,7 +730,7 @@ type ReplicaSet struct { // This data may be out of date by some window of time. // Populated by the system. // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional Status ReplicaSetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } @@ -740,7 +741,7 @@ type ReplicaSet struct { type ReplicaSetList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -844,7 +845,7 @@ type ReplicaSetCondition struct { type PodSecurityPolicy struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -1166,7 +1167,7 @@ const ( type PodSecurityPolicyList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -1181,7 +1182,7 @@ type PodSecurityPolicyList struct { type NetworkPolicy struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -1232,7 +1233,7 @@ type NetworkPolicySpec struct { Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"` // List of rule types that the NetworkPolicy relates to. - // Valid options are Ingress, Egress, or Ingress,Egress. + // Valid options are "Ingress", "Egress", or "Ingress,Egress". // If this field is not specified, it will default based on the existence of Ingress or Egress rules; // policies that contain an Egress section are assumed to affect Egress, and all policies // (whether or not they contain an Ingress section) are assumed to affect Ingress. @@ -1351,7 +1352,7 @@ type NetworkPolicyPeer struct { type NetworkPolicyList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` diff --git a/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go index bce6036cd5d..9863300f2b6 100644 --- a/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go @@ -48,9 +48,9 @@ func (AllowedHostPath) SwaggerDoc() map[string]string { var map_DaemonSet = map[string]string{ "": "DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "spec": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "status": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "status": "The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", } func (DaemonSet) SwaggerDoc() map[string]string { @@ -72,7 +72,7 @@ func (DaemonSetCondition) SwaggerDoc() map[string]string { var map_DaemonSetList = map[string]string{ "": "DaemonSetList is a collection of daemon sets.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "A list of daemon sets.", } @@ -270,10 +270,10 @@ func (IPBlock) SwaggerDoc() map[string]string { } var map_Ingress = map[string]string{ - "": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "spec": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "status": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc. DEPRECATED - This group version of Ingress is deprecated by networking.k8s.io/v1beta1 Ingress. See the release notes for more information.", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "status": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", } func (Ingress) SwaggerDoc() map[string]string { @@ -292,7 +292,7 @@ func (IngressBackend) SwaggerDoc() map[string]string { var map_IngressList = map[string]string{ "": "IngressList is a collection of Ingress.", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "Items is the list of Ingress.", } @@ -349,7 +349,7 @@ func (IngressTLS) SwaggerDoc() map[string]string { var map_NetworkPolicy = map[string]string{ "": "DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy. NetworkPolicy describes what network traffic is allowed for a set of Pods", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "spec": "Specification of the desired behavior for this NetworkPolicy.", } @@ -379,7 +379,7 @@ func (NetworkPolicyIngressRule) SwaggerDoc() map[string]string { var map_NetworkPolicyList = map[string]string{ "": "DEPRECATED 1.9 - This group version of NetworkPolicyList is deprecated by networking/v1/NetworkPolicyList. Network Policy List is a list of NetworkPolicy objects.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "Items is a list of schema objects.", } @@ -413,7 +413,7 @@ var map_NetworkPolicySpec = map[string]string{ "podSelector": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.", "ingress": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default).", "egress": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", - "policyTypes": "List of rule types that the NetworkPolicy relates to. Valid options are Ingress, Egress, or Ingress,Egress. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", + "policyTypes": "List of rule types that the NetworkPolicy relates to. Valid options are \"Ingress\", \"Egress\", or \"Ingress,Egress\". If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", } func (NetworkPolicySpec) SwaggerDoc() map[string]string { @@ -422,7 +422,7 @@ func (NetworkPolicySpec) SwaggerDoc() map[string]string { var map_PodSecurityPolicy = map[string]string{ "": "PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container. Deprecated: use PodSecurityPolicy from policy API Group instead.", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "spec": "spec defines the policy enforced.", } @@ -432,7 +432,7 @@ func (PodSecurityPolicy) SwaggerDoc() map[string]string { var map_PodSecurityPolicyList = map[string]string{ "": "PodSecurityPolicyList is a list of PodSecurityPolicy objects. Deprecated: use PodSecurityPolicyList from policy API Group instead.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "items is a list of schema objects.", } @@ -472,9 +472,9 @@ func (PodSecurityPolicySpec) SwaggerDoc() map[string]string { var map_ReplicaSet = map[string]string{ "": "DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for more information. ReplicaSet ensures that a specified number of pod replicas are running at any given time.", - "metadata": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", - "spec": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", - "status": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "metadata": "If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "status": "Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", } func (ReplicaSet) SwaggerDoc() map[string]string { @@ -496,7 +496,7 @@ func (ReplicaSetCondition) SwaggerDoc() map[string]string { var map_ReplicaSetList = map[string]string{ "": "ReplicaSetList is a collection of ReplicaSets.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "items": "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller", } @@ -559,7 +559,7 @@ func (RollingUpdateDaemonSet) SwaggerDoc() map[string]string { var map_RollingUpdateDeployment = map[string]string{ "": "Spec to control the desired behavior of rolling update.", "maxUnavailable": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", - "maxSurge": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default, a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.", + "maxSurge": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default, a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.", } func (RollingUpdateDeployment) SwaggerDoc() map[string]string { @@ -598,9 +598,9 @@ func (SELinuxStrategyOptions) SwaggerDoc() map[string]string { var map_Scale = map[string]string{ "": "represents a scaling request for a resource.", - "metadata": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.", - "spec": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.", - "status": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.", + "metadata": "Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.", + "spec": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.", + "status": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only.", } func (Scale) SwaggerDoc() map[string]string { diff --git a/staging/src/k8s.io/api/imagepolicy/OWNERS b/staging/src/k8s.io/api/imagepolicy/OWNERS old mode 100755 new mode 100644 index 02b8511e465..be41e934eb3 --- a/staging/src/k8s.io/api/imagepolicy/OWNERS +++ b/staging/src/k8s.io/api/imagepolicy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-policy-approvers diff --git a/staging/src/k8s.io/api/networking/OWNERS b/staging/src/k8s.io/api/networking/OWNERS old mode 100755 new mode 100644 index 0e696c0fbb4..21b1f1ecd2a --- a/staging/src/k8s.io/api/networking/OWNERS +++ b/staging/src/k8s.io/api/networking/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - caseydavenport - cmluciano diff --git a/staging/src/k8s.io/api/networking/v1/generated.proto b/staging/src/k8s.io/api/networking/v1/generated.proto index ab3731e9c39..cbbb265289c 100644 --- a/staging/src/k8s.io/api/networking/v1/generated.proto +++ b/staging/src/k8s.io/api/networking/v1/generated.proto @@ -48,7 +48,7 @@ message IPBlock { // NetworkPolicy describes what network traffic is allowed for a set of Pods message NetworkPolicy { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; @@ -101,7 +101,7 @@ message NetworkPolicyIngressRule { // NetworkPolicyList is a list of NetworkPolicy objects. message NetworkPolicyList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; @@ -180,7 +180,7 @@ message NetworkPolicySpec { repeated NetworkPolicyEgressRule egress = 3; // List of rule types that the NetworkPolicy relates to. - // Valid options are Ingress, Egress, or Ingress,Egress. + // Valid options are "Ingress", "Egress", or "Ingress,Egress". // If this field is not specified, it will default based on the existence of Ingress or Egress rules; // policies that contain an Egress section are assumed to affect Egress, and all policies // (whether or not they contain an Ingress section) are assumed to affect Ingress. diff --git a/staging/src/k8s.io/api/networking/v1/types.go b/staging/src/k8s.io/api/networking/v1/types.go index ce70448d320..59331111f46 100644 --- a/staging/src/k8s.io/api/networking/v1/types.go +++ b/staging/src/k8s.io/api/networking/v1/types.go @@ -29,7 +29,7 @@ import ( type NetworkPolicy struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -80,7 +80,7 @@ type NetworkPolicySpec struct { Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"` // List of rule types that the NetworkPolicy relates to. - // Valid options are Ingress, Egress, or Ingress,Egress. + // Valid options are "Ingress", "Egress", or "Ingress,Egress". // If this field is not specified, it will default based on the existence of Ingress or Egress rules; // policies that contain an Egress section are assumed to affect Egress, and all policies // (whether or not they contain an Ingress section) are assumed to affect Ingress. @@ -194,7 +194,7 @@ type NetworkPolicyPeer struct { type NetworkPolicyList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` diff --git a/staging/src/k8s.io/api/networking/v1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/networking/v1/types_swagger_doc_generated.go index f4363bc09e2..cfcd0c54c59 100644 --- a/staging/src/k8s.io/api/networking/v1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/networking/v1/types_swagger_doc_generated.go @@ -39,7 +39,7 @@ func (IPBlock) SwaggerDoc() map[string]string { var map_NetworkPolicy = map[string]string{ "": "NetworkPolicy describes what network traffic is allowed for a set of Pods", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "spec": "Specification of the desired behavior for this NetworkPolicy.", } @@ -69,7 +69,7 @@ func (NetworkPolicyIngressRule) SwaggerDoc() map[string]string { var map_NetworkPolicyList = map[string]string{ "": "NetworkPolicyList is a list of NetworkPolicy objects.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "Items is a list of schema objects.", } @@ -103,7 +103,7 @@ var map_NetworkPolicySpec = map[string]string{ "podSelector": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.", "ingress": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)", "egress": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", - "policyTypes": "List of rule types that the NetworkPolicy relates to. Valid options are Ingress, Egress, or Ingress,Egress. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", + "policyTypes": "List of rule types that the NetworkPolicy relates to. Valid options are \"Ingress\", \"Egress\", or \"Ingress,Egress\". If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", } func (NetworkPolicySpec) SwaggerDoc() map[string]string { diff --git a/staging/src/k8s.io/api/networking/v1beta1/BUILD b/staging/src/k8s.io/api/networking/v1beta1/BUILD new file mode 100644 index 00000000000..bdfc736dc1d --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/BUILD @@ -0,0 +1,41 @@ +package(default_visibility = ["//visibility:public"]) + +load( + "@io_bazel_rules_go//go:def.bzl", + "go_library", +) + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "generated.pb.go", + "register.go", + "types.go", + "types_swagger_doc_generated.go", + "zz_generated.deepcopy.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/api/networking/v1beta1", + importpath = "k8s.io/api/networking/v1beta1", + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", + "//vendor/github.com/gogo/protobuf/proto:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], +) diff --git a/staging/src/k8s.io/api/networking/v1beta1/doc.go b/staging/src/k8s.io/api/networking/v1beta1/doc.go new file mode 100644 index 00000000000..8fb55babed3 --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/doc.go @@ -0,0 +1,21 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// +k8s:deepcopy-gen=package +// +k8s:openapi-gen=true +// +groupName=networking.k8s.io + +package v1beta1 // import "k8s.io/api/networking/v1beta1" diff --git a/staging/src/k8s.io/api/networking/v1beta1/generated.pb.go b/staging/src/k8s.io/api/networking/v1beta1/generated.pb.go new file mode 100644 index 00000000000..14430cbacb1 --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/generated.pb.go @@ -0,0 +1,1953 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: k8s.io/kubernetes/vendor/k8s.io/api/networking/v1beta1/generated.proto + +/* + Package v1beta1 is a generated protocol buffer package. + + It is generated from these files: + k8s.io/kubernetes/vendor/k8s.io/api/networking/v1beta1/generated.proto + + It has these top-level messages: + HTTPIngressPath + HTTPIngressRuleValue + Ingress + IngressBackend + IngressList + IngressRule + IngressRuleValue + IngressSpec + IngressStatus + IngressTLS +*/ +package v1beta1 + +import proto "github.com/gogo/protobuf/proto" +import fmt "fmt" +import math "math" + +import strings "strings" +import reflect "reflect" + +import io "io" + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package + +func (m *HTTPIngressPath) Reset() { *m = HTTPIngressPath{} } +func (*HTTPIngressPath) ProtoMessage() {} +func (*HTTPIngressPath) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} } + +func (m *HTTPIngressRuleValue) Reset() { *m = HTTPIngressRuleValue{} } +func (*HTTPIngressRuleValue) ProtoMessage() {} +func (*HTTPIngressRuleValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} } + +func (m *Ingress) Reset() { *m = Ingress{} } +func (*Ingress) ProtoMessage() {} +func (*Ingress) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} } + +func (m *IngressBackend) Reset() { *m = IngressBackend{} } +func (*IngressBackend) ProtoMessage() {} +func (*IngressBackend) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} } + +func (m *IngressList) Reset() { *m = IngressList{} } +func (*IngressList) ProtoMessage() {} +func (*IngressList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} } + +func (m *IngressRule) Reset() { *m = IngressRule{} } +func (*IngressRule) ProtoMessage() {} +func (*IngressRule) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} } + +func (m *IngressRuleValue) Reset() { *m = IngressRuleValue{} } +func (*IngressRuleValue) ProtoMessage() {} +func (*IngressRuleValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} } + +func (m *IngressSpec) Reset() { *m = IngressSpec{} } +func (*IngressSpec) ProtoMessage() {} +func (*IngressSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} } + +func (m *IngressStatus) Reset() { *m = IngressStatus{} } +func (*IngressStatus) ProtoMessage() {} +func (*IngressStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} } + +func (m *IngressTLS) Reset() { *m = IngressTLS{} } +func (*IngressTLS) ProtoMessage() {} +func (*IngressTLS) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} } + +func init() { + proto.RegisterType((*HTTPIngressPath)(nil), "k8s.io.api.networking.v1beta1.HTTPIngressPath") + proto.RegisterType((*HTTPIngressRuleValue)(nil), "k8s.io.api.networking.v1beta1.HTTPIngressRuleValue") + proto.RegisterType((*Ingress)(nil), "k8s.io.api.networking.v1beta1.Ingress") + proto.RegisterType((*IngressBackend)(nil), "k8s.io.api.networking.v1beta1.IngressBackend") + proto.RegisterType((*IngressList)(nil), "k8s.io.api.networking.v1beta1.IngressList") + proto.RegisterType((*IngressRule)(nil), "k8s.io.api.networking.v1beta1.IngressRule") + proto.RegisterType((*IngressRuleValue)(nil), "k8s.io.api.networking.v1beta1.IngressRuleValue") + proto.RegisterType((*IngressSpec)(nil), "k8s.io.api.networking.v1beta1.IngressSpec") + proto.RegisterType((*IngressStatus)(nil), "k8s.io.api.networking.v1beta1.IngressStatus") + proto.RegisterType((*IngressTLS)(nil), "k8s.io.api.networking.v1beta1.IngressTLS") +} +func (m *HTTPIngressPath) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *HTTPIngressPath) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Path))) + i += copy(dAtA[i:], m.Path) + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Backend.Size())) + n1, err := m.Backend.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n1 + return i, nil +} + +func (m *HTTPIngressRuleValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *HTTPIngressRuleValue) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if len(m.Paths) > 0 { + for _, msg := range m.Paths { + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } + return i, nil +} + +func (m *Ingress) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Ingress) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size())) + n2, err := m.ObjectMeta.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n2 + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size())) + n3, err := m.Spec.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n3 + dAtA[i] = 0x1a + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size())) + n4, err := m.Status.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n4 + return i, nil +} + +func (m *IngressBackend) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IngressBackend) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.ServiceName))) + i += copy(dAtA[i:], m.ServiceName) + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ServicePort.Size())) + n5, err := m.ServicePort.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n5 + return i, nil +} + +func (m *IngressList) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IngressList) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size())) + n6, err := m.ListMeta.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n6 + if len(m.Items) > 0 { + for _, msg := range m.Items { + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } + return i, nil +} + +func (m *IngressRule) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IngressRule) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.Host))) + i += copy(dAtA[i:], m.Host) + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.IngressRuleValue.Size())) + n7, err := m.IngressRuleValue.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n7 + return i, nil +} + +func (m *IngressRuleValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IngressRuleValue) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.HTTP != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.HTTP.Size())) + n8, err := m.HTTP.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n8 + } + return i, nil +} + +func (m *IngressSpec) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IngressSpec) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.Backend != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.Backend.Size())) + n9, err := m.Backend.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n9 + } + if len(m.TLS) > 0 { + for _, msg := range m.TLS { + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } + if len(m.Rules) > 0 { + for _, msg := range m.Rules { + dAtA[i] = 0x1a + i++ + i = encodeVarintGenerated(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } + return i, nil +} + +func (m *IngressStatus) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IngressStatus) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + dAtA[i] = 0xa + i++ + i = encodeVarintGenerated(dAtA, i, uint64(m.LoadBalancer.Size())) + n10, err := m.LoadBalancer.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n10 + return i, nil +} + +func (m *IngressTLS) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IngressTLS) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if len(m.Hosts) > 0 { + for _, s := range m.Hosts { + dAtA[i] = 0xa + i++ + l = len(s) + for l >= 1<<7 { + dAtA[i] = uint8(uint64(l)&0x7f | 0x80) + l >>= 7 + i++ + } + dAtA[i] = uint8(l) + i++ + i += copy(dAtA[i:], s) + } + } + dAtA[i] = 0x12 + i++ + i = encodeVarintGenerated(dAtA, i, uint64(len(m.SecretName))) + i += copy(dAtA[i:], m.SecretName) + return i, nil +} + +func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int { + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return offset + 1 +} +func (m *HTTPIngressPath) Size() (n int) { + var l int + _ = l + l = len(m.Path) + n += 1 + l + sovGenerated(uint64(l)) + l = m.Backend.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *HTTPIngressRuleValue) Size() (n int) { + var l int + _ = l + if len(m.Paths) > 0 { + for _, e := range m.Paths { + l = e.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + +func (m *Ingress) Size() (n int) { + var l int + _ = l + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) + l = m.Spec.Size() + n += 1 + l + sovGenerated(uint64(l)) + l = m.Status.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *IngressBackend) Size() (n int) { + var l int + _ = l + l = len(m.ServiceName) + n += 1 + l + sovGenerated(uint64(l)) + l = m.ServicePort.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *IngressList) Size() (n int) { + var l int + _ = l + l = m.ListMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) + if len(m.Items) > 0 { + for _, e := range m.Items { + l = e.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + +func (m *IngressRule) Size() (n int) { + var l int + _ = l + l = len(m.Host) + n += 1 + l + sovGenerated(uint64(l)) + l = m.IngressRuleValue.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *IngressRuleValue) Size() (n int) { + var l int + _ = l + if m.HTTP != nil { + l = m.HTTP.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + return n +} + +func (m *IngressSpec) Size() (n int) { + var l int + _ = l + if m.Backend != nil { + l = m.Backend.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + if len(m.TLS) > 0 { + for _, e := range m.TLS { + l = e.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + } + if len(m.Rules) > 0 { + for _, e := range m.Rules { + l = e.Size() + n += 1 + l + sovGenerated(uint64(l)) + } + } + return n +} + +func (m *IngressStatus) Size() (n int) { + var l int + _ = l + l = m.LoadBalancer.Size() + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func (m *IngressTLS) Size() (n int) { + var l int + _ = l + if len(m.Hosts) > 0 { + for _, s := range m.Hosts { + l = len(s) + n += 1 + l + sovGenerated(uint64(l)) + } + } + l = len(m.SecretName) + n += 1 + l + sovGenerated(uint64(l)) + return n +} + +func sovGenerated(x uint64) (n int) { + for { + n++ + x >>= 7 + if x == 0 { + break + } + } + return n +} +func sozGenerated(x uint64) (n int) { + return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *HTTPIngressPath) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&HTTPIngressPath{`, + `Path:` + fmt.Sprintf("%v", this.Path) + `,`, + `Backend:` + strings.Replace(strings.Replace(this.Backend.String(), "IngressBackend", "IngressBackend", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *HTTPIngressRuleValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&HTTPIngressRuleValue{`, + `Paths:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Paths), "HTTPIngressPath", "HTTPIngressPath", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *Ingress) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Ingress{`, + `ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`, + `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "IngressSpec", "IngressSpec", 1), `&`, ``, 1) + `,`, + `Status:` + strings.Replace(strings.Replace(this.Status.String(), "IngressStatus", "IngressStatus", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *IngressBackend) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&IngressBackend{`, + `ServiceName:` + fmt.Sprintf("%v", this.ServiceName) + `,`, + `ServicePort:` + strings.Replace(strings.Replace(this.ServicePort.String(), "IntOrString", "k8s_io_apimachinery_pkg_util_intstr.IntOrString", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *IngressList) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&IngressList{`, + `ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`, + `Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "Ingress", "Ingress", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *IngressRule) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&IngressRule{`, + `Host:` + fmt.Sprintf("%v", this.Host) + `,`, + `IngressRuleValue:` + strings.Replace(strings.Replace(this.IngressRuleValue.String(), "IngressRuleValue", "IngressRuleValue", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *IngressRuleValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&IngressRuleValue{`, + `HTTP:` + strings.Replace(fmt.Sprintf("%v", this.HTTP), "HTTPIngressRuleValue", "HTTPIngressRuleValue", 1) + `,`, + `}`, + }, "") + return s +} +func (this *IngressSpec) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&IngressSpec{`, + `Backend:` + strings.Replace(fmt.Sprintf("%v", this.Backend), "IngressBackend", "IngressBackend", 1) + `,`, + `TLS:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.TLS), "IngressTLS", "IngressTLS", 1), `&`, ``, 1) + `,`, + `Rules:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Rules), "IngressRule", "IngressRule", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *IngressStatus) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&IngressStatus{`, + `LoadBalancer:` + strings.Replace(strings.Replace(this.LoadBalancer.String(), "LoadBalancerStatus", "k8s_io_api_core_v1.LoadBalancerStatus", 1), `&`, ``, 1) + `,`, + `}`, + }, "") + return s +} +func (this *IngressTLS) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&IngressTLS{`, + `Hosts:` + fmt.Sprintf("%v", this.Hosts) + `,`, + `SecretName:` + fmt.Sprintf("%v", this.SecretName) + `,`, + `}`, + }, "") + return s +} +func valueToStringGenerated(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *HTTPIngressPath) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: HTTPIngressPath: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: HTTPIngressPath: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Path", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Path = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Backend", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Backend.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *HTTPIngressRuleValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: HTTPIngressRuleValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: HTTPIngressRuleValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Paths", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Paths = append(m.Paths, HTTPIngressPath{}) + if err := m.Paths[len(m.Paths)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Ingress) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Ingress: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Ingress: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IngressBackend) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IngressBackend: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IngressBackend: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ServiceName", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ServiceName = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ServicePort", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ServicePort.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IngressList) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IngressList: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IngressList: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Items = append(m.Items, Ingress{}) + if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IngressRule) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IngressRule: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IngressRule: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Host", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Host = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field IngressRuleValue", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.IngressRuleValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IngressRuleValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IngressRuleValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IngressRuleValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field HTTP", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.HTTP == nil { + m.HTTP = &HTTPIngressRuleValue{} + } + if err := m.HTTP.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IngressSpec) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IngressSpec: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IngressSpec: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Backend", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Backend == nil { + m.Backend = &IngressBackend{} + } + if err := m.Backend.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field TLS", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.TLS = append(m.TLS, IngressTLS{}) + if err := m.TLS[len(m.TLS)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Rules", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Rules = append(m.Rules, IngressRule{}) + if err := m.Rules[len(m.Rules)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IngressStatus) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IngressStatus: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IngressStatus: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field LoadBalancer", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.LoadBalancer.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IngressTLS) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IngressTLS: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IngressTLS: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SecretName", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.SecretName = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipGenerated(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + return iNdEx, nil + case 1: + iNdEx += 8 + return iNdEx, nil + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + iNdEx += length + if length < 0 { + return 0, ErrInvalidLengthGenerated + } + return iNdEx, nil + case 3: + for { + var innerWire uint64 + var start int = iNdEx + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowGenerated + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + innerWire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + innerWireType := int(innerWire & 0x7) + if innerWireType == 4 { + break + } + next, err := skipGenerated(dAtA[start:]) + if err != nil { + return 0, err + } + iNdEx = start + next + } + return iNdEx, nil + case 4: + return iNdEx, nil + case 5: + iNdEx += 4 + return iNdEx, nil + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + } + panic("unreachable") +} + +var ( + ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowGenerated = fmt.Errorf("proto: integer overflow") +) + +func init() { + proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/api/networking/v1beta1/generated.proto", fileDescriptorGenerated) +} + +var fileDescriptorGenerated = []byte{ + // 812 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x55, 0xcf, 0x6e, 0xfb, 0x44, + 0x10, 0x8e, 0xf3, 0xa7, 0x69, 0xd7, 0xfd, 0xa7, 0xa5, 0x87, 0xa8, 0x12, 0x6e, 0xe4, 0x03, 0x2a, + 0x88, 0xae, 0x69, 0x0a, 0x88, 0xb3, 0x0f, 0xa8, 0x15, 0x81, 0x86, 0x75, 0x84, 0x10, 0xe2, 0xd0, + 0x8d, 0xb3, 0x38, 0x26, 0x89, 0x6d, 0x76, 0xd7, 0x41, 0xdc, 0x78, 0x01, 0x04, 0x4f, 0xc1, 0x99, + 0x23, 0x8f, 0xd0, 0x63, 0x8f, 0x3d, 0x55, 0x34, 0xbc, 0x07, 0x42, 0xbb, 0xde, 0xda, 0x4e, 0xd2, + 0xfe, 0x6a, 0xfd, 0x6e, 0xde, 0x9d, 0xf9, 0xbe, 0xd9, 0x99, 0xf9, 0x66, 0x0c, 0x3e, 0x9f, 0x7e, + 0xc6, 0x51, 0x18, 0x3b, 0xd3, 0x74, 0x44, 0x59, 0x44, 0x05, 0xe5, 0xce, 0x82, 0x46, 0xe3, 0x98, + 0x39, 0xda, 0x40, 0x92, 0xd0, 0x89, 0xa8, 0xf8, 0x39, 0x66, 0xd3, 0x30, 0x0a, 0x9c, 0xc5, 0xf9, + 0x88, 0x0a, 0x72, 0xee, 0x04, 0x34, 0xa2, 0x8c, 0x08, 0x3a, 0x46, 0x09, 0x8b, 0x45, 0x0c, 0xdf, + 0xcd, 0xdc, 0x11, 0x49, 0x42, 0x54, 0xb8, 0x23, 0xed, 0x7e, 0x7c, 0x16, 0x84, 0x62, 0x92, 0x8e, + 0x90, 0x1f, 0xcf, 0x9d, 0x20, 0x0e, 0x62, 0x47, 0xa1, 0x46, 0xe9, 0x0f, 0xea, 0xa4, 0x0e, 0xea, + 0x2b, 0x63, 0x3b, 0xb6, 0x4b, 0xc1, 0xfd, 0x98, 0x51, 0x67, 0xb1, 0x11, 0xf1, 0xf8, 0xe3, 0xc2, + 0x67, 0x4e, 0xfc, 0x49, 0x18, 0x51, 0xf6, 0x8b, 0x93, 0x4c, 0x03, 0x79, 0xc1, 0x9d, 0x39, 0x15, + 0xe4, 0x39, 0x94, 0xf3, 0x12, 0x8a, 0xa5, 0x91, 0x08, 0xe7, 0x74, 0x03, 0xf0, 0xe9, 0x6b, 0x00, + 0xee, 0x4f, 0xe8, 0x9c, 0x6c, 0xe0, 0x2e, 0x5e, 0xc2, 0xa5, 0x22, 0x9c, 0x39, 0x61, 0x24, 0xb8, + 0x60, 0xeb, 0x20, 0xfb, 0x37, 0x03, 0x1c, 0x5c, 0x0e, 0x87, 0x83, 0xab, 0x28, 0x60, 0x94, 0xf3, + 0x01, 0x11, 0x13, 0xd8, 0x05, 0xcd, 0x84, 0x88, 0x49, 0xc7, 0xe8, 0x1a, 0xa7, 0x3b, 0xee, 0xee, + 0xed, 0xc3, 0x49, 0x6d, 0xf9, 0x70, 0xd2, 0x94, 0x36, 0xac, 0x2c, 0xf0, 0x5b, 0xd0, 0x1e, 0x11, + 0x7f, 0x4a, 0xa3, 0x71, 0xa7, 0xde, 0x35, 0x4e, 0xcd, 0xde, 0x19, 0x7a, 0x63, 0x37, 0x90, 0xa6, + 0x77, 0x33, 0x90, 0x7b, 0xa0, 0x39, 0xdb, 0xfa, 0x02, 0x3f, 0xd1, 0xd9, 0x53, 0x70, 0x54, 0x7a, + 0x0e, 0x4e, 0x67, 0xf4, 0x1b, 0x32, 0x4b, 0x29, 0xf4, 0x40, 0x4b, 0x46, 0xe6, 0x1d, 0xa3, 0xdb, + 0x38, 0x35, 0x7b, 0xe8, 0x95, 0x78, 0x6b, 0x29, 0xb9, 0x7b, 0x3a, 0x60, 0x4b, 0x9e, 0x38, 0xce, + 0xb8, 0xec, 0xdf, 0xeb, 0xa0, 0xad, 0xbd, 0xe0, 0x0d, 0xd8, 0x96, 0x1d, 0x1c, 0x13, 0x41, 0x54, + 0xe2, 0x66, 0xef, 0xa3, 0x52, 0x8c, 0xbc, 0xa0, 0x28, 0x99, 0x06, 0xf2, 0x82, 0x23, 0xe9, 0x8d, + 0x16, 0xe7, 0xe8, 0x7a, 0xf4, 0x23, 0xf5, 0xc5, 0x97, 0x54, 0x10, 0x17, 0xea, 0x28, 0xa0, 0xb8, + 0xc3, 0x39, 0x2b, 0xec, 0x83, 0x26, 0x4f, 0xa8, 0xaf, 0x2b, 0xf6, 0x41, 0xb5, 0x8a, 0x79, 0x09, + 0xf5, 0x8b, 0x16, 0xc8, 0x13, 0x56, 0x2c, 0x70, 0x08, 0xb6, 0xb8, 0x20, 0x22, 0xe5, 0x9d, 0x86, + 0xe2, 0xfb, 0xb0, 0x22, 0x9f, 0xc2, 0xb8, 0xfb, 0x9a, 0x71, 0x2b, 0x3b, 0x63, 0xcd, 0x65, 0xff, + 0x65, 0x80, 0xfd, 0xd5, 0x5e, 0xc1, 0x4f, 0x80, 0xc9, 0x29, 0x5b, 0x84, 0x3e, 0xfd, 0x8a, 0xcc, + 0xa9, 0x16, 0xc5, 0x3b, 0x1a, 0x6f, 0x7a, 0x85, 0x09, 0x97, 0xfd, 0x60, 0x90, 0xc3, 0x06, 0x31, + 0x13, 0x3a, 0xe9, 0x97, 0x4b, 0x2a, 0x35, 0x8a, 0x32, 0x8d, 0xa2, 0xab, 0x48, 0x5c, 0x33, 0x4f, + 0xb0, 0x30, 0x0a, 0x36, 0x02, 0x49, 0x32, 0x5c, 0x66, 0xb6, 0xff, 0x36, 0x80, 0xa9, 0x9f, 0xdc, + 0x0f, 0xb9, 0x80, 0xdf, 0x6f, 0x34, 0x12, 0x55, 0x6b, 0xa4, 0x44, 0xab, 0x36, 0x1e, 0xea, 0x98, + 0xdb, 0x4f, 0x37, 0xa5, 0x26, 0x7e, 0x01, 0x5a, 0xa1, 0xa0, 0x73, 0xde, 0xa9, 0x2b, 0x1d, 0xbe, + 0x57, 0x51, 0xf7, 0xb9, 0xfe, 0xae, 0x24, 0x18, 0x67, 0x1c, 0xf6, 0x9f, 0xc5, 0xd3, 0xa5, 0xd2, + 0xe5, 0xe0, 0x4d, 0x62, 0x2e, 0xd6, 0x07, 0xef, 0x32, 0xe6, 0x02, 0x2b, 0x0b, 0x4c, 0xc1, 0x61, + 0xb8, 0x36, 0x1a, 0xba, 0xb4, 0x4e, 0xb5, 0x97, 0xe4, 0x30, 0xb7, 0xa3, 0xe9, 0x0f, 0xd7, 0x2d, + 0x78, 0x23, 0x84, 0x4d, 0xc1, 0x86, 0x17, 0xfc, 0x1a, 0x34, 0x27, 0x42, 0x24, 0xba, 0xc6, 0x17, + 0xd5, 0x07, 0xb2, 0x78, 0xc2, 0xb6, 0xca, 0x6e, 0x38, 0x1c, 0x60, 0x45, 0x65, 0xff, 0x57, 0xd4, + 0xc3, 0xcb, 0x34, 0x9e, 0xaf, 0x19, 0xe3, 0x6d, 0xd6, 0x8c, 0xf9, 0xdc, 0x8a, 0x81, 0x97, 0xa0, + 0x21, 0x66, 0x4f, 0x0d, 0x7c, 0xbf, 0x1a, 0xe3, 0xb0, 0xef, 0xb9, 0xa6, 0x2e, 0x58, 0x63, 0xd8, + 0xf7, 0xb0, 0xa4, 0x80, 0xd7, 0xa0, 0xc5, 0xd2, 0x19, 0x95, 0x23, 0xd8, 0xa8, 0x3e, 0xd2, 0x32, + 0xff, 0x42, 0x10, 0xf2, 0xc4, 0x71, 0xc6, 0x63, 0xff, 0x04, 0xf6, 0x56, 0xe6, 0x14, 0xde, 0x80, + 0xdd, 0x59, 0x4c, 0xc6, 0x2e, 0x99, 0x91, 0xc8, 0xa7, 0x4c, 0x97, 0x61, 0x45, 0x75, 0xf2, 0x6f, + 0xa5, 0xe4, 0x5b, 0xf2, 0xd3, 0x53, 0x7e, 0xa4, 0x83, 0xec, 0x96, 0x6d, 0x78, 0x85, 0xd1, 0x26, + 0x00, 0x14, 0x39, 0xc2, 0x13, 0xd0, 0x92, 0x3a, 0xcb, 0xd6, 0xec, 0x8e, 0xbb, 0x23, 0x5f, 0x28, + 0xe5, 0xc7, 0x71, 0x76, 0x0f, 0x7b, 0x00, 0x70, 0xea, 0x33, 0x2a, 0xd4, 0x32, 0xa8, 0x2b, 0xa1, + 0xe6, 0x6b, 0xcf, 0xcb, 0x2d, 0xb8, 0xe4, 0xe5, 0x9e, 0xdd, 0x3e, 0x5a, 0xb5, 0xbb, 0x47, 0xab, + 0x76, 0xff, 0x68, 0xd5, 0x7e, 0x5d, 0x5a, 0xc6, 0xed, 0xd2, 0x32, 0xee, 0x96, 0x96, 0x71, 0xbf, + 0xb4, 0x8c, 0x7f, 0x96, 0x96, 0xf1, 0xc7, 0xbf, 0x56, 0xed, 0xbb, 0xb6, 0x2e, 0xd3, 0xff, 0x01, + 0x00, 0x00, 0xff, 0xff, 0xdb, 0x8a, 0xe4, 0xd8, 0x21, 0x08, 0x00, 0x00, +} diff --git a/staging/src/k8s.io/api/networking/v1beta1/generated.proto b/staging/src/k8s.io/api/networking/v1beta1/generated.proto new file mode 100644 index 00000000000..7df19138e24 --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/generated.proto @@ -0,0 +1,186 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + + +// This file was autogenerated by go-to-protobuf. Do not edit it manually! + +syntax = 'proto2'; + +package k8s.io.api.networking.v1beta1; + +import "k8s.io/api/core/v1/generated.proto"; +import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; +import "k8s.io/apimachinery/pkg/runtime/generated.proto"; +import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; +import "k8s.io/apimachinery/pkg/util/intstr/generated.proto"; + +// Package-wide variables from generator "generated". +option go_package = "v1beta1"; + +// HTTPIngressPath associates a path regex with a backend. Incoming urls matching +// the path are forwarded to the backend. +message HTTPIngressPath { + // Path is an extended POSIX regex as defined by IEEE Std 1003.1, + // (i.e this follows the egrep/unix syntax, not the perl syntax) + // matched against the path of an incoming request. Currently it can + // contain characters disallowed from the conventional "path" + // part of a URL as defined by RFC 3986. Paths must begin with + // a '/'. If unspecified, the path defaults to a catch all sending + // traffic to the backend. + // +optional + optional string path = 1; + + // Backend defines the referenced service endpoint to which the traffic + // will be forwarded to. + optional IngressBackend backend = 2; +} + +// HTTPIngressRuleValue is a list of http selectors pointing to backends. +// In the example: http:///? -> backend where +// where parts of the url correspond to RFC 3986, this resource will be used +// to match against everything after the last '/' and before the first '?' +// or '#'. +message HTTPIngressRuleValue { + // A collection of paths that map requests to backends. + repeated HTTPIngressPath paths = 1; +} + +// Ingress is a collection of rules that allow inbound connections to reach the +// endpoints defined by a backend. An Ingress can be configured to give services +// externally-reachable urls, load balance traffic, terminate SSL, offer name +// based virtual hosting etc. +message Ingress { + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // +optional + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; + + // Spec is the desired state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // +optional + optional IngressSpec spec = 2; + + // Status is the current state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // +optional + optional IngressStatus status = 3; +} + +// IngressBackend describes all endpoints for a given service and port. +message IngressBackend { + // Specifies the name of the referenced service. + optional string serviceName = 1; + + // Specifies the port of the referenced service. + optional k8s.io.apimachinery.pkg.util.intstr.IntOrString servicePort = 2; +} + +// IngressList is a collection of Ingress. +message IngressList { + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // +optional + optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; + + // Items is the list of Ingress. + repeated Ingress items = 2; +} + +// IngressRule represents the rules mapping the paths under a specified host to +// the related backend services. Incoming requests are first evaluated for a host +// match, then routed to the backend associated with the matching IngressRuleValue. +message IngressRule { + // Host is the fully qualified domain name of a network host, as defined + // by RFC 3986. Note the following deviations from the "host" part of the + // URI as defined in the RFC: + // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the + // IP in the Spec of the parent Ingress. + // 2. The `:` delimiter is not respected because ports are not allowed. + // Currently the port of an Ingress is implicitly :80 for http and + // :443 for https. + // Both these may change in the future. + // Incoming requests are matched against the host before the IngressRuleValue. + // If the host is unspecified, the Ingress routes all traffic based on the + // specified IngressRuleValue. + // +optional + optional string host = 1; + + // IngressRuleValue represents a rule to route requests for this IngressRule. + // If unspecified, the rule defaults to a http catch-all. Whether that sends + // just traffic matching the host to the default backend or all traffic to the + // default backend, is left to the controller fulfilling the Ingress. Http is + // currently the only supported IngressRuleValue. + // +optional + optional IngressRuleValue ingressRuleValue = 2; +} + +// IngressRuleValue represents a rule to apply against incoming requests. If the +// rule is satisfied, the request is routed to the specified backend. Currently +// mixing different types of rules in a single Ingress is disallowed, so exactly +// one of the following must be set. +message IngressRuleValue { + // +optional + optional HTTPIngressRuleValue http = 1; +} + +// IngressSpec describes the Ingress the user wishes to exist. +message IngressSpec { + // A default backend capable of servicing requests that don't match any + // rule. At least one of 'backend' or 'rules' must be specified. This field + // is optional to allow the loadbalancer controller or defaulting logic to + // specify a global default. + // +optional + optional IngressBackend backend = 1; + + // TLS configuration. Currently the Ingress only supports a single TLS + // port, 443. If multiple members of this list specify different hosts, they + // will be multiplexed on the same port according to the hostname specified + // through the SNI TLS extension, if the ingress controller fulfilling the + // ingress supports SNI. + // +optional + repeated IngressTLS tls = 2; + + // A list of host rules used to configure the Ingress. If unspecified, or + // no rule matches, all traffic is sent to the default backend. + // +optional + repeated IngressRule rules = 3; +} + +// IngressStatus describe the current state of the Ingress. +message IngressStatus { + // LoadBalancer contains the current status of the load-balancer. + // +optional + optional k8s.io.api.core.v1.LoadBalancerStatus loadBalancer = 1; +} + +// IngressTLS describes the transport layer security associated with an Ingress. +message IngressTLS { + // Hosts are a list of hosts included in the TLS certificate. The values in + // this list must match the name/s used in the tlsSecret. Defaults to the + // wildcard host setting for the loadbalancer controller fulfilling this + // Ingress, if left unspecified. + // +optional + repeated string hosts = 1; + + // SecretName is the name of the secret used to terminate SSL traffic on 443. + // Field is left optional to allow SSL routing based on SNI hostname alone. + // If the SNI host in a listener conflicts with the "Host" header field used + // by an IngressRule, the SNI host is used for termination and value of the + // Host header is used for routing. + // +optional + optional string secretName = 2; +} + diff --git a/staging/src/k8s.io/api/networking/v1beta1/register.go b/staging/src/k8s.io/api/networking/v1beta1/register.go new file mode 100644 index 00000000000..c046c49012c --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/register.go @@ -0,0 +1,56 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name use in this package +const GroupName = "networking.k8s.io" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // SchemeBuilder holds functions that add things to a scheme + // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api. + // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + localSchemeBuilder = &SchemeBuilder + + // AddToScheme adds the types of this group into the given scheme. + AddToScheme = localSchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &Ingress{}, + &IngressList{}, + ) + // Add the watch version that applies + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/staging/src/k8s.io/api/networking/v1beta1/types.go b/staging/src/k8s.io/api/networking/v1beta1/types.go new file mode 100644 index 00000000000..63bf2d52a3d --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/types.go @@ -0,0 +1,192 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// Ingress is a collection of rules that allow inbound connections to reach the +// endpoints defined by a backend. An Ingress can be configured to give services +// externally-reachable urls, load balance traffic, terminate SSL, offer name +// based virtual hosting etc. +type Ingress struct { + metav1.TypeMeta `json:",inline"` + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // +optional + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // Spec is the desired state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // +optional + Spec IngressSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` + + // Status is the current state of the Ingress. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status + // +optional + Status IngressStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// IngressList is a collection of Ingress. +type IngressList struct { + metav1.TypeMeta `json:",inline"` + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // +optional + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // Items is the list of Ingress. + Items []Ingress `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// IngressSpec describes the Ingress the user wishes to exist. +type IngressSpec struct { + // A default backend capable of servicing requests that don't match any + // rule. At least one of 'backend' or 'rules' must be specified. This field + // is optional to allow the loadbalancer controller or defaulting logic to + // specify a global default. + // +optional + Backend *IngressBackend `json:"backend,omitempty" protobuf:"bytes,1,opt,name=backend"` + + // TLS configuration. Currently the Ingress only supports a single TLS + // port, 443. If multiple members of this list specify different hosts, they + // will be multiplexed on the same port according to the hostname specified + // through the SNI TLS extension, if the ingress controller fulfilling the + // ingress supports SNI. + // +optional + TLS []IngressTLS `json:"tls,omitempty" protobuf:"bytes,2,rep,name=tls"` + + // A list of host rules used to configure the Ingress. If unspecified, or + // no rule matches, all traffic is sent to the default backend. + // +optional + Rules []IngressRule `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"` + // TODO: Add the ability to specify load-balancer IP through claims +} + +// IngressTLS describes the transport layer security associated with an Ingress. +type IngressTLS struct { + // Hosts are a list of hosts included in the TLS certificate. The values in + // this list must match the name/s used in the tlsSecret. Defaults to the + // wildcard host setting for the loadbalancer controller fulfilling this + // Ingress, if left unspecified. + // +optional + Hosts []string `json:"hosts,omitempty" protobuf:"bytes,1,rep,name=hosts"` + // SecretName is the name of the secret used to terminate SSL traffic on 443. + // Field is left optional to allow SSL routing based on SNI hostname alone. + // If the SNI host in a listener conflicts with the "Host" header field used + // by an IngressRule, the SNI host is used for termination and value of the + // Host header is used for routing. + // +optional + SecretName string `json:"secretName,omitempty" protobuf:"bytes,2,opt,name=secretName"` + // TODO: Consider specifying different modes of termination, protocols etc. +} + +// IngressStatus describe the current state of the Ingress. +type IngressStatus struct { + // LoadBalancer contains the current status of the load-balancer. + // +optional + LoadBalancer v1.LoadBalancerStatus `json:"loadBalancer,omitempty" protobuf:"bytes,1,opt,name=loadBalancer"` +} + +// IngressRule represents the rules mapping the paths under a specified host to +// the related backend services. Incoming requests are first evaluated for a host +// match, then routed to the backend associated with the matching IngressRuleValue. +type IngressRule struct { + // Host is the fully qualified domain name of a network host, as defined + // by RFC 3986. Note the following deviations from the "host" part of the + // URI as defined in the RFC: + // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the + // IP in the Spec of the parent Ingress. + // 2. The `:` delimiter is not respected because ports are not allowed. + // Currently the port of an Ingress is implicitly :80 for http and + // :443 for https. + // Both these may change in the future. + // Incoming requests are matched against the host before the IngressRuleValue. + // If the host is unspecified, the Ingress routes all traffic based on the + // specified IngressRuleValue. + // +optional + Host string `json:"host,omitempty" protobuf:"bytes,1,opt,name=host"` + // IngressRuleValue represents a rule to route requests for this IngressRule. + // If unspecified, the rule defaults to a http catch-all. Whether that sends + // just traffic matching the host to the default backend or all traffic to the + // default backend, is left to the controller fulfilling the Ingress. Http is + // currently the only supported IngressRuleValue. + // +optional + IngressRuleValue `json:",inline,omitempty" protobuf:"bytes,2,opt,name=ingressRuleValue"` +} + +// IngressRuleValue represents a rule to apply against incoming requests. If the +// rule is satisfied, the request is routed to the specified backend. Currently +// mixing different types of rules in a single Ingress is disallowed, so exactly +// one of the following must be set. +type IngressRuleValue struct { + //TODO: + // 1. Consider renaming this resource and the associated rules so they + // aren't tied to Ingress. They can be used to route intra-cluster traffic. + // 2. Consider adding fields for ingress-type specific global options + // usable by a loadbalancer, like http keep-alive. + + // +optional + HTTP *HTTPIngressRuleValue `json:"http,omitempty" protobuf:"bytes,1,opt,name=http"` +} + +// HTTPIngressRuleValue is a list of http selectors pointing to backends. +// In the example: http:///? -> backend where +// where parts of the url correspond to RFC 3986, this resource will be used +// to match against everything after the last '/' and before the first '?' +// or '#'. +type HTTPIngressRuleValue struct { + // A collection of paths that map requests to backends. + Paths []HTTPIngressPath `json:"paths" protobuf:"bytes,1,rep,name=paths"` + // TODO: Consider adding fields for ingress-type specific global + // options usable by a loadbalancer, like http keep-alive. +} + +// HTTPIngressPath associates a path regex with a backend. Incoming urls matching +// the path are forwarded to the backend. +type HTTPIngressPath struct { + // Path is an extended POSIX regex as defined by IEEE Std 1003.1, + // (i.e this follows the egrep/unix syntax, not the perl syntax) + // matched against the path of an incoming request. Currently it can + // contain characters disallowed from the conventional "path" + // part of a URL as defined by RFC 3986. Paths must begin with + // a '/'. If unspecified, the path defaults to a catch all sending + // traffic to the backend. + // +optional + Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` + + // Backend defines the referenced service endpoint to which the traffic + // will be forwarded to. + Backend IngressBackend `json:"backend" protobuf:"bytes,2,opt,name=backend"` +} + +// IngressBackend describes all endpoints for a given service and port. +type IngressBackend struct { + // Specifies the name of the referenced service. + ServiceName string `json:"serviceName" protobuf:"bytes,1,opt,name=serviceName"` + + // Specifies the port of the referenced service. + ServicePort intstr.IntOrString `json:"servicePort" protobuf:"bytes,2,opt,name=servicePort"` +} diff --git a/staging/src/k8s.io/api/networking/v1beta1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/networking/v1beta1/types_swagger_doc_generated.go new file mode 100644 index 00000000000..9e05b7f1bbf --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/types_swagger_doc_generated.go @@ -0,0 +1,127 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +// This file contains a collection of methods that can be used from go-restful to +// generate Swagger API documentation for its models. Please read this PR for more +// information on the implementation: https://github.com/emicklei/go-restful/pull/215 +// +// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if +// they are on one line! For multiple line or blocks that you want to ignore use ---. +// Any context after a --- is ignored. +// +// Those methods can be generated by using hack/update-generated-swagger-docs.sh + +// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT. +var map_HTTPIngressPath = map[string]string{ + "": "HTTPIngressPath associates a path regex with a backend. Incoming urls matching the path are forwarded to the backend.", + "path": "Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend.", + "backend": "Backend defines the referenced service endpoint to which the traffic will be forwarded to.", +} + +func (HTTPIngressPath) SwaggerDoc() map[string]string { + return map_HTTPIngressPath +} + +var map_HTTPIngressRuleValue = map[string]string{ + "": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", + "paths": "A collection of paths that map requests to backends.", +} + +func (HTTPIngressRuleValue) SwaggerDoc() map[string]string { + return map_HTTPIngressRuleValue +} + +var map_Ingress = map[string]string{ + "": "Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "spec": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", + "status": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status", +} + +func (Ingress) SwaggerDoc() map[string]string { + return map_Ingress +} + +var map_IngressBackend = map[string]string{ + "": "IngressBackend describes all endpoints for a given service and port.", + "serviceName": "Specifies the name of the referenced service.", + "servicePort": "Specifies the port of the referenced service.", +} + +func (IngressBackend) SwaggerDoc() map[string]string { + return map_IngressBackend +} + +var map_IngressList = map[string]string{ + "": "IngressList is a collection of Ingress.", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "items": "Items is the list of Ingress.", +} + +func (IngressList) SwaggerDoc() map[string]string { + return map_IngressList +} + +var map_IngressRule = map[string]string{ + "": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", + "host": "Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the\n\t IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.", +} + +func (IngressRule) SwaggerDoc() map[string]string { + return map_IngressRule +} + +var map_IngressRuleValue = map[string]string{ + "": "IngressRuleValue represents a rule to apply against incoming requests. If the rule is satisfied, the request is routed to the specified backend. Currently mixing different types of rules in a single Ingress is disallowed, so exactly one of the following must be set.", +} + +func (IngressRuleValue) SwaggerDoc() map[string]string { + return map_IngressRuleValue +} + +var map_IngressSpec = map[string]string{ + "": "IngressSpec describes the Ingress the user wishes to exist.", + "backend": "A default backend capable of servicing requests that don't match any rule. At least one of 'backend' or 'rules' must be specified. This field is optional to allow the loadbalancer controller or defaulting logic to specify a global default.", + "tls": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "rules": "A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", +} + +func (IngressSpec) SwaggerDoc() map[string]string { + return map_IngressSpec +} + +var map_IngressStatus = map[string]string{ + "": "IngressStatus describe the current state of the Ingress.", + "loadBalancer": "LoadBalancer contains the current status of the load-balancer.", +} + +func (IngressStatus) SwaggerDoc() map[string]string { + return map_IngressStatus +} + +var map_IngressTLS = map[string]string{ + "": "IngressTLS describes the transport layer security associated with an Ingress.", + "hosts": "Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "secretName": "SecretName is the name of the secret used to terminate SSL traffic on 443. Field is left optional to allow SSL routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.", +} + +func (IngressTLS) SwaggerDoc() map[string]string { + return map_IngressTLS +} + +// AUTO-GENERATED FUNCTIONS END HERE diff --git a/staging/src/k8s.io/api/networking/v1beta1/zz_generated.deepcopy.go b/staging/src/k8s.io/api/networking/v1beta1/zz_generated.deepcopy.go new file mode 100644 index 00000000000..6342c985c87 --- /dev/null +++ b/staging/src/k8s.io/api/networking/v1beta1/zz_generated.deepcopy.go @@ -0,0 +1,252 @@ +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1beta1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressPath) DeepCopyInto(out *HTTPIngressPath) { + *out = *in + out.Backend = in.Backend + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressPath. +func (in *HTTPIngressPath) DeepCopy() *HTTPIngressPath { + if in == nil { + return nil + } + out := new(HTTPIngressPath) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPIngressRuleValue) DeepCopyInto(out *HTTPIngressRuleValue) { + *out = *in + if in.Paths != nil { + in, out := &in.Paths, &out.Paths + *out = make([]HTTPIngressPath, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPIngressRuleValue. +func (in *HTTPIngressRuleValue) DeepCopy() *HTTPIngressRuleValue { + if in == nil { + return nil + } + out := new(HTTPIngressRuleValue) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Ingress) DeepCopyInto(out *Ingress) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. +func (in *Ingress) DeepCopy() *Ingress { + if in == nil { + return nil + } + out := new(Ingress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Ingress) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressBackend) DeepCopyInto(out *IngressBackend) { + *out = *in + out.ServicePort = in.ServicePort + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressBackend. +func (in *IngressBackend) DeepCopy() *IngressBackend { + if in == nil { + return nil + } + out := new(IngressBackend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressList) DeepCopyInto(out *IngressList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Ingress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressList. +func (in *IngressList) DeepCopy() *IngressList { + if in == nil { + return nil + } + out := new(IngressList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *IngressList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRule) DeepCopyInto(out *IngressRule) { + *out = *in + in.IngressRuleValue.DeepCopyInto(&out.IngressRuleValue) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRule. +func (in *IngressRule) DeepCopy() *IngressRule { + if in == nil { + return nil + } + out := new(IngressRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressRuleValue) DeepCopyInto(out *IngressRuleValue) { + *out = *in + if in.HTTP != nil { + in, out := &in.HTTP, &out.HTTP + *out = new(HTTPIngressRuleValue) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressRuleValue. +func (in *IngressRuleValue) DeepCopy() *IngressRuleValue { + if in == nil { + return nil + } + out := new(IngressRuleValue) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressSpec) DeepCopyInto(out *IngressSpec) { + *out = *in + if in.Backend != nil { + in, out := &in.Backend, &out.Backend + *out = new(IngressBackend) + **out = **in + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = make([]IngressTLS, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]IngressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressSpec. +func (in *IngressSpec) DeepCopy() *IngressSpec { + if in == nil { + return nil + } + out := new(IngressSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressStatus) DeepCopyInto(out *IngressStatus) { + *out = *in + in.LoadBalancer.DeepCopyInto(&out.LoadBalancer) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressStatus. +func (in *IngressStatus) DeepCopy() *IngressStatus { + if in == nil { + return nil + } + out := new(IngressStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IngressTLS) DeepCopyInto(out *IngressTLS) { + *out = *in + if in.Hosts != nil { + in, out := &in.Hosts, &out.Hosts + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressTLS. +func (in *IngressTLS) DeepCopy() *IngressTLS { + if in == nil { + return nil + } + out := new(IngressTLS) + in.DeepCopyInto(out) + return out +} diff --git a/staging/src/k8s.io/api/policy/OWNERS b/staging/src/k8s.io/api/policy/OWNERS old mode 100755 new mode 100644 index 61a5da4cf3e..8d0776d605a --- a/staging/src/k8s.io/api/policy/OWNERS +++ b/staging/src/k8s.io/api/policy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-apps-reviewers diff --git a/staging/src/k8s.io/api/rbac/OWNERS b/staging/src/k8s.io/api/rbac/OWNERS old mode 100755 new mode 100644 index ff4a7f4bf9a..dbc9a28c6f2 --- a/staging/src/k8s.io/api/rbac/OWNERS +++ b/staging/src/k8s.io/api/rbac/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-authorizers-approvers diff --git a/staging/src/k8s.io/api/scheduling/v1beta1/generated.proto b/staging/src/k8s.io/api/scheduling/v1beta1/generated.proto index 0a95755032e..d7f61627487 100644 --- a/staging/src/k8s.io/api/scheduling/v1beta1/generated.proto +++ b/staging/src/k8s.io/api/scheduling/v1beta1/generated.proto @@ -32,7 +32,7 @@ option go_package = "v1beta1"; // integer value. The value can be any valid integer. message PriorityClass { // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; @@ -57,7 +57,7 @@ message PriorityClass { // PriorityClassList is a collection of priority classes. message PriorityClassList { // Standard list metadata - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; diff --git a/staging/src/k8s.io/api/scheduling/v1beta1/types.go b/staging/src/k8s.io/api/scheduling/v1beta1/types.go index a9aaa86650d..55829f7cac2 100644 --- a/staging/src/k8s.io/api/scheduling/v1beta1/types.go +++ b/staging/src/k8s.io/api/scheduling/v1beta1/types.go @@ -29,7 +29,7 @@ import ( type PriorityClass struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` @@ -57,7 +57,7 @@ type PriorityClass struct { type PriorityClassList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` diff --git a/staging/src/k8s.io/api/scheduling/v1beta1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/scheduling/v1beta1/types_swagger_doc_generated.go index c18f54a82c7..0bbc8014a30 100644 --- a/staging/src/k8s.io/api/scheduling/v1beta1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/scheduling/v1beta1/types_swagger_doc_generated.go @@ -29,7 +29,7 @@ package v1beta1 // AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT. var map_PriorityClass = map[string]string{ "": "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.", - "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "value": "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.", "globalDefault": "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.", "description": "description is an arbitrary string that usually provides guidelines on when this priority class should be used.", @@ -41,7 +41,7 @@ func (PriorityClass) SwaggerDoc() map[string]string { var map_PriorityClassList = map[string]string{ "": "PriorityClassList is a collection of priority classes.", - "metadata": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "items is the list of PriorityClasses", } diff --git a/staging/src/k8s.io/api/settings/v1alpha1/generated.proto b/staging/src/k8s.io/api/settings/v1alpha1/generated.proto index d5534c4de93..db1ec9312bb 100644 --- a/staging/src/k8s.io/api/settings/v1alpha1/generated.proto +++ b/staging/src/k8s.io/api/settings/v1alpha1/generated.proto @@ -42,7 +42,7 @@ message PodPreset { // PodPresetList is a list of PodPreset objects. message PodPresetList { // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; diff --git a/staging/src/k8s.io/api/settings/v1alpha1/types.go b/staging/src/k8s.io/api/settings/v1alpha1/types.go index 506aacf4a9c..8cc99d440d4 100644 --- a/staging/src/k8s.io/api/settings/v1alpha1/types.go +++ b/staging/src/k8s.io/api/settings/v1alpha1/types.go @@ -61,7 +61,7 @@ type PodPresetSpec struct { type PodPresetList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` diff --git a/staging/src/k8s.io/api/settings/v1alpha1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/settings/v1alpha1/types_swagger_doc_generated.go index 508c452f19e..0501e0af357 100644 --- a/staging/src/k8s.io/api/settings/v1alpha1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/settings/v1alpha1/types_swagger_doc_generated.go @@ -37,7 +37,7 @@ func (PodPreset) SwaggerDoc() map[string]string { var map_PodPresetList = map[string]string{ "": "PodPresetList is a list of PodPreset objects.", - "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata", + "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "items": "Items is a list of schema objects.", } diff --git a/staging/src/k8s.io/api/storage/OWNERS b/staging/src/k8s.io/api/storage/OWNERS old mode 100755 new mode 100644 index d59ed6e1d8a..7562f04b86a --- a/staging/src/k8s.io/api/storage/OWNERS +++ b/staging/src/k8s.io/api/storage/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - mbohlool diff --git a/staging/src/k8s.io/api/storage/v1/doc.go b/staging/src/k8s.io/api/storage/v1/doc.go index ff8bb34ca1c..84565f89b29 100644 --- a/staging/src/k8s.io/api/storage/v1/doc.go +++ b/staging/src/k8s.io/api/storage/v1/doc.go @@ -18,4 +18,4 @@ limitations under the License. // +groupName=storage.k8s.io // +k8s:openapi-gen=true -package v1 +package v1 // import "k8s.io/api/storage/v1" diff --git a/staging/src/k8s.io/apiextensions-apiserver/CONTRIBUTING.md b/staging/src/k8s.io/apiextensions-apiserver/CONTRIBUTING.md index d8ad4d2d347..dd04688b231 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/CONTRIBUTING.md +++ b/staging/src/k8s.io/apiextensions-apiserver/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/apiextensions-apiserver](https://git.k8s.io/kubernetes/staging/src/k8s.io/apiextensions-apiserver) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json index 0b3f8a7018d..b8c84f32c6d 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json @@ -6,14 +6,6 @@ "./..." ], "Deps": [ - { - "ImportPath": "github.com/Azure/go-ansiterm", - "Rev": "d6e3b3328b783f23731bc4d058875b0371ff8109" - }, - { - "ImportPath": "github.com/Azure/go-ansiterm/winterm", - "Rev": "d6e3b3328b783f23731bc4d058875b0371ff8109" - }, { "ImportPath": "github.com/NYTimes/gziphandler", "Rev": "56545f4a5d46df9a6648819d1664c3a03a13ffdb" @@ -354,14 +346,6 @@ "ImportPath": "github.com/dgrijalva/jwt-go", "Rev": "01aeca54ebda6e0fbfafd0a524d234159c05ec20" }, - { - "ImportPath": "github.com/docker/docker/pkg/term", - "Rev": "a9fbbdc8dd8794b20af358382ab780559bca589d" - }, - { - "ImportPath": "github.com/docker/docker/pkg/term/windows", - "Rev": "a9fbbdc8dd8794b20af358382ab780559bca589d" - }, { "ImportPath": "github.com/emicklei/go-restful", "Rev": "ff4f55a206334ef123e4f79bbf348980da81ca46" @@ -372,7 +356,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/ghodss/yaml", @@ -502,14 +486,6 @@ "ImportPath": "github.com/gorilla/websocket", "Rev": "4201258b820c74ac8e6922fc9e6b52f71fe46f8d" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/grpc-ecosystem/go-grpc-middleware", "Rev": "498ae206fc3cfe81cd82e48c1d4354026fa5f9ec" @@ -532,11 +508,11 @@ }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/imdario/mergo", @@ -590,13 +566,9 @@ "ImportPath": "github.com/pborman/uuid", "Rev": "ca53cad383cad2479bbba7f7a1a05797ec1386e4" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/prometheus/client_golang/prometheus", @@ -1026,6 +998,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1618,10 +1594,6 @@ "ImportPath": "k8s.io/apiserver/pkg/util/feature", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, - { - "ImportPath": "k8s.io/apiserver/pkg/util/flag", - "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" - }, { "ImportPath": "k8s.io/apiserver/pkg/util/flushwriter", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1802,6 +1774,10 @@ "ImportPath": "k8s.io/client-go/informers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/policy", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1958,6 +1934,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -2070,6 +2050,10 @@ "ImportPath": "k8s.io/client-go/listers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -2242,6 +2226,10 @@ "ImportPath": "k8s.io/client-go/util/retry", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/component-base/cli/flag", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/component-base/logs", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -2252,27 +2240,27 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/builder", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/common", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/handler", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/schemaconv", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/apimachinery/pkg/api/apitesting/fuzzer", diff --git a/staging/src/k8s.io/apiextensions-apiserver/Godeps/OWNERS b/staging/src/k8s.io/apiextensions-apiserver/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/Godeps/OWNERS +++ b/staging/src/k8s.io/apiextensions-apiserver/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/apiextensions-apiserver/OWNERS b/staging/src/k8s.io/apiextensions-apiserver/OWNERS index 6d8c639240d..df1974380ae 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/OWNERS +++ b/staging/src/k8s.io/apiextensions-apiserver/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - sttts diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/OWNERS b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/OWNERS index bae178f8175..38336c177f9 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/OWNERS +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/helpers.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/helpers.go index 92cad7d9b73..964a6190baa 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/helpers.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/helpers.go @@ -23,8 +23,9 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// SetCRDCondition sets the status condition. It either overwrites the existing one or -// creates a new one +var swaggerMetadataDescriptions = metav1.ObjectMeta{}.SwaggerDoc() + +// SetCRDCondition sets the status condition. It either overwrites the existing one or creates a new one. func SetCRDCondition(crd *CustomResourceDefinition, newCondition CustomResourceDefinitionCondition) { existingCondition := FindCRDCondition(crd, newCondition.Type) if existingCondition == nil { @@ -53,7 +54,7 @@ func RemoveCRDCondition(crd *CustomResourceDefinition, conditionType CustomResou crd.Status.Conditions = newConditions } -// FindCRDCondition returns the condition you're looking for or nil +// FindCRDCondition returns the condition you're looking for or nil. func FindCRDCondition(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType) *CustomResourceDefinitionCondition { for i := range crd.Status.Conditions { if crd.Status.Conditions[i].Type == conditionType { @@ -64,17 +65,17 @@ func FindCRDCondition(crd *CustomResourceDefinition, conditionType CustomResourc return nil } -// IsCRDConditionTrue indicates if the condition is present and strictly true +// IsCRDConditionTrue indicates if the condition is present and strictly true. func IsCRDConditionTrue(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType) bool { return IsCRDConditionPresentAndEqual(crd, conditionType, ConditionTrue) } -// IsCRDConditionFalse indicates if the condition is present and false true +// IsCRDConditionFalse indicates if the condition is present and false. func IsCRDConditionFalse(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType) bool { return IsCRDConditionPresentAndEqual(crd, conditionType, ConditionFalse) } -// IsCRDConditionPresentAndEqual indicates if the condition is present and equal to the arg +// IsCRDConditionPresentAndEqual indicates if the condition is present and equal to the given status. func IsCRDConditionPresentAndEqual(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType, status ConditionStatus) bool { for _, condition := range crd.Status.Conditions { if condition.Type == conditionType { @@ -84,7 +85,7 @@ func IsCRDConditionPresentAndEqual(crd *CustomResourceDefinition, conditionType return false } -// IsCRDConditionEquivalent returns true if the lhs and rhs are equivalent except for times +// IsCRDConditionEquivalent returns true if the lhs and rhs are equivalent except for times. func IsCRDConditionEquivalent(lhs, rhs *CustomResourceDefinitionCondition) bool { if lhs == nil && rhs == nil { return true @@ -96,7 +97,7 @@ func IsCRDConditionEquivalent(lhs, rhs *CustomResourceDefinitionCondition) bool return lhs.Message == rhs.Message && lhs.Reason == rhs.Reason && lhs.Status == rhs.Status && lhs.Type == rhs.Type } -// CRDHasFinalizer returns true if the finalizer is in the list +// CRDHasFinalizer returns true if the finalizer is in the list. func CRDHasFinalizer(crd *CustomResourceDefinition, needle string) bool { for _, finalizer := range crd.Finalizers { if finalizer == needle { @@ -107,7 +108,7 @@ func CRDHasFinalizer(crd *CustomResourceDefinition, needle string) bool { return false } -// CRDRemoveFinalizer removes the finalizer if present +// CRDRemoveFinalizer removes the finalizer if present. func CRDRemoveFinalizer(crd *CustomResourceDefinition, needle string) { newFinalizers := []string{} for _, finalizer := range crd.Finalizers { @@ -118,7 +119,7 @@ func CRDRemoveFinalizer(crd *CustomResourceDefinition, needle string) { crd.Finalizers = newFinalizers } -// HasServedCRDVersion returns true if `version` is in the list of CRD's versions and the Served flag is set. +// HasServedCRDVersion returns true if the given version is in the list of CRD's versions and the Served flag is set. func HasServedCRDVersion(crd *CustomResourceDefinition, version string) bool { for _, v := range crd.Spec.Versions { if v.Name == version { @@ -139,6 +140,7 @@ func GetCRDStorageVersion(crd *CustomResourceDefinition) (string, error) { return "", fmt.Errorf("invalid CustomResourceDefinition, no storage version") } +// IsStoredVersion returns whether the given version is the storage version of the CRD. func IsStoredVersion(crd *CustomResourceDefinition, version string) bool { for _, v := range crd.Status.StoredVersions { if version == v { @@ -147,3 +149,108 @@ func IsStoredVersion(crd *CustomResourceDefinition, version string) bool { } return false } + +// GetSchemaForVersion returns the validation schema for the given version or nil. +func GetSchemaForVersion(crd *CustomResourceDefinition, version string) (*CustomResourceValidation, error) { + if !HasPerVersionSchema(crd.Spec.Versions) { + return crd.Spec.Validation, nil + } + if crd.Spec.Validation != nil { + return nil, fmt.Errorf("malformed CustomResourceDefinition %s version %s: top-level and per-version schemas must be mutual exclusive", crd.Name, version) + } + for _, v := range crd.Spec.Versions { + if version == v.Name { + return v.Schema, nil + } + } + return nil, fmt.Errorf("version %s not found in CustomResourceDefinition: %v", version, crd.Name) +} + +// GetSubresourcesForVersion returns the subresources for given version or nil. +func GetSubresourcesForVersion(crd *CustomResourceDefinition, version string) (*CustomResourceSubresources, error) { + if !HasPerVersionSubresources(crd.Spec.Versions) { + return crd.Spec.Subresources, nil + } + if crd.Spec.Subresources != nil { + return nil, fmt.Errorf("malformed CustomResourceDefinition %s version %s: top-level and per-version subresources must be mutual exclusive", crd.Name, version) + } + for _, v := range crd.Spec.Versions { + if version == v.Name { + return v.Subresources, nil + } + } + return nil, fmt.Errorf("version %s not found in CustomResourceDefinition: %v", version, crd.Name) +} + +// GetColumnsForVersion returns the columns for given version or nil. +// NOTE: the newly logically-defaulted columns is not pointing to the original CRD object. +// One cannot mutate the original CRD columns using the logically-defaulted columns. Please iterate through +// the original CRD object instead. +func GetColumnsForVersion(crd *CustomResourceDefinition, version string) ([]CustomResourceColumnDefinition, error) { + if !HasPerVersionColumns(crd.Spec.Versions) { + return serveDefaultColumnsIfEmpty(crd.Spec.AdditionalPrinterColumns), nil + } + if len(crd.Spec.AdditionalPrinterColumns) > 0 { + return nil, fmt.Errorf("malformed CustomResourceDefinition %s version %s: top-level and per-version additionalPrinterColumns must be mutual exclusive", crd.Name, version) + } + for _, v := range crd.Spec.Versions { + if version == v.Name { + return serveDefaultColumnsIfEmpty(v.AdditionalPrinterColumns), nil + } + } + return nil, fmt.Errorf("version %s not found in CustomResourceDefinition: %v", version, crd.Name) +} + +// HasPerVersionSchema returns true if a CRD uses per-version schema. +func HasPerVersionSchema(versions []CustomResourceDefinitionVersion) bool { + for _, v := range versions { + if v.Schema != nil { + return true + } + } + return false +} + +// HasPerVersionSubresources returns true if a CRD uses per-version subresources. +func HasPerVersionSubresources(versions []CustomResourceDefinitionVersion) bool { + for _, v := range versions { + if v.Subresources != nil { + return true + } + } + return false +} + +// HasPerVersionColumns returns true if a CRD uses per-version columns. +func HasPerVersionColumns(versions []CustomResourceDefinitionVersion) bool { + for _, v := range versions { + if len(v.AdditionalPrinterColumns) > 0 { + return true + } + } + return false +} + +// serveDefaultColumnsIfEmpty applies logically defaulting to columns, if the input columns is empty. +// NOTE: in this way, the newly logically-defaulted columns is not pointing to the original CRD object. +// One cannot mutate the original CRD columns using the logically-defaulted columns. Please iterate through +// the original CRD object instead. +func serveDefaultColumnsIfEmpty(columns []CustomResourceColumnDefinition) []CustomResourceColumnDefinition { + if len(columns) > 0 { + return columns + } + return []CustomResourceColumnDefinition{ + {Name: "Age", Type: "date", Description: swaggerMetadataDescriptions["creationTimestamp"], JSONPath: ".metadata.creationTimestamp"}, + } +} + +// HasVersionServed returns true if given CRD has given version served. +func HasVersionServed(crd *CustomResourceDefinition, version string) bool { + for _, v := range crd.Spec.Versions { + if !v.Served || v.Name != version { + continue + } + return true + } + return false +} diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go index 9776731cf99..7d25c538e21 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go @@ -68,7 +68,7 @@ type JSON struct { // See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators func (_ JSON) OpenAPISchemaType() []string { // TODO: return actual types when anyOf is supported - return []string{} + return nil } // OpenAPISchemaFormat is used by the kube-openapi generator when constructing @@ -91,7 +91,7 @@ type JSONSchemaPropsOrArray struct { // See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators func (_ JSONSchemaPropsOrArray) OpenAPISchemaType() []string { // TODO: return actual types when anyOf is supported - return []string{} + return nil } // OpenAPISchemaFormat is used by the kube-openapi generator when constructing @@ -111,7 +111,7 @@ type JSONSchemaPropsOrBool struct { // See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators func (_ JSONSchemaPropsOrBool) OpenAPISchemaType() []string { // TODO: return actual types when anyOf is supported - return []string{} + return nil } // OpenAPISchemaFormat is used by the kube-openapi generator when constructing @@ -133,7 +133,7 @@ type JSONSchemaPropsOrStringArray struct { // See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators func (_ JSONSchemaPropsOrStringArray) OpenAPISchemaType() []string { // TODO: return actual types when anyOf is supported - return []string{} + return nil } // OpenAPISchemaFormat is used by the kube-openapi generator when constructing diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD index 1dbe1d792cc..3304465ac14 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD @@ -13,7 +13,6 @@ go_library( "customresource_discovery.go", "customresource_discovery_controller.go", "customresource_handler.go", - "helpers.go", ], importmap = "k8s.io/kubernetes/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver", importpath = "k8s.io/apiextensions-apiserver/pkg/apiserver", diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go index 09dc617ea14..291dbd74e4c 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go @@ -198,11 +198,11 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget) crdHandler, ) - s.GenericAPIServer.AddPostStartHook("start-apiextensions-informers", func(context genericapiserver.PostStartHookContext) error { + s.GenericAPIServer.AddPostStartHookOrDie("start-apiextensions-informers", func(context genericapiserver.PostStartHookContext) error { s.Informers.Start(context.StopCh) return nil }) - s.GenericAPIServer.AddPostStartHook("start-apiextensions-controllers", func(context genericapiserver.PostStartHookContext) error { + s.GenericAPIServer.AddPostStartHookOrDie("start-apiextensions-controllers", func(context genericapiserver.PostStartHookContext) error { go crdController.Run(context.StopCh) go namingController.Run(context.StopCh) go establishingController.Run(context.StopCh) diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go index 3b13e8357db..86203b2ba04 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go @@ -136,7 +136,7 @@ func (c *DiscoveryController) sync(version schema.GroupVersion) error { Categories: crd.Status.AcceptedNames.Categories, }) - subresources, err := getSubresourcesForVersion(crd, version.Version) + subresources, err := apiextensions.GetSubresourcesForVersion(crd, version.Version) if err != nil { return err } diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go index b26859e03e6..c5c9a73228c 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go @@ -239,7 +239,7 @@ func (r *crdHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { } var handler http.HandlerFunc - subresources, err := getSubresourcesForVersion(crd, requestInfo.APIVersion) + subresources, err := apiextensions.GetSubresourcesForVersion(crd, requestInfo.APIVersion) if err != nil { utilruntime.HandleError(err) http.Error(w, "the server could not properly serve the CR subresources", http.StatusInternalServerError) @@ -424,8 +424,6 @@ func (r *crdHandler) GetCustomResourceListerCollectionDeleter(crd *apiextensions return info.storages[info.storageVersion].CustomResource, nil } -var swaggerMetadataDescriptions = metav1.ObjectMeta{}.SwaggerDoc() - func (r *crdHandler) getOrCreateServingInfoFor(crd *apiextensions.CustomResourceDefinition) (*crdInfo, error) { storageMap := r.customStorage.Load().(crdStorageMap) if ret, ok := storageMap[crd.UID]; ok { @@ -471,7 +469,7 @@ func (r *crdHandler) getOrCreateServingInfoFor(crd *apiextensions.CustomResource typer := newUnstructuredObjectTyper(parameterScheme) creator := unstructuredCreator{} - validationSchema, err := getSchemaForVersion(crd, v.Name) + validationSchema, err := apiextensions.GetSchemaForVersion(crd, v.Name) if err != nil { utilruntime.HandleError(err) return nil, fmt.Errorf("the server could not properly serve the CR schema") @@ -483,7 +481,7 @@ func (r *crdHandler) getOrCreateServingInfoFor(crd *apiextensions.CustomResource var statusSpec *apiextensions.CustomResourceSubresourceStatus var statusValidator *validate.SchemaValidator - subresources, err := getSubresourcesForVersion(crd, v.Name) + subresources, err := apiextensions.GetSubresourcesForVersion(crd, v.Name) if err != nil { utilruntime.HandleError(err) return nil, fmt.Errorf("the server could not properly serve the CR subresources") @@ -507,7 +505,7 @@ func (r *crdHandler) getOrCreateServingInfoFor(crd *apiextensions.CustomResource scaleSpec = subresources.Scale } - columns, err := getColumnsForVersion(crd, v.Name) + columns, err := apiextensions.GetColumnsForVersion(crd, v.Name) if err != nil { utilruntime.HandleError(err) return nil, fmt.Errorf("the server could not properly serve the CR columns") diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/helpers.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/helpers.go deleted file mode 100644 index ae77bfcd5a8..00000000000 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/helpers.go +++ /dev/null @@ -1,117 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package apiserver - -import ( - "fmt" - - "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions" -) - -// getSchemaForVersion returns the validation schema for given version in given CRD. -func getSchemaForVersion(crd *apiextensions.CustomResourceDefinition, version string) (*apiextensions.CustomResourceValidation, error) { - if !hasPerVersionSchema(crd.Spec.Versions) { - return crd.Spec.Validation, nil - } - if crd.Spec.Validation != nil { - return nil, fmt.Errorf("malformed CustomResourceDefinition %s version %s: top-level and per-version schemas must be mutual exclusive", crd.Name, version) - } - for _, v := range crd.Spec.Versions { - if version == v.Name { - return v.Schema, nil - } - } - return nil, fmt.Errorf("version %s not found in CustomResourceDefinition: %v", version, crd.Name) -} - -// getSubresourcesForVersion returns the subresources for given version in given CRD. -func getSubresourcesForVersion(crd *apiextensions.CustomResourceDefinition, version string) (*apiextensions.CustomResourceSubresources, error) { - if !hasPerVersionSubresources(crd.Spec.Versions) { - return crd.Spec.Subresources, nil - } - if crd.Spec.Subresources != nil { - return nil, fmt.Errorf("malformed CustomResourceDefinition %s version %s: top-level and per-version subresources must be mutual exclusive", crd.Name, version) - } - for _, v := range crd.Spec.Versions { - if version == v.Name { - return v.Subresources, nil - } - } - return nil, fmt.Errorf("version %s not found in CustomResourceDefinition: %v", version, crd.Name) -} - -// getColumnsForVersion returns the columns for given version in given CRD. -// NOTE: the newly logically-defaulted columns is not pointing to the original CRD object. -// One cannot mutate the original CRD columns using the logically-defaulted columns. Please iterate through -// the original CRD object instead. -func getColumnsForVersion(crd *apiextensions.CustomResourceDefinition, version string) ([]apiextensions.CustomResourceColumnDefinition, error) { - if !hasPerVersionColumns(crd.Spec.Versions) { - return serveDefaultColumnsIfEmpty(crd.Spec.AdditionalPrinterColumns), nil - } - if len(crd.Spec.AdditionalPrinterColumns) > 0 { - return nil, fmt.Errorf("malformed CustomResourceDefinition %s version %s: top-level and per-version additionalPrinterColumns must be mutual exclusive", crd.Name, version) - } - for _, v := range crd.Spec.Versions { - if version == v.Name { - return serveDefaultColumnsIfEmpty(v.AdditionalPrinterColumns), nil - } - } - return nil, fmt.Errorf("version %s not found in CustomResourceDefinition: %v", version, crd.Name) -} - -// serveDefaultColumnsIfEmpty applies logically defaulting to columns, if the input columns is empty. -// NOTE: in this way, the newly logically-defaulted columns is not pointing to the original CRD object. -// One cannot mutate the original CRD columns using the logically-defaulted columns. Please iterate through -// the original CRD object instead. -func serveDefaultColumnsIfEmpty(columns []apiextensions.CustomResourceColumnDefinition) []apiextensions.CustomResourceColumnDefinition { - if len(columns) > 0 { - return columns - } - return []apiextensions.CustomResourceColumnDefinition{ - {Name: "Age", Type: "date", Description: swaggerMetadataDescriptions["creationTimestamp"], JSONPath: ".metadata.creationTimestamp"}, - } -} - -// hasPerVersionSchema returns true if a CRD uses per-version schema. -func hasPerVersionSchema(versions []apiextensions.CustomResourceDefinitionVersion) bool { - for _, v := range versions { - if v.Schema != nil { - return true - } - } - return false -} - -// hasPerVersionSubresources returns true if a CRD uses per-version subresources. -func hasPerVersionSubresources(versions []apiextensions.CustomResourceDefinitionVersion) bool { - for _, v := range versions { - if v.Subresources != nil { - return true - } - } - return false -} - -// hasPerVersionColumns returns true if a CRD uses per-version columns. -func hasPerVersionColumns(versions []apiextensions.CustomResourceDefinitionVersion) bool { - for _, v := range versions { - if len(v.AdditionalPrinterColumns) > 0 { - return true - } - } - return false -} diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/options/options.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/options/options.go index c787aa6419f..8803bb3997d 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/options/options.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/options/options.go @@ -91,7 +91,7 @@ func (o CustomResourceDefinitionsServerOptions) Config() (*apiserver.Config, err } serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) - if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil { + if err := o.RecommendedOptions.ApplyTo(serverConfig); err != nil { return nil, err } if err := o.APIEnablement.ApplyTo(&serverConfig.Config, apiserver.DefaultAPIResourceConfigSource(), apiserver.Scheme); err != nil { diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/features/OWNERS b/staging/src/k8s.io/apiextensions-apiserver/pkg/features/OWNERS index fe7b0144e0c..05b08249aed 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/features/OWNERS +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/features/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - feature-approvers diff --git a/staging/src/k8s.io/apimachinery/CONTRIBUTING.md b/staging/src/k8s.io/apimachinery/CONTRIBUTING.md index 6a50b56240f..3f9aa19f41e 100644 --- a/staging/src/k8s.io/apimachinery/CONTRIBUTING.md +++ b/staging/src/k8s.io/apimachinery/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/apimachinery](https://git.k8s.io/kubernetes/staging/src/k8s.io/apimachinery) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/apimachinery/Godeps/Godeps.json b/staging/src/k8s.io/apimachinery/Godeps/Godeps.json index 11556f9de26..a7a06ed9506 100644 --- a/staging/src/k8s.io/apimachinery/Godeps/Godeps.json +++ b/staging/src/k8s.io/apimachinery/Godeps/Godeps.json @@ -24,7 +24,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -76,11 +76,11 @@ }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/json-iterator/go", @@ -104,7 +104,7 @@ }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/spf13/pflag", @@ -176,27 +176,7 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "sigs.k8s.io/yaml", diff --git a/staging/src/k8s.io/apimachinery/Godeps/OWNERS b/staging/src/k8s.io/apimachinery/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/apimachinery/Godeps/OWNERS +++ b/staging/src/k8s.io/apimachinery/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/apimachinery/OWNERS b/staging/src/k8s.io/apimachinery/OWNERS index 028d1e50016..fb7b41c27b3 100644 --- a/staging/src/k8s.io/apimachinery/OWNERS +++ b/staging/src/k8s.io/apimachinery/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - lavalamp - smarterclayton diff --git a/staging/src/k8s.io/apimachinery/pkg/OWNERS b/staging/src/k8s.io/apimachinery/pkg/OWNERS index 63bb7814fc2..d6daa1280f2 100644 --- a/staging/src/k8s.io/apimachinery/pkg/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - caesarxuchao - deads2k diff --git a/staging/src/k8s.io/apimachinery/pkg/api/errors/BUILD b/staging/src/k8s.io/apimachinery/pkg/api/errors/BUILD index 027c99dd727..865a64fc583 100644 --- a/staging/src/k8s.io/apimachinery/pkg/api/errors/BUILD +++ b/staging/src/k8s.io/apimachinery/pkg/api/errors/BUILD @@ -31,7 +31,6 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", - "//vendor/sigs.k8s.io/structured-merge-diff/merge:go_default_library", ], ) diff --git a/staging/src/k8s.io/apimachinery/pkg/api/errors/OWNERS b/staging/src/k8s.io/apimachinery/pkg/api/errors/OWNERS old mode 100755 new mode 100644 index dc6a4c72425..63434030ca1 --- a/staging/src/k8s.io/apimachinery/pkg/api/errors/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/api/errors/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/apimachinery/pkg/api/errors/errors.go b/staging/src/k8s.io/apimachinery/pkg/api/errors/errors.go index 81e5d48bf70..afd97f7adcb 100644 --- a/staging/src/k8s.io/apimachinery/pkg/api/errors/errors.go +++ b/staging/src/k8s.io/apimachinery/pkg/api/errors/errors.go @@ -27,7 +27,6 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/validation/field" - "sigs.k8s.io/structured-merge-diff/merge" ) const ( @@ -186,16 +185,7 @@ func NewConflict(qualifiedResource schema.GroupResource, name string, err error) } // NewApplyConflict returns an error including details on the requests apply conflicts -func NewApplyConflict(conflicts merge.Conflicts) *StatusError { - causes := make([]metav1.StatusCause, 0, len(conflicts)) - for _, conflict := range conflicts { - causes = append(causes, metav1.StatusCause{ - Type: metav1.CauseType("conflict"), - Message: conflict.Error(), - Field: conflict.Path.String(), - }) - } - +func NewApplyConflict(causes []metav1.StatusCause, message string) *StatusError { return &StatusError{ErrStatus: metav1.Status{ Status: metav1.StatusFailure, Code: http.StatusConflict, @@ -204,7 +194,7 @@ func NewApplyConflict(conflicts merge.Conflicts) *StatusError { // TODO: Get obj details here? Causes: causes, }, - Message: fmt.Sprintf("Apply failed with %d conflicts: %s", len(conflicts), conflicts.Error()), + Message: message, }} } @@ -365,6 +355,17 @@ func NewTooManyRequestsError(message string) *StatusError { }} } +// NewRequestEntityTooLargeError returns an error indicating that the request +// entity was too large. +func NewRequestEntityTooLargeError(message string) *StatusError { + return &StatusError{metav1.Status{ + Status: metav1.StatusFailure, + Code: http.StatusRequestEntityTooLarge, + Reason: metav1.StatusReasonRequestEntityTooLarge, + Message: fmt.Sprintf("Request entity too large: %s", message), + }} +} + // NewGenericServerResponse returns a new error for server responses that are not in a recognizable form. func NewGenericServerResponse(code int, verb string, qualifiedResource schema.GroupResource, name, serverMessage string, retryAfterSeconds int, isUnexpectedResponse bool) *StatusError { reason := metav1.StatusReasonUnknown @@ -551,6 +552,19 @@ func IsTooManyRequests(err error) bool { return false } +// IsRequestEntityTooLargeError determines if err is an error which indicates +// the request entity is too large. +func IsRequestEntityTooLargeError(err error) bool { + if ReasonForError(err) == metav1.StatusReasonRequestEntityTooLarge { + return true + } + switch t := err.(type) { + case APIStatus: + return t.Status().Code == http.StatusRequestEntityTooLarge + } + return false +} + // IsUnexpectedServerError returns true if the server response was not in the expected API format, // and may be the result of another HTTP actor. func IsUnexpectedServerError(err error) bool { diff --git a/staging/src/k8s.io/apimachinery/pkg/api/meta/OWNERS b/staging/src/k8s.io/apimachinery/pkg/api/meta/OWNERS old mode 100755 new mode 100644 index 5f729ffe63c..dd2c0cb6142 --- a/staging/src/k8s.io/apimachinery/pkg/api/meta/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/api/meta/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - smarterclayton diff --git a/staging/src/k8s.io/apimachinery/pkg/api/meta/table/table.go b/staging/src/k8s.io/apimachinery/pkg/api/meta/table/table.go index 2144a77cb19..798cc41bdd8 100644 --- a/staging/src/k8s.io/apimachinery/pkg/api/meta/table/table.go +++ b/staging/src/k8s.io/apimachinery/pkg/api/meta/table/table.go @@ -67,5 +67,5 @@ func ConvertToHumanReadableDateType(timestamp metav1.Time) string { if timestamp.IsZero() { return "" } - return duration.ShortHumanDuration(time.Now().Sub(timestamp.Time)) + return duration.HumanDuration(time.Now().Sub(timestamp.Time)) } diff --git a/staging/src/k8s.io/apimachinery/pkg/api/resource/OWNERS b/staging/src/k8s.io/apimachinery/pkg/api/resource/OWNERS old mode 100755 new mode 100644 index c430067f357..8454be55ed0 --- a/staging/src/k8s.io/apimachinery/pkg/api/resource/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/api/resource/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/OWNERS b/staging/src/k8s.io/apimachinery/pkg/apis/OWNERS index bae178f8175..38336c177f9 100644 --- a/staging/src/k8s.io/apimachinery/pkg/apis/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/apis/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go b/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go index 1e85c5c43da..2741ee2c805 100644 --- a/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go +++ b/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go @@ -17,4 +17,4 @@ limitations under the License. // +k8s:deepcopy-gen=package // +k8s:conversion-gen=k8s.io/apimachinery/pkg/apis/meta/v1 -package internalversion +package internalversion // import "k8s.io/apimachinery/pkg/apis/meta/internalversion" diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS old mode 100755 new mode 100644 index cdb125a0dd4..44929b1c002 --- a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - smarterclayton diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto index 70fbe897917..9e564f302af 100644 --- a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto +++ b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto @@ -194,11 +194,14 @@ message Duration { } // ExportOptions is the query options to the standard REST get call. +// Deprecated. Planned for removal in 1.18. message ExportOptions { // Should this value be exported. Export strips fields that a user can not specify. + // Deprecated. Planned for removal in 1.18. optional bool export = 1; // Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. + // Deprecated. Planned for removal in 1.18. optional bool exact = 2; } diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go index a85355a8333..e957849ba51 100644 --- a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go +++ b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go @@ -399,11 +399,14 @@ type ListOptions struct { // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // ExportOptions is the query options to the standard REST get call. +// Deprecated. Planned for removal in 1.18. type ExportOptions struct { TypeMeta `json:",inline"` // Should this value be exported. Export strips fields that a user can not specify. + // Deprecated. Planned for removal in 1.18. Export bool `json:"export" protobuf:"varint,1,opt,name=export"` // Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. + // Deprecated. Planned for removal in 1.18. Exact bool `json:"exact" protobuf:"varint,2,opt,name=exact"` } @@ -746,6 +749,10 @@ const ( // Status code 406 StatusReasonNotAcceptable StatusReason = "NotAcceptable" + // StatusReasonRequestEntityTooLarge means that the request entity is too large. + // Status code 413 + StatusReasonRequestEntityTooLarge StatusReason = "RequestEntityTooLarge" + // StatusReasonUnsupportedMediaType means that the content type sent by the client is not acceptable // to the server - for instance, attempting to send protobuf for a resource that supports only json and yaml. // API calls that return UnsupportedMediaType can never succeed. @@ -821,6 +828,9 @@ const ( // without the expected return type. The presence of this cause indicates the error may be // due to an intervening proxy or the server software malfunctioning. CauseTypeUnexpectedServerResponse CauseType = "UnexpectedServerResponse" + // FieldManagerConflict is used to report when another client claims to manage this field, + // It should only be returned for a request using server-side apply. + CauseTypeFieldManagerConflict CauseType = "FieldManagerConflict" ) // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go index df26788c422..71b29698eab 100644 --- a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go @@ -109,9 +109,9 @@ func (DeleteOptions) SwaggerDoc() map[string]string { } var map_ExportOptions = map[string]string{ - "": "ExportOptions is the query options to the standard REST get call.", - "export": "Should this value be exported. Export strips fields that a user can not specify.", - "exact": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.", + "": "ExportOptions is the query options to the standard REST get call. Deprecated. Planned for removal in 1.18.", + "export": "Should this value be exported. Export strips fields that a user can not specify. Deprecated. Planned for removal in 1.18.", + "exact": "Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'. Deprecated. Planned for removal in 1.18.", } func (ExportOptions) SwaggerDoc() map[string]string { diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go index 46b0e133c37..20c9d2ec737 100644 --- a/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go +++ b/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go @@ -20,4 +20,4 @@ limitations under the License. // +groupName=meta.k8s.io -package v1beta1 +package v1beta1 // import "k8s.io/apimachinery/pkg/apis/meta/v1beta1" diff --git a/staging/src/k8s.io/apimachinery/pkg/runtime/converter.go b/staging/src/k8s.io/apimachinery/pkg/runtime/converter.go index dff56e03401..80343081f52 100644 --- a/staging/src/k8s.io/apimachinery/pkg/runtime/converter.go +++ b/staging/src/k8s.io/apimachinery/pkg/runtime/converter.go @@ -746,7 +746,7 @@ func isZero(v reflect.Value) bool { func structToUnstructured(sv, dv reflect.Value) error { st, dt := sv.Type(), dv.Type() if dt.Kind() == reflect.Interface && dv.NumMethod() == 0 { - dv.Set(reflect.MakeMap(mapStringInterfaceType)) + dv.Set(reflect.MakeMapWithSize(mapStringInterfaceType, st.NumField())) dv = dv.Elem() dt = dv.Type() } diff --git a/staging/src/k8s.io/apimachinery/pkg/util/mergepatch/OWNERS b/staging/src/k8s.io/apimachinery/pkg/util/mergepatch/OWNERS index 8e8d9fce8ef..3f72c69ba39 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/mergepatch/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/util/mergepatch/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pwittrock reviewers: diff --git a/staging/src/k8s.io/apimachinery/pkg/util/sets/BUILD b/staging/src/k8s.io/apimachinery/pkg/util/sets/BUILD index 76ef7263806..50a46453c82 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/sets/BUILD +++ b/staging/src/k8s.io/apimachinery/pkg/util/sets/BUILD @@ -1,6 +1,6 @@ package(default_visibility = ["//visibility:public"]) -load("@io_kubernetes_build//defs:go.bzl", "go_genrule") +load("@io_k8s_repo_infra//defs:go.bzl", "go_genrule") load( "@io_bazel_rules_go//go:def.bzl", "go_library", diff --git a/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/OWNERS b/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/OWNERS index dbbe0de4ca3..cfee199fa08 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/OWNERS +++ b/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pwittrock - mengqiy diff --git a/staging/src/k8s.io/apimachinery/third_party/forked/golang/json/OWNERS b/staging/src/k8s.io/apimachinery/third_party/forked/golang/json/OWNERS index 8e8d9fce8ef..3f72c69ba39 100644 --- a/staging/src/k8s.io/apimachinery/third_party/forked/golang/json/OWNERS +++ b/staging/src/k8s.io/apimachinery/third_party/forked/golang/json/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - pwittrock reviewers: diff --git a/staging/src/k8s.io/apiserver/CONTRIBUTING.md b/staging/src/k8s.io/apiserver/CONTRIBUTING.md index 94a28899367..511739f5992 100644 --- a/staging/src/k8s.io/apiserver/CONTRIBUTING.md +++ b/staging/src/k8s.io/apiserver/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/apiserver](https://git.k8s.io/kubernetes/staging/src/k8s.io/apiserver) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiserver/Godeps/Godeps.json index 56d6073bea3..6e8a713c4ad 100644 --- a/staging/src/k8s.io/apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiserver/Godeps/Godeps.json @@ -372,7 +372,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/ghodss/yaml", @@ -466,14 +466,6 @@ "ImportPath": "github.com/gorilla/websocket", "Rev": "4201258b820c74ac8e6922fc9e6b52f71fe46f8d" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/grpc-ecosystem/go-grpc-middleware", "Rev": "498ae206fc3cfe81cd82e48c1d4354026fa5f9ec" @@ -496,11 +488,11 @@ }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/imdario/mergo", @@ -546,13 +538,9 @@ "ImportPath": "github.com/pborman/uuid", "Rev": "ca53cad383cad2479bbba7f7a1a05797ec1386e4" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/pquerna/cachecontrol", @@ -1030,6 +1018,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1410,6 +1402,10 @@ "ImportPath": "k8s.io/client-go/informers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/policy", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1654,6 +1650,14 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1/fake", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1806,6 +1810,10 @@ "ImportPath": "k8s.io/client-go/listers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1944,31 +1952,31 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/builder", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/common", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/handler", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/schemaconv", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto/testing", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/client-go/discovery", @@ -2054,6 +2062,10 @@ "ImportPath": "k8s.io/client-go/util/flowcontrol", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/component-base/cli/flag", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/component-base/logs", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" diff --git a/staging/src/k8s.io/apiserver/Godeps/OWNERS b/staging/src/k8s.io/apiserver/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/apiserver/Godeps/OWNERS +++ b/staging/src/k8s.io/apiserver/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/apiserver/OWNERS b/staging/src/k8s.io/apiserver/OWNERS index 9617c277817..6f69285eab4 100644 --- a/staging/src/k8s.io/apiserver/OWNERS +++ b/staging/src/k8s.io/apiserver/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - lavalamp - smarterclayton @@ -17,6 +19,8 @@ reviewers: - enj - hzxuzhonghu - CaoShuFeng +- jennybuckley +- apelisse labels: - sig/api-machinery - area/apiserver diff --git a/staging/src/k8s.io/apiserver/pkg/admission/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/BUILD index 658d1d3ff30..6a37d463e39 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/admission/BUILD @@ -42,6 +42,7 @@ go_library( "handler.go", "interfaces.go", "plugins.go", + "util.go", ], importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/admission", importpath = "k8s.io/apiserver/pkg/admission", diff --git a/staging/src/k8s.io/apiserver/pkg/admission/audit.go b/staging/src/k8s.io/apiserver/pkg/admission/audit.go index 13d86b33b96..d81622b9217 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/audit.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/audit.go @@ -44,7 +44,7 @@ func WithAudit(i Interface, ae *auditinternal.Event) Interface { return &auditHandler{i, ae} } -func (handler auditHandler) Admit(a Attributes) error { +func (handler auditHandler) Admit(a Attributes, o ObjectInterfaces) error { if !handler.Interface.Handles(a.GetOperation()) { return nil } @@ -53,13 +53,13 @@ func (handler auditHandler) Admit(a Attributes) error { } var err error if mutator, ok := handler.Interface.(MutationInterface); ok { - err = mutator.Admit(a) + err = mutator.Admit(a, o) handler.logAnnotations(a) } return err } -func (handler auditHandler) Validate(a Attributes) error { +func (handler auditHandler) Validate(a Attributes, o ObjectInterfaces) error { if !handler.Interface.Handles(a.GetOperation()) { return nil } @@ -68,7 +68,7 @@ func (handler auditHandler) Validate(a Attributes) error { } var err error if validator, ok := handler.Interface.(ValidationInterface); ok { - err = validator.Validate(a) + err = validator.Validate(a, o) handler.logAnnotations(a) } return err diff --git a/staging/src/k8s.io/apiserver/pkg/admission/audit_test.go b/staging/src/k8s.io/apiserver/pkg/admission/audit_test.go index 2dd88e9c9f4..0b04cf2646a 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/audit_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/audit_test.go @@ -45,14 +45,14 @@ var _ Interface = &fakeHandler{} var _ MutationInterface = &fakeHandler{} var _ ValidationInterface = &fakeHandler{} -func (h fakeHandler) Admit(a Attributes) error { +func (h fakeHandler) Admit(a Attributes, o ObjectInterfaces) error { for k, v := range h.admitAnnotations { a.AddAnnotation(k, v) } return h.admit } -func (h fakeHandler) Validate(a Attributes) error { +func (h fakeHandler) Validate(a Attributes, o ObjectInterfaces) error { for k, v := range h.validateAnnotations { a.AddAnnotation(k, v) } @@ -149,13 +149,13 @@ func TestWithAudit(t *testing.T) { require.True(t, ok) auditMutator, ok := auditHandler.(MutationInterface) require.True(t, ok) - assert.Equal(t, mutator.Admit(a), auditMutator.Admit(a), tcName+": WithAudit decorator should not effect the return value") + assert.Equal(t, mutator.Admit(a, nil), auditMutator.Admit(a, nil), tcName+": WithAudit decorator should not effect the return value") validator, ok := handler.(ValidationInterface) require.True(t, ok) auditValidator, ok := auditHandler.(ValidationInterface) require.True(t, ok) - assert.Equal(t, validator.Validate(a), auditValidator.Validate(a), tcName+": WithAudit decorator should not effect the return value") + assert.Equal(t, validator.Validate(a, nil), auditValidator.Validate(a, nil), tcName+": WithAudit decorator should not effect the return value") annotations := make(map[string]string, len(tc.admitAnnotations)+len(tc.validateAnnotations)) for k, v := range tc.admitAnnotations { diff --git a/staging/src/k8s.io/apiserver/pkg/admission/chain.go b/staging/src/k8s.io/apiserver/pkg/admission/chain.go index 011641ff065..37405aeaf04 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/chain.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/chain.go @@ -26,13 +26,13 @@ func NewChainHandler(handlers ...Interface) chainAdmissionHandler { } // Admit performs an admission control check using a chain of handlers, and returns immediately on first error -func (admissionHandler chainAdmissionHandler) Admit(a Attributes) error { +func (admissionHandler chainAdmissionHandler) Admit(a Attributes, o ObjectInterfaces) error { for _, handler := range admissionHandler { if !handler.Handles(a.GetOperation()) { continue } if mutator, ok := handler.(MutationInterface); ok { - err := mutator.Admit(a) + err := mutator.Admit(a, o) if err != nil { return err } @@ -42,13 +42,13 @@ func (admissionHandler chainAdmissionHandler) Admit(a Attributes) error { } // Validate performs an admission control check using a chain of handlers, and returns immediately on first error -func (admissionHandler chainAdmissionHandler) Validate(a Attributes) error { +func (admissionHandler chainAdmissionHandler) Validate(a Attributes, o ObjectInterfaces) error { for _, handler := range admissionHandler { if !handler.Handles(a.GetOperation()) { continue } if validator, ok := handler.(ValidationInterface); ok { - err := validator.Validate(a) + err := validator.Validate(a, o) if err != nil { return err } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/chain_test.go b/staging/src/k8s.io/apiserver/pkg/admission/chain_test.go index 7c3d940e1ed..20ab2faad2a 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/chain_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/chain_test.go @@ -31,7 +31,7 @@ type FakeHandler struct { validate, validateCalled bool } -func (h *FakeHandler) Admit(a Attributes) (err error) { +func (h *FakeHandler) Admit(a Attributes, o ObjectInterfaces) (err error) { h.admitCalled = true if h.admit { return nil @@ -39,7 +39,7 @@ func (h *FakeHandler) Admit(a Attributes) (err error) { return fmt.Errorf("Don't admit") } -func (h *FakeHandler) Validate(a Attributes) (err error) { +func (h *FakeHandler) Validate(a Attributes, o ObjectInterfaces) (err error) { h.validateCalled = true if h.validate { return nil @@ -119,7 +119,7 @@ func TestAdmitAndValidate(t *testing.T) { for _, test := range tests { t.Logf("testcase = %s", test.name) // call admit and check that validate was not called at all - err := test.chain.Admit(NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil)) + err := test.chain.Admit(NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil), nil) accepted := (err == nil) if accepted != test.accept { t.Errorf("unexpected result of admit call: %v", accepted) @@ -140,7 +140,7 @@ func TestAdmitAndValidate(t *testing.T) { } // call validate and check that admit was not called at all - err = test.chain.Validate(NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil)) + err = test.chain.Validate(NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil), nil) accepted = (err == nil) if accepted != test.accept { t.Errorf("unexpected result of validate call: %v\n", accepted) diff --git a/staging/src/k8s.io/apiserver/pkg/admission/config.go b/staging/src/k8s.io/apiserver/pkg/admission/config.go index ffda2f3262c..b05f40f07d8 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/config.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/config.go @@ -87,7 +87,6 @@ func ReadAdmissionConfiguration(pluginNames []string, configFilePath string, con } return configProvider{ config: decodedConfig, - scheme: configScheme, }, nil } // we got an error where the decode wasn't related to a missing type @@ -127,13 +126,11 @@ func ReadAdmissionConfiguration(pluginNames []string, configFilePath string, con } return configProvider{ config: internalConfig, - scheme: configScheme, }, nil } type configProvider struct { config *apiserver.AdmissionConfiguration - scheme *runtime.Scheme } // GetAdmissionPluginConfigurationFor returns a reader that holds the admission plugin configuration. diff --git a/staging/src/k8s.io/apiserver/pkg/admission/initializer/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/initializer/BUILD index a5de9eee25c..130de6417b8 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/initializer/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/admission/initializer/BUILD @@ -15,7 +15,6 @@ go_library( importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/admission/initializer", importpath = "k8s.io/apiserver/pkg/admission/initializer", deps = [ - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", "//staging/src/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", @@ -28,7 +27,6 @@ go_test( srcs = ["initializer_test.go"], embed = [":go_default_library"], deps = [ - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", "//staging/src/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", diff --git a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go index abe764bb94d..822885a5e87 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go @@ -17,7 +17,6 @@ limitations under the License. package initializer import ( - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/authorization/authorizer" "k8s.io/client-go/informers" @@ -28,7 +27,6 @@ type pluginInitializer struct { externalClient kubernetes.Interface externalInformers informers.SharedInformerFactory authorizer authorizer.Authorizer - scheme *runtime.Scheme } // New creates an instance of admission plugins initializer. @@ -37,13 +35,11 @@ func New( extClientset kubernetes.Interface, extInformers informers.SharedInformerFactory, authz authorizer.Authorizer, - scheme *runtime.Scheme, ) pluginInitializer { return pluginInitializer{ externalClient: extClientset, externalInformers: extInformers, authorizer: authz, - scheme: scheme, } } @@ -61,10 +57,6 @@ func (i pluginInitializer) Initialize(plugin admission.Interface) { if wants, ok := plugin.(WantsAuthorizer); ok { wants.SetAuthorizer(i.authorizer) } - - if wants, ok := plugin.(WantsScheme); ok { - wants.SetScheme(i.scheme) - } } var _ admission.PluginInitializer = pluginInitializer{} diff --git a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go index 6a72d909059..fd2d500619f 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go @@ -20,7 +20,6 @@ import ( "testing" "time" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/admission/initializer" "k8s.io/apiserver/pkg/authorization/authorizer" @@ -29,22 +28,10 @@ import ( "k8s.io/client-go/kubernetes/fake" ) -// TestWantsScheme ensures that the scheme is injected when -// the WantsScheme interface is implemented by a plugin. -func TestWantsScheme(t *testing.T) { - scheme := runtime.NewScheme() - target := initializer.New(nil, nil, nil, scheme) - wantSchemeAdmission := &WantSchemeAdmission{} - target.Initialize(wantSchemeAdmission) - if wantSchemeAdmission.scheme != scheme { - t.Errorf("expected scheme to be initialized") - } -} - // TestWantsAuthorizer ensures that the authorizer is injected // when the WantsAuthorizer interface is implemented by a plugin. func TestWantsAuthorizer(t *testing.T) { - target := initializer.New(nil, nil, &TestAuthorizer{}, nil) + target := initializer.New(nil, nil, &TestAuthorizer{}) wantAuthorizerAdmission := &WantAuthorizerAdmission{} target.Initialize(wantAuthorizerAdmission) if wantAuthorizerAdmission.auth == nil { @@ -56,7 +43,7 @@ func TestWantsAuthorizer(t *testing.T) { // when the WantsExternalKubeClientSet interface is implemented by a plugin. func TestWantsExternalKubeClientSet(t *testing.T) { cs := &fake.Clientset{} - target := initializer.New(cs, nil, &TestAuthorizer{}, nil) + target := initializer.New(cs, nil, &TestAuthorizer{}) wantExternalKubeClientSet := &WantExternalKubeClientSet{} target.Initialize(wantExternalKubeClientSet) if wantExternalKubeClientSet.cs != cs { @@ -69,7 +56,7 @@ func TestWantsExternalKubeClientSet(t *testing.T) { func TestWantsExternalKubeInformerFactory(t *testing.T) { cs := &fake.Clientset{} sf := informers.NewSharedInformerFactory(cs, time.Duration(1)*time.Second) - target := initializer.New(cs, sf, &TestAuthorizer{}, nil) + target := initializer.New(cs, sf, &TestAuthorizer{}) wantExternalKubeInformerFactory := &WantExternalKubeInformerFactory{} target.Initialize(wantExternalKubeInformerFactory) if wantExternalKubeInformerFactory.sf != sf { @@ -85,7 +72,9 @@ type WantExternalKubeInformerFactory struct { func (self *WantExternalKubeInformerFactory) SetExternalKubeInformerFactory(sf informers.SharedInformerFactory) { self.sf = sf } -func (self *WantExternalKubeInformerFactory) Admit(a admission.Attributes) error { return nil } +func (self *WantExternalKubeInformerFactory) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { + return nil +} func (self *WantExternalKubeInformerFactory) Handles(o admission.Operation) bool { return false } func (self *WantExternalKubeInformerFactory) ValidateInitialization() error { return nil } @@ -98,9 +87,11 @@ type WantExternalKubeClientSet struct { } func (self *WantExternalKubeClientSet) SetExternalKubeClientSet(cs kubernetes.Interface) { self.cs = cs } -func (self *WantExternalKubeClientSet) Admit(a admission.Attributes) error { return nil } -func (self *WantExternalKubeClientSet) Handles(o admission.Operation) bool { return false } -func (self *WantExternalKubeClientSet) ValidateInitialization() error { return nil } +func (self *WantExternalKubeClientSet) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { + return nil +} +func (self *WantExternalKubeClientSet) Handles(o admission.Operation) bool { return false } +func (self *WantExternalKubeClientSet) ValidateInitialization() error { return nil } var _ admission.Interface = &WantExternalKubeClientSet{} var _ initializer.WantsExternalKubeClientSet = &WantExternalKubeClientSet{} @@ -111,9 +102,11 @@ type WantAuthorizerAdmission struct { } func (self *WantAuthorizerAdmission) SetAuthorizer(a authorizer.Authorizer) { self.auth = a } -func (self *WantAuthorizerAdmission) Admit(a admission.Attributes) error { return nil } -func (self *WantAuthorizerAdmission) Handles(o admission.Operation) bool { return false } -func (self *WantAuthorizerAdmission) ValidateInitialization() error { return nil } +func (self *WantAuthorizerAdmission) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { + return nil +} +func (self *WantAuthorizerAdmission) Handles(o admission.Operation) bool { return false } +func (self *WantAuthorizerAdmission) ValidateInitialization() error { return nil } var _ admission.Interface = &WantAuthorizerAdmission{} var _ initializer.WantsAuthorizer = &WantAuthorizerAdmission{} @@ -130,20 +123,9 @@ type clientCertWanter struct { gotCert, gotKey []byte } -func (s *clientCertWanter) SetClientCert(cert, key []byte) { s.gotCert, s.gotKey = cert, key } -func (s *clientCertWanter) Admit(a admission.Attributes) error { return nil } +func (s *clientCertWanter) SetClientCert(cert, key []byte) { s.gotCert, s.gotKey = cert, key } +func (s *clientCertWanter) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { + return nil +} func (s *clientCertWanter) Handles(o admission.Operation) bool { return false } func (s *clientCertWanter) ValidateInitialization() error { return nil } - -// WantSchemeAdmission is a test stub that fulfills the WantsScheme interface. -type WantSchemeAdmission struct { - scheme *runtime.Scheme -} - -func (self *WantSchemeAdmission) SetScheme(s *runtime.Scheme) { self.scheme = s } -func (self *WantSchemeAdmission) Admit(a admission.Attributes) error { return nil } -func (self *WantSchemeAdmission) Handles(o admission.Operation) bool { return false } -func (self *WantSchemeAdmission) ValidateInitialization() error { return nil } - -var _ admission.Interface = &WantSchemeAdmission{} -var _ initializer.WantsScheme = &WantSchemeAdmission{} diff --git a/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go b/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go index 98a07585406..9bddb7155cd 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go @@ -17,7 +17,6 @@ limitations under the License. package initializer import ( - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/authorization/authorizer" "k8s.io/client-go/informers" @@ -41,9 +40,3 @@ type WantsAuthorizer interface { SetAuthorizer(authorizer.Authorizer) admission.InitializationValidator } - -// WantsScheme defines a function that accepts runtime.Scheme for admission plugins that need it. -type WantsScheme interface { - SetScheme(*runtime.Scheme) - admission.InitializationValidator -} diff --git a/staging/src/k8s.io/apiserver/pkg/admission/interfaces.go b/staging/src/k8s.io/apiserver/pkg/admission/interfaces.go index a17c28990ab..866777cc708 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/interfaces.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/interfaces.go @@ -62,6 +62,20 @@ type Attributes interface { AddAnnotation(key, value string) error } +// ObjectInterfaces is an interface used by AdmissionController to get object interfaces +// such as Converter or Defaulter. These interfaces are normally coming from Request Scope +// to handle special cases like CRDs. +type ObjectInterfaces interface { + // GetObjectCreater is the ObjectCreator appropriate for the requested object. + GetObjectCreater() runtime.ObjectCreater + // GetObjectTyper is the ObjectTyper appropriate for the requested object. + GetObjectTyper() runtime.ObjectTyper + // GetObjectDefaulter is the ObjectDefaulter appropriate for the requested object. + GetObjectDefaulter() runtime.ObjectDefaulter + // GetObjectConvertor is the ObjectConvertor appropriate for the requested object. + GetObjectConvertor() runtime.ObjectConvertor +} + // privateAnnotationsGetter is a private interface which allows users to get annotations from Attributes. type privateAnnotationsGetter interface { getAnnotations() map[string]string @@ -84,7 +98,7 @@ type MutationInterface interface { Interface // Admit makes an admission decision based on the request attributes - Admit(a Attributes) (err error) + Admit(a Attributes, o ObjectInterfaces) (err error) } // ValidationInterface is an abstract, pluggable interface for Admission Control decisions. @@ -92,7 +106,7 @@ type ValidationInterface interface { Interface // Validate makes an admission decision based on the request attributes. It is NOT allowed to mutate - Validate(a Attributes) (err error) + Validate(a Attributes, o ObjectInterfaces) (err error) } // Operation is the type of resource operation being checked for admission control diff --git a/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics.go b/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics.go index d5514ed86a4..e5f0a6e3ab9 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics.go @@ -75,27 +75,27 @@ type pluginHandlerWithMetrics struct { } // Admit performs a mutating admission control check and emit metrics. -func (p pluginHandlerWithMetrics) Admit(a admission.Attributes) error { +func (p pluginHandlerWithMetrics) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { mutatingHandler, ok := p.Interface.(admission.MutationInterface) if !ok { return nil } start := time.Now() - err := mutatingHandler.Admit(a) + err := mutatingHandler.Admit(a, o) p.observer(time.Since(start), err != nil, a, stepAdmit, p.extraLabels...) return err } // Validate performs a non-mutating admission control check and emits metrics. -func (p pluginHandlerWithMetrics) Validate(a admission.Attributes) error { +func (p pluginHandlerWithMetrics) Validate(a admission.Attributes, o admission.ObjectInterfaces) error { validatingHandler, ok := p.Interface.(admission.ValidationInterface) if !ok { return nil } start := time.Now() - err := validatingHandler.Validate(a) + err := validatingHandler.Validate(a, o) p.observer(time.Since(start), err != nil, a, stepValidate, p.extraLabels...) return err } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics_test.go b/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics_test.go index 92c8314da03..94527ef3c01 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/metrics/metrics_test.go @@ -34,8 +34,8 @@ var ( func TestObserveAdmissionStep(t *testing.T) { Metrics.reset() handler := WithStepMetrics(&mutatingAndValidatingFakeHandler{admission.NewHandler(admission.Create), true, true}) - handler.(admission.MutationInterface).Admit(attr) - handler.(admission.ValidationInterface).Validate(attr) + handler.(admission.MutationInterface).Admit(attr, nil) + handler.(admission.ValidationInterface).Validate(attr, nil) wantLabels := map[string]string{ "operation": string(admission.Create), "type": "admit", @@ -52,8 +52,8 @@ func TestObserveAdmissionStep(t *testing.T) { func TestObserveAdmissionController(t *testing.T) { Metrics.reset() handler := WithControllerMetrics(&mutatingAndValidatingFakeHandler{admission.NewHandler(admission.Create), true, true}, "a") - handler.(admission.MutationInterface).Admit(attr) - handler.(admission.ValidationInterface).Validate(attr) + handler.(admission.MutationInterface).Admit(attr, nil) + handler.(admission.ValidationInterface).Validate(attr, nil) wantLabels := map[string]string{ "name": "a", "operation": string(admission.Create), @@ -144,7 +144,7 @@ func TestWithMetrics(t *testing.T) { h := WithMetrics(test.handler, Metrics.ObserveAdmissionController, test.name) // test mutation - err := h.(admission.MutationInterface).Admit(admission.NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil)) + err := h.(admission.MutationInterface).Admit(admission.NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil), nil) if test.admit && err != nil { t.Errorf("expected admit to succeed, but failed: %v", err) continue @@ -169,7 +169,7 @@ func TestWithMetrics(t *testing.T) { } // test validation - err = h.(admission.ValidationInterface).Validate(admission.NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil)) + err = h.(admission.ValidationInterface).Validate(admission.NewAttributesRecord(nil, nil, schema.GroupVersionKind{}, test.ns, "", schema.GroupVersionResource{}, "", test.operation, false, nil), nil) if test.validate && err != nil { t.Errorf("expected admit to succeed, but failed: %v", err) continue @@ -196,14 +196,14 @@ type mutatingAndValidatingFakeHandler struct { validate bool } -func (h *mutatingAndValidatingFakeHandler) Admit(a admission.Attributes) (err error) { +func (h *mutatingAndValidatingFakeHandler) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if h.admit { return nil } return fmt.Errorf("don't admit") } -func (h *mutatingAndValidatingFakeHandler) Validate(a admission.Attributes) (err error) { +func (h *mutatingAndValidatingFakeHandler) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if h.validate { return nil } @@ -215,7 +215,7 @@ type validatingFakeHandler struct { validate bool } -func (h *validatingFakeHandler) Validate(a admission.Attributes) (err error) { +func (h *validatingFakeHandler) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if h.validate { return nil } @@ -227,7 +227,7 @@ type mutatingFakeHandler struct { admit bool } -func (h *mutatingFakeHandler) Admit(a admission.Attributes) (err error) { +func (h *mutatingFakeHandler) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { if h.admit { return nil } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go index d7bb0215b98..c6517bee31e 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go @@ -73,7 +73,7 @@ var _ = initializer.WantsExternalKubeInformerFactory(&Lifecycle{}) var _ = initializer.WantsExternalKubeClientSet(&Lifecycle{}) // Admit makes an admission decision based on the request attributes -func (l *Lifecycle) Admit(a admission.Attributes) error { +func (l *Lifecycle) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { // prevent deletion of immortal namespaces if a.GetOperation() == admission.Delete && a.GetKind().GroupKind() == v1.SchemeGroupVersion.WithKind("Namespace").GroupKind() && l.immortalNamespaces.Has(a.GetName()) { return errors.NewForbidden(a.GetResource().GroupResource(), a.GetName(), fmt.Errorf("this namespace may not be deleted")) diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go index 8a56cc3e86c..593c107dbf0 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go @@ -48,7 +48,7 @@ func newHandlerForTestWithClock(c clientset.Interface, cacheClock clock.Clock) ( if err != nil { return nil, f, err } - pluginInitializer := kubeadmission.New(c, f, nil, nil) + pluginInitializer := kubeadmission.New(c, f, nil) pluginInitializer.Initialize(handler) err = admission.ValidateInitialization(handler) return handler, f, err @@ -104,7 +104,7 @@ func TestAccessReviewCheckOnMissingNamespace(t *testing.T) { } informerFactory.Start(wait.NeverStop) - err = handler.Admit(admission.NewAttributesRecord(nil, nil, schema.GroupVersionKind{Group: "authorization.k8s.io", Version: "v1", Kind: "LocalSubjectAccesReview"}, namespace, "", schema.GroupVersionResource{Group: "authorization.k8s.io", Version: "v1", Resource: "localsubjectaccessreviews"}, "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(nil, nil, schema.GroupVersionKind{Group: "authorization.k8s.io", Version: "v1", Kind: "LocalSubjectAccesReview"}, namespace, "", schema.GroupVersionResource{Group: "authorization.k8s.io", Version: "v1", Resource: "localsubjectaccessreviews"}, "", admission.Create, false, nil), nil) if err != nil { t.Error(err) } @@ -124,7 +124,7 @@ func TestAdmissionNamespaceDoesNotExist(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { actions := "" for _, action := range mockClient.Actions() { @@ -134,19 +134,19 @@ func TestAdmissionNamespaceDoesNotExist(t *testing.T) { } // verify create operations in the namespace cause an error - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected error rejecting creates in a namespace when it is missing") } // verify update operations in the namespace cause an error - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Update, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Update, false, nil), nil) if err == nil { t.Errorf("Expected error rejecting updates in a namespace when it is missing") } // verify delete operations in the namespace can proceed - err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Delete, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Delete, false, nil), nil) if err != nil { t.Errorf("Unexpected error returned from admission handler: %v", err) } @@ -166,7 +166,7 @@ func TestAdmissionNamespaceActive(t *testing.T) { informerFactory.Start(wait.NeverStop) pod := newPod(namespace) - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("unexpected error returned from admission handler") } @@ -187,31 +187,31 @@ func TestAdmissionNamespaceTerminating(t *testing.T) { pod := newPod(namespace) // verify create operations in the namespace cause an error - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected error rejecting creates in a namespace when it is terminating") } // verify update operations in the namespace can proceed - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Update, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Update, false, nil), nil) if err != nil { t.Errorf("Unexpected error returned from admission handler: %v", err) } // verify delete operations in the namespace can proceed - err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Delete, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Delete, false, nil), nil) if err != nil { t.Errorf("Unexpected error returned from admission handler: %v", err) } // verify delete of namespace default can never proceed - err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Namespace").GroupKind().WithVersion("version"), "", metav1.NamespaceDefault, v1.Resource("namespaces").WithVersion("version"), "", admission.Delete, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Namespace").GroupKind().WithVersion("version"), "", metav1.NamespaceDefault, v1.Resource("namespaces").WithVersion("version"), "", admission.Delete, false, nil), nil) if err == nil { t.Errorf("Expected an error that this namespace can never be deleted") } // verify delete of namespace other than default can proceed - err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Namespace").GroupKind().WithVersion("version"), "", "other", v1.Resource("namespaces").WithVersion("version"), "", admission.Delete, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Namespace").GroupKind().WithVersion("version"), "", "other", v1.Resource("namespaces").WithVersion("version"), "", admission.Delete, false, nil), nil) if err != nil { t.Errorf("Did not expect an error %v", err) } @@ -238,7 +238,7 @@ func TestAdmissionNamespaceForceLiveLookup(t *testing.T) { pod := newPod(namespace) // verify create operations in the namespace is allowed - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err != nil { t.Errorf("Unexpected error rejecting creates in an active namespace") } @@ -248,7 +248,7 @@ func TestAdmissionNamespaceForceLiveLookup(t *testing.T) { getCalls = 0 // verify delete of namespace can proceed - err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Namespace").GroupKind().WithVersion("version"), namespace, namespace, v1.Resource("namespaces").WithVersion("version"), "", admission.Delete, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(nil, nil, v1.SchemeGroupVersion.WithKind("Namespace").GroupKind().WithVersion("version"), namespace, namespace, v1.Resource("namespaces").WithVersion("version"), "", admission.Delete, false, nil), nil) if err != nil { t.Errorf("Expected namespace deletion to be allowed") } @@ -261,7 +261,7 @@ func TestAdmissionNamespaceForceLiveLookup(t *testing.T) { phases[namespace] = v1.NamespaceTerminating // verify create operations in the namespace cause an error - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected error rejecting creates in a namespace right after deleting it") } @@ -274,7 +274,7 @@ func TestAdmissionNamespaceForceLiveLookup(t *testing.T) { fakeClock.Step(forceLiveLookupTTL) // verify create operations in the namespace cause an error - err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + err = handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if err == nil { t.Errorf("Expected error rejecting creates in a namespace right after deleting it") } @@ -287,7 +287,7 @@ func TestAdmissionNamespaceForceLiveLookup(t *testing.T) { fakeClock.Step(time.Millisecond) // verify create operations in the namespace don't force a live lookup after the timeout - handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil)) + handler.Admit(admission.NewAttributesRecord(&pod, nil, v1.SchemeGroupVersion.WithKind("Pod").GroupKind().WithVersion("version"), pod.Namespace, pod.Name, v1.Resource("pods").WithVersion("version"), "", admission.Create, false, nil), nil) if getCalls != 0 { t.Errorf("Expected no live lookup of the namespace at t=forceLiveLookupTTL+1ms, got %d", getCalls) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/BUILD index 75883f61354..b8f9bb55274 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/BUILD @@ -50,6 +50,7 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", "//staging/src/k8s.io/apiserver/pkg/apis/example:go_default_library", "//staging/src/k8s.io/apiserver/pkg/apis/example/v1:go_default_library", "//staging/src/k8s.io/apiserver/pkg/apis/example2/v1:go_default_library", diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion.go index a75c63fa9fe..f00e0bc0154 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion.go @@ -17,39 +17,25 @@ limitations under the License. package generic import ( - "fmt" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apiserver/pkg/admission" ) -// convertor converts objects to the desired version. -type convertor struct { - Scheme *runtime.Scheme -} - // ConvertToGVK converts object to the desired gvk. -func (c *convertor) ConvertToGVK(obj runtime.Object, gvk schema.GroupVersionKind) (runtime.Object, error) { +func ConvertToGVK(obj runtime.Object, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) (runtime.Object, error) { // Unlike other resources, custom resources do not have internal version, so // if obj is a custom resource, it should not need conversion. if obj.GetObjectKind().GroupVersionKind() == gvk { return obj, nil } - out, err := c.Scheme.New(gvk) + out, err := o.GetObjectCreater().New(gvk) if err != nil { return nil, err } - err = c.Scheme.Convert(obj, out, nil) + err = o.GetObjectConvertor().Convert(obj, out, nil) if err != nil { return nil, err } return out, nil } - -// Validate checks if the conversion has a scheme. -func (c *convertor) Validate() error { - if c.Scheme == nil { - return fmt.Errorf("the convertor requires a scheme") - } - return nil -} diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion_test.go index 499853566fe..5bb70d1b4b9 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/conversion_test.go @@ -26,6 +26,7 @@ import ( "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/apis/example" examplev1 "k8s.io/apiserver/pkg/apis/example/v1" example2v1 "k8s.io/apiserver/pkg/apis/example2/v1" @@ -41,7 +42,7 @@ func initiateScheme(t *testing.T) *runtime.Scheme { func TestConvertToGVK(t *testing.T) { scheme := initiateScheme(t) - c := convertor{Scheme: scheme} + o := &admission.SchemeBasedObjectInterfaces{scheme} table := map[string]struct { obj runtime.Object gvk schema.GroupVersionKind @@ -122,7 +123,7 @@ func TestConvertToGVK(t *testing.T) { for name, test := range table { t.Run(name, func(t *testing.T) { - actual, err := c.ConvertToGVK(test.obj, test.gvk) + actual, err := ConvertToGVK(test.obj, test.gvk, o) if err != nil { t.Error(err) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/interfaces.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/interfaces.go index 3a7edb526d6..d998b6b71ec 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/interfaces.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/interfaces.go @@ -41,5 +41,5 @@ type VersionedAttributes struct { // Dispatcher dispatches webhook call to a list of webhooks with admission attributes as argument. type Dispatcher interface { // Dispatch a request to the webhooks using the given webhooks. A non-nil error means the request is rejected. - Dispatch(ctx context.Context, a *VersionedAttributes, hooks []*v1beta1.Webhook) error + Dispatch(ctx context.Context, a *VersionedAttributes, o admission.ObjectInterfaces, hooks []*v1beta1.Webhook) error } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go index 13b898bca9b..c44f67346c2 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/generic/webhook.go @@ -24,7 +24,6 @@ import ( admissionv1beta1 "k8s.io/api/admission/v1beta1" "k8s.io/api/admissionregistration/v1beta1" apierrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/admission" genericadmissioninit "k8s.io/apiserver/pkg/admission/initializer" "k8s.io/apiserver/pkg/admission/plugin/webhook/config" @@ -43,7 +42,6 @@ type Webhook struct { hookSource Source clientManager *webhook.ClientManager - convertor *convertor namespaceMatcher *namespace.Matcher dispatcher Dispatcher } @@ -79,7 +77,6 @@ func NewWebhook(handler *admission.Handler, configFile io.Reader, sourceFactory Handler: handler, sourceFactory: sourceFactory, clientManager: &cm, - convertor: &convertor{}, namespaceMatcher: &namespace.Matcher{}, dispatcher: dispatcherFactory(&cm), }, nil @@ -98,13 +95,6 @@ func (a *Webhook) SetServiceResolver(sr webhook.ServiceResolver) { a.clientManager.SetServiceResolver(sr) } -// SetScheme sets a serializer(NegotiatedSerializer) which is derived from the scheme -func (a *Webhook) SetScheme(scheme *runtime.Scheme) { - if scheme != nil { - a.convertor.Scheme = scheme - } -} - // SetExternalKubeClientSet implements the WantsExternalKubeInformerFactory interface. // It sets external ClientSet for admission plugins that need it func (a *Webhook) SetExternalKubeClientSet(client clientset.Interface) { @@ -132,9 +122,6 @@ func (a *Webhook) ValidateInitialization() error { if err := a.clientManager.Validate(); err != nil { return fmt.Errorf("clientManager is not properly setup: %v", err) } - if err := a.convertor.Validate(); err != nil { - return fmt.Errorf("convertor is not properly setup: %v", err) - } return nil } @@ -156,7 +143,7 @@ func (a *Webhook) ShouldCallHook(h *v1beta1.Webhook, attr admission.Attributes) } // Dispatch is called by the downstream Validate or Admit methods. -func (a *Webhook) Dispatch(attr admission.Attributes) error { +func (a *Webhook) Dispatch(attr admission.Attributes, o admission.ObjectInterfaces) error { if rules.IsWebhookConfigurationResource(attr) { return nil } @@ -188,18 +175,18 @@ func (a *Webhook) Dispatch(attr admission.Attributes) error { Attributes: attr, } if oldObj := attr.GetOldObject(); oldObj != nil { - out, err := a.convertor.ConvertToGVK(oldObj, attr.GetKind()) + out, err := ConvertToGVK(oldObj, attr.GetKind(), o) if err != nil { return apierrors.NewInternalError(err) } versionedAttr.VersionedOldObject = out } if obj := attr.GetObject(); obj != nil { - out, err := a.convertor.ConvertToGVK(obj, attr.GetKind()) + out, err := ConvertToGVK(obj, attr.GetKind(), o) if err != nil { return apierrors.NewInternalError(err) } versionedAttr.VersionedObject = out } - return a.dispatcher.Dispatch(ctx, &versionedAttr, relevantHooks) + return a.dispatcher.Dispatch(ctx, &versionedAttr, o, relevantHooks) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD index da393cf2283..1a6530395f4 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD @@ -39,8 +39,6 @@ go_test( ], embed = [":go_default_library"], deps = [ - "//staging/src/k8s.io/api/admission/v1beta1:go_default_library", - "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher.go index d646bacb535..44490d1b4f0 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher.go @@ -31,7 +31,9 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/serializer/json" utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apiserver/pkg/admission" admissionmetrics "k8s.io/apiserver/pkg/admission/metrics" webhookerrors "k8s.io/apiserver/pkg/admission/plugin/webhook/errors" "k8s.io/apiserver/pkg/admission/plugin/webhook/generic" @@ -53,10 +55,10 @@ func newMutatingDispatcher(p *Plugin) func(cm *webhook.ClientManager) generic.Di var _ generic.Dispatcher = &mutatingDispatcher{} -func (a *mutatingDispatcher) Dispatch(ctx context.Context, attr *generic.VersionedAttributes, relevantHooks []*v1beta1.Webhook) error { +func (a *mutatingDispatcher) Dispatch(ctx context.Context, attr *generic.VersionedAttributes, o admission.ObjectInterfaces, relevantHooks []*v1beta1.Webhook) error { for _, hook := range relevantHooks { t := time.Now() - err := a.callAttrMutatingHook(ctx, hook, attr) + err := a.callAttrMutatingHook(ctx, hook, attr, o) admissionmetrics.Metrics.ObserveWebhook(time.Since(t), err != nil, attr.Attributes, "admit", hook.Name) if err == nil { continue @@ -76,13 +78,13 @@ func (a *mutatingDispatcher) Dispatch(ctx context.Context, attr *generic.Version // convert attr.VersionedObject to the internal version in the underlying admission.Attributes if attr.VersionedObject != nil { - return a.plugin.scheme.Convert(attr.VersionedObject, attr.Attributes.GetObject(), nil) + return o.GetObjectConvertor().Convert(attr.VersionedObject, attr.Attributes.GetObject(), nil) } return nil } // note that callAttrMutatingHook updates attr -func (a *mutatingDispatcher) callAttrMutatingHook(ctx context.Context, h *v1beta1.Webhook, attr *generic.VersionedAttributes) error { +func (a *mutatingDispatcher) callAttrMutatingHook(ctx context.Context, h *v1beta1.Webhook, attr *generic.VersionedAttributes, o admission.ObjectInterfaces) error { if attr.IsDryRun() { if h.SideEffects == nil { return &webhook.ErrCallingWebhook{WebhookName: h.Name, Reason: fmt.Errorf("Webhook SideEffects is nil")} @@ -135,7 +137,8 @@ func (a *mutatingDispatcher) callAttrMutatingHook(ctx context.Context, h *v1beta return apierrors.NewInternalError(fmt.Errorf("admission webhook %q attempted to modify the object, which is not supported for this operation", h.Name)) } - objJS, err := runtime.Encode(a.plugin.jsonSerializer, attr.VersionedObject) + jsonSerializer := json.NewSerializer(json.DefaultMetaFactory, o.GetObjectCreater(), o.GetObjectTyper(), false) + objJS, err := runtime.Encode(jsonSerializer, attr.VersionedObject) if err != nil { return apierrors.NewInternalError(err) } @@ -150,17 +153,17 @@ func (a *mutatingDispatcher) callAttrMutatingHook(ctx context.Context, h *v1beta // They are represented as Unstructured. newVersionedObject = &unstructured.Unstructured{} } else { - newVersionedObject, err = a.plugin.scheme.New(attr.GetKind()) + newVersionedObject, err = o.GetObjectCreater().New(attr.GetKind()) if err != nil { return apierrors.NewInternalError(err) } } // TODO: if we have multiple mutating webhooks, we can remember the json // instead of encoding and decoding for each one. - if _, _, err := a.plugin.jsonSerializer.Decode(patchedJS, nil, newVersionedObject); err != nil { + if _, _, err := jsonSerializer.Decode(patchedJS, nil, newVersionedObject); err != nil { return apierrors.NewInternalError(err) } attr.VersionedObject = newVersionedObject - a.plugin.scheme.Default(attr.VersionedObject) + o.GetObjectDefaulter().Default(attr.VersionedObject) return nil } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher_test.go index ccea2686243..53bcf0124dc 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/dispatcher_test.go @@ -49,6 +49,7 @@ func TestDispatch(t *testing.T) { require.NoError(t, example.AddToScheme(scheme)) require.NoError(t, examplev1.AddToScheme(scheme)) require.NoError(t, example2v1.AddToScheme(scheme)) + objectInterfaces := &admission.SchemeBasedObjectInterfaces{scheme} tests := []struct { name string @@ -118,16 +119,14 @@ func TestDispatch(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { a := &mutatingDispatcher{ - plugin: &Plugin{ - scheme: scheme, - }, + plugin: &Plugin{}, } attr := generic.VersionedAttributes{ Attributes: admission.NewAttributesRecord(test.out, nil, schema.GroupVersionKind{}, "", "", schema.GroupVersionResource{}, "", admission.Operation(""), false, nil), VersionedOldObject: nil, VersionedObject: test.in, } - if err := a.Dispatch(context.TODO(), &attr, nil); err != nil { + if err := a.Dispatch(context.TODO(), &attr, objectInterfaces, nil); err != nil { t.Fatalf("%s: unexpected error: %v", test.name, err) } if !reflect.DeepEqual(attr.Attributes.GetObject(), test.expectedObj) { diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin.go index 33572b24b5b..6202fbc63fe 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin.go @@ -17,11 +17,8 @@ limitations under the License. package mutating import ( - "fmt" "io" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/serializer/json" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/admission/configuration" "k8s.io/apiserver/pkg/admission/plugin/webhook/generic" @@ -47,9 +44,6 @@ func Register(plugins *admission.Plugins) { // Plugin is an implementation of admission.Interface. type Plugin struct { *generic.Webhook - - scheme *runtime.Scheme - jsonSerializer *json.Serializer } var _ admission.MutationInterface = &Plugin{} @@ -67,30 +61,15 @@ func NewMutatingWebhook(configFile io.Reader) (*Plugin, error) { return p, nil } -// SetScheme sets a serializer(NegotiatedSerializer) which is derived from the scheme -func (a *Plugin) SetScheme(scheme *runtime.Scheme) { - a.Webhook.SetScheme(scheme) - if scheme != nil { - a.scheme = scheme - a.jsonSerializer = json.NewSerializer(json.DefaultMetaFactory, scheme, scheme, false) - } -} - // ValidateInitialization implements the InitializationValidator interface. func (a *Plugin) ValidateInitialization() error { if err := a.Webhook.ValidateInitialization(); err != nil { return err } - if a.scheme == nil { - return fmt.Errorf("scheme is not properly setup") - } - if a.jsonSerializer == nil { - return fmt.Errorf("jsonSerializer is not properly setup") - } return nil } // Admit makes an admission decision based on the request attributes. -func (a *Plugin) Admit(attr admission.Attributes) error { - return a.Webhook.Dispatch(attr) +func (a *Plugin) Admit(attr admission.Attributes, o admission.ObjectInterfaces) error { + return a.Webhook.Dispatch(attr, o) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin_test.go index e41f84aee43..e4ff80295e8 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/plugin_test.go @@ -23,23 +23,15 @@ import ( "testing" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "k8s.io/api/admission/v1beta1" - corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/admission" webhooktesting "k8s.io/apiserver/pkg/admission/plugin/webhook/testing" ) // TestAdmit tests that MutatingWebhook#Admit works as expected func TestAdmit(t *testing.T) { - scheme := runtime.NewScheme() - require.NoError(t, v1beta1.AddToScheme(scheme)) - require.NoError(t, corev1.AddToScheme(scheme)) - testServer := webhooktesting.NewTestServer(t) testServer.StartTLS() defer testServer.Close() @@ -48,6 +40,8 @@ func TestAdmit(t *testing.T) { t.Fatalf("this should never happen? %v", err) } + objectInterfaces := webhooktesting.NewObjectInterfacesForTest() + stopCh := make(chan struct{}) defer close(stopCh) @@ -66,7 +60,6 @@ func TestAdmit(t *testing.T) { wh.SetAuthenticationInfoResolverWrapper(webhooktesting.Wrapper(webhooktesting.NewAuthenticationInfoResolver(new(int32)))) wh.SetServiceResolver(webhooktesting.NewServiceResolver(*serverURL)) - wh.SetScheme(scheme) wh.SetExternalKubeClientSet(client) wh.SetExternalKubeInformerFactory(informer) @@ -85,7 +78,7 @@ func TestAdmit(t *testing.T) { attr = webhooktesting.NewAttribute(ns, tt.AdditionalLabels, tt.IsDryRun) } - err = wh.Admit(attr) + err = wh.Admit(attr, objectInterfaces) if tt.ExpectAllow != (err == nil) { t.Errorf("%s: expected allowed=%v, but got err=%v", tt.Name, tt.ExpectAllow, err) } @@ -118,10 +111,6 @@ func TestAdmit(t *testing.T) { // TestAdmitCachedClient tests that MutatingWebhook#Admit should cache restClient func TestAdmitCachedClient(t *testing.T) { - scheme := runtime.NewScheme() - require.NoError(t, v1beta1.AddToScheme(scheme)) - require.NoError(t, corev1.AddToScheme(scheme)) - testServer := webhooktesting.NewTestServer(t) testServer.StartTLS() defer testServer.Close() @@ -130,6 +119,8 @@ func TestAdmitCachedClient(t *testing.T) { t.Fatalf("this should never happen? %v", err) } + objectInterfaces := webhooktesting.NewObjectInterfacesForTest() + stopCh := make(chan struct{}) defer close(stopCh) @@ -138,7 +129,6 @@ func TestAdmitCachedClient(t *testing.T) { t.Fatalf("Failed to create mutating webhook: %v", err) } wh.SetServiceResolver(webhooktesting.NewServiceResolver(*serverURL)) - wh.SetScheme(scheme) for _, tt := range webhooktesting.NewCachedClientTestcases(serverURL) { ns := "webhook-test" @@ -158,7 +148,7 @@ func TestAdmitCachedClient(t *testing.T) { continue } - err = wh.Admit(webhooktesting.NewAttribute(ns, nil, false)) + err = wh.Admit(webhooktesting.NewAttribute(ns, nil, false), objectInterfaces) if tt.ExpectAllow != (err == nil) { t.Errorf("%s: expected allowed=%v, but got err=%v", tt.Name, tt.ExpectAllow, err) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/testing/testcase.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/testing/testcase.go index ad3efee0e62..a09fc8da3f9 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/testing/testcase.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/testing/testcase.go @@ -649,3 +649,10 @@ func newMatchEverythingRules() []registrationv1beta1.RuleWithOperations { }, }} } + +// NewObjectInterfacesForTest returns an ObjectInterfaces appropriate for test cases in this file. +func NewObjectInterfacesForTest() admission.ObjectInterfaces { + scheme := runtime.NewScheme() + corev1.AddToScheme(scheme) + return &admission.SchemeBasedObjectInterfaces{scheme} +} diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD index ea9f489f8ec..f9f1c668eb7 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD @@ -32,13 +32,9 @@ go_test( srcs = ["plugin_test.go"], embed = [":go_default_library"], deps = [ - "//staging/src/k8s.io/api/admission/v1beta1:go_default_library", - "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/testing:go_default_library", "//vendor/github.com/stretchr/testify/assert:go_default_library", - "//vendor/github.com/stretchr/testify/require:go_default_library", ], ) diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/dispatcher.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/dispatcher.go index 166e21adcdf..d779be7b835 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/dispatcher.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/dispatcher.go @@ -28,6 +28,7 @@ import ( "k8s.io/api/admissionregistration/v1beta1" apierrors "k8s.io/apimachinery/pkg/api/errors" utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apiserver/pkg/admission" admissionmetrics "k8s.io/apiserver/pkg/admission/metrics" webhookerrors "k8s.io/apiserver/pkg/admission/plugin/webhook/errors" "k8s.io/apiserver/pkg/admission/plugin/webhook/generic" @@ -46,7 +47,7 @@ func newValidatingDispatcher(cm *webhook.ClientManager) generic.Dispatcher { var _ generic.Dispatcher = &validatingDispatcher{} -func (d *validatingDispatcher) Dispatch(ctx context.Context, attr *generic.VersionedAttributes, relevantHooks []*v1beta1.Webhook) error { +func (d *validatingDispatcher) Dispatch(ctx context.Context, attr *generic.VersionedAttributes, o admission.ObjectInterfaces, relevantHooks []*v1beta1.Webhook) error { wg := sync.WaitGroup{} errCh := make(chan error, len(relevantHooks)) wg.Add(len(relevantHooks)) diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin.go index 7f79b9d7a08..388a237c984 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin.go @@ -59,6 +59,6 @@ func NewValidatingAdmissionWebhook(configFile io.Reader) (*Plugin, error) { } // Validate makes an admission decision based on the request attributes. -func (a *Plugin) Validate(attr admission.Attributes) error { - return a.Webhook.Dispatch(attr) +func (a *Plugin) Validate(attr admission.Attributes, o admission.ObjectInterfaces) error { + return a.Webhook.Dispatch(attr, o) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin_test.go index 3dff3864dbc..0ed2a9744c3 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/plugin_test.go @@ -22,25 +22,19 @@ import ( "testing" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "k8s.io/api/admission/v1beta1" - corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/runtime" webhooktesting "k8s.io/apiserver/pkg/admission/plugin/webhook/testing" ) // TestValidate tests that ValidatingWebhook#Validate works as expected func TestValidate(t *testing.T) { - scheme := runtime.NewScheme() - require.NoError(t, v1beta1.AddToScheme(scheme)) - require.NoError(t, corev1.AddToScheme(scheme)) - testServer := webhooktesting.NewTestServer(t) testServer.StartTLS() defer testServer.Close() + objectInterfaces := webhooktesting.NewObjectInterfacesForTest() + serverURL, err := url.ParseRequestURI(testServer.URL) if err != nil { t.Fatalf("this should never happen? %v", err) @@ -61,7 +55,6 @@ func TestValidate(t *testing.T) { wh.SetAuthenticationInfoResolverWrapper(webhooktesting.Wrapper(webhooktesting.NewAuthenticationInfoResolver(new(int32)))) wh.SetServiceResolver(webhooktesting.NewServiceResolver(*serverURL)) - wh.SetScheme(scheme) wh.SetExternalKubeClientSet(client) wh.SetExternalKubeInformerFactory(informer) @@ -74,7 +67,7 @@ func TestValidate(t *testing.T) { } attr := webhooktesting.NewAttribute(ns, nil, tt.IsDryRun) - err = wh.Validate(attr) + err = wh.Validate(attr, objectInterfaces) if tt.ExpectAllow != (err == nil) { t.Errorf("%s: expected allowed=%v, but got err=%v", tt.Name, tt.ExpectAllow, err) } @@ -102,10 +95,6 @@ func TestValidate(t *testing.T) { // TestValidateCachedClient tests that ValidatingWebhook#Validate should cache restClient func TestValidateCachedClient(t *testing.T) { - scheme := runtime.NewScheme() - require.NoError(t, v1beta1.AddToScheme(scheme)) - require.NoError(t, corev1.AddToScheme(scheme)) - testServer := webhooktesting.NewTestServer(t) testServer.StartTLS() defer testServer.Close() @@ -114,6 +103,8 @@ func TestValidateCachedClient(t *testing.T) { t.Fatalf("this should never happen? %v", err) } + objectInterfaces := webhooktesting.NewObjectInterfacesForTest() + stopCh := make(chan struct{}) defer close(stopCh) @@ -122,7 +113,6 @@ func TestValidateCachedClient(t *testing.T) { t.Fatalf("Failed to create validating webhook: %v", err) } wh.SetServiceResolver(webhooktesting.NewServiceResolver(*serverURL)) - wh.SetScheme(scheme) for _, tt := range webhooktesting.NewCachedClientTestcases(serverURL) { ns := "webhook-test" @@ -142,7 +132,7 @@ func TestValidateCachedClient(t *testing.T) { continue } - err = wh.Validate(webhooktesting.NewAttribute(ns, nil, false)) + err = wh.Validate(webhooktesting.NewAttribute(ns, nil, false), objectInterfaces) if tt.ExpectAllow != (err == nil) { t.Errorf("%s: expected allowed=%v, but got err=%v", tt.Name, tt.ExpectAllow, err) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/util.go b/staging/src/k8s.io/apiserver/pkg/admission/util.go new file mode 100644 index 00000000000..61222f5d55c --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/admission/util.go @@ -0,0 +1,28 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package admission + +import "k8s.io/apimachinery/pkg/runtime" + +type SchemeBasedObjectInterfaces struct { + Scheme *runtime.Scheme +} + +func (r *SchemeBasedObjectInterfaces) GetObjectCreater() runtime.ObjectCreater { return r.Scheme } +func (r *SchemeBasedObjectInterfaces) GetObjectTyper() runtime.ObjectTyper { return r.Scheme } +func (r *SchemeBasedObjectInterfaces) GetObjectDefaulter() runtime.ObjectDefaulter { return r.Scheme } +func (r *SchemeBasedObjectInterfaces) GetObjectConvertor() runtime.ObjectConvertor { return r.Scheme } diff --git a/staging/src/k8s.io/apiserver/pkg/apis/OWNERS b/staging/src/k8s.io/apiserver/pkg/apis/OWNERS index bae178f8175..38336c177f9 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/apis/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/apiserver/pkg/apis/audit/OWNERS b/staging/src/k8s.io/apiserver/pkg/apis/audit/OWNERS index 8389778900f..7a21104f6df 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/audit/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/apis/audit/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-audit-approvers diff --git a/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go b/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go index 397317f23b2..0611c1ae5f1 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go +++ b/staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go @@ -100,7 +100,7 @@ func validateResources(groupResources []audit.GroupResources, fldPath *field.Pat // The empty string represents the core API group. if len(groupResource.Group) != 0 { // Group names must be lower case and be valid DNS subdomains. - // reference: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md + // reference: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md // an error is returned for group name like rbac.authorization.k8s.io/v1beta1 // rbac.authorization.k8s.io is the valid one if msgs := validation.NameIsDNSSubdomain(groupResource.Group, false); len(msgs) != 0 { diff --git a/staging/src/k8s.io/apiserver/pkg/audit/OWNERS b/staging/src/k8s.io/apiserver/pkg/audit/OWNERS index 178ce84a5ce..c3486ad5ded 100644 --- a/staging/src/k8s.io/apiserver/pkg/audit/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/audit/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-audit-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/pkg/authentication/OWNERS b/staging/src/k8s.io/apiserver/pkg/authentication/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/staging/src/k8s.io/apiserver/pkg/authentication/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/authentication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/OWNERS b/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/OWNERS index 470b7a1c92d..3cf03643835 100644 --- a/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-certificates-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/pkg/authorization/OWNERS b/staging/src/k8s.io/apiserver/pkg/authorization/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/staging/src/k8s.io/apiserver/pkg/authorization/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/authorization/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/pkg/authorization/authorizerfactory/OWNERS b/staging/src/k8s.io/apiserver/pkg/authorization/authorizerfactory/OWNERS old mode 100755 new mode 100644 index cb2ae800f36..a5ccdcbd1b0 --- a/staging/src/k8s.io/apiserver/pkg/authorization/authorizerfactory/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/authorization/authorizerfactory/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - dims diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go index 36a925c3acf..ed5d76dd7dd 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go @@ -76,7 +76,7 @@ import ( type alwaysMutatingDeny struct{} -func (alwaysMutatingDeny) Admit(a admission.Attributes) (err error) { +func (alwaysMutatingDeny) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return admission.NewForbidden(a, errors.New("Mutating admission control is denying all modifications")) } @@ -86,7 +86,7 @@ func (alwaysMutatingDeny) Handles(operation admission.Operation) bool { type alwaysValidatingDeny struct{} -func (alwaysValidatingDeny) Validate(a admission.Attributes) (err error) { +func (alwaysValidatingDeny) Validate(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return admission.NewForbidden(a, errors.New("Validating admission control is denying all modifications")) } diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/OWNERS b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/OWNERS old mode 100755 new mode 100644 index 6f780ff899b..05259ce3538 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - deads2k - sttts diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go b/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go index a1ba7bdbbeb..79cfefe4669 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go @@ -87,6 +87,10 @@ type APIGroupVersion struct { // OpenAPIModels exposes the OpenAPI models to each individual handler. OpenAPIModels openapiproto.Models + + // The limit on the request body size that would be accepted and decoded in a write request. + // 0 means no limit. + MaxRequestBodyBytes int64 } // InstallREST registers the REST handlers (storage, watch, proxy and redirect) into a restful Container. diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/create.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/create.go index cd95727fde9..067675a3bb8 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/create.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/create.go @@ -85,7 +85,7 @@ func createHandler(r rest.NamedCreater, scope RequestScope, admit admission.Inte decoder := scope.Serializer.DecoderToVersion(s.Serializer, scope.HubGroupVersion) - body, err := readBody(req) + body, err := limitedReadBody(req, scope.MaxRequestBodyBytes) if err != nil { scope.err(err, w, req) return @@ -127,7 +127,7 @@ func createHandler(r rest.NamedCreater, scope RequestScope, admit admission.Inte userInfo, _ := request.UserFrom(ctx) admissionAttributes := admission.NewAttributesRecord(obj, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Create, dryrun.IsDryRun(options.DryRun), userInfo) if mutatingAdmission, ok := admit.(admission.MutationInterface); ok && mutatingAdmission.Handles(admission.Create) { - err = mutatingAdmission.Admit(admissionAttributes) + err = mutatingAdmission.Admit(admissionAttributes, &scope) if err != nil { scope.err(err, w, req) return @@ -154,7 +154,7 @@ func createHandler(r rest.NamedCreater, scope RequestScope, admit admission.Inte ctx, name, obj, - rest.AdmissionToValidateObjectFunc(admit, admissionAttributes), + rest.AdmissionToValidateObjectFunc(admit, admissionAttributes, &scope), options, ) }) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/delete.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/delete.go index 1353ed82503..a37c7f8d525 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/delete.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/delete.go @@ -72,7 +72,7 @@ func DeleteResource(r rest.GracefulDeleter, allowsOptions bool, scope RequestSco options := &metav1.DeleteOptions{} if allowsOptions { - body, err := readBody(req) + body, err := limitedReadBody(req, scope.MaxRequestBodyBytes) if err != nil { scope.err(err, w, req) return @@ -119,13 +119,13 @@ func DeleteResource(r rest.GracefulDeleter, allowsOptions bool, scope RequestSco userInfo, _ := request.UserFrom(ctx) attrs := admission.NewAttributesRecord(nil, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Delete, dryrun.IsDryRun(options.DryRun), userInfo) if mutatingAdmission, ok := admit.(admission.MutationInterface); ok { - if err := mutatingAdmission.Admit(attrs); err != nil { + if err := mutatingAdmission.Admit(attrs, &scope); err != nil { scope.err(err, w, req) return } } if validatingAdmission, ok := admit.(admission.ValidationInterface); ok { - if err := validatingAdmission.Validate(attrs); err != nil { + if err := validatingAdmission.Validate(attrs, &scope); err != nil { scope.err(err, w, req) return } @@ -226,7 +226,7 @@ func DeleteCollection(r rest.CollectionDeleter, checkBody bool, scope RequestSco options := &metav1.DeleteOptions{} if checkBody { - body, err := readBody(req) + body, err := limitedReadBody(req, scope.MaxRequestBodyBytes) if err != nil { scope.err(err, w, req) return @@ -269,7 +269,7 @@ func DeleteCollection(r rest.CollectionDeleter, checkBody bool, scope RequestSco userInfo, _ := request.UserFrom(ctx) attrs := admission.NewAttributesRecord(nil, nil, scope.Kind, namespace, "", scope.Resource, scope.Subresource, admission.Delete, dryrun.IsDryRun(options.DryRun), userInfo) if mutatingAdmission, ok := admit.(admission.MutationInterface); ok { - err = mutatingAdmission.Admit(attrs) + err = mutatingAdmission.Admit(attrs, &scope) if err != nil { scope.err(err, w, req) return @@ -277,7 +277,7 @@ func DeleteCollection(r rest.CollectionDeleter, checkBody bool, scope RequestSco } if validatingAdmission, ok := admit.(admission.ValidationInterface); ok { - err = validatingAdmission.Validate(attrs) + err = validatingAdmission.Validate(attrs, &scope) if err != nil { scope.err(err, w, req) return diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/BUILD b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/BUILD index fed358126e6..6abb2845a93 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/BUILD @@ -1,4 +1,4 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") go_library( name = "go_default_library", @@ -7,7 +7,6 @@ go_library( importpath = "k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager", visibility = ["//visibility:public"], deps = [ - "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", @@ -35,3 +34,16 @@ filegroup( tags = ["automanaged"], visibility = ["//visibility:public"], ) + +go_test( + name = "go_default_test", + srcs = ["fieldmanager_test.go"], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + ], +) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/OWNERS b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/OWNERS new file mode 100644 index 00000000000..a7470137b87 --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/OWNERS @@ -0,0 +1,5 @@ +approvers: +- jennybuckley +- apelisse +reviewers: +- kwiesmueller diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/fieldmanager.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/fieldmanager.go index 773063890cc..a890e932500 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/fieldmanager.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/fieldmanager.go @@ -20,7 +20,6 @@ import ( "fmt" "time" - "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -51,6 +50,7 @@ func NewFieldManager(models openapiproto.Models, objectConverter runtime.ObjectC if err != nil { return nil, err } + return &FieldManager{ typeConverter: typeConverter, objectConverter: objectConverter, @@ -130,6 +130,7 @@ func (f *FieldManager) Update(liveObj, newObj runtime.Object, manager string) (r if err != nil { return nil, fmt.Errorf("failed to update ManagedFields: %v", err) } + managed = f.stripFields(managed, manager) if err := internal.EncodeObjectManagedFields(newObj, managed); err != nil { return nil, fmt.Errorf("failed to encode managed fields: %v", err) @@ -176,10 +177,11 @@ func (f *FieldManager) Apply(liveObj runtime.Object, patch []byte, force bool) ( newObjTyped, managed, err := f.updater.Apply(liveObjTyped, patchObjTyped, apiVersion, managed, manager, force) if err != nil { if conflicts, ok := err.(merge.Conflicts); ok { - return nil, errors.NewApplyConflict(conflicts) + return nil, internal.NewConflictError(conflicts) } return nil, err } + managed = f.stripFields(managed, manager) newObj, err := f.typeConverter.TypedToObject(newObjTyped) if err != nil { @@ -223,3 +225,31 @@ func (f *FieldManager) buildManagerInfo(prefix string, operation metav1.ManagedF } return internal.BuildManagerIdentifier(&managerInfo) } + +// stripSet is the list of fields that should never be part of a mangedFields. +var stripSet = fieldpath.NewSet( + fieldpath.MakePathOrDie("apiVersion"), + fieldpath.MakePathOrDie("kind"), + fieldpath.MakePathOrDie("metadata", "name"), + fieldpath.MakePathOrDie("metadata", "namespace"), + fieldpath.MakePathOrDie("metadata", "creationTimestamp"), + fieldpath.MakePathOrDie("metadata", "selfLink"), + fieldpath.MakePathOrDie("metadata", "uid"), + fieldpath.MakePathOrDie("metadata", "resourceVersion"), +) + +// stripFields removes a predefined set of paths found in typed from managed and returns the updated ManagedFields +func (f *FieldManager) stripFields(managed fieldpath.ManagedFields, manager string) fieldpath.ManagedFields { + vs, ok := managed[manager] + if ok { + if vs == nil { + panic(fmt.Sprintf("Found unexpected nil manager which should never happen: %s", manager)) + } + vs.Set = vs.Set.Difference(stripSet) + if vs.Set.Empty() { + delete(managed, manager) + } + } + + return managed +} diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/fieldmanager_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/fieldmanager_test.go new file mode 100644 index 00000000000..c4edbc2adae --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/fieldmanager_test.go @@ -0,0 +1,141 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fieldmanager_test + +import ( + "errors" + "testing" + "time" + + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager" +) + +type fakeObjectConvertor struct{} + +func (c *fakeObjectConvertor) Convert(in, out, context interface{}) error { + out = in + return nil +} + +func (c *fakeObjectConvertor) ConvertToVersion(in runtime.Object, _ runtime.GroupVersioner) (runtime.Object, error) { + return in, nil +} + +func (c *fakeObjectConvertor) ConvertFieldLabel(_ schema.GroupVersionKind, _, _ string) (string, string, error) { + return "", "", errors.New("not implemented") +} + +type fakeObjectDefaulter struct{} + +func (d *fakeObjectDefaulter) Default(in runtime.Object) {} + +func NewTestFieldManager(t *testing.T) *fieldmanager.FieldManager { + gv := schema.GroupVersion{ + Group: "apps", + Version: "v1", + } + + return fieldmanager.NewCRDFieldManager( + &fakeObjectConvertor{}, + &fakeObjectDefaulter{}, + gv, + gv, + ) +} + +func TestFieldManagerCreation(t *testing.T) { + if NewTestFieldManager(t) == nil { + t.Fatal("failed to create FieldManager") + } +} + +func TestApplyStripsFields(t *testing.T) { + f := NewTestFieldManager(t) + + obj := &corev1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: "a", + Namespace: "a", + CreationTimestamp: metav1.Time{Time: time.Time{}}, + SelfLink: "a", + }, + } + + newObj, err := f.Apply(obj, []byte(`{ + "apiVersion": "v1", + "kind": "Deployment", + "metadata": { + "name": "b", + "namespace": "b", + "creationTimestamp": "2016-05-19T09:59:00Z", + "selfLink": "b", + "uid": "b", + "resourceVersion": "b" + } + }`), false) + if err != nil { + t.Fatalf("failed to apply object: %v", err) + } + + accessor, err := meta.Accessor(newObj) + if err != nil { + t.Fatalf("couldn't get accessor: %v", err) + } + + if m := accessor.GetManagedFields(); len(m) != 0 { + t.Fatalf("fields did not get stripped on apply: %v", m) + } +} +func TestApplyDoesNotStripLabels(t *testing.T) { + f := NewTestFieldManager(t) + + obj := &corev1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: "a", + Namespace: "a", + CreationTimestamp: metav1.Time{Time: time.Time{}}, + SelfLink: "a", + }, + } + + newObj, err := f.Apply(obj, []byte(`{ + "apiVersion": "v1", + "kind": "Pod", + "metadata": { + "labels": { + "a": "b" + }, + } + }`), false) + if err != nil { + t.Fatalf("failed to apply object: %v", err) + } + + accessor, err := meta.Accessor(newObj) + if err != nil { + t.Fatalf("couldn't get accessor: %v", err) + } + + if m := accessor.GetManagedFields(); len(m) != 1 { + t.Fatalf("labels shouldn't get stripped on apply: %v", m) + } +} diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/BUILD b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/BUILD index 2fe6dbeb8f1..15ec1a3f628 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/BUILD @@ -3,6 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") go_library( name = "go_default_library", srcs = [ + "conflict.go", "fields.go", "gvkparser.go", "managedfields.go", @@ -14,6 +15,7 @@ go_library( importpath = "k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal", visibility = ["//visibility:public"], deps = [ + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", @@ -23,7 +25,6 @@ go_library( "//vendor/k8s.io/kube-openapi/pkg/util/proto:go_default_library", "//vendor/sigs.k8s.io/structured-merge-diff/fieldpath:go_default_library", "//vendor/sigs.k8s.io/structured-merge-diff/merge:go_default_library", - "//vendor/sigs.k8s.io/structured-merge-diff/schema:go_default_library", "//vendor/sigs.k8s.io/structured-merge-diff/typed:go_default_library", "//vendor/sigs.k8s.io/structured-merge-diff/value:go_default_library", "//vendor/sigs.k8s.io/yaml:go_default_library", @@ -33,6 +34,7 @@ go_library( go_test( name = "go_default_test", srcs = [ + "conflict_test.go", "fields_test.go", "managedfields_test.go", "pathelement_test.go", @@ -42,6 +44,7 @@ go_test( data = ["//api/openapi-spec"], embed = [":go_default_library"], deps = [ + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", @@ -50,6 +53,7 @@ go_test( "//vendor/k8s.io/kube-openapi/pkg/util/proto:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/util/proto/testing:go_default_library", "//vendor/sigs.k8s.io/structured-merge-diff/fieldpath:go_default_library", + "//vendor/sigs.k8s.io/structured-merge-diff/merge:go_default_library", "//vendor/sigs.k8s.io/yaml:go_default_library", ], ) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/conflict.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/conflict.go new file mode 100644 index 00000000000..282fe80fbbe --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/conflict.go @@ -0,0 +1,82 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package internal + +import ( + "encoding/json" + "fmt" + "sort" + "strings" + "time" + + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/structured-merge-diff/fieldpath" + "sigs.k8s.io/structured-merge-diff/merge" +) + +// NewConflictError returns an error including details on the requests apply conflicts +func NewConflictError(conflicts merge.Conflicts) *errors.StatusError { + causes := []metav1.StatusCause{} + for _, conflict := range conflicts { + causes = append(causes, metav1.StatusCause{ + Type: metav1.CauseTypeFieldManagerConflict, + Message: fmt.Sprintf("conflict with %v", printManager(conflict.Manager)), + Field: conflict.Path.String(), + }) + } + return errors.NewApplyConflict(causes, getConflictMessage(conflicts)) +} + +func getConflictMessage(conflicts merge.Conflicts) string { + if len(conflicts) == 1 { + return fmt.Sprintf("Apply failed with 1 conflict: conflict with %v: %v", printManager(conflicts[0].Manager), conflicts[0].Path) + } + + m := map[string][]fieldpath.Path{} + for _, conflict := range conflicts { + m[conflict.Manager] = append(m[conflict.Manager], conflict.Path) + } + + uniqueManagers := []string{} + for manager := range m { + uniqueManagers = append(uniqueManagers, manager) + } + + // Print conflicts by sorted managers. + sort.Strings(uniqueManagers) + + messages := []string{} + for _, manager := range uniqueManagers { + messages = append(messages, fmt.Sprintf("conflicts with %v:", printManager(manager))) + for _, path := range m[manager] { + messages = append(messages, fmt.Sprintf("- %v", path)) + } + } + return fmt.Sprintf("Apply failed with %d conflicts: %s", len(conflicts), strings.Join(messages, "\n")) +} + +func printManager(manager string) string { + encodedManager := &metav1.ManagedFieldsEntry{} + if err := json.Unmarshal([]byte(manager), encodedManager); err != nil { + return fmt.Sprintf("%q", manager) + } + if encodedManager.Operation == metav1.ManagedFieldsOperationUpdate { + return fmt.Sprintf("%q using %v at %v", encodedManager.Manager, encodedManager.APIVersion, encodedManager.Time.UTC().Format(time.RFC3339)) + } + return fmt.Sprintf("%q", encodedManager.Manager) +} diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/conflict_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/conflict_test.go new file mode 100644 index 00000000000..f5c5dc6b566 --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/conflict_test.go @@ -0,0 +1,106 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package internal_test + +import ( + "net/http" + "reflect" + "testing" + + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal" + "sigs.k8s.io/structured-merge-diff/fieldpath" + "sigs.k8s.io/structured-merge-diff/merge" +) + +// TestNewConflictError tests that NewConflictError creates the correct StatusError for a given smd Conflicts +func TestNewConflictError(t *testing.T) { + testCases := []struct { + conflict merge.Conflicts + expected *errors.StatusError + }{ + { + conflict: merge.Conflicts{ + merge.Conflict{ + Manager: `{"manager":"foo","operation":"Update","apiVersion":"v1","time":"2001-02-03T04:05:06Z"}`, + Path: fieldpath.MakePathOrDie("spec", "replicas"), + }, + }, + expected: &errors.StatusError{ + ErrStatus: metav1.Status{ + Status: metav1.StatusFailure, + Code: http.StatusConflict, + Reason: metav1.StatusReasonConflict, + Details: &metav1.StatusDetails{ + Causes: []metav1.StatusCause{ + { + Type: metav1.CauseTypeFieldManagerConflict, + Message: `conflict with "foo" using v1 at 2001-02-03T04:05:06Z`, + Field: ".spec.replicas", + }, + }, + }, + Message: `Apply failed with 1 conflict: conflict with "foo" using v1 at 2001-02-03T04:05:06Z: .spec.replicas`, + }, + }, + }, + { + conflict: merge.Conflicts{ + merge.Conflict{ + Manager: `{"manager":"foo","operation":"Update","apiVersion":"v1","time":"2001-02-03T04:05:06Z"}`, + Path: fieldpath.MakePathOrDie("spec", "replicas"), + }, + merge.Conflict{ + Manager: `{"manager":"bar","operation":"Apply"}`, + Path: fieldpath.MakePathOrDie("metadata", "labels", "app"), + }, + }, + expected: &errors.StatusError{ + ErrStatus: metav1.Status{ + Status: metav1.StatusFailure, + Code: http.StatusConflict, + Reason: metav1.StatusReasonConflict, + Details: &metav1.StatusDetails{ + Causes: []metav1.StatusCause{ + { + Type: metav1.CauseTypeFieldManagerConflict, + Message: `conflict with "foo" using v1 at 2001-02-03T04:05:06Z`, + Field: ".spec.replicas", + }, + { + Type: metav1.CauseTypeFieldManagerConflict, + Message: `conflict with "bar"`, + Field: ".metadata.labels.app", + }, + }, + }, + Message: `Apply failed with 2 conflicts: conflicts with "bar": +- .metadata.labels.app +conflicts with "foo" using v1 at 2001-02-03T04:05:06Z: +- .spec.replicas`, + }, + }, + }, + } + for _, tc := range testCases { + actual := internal.NewConflictError(tc.conflict) + if !reflect.DeepEqual(tc.expected, actual) { + t.Errorf("Expected to get\n%+v\nbut got\n%+v", tc.expected.ErrStatus, actual.ErrStatus) + } + } +} diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/gvkparser.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/gvkparser.go index 704097329f4..929f1e79a7b 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/gvkparser.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/gvkparser.go @@ -22,7 +22,6 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/kube-openapi/pkg/schemaconv" "k8s.io/kube-openapi/pkg/util/proto" - smdschema "sigs.k8s.io/structured-merge-diff/schema" "sigs.k8s.io/structured-merge-diff/typed" ) @@ -49,7 +48,6 @@ func newGVKParser(models proto.Models) (*gvkParser, error) { if err != nil { return nil, fmt.Errorf("failed to convert models to schema: %v", err) } - typeSchema = makeRawExtensionUntyped(typeSchema) parser := gvkParser{ gvks: map[schema.GroupVersionKind]string{}, } @@ -57,11 +55,15 @@ func newGVKParser(models proto.Models) (*gvkParser, error) { for _, modelName := range models.ListModels() { model := models.LookupModel(modelName) if model == nil { - panic("ListModels returns a model that can't be looked-up.") + panic(fmt.Sprintf("ListModels returns a model that can't be looked-up for: %v", modelName)) } gvkList := parseGroupVersionKind(model) for _, gvk := range gvkList { if len(gvk.Kind) > 0 { + _, ok := parser.gvks[gvk] + if ok { + return nil, fmt.Errorf("duplicate entry for %v", gvk) + } parser.gvks[gvk] = modelName } } @@ -116,20 +118,3 @@ func parseGroupVersionKind(s proto.Schema) []schema.GroupVersionKind { return gvkListResult } - -// makeRawExtensionUntyped explicitly sets RawExtension's type in the schema to Untyped atomic -// TODO: remove this once kube-openapi is updated to include -// https://github.com/kubernetes/kube-openapi/pull/133 -func makeRawExtensionUntyped(s *smdschema.Schema) *smdschema.Schema { - s2 := &smdschema.Schema{} - for _, t := range s.Types { - t2 := t - if t2.Name == "io.k8s.apimachinery.pkg.runtime.RawExtension" { - t2.Atom = smdschema.Atom{ - Untyped: &smdschema.Untyped{}, - } - } - s2.Types = append(s2.Types, t2) - } - return s2 -} diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go index 93b17cfb097..9a38abddbcc 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go @@ -29,6 +29,7 @@ type errNotAcceptable struct { accepted []string } +// NewNotAcceptableError returns an error of NotAcceptable which contains specified string func NewNotAcceptableError(accepted []string) error { return errNotAcceptable{accepted} } @@ -51,6 +52,7 @@ type errUnsupportedMediaType struct { accepted []string } +// NewUnsupportedMediaTypeError returns an error of UnsupportedMediaType which contains specified string func NewUnsupportedMediaTypeError(accepted []string) error { return errUnsupportedMediaType{accepted} } diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go index 7aadce73429..ec8861cc63f 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go @@ -133,6 +133,8 @@ type EndpointRestrictions interface { AllowsStreamSchema(schema string) bool } +// DefaultEndpointRestrictions is the default EndpointRestrictions which allows +// content-type negotiation to verify server support for specific options var DefaultEndpointRestrictions = emptyEndpointRestrictions{} type emptyEndpointRestrictions struct{} diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/patch.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/patch.go index dd41e93eb9e..50592c5d7ab 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/patch.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/patch.go @@ -49,6 +49,11 @@ import ( utiltrace "k8s.io/utils/trace" ) +const ( + // maximum number of operations a single json patch may contain. + maxJSONPatchOperations = 10000 +) + // PatchResource returns a function that will handle a resource patch. func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface, patchTypes []string) http.HandlerFunc { return func(w http.ResponseWriter, req *http.Request) { @@ -96,7 +101,7 @@ func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface return } - patchBytes, err := readBody(req) + patchBytes, err := limitedReadBody(req, scope.MaxRequestBodyBytes) if err != nil { scope.err(err, w, req) return @@ -186,10 +191,12 @@ func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface subresource: scope.Subresource, dryRun: dryrun.IsDryRun(options.DryRun), + objectInterfaces: &scope, + hubGroupVersion: scope.HubGroupVersion, - createValidation: withAuthorization(rest.AdmissionToValidateObjectFunc(admit, staticCreateAttributes), scope.Authorizer, createAuthorizerAttributes), - updateValidation: rest.AdmissionToValidateObjectUpdateFunc(admit, staticUpdateAttributes), + createValidation: withAuthorization(rest.AdmissionToValidateObjectFunc(admit, staticCreateAttributes, &scope), scope.Authorizer, createAuthorizerAttributes), + updateValidation: rest.AdmissionToValidateObjectUpdateFunc(admit, staticUpdateAttributes, &scope), admissionCheck: mutatingAdmission, codec: codec, @@ -252,6 +259,8 @@ type patcher struct { subresource string dryRun bool + objectInterfaces admission.ObjectInterfaces + hubGroupVersion schema.GroupVersion // Validation functions @@ -331,6 +340,11 @@ func (p *jsonPatcher) applyJSPatch(versionedJS []byte) (patchedJS []byte, retErr if err != nil { return nil, errors.NewBadRequest(err.Error()) } + if len(patchObj) > maxJSONPatchOperations { + return nil, errors.NewRequestEntityTooLargeError( + fmt.Sprintf("The allowed maximum operations in a JSON patch is %d, got %d", + maxJSONPatchOperations, len(patchObj))) + } patchedJS, err := patchObj.Apply(versionedJS) if err != nil { return nil, errors.NewGenericServerResponse(http.StatusUnprocessableEntity, "", schema.GroupResource{}, "", err.Error(), 0, false) @@ -497,7 +511,7 @@ func (p *patcher) applyAdmission(ctx context.Context, patchedObject runtime.Obje } if p.admissionCheck != nil && p.admissionCheck.Handles(operation) { attributes := p.admissionAttributes(ctx, patchedObject, currentObject, operation) - return patchedObject, p.admissionCheck.Admit(attributes) + return patchedObject, p.admissionCheck.Admit(attributes, p.objectInterfaces) } return patchedObject, nil } diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go index 744ab6ea1ba..74bb39c6d42 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go @@ -20,6 +20,7 @@ import ( "context" "encoding/hex" "fmt" + "io" "io/ioutil" "net/http" "net/url" @@ -70,6 +71,8 @@ type RequestScope struct { // HubGroupVersion indicates what version objects read from etcd or incoming requests should be converted to for in-memory handling. HubGroupVersion schema.GroupVersion + + MaxRequestBodyBytes int64 } func (scope *RequestScope) err(err error, w http.ResponseWriter, req *http.Request) { @@ -100,6 +103,13 @@ func (scope *RequestScope) AllowsStreamSchema(s string) bool { return s == "watch" } +var _ admission.ObjectInterfaces = &RequestScope{} + +func (r *RequestScope) GetObjectCreater() runtime.ObjectCreater { return r.Creater } +func (r *RequestScope) GetObjectTyper() runtime.ObjectTyper { return r.Typer } +func (r *RequestScope) GetObjectDefaulter() runtime.ObjectDefaulter { return r.Defaulter } +func (r *RequestScope) GetObjectConvertor() runtime.ObjectConvertor { return r.Convertor } + // ConnectResource returns a function that handles a connect request on a rest.Storage object. func ConnectResource(connecter rest.Connecter, scope RequestScope, admit admission.Interface, restPath string, isSubresource bool) http.HandlerFunc { return func(w http.ResponseWriter, req *http.Request) { @@ -128,14 +138,14 @@ func ConnectResource(connecter rest.Connecter, scope RequestScope, admit admissi userInfo, _ := request.UserFrom(ctx) // TODO: remove the mutating admission here as soon as we have ported all plugin that handle CONNECT if mutatingAdmission, ok := admit.(admission.MutationInterface); ok { - err = mutatingAdmission.Admit(admission.NewAttributesRecord(opts, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Connect, false, userInfo)) + err = mutatingAdmission.Admit(admission.NewAttributesRecord(opts, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Connect, false, userInfo), &scope) if err != nil { scope.err(err, w, req) return } } if validatingAdmission, ok := admit.(admission.ValidationInterface); ok { - err = validatingAdmission.Validate(admission.NewAttributesRecord(opts, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Connect, false, userInfo)) + err = validatingAdmission.Validate(admission.NewAttributesRecord(opts, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Connect, false, userInfo), &scope) if err != nil { scope.err(err, w, req) return @@ -333,9 +343,23 @@ func summarizeData(data []byte, maxLength int) string { } } -func readBody(req *http.Request) ([]byte, error) { +func limitedReadBody(req *http.Request, limit int64) ([]byte, error) { defer req.Body.Close() - return ioutil.ReadAll(req.Body) + if limit <= 0 { + return ioutil.ReadAll(req.Body) + } + lr := &io.LimitedReader{ + R: req.Body, + N: limit + 1, + } + data, err := ioutil.ReadAll(lr) + if err != nil { + return nil, err + } + if lr.N <= 0 { + return nil, errors.NewRequestEntityTooLargeError(fmt.Sprintf("limit is %d", limit)) + } + return data, nil } func parseTimeout(str string) time.Duration { diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go index f6690f86950..9ebd06786e4 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go @@ -365,6 +365,7 @@ func (tc *patchTestCase) Run(t *testing.T) { creater := runtime.ObjectCreater(scheme) defaulter := runtime.ObjectDefaulter(scheme) convertor := runtime.UnsafeObjectConvertor(scheme) + objectInterfaces := &admission.SchemeBasedObjectInterfaces{scheme} kind := examplev1.SchemeGroupVersion.WithKind("Pod") resource := examplev1.SchemeGroupVersion.WithResource("pods") schemaReferenceObj := &examplev1.Pod{} @@ -441,6 +442,8 @@ func (tc *patchTestCase) Run(t *testing.T) { kind: kind, resource: resource, + objectInterfaces: objectInterfaces, + hubGroupVersion: hubVersion, createValidation: rest.ValidateAllObjectFunc, @@ -944,6 +947,6 @@ func (f mutateObjectUpdateFunc) Handles(operation admission.Operation) bool { return true } -func (f mutateObjectUpdateFunc) Admit(a admission.Attributes) (err error) { +func (f mutateObjectUpdateFunc) Admit(a admission.Attributes, o admission.ObjectInterfaces) (err error) { return f(a.GetObject(), a.GetOldObject()) } diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/update.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/update.go index 7289d9495f1..e55d87092fb 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/update.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/update.go @@ -70,7 +70,7 @@ func UpdateResource(r rest.Updater, scope RequestScope, admit admission.Interfac return } - body, err := readBody(req) + body, err := limitedReadBody(req, scope.MaxRequestBodyBytes) if err != nil { scope.err(err, w, req) return @@ -138,11 +138,11 @@ func UpdateResource(r rest.Updater, scope RequestScope, admit admission.Interfac return nil, fmt.Errorf("unexpected error when extracting UID from oldObj: %v", err.Error()) } else if !isNotZeroObject { if mutatingAdmission.Handles(admission.Create) { - return newObj, mutatingAdmission.Admit(admission.NewAttributesRecord(newObj, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Create, dryrun.IsDryRun(options.DryRun), userInfo)) + return newObj, mutatingAdmission.Admit(admission.NewAttributesRecord(newObj, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Create, dryrun.IsDryRun(options.DryRun), userInfo), &scope) } } else { if mutatingAdmission.Handles(admission.Update) { - return newObj, mutatingAdmission.Admit(admission.NewAttributesRecord(newObj, oldObj, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Update, dryrun.IsDryRun(options.DryRun), userInfo)) + return newObj, mutatingAdmission.Admit(admission.NewAttributesRecord(newObj, oldObj, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Update, dryrun.IsDryRun(options.DryRun), userInfo), &scope) } } return newObj, nil @@ -172,11 +172,11 @@ func UpdateResource(r rest.Updater, scope RequestScope, admit admission.Interfac rest.DefaultUpdatedObjectInfo(obj, transformers...), withAuthorization(rest.AdmissionToValidateObjectFunc( admit, - admission.NewAttributesRecord(nil, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Create, dryrun.IsDryRun(options.DryRun), userInfo)), + admission.NewAttributesRecord(nil, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Create, dryrun.IsDryRun(options.DryRun), userInfo), &scope), scope.Authorizer, createAuthorizerAttributes), rest.AdmissionToValidateObjectUpdateFunc( admit, - admission.NewAttributesRecord(nil, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Update, dryrun.IsDryRun(options.DryRun), userInfo)), + admission.NewAttributesRecord(nil, nil, scope.Kind, namespace, name, scope.Resource, scope.Subresource, admission.Update, dryrun.IsDryRun(options.DryRun), userInfo), &scope), false, options, ) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/installer.go b/staging/src/k8s.io/apiserver/pkg/endpoints/installer.go index 4b9650b5575..2b64cdc93a7 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/installer.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/installer.go @@ -411,7 +411,6 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag actions = appendIf(actions, action{"WATCH", "watch/" + itemPath, nameParams, namer, false}, isWatcher) actions = appendIf(actions, action{"CONNECT", itemPath, nameParams, namer, false}, isConnecter) actions = appendIf(actions, action{"CONNECT", itemPath + "/{path:*}", proxyParams, namer, false}, isConnecter && connectSubpath) - break default: namespaceParamName := "namespaces" // Handler for standard REST verbs (GET, PUT, POST and DELETE). @@ -467,7 +466,6 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag // DEPRECATED in 1.11 actions = appendIf(actions, action{"WATCHLIST", "watch/" + resource, params, namer, true}, allowWatchList) } - break } // Create Routes for the actions. @@ -513,6 +511,8 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag HubGroupVersion: schema.GroupVersion{Group: fqKindToRegister.Group, Version: runtime.APIVersionInternal}, MetaGroupVersion: metav1.SchemeGroupVersion, + + MaxRequestBodyBytes: a.group.MaxRequestBodyBytes, } if a.group.MetaGroupVersion != nil { reqScope.MetaGroupVersion = *a.group.MetaGroupVersion diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/OWNERS b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/OWNERS old mode 100755 new mode 100644 index f0706b3f104..33c780d7a6d --- a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - wojtek-t - jimmidyson diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/BUILD b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/BUILD index e525394ce62..639f52d7566 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/BUILD @@ -11,7 +11,6 @@ go_test( srcs = ["openapi_test.go"], embed = [":go_default_library"], deps = [ - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apiserver/pkg/endpoints/openapi/testing:go_default_library", "//vendor/github.com/go-openapi/spec:go_default_library", diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/OWNERS b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/OWNERS old mode 100755 new mode 100644 index 4126a6be36b..006f0125e18 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - mbohlool diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi.go b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi.go index e512f29b38c..e3bd028bbf9 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi.go @@ -108,6 +108,18 @@ func (s groupVersionKinds) Less(i, j int) bool { return s[i].Group < s[j].Group } +func (s groupVersionKinds) JSON() []interface{} { + j := []interface{}{} + for _, gvk := range s { + j = append(j, map[string]interface{}{ + "group": gvk.Group, + "version": gvk.Version, + "kind": gvk.Kind, + }) + } + return j +} + // DefinitionNamer is the type to customize OpenAPI definition name. type DefinitionNamer struct { typeGroupVersionKinds map[string]groupVersionKinds @@ -172,7 +184,7 @@ func NewDefinitionNamer(schemes ...*runtime.Scheme) *DefinitionNamer { func (d *DefinitionNamer) GetDefinitionName(name string) (string, spec.Extensions) { if groupVersionKinds, ok := d.typeGroupVersionKinds[name]; ok { return friendlyName(name), spec.Extensions{ - extensionGVK: []v1.GroupVersionKind(groupVersionKinds), + extensionGVK: groupVersionKinds.JSON(), } } return friendlyName(name), nil diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi_test.go index fb188fed0c7..0ebfedeaeba 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi_test.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/openapi/openapi_test.go @@ -23,7 +23,6 @@ import ( "github.com/go-openapi/spec" - "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" openapitesting "k8s.io/apiserver/pkg/endpoints/openapi/testing" ) @@ -58,13 +57,13 @@ func TestGetDefinitionName(t *testing.T) { namer := NewDefinitionNamer(s) n, e := namer.GetDefinitionName(typePkgName) assertEqual(t, typeFriendlyName, n) - assertEqual(t, e["x-kubernetes-group-version-kind"], []v1.GroupVersionKind{ - { - Group: "test", - Version: "v1", - Kind: "TestType", + assertEqual(t, []interface{}{ + map[string]interface{}{ + "group": "test", + "version": "v1", + "kind": "TestType", }, - }) + }, e["x-kubernetes-group-version-kind"]) n, e2 := namer.GetDefinitionName("test.com/another.Type") assertEqual(t, "com.test.another.Type", n) assertEqual(t, e2, spec.Extensions(nil)) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/request/OWNERS b/staging/src/k8s.io/apiserver/pkg/endpoints/request/OWNERS old mode 100755 new mode 100644 index 9d268c4d148..4da107c8c38 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/request/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/request/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sttts diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/testing/OWNERS b/staging/src/k8s.io/apiserver/pkg/endpoints/testing/OWNERS old mode 100755 new mode 100644 index 8ee0deffdab..90be719cc2b --- a/staging/src/k8s.io/apiserver/pkg/endpoints/testing/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/testing/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - wojtek-t diff --git a/staging/src/k8s.io/apiserver/pkg/features/OWNERS b/staging/src/k8s.io/apiserver/pkg/features/OWNERS index fe7b0144e0c..05b08249aed 100644 --- a/staging/src/k8s.io/apiserver/pkg/features/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/features/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - feature-approvers diff --git a/staging/src/k8s.io/apiserver/pkg/features/kube_features.go b/staging/src/k8s.io/apiserver/pkg/features/kube_features.go index 32a58fbad43..e99045896fb 100644 --- a/staging/src/k8s.io/apiserver/pkg/features/kube_features.go +++ b/staging/src/k8s.io/apiserver/pkg/features/kube_features.go @@ -88,6 +88,18 @@ const ( // // Server-side apply. Merging happens on the server. ServerSideApply utilfeature.Feature = "ServerSideApply" + + // owner: @ksubrmnn + // alpha: v1.14 + // + // Allows kube-proxy to run in Overlay mode for Windows + WinOverlay utilfeature.Feature = "WinOverlay" + + // owner: @ksubrmnn + // alpha: v1.14 + // + // Allows kube-proxy to create DSR loadbalancers for Windows + WinDSR utilfeature.Feature = "WinDSR" ) func init() { @@ -106,4 +118,6 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS APIListChunking: {Default: true, PreRelease: utilfeature.Beta}, DryRun: {Default: true, PreRelease: utilfeature.Beta}, ServerSideApply: {Default: false, PreRelease: utilfeature.Alpha}, + WinOverlay: {Default: false, PreRelease: utilfeature.Alpha}, + WinDSR: {Default: false, PreRelease: utilfeature.Alpha}, } diff --git a/staging/src/k8s.io/apiserver/pkg/registry/generic/OWNERS b/staging/src/k8s.io/apiserver/pkg/registry/generic/OWNERS old mode 100755 new mode 100644 index 75e139342b7..5f38d15b24b --- a/staging/src/k8s.io/apiserver/pkg/registry/generic/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/registry/generic/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - lavalamp diff --git a/staging/src/k8s.io/apiserver/pkg/registry/rest/BUILD b/staging/src/k8s.io/apiserver/pkg/registry/rest/BUILD index 7ad6f3b6fa8..3d801d7a8c2 100644 --- a/staging/src/k8s.io/apiserver/pkg/registry/rest/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/registry/rest/BUILD @@ -22,6 +22,7 @@ go_library( name = "go_default_library", srcs = [ "create.go", + "create_update.go", "delete.go", "doc.go", "export.go", diff --git a/staging/src/k8s.io/apiserver/pkg/registry/rest/OWNERS b/staging/src/k8s.io/apiserver/pkg/registry/rest/OWNERS old mode 100755 new mode 100644 index 6427750a9e9..98488d8114d --- a/staging/src/k8s.io/apiserver/pkg/registry/rest/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/registry/rest/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - smarterclayton diff --git a/staging/src/k8s.io/apiserver/pkg/registry/rest/create.go b/staging/src/k8s.io/apiserver/pkg/registry/rest/create.go index 7d0c4a1834a..cc3c9ce4bc5 100644 --- a/staging/src/k8s.io/apiserver/pkg/registry/rest/create.go +++ b/staging/src/k8s.io/apiserver/pkg/registry/rest/create.go @@ -160,7 +160,7 @@ type NamespaceScopedStrategy interface { } // AdmissionToValidateObjectFunc converts validating admission to a rest validate object func -func AdmissionToValidateObjectFunc(admit admission.Interface, staticAttributes admission.Attributes) ValidateObjectFunc { +func AdmissionToValidateObjectFunc(admit admission.Interface, staticAttributes admission.Attributes, o admission.ObjectInterfaces) ValidateObjectFunc { validatingAdmission, ok := admit.(admission.ValidationInterface) if !ok { return func(obj runtime.Object) error { return nil } @@ -181,6 +181,6 @@ func AdmissionToValidateObjectFunc(admit admission.Interface, staticAttributes a if !validatingAdmission.Handles(finalAttributes.GetOperation()) { return nil } - return validatingAdmission.Validate(finalAttributes) + return validatingAdmission.Validate(finalAttributes, o) } } diff --git a/staging/src/k8s.io/apiserver/pkg/registry/rest/create_update.go b/staging/src/k8s.io/apiserver/pkg/registry/rest/create_update.go new file mode 100644 index 00000000000..37d6c8f8ada --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/registry/rest/create_update.go @@ -0,0 +1,52 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package rest + +import ( + "context" + + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" +) + +// RESTCreateUpdateStrategy is a union of RESTUpdateStrategy and RESTCreateStrategy, +// and it defines the minimum validation, accepted input, and name generation +// behavior to create and update an object that follows Kubernetes API conventions. +type RESTCreateUpdateStrategy interface { + RESTCreateStrategy + // AllowCreateOnUpdate returns true if the object can be created by a PUT. + AllowCreateOnUpdate() bool + // PrepareForUpdate is invoked on update before validation to normalize + // the object. For example: remove fields that are not to be persisted, + // sort order-insensitive list fields, etc. This should not remove fields + // whose presence would be considered a validation error. + PrepareForUpdate(ctx context.Context, obj, old runtime.Object) + // ValidateUpdate is invoked after default fields in the object have been + // filled in before the object is persisted. This method should not mutate + // the object. + ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList + // AllowUnconditionalUpdate returns true if the object can be updated + // unconditionally (irrespective of the latest resource version), when + // there is no resource version specified in the object. + AllowUnconditionalUpdate() bool +} + +// Ensure that RESTCreateUpdateStrategy extends RESTCreateStrategy +var _ RESTCreateStrategy = (RESTCreateUpdateStrategy)(nil) + +// Ensure that RESTCreateUpdateStrategy extends RESTUpdateStrategy +var _ RESTUpdateStrategy = (RESTCreateUpdateStrategy)(nil) diff --git a/staging/src/k8s.io/apiserver/pkg/registry/rest/update.go b/staging/src/k8s.io/apiserver/pkg/registry/rest/update.go index 290b016f427..d214e7e6a8f 100644 --- a/staging/src/k8s.io/apiserver/pkg/registry/rest/update.go +++ b/staging/src/k8s.io/apiserver/pkg/registry/rest/update.go @@ -256,7 +256,7 @@ func (i *wrappedUpdatedObjectInfo) UpdatedObject(ctx context.Context, oldObj run } // AdmissionToValidateObjectUpdateFunc converts validating admission to a rest validate object update func -func AdmissionToValidateObjectUpdateFunc(admit admission.Interface, staticAttributes admission.Attributes) ValidateObjectUpdateFunc { +func AdmissionToValidateObjectUpdateFunc(admit admission.Interface, staticAttributes admission.Attributes, o admission.ObjectInterfaces) ValidateObjectUpdateFunc { validatingAdmission, ok := admit.(admission.ValidationInterface) if !ok { return func(obj, old runtime.Object) error { return nil } @@ -277,6 +277,6 @@ func AdmissionToValidateObjectUpdateFunc(admit admission.Interface, staticAttrib if !validatingAdmission.Handles(finalAttributes.GetOperation()) { return nil } - return validatingAdmission.Validate(finalAttributes) + return validatingAdmission.Validate(finalAttributes, o) } } diff --git a/staging/src/k8s.io/apiserver/pkg/server/BUILD b/staging/src/k8s.io/apiserver/pkg/server/BUILD index 18f319fd31a..80afc805f86 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/server/BUILD @@ -108,12 +108,14 @@ go_library( "//staging/src/k8s.io/component-base/logs:go_default_library", "//vendor/github.com/coreos/go-systemd/daemon:go_default_library", "//vendor/github.com/emicklei/go-restful:go_default_library", + "//vendor/github.com/evanphx/json-patch:go_default_library", "//vendor/github.com/go-openapi/spec:go_default_library", "//vendor/github.com/pborman/uuid:go_default_library", "//vendor/golang.org/x/net/http2:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/builder:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library", + "//vendor/k8s.io/kube-openapi/pkg/handler:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/util:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/util/proto:go_default_library", ], diff --git a/staging/src/k8s.io/apiserver/pkg/server/config.go b/staging/src/k8s.io/apiserver/pkg/server/config.go index da5b28a30e2..75d1276c476 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/config.go +++ b/staging/src/k8s.io/apiserver/pkg/server/config.go @@ -26,8 +26,10 @@ import ( "sort" "strconv" "strings" + "sync/atomic" "time" + jsonpatch "github.com/evanphx/json-patch" "github.com/go-openapi/spec" "github.com/pborman/uuid" "k8s.io/klog" @@ -153,6 +155,13 @@ type Config struct { // If specified, long running requests such as watch will be allocated a random timeout between this value, and // twice this value. Note that it is up to the request handlers to ignore or honor this timeout. In seconds. MinRequestTimeout int + // The limit on the total size increase all "copy" operations in a json + // patch may cause. + // This affects all places that applies json patch in the binary. + JSONPatchMaxCopyBytes int64 + // The limit on the request body size that would be accepted and decoded in a write request. + // 0 means no limit. + MaxRequestBodyBytes int64 // MaxRequestsInFlight is the maximum number of parallel non-long-running requests. Every further // request has to wait. Applies only to non-mutating requests. MaxRequestsInFlight int @@ -243,20 +252,36 @@ type AuthorizationInfo struct { // NewConfig returns a Config struct with the default values func NewConfig(codecs serializer.CodecFactory) *Config { return &Config{ - Serializer: codecs, - BuildHandlerChainFunc: DefaultBuildHandlerChain, - HandlerChainWaitGroup: new(utilwaitgroup.SafeWaitGroup), - LegacyAPIGroupPrefixes: sets.NewString(DefaultLegacyAPIPrefix), - DisabledPostStartHooks: sets.NewString(), - HealthzChecks: []healthz.HealthzChecker{healthz.PingHealthz, healthz.LogHealthz}, - EnableIndex: true, - EnableDiscovery: true, - EnableProfiling: true, - EnableMetrics: true, - MaxRequestsInFlight: 400, - MaxMutatingRequestsInFlight: 200, - RequestTimeout: time.Duration(60) * time.Second, - MinRequestTimeout: 1800, + Serializer: codecs, + BuildHandlerChainFunc: DefaultBuildHandlerChain, + HandlerChainWaitGroup: new(utilwaitgroup.SafeWaitGroup), + LegacyAPIGroupPrefixes: sets.NewString(DefaultLegacyAPIPrefix), + DisabledPostStartHooks: sets.NewString(), + HealthzChecks: []healthz.HealthzChecker{healthz.PingHealthz, healthz.LogHealthz}, + EnableIndex: true, + EnableDiscovery: true, + EnableProfiling: true, + EnableMetrics: true, + MaxRequestsInFlight: 400, + MaxMutatingRequestsInFlight: 200, + RequestTimeout: time.Duration(60) * time.Second, + MinRequestTimeout: 1800, + // 10MB is the recommended maximum client request size in bytes + // the etcd server should accept. See + // https://github.com/etcd-io/etcd/blob/release-3.3/etcdserver/server.go#L90. + // A request body might be encoded in json, and is converted to + // proto when persisted in etcd. Assuming the upper bound of + // the size ratio is 10:1, we set 100MB as the largest size + // increase the "copy" operations in a json patch may cause. + JSONPatchMaxCopyBytes: int64(100 * 1024 * 1024), + // 10MB is the recommended maximum client request size in bytes + // the etcd server should accept. See + // https://github.com/etcd-io/etcd/blob/release-3.3/etcdserver/server.go#L90. + // A request body might be encoded in json, and is converted to + // proto when persisted in etcd. Assuming the upper bound of + // the size ratio is 10:1, we set 100MB as the largest request + // body size to be accepted and decoded in a write request. + MaxRequestBodyBytes: int64(100 * 1024 * 1024), EnableAPIResponseCompression: utilfeature.DefaultFeatureGate.Enabled(features.APIResponseCompression), // Default to treating watch as a long-running operation @@ -449,6 +474,20 @@ func (c completedConfig) New(name string, delegationTarget DelegationTarget) (*G DiscoveryGroupManager: discovery.NewRootAPIsHandler(c.DiscoveryAddresses, c.Serializer), enableAPIResponseCompression: c.EnableAPIResponseCompression, + maxRequestBodyBytes: c.MaxRequestBodyBytes, + } + + for { + if c.JSONPatchMaxCopyBytes <= 0 { + break + } + existing := atomic.LoadInt64(&jsonpatch.AccumulatedCopySizeLimit) + if existing > 0 && existing < c.JSONPatchMaxCopyBytes { + break + } + if atomic.CompareAndSwapInt64(&jsonpatch.AccumulatedCopySizeLimit, existing, c.JSONPatchMaxCopyBytes) { + break + } } for k, v := range delegationTarget.PostStartHooks() { diff --git a/staging/src/k8s.io/apiserver/pkg/server/config_test.go b/staging/src/k8s.io/apiserver/pkg/server/config_test.go index 524b791388a..9a6fded8475 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/config_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/config_test.go @@ -57,7 +57,7 @@ func TestNewWithDelegate(t *testing.T) { }) delegatePostStartHookChan := make(chan struct{}) - delegateServer.AddPostStartHook("delegate-post-start-hook", func(context PostStartHookContext) error { + delegateServer.AddPostStartHookOrDie("delegate-post-start-hook", func(context PostStartHookContext) error { defer close(delegatePostStartHookChan) return nil }) @@ -85,7 +85,7 @@ func TestNewWithDelegate(t *testing.T) { }) wrappingPostStartHookChan := make(chan struct{}) - wrappingServer.AddPostStartHook("wrapping-post-start-hook", func(context PostStartHookContext) error { + wrappingServer.AddPostStartHookOrDie("wrapping-post-start-hook", func(context PostStartHookContext) error { defer close(wrappingPostStartHookChan) return nil }) diff --git a/staging/src/k8s.io/apiserver/pkg/server/filters/OWNERS b/staging/src/k8s.io/apiserver/pkg/server/filters/OWNERS old mode 100755 new mode 100644 index 121af9571f4..c5f73991a31 --- a/staging/src/k8s.io/apiserver/pkg/server/filters/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/server/filters/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sttts - dims diff --git a/staging/src/k8s.io/apiserver/pkg/server/genericapiserver.go b/staging/src/k8s.io/apiserver/pkg/server/genericapiserver.go index 3974bf9b5e9..450488e13dc 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/genericapiserver.go +++ b/staging/src/k8s.io/apiserver/pkg/server/genericapiserver.go @@ -25,6 +25,7 @@ import ( "time" systemd "github.com/coreos/go-systemd/daemon" + "github.com/go-openapi/spec" "k8s.io/klog" "k8s.io/apimachinery/pkg/api/meta" @@ -46,6 +47,7 @@ import ( restclient "k8s.io/client-go/rest" openapibuilder "k8s.io/kube-openapi/pkg/builder" openapicommon "k8s.io/kube-openapi/pkg/common" + "k8s.io/kube-openapi/pkg/handler" openapiutil "k8s.io/kube-openapi/pkg/util" openapiproto "k8s.io/kube-openapi/pkg/util/proto" ) @@ -122,6 +124,14 @@ type GenericAPIServer struct { // Enable swagger and/or OpenAPI if these configs are non-nil. openAPIConfig *openapicommon.Config + // OpenAPIVersionedService controls the /openapi/v2 endpoint, and can be used to update the served spec. + // It is set during PrepareRun. + OpenAPIVersionedService *handler.OpenAPIService + + // StaticOpenAPISpec is the spec derived from the restful container endpoints. + // It is set during PrepareRun. + StaticOpenAPISpec *spec.Swagger + // PostStartHooks are each called after the server has started listening, in a separate go func for each // with no guarantee of ordering between them. The map key is a name used for error reporting. // It may kill the process with a panic if it wishes to by returning an error. @@ -156,6 +166,10 @@ type GenericAPIServer struct { // HandlerChainWaitGroup allows you to wait for all chain handlers finish after the server shutdown. HandlerChainWaitGroup *utilwaitgroup.SafeWaitGroup + + // The limit on the request body size that would be accepted and decoded in a write request. + // 0 means no limit. + maxRequestBodyBytes int64 } // DelegationTarget is an interface which allows for composition of API servers with top level handling that works @@ -235,7 +249,7 @@ type preparedGenericAPIServer struct { // PrepareRun does post API installation setup steps. func (s *GenericAPIServer) PrepareRun() preparedGenericAPIServer { if s.openAPIConfig != nil { - routes.OpenAPI{ + s.OpenAPIVersionedService, s.StaticOpenAPISpec = routes.OpenAPI{ Config: s.openAPIConfig, }.Install(s.Handler.GoRestfulContainer, s.Handler.NonGoRestfulMux) } @@ -336,6 +350,7 @@ func (s *GenericAPIServer) installAPIResources(apiPrefix string, apiGroupInfo *A apiGroupVersion.OptionsExternalVersion = apiGroupInfo.OptionsExternalVersion } apiGroupVersion.OpenAPIModels = openAPIModels + apiGroupVersion.MaxRequestBodyBytes = s.maxRequestBodyBytes if err := apiGroupVersion.InstallREST(s.Handler.GoRestfulContainer); err != nil { return fmt.Errorf("unable to setup API %v: %v", apiGroupInfo, err) diff --git a/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go b/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go index df6b0203ca2..c63953500e3 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go @@ -31,6 +31,7 @@ import ( "testing" "time" + "github.com/go-openapi/spec" openapi "github.com/go-openapi/spec" "github.com/stretchr/testify/assert" @@ -89,18 +90,18 @@ func buildTestOpenAPIDefinition() kubeopenapi.OpenAPIDefinition { }, VendorExtensible: openapi.VendorExtensible{ Extensions: openapi.Extensions{ - "x-kubernetes-group-version-kind": []map[string]string{ - { + "x-kubernetes-group-version-kind": []interface{}{ + map[string]interface{}{ "group": "", "version": "v1", "kind": "Getter", }, - { + map[string]interface{}{ "group": "batch", "version": "v1", "kind": "Getter", }, - { + map[string]interface{}{ "group": "extensions", "version": "v1", "kind": "Getter", @@ -338,6 +339,46 @@ func TestPrepareRun(t *testing.T) { assert.Equal(http.StatusOK, resp.StatusCode) } +func TestUpdateOpenAPISpec(t *testing.T) { + s, _, assert := newMaster(t) + s.PrepareRun() + s.RunPostStartHooks(make(chan struct{})) + + server := httptest.NewServer(s.Handler.Director) + defer server.Close() + + // verify the static spec in record is what we currently serve + oldSpec, err := json.Marshal(s.StaticOpenAPISpec) + assert.NoError(err) + + resp, err := http.Get(server.URL + "/openapi/v2") + assert.NoError(err) + assert.Equal(http.StatusOK, resp.StatusCode) + + body, err := ioutil.ReadAll(resp.Body) + assert.NoError(err) + assert.Equal(oldSpec, body) + resp.Body.Close() + + // verify we are able to update the served spec using the exposed service + newSpec := []byte(`{"swagger":"2.0","info":{"title":"Test Updated Generic API Server Swagger","version":"v0.1.0"},"paths":null}`) + swagger := new(spec.Swagger) + err = json.Unmarshal(newSpec, swagger) + assert.NoError(err) + + err = s.OpenAPIVersionedService.UpdateSpec(swagger) + assert.NoError(err) + + resp, err = http.Get(server.URL + "/openapi/v2") + assert.NoError(err) + defer resp.Body.Close() + assert.Equal(http.StatusOK, resp.StatusCode) + + body, err = ioutil.ReadAll(resp.Body) + assert.NoError(err) + assert.Equal(newSpec, body) +} + // TestCustomHandlerChain verifies the handler chain with custom handler chain builder functions. func TestCustomHandlerChain(t *testing.T) { config, _ := setUp(t) diff --git a/staging/src/k8s.io/apiserver/pkg/server/hooks.go b/staging/src/k8s.io/apiserver/pkg/server/hooks.go index 921255218bc..593e5b8a53c 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/hooks.go +++ b/staging/src/k8s.io/apiserver/pkg/server/hooks.go @@ -92,7 +92,9 @@ func (s *GenericAPIServer) AddPostStartHook(name string, hook PostStartHookFunc) // done is closed when the poststarthook is finished. This is used by the health check to be able to indicate // that the poststarthook is finished done := make(chan struct{}) - s.AddHealthzChecks(postStartHookHealthz{name: "poststarthook/" + name, done: done}) + if err := s.AddHealthzChecks(postStartHookHealthz{name: "poststarthook/" + name, done: done}); err != nil { + return err + } s.postStartHooks[name] = postStartHookEntry{hook: hook, done: done} return nil diff --git a/staging/src/k8s.io/apiserver/pkg/server/mux/OWNERS b/staging/src/k8s.io/apiserver/pkg/server/mux/OWNERS old mode 100755 new mode 100644 index 9d268c4d148..4da107c8c38 --- a/staging/src/k8s.io/apiserver/pkg/server/mux/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/server/mux/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sttts diff --git a/staging/src/k8s.io/apiserver/pkg/server/mux/pathrecorder.go b/staging/src/k8s.io/apiserver/pkg/server/mux/pathrecorder.go index 16857cc8a6b..74ed8f6776a 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/mux/pathrecorder.go +++ b/staging/src/k8s.io/apiserver/pkg/server/mux/pathrecorder.go @@ -55,7 +55,7 @@ type PathRecorderMux struct { pathStacks map[string]string } -// pathHandler is an http.Handler that will satify requests first by exact match, then by prefix, +// pathHandler is an http.Handler that will satisfy requests first by exact match, then by prefix, // then by notFoundHandler type pathHandler struct { // muxName is used for logging so you can trace requests through diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/BUILD b/staging/src/k8s.io/apiserver/pkg/server/options/BUILD index f8859d1f224..98cb4b2934f 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/server/options/BUILD @@ -62,7 +62,6 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/webhook:go_default_library", "//staging/src/k8s.io/apiserver/plugin/pkg/audit/buffered:go_default_library", "//staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic:go_default_library", @@ -76,6 +75,7 @@ go_library( "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", "//staging/src/k8s.io/client-go/util/cert:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/pborman/uuid:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/gopkg.in/natefinch/lumberjack.v2:go_default_library", @@ -113,12 +113,12 @@ go_test( "//staging/src/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature/testing:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/discovery:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd/api/v1:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/github.com/stretchr/testify/assert:go_default_library", "//vendor/github.com/stretchr/testify/require:go_default_library", diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/OWNERS b/staging/src/k8s.io/apiserver/pkg/server/options/OWNERS old mode 100755 new mode 100644 index 9d6b439de8d..0e84109d7d4 --- a/staging/src/k8s.io/apiserver/pkg/server/options/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/server/options/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - wojtek-t diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go index 09d4854141a..d07180f9a57 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go @@ -61,6 +61,8 @@ type AdmissionOptions struct { ConfigFile string // Plugins contains all registered plugins. Plugins *admission.Plugins + // Decorators is a list of admission decorator to wrap around the admission plugins + Decorators admission.Decorators } // NewAdmissionOptions creates a new instance of AdmissionOptions @@ -73,7 +75,8 @@ type AdmissionOptions struct { // Servers that do care can overwrite/append that field after creation. func NewAdmissionOptions() *AdmissionOptions { options := &AdmissionOptions{ - Plugins: admission.NewPlugins(), + Plugins: admission.NewPlugins(), + Decorators: admission.Decorators{admission.DecoratorFunc(admissionmetrics.WithControllerMetrics)}, // This list is mix of mutating admission plugins and validating // admission plugins. The apiserver always runs the validating ones // after all the mutating ones, so their relative order in this list @@ -114,18 +117,12 @@ func (a *AdmissionOptions) ApplyTo( c *server.Config, informers informers.SharedInformerFactory, kubeAPIServerClientConfig *rest.Config, - scheme *runtime.Scheme, pluginInitializers ...admission.PluginInitializer, ) error { if a == nil { return nil } - // Admission need scheme to construct admission initializer. - if scheme == nil { - return fmt.Errorf("admission depends on a scheme, it cannot be nil") - } - // Admission depends on CoreAPI to set SharedInformerFactory and ClientConfig. if informers == nil { return fmt.Errorf("admission depends on a Kubernetes core API shared informer, it cannot be nil") @@ -142,12 +139,12 @@ func (a *AdmissionOptions) ApplyTo( if err != nil { return err } - genericInitializer := initializer.New(clientset, informers, c.Authorization.Authorizer, scheme) + genericInitializer := initializer.New(clientset, informers, c.Authorization.Authorizer) initializersChain := admission.PluginInitializers{} pluginInitializers = append(pluginInitializers, genericInitializer) initializersChain = append(initializersChain, pluginInitializers...) - admissionChain, err := a.Plugins.NewFromPlugins(pluginNames, pluginsConfigProvider, initializersChain, admission.DecoratorFunc(admissionmetrics.WithControllerMetrics)) + admissionChain, err := a.Plugins.NewFromPlugins(pluginNames, pluginsConfigProvider, initializersChain, a.Decorators) if err != nil { return err } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement.go b/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement.go index 71eda2981a6..65f143bf0d7 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement.go @@ -25,18 +25,18 @@ import ( "k8s.io/apiserver/pkg/server" "k8s.io/apiserver/pkg/server/resourceconfig" serverstore "k8s.io/apiserver/pkg/server/storage" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" ) // APIEnablementOptions contains the options for which resources to turn on and off. // Given small aggregated API servers, this option isn't required for "normal" API servers type APIEnablementOptions struct { - RuntimeConfig utilflag.ConfigurationMap + RuntimeConfig cliflag.ConfigurationMap } func NewAPIEnablementOptions() *APIEnablementOptions { return &APIEnablementOptions{ - RuntimeConfig: make(utilflag.ConfigurationMap), + RuntimeConfig: make(cliflag.ConfigurationMap), } } @@ -84,6 +84,7 @@ func (s *APIEnablementOptions) Validate(registries ...GroupRegisty) []error { // ApplyTo override MergedResourceConfig with defaults and registry func (s *APIEnablementOptions) ApplyTo(c *server.Config, defaultResourceConfig *serverstore.ResourceConfig, registry resourceconfig.GroupVersionRegistry) error { + if s == nil { return nil } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement_test.go b/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement_test.go index e08fcd2a1fb..fb146bf28bc 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/api_enablement_test.go @@ -21,7 +21,7 @@ import ( "testing" utilerrors "k8s.io/apimachinery/pkg/util/errors" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" ) type fakeGroupRegisty struct{} @@ -42,28 +42,28 @@ func TestAPIEnablementOptionsValidate(t *testing.T) { { name: "test when invalid key with only api/all=false", testOptions: &APIEnablementOptions{ - RuntimeConfig: utilflag.ConfigurationMap{"api/all": "false"}, + RuntimeConfig: cliflag.ConfigurationMap{"api/all": "false"}, }, expectErr: "invalid key with only api/all=false", }, { name: "test when ConfigurationMap key is invalid", testOptions: &APIEnablementOptions{ - RuntimeConfig: utilflag.ConfigurationMap{"apiall": "false"}, + RuntimeConfig: cliflag.ConfigurationMap{"apiall": "false"}, }, expectErr: "runtime-config invalid key", }, { name: "test when unknown api groups", testOptions: &APIEnablementOptions{ - RuntimeConfig: utilflag.ConfigurationMap{"api/v1": "true"}, + RuntimeConfig: cliflag.ConfigurationMap{"api/v1": "true"}, }, expectErr: "unknown api groups", }, { name: "test when valid api groups", testOptions: &APIEnablementOptions{ - RuntimeConfig: utilflag.ConfigurationMap{"apiregistration.k8s.io/v1beta1": "true"}, + RuntimeConfig: cliflag.ConfigurationMap{"apiregistration.k8s.io/v1beta1": "true"}, }, }, } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go b/staging/src/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go index c0dc8d96435..79a13f746fb 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go @@ -69,11 +69,13 @@ func (s *DeprecatedInsecureServingOptions) AddFlags(fs *pflag.FlagSet) { fs.IPVar(&s.BindAddress, "insecure-bind-address", s.BindAddress, ""+ "The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces).") + // Though this flag is deprecated, we discovered security concerns over how to do health checks without it e.g. #43784 fs.MarkDeprecated("insecure-bind-address", "This flag will be removed in a future version.") fs.Lookup("insecure-bind-address").Hidden = false fs.IntVar(&s.BindPort, "insecure-port", s.BindPort, ""+ "The port on which to serve unsecured, unauthenticated access.") + // Though this flag is deprecated, we discovered security concerns over how to do health checks without it e.g. #43784 fs.MarkDeprecated("insecure-port", "This flag will be removed in a future version.") fs.Lookup("insecure-port").Hidden = false } @@ -130,7 +132,8 @@ func (o *DeprecatedInsecureServingOptions) WithLoopback() *DeprecatedInsecureSer } // DeprecatedInsecureServingOptionsWithLoopback adds loopback functionality to the DeprecatedInsecureServingOptions. -// DEPRECATED: all insecure serving options are removed in a future version +// DEPRECATED: all insecure serving options will be removed in a future version, however note that +// there are security concerns over how health checks can work here - see e.g. #43784 type DeprecatedInsecureServingOptionsWithLoopback struct { *DeprecatedInsecureServingOptions } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/OWNERS b/staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/OWNERS index 498b470c9bf..71edc3ecdcc 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-encryption-at-rest-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go index 500d578d6bd..631b4f43e39 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go @@ -82,9 +82,8 @@ func (o *RecommendedOptions) AddFlags(fs *pflag.FlagSet) { } // ApplyTo adds RecommendedOptions to the server configuration. -// scheme is the scheme of the apiserver types that are sent to the admission chain. // pluginInitializers can be empty, it is only need for additional initializers. -func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig, scheme *runtime.Scheme) error { +func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig) error { if err := o.Etcd.ApplyTo(&config.Config); err != nil { return err } @@ -108,7 +107,7 @@ func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig, scheme *r } if initializers, err := o.ExtraAdmissionInitializers(config); err != nil { return err - } else if err := o.Admission.ApplyTo(&config.Config, config.SharedInformerFactory, config.ClientConfig, scheme, initializers...); err != nil { + } else if err := o.Admission.ApplyTo(&config.Config, config.SharedInformerFactory, config.ClientConfig, initializers...); err != nil { return err } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options.go b/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options.go index 2884f853ff6..02639bf93b9 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options.go @@ -42,7 +42,15 @@ type ServerRunOptions struct { MaxMutatingRequestsInFlight int RequestTimeout time.Duration MinRequestTimeout int - TargetRAMMB int + // We intentionally did not add a flag for this option. Users of the + // apiserver library can wire it to a flag. + JSONPatchMaxCopyBytes int64 + // The limit on the request body size that would be accepted and + // decoded in a write request. 0 means no limit. + // We intentionally did not add a flag for this option. Users of the + // apiserver library can wire it to a flag. + MaxRequestBodyBytes int64 + TargetRAMMB int } func NewServerRunOptions() *ServerRunOptions { @@ -52,6 +60,8 @@ func NewServerRunOptions() *ServerRunOptions { MaxMutatingRequestsInFlight: defaults.MaxMutatingRequestsInFlight, RequestTimeout: defaults.RequestTimeout, MinRequestTimeout: defaults.MinRequestTimeout, + JSONPatchMaxCopyBytes: defaults.JSONPatchMaxCopyBytes, + MaxRequestBodyBytes: defaults.MaxRequestBodyBytes, } } @@ -63,6 +73,8 @@ func (s *ServerRunOptions) ApplyTo(c *server.Config) error { c.MaxMutatingRequestsInFlight = s.MaxMutatingRequestsInFlight c.RequestTimeout = s.RequestTimeout c.MinRequestTimeout = s.MinRequestTimeout + c.JSONPatchMaxCopyBytes = s.JSONPatchMaxCopyBytes + c.MaxRequestBodyBytes = s.MaxRequestBodyBytes c.PublicAddress = s.AdvertiseAddress return nil @@ -107,10 +119,18 @@ func (s *ServerRunOptions) Validate() []error { errors = append(errors, fmt.Errorf("--min-request-timeout can not be negative value")) } + if s.JSONPatchMaxCopyBytes < 0 { + errors = append(errors, fmt.Errorf("--json-patch-max-copy-bytes can not be negative value")) + } + + if s.MaxRequestBodyBytes < 0 { + errors = append(errors, fmt.Errorf("--max-resource-write-bytes can not be negative value")) + } + return errors } -// AddFlags adds flags for a specific APIServer to the specified FlagSet +// AddUniversalFlags adds flags for a specific APIServer to the specified FlagSet func (s *ServerRunOptions) AddUniversalFlags(fs *pflag.FlagSet) { // Note: the weird ""+ in below lines seems to be the only way to get gofmt to // arrange these text blocks sensibly. Grrr. diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options_test.go b/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options_test.go index 0fd69b4eb01..bb7e618230e 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/server_run_options_test.go @@ -40,6 +40,8 @@ func TestServerRunOptionsValidate(t *testing.T) { MaxMutatingRequestsInFlight: 200, RequestTimeout: time.Duration(2) * time.Minute, MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: 10 * 1024 * 1024, + MaxRequestBodyBytes: 10 * 1024 * 1024, TargetRAMMB: -65536, }, expectErr: "--target-ram-mb can not be negative value", @@ -53,6 +55,8 @@ func TestServerRunOptionsValidate(t *testing.T) { MaxMutatingRequestsInFlight: 200, RequestTimeout: time.Duration(2) * time.Minute, MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: 10 * 1024 * 1024, + MaxRequestBodyBytes: 10 * 1024 * 1024, TargetRAMMB: 65536, }, expectErr: "--max-requests-inflight can not be negative value", @@ -66,6 +70,8 @@ func TestServerRunOptionsValidate(t *testing.T) { MaxMutatingRequestsInFlight: -200, RequestTimeout: time.Duration(2) * time.Minute, MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: 10 * 1024 * 1024, + MaxRequestBodyBytes: 10 * 1024 * 1024, TargetRAMMB: 65536, }, expectErr: "--max-mutating-requests-inflight can not be negative value", @@ -79,6 +85,8 @@ func TestServerRunOptionsValidate(t *testing.T) { MaxMutatingRequestsInFlight: 200, RequestTimeout: -time.Duration(2) * time.Minute, MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: 10 * 1024 * 1024, + MaxRequestBodyBytes: 10 * 1024 * 1024, TargetRAMMB: 65536, }, expectErr: "--request-timeout can not be negative value", @@ -92,10 +100,42 @@ func TestServerRunOptionsValidate(t *testing.T) { MaxMutatingRequestsInFlight: 200, RequestTimeout: time.Duration(2) * time.Minute, MinRequestTimeout: -1800, + JSONPatchMaxCopyBytes: 10 * 1024 * 1024, + MaxRequestBodyBytes: 10 * 1024 * 1024, TargetRAMMB: 65536, }, expectErr: "--min-request-timeout can not be negative value", }, + { + name: "Test when JSONPatchMaxCopyBytes is negative value", + testOptions: &ServerRunOptions{ + AdvertiseAddress: net.ParseIP("192.168.10.10"), + CorsAllowedOriginList: []string{"10.10.10.100", "10.10.10.200"}, + MaxRequestsInFlight: 400, + MaxMutatingRequestsInFlight: 200, + RequestTimeout: time.Duration(2) * time.Minute, + MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: -10 * 1024 * 1024, + MaxRequestBodyBytes: 10 * 1024 * 1024, + TargetRAMMB: 65536, + }, + expectErr: "--json-patch-max-copy-bytes can not be negative value", + }, + { + name: "Test when MaxRequestBodyBytes is negative value", + testOptions: &ServerRunOptions{ + AdvertiseAddress: net.ParseIP("192.168.10.10"), + CorsAllowedOriginList: []string{"10.10.10.100", "10.10.10.200"}, + MaxRequestsInFlight: 400, + MaxMutatingRequestsInFlight: 200, + RequestTimeout: time.Duration(2) * time.Minute, + MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: 10 * 1024 * 1024, + MaxRequestBodyBytes: -10 * 1024 * 1024, + TargetRAMMB: 65536, + }, + expectErr: "--max-resource-write-bytes can not be negative value", + }, { name: "Test when ServerRunOptions is valid", testOptions: &ServerRunOptions{ @@ -105,6 +145,8 @@ func TestServerRunOptionsValidate(t *testing.T) { MaxMutatingRequestsInFlight: 200, RequestTimeout: time.Duration(2) * time.Minute, MinRequestTimeout: 1800, + JSONPatchMaxCopyBytes: 10 * 1024 * 1024, + MaxRequestBodyBytes: 10 * 1024 * 1024, TargetRAMMB: 65536, }, }, diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/serving.go b/staging/src/k8s.io/apiserver/pkg/server/options/serving.go index 939e05741da..605bf1a6d2e 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/serving.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/serving.go @@ -29,8 +29,8 @@ import ( utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apiserver/pkg/server" - utilflag "k8s.io/apiserver/pkg/util/flag" certutil "k8s.io/client-go/util/cert" + cliflag "k8s.io/component-base/cli/flag" ) type SecureServingOptions struct { @@ -54,7 +54,7 @@ type SecureServingOptions struct { // ServerCert is the TLS cert info for serving secure traffic ServerCert GeneratableKeyCert // SNICertKeys are named CertKeys for serving secure traffic with SNI support. - SNICertKeys []utilflag.NamedCertKey + SNICertKeys []cliflag.NamedCertKey // CipherSuites is the list of allowed cipher suites for the server. // Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). CipherSuites []string @@ -165,18 +165,18 @@ func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet) { fs.StringVar(&s.ServerCert.CertKey.KeyFile, "tls-private-key-file", s.ServerCert.CertKey.KeyFile, "File containing the default x509 private key matching --tls-cert-file.") - tlsCipherPossibleValues := utilflag.TLSCipherPossibleValues() + tlsCipherPossibleValues := cliflag.TLSCipherPossibleValues() fs.StringSliceVar(&s.CipherSuites, "tls-cipher-suites", s.CipherSuites, "Comma-separated list of cipher suites for the server. "+ "If omitted, the default Go cipher suites will be use. "+ "Possible values: "+strings.Join(tlsCipherPossibleValues, ",")) - tlsPossibleVersions := utilflag.TLSPossibleVersions() + tlsPossibleVersions := cliflag.TLSPossibleVersions() fs.StringVar(&s.MinTLSVersion, "tls-min-version", s.MinTLSVersion, "Minimum TLS version supported. "+ "Possible values: "+strings.Join(tlsPossibleVersions, ", ")) - fs.Var(utilflag.NewNamedCertKeyArray(&s.SNICertKeys), "tls-sni-cert-key", ""+ + fs.Var(cliflag.NewNamedCertKeyArray(&s.SNICertKeys), "tls-sni-cert-key", ""+ "A pair of x509 certificate and private key file paths, optionally suffixed with a list of "+ "domain patterns which are fully qualified domain names, possibly with prefixed wildcard "+ "segments. If no domain patterns are provided, the names of the certificate are "+ @@ -234,7 +234,7 @@ func (s *SecureServingOptions) ApplyTo(config **server.SecureServingInfo) error } if len(s.CipherSuites) != 0 { - cipherSuites, err := utilflag.TLSCipherSuites(s.CipherSuites) + cipherSuites, err := cliflag.TLSCipherSuites(s.CipherSuites) if err != nil { return err } @@ -242,7 +242,7 @@ func (s *SecureServingOptions) ApplyTo(config **server.SecureServingInfo) error } var err error - c.MinTLSVersion, err = utilflag.TLSVersion(s.MinTLSVersion) + c.MinTLSVersion, err = cliflag.TLSVersion(s.MinTLSVersion) if err != nil { return err } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/serving_test.go b/staging/src/k8s.io/apiserver/pkg/server/options/serving_test.go index 73375bb70c2..3b5d7f11f4d 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/serving_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/serving_test.go @@ -44,9 +44,9 @@ import ( "k8s.io/apimachinery/pkg/version" "k8s.io/apiserver/pkg/server" . "k8s.io/apiserver/pkg/server" - utilflag "k8s.io/apiserver/pkg/util/flag" "k8s.io/client-go/discovery" restclient "k8s.io/client-go/rest" + cliflag "k8s.io/component-base/cli/flag" ) func setUp(t *testing.T) Config { @@ -417,7 +417,7 @@ func TestServerRunWithSNI(t *testing.T) { caCerts := []*x509.Certificate{ca} // create SNI certs - var namedCertKeys []utilflag.NamedCertKey + var namedCertKeys []cliflag.NamedCertKey serverSig, err := certFileSignature(serverCertBundleFile, serverKeyFile) if err != nil { t.Fatalf("failed to get server cert signature: %v", err) @@ -434,7 +434,7 @@ func TestServerRunWithSNI(t *testing.T) { t.Fatalf("failed to create SNI cert %d: %v", j, err) } - namedCertKeys = append(namedCertKeys, utilflag.NamedCertKey{ + namedCertKeys = append(namedCertKeys, cliflag.NamedCertKey{ KeyFile: keyFile, CertFile: certBundleFile, Names: c.explicitNames, @@ -496,7 +496,7 @@ func TestServerRunWithSNI(t *testing.T) { // add poststart hook to know when the server is up. startedCh := make(chan struct{}) - s.AddPostStartHook("test-notifier", func(context PostStartHookContext) error { + s.AddPostStartHookOrDie("test-notifier", func(context PostStartHookContext) error { close(startedCh) return nil }) diff --git a/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/BUILD b/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/BUILD index c971b6f07a9..6c9b97f0920 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/BUILD @@ -13,7 +13,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) diff --git a/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/helpers.go b/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/helpers.go index ad0d5f5784f..09047cfe978 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/helpers.go +++ b/staging/src/k8s.io/apiserver/pkg/server/resourceconfig/helpers.go @@ -24,7 +24,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" serverstore "k8s.io/apiserver/pkg/server/storage" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/klog" ) @@ -51,24 +51,12 @@ func MergeResourceEncodingConfigs( return resourceEncodingConfig } -// MergeGroupEncodingConfigs merges the given defaultResourceConfig with specific GroupVersion overrides. -func MergeGroupEncodingConfigs( - defaultResourceEncoding *serverstore.DefaultResourceEncodingConfig, - storageEncodingOverrides map[string]schema.GroupVersion, -) *serverstore.DefaultResourceEncodingConfig { - resourceEncodingConfig := defaultResourceEncoding - for group, storageEncodingVersion := range storageEncodingOverrides { - resourceEncodingConfig.SetVersionEncoding(group, storageEncodingVersion, schema.GroupVersion{Group: group, Version: runtime.APIVersionInternal}) - } - return resourceEncodingConfig -} - // MergeAPIResourceConfigs merges the given defaultAPIResourceConfig with the given resourceConfigOverrides. // Exclude the groups not registered in registry, and check if version is // not registered in group, then it will fail. func MergeAPIResourceConfigs( defaultAPIResourceConfig *serverstore.ResourceConfig, - resourceConfigOverrides utilflag.ConfigurationMap, + resourceConfigOverrides cliflag.ConfigurationMap, registry GroupVersionRegistry, ) (*serverstore.ResourceConfig, error) { resourceConfig := defaultAPIResourceConfig @@ -146,7 +134,7 @@ func MergeAPIResourceConfigs( return resourceConfig, nil } -func getRuntimeConfigValue(overrides utilflag.ConfigurationMap, apiKey string, defaultValue bool) (bool, error) { +func getRuntimeConfigValue(overrides cliflag.ConfigurationMap, apiKey string, defaultValue bool) (bool, error) { flagValue, ok := overrides[apiKey] if ok { if flagValue == "" { @@ -162,7 +150,7 @@ func getRuntimeConfigValue(overrides utilflag.ConfigurationMap, apiKey string, d } // ParseGroups takes in resourceConfig and returns parsed groups. -func ParseGroups(resourceConfig utilflag.ConfigurationMap) ([]string, error) { +func ParseGroups(resourceConfig cliflag.ConfigurationMap) ([]string, error) { groups := []string{} for key := range resourceConfig { if key == "api/all" { diff --git a/staging/src/k8s.io/apiserver/pkg/server/routes/BUILD b/staging/src/k8s.io/apiserver/pkg/server/routes/BUILD index 62511517fa1..3e157eae31a 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/routes/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/server/routes/BUILD @@ -27,8 +27,10 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/server/mux:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/etcd/metrics:go_default_library", "//vendor/github.com/emicklei/go-restful:go_default_library", + "//vendor/github.com/go-openapi/spec:go_default_library", "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library", "//vendor/k8s.io/klog:go_default_library", + "//vendor/k8s.io/kube-openapi/pkg/builder:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/handler:go_default_library", ], diff --git a/staging/src/k8s.io/apiserver/pkg/server/routes/OWNERS b/staging/src/k8s.io/apiserver/pkg/server/routes/OWNERS old mode 100755 new mode 100644 index 9d268c4d148..4da107c8c38 --- a/staging/src/k8s.io/apiserver/pkg/server/routes/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/server/routes/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sttts diff --git a/staging/src/k8s.io/apiserver/pkg/server/routes/openapi.go b/staging/src/k8s.io/apiserver/pkg/server/routes/openapi.go index 4d0cc3ee452..23bbee99f7e 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/routes/openapi.go +++ b/staging/src/k8s.io/apiserver/pkg/server/routes/openapi.go @@ -18,9 +18,11 @@ package routes import ( restful "github.com/emicklei/go-restful" + "github.com/go-openapi/spec" "k8s.io/klog" "k8s.io/apiserver/pkg/server/mux" + "k8s.io/kube-openapi/pkg/builder" "k8s.io/kube-openapi/pkg/common" "k8s.io/kube-openapi/pkg/handler" ) @@ -31,9 +33,14 @@ type OpenAPI struct { } // Install adds the SwaggerUI webservice to the given mux. -func (oa OpenAPI) Install(c *restful.Container, mux *mux.PathRecorderMux) { - _, err := handler.BuildAndRegisterOpenAPIVersionedService("/openapi/v2", c.RegisteredWebServices(), oa.Config, mux) +func (oa OpenAPI) Install(c *restful.Container, mux *mux.PathRecorderMux) (*handler.OpenAPIService, *spec.Swagger) { + spec, err := builder.BuildOpenAPISpec(c.RegisteredWebServices(), oa.Config) + if err != nil { + klog.Fatalf("Failed to build open api spec for root: %v", err) + } + openAPIVersionedService, err := handler.RegisterOpenAPIVersionedService(spec, "/openapi/v2", mux) if err != nil { klog.Fatalf("Failed to register versioned open api spec for root: %v", err) } + return openAPIVersionedService, spec } diff --git a/staging/src/k8s.io/apiserver/pkg/server/signal.go b/staging/src/k8s.io/apiserver/pkg/server/signal.go index 6f0cff4baed..0ea19d6606d 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/signal.go +++ b/staging/src/k8s.io/apiserver/pkg/server/signal.go @@ -22,6 +22,7 @@ import ( ) var onlyOneSignalHandler = make(chan struct{}) +var shutdownHandler chan os.Signal // SetupSignalHandler registered for SIGTERM and SIGINT. A stop channel is returned // which is closed on one of these signals. If a second signal is caught, the program @@ -29,15 +30,30 @@ var onlyOneSignalHandler = make(chan struct{}) func SetupSignalHandler() <-chan struct{} { close(onlyOneSignalHandler) // panics when called twice + shutdownHandler = make(chan os.Signal, 2) + stop := make(chan struct{}) - c := make(chan os.Signal, 2) - signal.Notify(c, shutdownSignals...) + signal.Notify(shutdownHandler, shutdownSignals...) go func() { - <-c + <-shutdownHandler close(stop) - <-c + <-shutdownHandler os.Exit(1) // second signal. Exit directly. }() return stop } + +// RequestShutdown emulates a received event that is considered as shutdown signal (SIGTERM/SIGINT) +// This returns whether a handler was notified +func RequestShutdown() bool { + if shutdownHandler != nil { + select { + case shutdownHandler <- shutdownSignals[0]: + return true + default: + } + } + + return false +} diff --git a/staging/src/k8s.io/apiserver/pkg/server/storage/resource_encoding_config.go b/staging/src/k8s.io/apiserver/pkg/server/storage/resource_encoding_config.go index eff1fe8a417..efb22fbc8d6 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/storage/resource_encoding_config.go +++ b/staging/src/k8s.io/apiserver/pkg/server/storage/resource_encoding_config.go @@ -34,50 +34,27 @@ type ResourceEncodingConfig interface { } type DefaultResourceEncodingConfig struct { - groups map[string]*GroupResourceEncodingConfig - scheme *runtime.Scheme + // resources records the overriding encoding configs for individual resources. + resources map[schema.GroupResource]*OverridingResourceEncoding + scheme *runtime.Scheme } -type GroupResourceEncodingConfig struct { - DefaultExternalEncoding schema.GroupVersion - ExternalResourceEncodings map[string]schema.GroupVersion - - DefaultInternalEncoding schema.GroupVersion - InternalResourceEncodings map[string]schema.GroupVersion +type OverridingResourceEncoding struct { + ExternalResourceEncoding schema.GroupVersion + InternalResourceEncoding schema.GroupVersion } var _ ResourceEncodingConfig = &DefaultResourceEncodingConfig{} func NewDefaultResourceEncodingConfig(scheme *runtime.Scheme) *DefaultResourceEncodingConfig { - return &DefaultResourceEncodingConfig{groups: map[string]*GroupResourceEncodingConfig{}, scheme: scheme} -} - -func newGroupResourceEncodingConfig(defaultEncoding, defaultInternalVersion schema.GroupVersion) *GroupResourceEncodingConfig { - return &GroupResourceEncodingConfig{ - DefaultExternalEncoding: defaultEncoding, ExternalResourceEncodings: map[string]schema.GroupVersion{}, - DefaultInternalEncoding: defaultInternalVersion, InternalResourceEncodings: map[string]schema.GroupVersion{}, - } -} - -func (o *DefaultResourceEncodingConfig) SetVersionEncoding(group string, externalEncodingVersion, internalVersion schema.GroupVersion) { - _, groupExists := o.groups[group] - if !groupExists { - o.groups[group] = newGroupResourceEncodingConfig(externalEncodingVersion, internalVersion) - } - - o.groups[group].DefaultExternalEncoding = externalEncodingVersion - o.groups[group].DefaultInternalEncoding = internalVersion + return &DefaultResourceEncodingConfig{resources: map[schema.GroupResource]*OverridingResourceEncoding{}, scheme: scheme} } func (o *DefaultResourceEncodingConfig) SetResourceEncoding(resourceBeingStored schema.GroupResource, externalEncodingVersion, internalVersion schema.GroupVersion) { - group := resourceBeingStored.Group - _, groupExists := o.groups[group] - if !groupExists { - o.groups[group] = newGroupResourceEncodingConfig(externalEncodingVersion, internalVersion) + o.resources[resourceBeingStored] = &OverridingResourceEncoding{ + ExternalResourceEncoding: externalEncodingVersion, + InternalResourceEncoding: internalVersion, } - - o.groups[group].ExternalResourceEncodings[resourceBeingStored.Resource] = externalEncodingVersion - o.groups[group].InternalResourceEncodings[resourceBeingStored.Resource] = internalVersion } func (o *DefaultResourceEncodingConfig) StorageEncodingFor(resource schema.GroupResource) (schema.GroupVersion, error) { @@ -85,19 +62,13 @@ func (o *DefaultResourceEncodingConfig) StorageEncodingFor(resource schema.Group return schema.GroupVersion{}, fmt.Errorf("group %q is not registered in scheme", resource.Group) } - groupEncoding, groupExists := o.groups[resource.Group] - - if !groupExists { - // return the most preferred external version for the group - return o.scheme.PrioritizedVersionsForGroup(resource.Group)[0], nil + resourceOverride, resourceExists := o.resources[resource] + if resourceExists { + return resourceOverride.ExternalResourceEncoding, nil } - resourceOverride, resourceExists := groupEncoding.ExternalResourceEncodings[resource.Resource] - if !resourceExists { - return groupEncoding.DefaultExternalEncoding, nil - } - - return resourceOverride, nil + // return the most preferred external version for the group + return o.scheme.PrioritizedVersionsForGroup(resource.Group)[0], nil } func (o *DefaultResourceEncodingConfig) InMemoryEncodingFor(resource schema.GroupResource) (schema.GroupVersion, error) { @@ -105,15 +76,9 @@ func (o *DefaultResourceEncodingConfig) InMemoryEncodingFor(resource schema.Grou return schema.GroupVersion{}, fmt.Errorf("group %q is not registered in scheme", resource.Group) } - groupEncoding, groupExists := o.groups[resource.Group] - if !groupExists { - return schema.GroupVersion{Group: resource.Group, Version: runtime.APIVersionInternal}, nil + resourceOverride, resourceExists := o.resources[resource] + if resourceExists { + return resourceOverride.InternalResourceEncoding, nil } - - resourceOverride, resourceExists := groupEncoding.InternalResourceEncodings[resource.Resource] - if !resourceExists { - return groupEncoding.DefaultInternalEncoding, nil - } - - return resourceOverride, nil + return schema.GroupVersion{Group: resource.Group, Version: runtime.APIVersionInternal}, nil } diff --git a/staging/src/k8s.io/apiserver/pkg/storage/OWNERS b/staging/src/k8s.io/apiserver/pkg/storage/OWNERS index b7bff4f12f7..26ea9eeb431 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/storage/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - lavalamp - liggitt diff --git a/staging/src/k8s.io/apiserver/pkg/storage/cacher/BUILD b/staging/src/k8s.io/apiserver/pkg/storage/cacher/BUILD index cdffbdf0b1d..0f47738e315 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/cacher/BUILD +++ b/staging/src/k8s.io/apiserver/pkg/storage/cacher/BUILD @@ -27,6 +27,7 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/storage:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library", "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/utils/trace:go_default_library", ], diff --git a/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher.go b/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher.go index 512a5775bed..0f5c0848dae 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher.go @@ -41,8 +41,24 @@ import ( utilfeature "k8s.io/apiserver/pkg/util/feature" "k8s.io/client-go/tools/cache" utiltrace "k8s.io/utils/trace" + + "github.com/prometheus/client_golang/prometheus" ) +var ( + initCounter = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Name: "apiserver_init_events_total", + Help: "Counter of init events processed in watchcache broken by resource type", + }, + []string{"resource"}, + ) +) + +func init() { + prometheus.MustRegister(initCounter) +} + // Config contains the configuration for a given Cache. type Config struct { // Maximum size of the history cached in memory. @@ -82,14 +98,17 @@ func (wm watchersMap) addWatcher(w *cacheWatcher, number int) { wm[number] = w } -func (wm watchersMap) deleteWatcher(number int) { - delete(wm, number) +func (wm watchersMap) deleteWatcher(number int, done func(*cacheWatcher)) { + if watcher, ok := wm[number]; ok { + delete(wm, number) + done(watcher) + } } -func (wm watchersMap) terminateAll() { +func (wm watchersMap) terminateAll(done func(*cacheWatcher)) { for key, watcher := range wm { delete(wm, key) - watcher.stop() + done(watcher) } } @@ -109,24 +128,24 @@ func (i *indexedWatchers) addWatcher(w *cacheWatcher, number int, value string, } } -func (i *indexedWatchers) deleteWatcher(number int, value string, supported bool) { +func (i *indexedWatchers) deleteWatcher(number int, value string, supported bool, done func(*cacheWatcher)) { if supported { - i.valueWatchers[value].deleteWatcher(number) + i.valueWatchers[value].deleteWatcher(number, done) if len(i.valueWatchers[value]) == 0 { delete(i.valueWatchers, value) } } else { - i.allWatchers.deleteWatcher(number) + i.allWatchers.deleteWatcher(number, done) } } -func (i *indexedWatchers) terminateAll(objectType reflect.Type) { +func (i *indexedWatchers) terminateAll(objectType reflect.Type, done func(*cacheWatcher)) { if len(i.allWatchers) > 0 || len(i.valueWatchers) > 0 { klog.Warningf("Terminating all watchers from cacher %v", objectType) } - i.allWatchers.terminateAll() + i.allWatchers.terminateAll(done) for index, watchers := range i.valueWatchers { - watchers.terminateAll() + watchers.terminateAll(done) delete(i.valueWatchers, index) } } @@ -186,6 +205,20 @@ type Cacher struct { stopped bool stopCh chan struct{} stopWg sync.WaitGroup + + // timer is used to avoid unnecessary allocations in underlying watchers. + timer *time.Timer + + // dispatching determines whether there is currently dispatching of + // any event in flight. + dispatching bool + // watchersBuffer is a list of watchers potentially interested in currently + // dispatched event. + watchersBuffer []*cacheWatcher + // watchersToStop is a list of watchers that were supposed to be stopped + // during current dispatching, but stopping was deferred to the end of + // dispatching that event to avoid race with closing channels in watchers. + watchersToStop []*cacheWatcher } // NewCacherFromConfig creates a new Cacher responsible for servicing WATCH and LIST requests from @@ -227,6 +260,7 @@ func NewCacherFromConfig(config Config) *Cacher { // and there are no guarantees on the order that they will stop. // So we will be simply closing the channel, and synchronizing on the WaitGroup. stopCh: stopCh, + timer: time.NewTimer(time.Duration(0)), } watchCache.SetOnEvent(cacher.processEvent) go cacher.dispatchEvents() @@ -242,6 +276,14 @@ func NewCacherFromConfig(config Config) *Cacher { }, time.Second, stopCh, ) }() + + // Ensure that timer is stopped. + if !cacher.timer.Stop() { + // Consume triggered (but not yet received) timer event + // so that future reuse does not get a spurious timeout. + <-cacher.timer.C + } + return cacher } @@ -335,6 +377,13 @@ func (c *Cacher) Watch(ctx context.Context, key string, resourceVersion string, chanSize = 1000 } + // With some events already sent, update resourceVersion so that + // events that were buffered and not yet processed won't be delivered + // to this watcher second time causing going back in time. + if len(initEvents) > 0 { + watchRV = initEvents[len(initEvents)-1].ResourceVersion + } + c.Lock() defer c.Unlock() forget := forgetWatcher(c, c.watcherIdx, triggerValue, triggerSupported) @@ -615,19 +664,41 @@ func (c *Cacher) dispatchEvents() { } func (c *Cacher) dispatchEvent(event *watchCacheEvent) { + c.startDispatching(event) + + // Since add() can block, we explicitly add when cacher is unlocked. + for _, watcher := range c.watchersBuffer { + watcher.add(event, c.timer, c.dispatchTimeoutBudget) + } + + c.finishDispatching() +} + +// startDispatching chooses watchers potentially interested in a given event +// a marks dispatching as true. +func (c *Cacher) startDispatching(event *watchCacheEvent) { triggerValues, supported := c.triggerValues(event) c.Lock() defer c.Unlock() + + c.dispatching = true + // We are reusing the slice to avoid memory reallocations in every + // dispatchEvent() call. That may prevent Go GC from freeing items + // from previous phases that are sitting behind the current length + // of the slice, but there is only a limited number of those and the + // gain from avoiding memory allocations is much bigger. + c.watchersBuffer = c.watchersBuffer[:0] + // Iterate over "allWatchers" no matter what the trigger function is. for _, watcher := range c.watchers.allWatchers { - watcher.add(event, c.dispatchTimeoutBudget) + c.watchersBuffer = append(c.watchersBuffer, watcher) } if supported { // Iterate over watchers interested in the given values of the trigger. for _, triggerValue := range triggerValues { for _, watcher := range c.watchers.valueWatchers[triggerValue] { - watcher.add(event, c.dispatchTimeoutBudget) + c.watchersBuffer = append(c.watchersBuffer, watcher) } } } else { @@ -640,16 +711,38 @@ func (c *Cacher) dispatchEvent(event *watchCacheEvent) { // Iterate over watchers interested in exact values for all values. for _, watchers := range c.watchers.valueWatchers { for _, watcher := range watchers { - watcher.add(event, c.dispatchTimeoutBudget) + c.watchersBuffer = append(c.watchersBuffer, watcher) } } } } +// finishDispatching stops all the watchers that were supposed to be +// stopped in the meantime, but it was deferred to avoid closing input +// channels of watchers, as add() may still have writing to it. +// It also marks dispatching as false. +func (c *Cacher) finishDispatching() { + c.Lock() + defer c.Unlock() + c.dispatching = false + for _, watcher := range c.watchersToStop { + watcher.stop() + } + c.watchersToStop = c.watchersToStop[:0] +} + func (c *Cacher) terminateAllWatchers() { c.Lock() defer c.Unlock() - c.watchers.terminateAll(c.objectType) + c.watchers.terminateAll(c.objectType, c.stopWatcherThreadUnsafe) +} + +func (c *Cacher) stopWatcherThreadUnsafe(watcher *cacheWatcher) { + if c.dispatching { + c.watchersToStop = append(c.watchersToStop, watcher) + } else { + watcher.stop() + } } func (c *Cacher) isStopped() bool { @@ -675,20 +768,15 @@ func (c *Cacher) Stop() { c.stopWg.Wait() } -func forgetWatcher(c *Cacher, index int, triggerValue string, triggerSupported bool) func(bool) { - return func(lock bool) { - if lock { - c.Lock() - defer c.Unlock() - } else { - // false is currently passed only if we are forcing watcher to close due - // to its unresponsiveness and blocking other watchers. - // TODO: Get this information in cleaner way. - klog.V(1).Infof("Forcing watcher close due to unresponsiveness: %v", c.objectType.String()) - } +func forgetWatcher(c *Cacher, index int, triggerValue string, triggerSupported bool) func() { + return func() { + c.Lock() + defer c.Unlock() + // It's possible that the watcher is already not in the structure (e.g. in case of - // simultaneous Stop() and terminateAllWatchers(), but it doesn't break anything. - c.watchers.deleteWatcher(index, triggerValue, triggerSupported) + // simultaneous Stop() and terminateAllWatchers(), but it is safe to call stop() + // on a watcher multiple times. + c.watchers.deleteWatcher(index, triggerValue, triggerSupported, c.stopWatcherThreadUnsafe) } } @@ -787,11 +875,11 @@ type cacheWatcher struct { done chan struct{} filter filterWithAttrsFunc stopped bool - forget func(bool) + forget func() versioner storage.Versioner } -func newCacheWatcher(resourceVersion uint64, chanSize int, initEvents []*watchCacheEvent, filter filterWithAttrsFunc, forget func(bool), versioner storage.Versioner) *cacheWatcher { +func newCacheWatcher(resourceVersion uint64, chanSize int, initEvents []*watchCacheEvent, filter filterWithAttrsFunc, forget func(), versioner storage.Versioner) *cacheWatcher { watcher := &cacheWatcher{ input: make(chan *watchCacheEvent, chanSize), result: make(chan watch.Event, chanSize), @@ -812,8 +900,7 @@ func (c *cacheWatcher) ResultChan() <-chan watch.Event { // Implements watch.Interface. func (c *cacheWatcher) Stop() { - c.forget(true) - c.stop() + c.forget() } func (c *cacheWatcher) stop() { @@ -826,9 +913,7 @@ func (c *cacheWatcher) stop() { } } -var timerPool sync.Pool - -func (c *cacheWatcher) add(event *watchCacheEvent, budget *timeBudget) { +func (c *cacheWatcher) add(event *watchCacheEvent, timer *time.Timer, budget *timeBudget) { // Try to send the event immediately, without blocking. select { case c.input <- event: @@ -842,28 +927,21 @@ func (c *cacheWatcher) add(event *watchCacheEvent, budget *timeBudget) { startTime := time.Now() timeout := budget.takeAvailable() - t, ok := timerPool.Get().(*time.Timer) - if ok { - t.Reset(timeout) - } else { - t = time.NewTimer(timeout) - } - defer timerPool.Put(t) + timer.Reset(timeout) select { case c.input <- event: - stopped := t.Stop() - if !stopped { + if !timer.Stop() { // Consume triggered (but not yet received) timer event // so that future reuse does not get a spurious timeout. - <-t.C + <-timer.C } - case <-t.C: + case <-timer.C: // This means that we couldn't send event to that watcher. // Since we don't want to block on it infinitely, // we simply terminate it. - c.forget(false) - c.stop() + klog.V(1).Infof("Forcing watcher close due to unresponsiveness: %v", reflect.TypeOf(event.Object).String()) + c.forget() } budget.returnUnused(timeout - time.Since(startTime)) @@ -941,6 +1019,10 @@ func (c *cacheWatcher) process(initEvents []*watchCacheEvent, resourceVersion ui for _, event := range initEvents { c.sendWatchCacheEvent(event) } + if len(initEvents) > 0 { + objType := reflect.TypeOf(initEvents[0].Object).String() + initCounter.WithLabelValues(objType).Add(float64(len(initEvents))) + } processingTime := time.Since(startTime) if processingTime > initProcessThreshold { objType := "" @@ -952,11 +1034,7 @@ func (c *cacheWatcher) process(initEvents []*watchCacheEvent, resourceVersion ui defer close(c.result) defer c.Stop() - for { - event, ok := <-c.input - if !ok { - return - } + for event := range c.input { // only send events newer than resourceVersion if event.ResourceVersion > resourceVersion { c.sendWatchCacheEvent(event) diff --git a/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher_whitebox_test.go b/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher_whitebox_test.go index 2f36e43163b..2de915eb5a9 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher_whitebox_test.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher_whitebox_test.go @@ -45,12 +45,17 @@ import ( // the writes to cacheWatcher.result channel is blocked. func TestCacheWatcherCleanupNotBlockedByResult(t *testing.T) { var lock sync.RWMutex + var w *cacheWatcher count := 0 filter := func(string, labels.Set, fields.Set) bool { return true } - forget := func(bool) { + forget := func() { lock.Lock() defer lock.Unlock() count++ + // forget() has to stop the watcher, as only stopping the watcher + // triggers stopping the process() goroutine which we are in the + // end waiting for in this test. + w.stop() } initEvents := []*watchCacheEvent{ {Object: &v1.Pod{}}, @@ -58,7 +63,7 @@ func TestCacheWatcherCleanupNotBlockedByResult(t *testing.T) { } // set the size of the buffer of w.result to 0, so that the writes to // w.result is blocked. - w := newCacheWatcher(0, 0, initEvents, filter, forget, testVersioner{}) + w = newCacheWatcher(0, 0, initEvents, filter, forget, testVersioner{}) w.Stop() if err := wait.PollImmediate(1*time.Second, 5*time.Second, func() (bool, error) { lock.RLock() @@ -73,7 +78,7 @@ func TestCacheWatcherHandlesFiltering(t *testing.T) { filter := func(_ string, _ labels.Set, field fields.Set) bool { return field["spec.nodeName"] == "host" } - forget := func(bool) {} + forget := func() {} testCases := []struct { events []*watchCacheEvent @@ -213,7 +218,15 @@ func (testVersioner) PrepareObjectForStorage(obj runtime.Object) error { return fmt.Errorf("unimplemented") } func (testVersioner) ObjectResourceVersion(obj runtime.Object) (uint64, error) { - return 0, fmt.Errorf("unimplemented") + accessor, err := meta.Accessor(obj) + if err != nil { + return 0, err + } + version := accessor.GetResourceVersion() + if len(version) == 0 { + return 0, nil + } + return strconv.ParseUint(version, 10, 64) } func (testVersioner) ParseResourceVersion(resourceVersion string) (uint64, error) { return strconv.ParseUint(resourceVersion, 10, 64) @@ -351,3 +364,82 @@ func TestGetToListWithLimitAndRV0(t *testing.T) { t.Errorf("List with Limit without RV=0 should bypass cacher: %v", err) } } + +func TestWatcherNotGoingBackInTime(t *testing.T) { + backingStorage := &dummyStorage{} + cacher, _ := newTestCacher(backingStorage, 1000) + defer cacher.Stop() + + // Wait until cacher is initialized. + cacher.ready.wait() + + // Ensure there is some budget for slowing down processing. + cacher.dispatchTimeoutBudget.returnUnused(100 * time.Millisecond) + + makePod := func(i int) *examplev1.Pod { + return &examplev1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("pod-%d", 1000+i), + Namespace: "ns", + ResourceVersion: fmt.Sprintf("%d", 1000+i), + }, + } + } + if err := cacher.watchCache.Add(makePod(0)); err != nil { + t.Errorf("error: %v", err) + } + + totalPods := 100 + + // Create watcher that will be slowing down reading. + w1, err := cacher.Watch(context.TODO(), "pods/ns", "999", storage.Everything) + if err != nil { + t.Fatalf("Failed to create watch: %v", err) + } + defer w1.Stop() + go func() { + a := 0 + for range w1.ResultChan() { + time.Sleep(time.Millisecond) + a++ + if a == 100 { + break + } + } + }() + + // Now push a ton of object to cache. + for i := 1; i < totalPods; i++ { + cacher.watchCache.Add(makePod(i)) + } + + // Create fast watcher and ensure it will get each object exactly once. + w2, err := cacher.Watch(context.TODO(), "pods/ns", "999", storage.Everything) + if err != nil { + t.Fatalf("Failed to create watch: %v", err) + } + defer w2.Stop() + + shouldContinue := true + currentRV := uint64(0) + for shouldContinue { + select { + case event, ok := <-w2.ResultChan(): + if !ok { + shouldContinue = false + break + } + rv, err := testVersioner{}.ParseResourceVersion(event.Object.(*examplev1.Pod).ResourceVersion) + if err != nil { + t.Errorf("unexpected parsing error: %v", err) + } else { + if rv < currentRV { + t.Errorf("watcher going back in time") + } + currentRV = rv + } + case <-time.After(time.Second): + w2.Stop() + } + } +} diff --git a/staging/src/k8s.io/apiserver/pkg/storage/etcd/OWNERS b/staging/src/k8s.io/apiserver/pkg/storage/etcd/OWNERS old mode 100755 new mode 100644 index a0654988307..bb4ad2a4caf --- a/staging/src/k8s.io/apiserver/pkg/storage/etcd/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/storage/etcd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - lavalamp - smarterclayton diff --git a/staging/src/k8s.io/apiserver/pkg/storage/etcd3/OWNERS b/staging/src/k8s.io/apiserver/pkg/storage/etcd3/OWNERS old mode 100755 new mode 100644 index 84c24e70c42..84666835da6 --- a/staging/src/k8s.io/apiserver/pkg/storage/etcd3/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/storage/etcd3/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - wojtek-t - timothysc diff --git a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/OWNERS b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/OWNERS old mode 100755 new mode 100644 index d14ed51815d..dbef228c1a7 --- a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - lavalamp - smarterclayton diff --git a/staging/src/k8s.io/apiserver/pkg/storage/testing/OWNERS b/staging/src/k8s.io/apiserver/pkg/storage/testing/OWNERS old mode 100755 new mode 100644 index ff5dd0da818..1bd9ef6bfc7 --- a/staging/src/k8s.io/apiserver/pkg/storage/testing/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/storage/testing/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - wojtek-t diff --git a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/OWNERS b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/OWNERS index 498b470c9bf..71edc3ecdcc 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/OWNERS +++ b/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-encryption-at-rest-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/pkg/util/openapi/proto_test.go b/staging/src/k8s.io/apiserver/pkg/util/openapi/proto_test.go index d4ee737caa2..4fbd63f1891 100644 --- a/staging/src/k8s.io/apiserver/pkg/util/openapi/proto_test.go +++ b/staging/src/k8s.io/apiserver/pkg/util/openapi/proto_test.go @@ -44,8 +44,8 @@ func TestOpenAPIDefinitionsToProtoModels(t *testing.T) { }, VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ - "x-kubernetes-group-version-kind": []map[string]string{ - { + "x-kubernetes-group-version-kind": []interface{}{ + map[string]interface{}{ "group": "testgroup.k8s.io", "version": "v1", "kind": "Foo", diff --git a/staging/src/k8s.io/apiserver/pkg/util/term/BUILD b/staging/src/k8s.io/apiserver/pkg/util/term/BUILD new file mode 100644 index 00000000000..346cff3e31b --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/util/term/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["term.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/term", + importpath = "k8s.io/apiserver/pkg/util/term", + visibility = ["//visibility:public"], + deps = ["//vendor/github.com/docker/docker/pkg/term:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/apiserver/pkg/util/term/term.go b/staging/src/k8s.io/apiserver/pkg/util/term/term.go new file mode 100644 index 00000000000..123985bbf63 --- /dev/null +++ b/staging/src/k8s.io/apiserver/pkg/util/term/term.go @@ -0,0 +1,39 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package term + +import ( + "fmt" + "io" + + "github.com/docker/docker/pkg/term" +) + +// TerminalSize returns the current width and height of the user's terminal. If it isn't a terminal, +// nil is returned. On error, zero values are returned for width and height. +// Usually w must be the stdout of the process. Stderr won't work. +func TerminalSize(w io.Writer) (int, int, error) { + outFd, isTerminal := term.GetFdInfo(w) + if !isTerminal { + return 0, 0, fmt.Errorf("given writer is no terminal") + } + winsize, err := term.GetWinsize(outFd) + if err != nil { + return 0, 0, err + } + return int(winsize.Width), int(winsize.Height), nil +} diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/OWNERS b/staging/src/k8s.io/apiserver/plugin/pkg/audit/OWNERS index 178ce84a5ce..c3486ad5ded 100644 --- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/OWNERS +++ b/staging/src/k8s.io/apiserver/plugin/pkg/audit/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-audit-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/OWNERS b/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/OWNERS +++ b/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS b/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS index e0f3c6ca980..03fb44ea24b 100644 --- a/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS +++ b/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - ericchiang reviewers: diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/OWNERS b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/OWNERS +++ b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/staging/src/k8s.io/cli-runtime/CONTRIBUTING.md b/staging/src/k8s.io/cli-runtime/CONTRIBUTING.md index 025a70e30fc..cca7de7d53f 100644 --- a/staging/src/k8s.io/cli-runtime/CONTRIBUTING.md +++ b/staging/src/k8s.io/cli-runtime/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/cli-runtime](https://git.k8s.io/kubernetes/staging/src/k8s.io/cli-runtime) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json b/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json index 488ed64c92a..ab89395ad06 100644 --- a/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json +++ b/staging/src/k8s.io/cli-runtime/Godeps/Godeps.json @@ -6,13 +6,49 @@ "./..." ], "Deps": [ + { + "ImportPath": "github.com/PuerkitoBio/purell", + "Rev": "8a290539e2e8629dbc4e6bad948158f790ec31f4" + }, + { + "ImportPath": "github.com/PuerkitoBio/urlesc", + "Rev": "5bd2802263f21d8788851d5305584c82a5c75d7e" + }, { "ImportPath": "github.com/davecgh/go-spew/spew", "Rev": "782f4967f2dc4564575ca782fe2d04090b5faca8" }, + { + "ImportPath": "github.com/emicklei/go-restful", + "Rev": "ff4f55a206334ef123e4f79bbf348980da81ca46" + }, + { + "ImportPath": "github.com/emicklei/go-restful/log", + "Rev": "ff4f55a206334ef123e4f79bbf348980da81ca46" + }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" + }, + { + "ImportPath": "github.com/ghodss/yaml", + "Rev": "c7ce16629ff4cd059ed96ed06419dd3856fd3577" + }, + { + "ImportPath": "github.com/go-openapi/jsonpointer", + "Rev": "ef5f0afec364d3b9396b7b77b43dbe26bf1f8004" + }, + { + "ImportPath": "github.com/go-openapi/jsonreference", + "Rev": "8483a886a90412cd6858df4ea3483dce9c8e35a3" + }, + { + "ImportPath": "github.com/go-openapi/spec", + "Rev": "5bae59e25b21498baea7f9d46e9c147ec106a42e" + }, + { + "ImportPath": "github.com/go-openapi/swag", + "Rev": "5899d5c5e619fda5fa86e14795a835f473ca284c" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -82,6 +118,18 @@ "ImportPath": "github.com/json-iterator/go", "Rev": "ab8a2e0c74be9d3be70b3184d9acc634935ded82" }, + { + "ImportPath": "github.com/mailru/easyjson/buffer", + "Rev": "2f5df55504ebc322e4d52d34df6a1f5b503bf26d" + }, + { + "ImportPath": "github.com/mailru/easyjson/jlexer", + "Rev": "2f5df55504ebc322e4d52d34df6a1f5b503bf26d" + }, + { + "ImportPath": "github.com/mailru/easyjson/jwriter", + "Rev": "2f5df55504ebc322e4d52d34df6a1f5b503bf26d" + }, { "ImportPath": "github.com/modern-go/concurrent", "Rev": "bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94" @@ -94,9 +142,13 @@ "ImportPath": "github.com/peterbourgon/diskv", "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" }, + { + "ImportPath": "github.com/pkg/errors", + "Rev": "645ef00459ed84a119197bfb8d8205042c6df63d" + }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/spf13/cobra", @@ -190,6 +242,10 @@ "ImportPath": "golang.org/x/text/unicode/norm", "Rev": "b19bf474d317b857955b12035d2c5acb57ce8b01" }, + { + "ImportPath": "golang.org/x/text/width", + "Rev": "b19bf474d317b857955b12035d2c5acb57ce8b01" + }, { "ImportPath": "golang.org/x/time/rate", "Rev": "f51c12702a4d776e4c1fa9b0fabab841babae631" @@ -290,6 +346,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -350,6 +410,10 @@ "ImportPath": "k8s.io/apimachinery/pkg/api/resource", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/apimachinery/pkg/api/validation", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -362,6 +426,10 @@ "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructuredscheme", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1/validation", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/apimachinery/pkg/apis/meta/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -442,6 +510,10 @@ "ImportPath": "k8s.io/apimachinery/pkg/util/json", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/apimachinery/pkg/util/mergepatch", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/apimachinery/pkg/util/naming", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -458,6 +530,10 @@ "ImportPath": "k8s.io/apimachinery/pkg/util/sets", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/apimachinery/pkg/util/strategicpatch", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/apimachinery/pkg/util/validation", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -478,6 +554,10 @@ "ImportPath": "k8s.io/apimachinery/pkg/watch", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/json", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/reflect", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -566,10 +646,22 @@ "ImportPath": "k8s.io/klog", "Rev": "8139d8cb77af419532b33dfa7dd09fbc5f1d344f" }, + { + "ImportPath": "k8s.io/kube-openapi/pkg/common", + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" + }, + { + "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" + }, { "ImportPath": "k8s.io/client-go/discovery", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/discovery/cached/disk", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/scheme", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -615,24 +707,92 @@ "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" + "ImportPath": "sigs.k8s.io/kustomize/pkg/commands/build", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" }, { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" + "ImportPath": "sigs.k8s.io/kustomize/pkg/constants", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" }, { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" + "ImportPath": "sigs.k8s.io/kustomize/pkg/expansion", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" }, { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" + "ImportPath": "sigs.k8s.io/kustomize/pkg/factory", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" }, { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" + "ImportPath": "sigs.k8s.io/kustomize/pkg/fs", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/git", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/gvk", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/ifc", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/ifc/transformer", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/image", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/internal/error", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/loader", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/patch", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/patch/transformer", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/resid", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/resmap", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/resource", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/target", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/transformers", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/transformers/config", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" + }, + { + "ImportPath": "sigs.k8s.io/kustomize/pkg/types", + "Rev": "ce7e5ee2c30cc5856fea01fe423cf167f2a2d0c3" }, { "ImportPath": "sigs.k8s.io/yaml", diff --git a/staging/src/k8s.io/cli-runtime/Godeps/OWNERS b/staging/src/k8s.io/cli-runtime/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/cli-runtime/Godeps/OWNERS +++ b/staging/src/k8s.io/cli-runtime/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/cli-runtime/OWNERS b/staging/src/k8s.io/cli-runtime/OWNERS index 27bd34cf6d6..983b7aece15 100644 --- a/staging/src/k8s.io/cli-runtime/OWNERS +++ b/staging/src/k8s.io/cli-runtime/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - pwittrock diff --git a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/BUILD b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/BUILD index 02ae9fd6caf..c2a3d8c0b8e 100644 --- a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/BUILD +++ b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/BUILD @@ -28,6 +28,7 @@ go_library( "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/printers:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource:go_default_library", "//staging/src/k8s.io/client-go/discovery:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/disk:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/restmapper:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", diff --git a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/config_flags.go b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/config_flags.go index b14cc90fac5..34b1f8e3a0f 100644 --- a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/config_flags.go +++ b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/config_flags.go @@ -28,6 +28,7 @@ import ( "k8s.io/apimachinery/pkg/api/meta" "k8s.io/client-go/discovery" + diskcached "k8s.io/client-go/discovery/cached/disk" "k8s.io/client-go/rest" "k8s.io/client-go/restmapper" "k8s.io/client-go/tools/clientcmd" @@ -231,7 +232,7 @@ func (f *ConfigFlags) ToDiscoveryClient() (discovery.CachedDiscoveryInterface, e } discoveryCacheDir := computeDiscoverCacheDir(filepath.Join(homedir.HomeDir(), ".kube", "cache", "discovery"), config.Host) - return discovery.NewCachedDiscoveryClientForConfig(config, discoveryCacheDir, httpCacheDir, time.Duration(10*time.Minute)) + return diskcached.NewCachedDiscoveryClientForConfig(config, discoveryCacheDir, httpCacheDir, time.Duration(10*time.Minute)) } // ToRESTMapper returns a mapper. diff --git a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource/visitor.go b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource/visitor.go index 32c1a691a5a..b4e3b359a1c 100644 --- a/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource/visitor.go +++ b/staging/src/k8s.io/cli-runtime/pkg/genericclioptions/resource/visitor.go @@ -24,6 +24,7 @@ import ( "net/url" "os" "path/filepath" + "strings" "time" "golang.org/x/text/encoding/unicode" @@ -141,6 +142,18 @@ func (i *Info) Refresh(obj runtime.Object, ignoreError bool) error { return nil } +// ObjectName returns an approximate form of the resource's kind/name. +func (i *Info) ObjectName() string { + if i.Mapping != nil { + return fmt.Sprintf("%s/%s", i.Mapping.Resource.Resource, i.Name) + } + gvk := i.Object.GetObjectKind().GroupVersionKind() + if len(gvk.Group) == 0 { + return fmt.Sprintf("%s/%s", strings.ToLower(gvk.Kind), i.Name) + } + return fmt.Sprintf("%s.%s/%s\n", strings.ToLower(gvk.Kind), gvk.Group, i.Name) +} + // String returns the general purpose string representation func (i *Info) String() string { basicInfo := fmt.Sprintf("Name: %q, Namespace: %q\nObject: %+q", i.Name, i.Namespace, i.Object) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/BUILD new file mode 100644 index 00000000000..8780b6b06f8 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["builder.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize", + importpath = "k8s.io/cli-runtime/pkg/kustomize", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/commands/build:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) + +go_test( + name = "go_default_test", + srcs = ["builder_test.go"], + embed = [":go_default_library"], + deps = ["//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/builder.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/builder.go new file mode 100644 index 00000000000..6aace7ce535 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/builder.go @@ -0,0 +1,32 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kustomize + +import ( + "io" + + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps" + "sigs.k8s.io/kustomize/pkg/commands/build" + "sigs.k8s.io/kustomize/pkg/fs" +) + +// RunKustomizeBuild runs kustomize build given a filesystem and a path +func RunKustomizeBuild(out io.Writer, fSys fs.FileSystem, path string) error { + f := k8sdeps.NewFactory() + o := build.NewOptions(path, "") + return o.RunBuild(out, fSys, f.ResmapF, f.TransformerF) +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/builder_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/builder_test.go new file mode 100644 index 00000000000..df17cae9d84 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/builder_test.go @@ -0,0 +1,150 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kustomize + +import ( + "bytes" + "testing" + + "sigs.k8s.io/kustomize/pkg/fs" +) + +const ( + kustomizationContent1 = ` +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namePrefix: foo- +nameSuffix: -bar +namespace: ns1 +commonLabels: + app: nginx +commonAnnotations: + note: This is a test annotation +resources: + - deployment.yaml + - namespace.yaml +configMapGenerator: +- name: literalConfigMap + literals: + - DB_USERNAME=admin + - DB_PASSWORD=somepw +secretGenerator: +- name: secret + literals: + - DB_USERNAME=admin + - DB_PASSWORD=somepw + type: Opaque +patchesJson6902: +- target: + group: apps + version: v1 + kind: Deployment + name: dply1 + path: jsonpatch.json +` + deploymentContent = ` +apiVersion: apps/v1 +metadata: + name: dply1 +kind: Deployment +` + namespaceContent = ` +apiVersion: v1 +kind: Namespace +metadata: + name: ns1 +` + jsonpatchContent = `[ + {"op": "add", "path": "/spec/replica", "value": "3"} +]` + + expectedContent = `apiVersion: v1 +kind: Namespace +metadata: + annotations: + note: This is a test annotation + labels: + app: nginx + name: foo-ns1-bar +--- +apiVersion: v1 +data: + DB_PASSWORD: somepw + DB_USERNAME: admin +kind: ConfigMap +metadata: + annotations: + note: This is a test annotation + labels: + app: nginx + name: foo-literalConfigMap-bar-8d2dkb8k24 + namespace: ns1 +--- +apiVersion: v1 +data: + DB_PASSWORD: c29tZXB3 + DB_USERNAME: YWRtaW4= +kind: Secret +metadata: + annotations: + note: This is a test annotation + labels: + app: nginx + name: foo-secret-bar-9btc7bt4kb + namespace: ns1 +type: Opaque +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + note: This is a test annotation + labels: + app: nginx + name: foo-dply1-bar + namespace: ns1 +spec: + replica: "3" + selector: + matchLabels: + app: nginx + template: + metadata: + annotations: + note: This is a test annotation + labels: + app: nginx +` +) + +func TestResources1(t *testing.T) { + fSys := fs.MakeFakeFS() + fSys.WriteFile("/kustomization.yaml", []byte(kustomizationContent1)) + fSys.WriteFile("/deployment.yaml", []byte(deploymentContent)) + fSys.WriteFile("/namespace.yaml", []byte(namespaceContent)) + fSys.WriteFile("/jsonpatch.json", []byte(jsonpatchContent)) + + var out bytes.Buffer + err := RunKustomizeBuild(&out, fSys, "/") + if err != nil { + t.Fatalf("unexpected Resources error %v", err) + } + + if out.String() != expectedContent { + t.Fatalf("expected:\n%s\nbut got:\n%s", expectedContent, out.String()) + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/BUILD new file mode 100644 index 00000000000..1ff850ef379 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/BUILD @@ -0,0 +1,39 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "factory.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/factory:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret:all-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct:all-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv:all-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer:all-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/BUILD new file mode 100644 index 00000000000..67c6bae6b51 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/BUILD @@ -0,0 +1,53 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "configmapfactory.go", + "kv.go", + "secretfactory.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv:go_default_library", + "//vendor/github.com/pkg/errors:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = [ + "configmapfactory_test.go", + "kv_test.go", + "secretfactory_test.go", + ], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/loader:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/configmapfactory.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/configmapfactory.go new file mode 100644 index 00000000000..45255373645 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/configmapfactory.go @@ -0,0 +1,126 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package configmapandsecret generates configmaps and secrets per generator rules. +package configmapandsecret + +import ( + "fmt" + "strings" + "unicode/utf8" + + "github.com/pkg/errors" + "k8s.io/api/core/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/validation" + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv" + "sigs.k8s.io/kustomize/pkg/ifc" + "sigs.k8s.io/kustomize/pkg/types" +) + +// ConfigMapFactory makes ConfigMaps. +type ConfigMapFactory struct { + ldr ifc.Loader +} + +// NewConfigMapFactory returns a new ConfigMapFactory. +func NewConfigMapFactory(l ifc.Loader) *ConfigMapFactory { + return &ConfigMapFactory{ldr: l} +} + +func (f *ConfigMapFactory) makeFreshConfigMap( + args *types.ConfigMapArgs) *corev1.ConfigMap { + cm := &corev1.ConfigMap{} + cm.APIVersion = "v1" + cm.Kind = "ConfigMap" + cm.Name = args.Name + cm.Namespace = args.Namespace + cm.Data = map[string]string{} + return cm +} + +// MakeConfigMap returns a new ConfigMap, or nil and an error. +func (f *ConfigMapFactory) MakeConfigMap( + args *types.ConfigMapArgs, options *types.GeneratorOptions) (*corev1.ConfigMap, error) { + var all []kv.Pair + var err error + cm := f.makeFreshConfigMap(args) + + pairs, err := keyValuesFromEnvFile(f.ldr, args.EnvSource) + if err != nil { + return nil, errors.Wrap(err, fmt.Sprintf( + "env source file: %s", + args.EnvSource)) + } + all = append(all, pairs...) + + pairs, err = keyValuesFromLiteralSources(args.LiteralSources) + if err != nil { + return nil, errors.Wrap(err, fmt.Sprintf( + "literal sources %v", args.LiteralSources)) + } + all = append(all, pairs...) + + pairs, err = keyValuesFromFileSources(f.ldr, args.FileSources) + if err != nil { + return nil, errors.Wrap(err, fmt.Sprintf( + "file sources: %v", args.FileSources)) + } + all = append(all, pairs...) + + for _, kv := range all { + err = addKvToConfigMap(cm, kv.Key, kv.Value) + if err != nil { + return nil, err + } + } + if options != nil { + cm.SetLabels(options.Labels) + cm.SetAnnotations(options.Annotations) + } + return cm, nil +} + +// addKvToConfigMap adds the given key and data to the given config map. +// Error if key invalid, or already exists. +func addKvToConfigMap(configMap *v1.ConfigMap, keyName, data string) error { + // Note, the rules for ConfigMap keys are the exact same as the ones for SecretKeys. + if errs := validation.IsConfigMapKey(keyName); len(errs) != 0 { + return fmt.Errorf("%q is not a valid key name for a ConfigMap: %s", keyName, strings.Join(errs, ";")) + } + + keyExistsErrorMsg := "cannot add key %s, another key by that name already exists: %v" + + // If the configmap data contains byte sequences that are all in the UTF-8 + // range, we will write it to .Data + if utf8.Valid([]byte(data)) { + if _, entryExists := configMap.Data[keyName]; entryExists { + return fmt.Errorf(keyExistsErrorMsg, keyName, configMap.Data) + } + configMap.Data[keyName] = data + return nil + } + + // otherwise, it's BinaryData + if configMap.BinaryData == nil { + configMap.BinaryData = map[string][]byte{} + } + if _, entryExists := configMap.BinaryData[keyName]; entryExists { + return fmt.Errorf(keyExistsErrorMsg, keyName, configMap.BinaryData) + } + configMap.BinaryData[keyName] = []byte(data) + return nil +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/configmapfactory_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/configmapfactory_test.go new file mode 100644 index 00000000000..3524a7bfdf8 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/configmapfactory_test.go @@ -0,0 +1,154 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package configmapandsecret + +import ( + "reflect" + "testing" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/kustomize/pkg/fs" + "sigs.k8s.io/kustomize/pkg/loader" + "sigs.k8s.io/kustomize/pkg/types" +) + +func makeEnvConfigMap(name string) *corev1.ConfigMap { + return &corev1.ConfigMap{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "ConfigMap", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Data: map[string]string{ + "DB_USERNAME": "admin", + "DB_PASSWORD": "somepw", + }, + } +} + +func makeFileConfigMap(name string) *corev1.ConfigMap { + return &corev1.ConfigMap{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "ConfigMap", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Data: map[string]string{ + "app-init.ini": `FOO=bar +BAR=baz +`, + }, + BinaryData: map[string][]byte{ + "app.bin": {0xff, 0xfd}, + }, + } +} + +func makeLiteralConfigMap(name string) *corev1.ConfigMap { + cm := &corev1.ConfigMap{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "ConfigMap", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Data: map[string]string{ + "a": "x", + "b": "y", + "c": "Hello World", + "d": "true", + }, + } + cm.SetLabels(map[string]string{"foo": "bar"}) + return cm +} + +func TestConstructConfigMap(t *testing.T) { + type testCase struct { + description string + input types.ConfigMapArgs + options *types.GeneratorOptions + expected *corev1.ConfigMap + } + + testCases := []testCase{ + { + description: "construct config map from env", + input: types.ConfigMapArgs{ + GeneratorArgs: types.GeneratorArgs{ + Name: "envConfigMap", + DataSources: types.DataSources{ + EnvSource: "configmap/app.env", + }, + }, + }, + options: nil, + expected: makeEnvConfigMap("envConfigMap"), + }, + { + description: "construct config map from file", + input: types.ConfigMapArgs{ + GeneratorArgs: types.GeneratorArgs{ + Name: "fileConfigMap", + DataSources: types.DataSources{ + FileSources: []string{"configmap/app-init.ini", "configmap/app.bin"}, + }, + }, + }, + options: nil, + expected: makeFileConfigMap("fileConfigMap"), + }, + { + description: "construct config map from literal", + input: types.ConfigMapArgs{ + GeneratorArgs: types.GeneratorArgs{ + Name: "literalConfigMap", + DataSources: types.DataSources{ + LiteralSources: []string{"a=x", "b=y", "c=\"Hello World\"", "d='true'"}, + }, + }, + }, + options: &types.GeneratorOptions{ + Labels: map[string]string{ + "foo": "bar", + }, + }, + expected: makeLiteralConfigMap("literalConfigMap"), + }, + } + + fSys := fs.MakeFakeFS() + fSys.WriteFile("/configmap/app.env", []byte("DB_USERNAME=admin\nDB_PASSWORD=somepw\n")) + fSys.WriteFile("/configmap/app-init.ini", []byte("FOO=bar\nBAR=baz\n")) + fSys.WriteFile("/configmap/app.bin", []byte{0xff, 0xfd}) + f := NewConfigMapFactory(loader.NewFileLoaderAtRoot(fSys)) + for _, tc := range testCases { + cm, err := f.MakeConfigMap(&tc.input, tc.options) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if !reflect.DeepEqual(*cm, *tc.expected) { + t.Fatalf("in testcase: %q updated:\n%#v\ndoesn't match expected:\n%#v\n", tc.description, *cm, tc.expected) + } + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/kv.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/kv.go new file mode 100644 index 00000000000..893dfefc9c9 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/kv.go @@ -0,0 +1,107 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package configmapandsecret + +import ( + "fmt" + "path" + "strings" + + "github.com/pkg/errors" + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv" + "sigs.k8s.io/kustomize/pkg/ifc" +) + +func keyValuesFromLiteralSources(sources []string) ([]kv.Pair, error) { + var kvs []kv.Pair + for _, s := range sources { + k, v, err := parseLiteralSource(s) + if err != nil { + return nil, err + } + kvs = append(kvs, kv.Pair{Key: k, Value: v}) + } + return kvs, nil +} + +func keyValuesFromFileSources(ldr ifc.Loader, sources []string) ([]kv.Pair, error) { + var kvs []kv.Pair + for _, s := range sources { + k, fPath, err := parseFileSource(s) + if err != nil { + return nil, err + } + content, err := ldr.Load(fPath) + if err != nil { + return nil, err + } + kvs = append(kvs, kv.Pair{Key: k, Value: string(content)}) + } + return kvs, nil +} + +func keyValuesFromEnvFile(l ifc.Loader, path string) ([]kv.Pair, error) { + if path == "" { + return nil, nil + } + content, err := l.Load(path) + if err != nil { + return nil, err + } + return kv.KeyValuesFromLines(content) +} + +// parseFileSource parses the source given. +// +// Acceptable formats include: +// 1. source-path: the basename will become the key name +// 2. source-name=source-path: the source-name will become the key name and +// source-path is the path to the key file. +// +// Key names cannot include '='. +func parseFileSource(source string) (keyName, filePath string, err error) { + numSeparators := strings.Count(source, "=") + switch { + case numSeparators == 0: + return path.Base(source), source, nil + case numSeparators == 1 && strings.HasPrefix(source, "="): + return "", "", fmt.Errorf("key name for file path %v missing", strings.TrimPrefix(source, "=")) + case numSeparators == 1 && strings.HasSuffix(source, "="): + return "", "", fmt.Errorf("file path for key name %v missing", strings.TrimSuffix(source, "=")) + case numSeparators > 1: + return "", "", errors.New("key names or file paths cannot contain '='") + default: + components := strings.Split(source, "=") + return components[0], components[1], nil + } +} + +// parseLiteralSource parses the source key=val pair into its component pieces. +// This functionality is distinguished from strings.SplitN(source, "=", 2) since +// it returns an error in the case of empty keys, values, or a missing equals sign. +func parseLiteralSource(source string) (keyName, value string, err error) { + // leading equal is invalid + if strings.Index(source, "=") == 0 { + return "", "", fmt.Errorf("invalid literal source %v, expected key=value", source) + } + // split after the first equal (so values can have the = character) + items := strings.SplitN(source, "=", 2) + if len(items) != 2 { + return "", "", fmt.Errorf("invalid literal source %v, expected key=value", source) + } + return items[0], strings.Trim(items[1], "\"'"), nil +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/kv_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/kv_test.go new file mode 100644 index 00000000000..236af026434 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/kv_test.go @@ -0,0 +1,57 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package configmapandsecret + +import ( + "reflect" + "testing" + + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv" + "sigs.k8s.io/kustomize/pkg/fs" + "sigs.k8s.io/kustomize/pkg/loader" +) + +func TestKeyValuesFromFileSources(t *testing.T) { + tests := []struct { + description string + sources []string + expected []kv.Pair + }{ + { + description: "create kvs from file sources", + sources: []string{"files/app-init.ini"}, + expected: []kv.Pair{ + { + Key: "app-init.ini", + Value: "FOO=bar", + }, + }, + }, + } + + fSys := fs.MakeFakeFS() + fSys.WriteFile("/files/app-init.ini", []byte("FOO=bar")) + for _, tc := range tests { + kvs, err := keyValuesFromFileSources(loader.NewFileLoaderAtRoot(fSys), tc.sources) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if !reflect.DeepEqual(kvs, tc.expected) { + t.Fatalf("in testcase: %q updated:\n%#v\ndoesn't match expected:\n%#v\n", tc.description, kvs, tc.expected) + } + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/secretfactory.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/secretfactory.go new file mode 100644 index 00000000000..6e431a7e3e2 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/secretfactory.go @@ -0,0 +1,106 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package configmapandsecret + +import ( + "fmt" + "strings" + + "github.com/pkg/errors" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/validation" + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv" + "sigs.k8s.io/kustomize/pkg/ifc" + "sigs.k8s.io/kustomize/pkg/types" +) + +// SecretFactory makes Secrets. +type SecretFactory struct { + ldr ifc.Loader +} + +// NewSecretFactory returns a new SecretFactory. +func NewSecretFactory(ldr ifc.Loader) *SecretFactory { + return &SecretFactory{ldr: ldr} +} + +func (f *SecretFactory) makeFreshSecret(args *types.SecretArgs) *corev1.Secret { + s := &corev1.Secret{} + s.APIVersion = "v1" + s.Kind = "Secret" + s.Name = args.Name + s.Namespace = args.Namespace + s.Type = corev1.SecretType(args.Type) + if s.Type == "" { + s.Type = corev1.SecretTypeOpaque + } + s.Data = map[string][]byte{} + return s +} + +// MakeSecret returns a new secret. +func (f *SecretFactory) MakeSecret(args *types.SecretArgs, options *types.GeneratorOptions) (*corev1.Secret, error) { + var all []kv.Pair + var err error + s := f.makeFreshSecret(args) + + pairs, err := keyValuesFromEnvFile(f.ldr, args.EnvSource) + if err != nil { + return nil, errors.Wrap(err, fmt.Sprintf( + "env source file: %s", + args.EnvSource)) + } + all = append(all, pairs...) + + pairs, err = keyValuesFromLiteralSources(args.LiteralSources) + if err != nil { + return nil, errors.Wrap(err, fmt.Sprintf( + "literal sources %v", args.LiteralSources)) + } + all = append(all, pairs...) + + pairs, err = keyValuesFromFileSources(f.ldr, args.FileSources) + if err != nil { + return nil, errors.Wrap(err, fmt.Sprintf( + "file sources: %v", args.FileSources)) + } + all = append(all, pairs...) + + for _, kv := range all { + err = addKvToSecret(s, kv.Key, kv.Value) + if err != nil { + return nil, err + } + } + if options != nil { + s.SetLabels(options.Labels) + s.SetAnnotations(options.Annotations) + } + return s, nil +} + +func addKvToSecret(secret *corev1.Secret, keyName, data string) error { + // Note, the rules for SecretKeys keys are the exact same as the ones for ConfigMap. + if errs := validation.IsConfigMapKey(keyName); len(errs) != 0 { + return fmt.Errorf("%q is not a valid key name for a Secret: %s", keyName, strings.Join(errs, ";")) + } + if _, entryExists := secret.Data[keyName]; entryExists { + return fmt.Errorf("cannot add key %s, another key by that name already exists", keyName) + } + secret.Data[keyName] = []byte(data) + return nil +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/secretfactory_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/secretfactory_test.go new file mode 100644 index 00000000000..da405a27f8e --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret/secretfactory_test.go @@ -0,0 +1,151 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package configmapandsecret + +import ( + "reflect" + "testing" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/kustomize/pkg/fs" + "sigs.k8s.io/kustomize/pkg/loader" + "sigs.k8s.io/kustomize/pkg/types" +) + +func makeEnvSecret(name string) *corev1.Secret { + return &corev1.Secret{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Secret", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Data: map[string][]byte{ + "DB_PASSWORD": []byte("somepw"), + "DB_USERNAME": []byte("admin"), + }, + Type: "Opaque", + } +} + +func makeFileSecret(name string) *corev1.Secret { + return &corev1.Secret{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Secret", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Data: map[string][]byte{ + "app-init.ini": []byte(`FOO=bar +BAR=baz +`), + }, + Type: "Opaque", + } +} + +func makeLiteralSecret(name string) *corev1.Secret { + s := &corev1.Secret{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Secret", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Data: map[string][]byte{ + "a": []byte("x"), + "b": []byte("y"), + }, + Type: "Opaque", + } + s.SetLabels(map[string]string{"foo": "bar"}) + return s +} + +func TestConstructSecret(t *testing.T) { + type testCase struct { + description string + input types.SecretArgs + options *types.GeneratorOptions + expected *corev1.Secret + } + + testCases := []testCase{ + { + description: "construct secret from env", + input: types.SecretArgs{ + GeneratorArgs: types.GeneratorArgs{ + Name: "envSecret", + DataSources: types.DataSources{ + EnvSource: "secret/app.env", + }, + }, + }, + options: nil, + expected: makeEnvSecret("envSecret"), + }, + { + description: "construct secret from file", + input: types.SecretArgs{ + GeneratorArgs: types.GeneratorArgs{ + Name: "fileSecret", + DataSources: types.DataSources{ + FileSources: []string{"secret/app-init.ini"}, + }, + }, + }, + options: nil, + expected: makeFileSecret("fileSecret"), + }, + { + description: "construct secret from literal", + input: types.SecretArgs{ + GeneratorArgs: types.GeneratorArgs{ + Name: "literalSecret", + DataSources: types.DataSources{ + LiteralSources: []string{"a=x", "b=y"}, + }, + }, + }, + options: &types.GeneratorOptions{ + Labels: map[string]string{ + "foo": "bar", + }, + }, + expected: makeLiteralSecret("literalSecret"), + }, + } + + fSys := fs.MakeFakeFS() + fSys.WriteFile("/secret/app.env", []byte("DB_USERNAME=admin\nDB_PASSWORD=somepw\n")) + fSys.WriteFile("/secret/app-init.ini", []byte("FOO=bar\nBAR=baz\n")) + f := NewSecretFactory(loader.NewFileLoaderAtRoot(fSys)) + for _, tc := range testCases { + cm, err := f.MakeSecret(&tc.input, tc.options) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if !reflect.DeepEqual(*cm, *tc.expected) { + t.Fatalf("in testcase: %q updated:\n%#v\ndoesn't match expected:\n%#v\n", tc.description, *cm, tc.expected) + } + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/doc.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/doc.go new file mode 100644 index 00000000000..c98cb8d6804 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/doc.go @@ -0,0 +1,76 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// It's possible that kustomize's features will be vendored into +// the kubernetes/kubernetes repo and made available to kubectl +// commands, while at the same time the kustomize program will +// continue to exist as an independent CLI. Vendoring snapshots +// would be taken just before a kubectl release. +// +// This creates a problem in that freestanding-kustomize depends on +// (for example): +// +// https://github.com/kubernetes/apimachinery/ +// tree/master/pkg/util/yaml +// +// It vendors that package into +// sigs.k8s.io/kustomize/vendor/k8s.io/apimachinery/ +// +// Whereas kubectl-kustomize would have to depend on the "staging" +// version of this code, located at +// +// https://github.com/kubernetes/kubernetes/ +// blob/master/staging/src/k8s.io/apimachinery/pkg/util/yaml +// +// which is "vendored" via symlinks: +// k8s.io/kubernetes/vendor/k8s.io/apimachinery +// is a symlink to +// ../../staging/src/k8s.io/apimachinery +// +// The staging version is the canonical, under-development +// version of the code that kubectl depends on, whereas the packages +// at kubernetes/apimachinery are periodic snapshots of staging made +// for outside tools to depend on. +// +// apimachinery isn't the only package that poses this problem, just +// using it as a specific example. +// +// The kubectl binary cannot vendor in kustomize code that in +// turn vendors in the non-staging packages. +// +// One way to fix some of this would be to copy code - a hard fork. +// This has all the problems associated with a hard forking. +// +// Another way would be to break the kustomize repo into three: +// +// (1) kustomize - repo with the main() function, +// vendoring (2) and (3). +// +// (2) kustomize-libs - packages used by (1) with no +// apimachinery dependence. +// +// (3) kustomize-k8sdeps - A thin code layer that depends +// on (vendors) apimachinery to provide thin implementations +// to interfaces used in (2). +// +// The kubectl repo would then vendor from (2) only, and have +// a local implementation of (3). With that in mind, it's clear +// that (3) doesn't have to be a repo; the kustomize version of +// the thin layer can live directly in (1). +// +// This package is the code in (3), meant for kustomize. + +package k8sdeps diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/factory.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/factory.go new file mode 100644 index 00000000000..a83b4bdaae0 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/factory.go @@ -0,0 +1,34 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package k8sdeps provides kustomize factory with k8s dependencies +package k8sdeps + +import ( + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct" + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer" + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator" + "sigs.k8s.io/kustomize/pkg/factory" +) + +// NewFactory creates an instance of KustFactory using k8sdeps factories +func NewFactory() *factory.KustFactory { + return factory.NewKustFactory( + kunstruct.NewKunstructuredFactoryImpl(), + validator.NewKustValidator(), + transformer.NewFactoryImpl(), + ) +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/BUILD new file mode 100644 index 00000000000..92105687e44 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/BUILD @@ -0,0 +1,47 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "factory.go", + "helper.go", + "kunstruct.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/yaml:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = [ + "factory_test.go", + "kunstruct_test.go", + ], + embed = [":go_default_library"], + deps = ["//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/factory.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/factory.go new file mode 100644 index 00000000000..4e001aaa058 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/factory.go @@ -0,0 +1,118 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kunstruct + +import ( + "bytes" + "fmt" + "io" + "strings" + + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/util/yaml" + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/configmapandsecret" + "sigs.k8s.io/kustomize/pkg/ifc" + "sigs.k8s.io/kustomize/pkg/types" +) + +// KunstructuredFactoryImpl hides construction using apimachinery types. +type KunstructuredFactoryImpl struct { + cmFactory *configmapandsecret.ConfigMapFactory + secretFactory *configmapandsecret.SecretFactory +} + +var _ ifc.KunstructuredFactory = &KunstructuredFactoryImpl{} + +// NewKunstructuredFactoryImpl returns a factory. +func NewKunstructuredFactoryImpl() ifc.KunstructuredFactory { + return &KunstructuredFactoryImpl{} +} + +// SliceFromBytes returns a slice of Kunstructured. +func (kf *KunstructuredFactoryImpl) SliceFromBytes( + in []byte) ([]ifc.Kunstructured, error) { + decoder := yaml.NewYAMLOrJSONDecoder(bytes.NewReader(in), 1024) + var result []ifc.Kunstructured + var err error + for err == nil || isEmptyYamlError(err) { + var out unstructured.Unstructured + err = decoder.Decode(&out) + if err == nil { + if len(out.Object) == 0 { + continue + } + err = kf.validate(out) + if err != nil { + return nil, err + } + result = append(result, &UnstructAdapter{Unstructured: out}) + } + } + if err != io.EOF { + return nil, err + } + return result, nil +} + +func isEmptyYamlError(err error) bool { + return strings.Contains(err.Error(), "is missing in 'null'") +} + +// FromMap returns an instance of Kunstructured. +func (kf *KunstructuredFactoryImpl) FromMap( + m map[string]interface{}) ifc.Kunstructured { + return &UnstructAdapter{Unstructured: unstructured.Unstructured{Object: m}} +} + +// MakeConfigMap returns an instance of Kunstructured for ConfigMap +func (kf *KunstructuredFactoryImpl) MakeConfigMap(args *types.ConfigMapArgs, options *types.GeneratorOptions) (ifc.Kunstructured, error) { + cm, err := kf.cmFactory.MakeConfigMap(args, options) + if err != nil { + return nil, err + } + return NewKunstructuredFromObject(cm) +} + +// MakeSecret returns an instance of Kunstructured for Secret +func (kf *KunstructuredFactoryImpl) MakeSecret(args *types.SecretArgs, options *types.GeneratorOptions) (ifc.Kunstructured, error) { + sec, err := kf.secretFactory.MakeSecret(args, options) + if err != nil { + return nil, err + } + return NewKunstructuredFromObject(sec) +} + +// Set sets loader +func (kf *KunstructuredFactoryImpl) Set(ldr ifc.Loader) { + kf.cmFactory = configmapandsecret.NewConfigMapFactory(ldr) + kf.secretFactory = configmapandsecret.NewSecretFactory(ldr) +} + +// validate validates that u has kind and name +// except for kind `List`, which doesn't require a name +func (kf *KunstructuredFactoryImpl) validate(u unstructured.Unstructured) error { + kind := u.GetKind() + if kind == "" { + return fmt.Errorf("missing kind in object %v", u) + } else if kind == "List" { + return nil + } + if u.GetName() == "" { + return fmt.Errorf("missing metadata.name in object %v", u) + } + return nil +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/factory_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/factory_test.go new file mode 100644 index 00000000000..51e2be793c9 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/factory_test.go @@ -0,0 +1,175 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kunstruct + +import ( + "reflect" + "testing" + + "sigs.k8s.io/kustomize/pkg/ifc" +) + +func TestSliceFromBytes(t *testing.T) { + factory := NewKunstructuredFactoryImpl() + testConfigMap := factory.FromMap( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "ConfigMap", + "metadata": map[string]interface{}{ + "name": "winnie", + }, + }) + testList := factory.FromMap( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "List", + "items": []interface{}{ + testConfigMap.Map(), + testConfigMap.Map(), + }, + }) + + tests := []struct { + name string + input []byte + expectedOut []ifc.Kunstructured + expectedErr bool + }{ + { + name: "garbage", + input: []byte("garbageIn: garbageOut"), + expectedOut: []ifc.Kunstructured{}, + expectedErr: true, + }, + { + name: "noBytes", + input: []byte{}, + expectedOut: []ifc.Kunstructured{}, + expectedErr: false, + }, + { + name: "goodJson", + input: []byte(` +{"apiVersion":"v1","kind":"ConfigMap","metadata":{"name":"winnie"}} +`), + expectedOut: []ifc.Kunstructured{testConfigMap}, + expectedErr: false, + }, + { + name: "goodYaml1", + input: []byte(` +apiVersion: v1 +kind: ConfigMap +metadata: + name: winnie +`), + expectedOut: []ifc.Kunstructured{testConfigMap}, + expectedErr: false, + }, + { + name: "goodYaml2", + input: []byte(` +apiVersion: v1 +kind: ConfigMap +metadata: + name: winnie +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: winnie +`), + expectedOut: []ifc.Kunstructured{testConfigMap, testConfigMap}, + expectedErr: false, + }, + { + name: "garbageInOneOfTwoObjects", + input: []byte(` +apiVersion: v1 +kind: ConfigMap +metadata: + name: winnie +--- +WOOOOOOOOOOOOOOOOOOOOOOOOT: woot +`), + expectedOut: []ifc.Kunstructured{}, + expectedErr: true, + }, + { + name: "emptyObjects", + input: []byte(` +--- +#a comment + +--- + +`), + expectedOut: []ifc.Kunstructured{}, + expectedErr: false, + }, + { + name: "Missing .metadata.name in object", + input: []byte(` +apiVersion: v1 +kind: Namespace +metadata: + annotations: + foo: bar +`), + expectedOut: nil, + expectedErr: true, + }, + { + name: "List", + input: []byte(` +apiVersion: v1 +kind: List +items: +- apiVersion: v1 + kind: ConfigMap + metadata: + name: winnie +- apiVersion: v1 + kind: ConfigMap + metadata: + name: winnie +`), + expectedOut: []ifc.Kunstructured{testList}, + expectedErr: false, + }, + } + + for _, test := range tests { + rs, err := factory.SliceFromBytes(test.input) + if test.expectedErr && err == nil { + t.Fatalf("%v: should return error", test.name) + } + if !test.expectedErr && err != nil { + t.Fatalf("%v: unexpected error: %s", test.name, err) + } + if len(rs) != len(test.expectedOut) { + t.Fatalf("%s: length mismatch %d != %d", + test.name, len(rs), len(test.expectedOut)) + } + for i := range rs { + if !reflect.DeepEqual(test.expectedOut[i], rs[i]) { + t.Fatalf("%s: Got: %v\nexpected:%v", + test.name, test.expectedOut[i], rs[i]) + } + } + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/helper.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/helper.go new file mode 100644 index 00000000000..0675b961de8 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/helper.go @@ -0,0 +1,71 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package kunstruct provides unstructured from api machinery and factory for creating unstructured +package kunstruct + +import ( + "fmt" + "strings" +) + +func parseFields(path string) ([]string, error) { + if !strings.Contains(path, "[") { + return strings.Split(path, "."), nil + } + + var fields []string + start := 0 + insideParentheses := false + for i := range path { + switch path[i] { + case '.': + if !insideParentheses { + fields = append(fields, path[start:i]) + start = i + 1 + } + case '[': + if !insideParentheses { + if i == start { + start = i + 1 + } else { + fields = append(fields, path[start:i]) + start = i + 1 + } + insideParentheses = true + } else { + return nil, fmt.Errorf("nested parentheses are not allowed: %s", path) + } + case ']': + if insideParentheses { + fields = append(fields, path[start:i]) + start = i + 1 + insideParentheses = false + } else { + return nil, fmt.Errorf("invalid field path %s", path) + } + } + } + if start < len(path)-1 { + fields = append(fields, path[start:]) + } + for i, f := range fields { + if strings.HasPrefix(f, "\"") || strings.HasPrefix(f, "'") { + fields[i] = strings.Trim(f, "\"'") + } + } + return fields, nil +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/kunstruct.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/kunstruct.go new file mode 100644 index 00000000000..5ad306bf56c --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/kunstruct.go @@ -0,0 +1,92 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package kunstruct provides unstructured from api machinery and factory for creating unstructured +package kunstruct + +import ( + "encoding/json" + "fmt" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/ifc" +) + +var _ ifc.Kunstructured = &UnstructAdapter{} + +// UnstructAdapter wraps unstructured.Unstructured from +// https://github.com/kubernetes/apimachinery/blob/master/ +// pkg/apis/meta/v1/unstructured/unstructured.go +// to isolate dependence on apimachinery. +type UnstructAdapter struct { + unstructured.Unstructured +} + +// NewKunstructuredFromObject returns a new instance of Kunstructured. +func NewKunstructuredFromObject(obj runtime.Object) (ifc.Kunstructured, error) { + // Convert obj to a byte stream, then convert that to JSON (Unstructured). + marshaled, err := json.Marshal(obj) + if err != nil { + return &UnstructAdapter{}, err + } + var u unstructured.Unstructured + err = u.UnmarshalJSON(marshaled) + // creationTimestamp always 'null', remove it + u.SetCreationTimestamp(metav1.Time{}) + return &UnstructAdapter{Unstructured: u}, err +} + +// GetGvk returns the Gvk name of the object. +func (fs *UnstructAdapter) GetGvk() gvk.Gvk { + x := fs.GroupVersionKind() + return gvk.Gvk{ + Group: x.Group, + Version: x.Version, + Kind: x.Kind, + } +} + +// Copy provides a copy behind an interface. +func (fs *UnstructAdapter) Copy() ifc.Kunstructured { + return &UnstructAdapter{*fs.DeepCopy()} +} + +// Map returns the unstructured content map. +func (fs *UnstructAdapter) Map() map[string]interface{} { + return fs.Object +} + +// SetMap overrides the unstructured content map. +func (fs *UnstructAdapter) SetMap(m map[string]interface{}) { + fs.Object = m +} + +// GetFieldValue returns value at the given fieldpath. +func (fs *UnstructAdapter) GetFieldValue(path string) (string, error) { + fields, err := parseFields(path) + if err != nil { + return "", err + } + s, found, err := unstructured.NestedString( + fs.UnstructuredContent(), fields...) + if found || err != nil { + return s, err + } + return "", fmt.Errorf("no field named '%s'", path) +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/kunstruct_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/kunstruct_test.go new file mode 100644 index 00000000000..dc7eb8bb2a3 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct/kunstruct_test.go @@ -0,0 +1,148 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kunstruct + +import ( + "testing" +) + +func TestGetFieldValue(t *testing.T) { + factory := NewKunstructuredFactoryImpl() + kunstructured := factory.FromMap(map[string]interface{}{ + "Kind": "Service", + "metadata": map[string]interface{}{ + "labels": map[string]string{ + "app": "application-name", + }, + "name": "service-name", + }, + "spec": map[string]interface{}{ + "ports": map[string]interface{}{ + "port": "80", + }, + }, + "this": map[string]interface{}{ + "is": map[string]interface{}{ + "aNumber": 1000, + "aNilValue": nil, + "anEmptyMap": map[string]interface{}{}, + "unrecognizable": testing.InternalExample{ + Name: "fooBar", + }, + }, + }, + }) + + tests := []struct { + name string + pathToField string + expectedValue string + errorExpected bool + errorMsg string + }{ + { + name: "oneField", + pathToField: "Kind", + expectedValue: "Service", + errorExpected: false, + }, + { + name: "twoFields", + pathToField: "metadata.name", + expectedValue: "service-name", + errorExpected: false, + }, + { + name: "threeFields", + pathToField: "spec.ports.port", + expectedValue: "80", + errorExpected: false, + }, + { + name: "empty", + pathToField: "", + errorExpected: true, + errorMsg: "no field named ''", + }, + { + name: "emptyDotEmpty", + pathToField: ".", + errorExpected: true, + errorMsg: "no field named '.'", + }, + { + name: "twoFieldsOneMissing", + pathToField: "metadata.banana", + errorExpected: true, + errorMsg: "no field named 'metadata.banana'", + }, + { + name: "deeperMissingField", + pathToField: "this.is.aDeep.field.that.does.not.exist", + errorExpected: true, + errorMsg: "no field named 'this.is.aDeep.field.that.does.not.exist'", + }, + { + name: "emptyMap", + pathToField: "this.is.anEmptyMap", + errorExpected: true, + errorMsg: ".this.is.anEmptyMap accessor error: map[] is of the type map[string]interface {}, expected string", + }, + { + name: "numberAsValue", + pathToField: "this.is.aNumber", + errorExpected: true, + errorMsg: ".this.is.aNumber accessor error: 1000 is of the type int, expected string", + }, + { + name: "nilAsValue", + pathToField: "this.is.aNilValue", + errorExpected: true, + errorMsg: ".this.is.aNilValue accessor error: is of the type , expected string", + }, + { + name: "unrecognizable", + pathToField: "this.is.unrecognizable.Name", + errorExpected: true, + errorMsg: ".this.is.unrecognizable.Name accessor error: {fooBar false} is of the type testing.InternalExample, expected map[string]interface{}", + }, + } + + for _, test := range tests { + s, err := kunstructured.GetFieldValue(test.pathToField) + if test.errorExpected { + if err == nil { + t.Fatalf("%q; path %q - should return error, but no error returned", + test.name, test.pathToField) + } + if test.errorMsg != err.Error() { + t.Fatalf("%q; path %q - expected error: \"%s\", got error: \"%v\"", + test.name, test.pathToField, test.errorMsg, err.Error()) + } + continue + } + if err != nil { + t.Fatalf("%q; path %q - unexpected error %v", + test.name, test.pathToField, err) + } + if test.expectedValue != s { + t.Fatalf("%q; Got: %s expected: %s", + test.name, s, test.expectedValue) + } + + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/BUILD new file mode 100644 index 00000000000..896f3c73e8a --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["kv.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv", + visibility = ["//visibility:public"], + deps = ["//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library"], +) + +go_test( + name = "go_default_test", + srcs = ["kv_test.go"], + embed = [":go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/kv.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/kv.go new file mode 100644 index 00000000000..27b8b3431e1 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/kv.go @@ -0,0 +1,102 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kv + +import ( + "bufio" + "bytes" + "fmt" + "os" + "strings" + "unicode" + "unicode/utf8" + + "k8s.io/apimachinery/pkg/util/validation" +) + +// Pair represents a pair. +type Pair struct { + Key string + Value string +} + +var utf8bom = []byte{0xEF, 0xBB, 0xBF} + +// KeyValuesFromLines parses given content in to a list of key-value pairs. +func KeyValuesFromLines(content []byte) ([]Pair, error) { + var kvs []Pair + + scanner := bufio.NewScanner(bytes.NewReader(content)) + currentLine := 0 + for scanner.Scan() { + // Process the current line, retrieving a key/value pair if + // possible. + scannedBytes := scanner.Bytes() + kv, err := KeyValuesFromLine(scannedBytes, currentLine) + if err != nil { + return nil, err + } + currentLine++ + + if len(kv.Key) == 0 { + // no key means line was empty or a comment + continue + } + + kvs = append(kvs, kv) + } + return kvs, nil +} + +// KeyValuesFromLine returns a kv with blank key if the line is empty or a comment. +// The value will be retrieved from the environment if necessary. +func KeyValuesFromLine(line []byte, currentLine int) (Pair, error) { + kv := Pair{} + + if !utf8.Valid(line) { + return kv, fmt.Errorf("line %d has invalid utf8 bytes : %v", line, string(line)) + } + + // We trim UTF8 BOM from the first line of the file but no others + if currentLine == 0 { + line = bytes.TrimPrefix(line, utf8bom) + } + + // trim the line from all leading whitespace first + line = bytes.TrimLeftFunc(line, unicode.IsSpace) + + // If the line is empty or a comment, we return a blank key/value pair. + if len(line) == 0 || line[0] == '#' { + return kv, nil + } + + data := strings.SplitN(string(line), "=", 2) + key := data[0] + if errs := validation.IsEnvVarName(key); len(errs) != 0 { + return kv, fmt.Errorf("%q is not a valid key name: %s", key, strings.Join(errs, ";")) + } + + if len(data) == 2 { + kv.Value = data[1] + } else { + // No value (no `=` in the line) is a signal to obtain the value + // from the environment. + kv.Value = os.Getenv(key) + } + kv.Key = key + return kv, nil +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/kv_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/kv_test.go new file mode 100644 index 00000000000..f854a917f54 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv/kv_test.go @@ -0,0 +1,68 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kv + +import ( + "reflect" + "testing" +) + +func TestKeyValuesFromLines(t *testing.T) { + tests := []struct { + desc string + content string + expectedPairs []Pair + expectedErr bool + }{ + { + desc: "valid kv content parse", + content: ` + k1=v1 + k2=v2 + `, + expectedPairs: []Pair{ + {Key: "k1", Value: "v1"}, + {Key: "k2", Value: "v2"}, + }, + expectedErr: false, + }, + { + desc: "content with comments", + content: ` + k1=v1 + #k2=v2 + `, + expectedPairs: []Pair{ + {Key: "k1", Value: "v1"}, + }, + expectedErr: false, + }, + // TODO: add negative testcases + } + + for _, test := range tests { + pairs, err := KeyValuesFromLines([]byte(test.content)) + if test.expectedErr && err == nil { + t.Fatalf("%s should not return error", test.desc) + } + + if !reflect.DeepEqual(pairs, test.expectedPairs) { + t.Errorf("%s should succeed, got:%v exptected:%v", test.desc, pairs, test.expectedPairs) + } + + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/BUILD new file mode 100644 index 00000000000..b6ab75a1076 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/BUILD @@ -0,0 +1,33 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["factory.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash:all-srcs", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/factory.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/factory.go new file mode 100644 index 00000000000..bc435b37975 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/factory.go @@ -0,0 +1,43 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package transformer provides transformer factory +package transformer + +import ( + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash" + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch" + "sigs.k8s.io/kustomize/pkg/resource" + "sigs.k8s.io/kustomize/pkg/transformers" +) + +// FactoryImpl makes patch transformer and name hash transformer +type FactoryImpl struct{} + +// NewFactoryImpl makes a new factoryImpl instance +func NewFactoryImpl() *FactoryImpl { + return &FactoryImpl{} +} + +// MakePatchTransformer makes a new patch transformer +func (p *FactoryImpl) MakePatchTransformer(slice []*resource.Resource, rf *resource.Factory) (transformers.Transformer, error) { + return patch.NewPatchTransformer(slice, rf) +} + +// MakeHashTransformer makes a new name hash transformer +func (p *FactoryImpl) MakeHashTransformer() transformers.Transformer { + return hash.NewNameHashTransformer() +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/BUILD new file mode 100644 index 00000000000..1b2a78eb678 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/BUILD @@ -0,0 +1,50 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "hash.go", + "namehash.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = [ + "hash_test.go", + "namehash_test.go", + ], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resid:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/hash.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/hash.go new file mode 100644 index 00000000000..17e24ff3e64 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/hash.go @@ -0,0 +1,168 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package hash + +import ( + "crypto/sha256" + "encoding/json" + "fmt" + + "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" +) + +// KustHash compute hash for unstructured objects +type KustHash struct{} + +// NewKustHash returns a KustHash object +func NewKustHash() *KustHash { + return &KustHash{} +} + +// Hash returns a hash of either a ConfigMap or a Secret +func (h *KustHash) Hash(m map[string]interface{}) (string, error) { + u := unstructured.Unstructured{ + Object: m, + } + kind := u.GetKind() + switch kind { + case "ConfigMap": + cm, err := unstructuredToConfigmap(u) + if err != nil { + return "", err + } + return ConfigMapHash(cm) + case "Secret": + sec, err := unstructuredToSecret(u) + + if err != nil { + return "", err + } + return SecretHash(sec) + default: + return "", fmt.Errorf("type %s is supported for hashing in %v", kind, m) + } +} + +// ConfigMapHash returns a hash of the ConfigMap. +// The Data, Kind, and Name are taken into account. +func ConfigMapHash(cm *v1.ConfigMap) (string, error) { + encoded, err := encodeConfigMap(cm) + if err != nil { + return "", err + } + h, err := encodeHash(hash(encoded)) + if err != nil { + return "", err + } + return h, nil +} + +// SecretHash returns a hash of the Secret. +// The Data, Kind, Name, and Type are taken into account. +func SecretHash(sec *v1.Secret) (string, error) { + encoded, err := encodeSecret(sec) + if err != nil { + return "", err + } + h, err := encodeHash(hash(encoded)) + if err != nil { + return "", err + } + return h, nil +} + +// encodeConfigMap encodes a ConfigMap. +// Data, Kind, and Name are taken into account. +func encodeConfigMap(cm *v1.ConfigMap) (string, error) { + // json.Marshal sorts the keys in a stable order in the encoding + m := map[string]interface{}{"kind": "ConfigMap", "name": cm.Name, "data": cm.Data} + if len(cm.BinaryData) > 0 { + m["binaryData"] = cm.BinaryData + } + data, err := json.Marshal(m) + if err != nil { + return "", err + } + return string(data), nil +} + +// encodeSecret encodes a Secret. +// Data, Kind, Name, and Type are taken into account. +func encodeSecret(sec *v1.Secret) (string, error) { + // json.Marshal sorts the keys in a stable order in the encoding + data, err := json.Marshal(map[string]interface{}{"kind": "Secret", "type": sec.Type, "name": sec.Name, "data": sec.Data}) + if err != nil { + return "", err + } + return string(data), nil +} + +// encodeHash extracts the first 40 bits of the hash from the hex string +// (1 hex char represents 4 bits), and then maps vowels and vowel-like hex +// characters to consonants to prevent bad words from being formed (the theory +// is that no vowels makes it really hard to make bad words). Since the string +// is hex, the only vowels it can contain are 'a' and 'e'. +// We picked some arbitrary consonants to map to from the same character set as GenerateName. +// See: https://github.com/kubernetes/apimachinery/blob/dc1f89aff9a7509782bde3b68824c8043a3e58cc/pkg/util/rand/rand.go#L75 +// If the hex string contains fewer than ten characters, returns an error. +func encodeHash(hex string) (string, error) { + if len(hex) < 10 { + return "", fmt.Errorf("the hex string must contain at least 10 characters") + } + enc := []rune(hex[:10]) + for i := range enc { + switch enc[i] { + case '0': + enc[i] = 'g' + case '1': + enc[i] = 'h' + case '3': + enc[i] = 'k' + case 'a': + enc[i] = 'm' + case 'e': + enc[i] = 't' + } + } + return string(enc), nil +} + +// hash hashes `data` with sha256 and returns the hex string +func hash(data string) string { + return fmt.Sprintf("%x", sha256.Sum256([]byte(data))) +} + +func unstructuredToConfigmap(u unstructured.Unstructured) (*v1.ConfigMap, error) { + marshaled, err := json.Marshal(u.Object) + if err != nil { + return nil, err + } + var out v1.ConfigMap + err = json.Unmarshal(marshaled, &out) + return &out, err +} + +func unstructuredToSecret(u unstructured.Unstructured) (*v1.Secret, error) { + marshaled, err := json.Marshal(u.Object) + if err != nil { + return nil, err + } + var out v1.Secret + err = json.Unmarshal(marshaled, &out) + return &out, err +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/hash_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/hash_test.go new file mode 100644 index 00000000000..2d336f35a82 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/hash_test.go @@ -0,0 +1,208 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package hash + +import ( + "reflect" + "strings" + "testing" + + "k8s.io/api/core/v1" + "sigs.k8s.io/kustomize/pkg/gvk" +) + +var service = gvk.Gvk{Version: "v1", Kind: "Service"} +var secret = gvk.Gvk{Version: "v1", Kind: "Secret"} +var cmap = gvk.Gvk{Version: "v1", Kind: "ConfigMap"} +var deploy = gvk.Gvk{Group: "apps", Version: "v1", Kind: "Deployment"} + +func TestConfigMapHash(t *testing.T) { + cases := []struct { + desc string + cm *v1.ConfigMap + hash string + err string + }{ + // empty map + {"empty data", &v1.ConfigMap{Data: map[string]string{}, BinaryData: map[string][]byte{}}, "42745tchd9", ""}, + // one key + {"one key", &v1.ConfigMap{Data: map[string]string{"one": ""}}, "9g67k2htb6", ""}, + // three keys (tests sorting order) + {"three keys", &v1.ConfigMap{Data: map[string]string{"two": "2", "one": "", "three": "3"}}, "f5h7t85m9b", ""}, + // empty binary data map + {"empty binary data", &v1.ConfigMap{BinaryData: map[string][]byte{}}, "dk855m5d49", ""}, + // one key with binary data + {"one key with binary data", &v1.ConfigMap{BinaryData: map[string][]byte{"one": []byte("")}}, "mk79584b8c", ""}, + // three keys with binary data (tests sorting order) + {"three keys with binary data", &v1.ConfigMap{BinaryData: map[string][]byte{"two": []byte("2"), "one": []byte(""), "three": []byte("3")}}, "t458mc6db2", ""}, + // two keys, one with string and another with binary data + {"two keys with one each", &v1.ConfigMap{Data: map[string]string{"one": ""}, BinaryData: map[string][]byte{"two": []byte("")}}, "698h7c7t9m", ""}, + } + + for _, c := range cases { + h, err := ConfigMapHash(c.cm) + if SkipRest(t, c.desc, err, c.err) { + continue + } + if c.hash != h { + t.Errorf("case %q, expect hash %q but got %q", c.desc, c.hash, h) + } + } +} + +func TestSecretHash(t *testing.T) { + cases := []struct { + desc string + secret *v1.Secret + hash string + err string + }{ + // empty map + {"empty data", &v1.Secret{Type: "my-type", Data: map[string][]byte{}}, "t75bgf6ctb", ""}, + // one key + {"one key", &v1.Secret{Type: "my-type", Data: map[string][]byte{"one": []byte("")}}, "74bd68bm66", ""}, + // three keys (tests sorting order) + {"three keys", &v1.Secret{Type: "my-type", Data: map[string][]byte{"two": []byte("2"), "one": []byte(""), "three": []byte("3")}}, "dgcb6h9tmk", ""}, + } + + for _, c := range cases { + h, err := SecretHash(c.secret) + if SkipRest(t, c.desc, err, c.err) { + continue + } + if c.hash != h { + t.Errorf("case %q, expect hash %q but got %q", c.desc, c.hash, h) + } + } +} + +func TestEncodeConfigMap(t *testing.T) { + cases := []struct { + desc string + cm *v1.ConfigMap + expect string + err string + }{ + // empty map + {"empty data", &v1.ConfigMap{Data: map[string]string{}}, `{"data":{},"kind":"ConfigMap","name":""}`, ""}, + // one key + {"one key", &v1.ConfigMap{Data: map[string]string{"one": ""}}, `{"data":{"one":""},"kind":"ConfigMap","name":""}`, ""}, + // three keys (tests sorting order) + {"three keys", &v1.ConfigMap{Data: map[string]string{"two": "2", "one": "", "three": "3"}}, + `{"data":{"one":"","three":"3","two":"2"},"kind":"ConfigMap","name":""}`, ""}, + // empty binary map + {"empty data", &v1.ConfigMap{BinaryData: map[string][]byte{}}, `{"data":null,"kind":"ConfigMap","name":""}`, ""}, + // one key with binary data + {"one key", &v1.ConfigMap{BinaryData: map[string][]byte{"one": []byte("")}}, + `{"binaryData":{"one":""},"data":null,"kind":"ConfigMap","name":""}`, ""}, + // three keys with binary data (tests sorting order) + {"three keys", &v1.ConfigMap{BinaryData: map[string][]byte{"two": []byte("2"), "one": []byte(""), "three": []byte("3")}}, + `{"binaryData":{"one":"","three":"Mw==","two":"Mg=="},"data":null,"kind":"ConfigMap","name":""}`, ""}, + // two keys, one string and one binary values + {"two keys with one each", &v1.ConfigMap{Data: map[string]string{"one": ""}, BinaryData: map[string][]byte{"two": []byte("")}}, + `{"binaryData":{"two":""},"data":{"one":""},"kind":"ConfigMap","name":""}`, ""}, + } + for _, c := range cases { + s, err := encodeConfigMap(c.cm) + if SkipRest(t, c.desc, err, c.err) { + continue + } + if s != c.expect { + t.Errorf("case %q, expect %q but got %q from encode %#v", c.desc, c.expect, s, c.cm) + } + } +} + +func TestEncodeSecret(t *testing.T) { + cases := []struct { + desc string + secret *v1.Secret + expect string + err string + }{ + // empty map + {"empty data", &v1.Secret{Type: "my-type", Data: map[string][]byte{}}, `{"data":{},"kind":"Secret","name":"","type":"my-type"}`, ""}, + // one key + {"one key", &v1.Secret{Type: "my-type", Data: map[string][]byte{"one": []byte("")}}, `{"data":{"one":""},"kind":"Secret","name":"","type":"my-type"}`, ""}, + // three keys (tests sorting order) - note json.Marshal base64 encodes the values because they come in as []byte + {"three keys", &v1.Secret{ + Type: "my-type", + Data: map[string][]byte{"two": []byte("2"), "one": []byte(""), "three": []byte("3")}, + }, + `{"data":{"one":"","three":"Mw==","two":"Mg=="},"kind":"Secret","name":"","type":"my-type"}`, ""}, + } + for _, c := range cases { + s, err := encodeSecret(c.secret) + if SkipRest(t, c.desc, err, c.err) { + continue + } + if s != c.expect { + t.Errorf("case %q, expect %q but got %q from encode %#v", c.desc, c.expect, s, c.secret) + } + } +} + +func TestHash(t *testing.T) { + // hash the empty string to be sure that sha256 is being used + expect := "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + sum := hash("") + if expect != sum { + t.Errorf("expected hash %q but got %q", expect, sum) + } +} + +// warn devs who change types that they might have to update a hash function +// not perfect, as it only checks the number of top-level fields +func TestTypeStability(t *testing.T) { + errfmt := `case %q, expected %d fields but got %d +Depending on the field(s) you added, you may need to modify the hash function for this type. +To guide you: the hash function targets fields that comprise the contents of objects, +not their metadata (e.g. the Data of a ConfigMap, but nothing in ObjectMeta). +` + cases := []struct { + typeName string + obj interface{} + expect int + }{ + {"ConfigMap", v1.ConfigMap{}, 4}, + {"Secret", v1.Secret{}, 5}, + } + for _, c := range cases { + val := reflect.ValueOf(c.obj) + if num := val.NumField(); c.expect != num { + t.Errorf(errfmt, c.typeName, c.expect, num) + } + } +} + +// SkipRest returns true if there was a non-nil error or if we expected an error that didn't happen, +// and logs the appropriate error on the test object. +// The return value indicates whether we should skip the rest of the test case due to the error result. +func SkipRest(t *testing.T, desc string, err error, contains string) bool { + if err != nil { + if len(contains) == 0 { + t.Errorf("case %q, expect nil error but got %q", desc, err.Error()) + } else if !strings.Contains(err.Error(), contains) { + t.Errorf("case %q, expect error to contain %q but got %q", desc, contains, err.Error()) + } + return true + } else if len(contains) > 0 { + t.Errorf("case %q, expect error to contain %q but got nil error", desc, contains) + return true + } + return false +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/namehash.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/namehash.go new file mode 100644 index 00000000000..a52072e8adb --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/namehash.go @@ -0,0 +1,47 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package hash + +import ( + "fmt" + + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers" +) + +type nameHashTransformer struct{} + +var _ transformers.Transformer = &nameHashTransformer{} + +// NewNameHashTransformer construct a nameHashTransformer. +func NewNameHashTransformer() transformers.Transformer { + return &nameHashTransformer{} +} + +// Transform appends hash to generated resources. +func (o *nameHashTransformer) Transform(m resmap.ResMap) error { + for _, res := range m { + if res.NeedHashSuffix() { + h, err := NewKustHash().Hash(res.Map()) + if err != nil { + return err + } + res.SetName(fmt.Sprintf("%s-%s", res.GetName(), h)) + } + } + return nil +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/namehash_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/namehash_test.go new file mode 100644 index 00000000000..b97e4a2e2aa --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/namehash_test.go @@ -0,0 +1,162 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package hash + +import ( + "reflect" + "testing" + + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct" + "sigs.k8s.io/kustomize/pkg/resid" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/resource" + "sigs.k8s.io/kustomize/pkg/types" +) + +func TestNameHashTransformer(t *testing.T) { + rf := resource.NewFactory( + kunstruct.NewKunstructuredFactoryImpl()) + objs := resmap.ResMap{ + resid.NewResId(cmap, "cm1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "ConfigMap", + "metadata": map[string]interface{}{ + "name": "cm1", + }, + }), + resid.NewResId(deploy, "deploy1"): rf.FromMap( + map[string]interface{}{ + "group": "apps", + "apiVersion": "v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "metadata": map[string]interface{}{ + "labels": map[string]interface{}{ + "old-label": "old-value", + }, + }, + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:1.7.9", + }, + }, + }, + }, + }, + }), + resid.NewResId(service, "svc1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "Service", + "metadata": map[string]interface{}{ + "name": "svc1", + }, + "spec": map[string]interface{}{ + "ports": []interface{}{ + map[string]interface{}{ + "name": "port1", + "port": "12345", + }, + }, + }, + }), + resid.NewResId(secret, "secret1"): rf.FromMapAndOption( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "Secret", + "metadata": map[string]interface{}{ + "name": "secret1", + }, + }, &types.GeneratorArgs{Behavior: "create"}, &types.GeneratorOptions{DisableNameSuffixHash: false}), + } + + expected := resmap.ResMap{ + resid.NewResId(cmap, "cm1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "ConfigMap", + "metadata": map[string]interface{}{ + "name": "cm1", + }, + }), + resid.NewResId(deploy, "deploy1"): rf.FromMap( + map[string]interface{}{ + "group": "apps", + "apiVersion": "v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "metadata": map[string]interface{}{ + "labels": map[string]interface{}{ + "old-label": "old-value", + }, + }, + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:1.7.9", + }, + }, + }, + }, + }, + }), + resid.NewResId(service, "svc1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "Service", + "metadata": map[string]interface{}{ + "name": "svc1", + }, + "spec": map[string]interface{}{ + "ports": []interface{}{ + map[string]interface{}{ + "name": "port1", + "port": "12345", + }, + }, + }, + }), + resid.NewResId(secret, "secret1"): rf.FromMapAndOption( + map[string]interface{}{ + "apiVersion": "v1", + "kind": "Secret", + "metadata": map[string]interface{}{ + "name": "secret1-7kc45hd5f7", + }, + }, &types.GeneratorArgs{Behavior: "create"}, &types.GeneratorOptions{DisableNameSuffixHash: false}), + } + + tran := NewNameHashTransformer() + tran.Transform(objs) + + if !reflect.DeepEqual(objs, expected) { + err := expected.ErrorIfNotEqual(objs) + t.Fatalf("actual doesn't match expected: %v", err) + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/BUILD new file mode 100644 index 00000000000..0cb7910dcef --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/BUILD @@ -0,0 +1,51 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "patch.go", + "patchconflictdetector.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/mergepatch:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", + "//vendor/github.com/evanphx/json-patch:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["patch_test.go"], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resid:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patch.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patch.go new file mode 100644 index 00000000000..4a2764bfbd5 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patch.go @@ -0,0 +1,174 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package patch + +import ( + "encoding/json" + "fmt" + + "github.com/evanphx/json-patch" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/util/strategicpatch" + "k8s.io/client-go/kubernetes/scheme" + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/resource" + "sigs.k8s.io/kustomize/pkg/transformers" +) + +// patchTransformer applies patches. +type patchTransformer struct { + patches []*resource.Resource + rf *resource.Factory +} + +var _ transformers.Transformer = &patchTransformer{} + +// NewPatchTransformer constructs a patchTransformer. +func NewPatchTransformer( + slice []*resource.Resource, rf *resource.Factory) (transformers.Transformer, error) { + if len(slice) == 0 { + return transformers.NewNoOpTransformer(), nil + } + return &patchTransformer{patches: slice, rf: rf}, nil +} + +// Transform apply the patches on top of the base resources. +func (pt *patchTransformer) Transform(baseResourceMap resmap.ResMap) error { + // Merge and then index the patches by Id. + patches, err := pt.mergePatches() + if err != nil { + return err + } + + // Strategic merge the resources exist in both base and patches. + for _, patch := range patches { + // Merge patches with base resource. + id := patch.Id() + matchedIds := baseResourceMap.FindByGVKN(id) + if len(matchedIds) == 0 { + return fmt.Errorf("failed to find an object with %s to apply the patch", id.GvknString()) + } + if len(matchedIds) > 1 { + return fmt.Errorf("found multiple objects %#v targeted by patch %#v (ambiguous)", matchedIds, id) + } + id = matchedIds[0] + base := baseResourceMap[id] + merged := map[string]interface{}{} + versionedObj, err := scheme.Scheme.New(toSchemaGvk(id.Gvk())) + baseName := base.GetName() + switch { + case runtime.IsNotRegisteredError(err): + // Use JSON merge patch to handle types w/o schema + baseBytes, err := json.Marshal(base.Map()) + if err != nil { + return err + } + patchBytes, err := json.Marshal(patch.Map()) + if err != nil { + return err + } + mergedBytes, err := jsonpatch.MergePatch(baseBytes, patchBytes) + if err != nil { + return err + } + err = json.Unmarshal(mergedBytes, &merged) + if err != nil { + return err + } + case err != nil: + return err + default: + // Use Strategic-Merge-Patch to handle types w/ schema + // TODO: Change this to use the new Merge package. + // Store the name of the base object, because this name may have been munged. + // Apply this name to the patched object. + lookupPatchMeta, err := strategicpatch.NewPatchMetaFromStruct(versionedObj) + if err != nil { + return err + } + merged, err = strategicpatch.StrategicMergeMapPatchUsingLookupPatchMeta( + base.Map(), + patch.Map(), + lookupPatchMeta) + if err != nil { + return err + } + } + base.SetName(baseName) + baseResourceMap[id].SetMap(merged) + } + return nil +} + +// mergePatches merge and index patches by Id. +// It errors out if there is conflict between patches. +func (pt *patchTransformer) mergePatches() (resmap.ResMap, error) { + rc := resmap.ResMap{} + for ix, patch := range pt.patches { + id := patch.Id() + existing, found := rc[id] + if !found { + rc[id] = patch + continue + } + + versionedObj, err := scheme.Scheme.New(toSchemaGvk(id.Gvk())) + if err != nil && !runtime.IsNotRegisteredError(err) { + return nil, err + } + var cd conflictDetector + if err != nil { + cd = newJMPConflictDetector(pt.rf) + } else { + cd, err = newSMPConflictDetector(versionedObj, pt.rf) + if err != nil { + return nil, err + } + } + + conflict, err := cd.hasConflict(existing, patch) + if err != nil { + return nil, err + } + if conflict { + conflictingPatch, err := cd.findConflict(ix, pt.patches) + if err != nil { + return nil, err + } + return nil, fmt.Errorf( + "conflict between %#v and %#v", + conflictingPatch.Map(), patch.Map()) + } + merged, err := cd.mergePatches(existing, patch) + if err != nil { + return nil, err + } + rc[id] = merged + } + return rc, nil +} + +// toSchemaGvk converts to a schema.GroupVersionKind. +func toSchemaGvk(x gvk.Gvk) schema.GroupVersionKind { + return schema.GroupVersionKind{ + Group: x.Group, + Version: x.Version, + Kind: x.Kind, + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patch_test.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patch_test.go new file mode 100644 index 00000000000..1505abe2716 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patch_test.go @@ -0,0 +1,563 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package patch + +import ( + "reflect" + "strings" + "testing" + + "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kunstruct" + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/resid" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/resource" +) + +var rf = resource.NewFactory( + kunstruct.NewKunstructuredFactoryImpl()) +var deploy = gvk.Gvk{Group: "apps", Version: "v1", Kind: "Deployment"} +var foo = gvk.Gvk{Group: "example.com", Version: "v1", Kind: "Foo"} + +func TestOverlayRun(t *testing.T) { + base := resmap.ResMap{ + resid.NewResId(deploy, "deploy1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "metadata": map[string]interface{}{ + "labels": map[string]interface{}{ + "old-label": "old-value", + }, + }, + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx", + }, + }, + }, + }, + }, + }), + } + patch := []*resource.Resource{ + rf.FromMap(map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "metadata": map[string]interface{}{ + "labels": map[string]interface{}{ + "another-label": "foo", + }, + }, + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:latest", + "env": []interface{}{ + map[string]interface{}{ + "name": "SOMEENV", + "value": "BAR", + }, + }, + }, + }, + }, + }, + }, + }, + ), + } + expected := resmap.ResMap{ + resid.NewResId(deploy, "deploy1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "metadata": map[string]interface{}{ + "labels": map[string]interface{}{ + "old-label": "old-value", + "another-label": "foo", + }, + }, + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:latest", + "env": []interface{}{ + map[string]interface{}{ + "name": "SOMEENV", + "value": "BAR", + }, + }, + }, + }, + }, + }, + }, + }), + } + lt, err := NewPatchTransformer(patch, rf) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + err = lt.Transform(base) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if !reflect.DeepEqual(base, expected) { + err = expected.ErrorIfNotEqual(base) + t.Fatalf("actual doesn't match expected: %v", err) + } +} + +func TestMultiplePatches(t *testing.T) { + base := resmap.ResMap{ + resid.NewResId(deploy, "deploy1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx", + }, + }, + }, + }, + }, + }), + } + patch := []*resource.Resource{ + rf.FromMap(map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:latest", + "env": []interface{}{ + map[string]interface{}{ + "name": "SOMEENV", + "value": "BAR", + }, + }, + }, + }, + }, + }, + }, + }, + ), + rf.FromMap(map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "env": []interface{}{ + map[string]interface{}{ + "name": "ANOTHERENV", + "value": "HELLO", + }, + }, + }, + map[string]interface{}{ + "name": "busybox", + "image": "busybox", + }, + }, + }, + }, + }, + }, + ), + } + expected := resmap.ResMap{ + resid.NewResId(deploy, "deploy1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:latest", + "env": []interface{}{ + map[string]interface{}{ + "name": "ANOTHERENV", + "value": "HELLO", + }, + map[string]interface{}{ + "name": "SOMEENV", + "value": "BAR", + }, + }, + }, + map[string]interface{}{ + "name": "busybox", + "image": "busybox", + }, + }, + }, + }, + }, + }), + } + lt, err := NewPatchTransformer(patch, rf) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + err = lt.Transform(base) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if !reflect.DeepEqual(base, expected) { + err = expected.ErrorIfNotEqual(base) + t.Fatalf("actual doesn't match expected: %v", err) + } +} + +func TestMultiplePatchesWithConflict(t *testing.T) { + base := resmap.ResMap{ + resid.NewResId(deploy, "deploy1"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx", + }, + }, + }, + }, + }, + }), + } + patch := []*resource.Resource{ + rf.FromMap(map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:latest", + "env": []interface{}{ + map[string]interface{}{ + "name": "SOMEENV", + "value": "BAR", + }, + }, + }, + }, + }, + }, + }, + }, + ), + rf.FromMap(map[string]interface{}{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": map[string]interface{}{ + "name": "deploy1", + }, + "spec": map[string]interface{}{ + "template": map[string]interface{}{ + "spec": map[string]interface{}{ + "containers": []interface{}{ + map[string]interface{}{ + "name": "nginx", + "image": "nginx:1.7.9", + }, + }, + }, + }, + }, + }, + ), + } + + lt, err := NewPatchTransformer(patch, rf) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + err = lt.Transform(base) + if err == nil { + t.Fatalf("did not get expected error") + } + if !strings.Contains(err.Error(), "conflict") { + t.Fatalf("expected error to contain %q but get %v", "conflict", err) + } +} + +func TestNoSchemaOverlayRun(t *testing.T) { + base := resmap.ResMap{ + resid.NewResId(foo, "my-foo"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "A": "X", + "B": "Y", + }, + }, + }), + } + patch := []*resource.Resource{ + rf.FromMap(map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "B": nil, + "C": "Z", + }, + }, + }, + ), + } + expected := resmap.ResMap{ + resid.NewResId(foo, "my-foo"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "A": "X", + "C": "Z", + }, + }, + }), + } + + lt, err := NewPatchTransformer(patch, rf) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + err = lt.Transform(base) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if err = expected.ErrorIfNotEqual(base); err != nil { + t.Fatalf("actual doesn't match expected: %v", err) + } +} + +func TestNoSchemaMultiplePatches(t *testing.T) { + base := resmap.ResMap{ + resid.NewResId(foo, "my-foo"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "A": "X", + "B": "Y", + }, + }, + }), + } + patch := []*resource.Resource{ + rf.FromMap(map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "B": nil, + "C": "Z", + }, + }, + }, + ), + rf.FromMap(map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "C": "Z", + "D": "W", + }, + "baz": map[string]interface{}{ + "hello": "world", + }, + }, + }, + ), + } + expected := resmap.ResMap{ + resid.NewResId(foo, "my-foo"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "A": "X", + "C": "Z", + "D": "W", + }, + "baz": map[string]interface{}{ + "hello": "world", + }, + }, + }), + } + + lt, err := NewPatchTransformer(patch, rf) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + err = lt.Transform(base) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if err = expected.ErrorIfNotEqual(base); err != nil { + t.Fatalf("actual doesn't match expected: %v", err) + } +} + +func TestNoSchemaMultiplePatchesWithConflict(t *testing.T) { + base := resmap.ResMap{ + resid.NewResId(foo, "my-foo"): rf.FromMap( + map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "A": "X", + "B": "Y", + }, + }, + }), + } + patch := []*resource.Resource{ + rf.FromMap(map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "B": nil, + "C": "Z", + }, + }, + }), + rf.FromMap(map[string]interface{}{ + "apiVersion": "example.com/v1", + "kind": "Foo", + "metadata": map[string]interface{}{ + "name": "my-foo", + }, + "spec": map[string]interface{}{ + "bar": map[string]interface{}{ + "C": "NOT_Z", + }, + }, + }), + } + + lt, err := NewPatchTransformer(patch, rf) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + err = lt.Transform(base) + if err == nil { + t.Fatalf("did not get expected error") + } + if !strings.Contains(err.Error(), "conflict") { + t.Fatalf("expected error to contain %q but get %v", "conflict", err) + } +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patchconflictdetector.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patchconflictdetector.go new file mode 100644 index 00000000000..10353c77ff6 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patchconflictdetector.go @@ -0,0 +1,137 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package patch + +import ( + "encoding/json" + + "github.com/evanphx/json-patch" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/mergepatch" + "k8s.io/apimachinery/pkg/util/strategicpatch" + "sigs.k8s.io/kustomize/pkg/resource" +) + +type conflictDetector interface { + hasConflict(patch1, patch2 *resource.Resource) (bool, error) + findConflict(conflictingPatchIdx int, patches []*resource.Resource) (*resource.Resource, error) + mergePatches(patch1, patch2 *resource.Resource) (*resource.Resource, error) +} + +type jsonMergePatch struct { + rf *resource.Factory +} + +var _ conflictDetector = &jsonMergePatch{} + +func newJMPConflictDetector(rf *resource.Factory) conflictDetector { + return &jsonMergePatch{rf: rf} +} + +func (jmp *jsonMergePatch) hasConflict( + patch1, patch2 *resource.Resource) (bool, error) { + return mergepatch.HasConflicts(patch1.Map(), patch2.Map()) +} + +func (jmp *jsonMergePatch) findConflict( + conflictingPatchIdx int, patches []*resource.Resource) (*resource.Resource, error) { + for i, patch := range patches { + if i == conflictingPatchIdx { + continue + } + if !patches[conflictingPatchIdx].Id().GvknEquals(patch.Id()) { + continue + } + conflict, err := mergepatch.HasConflicts( + patch.Map(), + patches[conflictingPatchIdx].Map()) + if err != nil { + return nil, err + } + if conflict { + return patch, nil + } + } + return nil, nil +} + +func (jmp *jsonMergePatch) mergePatches( + patch1, patch2 *resource.Resource) (*resource.Resource, error) { + baseBytes, err := json.Marshal(patch1.Map()) + if err != nil { + return nil, err + } + patchBytes, err := json.Marshal(patch2.Map()) + if err != nil { + return nil, err + } + mergedBytes, err := jsonpatch.MergeMergePatches(baseBytes, patchBytes) + if err != nil { + return nil, err + } + mergedMap := make(map[string]interface{}) + err = json.Unmarshal(mergedBytes, &mergedMap) + return jmp.rf.FromMap(mergedMap), err +} + +type strategicMergePatch struct { + lookupPatchMeta strategicpatch.LookupPatchMeta + rf *resource.Factory +} + +var _ conflictDetector = &strategicMergePatch{} + +func newSMPConflictDetector( + versionedObj runtime.Object, + rf *resource.Factory) (conflictDetector, error) { + lookupPatchMeta, err := strategicpatch.NewPatchMetaFromStruct(versionedObj) + return &strategicMergePatch{lookupPatchMeta: lookupPatchMeta, rf: rf}, err +} + +func (smp *strategicMergePatch) hasConflict(p1, p2 *resource.Resource) (bool, error) { + return strategicpatch.MergingMapsHaveConflicts( + p1.Map(), p2.Map(), smp.lookupPatchMeta) +} + +func (smp *strategicMergePatch) findConflict( + conflictingPatchIdx int, patches []*resource.Resource) (*resource.Resource, error) { + for i, patch := range patches { + if i == conflictingPatchIdx { + continue + } + if !patches[conflictingPatchIdx].Id().GvknEquals(patch.Id()) { + continue + } + conflict, err := strategicpatch.MergingMapsHaveConflicts( + patch.Map(), + patches[conflictingPatchIdx].Map(), + smp.lookupPatchMeta) + if err != nil { + return nil, err + } + if conflict { + return patch, nil + } + } + return nil, nil +} + +func (smp *strategicMergePatch) mergePatches(patch1, patch2 *resource.Resource) (*resource.Resource, error) { + mergeJSONMap, err := strategicpatch.MergeStrategicMergeMapPatchUsingLookupPatchMeta( + smp.lookupPatchMeta, patch1.Map(), patch2.Map()) + return smp.rf.FromMap(mergeJSONMap), err +} diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator/BUILD b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator/BUILD new file mode 100644 index 00000000000..b42649ce92e --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["validators.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator", + importpath = "k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator/validators.go b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator/validators.go new file mode 100644 index 00000000000..563e8d6b9c0 --- /dev/null +++ b/staging/src/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/validator/validators.go @@ -0,0 +1,61 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package validator provides functions to validate labels, annotations, namespace using apimachinery +package validator + +import ( + "errors" + apivalidation "k8s.io/apimachinery/pkg/api/validation" + v1validation "k8s.io/apimachinery/pkg/apis/meta/v1/validation" + "k8s.io/apimachinery/pkg/util/validation" + "k8s.io/apimachinery/pkg/util/validation/field" +) + +// KustValidator validates Labels and annotations by apimachinery +type KustValidator struct{} + +// NewKustValidator returns a KustValidator object +func NewKustValidator() *KustValidator { + return &KustValidator{} +} + +// MakeAnnotationValidator returns a MapValidatorFunc using apimachinery. +func (v *KustValidator) MakeAnnotationValidator() func(map[string]string) error { + return func(x map[string]string) error { + errs := apivalidation.ValidateAnnotations(x, field.NewPath("field")) + if len(errs) > 0 { + return errors.New(errs.ToAggregate().Error()) + } + return nil + } +} + +// MakeLabelValidator returns a MapValidatorFunc using apimachinery. +func (v *KustValidator) MakeLabelValidator() func(map[string]string) error { + return func(x map[string]string) error { + errs := v1validation.ValidateLabels(x, field.NewPath("field")) + if len(errs) > 0 { + return errors.New(errs.ToAggregate().Error()) + } + return nil + } +} + +// ValidateNamespace validates a string is a valid namespace using apimachinery. +func (v *KustValidator) ValidateNamespace(s string) []string { + return validation.IsDNS1123Label(s) +} diff --git a/staging/src/k8s.io/client-go/CONTRIBUTING.md b/staging/src/k8s.io/client-go/CONTRIBUTING.md index b01f8abb0e0..17918bb3cfd 100644 --- a/staging/src/k8s.io/client-go/CONTRIBUTING.md +++ b/staging/src/k8s.io/client-go/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/client-go](https://git.k8s.io/kubernetes/staging/src/k8s.io/client-go) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/client-go/Godeps/Godeps.json b/staging/src/k8s.io/client-go/Godeps/Godeps.json index 481a4070f99..e6b4fa418b5 100644 --- a/staging/src/k8s.io/client-go/Godeps/Godeps.json +++ b/staging/src/k8s.io/client-go/Godeps/Godeps.json @@ -56,7 +56,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -148,11 +148,11 @@ }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/imdario/mergo", @@ -176,7 +176,7 @@ }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/spf13/pflag", @@ -362,6 +362,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -612,7 +616,7 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/buffer", @@ -626,26 +630,6 @@ "ImportPath": "k8s.io/utils/trace", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, { "ImportPath": "sigs.k8s.io/yaml", "Rev": "fd68e9863619f6ec2fdd8625fe1f02e7c877e480" diff --git a/staging/src/k8s.io/client-go/Godeps/OWNERS b/staging/src/k8s.io/client-go/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/client-go/Godeps/OWNERS +++ b/staging/src/k8s.io/client-go/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/client-go/OWNERS b/staging/src/k8s.io/client-go/OWNERS index 52d334653cc..2f9f0fb4dc8 100644 --- a/staging/src/k8s.io/client-go/OWNERS +++ b/staging/src/k8s.io/client-go/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - caesarxuchao - deads2k diff --git a/staging/src/k8s.io/client-go/discovery/BUILD b/staging/src/k8s.io/client-go/discovery/BUILD index 64e75dc511c..da3890de609 100644 --- a/staging/src/k8s.io/client-go/discovery/BUILD +++ b/staging/src/k8s.io/client-go/discovery/BUILD @@ -9,11 +9,9 @@ load( go_library( name = "go_default_library", srcs = [ - "cached_discovery.go", "discovery_client.go", "doc.go", "helper.go", - "round_tripper.go", ], importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/discovery", importpath = "k8s.io/client-go/discovery", @@ -30,10 +28,6 @@ go_library( "//staging/src/k8s.io/client-go/rest:go_default_library", "//vendor/github.com/golang/protobuf/proto:go_default_library", "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library", - "//vendor/github.com/gregjones/httpcache:go_default_library", - "//vendor/github.com/gregjones/httpcache/diskcache:go_default_library", - "//vendor/github.com/peterbourgon/diskv:go_default_library", - "//vendor/k8s.io/klog:go_default_library", ], ) @@ -57,15 +51,12 @@ filegroup( go_test( name = "go_default_test", srcs = [ - "cached_discovery_test.go", "discovery_client_test.go", "helper_blackbox_test.go", - "round_tripper_test.go", ], embed = [":go_default_library"], deps = [ "//staging/src/k8s.io/api/core/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", diff --git a/staging/src/k8s.io/client-go/discovery/cached/BUILD b/staging/src/k8s.io/client-go/discovery/cached/BUILD index f40cadb6479..00d4a5d24f4 100644 --- a/staging/src/k8s.io/client-go/discovery/cached/BUILD +++ b/staging/src/k8s.io/client-go/discovery/cached/BUILD @@ -1,35 +1,14 @@ -package(default_visibility = ["//visibility:public"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", - "go_test", -) - -go_test( - name = "go_default_test", - srcs = ["memcache_test.go"], - embed = [":go_default_library"], - deps = [ - "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/client-go/discovery/fake:go_default_library", - ], -) +load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["memcache.go"], + srcs = ["legacy.go"], importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/discovery/cached", importpath = "k8s.io/client-go/discovery/cached", + visibility = ["//visibility:public"], deps = [ - "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/version:go_default_library", "//staging/src/k8s.io/client-go/discovery:go_default_library", - "//staging/src/k8s.io/client-go/rest:go_default_library", - "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", ], ) @@ -42,6 +21,11 @@ filegroup( filegroup( name = "all-srcs", - srcs = [":package-srcs"], + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/client-go/discovery/cached/disk:all-srcs", + "//staging/src/k8s.io/client-go/discovery/cached/memory:all-srcs", + ], tags = ["automanaged"], + visibility = ["//visibility:public"], ) diff --git a/staging/src/k8s.io/client-go/discovery/cached/disk/BUILD b/staging/src/k8s.io/client-go/discovery/cached/disk/BUILD new file mode 100644 index 00000000000..3b037bcdca5 --- /dev/null +++ b/staging/src/k8s.io/client-go/discovery/cached/disk/BUILD @@ -0,0 +1,59 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "cached_discovery.go", + "round_tripper.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/discovery/cached/disk", + importpath = "k8s.io/client-go/discovery/cached/disk", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/version:go_default_library", + "//staging/src/k8s.io/client-go/discovery:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library", + "//vendor/github.com/gregjones/httpcache:go_default_library", + "//vendor/github.com/gregjones/httpcache/diskcache:go_default_library", + "//vendor/github.com/peterbourgon/diskv:go_default_library", + "//vendor/k8s.io/klog:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = [ + "cached_discovery_test.go", + "round_tripper_test.go", + ], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/version:go_default_library", + "//staging/src/k8s.io/client-go/discovery:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/client-go/rest/fake:go_default_library", + "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library", + "//vendor/github.com/stretchr/testify/assert:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/discovery/cached_discovery.go b/staging/src/k8s.io/client-go/discovery/cached/disk/cached_discovery.go similarity index 91% rename from staging/src/k8s.io/client-go/discovery/cached_discovery.go rename to staging/src/k8s.io/client-go/discovery/cached/disk/cached_discovery.go index 61a758c0125..9ede5016bc7 100644 --- a/staging/src/k8s.io/client-go/discovery/cached_discovery.go +++ b/staging/src/k8s.io/client-go/discovery/cached/disk/cached_discovery.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package discovery +package disk import ( "errors" @@ -31,6 +31,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/version" + "k8s.io/client-go/discovery" "k8s.io/client-go/kubernetes/scheme" restclient "k8s.io/client-go/rest" ) @@ -38,7 +39,7 @@ import ( // CachedDiscoveryClient implements the functions that discovery server-supported API groups, // versions and resources. type CachedDiscoveryClient struct { - delegate DiscoveryInterface + delegate discovery.DiscoveryInterface // cacheDirectory is the directory where discovery docs are held. It must be unique per host:port combination to work well. cacheDirectory string @@ -57,7 +58,7 @@ type CachedDiscoveryClient struct { fresh bool } -var _ CachedDiscoveryInterface = &CachedDiscoveryClient{} +var _ discovery.CachedDiscoveryInterface = &CachedDiscoveryClient{} // ServerResourcesForGroupVersion returns the supported resources for a group and version. func (d *CachedDiscoveryClient) ServerResourcesForGroupVersion(groupVersion string) (*metav1.APIResourceList, error) { @@ -90,8 +91,15 @@ func (d *CachedDiscoveryClient) ServerResourcesForGroupVersion(groupVersion stri } // ServerResources returns the supported resources for all groups and versions. +// Deprecated: use ServerGroupsAndResources instead. func (d *CachedDiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) { - return ServerResources(d) + _, rs, err := discovery.ServerGroupsAndResources(d) + return rs, err +} + +// ServerGroupsAndResources returns the supported groups and resources for all groups and versions. +func (d *CachedDiscoveryClient) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return discovery.ServerGroupsAndResources(d) } // ServerGroups returns the supported groups, with information like supported versions and the @@ -213,13 +221,13 @@ func (d *CachedDiscoveryClient) RESTClient() restclient.Interface { // ServerPreferredResources returns the supported resources with the version preferred by the // server. func (d *CachedDiscoveryClient) ServerPreferredResources() ([]*metav1.APIResourceList, error) { - return ServerPreferredResources(d) + return discovery.ServerPreferredResources(d) } // ServerPreferredNamespacedResources returns the supported namespaced resources with the // version preferred by the server. func (d *CachedDiscoveryClient) ServerPreferredNamespacedResources() ([]*metav1.APIResourceList, error) { - return ServerPreferredNamespacedResources(d) + return discovery.ServerPreferredNamespacedResources(d) } // ServerVersion retrieves and parses the server's version (git version). @@ -272,7 +280,7 @@ func NewCachedDiscoveryClientForConfig(config *restclient.Config, discoveryCache }) } - discoveryClient, err := NewDiscoveryClientForConfig(config) + discoveryClient, err := discovery.NewDiscoveryClientForConfig(config) if err != nil { return nil, err } @@ -281,7 +289,7 @@ func NewCachedDiscoveryClientForConfig(config *restclient.Config, discoveryCache } // NewCachedDiscoveryClient creates a new DiscoveryClient. cacheDirectory is the directory where discovery docs are held. It must be unique per host:port combination to work well. -func newCachedDiscoveryClient(delegate DiscoveryInterface, cacheDirectory string, ttl time.Duration) *CachedDiscoveryClient { +func newCachedDiscoveryClient(delegate discovery.DiscoveryInterface, cacheDirectory string, ttl time.Duration) *CachedDiscoveryClient { return &CachedDiscoveryClient{ delegate: delegate, cacheDirectory: cacheDirectory, diff --git a/staging/src/k8s.io/client-go/discovery/cached_discovery_test.go b/staging/src/k8s.io/client-go/discovery/cached/disk/cached_discovery_test.go similarity index 86% rename from staging/src/k8s.io/client-go/discovery/cached_discovery_test.go rename to staging/src/k8s.io/client-go/discovery/cached/disk/cached_discovery_test.go index 278931c2d09..3ddd4a98b19 100644 --- a/staging/src/k8s.io/client-go/discovery/cached_discovery_test.go +++ b/staging/src/k8s.io/client-go/discovery/cached/disk/cached_discovery_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package discovery +package disk import ( "io/ioutil" @@ -29,6 +29,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/version" + "k8s.io/client-go/discovery" restclient "k8s.io/client-go/rest" "k8s.io/client-go/rest/fake" ) @@ -104,7 +105,7 @@ type fakeDiscoveryClient struct { serverResourcesHandler func() ([]*metav1.APIResourceList, error) } -var _ DiscoveryInterface = &fakeDiscoveryClient{} +var _ discovery.DiscoveryInterface = &fakeDiscoveryClient{} func (c *fakeDiscoveryClient) RESTClient() restclient.Interface { return &fake.RESTClient{} @@ -112,6 +113,10 @@ func (c *fakeDiscoveryClient) RESTClient() restclient.Interface { func (c *fakeDiscoveryClient) ServerGroups() (*metav1.APIGroupList, error) { c.groupCalls = c.groupCalls + 1 + return c.serverGroups() +} + +func (c *fakeDiscoveryClient) serverGroups() (*metav1.APIGroupList, error) { return &metav1.APIGroupList{ Groups: []metav1.APIGroup{ { @@ -140,12 +145,26 @@ func (c *fakeDiscoveryClient) ServerResourcesForGroupVersion(groupVersion string return nil, errors.NewNotFound(schema.GroupResource{}, "") } +// Deprecated: use ServerGroupsAndResources instead. func (c *fakeDiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) { + _, rs, err := c.ServerGroupsAndResources() + return rs, err +} + +func (c *fakeDiscoveryClient) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { c.resourceCalls = c.resourceCalls + 1 - if c.serverResourcesHandler != nil { - return c.serverResourcesHandler() + + gs, _ := c.serverGroups() + resultGroups := []*metav1.APIGroup{} + for i := range gs.Groups { + resultGroups = append(resultGroups, &gs.Groups[i]) } - return []*metav1.APIResourceList{}, nil + + if c.serverResourcesHandler != nil { + rs, err := c.serverResourcesHandler() + return resultGroups, rs, err + } + return resultGroups, []*metav1.APIResourceList{}, nil } func (c *fakeDiscoveryClient) ServerPreferredResources() ([]*metav1.APIResourceList, error) { diff --git a/staging/src/k8s.io/client-go/discovery/round_tripper.go b/staging/src/k8s.io/client-go/discovery/cached/disk/round_tripper.go similarity index 98% rename from staging/src/k8s.io/client-go/discovery/round_tripper.go rename to staging/src/k8s.io/client-go/discovery/cached/disk/round_tripper.go index 4e2bc24e774..7e2a537a9a2 100644 --- a/staging/src/k8s.io/client-go/discovery/round_tripper.go +++ b/staging/src/k8s.io/client-go/discovery/cached/disk/round_tripper.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package discovery +package disk import ( "net/http" diff --git a/staging/src/k8s.io/client-go/discovery/round_tripper_test.go b/staging/src/k8s.io/client-go/discovery/cached/disk/round_tripper_test.go similarity index 99% rename from staging/src/k8s.io/client-go/discovery/round_tripper_test.go rename to staging/src/k8s.io/client-go/discovery/cached/disk/round_tripper_test.go index b15e2e77183..329be42a5d3 100644 --- a/staging/src/k8s.io/client-go/discovery/round_tripper_test.go +++ b/staging/src/k8s.io/client-go/discovery/cached/disk/round_tripper_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package discovery +package disk import ( "bytes" diff --git a/staging/src/k8s.io/client-go/discovery/cached/legacy.go b/staging/src/k8s.io/client-go/discovery/cached/legacy.go new file mode 100644 index 00000000000..725900a91ca --- /dev/null +++ b/staging/src/k8s.io/client-go/discovery/cached/legacy.go @@ -0,0 +1,30 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package memory + +import ( + "k8s.io/client-go/discovery" + "k8s.io/client-go/discovery/cached/memory" +) + +// NewMemCacheClient is DEPRECATED. Use memory.NewMemCacheClient directly. +func NewMemCacheClient(delegate discovery.DiscoveryInterface) discovery.CachedDiscoveryInterface { + return memory.NewMemCacheClient(delegate) +} + +// ErrCacheNotFound is DEPRECATED. Use memory.ErrCacheNotFound directly. +var ErrCacheNotFound = memory.ErrCacheNotFound diff --git a/staging/src/k8s.io/client-go/discovery/cached/memory/BUILD b/staging/src/k8s.io/client-go/discovery/cached/memory/BUILD new file mode 100644 index 00000000000..ffeee040b0f --- /dev/null +++ b/staging/src/k8s.io/client-go/discovery/cached/memory/BUILD @@ -0,0 +1,47 @@ +package(default_visibility = ["//visibility:public"]) + +load( + "@io_bazel_rules_go//go:def.bzl", + "go_library", + "go_test", +) + +go_test( + name = "go_default_test", + srcs = ["memcache_test.go"], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/client-go/discovery/fake:go_default_library", + ], +) + +go_library( + name = "go_default_library", + srcs = ["memcache.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/discovery/cached/memory", + importpath = "k8s.io/client-go/discovery/cached/memory", + deps = [ + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/version:go_default_library", + "//staging/src/k8s.io/client-go/discovery:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], +) diff --git a/staging/src/k8s.io/client-go/discovery/cached/memcache.go b/staging/src/k8s.io/client-go/discovery/cached/memory/memcache.go similarity index 95% rename from staging/src/k8s.io/client-go/discovery/cached/memcache.go rename to staging/src/k8s.io/client-go/discovery/cached/memory/memcache.go index bd6b478c908..31e42156610 100644 --- a/staging/src/k8s.io/client-go/discovery/cached/memcache.go +++ b/staging/src/k8s.io/client-go/discovery/cached/memory/memcache.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cached +package memory import ( "errors" @@ -118,10 +118,16 @@ func (d *memCacheClient) ServerResourcesForGroupVersion(groupVersion string) (*m } // ServerResources returns the supported resources for all groups and versions. +// Deprecated: use ServerGroupsAndResources instead. func (d *memCacheClient) ServerResources() ([]*metav1.APIResourceList, error) { return discovery.ServerResources(d) } +// ServerGroupsAndResources returns the groups and supported resources for all groups and versions. +func (d *memCacheClient) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return discovery.ServerGroupsAndResources(d) +} + func (d *memCacheClient) ServerGroups() (*metav1.APIGroupList, error) { d.lock.Lock() defer d.lock.Unlock() diff --git a/staging/src/k8s.io/client-go/discovery/cached/memcache_test.go b/staging/src/k8s.io/client-go/discovery/cached/memory/memcache_test.go similarity index 99% rename from staging/src/k8s.io/client-go/discovery/cached/memcache_test.go rename to staging/src/k8s.io/client-go/discovery/cached/memory/memcache_test.go index 680c68d8967..3a9d60da9bc 100644 --- a/staging/src/k8s.io/client-go/discovery/cached/memcache_test.go +++ b/staging/src/k8s.io/client-go/discovery/cached/memory/memcache_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cached +package memory import ( "errors" diff --git a/staging/src/k8s.io/client-go/discovery/discovery_client.go b/staging/src/k8s.io/client-go/discovery/discovery_client.go index ee74cfbce8c..61b9c4481bc 100644 --- a/staging/src/k8s.io/client-go/discovery/discovery_client.go +++ b/staging/src/k8s.io/client-go/discovery/discovery_client.go @@ -88,12 +88,28 @@ type ServerResourcesInterface interface { // ServerResourcesForGroupVersion returns the supported resources for a group and version. ServerResourcesForGroupVersion(groupVersion string) (*metav1.APIResourceList, error) // ServerResources returns the supported resources for all groups and versions. + // + // The returned resource list might be non-nil with partial results even in the case of + // non-nil error. + // + // Deprecated: use ServerGroupsAndResources instead. ServerResources() ([]*metav1.APIResourceList, error) + // ServerResources returns the supported groups and resources for all groups and versions. + // + // The returned group and resource lists might be non-nil with partial results even in the + // case of non-nil error. + ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) // ServerPreferredResources returns the supported resources with the version preferred by the // server. + // + // The returned group and resource lists might be non-nil with partial results even in the + // case of non-nil error. ServerPreferredResources() ([]*metav1.APIResourceList, error) // ServerPreferredNamespacedResources returns the supported namespaced resources with the // version preferred by the server. + // + // The returned resource list might be non-nil with partial results even in the case of + // non-nil error. ServerPreferredNamespacedResources() ([]*metav1.APIResourceList, error) } @@ -191,14 +207,18 @@ func (d *DiscoveryClient) ServerResourcesForGroupVersion(groupVersion string) (r return resources, nil } -// serverResources returns the supported resources for all groups and versions. -func (d *DiscoveryClient) serverResources() ([]*metav1.APIResourceList, error) { - return ServerResources(d) +// ServerResources returns the supported resources for all groups and versions. +// Deprecated: use ServerGroupsAndResources instead. +func (d *DiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) { + _, rs, err := d.ServerGroupsAndResources() + return rs, err } -// ServerResources returns the supported resources for all groups and versions. -func (d *DiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) { - return withRetries(defaultRetries, d.serverResources) +// ServerGroupsAndResources returns the supported resources for all groups and versions. +func (d *DiscoveryClient) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return withRetries(defaultRetries, func() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return ServerGroupsAndResources(d) + }) } // ErrGroupDiscoveryFailed is returned if one or more API groups fail to load. @@ -224,23 +244,28 @@ func IsGroupDiscoveryFailedError(err error) bool { return err != nil && ok } -// serverPreferredResources returns the supported resources with the version preferred by the server. -func (d *DiscoveryClient) serverPreferredResources() ([]*metav1.APIResourceList, error) { - return ServerPreferredResources(d) +// ServerResources uses the provided discovery interface to look up supported resources for all groups and versions. +// Deprecated: use ServerGroupsAndResources instead. +func ServerResources(d DiscoveryInterface) ([]*metav1.APIResourceList, error) { + _, rs, err := ServerGroupsAndResources(d) + return rs, err } -// ServerResources uses the provided discovery interface to look up supported resources for all groups and versions. -func ServerResources(d DiscoveryInterface) ([]*metav1.APIResourceList, error) { - apiGroups, err := d.ServerGroups() - if err != nil { - return nil, err +func ServerGroupsAndResources(d DiscoveryInterface) ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + sgs, err := d.ServerGroups() + if sgs == nil { + return nil, nil, err + } + resultGroups := []*metav1.APIGroup{} + for i := range sgs.Groups { + resultGroups = append(resultGroups, &sgs.Groups[i]) } - groupVersionResources, failedGroups := fetchGroupVersionResources(d, apiGroups) + groupVersionResources, failedGroups := fetchGroupVersionResources(d, sgs) // order results by group/version discovery order result := []*metav1.APIResourceList{} - for _, apiGroup := range apiGroups.Groups { + for _, apiGroup := range sgs.Groups { for _, version := range apiGroup.Versions { gv := schema.GroupVersion{Group: apiGroup.Name, Version: version.Version} if resources, ok := groupVersionResources[gv]; ok { @@ -250,10 +275,10 @@ func ServerResources(d DiscoveryInterface) ([]*metav1.APIResourceList, error) { } if len(failedGroups) == 0 { - return result, nil + return resultGroups, result, nil } - return result, &ErrGroupDiscoveryFailed{Groups: failedGroups} + return resultGroups, result, &ErrGroupDiscoveryFailed{Groups: failedGroups} } // ServerPreferredResources uses the provided discovery interface to look up preferred resources @@ -317,7 +342,7 @@ func ServerPreferredResources(d DiscoveryInterface) ([]*metav1.APIResourceList, return result, &ErrGroupDiscoveryFailed{Groups: failedGroups} } -// fetchServerResourcesForGroupVersions uses the discovery client to fetch the resources for the specified groups in parallel +// fetchServerResourcesForGroupVersions uses the discovery client to fetch the resources for the specified groups in parallel. func fetchGroupVersionResources(d DiscoveryInterface, apiGroups *metav1.APIGroupList) (map[schema.GroupVersion]*metav1.APIResourceList, map[schema.GroupVersion]error) { groupVersionResources := make(map[schema.GroupVersion]*metav1.APIResourceList) failedGroups := make(map[schema.GroupVersion]error) @@ -341,7 +366,9 @@ func fetchGroupVersionResources(d DiscoveryInterface, apiGroups *metav1.APIGroup if err != nil { // TODO: maybe restrict this to NotFound errors failedGroups[groupVersion] = err - } else { + } + if apiResourceList != nil { + // even in case of error, some fallback might have been returned groupVersionResources[groupVersion] = apiResourceList } }() @@ -355,7 +382,11 @@ func fetchGroupVersionResources(d DiscoveryInterface, apiGroups *metav1.APIGroup // ServerPreferredResources returns the supported resources with the version preferred by the // server. func (d *DiscoveryClient) ServerPreferredResources() ([]*metav1.APIResourceList, error) { - return withRetries(defaultRetries, d.serverPreferredResources) + _, rs, err := withRetries(defaultRetries, func() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + rs, err := ServerPreferredResources(d) + return nil, rs, err + }) + return rs, err } // ServerPreferredNamespacedResources returns the supported namespaced resources with the @@ -392,7 +423,7 @@ func (d *DiscoveryClient) OpenAPISchema() (*openapi_v2.Document, error) { if err != nil { if errors.IsForbidden(err) || errors.IsNotFound(err) || errors.IsNotAcceptable(err) { // single endpoint not found/registered in old server, try to fetch old endpoint - // TODO(roycaihw): remove this in 1.11 + // TODO: remove this when kubectl/client-go don't work with 1.9 server data, err = d.restClient.Get().AbsPath("/swagger-2.0.0.pb-v1").Do().Raw() if err != nil { return nil, err @@ -410,19 +441,20 @@ func (d *DiscoveryClient) OpenAPISchema() (*openapi_v2.Document, error) { } // withRetries retries the given recovery function in case the groups supported by the server change after ServerGroup() returns. -func withRetries(maxRetries int, f func() ([]*metav1.APIResourceList, error)) ([]*metav1.APIResourceList, error) { +func withRetries(maxRetries int, f func() ([]*metav1.APIGroup, []*metav1.APIResourceList, error)) ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { var result []*metav1.APIResourceList + var resultGroups []*metav1.APIGroup var err error for i := 0; i < maxRetries; i++ { - result, err = f() + resultGroups, result, err = f() if err == nil { - return result, nil + return resultGroups, result, nil } if _, ok := err.(*ErrGroupDiscoveryFailed); !ok { - return nil, err + return nil, nil, err } } - return result, err + return resultGroups, result, err } func setDiscoveryDefaults(config *restclient.Config) error { diff --git a/staging/src/k8s.io/client-go/discovery/fake/discovery.go b/staging/src/k8s.io/client-go/discovery/fake/discovery.go index 9565fa46c5e..335473dd199 100644 --- a/staging/src/k8s.io/client-go/discovery/fake/discovery.go +++ b/staging/src/k8s.io/client-go/discovery/fake/discovery.go @@ -53,13 +53,29 @@ func (c *FakeDiscovery) ServerResourcesForGroupVersion(groupVersion string) (*me } // ServerResources returns the supported resources for all groups and versions. +// Deprecated: use ServerGroupsAndResources instead. func (c *FakeDiscovery) ServerResources() ([]*metav1.APIResourceList, error) { + _, rs, err := c.ServerGroupsAndResources() + return rs, err +} + +// ServerGroupsAndResources returns the supported groups and resources for all groups and versions. +func (c *FakeDiscovery) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + sgs, err := c.ServerGroups() + if err != nil { + return nil, nil, err + } + resultGroups := []*metav1.APIGroup{} + for i := range sgs.Groups { + resultGroups = append(resultGroups, &sgs.Groups[i]) + } + action := testing.ActionImpl{ Verb: "get", Resource: schema.GroupVersionResource{Resource: "resource"}, } c.Invokes(action, nil) - return c.Resources, nil + return resultGroups, c.Resources, nil } // ServerPreferredResources returns the supported resources with the version diff --git a/staging/src/k8s.io/client-go/examples/create-update-delete-deployment/main.go b/staging/src/k8s.io/client-go/examples/create-update-delete-deployment/main.go index ad32b74f5f4..76a8504a13f 100644 --- a/staging/src/k8s.io/client-go/examples/create-update-delete-deployment/main.go +++ b/staging/src/k8s.io/client-go/examples/create-update-delete-deployment/main.go @@ -120,7 +120,7 @@ func main() { // using the retry utility package included with client-go. (RECOMMENDED) // // More Info: - // https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#concurrency-control-and-consistency + // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency retryErr := retry.RetryOnConflict(retry.DefaultRetry, func() error { // Retrieve the latest version of Deployment before attempting update diff --git a/staging/src/k8s.io/client-go/examples/in-cluster-client-configuration/README.md b/staging/src/k8s.io/client-go/examples/in-cluster-client-configuration/README.md index eaa10e0fe15..6f42ca3575f 100644 --- a/staging/src/k8s.io/client-go/examples/in-cluster-client-configuration/README.md +++ b/staging/src/k8s.io/client-go/examples/in-cluster-client-configuration/README.md @@ -25,7 +25,9 @@ build the image on Minikube: docker build -t in-cluster . If you are not using Minikube, you should build this image and push it to a registry -that your Kubernetes cluster can pull from. If you have RBAC enabled, use the following +that your Kubernetes cluster can pull from. + +If you have RBAC enabled on your cluster, use the following snippet to create role binding which will grant the default service account view permissions. diff --git a/staging/src/k8s.io/client-go/examples/out-of-cluster-client-configuration/README.md b/staging/src/k8s.io/client-go/examples/out-of-cluster-client-configuration/README.md index 80da4a16895..c2bccfb63be 100644 --- a/staging/src/k8s.io/client-go/examples/out-of-cluster-client-configuration/README.md +++ b/staging/src/k8s.io/client-go/examples/out-of-cluster-client-configuration/README.md @@ -20,7 +20,7 @@ Run this application with: ./app Running this application will use the kubeconfig file and then authenticate to the -cluster, and print the number of nodes in the cluster every 10 seconds: +cluster, and print the number of pods in the cluster every 10 seconds: $ ./app There are 3 pods in the cluster diff --git a/staging/src/k8s.io/client-go/examples/workqueue/README.md b/staging/src/k8s.io/client-go/examples/workqueue/README.md index 2ac97049fae..2cde9c17d2f 100644 --- a/staging/src/k8s.io/client-go/examples/workqueue/README.md +++ b/staging/src/k8s.io/client-go/examples/workqueue/README.md @@ -7,7 +7,7 @@ It demonstrates how to: * combine the workqueue with a cache to a full controller * synchronize the controller on startup -The example is based on https://git.k8s.io/community/contributors/devel/controllers.md. +The example is based on https://git.k8s.io/community/contributors/devel/sig-api-machinery/controllers.md. ## Running diff --git a/staging/src/k8s.io/client-go/informers/BUILD b/staging/src/k8s.io/client-go/informers/BUILD index b0d4e744835..9b0b297a8bf 100644 --- a/staging/src/k8s.io/client-go/informers/BUILD +++ b/staging/src/k8s.io/client-go/informers/BUILD @@ -28,6 +28,7 @@ go_library( "//staging/src/k8s.io/api/events/v1beta1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/api/networking/v1:go_default_library", + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/api/policy/v1beta1:go_default_library", "//staging/src/k8s.io/api/rbac/v1:go_default_library", "//staging/src/k8s.io/api/rbac/v1alpha1:go_default_library", diff --git a/staging/src/k8s.io/client-go/informers/generic.go b/staging/src/k8s.io/client-go/informers/generic.go index 530536d598c..06cd4563d39 100644 --- a/staging/src/k8s.io/client-go/informers/generic.go +++ b/staging/src/k8s.io/client-go/informers/generic.go @@ -39,6 +39,7 @@ import ( eventsv1beta1 "k8s.io/api/events/v1beta1" extensionsv1beta1 "k8s.io/api/extensions/v1beta1" networkingv1 "k8s.io/api/networking/v1" + networkingv1beta1 "k8s.io/api/networking/v1beta1" policyv1beta1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" rbacv1alpha1 "k8s.io/api/rbac/v1alpha1" @@ -211,6 +212,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case networkingv1.SchemeGroupVersion.WithResource("networkpolicies"): return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1().NetworkPolicies().Informer()}, nil + // Group=networking.k8s.io, Version=v1beta1 + case networkingv1beta1.SchemeGroupVersion.WithResource("ingresses"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1beta1().Ingresses().Informer()}, nil + // Group=policy, Version=v1beta1 case policyv1beta1.SchemeGroupVersion.WithResource("poddisruptionbudgets"): return &genericInformer{resource: resource.GroupResource(), informer: f.Policy().V1beta1().PodDisruptionBudgets().Informer()}, nil diff --git a/staging/src/k8s.io/client-go/informers/networking/BUILD b/staging/src/k8s.io/client-go/informers/networking/BUILD index 719db0c0619..5c4ba64d567 100644 --- a/staging/src/k8s.io/client-go/informers/networking/BUILD +++ b/staging/src/k8s.io/client-go/informers/networking/BUILD @@ -13,6 +13,7 @@ go_library( deps = [ "//staging/src/k8s.io/client-go/informers/internalinterfaces:go_default_library", "//staging/src/k8s.io/client-go/informers/networking/v1:go_default_library", + "//staging/src/k8s.io/client-go/informers/networking/v1beta1:go_default_library", ], ) @@ -28,6 +29,7 @@ filegroup( srcs = [ ":package-srcs", "//staging/src/k8s.io/client-go/informers/networking/v1:all-srcs", + "//staging/src/k8s.io/client-go/informers/networking/v1beta1:all-srcs", ], tags = ["automanaged"], ) diff --git a/staging/src/k8s.io/client-go/informers/networking/interface.go b/staging/src/k8s.io/client-go/informers/networking/interface.go index 989e8fa0fe5..4a028d5d10e 100644 --- a/staging/src/k8s.io/client-go/informers/networking/interface.go +++ b/staging/src/k8s.io/client-go/informers/networking/interface.go @@ -21,12 +21,15 @@ package networking import ( internalinterfaces "k8s.io/client-go/informers/internalinterfaces" v1 "k8s.io/client-go/informers/networking/v1" + v1beta1 "k8s.io/client-go/informers/networking/v1beta1" ) // Interface provides access to each of this group's versions. type Interface interface { // V1 provides access to shared informers for resources in V1. V1() v1.Interface + // V1beta1 provides access to shared informers for resources in V1beta1. + V1beta1() v1beta1.Interface } type group struct { @@ -44,3 +47,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (g *group) V1() v1.Interface { return v1.New(g.factory, g.namespace, g.tweakListOptions) } + +// V1beta1 returns a new v1beta1.Interface. +func (g *group) V1beta1() v1beta1.Interface { + return v1beta1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/staging/src/k8s.io/client-go/informers/networking/v1beta1/BUILD b/staging/src/k8s.io/client-go/informers/networking/v1beta1/BUILD new file mode 100644 index 00000000000..2486558e7fc --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/networking/v1beta1/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "ingress.go", + "interface.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/informers/networking/v1beta1", + importpath = "k8s.io/client-go/informers/networking/v1beta1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/informers/internalinterfaces:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes:go_default_library", + "//staging/src/k8s.io/client-go/listers/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/informers/networking/v1beta1/ingress.go b/staging/src/k8s.io/client-go/informers/networking/v1beta1/ingress.go new file mode 100644 index 00000000000..8abd00e17b0 --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/networking/v1beta1/ingress.go @@ -0,0 +1,89 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + time "time" + + networkingv1beta1 "k8s.io/api/networking/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" + kubernetes "k8s.io/client-go/kubernetes" + v1beta1 "k8s.io/client-go/listers/networking/v1beta1" + cache "k8s.io/client-go/tools/cache" +) + +// IngressInformer provides access to a shared informer and lister for +// Ingresses. +type IngressInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1beta1.IngressLister +} + +type ingressInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewIngressInformer constructs a new informer for Ingress type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewIngressInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredIngressInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredIngressInformer constructs a new informer for Ingress type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredIngressInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.NetworkingV1beta1().Ingresses(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.NetworkingV1beta1().Ingresses(namespace).Watch(options) + }, + }, + &networkingv1beta1.Ingress{}, + resyncPeriod, + indexers, + ) +} + +func (f *ingressInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredIngressInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *ingressInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&networkingv1beta1.Ingress{}, f.defaultInformer) +} + +func (f *ingressInformer) Lister() v1beta1.IngressLister { + return v1beta1.NewIngressLister(f.Informer().GetIndexer()) +} diff --git a/staging/src/k8s.io/client-go/informers/networking/v1beta1/interface.go b/staging/src/k8s.io/client-go/informers/networking/v1beta1/interface.go new file mode 100644 index 00000000000..ab170dfc86c --- /dev/null +++ b/staging/src/k8s.io/client-go/informers/networking/v1beta1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + internalinterfaces "k8s.io/client-go/informers/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // Ingresses returns a IngressInformer. + Ingresses() IngressInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// Ingresses returns a IngressInformer. +func (v *version) Ingresses() IngressInformer { + return &ingressInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/staging/src/k8s.io/client-go/kubernetes/BUILD b/staging/src/k8s.io/client-go/kubernetes/BUILD index 0dc5428be7d..8ee9390f085 100644 --- a/staging/src/k8s.io/client-go/kubernetes/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/BUILD @@ -34,6 +34,7 @@ go_library( "//staging/src/k8s.io/client-go/kubernetes/typed/events/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/policy/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/rbac/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1:go_default_library", @@ -84,6 +85,7 @@ filegroup( "//staging/src/k8s.io/client-go/kubernetes/typed/events/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/extensions/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1:all-srcs", + "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/policy/v1beta1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/rbac/v1:all-srcs", "//staging/src/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1:all-srcs", diff --git a/staging/src/k8s.io/client-go/kubernetes/clientset.go b/staging/src/k8s.io/client-go/kubernetes/clientset.go index 921250d4e43..26028f38f44 100644 --- a/staging/src/k8s.io/client-go/kubernetes/clientset.go +++ b/staging/src/k8s.io/client-go/kubernetes/clientset.go @@ -42,6 +42,7 @@ import ( eventsv1beta1 "k8s.io/client-go/kubernetes/typed/events/v1beta1" extensionsv1beta1 "k8s.io/client-go/kubernetes/typed/extensions/v1beta1" networkingv1 "k8s.io/client-go/kubernetes/typed/networking/v1" + networkingv1beta1 "k8s.io/client-go/kubernetes/typed/networking/v1beta1" policyv1beta1 "k8s.io/client-go/kubernetes/typed/policy/v1beta1" rbacv1 "k8s.io/client-go/kubernetes/typed/rbac/v1" rbacv1alpha1 "k8s.io/client-go/kubernetes/typed/rbac/v1alpha1" @@ -106,6 +107,7 @@ type Interface interface { NetworkingV1() networkingv1.NetworkingV1Interface // Deprecated: please explicitly pick a version if possible. Networking() networkingv1.NetworkingV1Interface + NetworkingV1beta1() networkingv1beta1.NetworkingV1beta1Interface PolicyV1beta1() policyv1beta1.PolicyV1beta1Interface // Deprecated: please explicitly pick a version if possible. Policy() policyv1beta1.PolicyV1beta1Interface @@ -154,6 +156,7 @@ type Clientset struct { eventsV1beta1 *eventsv1beta1.EventsV1beta1Client extensionsV1beta1 *extensionsv1beta1.ExtensionsV1beta1Client networkingV1 *networkingv1.NetworkingV1Client + networkingV1beta1 *networkingv1beta1.NetworkingV1beta1Client policyV1beta1 *policyv1beta1.PolicyV1beta1Client rbacV1 *rbacv1.RbacV1Client rbacV1beta1 *rbacv1beta1.RbacV1beta1Client @@ -354,6 +357,11 @@ func (c *Clientset) Networking() networkingv1.NetworkingV1Interface { return c.networkingV1 } +// NetworkingV1beta1 retrieves the NetworkingV1beta1Client +func (c *Clientset) NetworkingV1beta1() networkingv1beta1.NetworkingV1beta1Interface { + return c.networkingV1beta1 +} + // PolicyV1beta1 retrieves the PolicyV1beta1Client func (c *Clientset) PolicyV1beta1() policyv1beta1.PolicyV1beta1Interface { return c.policyV1beta1 @@ -538,6 +546,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } + cs.networkingV1beta1, err = networkingv1beta1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } cs.policyV1beta1, err = policyv1beta1.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -612,6 +624,7 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { cs.eventsV1beta1 = eventsv1beta1.NewForConfigOrDie(c) cs.extensionsV1beta1 = extensionsv1beta1.NewForConfigOrDie(c) cs.networkingV1 = networkingv1.NewForConfigOrDie(c) + cs.networkingV1beta1 = networkingv1beta1.NewForConfigOrDie(c) cs.policyV1beta1 = policyv1beta1.NewForConfigOrDie(c) cs.rbacV1 = rbacv1.NewForConfigOrDie(c) cs.rbacV1beta1 = rbacv1beta1.NewForConfigOrDie(c) @@ -652,6 +665,7 @@ func New(c rest.Interface) *Clientset { cs.eventsV1beta1 = eventsv1beta1.New(c) cs.extensionsV1beta1 = extensionsv1beta1.New(c) cs.networkingV1 = networkingv1.New(c) + cs.networkingV1beta1 = networkingv1beta1.New(c) cs.policyV1beta1 = policyv1beta1.New(c) cs.rbacV1 = rbacv1.New(c) cs.rbacV1beta1 = rbacv1beta1.New(c) diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/BUILD b/staging/src/k8s.io/client-go/kubernetes/fake/BUILD index 577b5925504..ea08fa1e97a 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/fake/BUILD @@ -33,6 +33,7 @@ go_library( "//staging/src/k8s.io/api/events/v1beta1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/api/networking/v1:go_default_library", + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/api/policy/v1beta1:go_default_library", "//staging/src/k8s.io/api/rbac/v1:go_default_library", "//staging/src/k8s.io/api/rbac/v1alpha1:go_default_library", @@ -96,6 +97,8 @@ go_library( "//staging/src/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1/fake:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/policy/v1beta1:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/policy/v1beta1/fake:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/rbac/v1:go_default_library", diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go index 94dcdf439de..cfee6a36296 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/clientset_generated.go @@ -68,6 +68,8 @@ import ( fakeextensionsv1beta1 "k8s.io/client-go/kubernetes/typed/extensions/v1beta1/fake" networkingv1 "k8s.io/client-go/kubernetes/typed/networking/v1" fakenetworkingv1 "k8s.io/client-go/kubernetes/typed/networking/v1/fake" + networkingv1beta1 "k8s.io/client-go/kubernetes/typed/networking/v1beta1" + fakenetworkingv1beta1 "k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake" policyv1beta1 "k8s.io/client-go/kubernetes/typed/policy/v1beta1" fakepolicyv1beta1 "k8s.io/client-go/kubernetes/typed/policy/v1beta1/fake" rbacv1 "k8s.io/client-go/kubernetes/typed/rbac/v1" @@ -308,6 +310,11 @@ func (c *Clientset) Networking() networkingv1.NetworkingV1Interface { return &fakenetworkingv1.FakeNetworkingV1{Fake: &c.Fake} } +// NetworkingV1beta1 retrieves the NetworkingV1beta1Client +func (c *Clientset) NetworkingV1beta1() networkingv1beta1.NetworkingV1beta1Interface { + return &fakenetworkingv1beta1.FakeNetworkingV1beta1{Fake: &c.Fake} +} + // PolicyV1beta1 retrieves the PolicyV1beta1Client func (c *Clientset) PolicyV1beta1() policyv1beta1.PolicyV1beta1Interface { return &fakepolicyv1beta1.FakePolicyV1beta1{Fake: &c.Fake} diff --git a/staging/src/k8s.io/client-go/kubernetes/fake/register.go b/staging/src/k8s.io/client-go/kubernetes/fake/register.go index 8e3e63b8d00..0769cd3eb39 100644 --- a/staging/src/k8s.io/client-go/kubernetes/fake/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/fake/register.go @@ -41,6 +41,7 @@ import ( eventsv1beta1 "k8s.io/api/events/v1beta1" extensionsv1beta1 "k8s.io/api/extensions/v1beta1" networkingv1 "k8s.io/api/networking/v1" + networkingv1beta1 "k8s.io/api/networking/v1beta1" policyv1beta1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" rbacv1alpha1 "k8s.io/api/rbac/v1alpha1" @@ -84,6 +85,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ eventsv1beta1.AddToScheme, extensionsv1beta1.AddToScheme, networkingv1.AddToScheme, + networkingv1beta1.AddToScheme, policyv1beta1.AddToScheme, rbacv1.AddToScheme, rbacv1beta1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD b/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD index 10ca14b87f0..d4578fff684 100644 --- a/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD +++ b/staging/src/k8s.io/client-go/kubernetes/scheme/BUILD @@ -32,6 +32,7 @@ go_library( "//staging/src/k8s.io/api/events/v1beta1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/api/networking/v1:go_default_library", + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/api/policy/v1beta1:go_default_library", "//staging/src/k8s.io/api/rbac/v1:go_default_library", "//staging/src/k8s.io/api/rbac/v1alpha1:go_default_library", diff --git a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go index 49f065c380d..395ff3a237f 100644 --- a/staging/src/k8s.io/client-go/kubernetes/scheme/register.go +++ b/staging/src/k8s.io/client-go/kubernetes/scheme/register.go @@ -41,6 +41,7 @@ import ( eventsv1beta1 "k8s.io/api/events/v1beta1" extensionsv1beta1 "k8s.io/api/extensions/v1beta1" networkingv1 "k8s.io/api/networking/v1" + networkingv1beta1 "k8s.io/api/networking/v1beta1" policyv1beta1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" rbacv1alpha1 "k8s.io/api/rbac/v1alpha1" @@ -84,6 +85,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{ eventsv1beta1.AddToScheme, extensionsv1beta1.AddToScheme, networkingv1.AddToScheme, + networkingv1beta1.AddToScheme, policyv1beta1.AddToScheme, rbacv1.AddToScheme, rbacv1beta1.AddToScheme, diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/authentication/OWNERS b/staging/src/k8s.io/client-go/kubernetes/typed/authentication/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/staging/src/k8s.io/client-go/kubernetes/typed/authentication/OWNERS +++ b/staging/src/k8s.io/client-go/kubernetes/typed/authentication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/authorization/OWNERS b/staging/src/k8s.io/client-go/kubernetes/typed/authorization/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/staging/src/k8s.io/client-go/kubernetes/typed/authorization/OWNERS +++ b/staging/src/k8s.io/client-go/kubernetes/typed/authorization/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/BUILD new file mode 100644 index 00000000000..3501791aef6 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/BUILD @@ -0,0 +1,40 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "generated_expansion.go", + "ingress.go", + "networking_client.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/networking/v1beta1", + importpath = "k8s.io/client-go/kubernetes/typed/networking/v1beta1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/doc.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/doc.go rename to staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/doc.go diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/BUILD b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/BUILD new file mode 100644 index 00000000000..78061dcceb0 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "fake_ingress.go", + "fake_networking_client.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake", + importpath = "k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", + "//staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/client-go/testing:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/doc.go b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/doc.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/doc.go rename to staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/doc.go diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/fake_ingress.go b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/fake_ingress.go new file mode 100644 index 00000000000..ee7821778e5 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/fake_ingress.go @@ -0,0 +1,140 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1beta1 "k8s.io/api/networking/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeIngresses implements IngressInterface +type FakeIngresses struct { + Fake *FakeNetworkingV1beta1 + ns string +} + +var ingressesResource = schema.GroupVersionResource{Group: "networking.k8s.io", Version: "v1beta1", Resource: "ingresses"} + +var ingressesKind = schema.GroupVersionKind{Group: "networking.k8s.io", Version: "v1beta1", Kind: "Ingress"} + +// Get takes name of the ingress, and returns the corresponding ingress object, and an error if there is any. +func (c *FakeIngresses) Get(name string, options v1.GetOptions) (result *v1beta1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(ingressesResource, c.ns, name), &v1beta1.Ingress{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Ingress), err +} + +// List takes label and field selectors, and returns the list of Ingresses that match those selectors. +func (c *FakeIngresses) List(opts v1.ListOptions) (result *v1beta1.IngressList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(ingressesResource, ingressesKind, c.ns, opts), &v1beta1.IngressList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.IngressList{ListMeta: obj.(*v1beta1.IngressList).ListMeta} + for _, item := range obj.(*v1beta1.IngressList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested ingresses. +func (c *FakeIngresses) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(ingressesResource, c.ns, opts)) + +} + +// Create takes the representation of a ingress and creates it. Returns the server's representation of the ingress, and an error, if there is any. +func (c *FakeIngresses) Create(ingress *v1beta1.Ingress) (result *v1beta1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(ingressesResource, c.ns, ingress), &v1beta1.Ingress{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Ingress), err +} + +// Update takes the representation of a ingress and updates it. Returns the server's representation of the ingress, and an error, if there is any. +func (c *FakeIngresses) Update(ingress *v1beta1.Ingress) (result *v1beta1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(ingressesResource, c.ns, ingress), &v1beta1.Ingress{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Ingress), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeIngresses) UpdateStatus(ingress *v1beta1.Ingress) (*v1beta1.Ingress, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(ingressesResource, "status", c.ns, ingress), &v1beta1.Ingress{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Ingress), err +} + +// Delete takes name of the ingress and deletes it. Returns an error if one occurs. +func (c *FakeIngresses) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(ingressesResource, c.ns, name), &v1beta1.Ingress{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeIngresses) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(ingressesResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1beta1.IngressList{}) + return err +} + +// Patch applies the patch and returns the patched ingress. +func (c *FakeIngresses) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(ingressesResource, c.ns, name, pt, data, subresources...), &v1beta1.Ingress{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Ingress), err +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/fake_networking_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/fake_networking_client.go new file mode 100644 index 00000000000..bfe6fee684f --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake/fake_networking_client.go @@ -0,0 +1,40 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1beta1 "k8s.io/client-go/kubernetes/typed/networking/v1beta1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeNetworkingV1beta1 struct { + *testing.Fake +} + +func (c *FakeNetworkingV1beta1) Ingresses(namespace string) v1beta1.IngressInterface { + return &FakeIngresses{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeNetworkingV1beta1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/generated_expansion.go b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/generated_expansion.go new file mode 100644 index 00000000000..1442649b376 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +type IngressExpansion interface{} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/ingress.go b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/ingress.go new file mode 100644 index 00000000000..8d76678f166 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/ingress.go @@ -0,0 +1,191 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "time" + + v1beta1 "k8s.io/api/networking/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + scheme "k8s.io/client-go/kubernetes/scheme" + rest "k8s.io/client-go/rest" +) + +// IngressesGetter has a method to return a IngressInterface. +// A group's client should implement this interface. +type IngressesGetter interface { + Ingresses(namespace string) IngressInterface +} + +// IngressInterface has methods to work with Ingress resources. +type IngressInterface interface { + Create(*v1beta1.Ingress) (*v1beta1.Ingress, error) + Update(*v1beta1.Ingress) (*v1beta1.Ingress, error) + UpdateStatus(*v1beta1.Ingress) (*v1beta1.Ingress, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1beta1.Ingress, error) + List(opts v1.ListOptions) (*v1beta1.IngressList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.Ingress, err error) + IngressExpansion +} + +// ingresses implements IngressInterface +type ingresses struct { + client rest.Interface + ns string +} + +// newIngresses returns a Ingresses +func newIngresses(c *NetworkingV1beta1Client, namespace string) *ingresses { + return &ingresses{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the ingress, and returns the corresponding ingress object, and an error if there is any. +func (c *ingresses) Get(name string, options v1.GetOptions) (result *v1beta1.Ingress, err error) { + result = &v1beta1.Ingress{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ingresses"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Ingresses that match those selectors. +func (c *ingresses) List(opts v1.ListOptions) (result *v1beta1.IngressList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.IngressList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ingresses"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested ingresses. +func (c *ingresses) Watch(opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("ingresses"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch() +} + +// Create takes the representation of a ingress and creates it. Returns the server's representation of the ingress, and an error, if there is any. +func (c *ingresses) Create(ingress *v1beta1.Ingress) (result *v1beta1.Ingress, err error) { + result = &v1beta1.Ingress{} + err = c.client.Post(). + Namespace(c.ns). + Resource("ingresses"). + Body(ingress). + Do(). + Into(result) + return +} + +// Update takes the representation of a ingress and updates it. Returns the server's representation of the ingress, and an error, if there is any. +func (c *ingresses) Update(ingress *v1beta1.Ingress) (result *v1beta1.Ingress, err error) { + result = &v1beta1.Ingress{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ingresses"). + Name(ingress.Name). + Body(ingress). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *ingresses) UpdateStatus(ingress *v1beta1.Ingress) (result *v1beta1.Ingress, err error) { + result = &v1beta1.Ingress{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ingresses"). + Name(ingress.Name). + SubResource("status"). + Body(ingress). + Do(). + Into(result) + return +} + +// Delete takes name of the ingress and deletes it. Returns an error if one occurs. +func (c *ingresses) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("ingresses"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *ingresses) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + var timeout time.Duration + if listOptions.TimeoutSeconds != nil { + timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("ingresses"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Timeout(timeout). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched ingress. +func (c *ingresses) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.Ingress, err error) { + result = &v1beta1.Ingress{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("ingresses"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/networking_client.go b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/networking_client.go new file mode 100644 index 00000000000..541bf6a9a16 --- /dev/null +++ b/staging/src/k8s.io/client-go/kubernetes/typed/networking/v1beta1/networking_client.go @@ -0,0 +1,90 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "k8s.io/api/networking/v1beta1" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + "k8s.io/client-go/kubernetes/scheme" + rest "k8s.io/client-go/rest" +) + +type NetworkingV1beta1Interface interface { + RESTClient() rest.Interface + IngressesGetter +} + +// NetworkingV1beta1Client is used to interact with features provided by the networking.k8s.io group. +type NetworkingV1beta1Client struct { + restClient rest.Interface +} + +func (c *NetworkingV1beta1Client) Ingresses(namespace string) IngressInterface { + return newIngresses(c, namespace) +} + +// NewForConfig creates a new NetworkingV1beta1Client for the given config. +func NewForConfig(c *rest.Config) (*NetworkingV1beta1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &NetworkingV1beta1Client{client}, nil +} + +// NewForConfigOrDie creates a new NetworkingV1beta1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *NetworkingV1beta1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new NetworkingV1beta1Client for the given RESTClient. +func New(c rest.Interface) *NetworkingV1beta1Client { + return &NetworkingV1beta1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1beta1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *NetworkingV1beta1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/staging/src/k8s.io/client-go/kubernetes/typed/rbac/OWNERS b/staging/src/k8s.io/client-go/kubernetes/typed/rbac/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/staging/src/k8s.io/client-go/kubernetes/typed/rbac/OWNERS +++ b/staging/src/k8s.io/client-go/kubernetes/typed/rbac/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/listers/authentication/OWNERS b/staging/src/k8s.io/client-go/listers/authentication/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/staging/src/k8s.io/client-go/listers/authentication/OWNERS +++ b/staging/src/k8s.io/client-go/listers/authentication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/listers/authorization/OWNERS b/staging/src/k8s.io/client-go/listers/authorization/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/staging/src/k8s.io/client-go/listers/authorization/OWNERS +++ b/staging/src/k8s.io/client-go/listers/authorization/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/listers/networking/v1beta1/BUILD b/staging/src/k8s.io/client-go/listers/networking/v1beta1/BUILD new file mode 100644 index 00000000000..e1e6985fe17 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/networking/v1beta1/BUILD @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "expansion_generated.go", + "ingress.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/listers/networking/v1beta1", + importpath = "k8s.io/client-go/listers/networking/v1beta1", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/client-go/tools/cache:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/client-go/listers/networking/v1beta1/expansion_generated.go b/staging/src/k8s.io/client-go/listers/networking/v1beta1/expansion_generated.go new file mode 100644 index 00000000000..df6da06ebb7 --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/networking/v1beta1/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +// IngressListerExpansion allows custom methods to be added to +// IngressLister. +type IngressListerExpansion interface{} + +// IngressNamespaceListerExpansion allows custom methods to be added to +// IngressNamespaceLister. +type IngressNamespaceListerExpansion interface{} diff --git a/staging/src/k8s.io/client-go/listers/networking/v1beta1/ingress.go b/staging/src/k8s.io/client-go/listers/networking/v1beta1/ingress.go new file mode 100644 index 00000000000..6676742e34b --- /dev/null +++ b/staging/src/k8s.io/client-go/listers/networking/v1beta1/ingress.go @@ -0,0 +1,94 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "k8s.io/api/networking/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// IngressLister helps list Ingresses. +type IngressLister interface { + // List lists all Ingresses in the indexer. + List(selector labels.Selector) (ret []*v1beta1.Ingress, err error) + // Ingresses returns an object that can list and get Ingresses. + Ingresses(namespace string) IngressNamespaceLister + IngressListerExpansion +} + +// ingressLister implements the IngressLister interface. +type ingressLister struct { + indexer cache.Indexer +} + +// NewIngressLister returns a new IngressLister. +func NewIngressLister(indexer cache.Indexer) IngressLister { + return &ingressLister{indexer: indexer} +} + +// List lists all Ingresses in the indexer. +func (s *ingressLister) List(selector labels.Selector) (ret []*v1beta1.Ingress, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.Ingress)) + }) + return ret, err +} + +// Ingresses returns an object that can list and get Ingresses. +func (s *ingressLister) Ingresses(namespace string) IngressNamespaceLister { + return ingressNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// IngressNamespaceLister helps list and get Ingresses. +type IngressNamespaceLister interface { + // List lists all Ingresses in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1beta1.Ingress, err error) + // Get retrieves the Ingress from the indexer for a given namespace and name. + Get(name string) (*v1beta1.Ingress, error) + IngressNamespaceListerExpansion +} + +// ingressNamespaceLister implements the IngressNamespaceLister +// interface. +type ingressNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all Ingresses in the indexer for a given namespace. +func (s ingressNamespaceLister) List(selector labels.Selector) (ret []*v1beta1.Ingress, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.Ingress)) + }) + return ret, err +} + +// Get retrieves the Ingress from the indexer for a given namespace and name. +func (s ingressNamespaceLister) Get(name string) (*v1beta1.Ingress, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1beta1.Resource("ingress"), name) + } + return obj.(*v1beta1.Ingress), nil +} diff --git a/staging/src/k8s.io/client-go/listers/rbac/OWNERS b/staging/src/k8s.io/client-go/listers/rbac/OWNERS index cd0d70a0f8f..7b3130fdcbc 100644 --- a/staging/src/k8s.io/client-go/listers/rbac/OWNERS +++ b/staging/src/k8s.io/client-go/listers/rbac/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authorizers-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/pkg/apis/clientauthentication/OWNERS b/staging/src/k8s.io/client-go/pkg/apis/clientauthentication/OWNERS index 3b7ea1b131f..e0ec62deb2b 100644 --- a/staging/src/k8s.io/client-go/pkg/apis/clientauthentication/OWNERS +++ b/staging/src/k8s.io/client-go/pkg/apis/clientauthentication/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # approval on api packages bubbles to api-approvers reviewers: - sig-auth-authenticators-approvers diff --git a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/OWNERS b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/OWNERS +++ b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/gcp/OWNERS b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/gcp/OWNERS index 6cf8db8ac92..97fcd3dd302 100644 --- a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/gcp/OWNERS +++ b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/gcp/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - cjcullen - jlowdermilk diff --git a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS index e0f3c6ca980..03fb44ea24b 100644 --- a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS +++ b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - ericchiang reviewers: diff --git a/staging/src/k8s.io/client-go/rest/OWNERS b/staging/src/k8s.io/client-go/rest/OWNERS old mode 100755 new mode 100644 index 8d97da007d4..49dabc61b00 --- a/staging/src/k8s.io/client-go/rest/OWNERS +++ b/staging/src/k8s.io/client-go/rest/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - thockin - smarterclayton diff --git a/staging/src/k8s.io/client-go/restmapper/BUILD b/staging/src/k8s.io/client-go/restmapper/BUILD index ed8006f0318..4d3169b655a 100644 --- a/staging/src/k8s.io/client-go/restmapper/BUILD +++ b/staging/src/k8s.io/client-go/restmapper/BUILD @@ -36,6 +36,7 @@ go_test( "//staging/src/k8s.io/client-go/discovery:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/rest/fake:go_default_library", + "//vendor/github.com/davecgh/go-spew/spew:go_default_library", "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library", "//vendor/github.com/stretchr/testify/assert:go_default_library", ], diff --git a/staging/src/k8s.io/client-go/restmapper/category_expansion.go b/staging/src/k8s.io/client-go/restmapper/category_expansion.go index 1620bbcf810..2537a2b4e25 100644 --- a/staging/src/k8s.io/client-go/restmapper/category_expansion.go +++ b/staging/src/k8s.io/client-go/restmapper/category_expansion.go @@ -21,7 +21,7 @@ import ( "k8s.io/client-go/discovery" ) -// CategoryExpander maps category strings to GroupResouces. +// CategoryExpander maps category strings to GroupResources. // Categories are classification or 'tag' of a group of resources. type CategoryExpander interface { Expand(category string) ([]schema.GroupResource, bool) diff --git a/staging/src/k8s.io/client-go/restmapper/discovery.go b/staging/src/k8s.io/client-go/restmapper/discovery.go index 84491f4c5d1..f8d7080d49e 100644 --- a/staging/src/k8s.io/client-go/restmapper/discovery.go +++ b/staging/src/k8s.io/client-go/restmapper/discovery.go @@ -145,27 +145,26 @@ func NewDiscoveryRESTMapper(groupResources []*APIGroupResources) meta.RESTMapper // GetAPIGroupResources uses the provided discovery client to gather // discovery information and populate a slice of APIGroupResources. func GetAPIGroupResources(cl discovery.DiscoveryInterface) ([]*APIGroupResources, error) { - apiGroups, err := cl.ServerGroups() - if err != nil { - if apiGroups == nil || len(apiGroups.Groups) == 0 { - return nil, err - } + gs, rs, err := cl.ServerGroupsAndResources() + if rs == nil || gs == nil { + return nil, err // TODO track the errors and update callers to handle partial errors. } + rsm := map[string]*metav1.APIResourceList{} + for _, r := range rs { + rsm[r.GroupVersion] = r + } + var result []*APIGroupResources - for _, group := range apiGroups.Groups { + for _, group := range gs { groupResources := &APIGroupResources{ - Group: group, + Group: *group, VersionedResources: make(map[string][]metav1.APIResource), } for _, version := range group.Versions { - resources, err := cl.ServerResourcesForGroupVersion(version.GroupVersion) - if err != nil { - // continue as best we can - // TODO track the errors and update callers to handle partial errors. - if resources == nil || len(resources.APIResources) == 0 { - continue - } + resources, ok := rsm[version.GroupVersion] + if !ok { + continue } groupResources.VersionedResources[version.Version] = resources.APIResources } diff --git a/staging/src/k8s.io/client-go/restmapper/discovery_test.go b/staging/src/k8s.io/client-go/restmapper/discovery_test.go index 1b8e7c4f056..77a16c481e3 100644 --- a/staging/src/k8s.io/client-go/restmapper/discovery_test.go +++ b/staging/src/k8s.io/client-go/restmapper/discovery_test.go @@ -17,9 +17,11 @@ limitations under the License. package restmapper import ( + "fmt" "reflect" "testing" + "github.com/davecgh/go-spew/spew" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" @@ -283,10 +285,146 @@ func TestDeferredDiscoveryRESTMapper_CacheMiss(t *testing.T) { assert.Equal(cdc.invalidateCalls, 2, "should HAVE called Invalidate() again after another cache-miss, but with fresh==false") } +func TestGetAPIGroupResources(t *testing.T) { + type Test struct { + name string + + discovery DiscoveryInterface + + expected []*APIGroupResources + expectedError error + } + + for _, test := range []Test{ + {"nil", &fakeFailingDiscovery{nil, nil, nil, nil}, nil, nil}, + {"normal", + &fakeFailingDiscovery{ + []metav1.APIGroup{aGroup, bGroup}, nil, + map[string]*metav1.APIResourceList{"a/v1": &aResources, "b/v1": &bResources}, nil, + }, + []*APIGroupResources{ + {aGroup, map[string][]metav1.APIResource{"v1": {aFoo}}}, + {bGroup, map[string][]metav1.APIResource{"v1": {bBar}}}, + }, nil, + }, + {"groups failed, but has fallback with a only", + &fakeFailingDiscovery{ + []metav1.APIGroup{aGroup}, fmt.Errorf("error fetching groups"), + map[string]*metav1.APIResourceList{"a/v1": &aResources, "b/v1": &bResources}, nil, + }, + []*APIGroupResources{ + {aGroup, map[string][]metav1.APIResource{"v1": {aFoo}}}, + }, nil, + }, + {"groups failed, but has no fallback", + &fakeFailingDiscovery{ + nil, fmt.Errorf("error fetching groups"), + map[string]*metav1.APIResourceList{"a/v1": &aResources, "b/v1": &bResources}, nil, + }, + nil, fmt.Errorf("error fetching groups"), + }, + {"a failed, but has fallback", + &fakeFailingDiscovery{ + []metav1.APIGroup{aGroup, bGroup}, nil, + map[string]*metav1.APIResourceList{"a/v1": &aResources, "b/v1": &bResources}, map[string]error{"a/v1": fmt.Errorf("a failed")}, + }, + []*APIGroupResources{ + {aGroup, map[string][]metav1.APIResource{"v1": {aFoo}}}, + {bGroup, map[string][]metav1.APIResource{"v1": {bBar}}}, + }, nil, // TODO: do we want this? + }, + {"a failed, but has no fallback", + &fakeFailingDiscovery{ + []metav1.APIGroup{aGroup, bGroup}, nil, + map[string]*metav1.APIResourceList{"b/v1": &bResources}, map[string]error{"a/v1": fmt.Errorf("a failed")}, + }, + []*APIGroupResources{ + {aGroup, map[string][]metav1.APIResource{}}, + {bGroup, map[string][]metav1.APIResource{"v1": {bBar}}}, + }, nil, // TODO: do we want this? + }, + {"a and b failed, but have fallbacks", + &fakeFailingDiscovery{ + []metav1.APIGroup{aGroup, bGroup}, nil, + map[string]*metav1.APIResourceList{"a/v1": &aResources, "b/v1": &bResources}, // TODO: both fallbacks are ignored + map[string]error{"a/v1": fmt.Errorf("a failed"), "b/v1": fmt.Errorf("b failed")}, + }, + []*APIGroupResources{ + {aGroup, map[string][]metav1.APIResource{"v1": {aFoo}}}, + {bGroup, map[string][]metav1.APIResource{"v1": {bBar}}}, + }, nil, // TODO: do we want this? + }, + } { + t.Run(test.name, func(t *testing.T) { + got, err := GetAPIGroupResources(test.discovery) + if err == nil && test.expectedError != nil { + t.Fatalf("expected error %q, but got none", test.expectedError) + } else if err != nil && test.expectedError == nil { + t.Fatalf("unexpected error: %v", err) + } + if !reflect.DeepEqual(test.expected, got) { + t.Errorf("unexpected result:\nexpected = %s\ngot = %s", spew.Sdump(test.expected), spew.Sdump(got)) + } + }) + } + +} + +var _ DiscoveryInterface = &fakeFailingDiscovery{} + +type fakeFailingDiscovery struct { + groups []metav1.APIGroup + groupsErr error + + resourcesForGroupVersion map[string]*metav1.APIResourceList + resourcesForGroupVersionErr map[string]error +} + +func (*fakeFailingDiscovery) RESTClient() restclient.Interface { + return nil +} + +func (d *fakeFailingDiscovery) ServerGroups() (*metav1.APIGroupList, error) { + if d.groups == nil && d.groupsErr != nil { + return nil, d.groupsErr + } + return &metav1.APIGroupList{Groups: d.groups}, d.groupsErr +} + +func (d *fakeFailingDiscovery) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return ServerGroupsAndResources(d) +} +func (d *fakeFailingDiscovery) ServerResourcesForGroupVersion(groupVersion string) (*metav1.APIResourceList, error) { + if rs, found := d.resourcesForGroupVersion[groupVersion]; found { + return rs, d.resourcesForGroupVersionErr[groupVersion] + } + return nil, fmt.Errorf("not found") +} + +func (d *fakeFailingDiscovery) ServerResources() ([]*metav1.APIResourceList, error) { + return ServerResources(d) +} + +func (d *fakeFailingDiscovery) ServerPreferredResources() ([]*metav1.APIResourceList, error) { + return ServerPreferredResources(d) +} + +func (d *fakeFailingDiscovery) ServerPreferredNamespacedResources() ([]*metav1.APIResourceList, error) { + return ServerPreferredNamespacedResources(d) +} + +func (*fakeFailingDiscovery) ServerVersion() (*version.Info, error) { + return &version.Info{}, nil +} + +func (*fakeFailingDiscovery) OpenAPISchema() (*openapi_v2.Document, error) { + panic("implement me") +} + type fakeCachedDiscoveryInterface struct { invalidateCalls int fresh bool - enabledA bool + enabledGroupA bool } var _ CachedDiscoveryInterface = &fakeCachedDiscoveryInterface{} @@ -298,7 +436,7 @@ func (c *fakeCachedDiscoveryInterface) Fresh() bool { func (c *fakeCachedDiscoveryInterface) Invalidate() { c.invalidateCalls = c.invalidateCalls + 1 c.fresh = true - c.enabledA = true + c.enabledGroupA = true } func (c *fakeCachedDiscoveryInterface) RESTClient() restclient.Interface { @@ -306,55 +444,33 @@ func (c *fakeCachedDiscoveryInterface) RESTClient() restclient.Interface { } func (c *fakeCachedDiscoveryInterface) ServerGroups() (*metav1.APIGroupList, error) { - if c.enabledA { + if c.enabledGroupA { return &metav1.APIGroupList{ - Groups: []metav1.APIGroup{ - { - Name: "a", - Versions: []metav1.GroupVersionForDiscovery{ - { - GroupVersion: "a/v1", - Version: "v1", - }, - }, - PreferredVersion: metav1.GroupVersionForDiscovery{ - GroupVersion: "a/v1", - Version: "v1", - }, - }, - }, + Groups: []metav1.APIGroup{aGroup}, }, nil } return &metav1.APIGroupList{}, nil } +func (c *fakeCachedDiscoveryInterface) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + return ServerGroupsAndResources(c) +} + func (c *fakeCachedDiscoveryInterface) ServerResourcesForGroupVersion(groupVersion string) (*metav1.APIResourceList, error) { - if c.enabledA && groupVersion == "a/v1" { - return &metav1.APIResourceList{ - GroupVersion: "a/v1", - APIResources: []metav1.APIResource{ - { - Name: "foo", - Kind: "Foo", - Namespaced: false, - }, - }, - }, nil + if c.enabledGroupA && groupVersion == "a/v1" { + return &aResources, nil } return nil, errors.NewNotFound(schema.GroupResource{}, "") } +// Deprecated: use ServerGroupsAndResources instead. func (c *fakeCachedDiscoveryInterface) ServerResources() ([]*metav1.APIResourceList, error) { - if c.enabledA { - av1, _ := c.ServerResourcesForGroupVersion("a/v1") - return []*metav1.APIResourceList{av1}, nil - } - return []*metav1.APIResourceList{}, nil + return ServerResources(c) } func (c *fakeCachedDiscoveryInterface) ServerPreferredResources() ([]*metav1.APIResourceList, error) { - if c.enabledA { + if c.enabledGroupA { return []*metav1.APIResourceList{ { GroupVersion: "a/v1", @@ -382,3 +498,50 @@ func (c *fakeCachedDiscoveryInterface) ServerVersion() (*version.Info, error) { func (c *fakeCachedDiscoveryInterface) OpenAPISchema() (*openapi_v2.Document, error) { return &openapi_v2.Document{}, nil } + +var ( + aGroup = metav1.APIGroup{ + Name: "a", + Versions: []metav1.GroupVersionForDiscovery{ + { + GroupVersion: "a/v1", + Version: "v1", + }, + }, + PreferredVersion: metav1.GroupVersionForDiscovery{ + GroupVersion: "a/v1", + Version: "v1", + }, + } + bGroup = metav1.APIGroup{ + Name: "b", + Versions: []metav1.GroupVersionForDiscovery{ + { + GroupVersion: "b/v1", + Version: "v1", + }, + }, + PreferredVersion: metav1.GroupVersionForDiscovery{ + GroupVersion: "b/v1", + Version: "v1", + }, + } + aResources = metav1.APIResourceList{ + GroupVersion: "a/v1", + APIResources: []metav1.APIResource{aFoo}, + } + aFoo = metav1.APIResource{ + Name: "foo", + Kind: "Foo", + Namespaced: false, + } + bResources = metav1.APIResourceList{ + GroupVersion: "b/v1", + APIResources: []metav1.APIResource{bBar}, + } + bBar = metav1.APIResource{ + Name: "bar", + Kind: "Bar", + Namespaced: true, + } +) diff --git a/staging/src/k8s.io/client-go/restmapper/shortcut_test.go b/staging/src/k8s.io/client-go/restmapper/shortcut_test.go index dbc288fadff..3a4a99ea88f 100644 --- a/staging/src/k8s.io/client-go/restmapper/shortcut_test.go +++ b/staging/src/k8s.io/client-go/restmapper/shortcut_test.go @@ -265,11 +265,26 @@ func (c *fakeDiscoveryClient) ServerResourcesForGroupVersion(groupVersion string return nil, errors.NewNotFound(schema.GroupResource{}, "") } +// Deprecated: use ServerGroupsAndResources instead. func (c *fakeDiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) { - if c.serverResourcesHandler != nil { - return c.serverResourcesHandler() + _, rs, err := c.ServerGroupsAndResources() + return rs, err +} + +func (c *fakeDiscoveryClient) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) { + sgs, err := c.ServerGroups() + if err != nil { + return nil, nil, err } - return []*metav1.APIResourceList{}, nil + resultGroups := []*metav1.APIGroup{} + for i := range sgs.Groups { + resultGroups = append(resultGroups, &sgs.Groups[i]) + } + if c.serverResourcesHandler != nil { + rs, err := c.serverResourcesHandler() + return resultGroups, rs, err + } + return resultGroups, []*metav1.APIResourceList{}, nil } func (c *fakeDiscoveryClient) ServerPreferredResources() ([]*metav1.APIResourceList, error) { diff --git a/staging/src/k8s.io/client-go/testing/BUILD b/staging/src/k8s.io/client-go/testing/BUILD index 85ba75c4b0c..fc8998248b6 100644 --- a/staging/src/k8s.io/client-go/testing/BUILD +++ b/staging/src/k8s.io/client-go/testing/BUILD @@ -34,7 +34,10 @@ go_library( go_test( name = "go_default_test", - srcs = ["fixture_test.go"], + srcs = [ + "fake_test.go", + "fixture_test.go", + ], embed = [":go_default_library"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/api/meta:go_default_library", diff --git a/staging/src/k8s.io/client-go/testing/fake.go b/staging/src/k8s.io/client-go/testing/fake.go index 8b3f31eaf5c..8b9ee149c83 100644 --- a/staging/src/k8s.io/client-go/testing/fake.go +++ b/staging/src/k8s.io/client-go/testing/fake.go @@ -131,13 +131,14 @@ func (c *Fake) Invokes(action Action, defaultReturnObj runtime.Object) (runtime. c.Lock() defer c.Unlock() + actionCopy := action.DeepCopy() c.actions = append(c.actions, action.DeepCopy()) for _, reactor := range c.ReactionChain { - if !reactor.Handles(action) { + if !reactor.Handles(actionCopy) { continue } - handled, ret, err := reactor.React(action.DeepCopy()) + handled, ret, err := reactor.React(actionCopy) if !handled { continue } @@ -154,13 +155,14 @@ func (c *Fake) InvokesWatch(action Action) (watch.Interface, error) { c.Lock() defer c.Unlock() + actionCopy := action.DeepCopy() c.actions = append(c.actions, action.DeepCopy()) for _, reactor := range c.WatchReactionChain { - if !reactor.Handles(action) { + if !reactor.Handles(actionCopy) { continue } - handled, ret, err := reactor.React(action.DeepCopy()) + handled, ret, err := reactor.React(actionCopy) if !handled { continue } @@ -177,13 +179,14 @@ func (c *Fake) InvokesProxy(action Action) restclient.ResponseWrapper { c.Lock() defer c.Unlock() + actionCopy := action.DeepCopy() c.actions = append(c.actions, action.DeepCopy()) for _, reactor := range c.ProxyReactionChain { - if !reactor.Handles(action) { + if !reactor.Handles(actionCopy) { continue } - handled, ret, err := reactor.React(action.DeepCopy()) + handled, ret, err := reactor.React(actionCopy) if !handled || err != nil { continue } diff --git a/staging/src/k8s.io/client-go/testing/fake_test.go b/staging/src/k8s.io/client-go/testing/fake_test.go new file mode 100644 index 00000000000..b335e700a20 --- /dev/null +++ b/staging/src/k8s.io/client-go/testing/fake_test.go @@ -0,0 +1,166 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package testing + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "k8s.io/apimachinery/pkg/api/meta" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +func TestOriginalObjectCaptured(t *testing.T) { + // this ReactionFunc sets the resources ClusterName + const testClusterName = "some-value" + reactors := []ReactionFunc{ + func(action Action) (bool, runtime.Object, error) { + createAction := action.(CreateActionImpl) + accessor, err := meta.Accessor(createAction.Object) + if err != nil { + return false, nil, err + } + + // set any field on the resource + accessor.SetClusterName(testClusterName) + + return true, createAction.Object, nil + }, + } + + // create a new Fake with the test reactors + f := &Fake{} + for _, r := range reactors { + f.AddReactor("", "", r) + } + + // construct a test resource + testResource := schema.GroupVersionResource{Group: "", Version: "test_version", Resource: "test_kind"} + testObj := getArbitraryResource(testResource, "test_name", "test_namespace") + + // create a fake CreateAction + action := CreateActionImpl{ + Object: testObj, + } + + // execute the reaction chain + ret, err := f.Invokes(action, nil) + assert.NoError(t, err, "running Invokes failed") + + // obtain a metadata accessor for the returned resource + accessor, err := meta.Accessor(ret) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // validate that the returned resource was modified by the ReactionFunc + if accessor.GetClusterName() != testClusterName { + t.Errorf("expected resource returned by Invokes to be modified by the ReactionFunc") + } + // verify one action was performed + if len(f.actions) != 1 { + t.Errorf("expected 1 action to be executed") + t.FailNow() + } + // check to ensure the recorded action has not been modified by the chain + createAction := f.actions[0].(CreateActionImpl) + accessor, err = meta.Accessor(createAction.Object) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if accessor.GetClusterName() != "" { + t.Errorf("expected Action recorded to not be modified by ReactionFunc but it was") + } +} + +func TestReactorChangesPersisted(t *testing.T) { + // this ReactionFunc sets the resources ClusterName + const testClusterName = "some-value" + reactors := []ReactionFunc{ + func(action Action) (bool, runtime.Object, error) { + createAction := action.(CreateActionImpl) + accessor, err := meta.Accessor(createAction.Object) + if err != nil { + return false, nil, err + } + + // set any field on the resource + accessor.SetClusterName(testClusterName) + + return false, createAction.Object, nil + }, + func(action Action) (bool, runtime.Object, error) { + createAction := action.(CreateActionImpl) + accessor, err := meta.Accessor(createAction.Object) + if err != nil { + return false, nil, err + } + + // ensure the clusterName is set to testClusterName already + if accessor.GetClusterName() != testClusterName { + t.Errorf("expected resource passed to second reactor to be modified by first reactor") + } + + return true, createAction.Object, nil + }, + } + + // create a new Fake with the test reactors + f := &Fake{} + for _, r := range reactors { + f.AddReactor("", "", r) + } + + // construct a test resource + testResource := schema.GroupVersionResource{Group: "", Version: "test_version", Resource: "test_kind"} + testObj := getArbitraryResource(testResource, "test_name", "test_namespace") + + // create a fake CreateAction + action := CreateActionImpl{ + Object: testObj, + } + + // execute the reaction chain + ret, err := f.Invokes(action, nil) + assert.NoError(t, err, "running Invokes failed") + + // obtain a metadata accessor for the returned resource + accessor, err := meta.Accessor(ret) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + // validate that the returned resource was modified by the ReactionFunc + if accessor.GetClusterName() != testClusterName { + t.Errorf("expected resource returned by Invokes to be modified by the ReactionFunc") + } + // verify one action was performed + if len(f.actions) != 1 { + t.Errorf("expected 1 action to be executed") + t.FailNow() + } + // check to ensure the recorded action has not been modified by the chain + createAction := f.actions[0].(CreateActionImpl) + accessor, err = meta.Accessor(createAction.Object) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if accessor.GetClusterName() != "" { + t.Errorf("expected Action recorded to not be modified by ReactionFunc but it was") + } +} diff --git a/staging/src/k8s.io/client-go/tools/auth/OWNERS b/staging/src/k8s.io/client-go/tools/auth/OWNERS index c607d2aa8c5..3e05d309be5 100644 --- a/staging/src/k8s.io/client-go/tools/auth/OWNERS +++ b/staging/src/k8s.io/client-go/tools/auth/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-authenticators-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/tools/cache/OWNERS b/staging/src/k8s.io/client-go/tools/cache/OWNERS old mode 100755 new mode 100644 index 917ca8afe46..a8cd4b432bf --- a/staging/src/k8s.io/client-go/tools/cache/OWNERS +++ b/staging/src/k8s.io/client-go/tools/cache/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - thockin - lavalamp diff --git a/staging/src/k8s.io/client-go/tools/cache/expiration_cache.go b/staging/src/k8s.io/client-go/tools/cache/expiration_cache.go index b38fe70b956..68d41c8eced 100644 --- a/staging/src/k8s.io/client-go/tools/cache/expiration_cache.go +++ b/staging/src/k8s.io/client-go/tools/cache/expiration_cache.go @@ -144,13 +144,13 @@ func (c *ExpirationCache) ListKeys() []string { // Add timestamps an item and inserts it into the cache, overwriting entries // that might exist under the same key. func (c *ExpirationCache) Add(obj interface{}) error { - c.expirationLock.Lock() - defer c.expirationLock.Unlock() - key, err := c.keyFunc(obj) if err != nil { return KeyError{obj, err} } + c.expirationLock.Lock() + defer c.expirationLock.Unlock() + c.cacheStorage.Add(key, ×tampedEntry{obj, c.clock.Now()}) return nil } @@ -163,12 +163,12 @@ func (c *ExpirationCache) Update(obj interface{}) error { // Delete removes an item from the cache. func (c *ExpirationCache) Delete(obj interface{}) error { - c.expirationLock.Lock() - defer c.expirationLock.Unlock() key, err := c.keyFunc(obj) if err != nil { return KeyError{obj, err} } + c.expirationLock.Lock() + defer c.expirationLock.Unlock() c.cacheStorage.Delete(key) return nil } @@ -177,8 +177,6 @@ func (c *ExpirationCache) Delete(obj interface{}) error { // before attempting the replace operation. The replace operation will // delete the contents of the ExpirationCache `c`. func (c *ExpirationCache) Replace(list []interface{}, resourceVersion string) error { - c.expirationLock.Lock() - defer c.expirationLock.Unlock() items := make(map[string]interface{}, len(list)) ts := c.clock.Now() for _, item := range list { @@ -188,6 +186,8 @@ func (c *ExpirationCache) Replace(list []interface{}, resourceVersion string) er } items[key] = ×tampedEntry{item, ts} } + c.expirationLock.Lock() + defer c.expirationLock.Unlock() c.cacheStorage.Replace(items, resourceVersion) return nil } diff --git a/staging/src/k8s.io/client-go/tools/leaderelection/OWNERS b/staging/src/k8s.io/client-go/tools/leaderelection/OWNERS index d9516f8a81c..03ec598b326 100644 --- a/staging/src/k8s.io/client-go/tools/leaderelection/OWNERS +++ b/staging/src/k8s.io/client-go/tools/leaderelection/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - mikedanese - timothysc diff --git a/staging/src/k8s.io/client-go/tools/metrics/OWNERS b/staging/src/k8s.io/client-go/tools/metrics/OWNERS old mode 100755 new mode 100644 index ff517980719..f150be53699 --- a/staging/src/k8s.io/client-go/tools/metrics/OWNERS +++ b/staging/src/k8s.io/client-go/tools/metrics/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - wojtek-t - eparis diff --git a/staging/src/k8s.io/client-go/tools/portforward/portforward.go b/staging/src/k8s.io/client-go/tools/portforward/portforward.go index 0e9b369a983..357680ede04 100644 --- a/staging/src/k8s.io/client-go/tools/portforward/portforward.go +++ b/staging/src/k8s.io/client-go/tools/portforward/portforward.go @@ -23,6 +23,7 @@ import ( "io/ioutil" "net" "net/http" + "sort" "strconv" "strings" "sync" @@ -122,10 +123,14 @@ func parseAddresses(addressesToParse []string) ([]listenAddress, error) { parsed := make(map[string]listenAddress) for _, address := range addressesToParse { if address == "localhost" { - ip := listenAddress{address: "127.0.0.1", protocol: "tcp4", failureMode: "all"} - parsed[ip.address] = ip - ip = listenAddress{address: "::1", protocol: "tcp6", failureMode: "all"} - parsed[ip.address] = ip + if _, exists := parsed["127.0.0.1"]; !exists { + ip := listenAddress{address: "127.0.0.1", protocol: "tcp4", failureMode: "all"} + parsed[ip.address] = ip + } + if _, exists := parsed["::1"]; !exists { + ip := listenAddress{address: "::1", protocol: "tcp6", failureMode: "all"} + parsed[ip.address] = ip + } } else if net.ParseIP(address).To4() != nil { parsed[address] = listenAddress{address: address, protocol: "tcp4", failureMode: "any"} } else if net.ParseIP(address) != nil { @@ -140,6 +145,9 @@ func parseAddresses(addressesToParse []string) ([]listenAddress, error) { addresses[id] = v id++ } + // Sort addresses before returning to get a stable order + sort.Slice(addresses, func(i, j int) bool { return addresses[i].address < addresses[j].address }) + return addresses, nil } diff --git a/staging/src/k8s.io/client-go/tools/portforward/portforward_test.go b/staging/src/k8s.io/client-go/tools/portforward/portforward_test.go index ff2401e76bf..dd8d4fd5e5b 100644 --- a/staging/src/k8s.io/client-go/tools/portforward/portforward_test.go +++ b/staging/src/k8s.io/client-go/tools/portforward/portforward_test.go @@ -83,6 +83,62 @@ func TestParsePortsAndNew(t *testing.T) { {protocol: "tcp6", address: "::1", failureMode: "all"}, }, }, + { + input: []string{"5000:5000"}, + addresses: []string{"localhost", "::1"}, + expectedPorts: []ForwardedPort{ + {5000, 5000}, + }, + expectedAddresses: []listenAddress{ + {protocol: "tcp4", address: "127.0.0.1", failureMode: "all"}, + {protocol: "tcp6", address: "::1", failureMode: "any"}, + }, + }, + { + input: []string{"5000:5000"}, + addresses: []string{"localhost", "127.0.0.1", "::1"}, + expectedPorts: []ForwardedPort{ + {5000, 5000}, + }, + expectedAddresses: []listenAddress{ + {protocol: "tcp4", address: "127.0.0.1", failureMode: "any"}, + {protocol: "tcp6", address: "::1", failureMode: "any"}, + }, + }, + { + input: []string{"5000:5000"}, + addresses: []string{"localhost", "127.0.0.1", "10.10.10.1"}, + expectedPorts: []ForwardedPort{ + {5000, 5000}, + }, + expectedAddresses: []listenAddress{ + {protocol: "tcp4", address: "127.0.0.1", failureMode: "any"}, + {protocol: "tcp6", address: "::1", failureMode: "all"}, + {protocol: "tcp4", address: "10.10.10.1", failureMode: "any"}, + }, + }, + { + input: []string{"5000:5000"}, + addresses: []string{"127.0.0.1", "::1", "localhost"}, + expectedPorts: []ForwardedPort{ + {5000, 5000}, + }, + expectedAddresses: []listenAddress{ + {protocol: "tcp4", address: "127.0.0.1", failureMode: "any"}, + {protocol: "tcp6", address: "::1", failureMode: "any"}, + }, + }, + { + input: []string{"5000:5000"}, + addresses: []string{"10.0.0.1", "127.0.0.1"}, + expectedPorts: []ForwardedPort{ + {5000, 5000}, + }, + expectedAddresses: []listenAddress{ + {protocol: "tcp4", address: "10.0.0.1", failureMode: "any"}, + {protocol: "tcp4", address: "127.0.0.1", failureMode: "any"}, + }, + }, { input: []string{"5000", "5000:5000", "8888:5000", "5000:8888", ":5000", "0:5000"}, addresses: []string{"127.0.0.1", "::1"}, diff --git a/staging/src/k8s.io/client-go/tools/record/OWNERS b/staging/src/k8s.io/client-go/tools/record/OWNERS old mode 100755 new mode 100644 index 4dd54bbce98..6ce73bb5cd3 --- a/staging/src/k8s.io/client-go/tools/record/OWNERS +++ b/staging/src/k8s.io/client-go/tools/record/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - lavalamp - smarterclayton diff --git a/staging/src/k8s.io/client-go/transport/OWNERS b/staging/src/k8s.io/client-go/transport/OWNERS old mode 100755 new mode 100644 index bf0ba5b9f95..a52176903c0 --- a/staging/src/k8s.io/client-go/transport/OWNERS +++ b/staging/src/k8s.io/client-go/transport/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - smarterclayton - wojtek-t diff --git a/staging/src/k8s.io/client-go/util/cert/OWNERS b/staging/src/k8s.io/client-go/util/cert/OWNERS index 470b7a1c92d..3cf03643835 100644 --- a/staging/src/k8s.io/client-go/util/cert/OWNERS +++ b/staging/src/k8s.io/client-go/util/cert/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-certificates-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/util/certificate/BUILD b/staging/src/k8s.io/client-go/util/certificate/BUILD index b86acbd42cf..3d16014c004 100644 --- a/staging/src/k8s.io/client-go/util/certificate/BUILD +++ b/staging/src/k8s.io/client-go/util/certificate/BUILD @@ -20,7 +20,6 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/certificates/v1beta1:go_default_library", ], diff --git a/staging/src/k8s.io/client-go/util/certificate/OWNERS b/staging/src/k8s.io/client-go/util/certificate/OWNERS index 470b7a1c92d..3cf03643835 100644 --- a/staging/src/k8s.io/client-go/util/certificate/OWNERS +++ b/staging/src/k8s.io/client-go/util/certificate/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-auth-certificates-approvers reviewers: diff --git a/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go b/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go index 4aa9f3ab4a7..2610fac4a88 100644 --- a/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go +++ b/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go @@ -40,9 +40,9 @@ import ( "k8s.io/client-go/util/certificate/csr" ) -// certificateWaitBackoff controls the amount and timing of retries when the -// watch for certificate approval is interrupted. -var certificateWaitBackoff = wait.Backoff{Duration: 30 * time.Second, Steps: 4, Factor: 1.5, Jitter: 0.1} +// certificateWaitTimeout controls the amount of time we wait for certificate +// approval in one iteration. +var certificateWaitTimeout = 15 * time.Minute // Manager maintains and updates the certificates in use by this certificate // manager. In the background it communicates with the API server to get new @@ -388,29 +388,10 @@ func (m *manager) rotateCerts() (bool, error) { // Once we've successfully submitted a CSR for this template, record that we did so m.setLastRequest(template) - // Wait for the certificate to be signed. Instead of one long watch, we retry with slightly longer - // intervals each time in order to tolerate failures from the server AND to preserve the liveliness - // of the cert manager loop. This creates slightly more traffic against the API server in return - // for bounding the amount of time we wait when a certificate expires. - var crtPEM []byte - watchDuration := time.Minute - if err := wait.ExponentialBackoff(certificateWaitBackoff, func() (bool, error) { - data, err := csr.WaitForCertificate(client, req, watchDuration) - switch { - case err == nil: - crtPEM = data - return true, nil - case err == wait.ErrWaitTimeout: - watchDuration += time.Minute - if watchDuration > 5*time.Minute { - watchDuration = 5 * time.Minute - } - return false, nil - default: - utilruntime.HandleError(fmt.Errorf("Unable to check certificate signing status: %v", err)) - return false, m.updateServerError(err) - } - }); err != nil { + // Wait for the certificate to be signed. This interface and internal timout + // is a remainder after the old design using raw watch wrapped with backoff. + crtPEM, err := csr.WaitForCertificate(client, req, certificateWaitTimeout) + if err != nil { utilruntime.HandleError(fmt.Errorf("Certificate request was not signed: %v", err)) return false, nil } diff --git a/staging/src/k8s.io/client-go/util/certificate/certificate_manager_test.go b/staging/src/k8s.io/client-go/util/certificate/certificate_manager_test.go index 3ca7f767a01..81f59b33eb8 100644 --- a/staging/src/k8s.io/client-go/util/certificate/certificate_manager_test.go +++ b/staging/src/k8s.io/client-go/util/certificate/certificate_manager_test.go @@ -31,7 +31,6 @@ import ( "k8s.io/apimachinery/pkg/api/errors" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apimachinery/pkg/util/wait" watch "k8s.io/apimachinery/pkg/watch" certificatesclient "k8s.io/client-go/kubernetes/typed/certificates/v1beta1" ) @@ -433,7 +432,8 @@ func TestRotateCertWaitingForResultError(t *testing.T) { }, } - certificateWaitBackoff = wait.Backoff{Steps: 1} + defer func(t time.Duration) { certificateWaitTimeout = t }(certificateWaitTimeout) + certificateWaitTimeout = 1 * time.Millisecond if success, err := m.rotateCerts(); success { t.Errorf("Got success from 'rotateCerts', wanted failure.") } else if err != nil { @@ -880,15 +880,6 @@ func TestServerHealth(t *testing.T) { expectRotateFail: true, expectHealthy: true, }, - { - description: "Conflict error on watch", - certs: currentCerts, - - failureType: watchError, - clientErr: errors.NewGenericServerResponse(409, "POST", schema.GroupResource{}, "", "", 0, false), - expectRotateFail: true, - expectHealthy: false, - }, } for _, tc := range testCases { diff --git a/staging/src/k8s.io/client-go/util/certificate/csr/csr.go b/staging/src/k8s.io/client-go/util/certificate/csr/csr.go index 6338eef9331..1c8d0eb89c7 100644 --- a/staging/src/k8s.io/client-go/util/certificate/csr/csr.go +++ b/staging/src/k8s.io/client-go/util/certificate/csr/csr.go @@ -17,6 +17,7 @@ limitations under the License. package csr import ( + "context" "crypto" "crypto/x509" "encoding/pem" @@ -83,19 +84,23 @@ func RequestCertificate(client certificatesclient.CertificateSigningRequestInter // WaitForCertificate waits for a certificate to be issued until timeout, or returns an error. func WaitForCertificate(client certificatesclient.CertificateSigningRequestInterface, req *certificates.CertificateSigningRequest, timeout time.Duration) (certData []byte, err error) { fieldSelector := fields.OneTermEqualSelector("metadata.name", req.Name).String() - - event, err := watchtools.ListWatchUntil( - timeout, - &cache.ListWatch{ - ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { - options.FieldSelector = fieldSelector - return client.List(options) - }, - WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { - options.FieldSelector = fieldSelector - return client.Watch(options) - }, + lw := &cache.ListWatch{ + ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { + options.FieldSelector = fieldSelector + return client.List(options) }, + WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { + options.FieldSelector = fieldSelector + return client.Watch(options) + }, + } + ctx, cancel := watchtools.ContextWithOptionalTimeout(context.Background(), timeout) + defer cancel() + event, err := watchtools.UntilWithSync( + ctx, + lw, + &certificates.CertificateSigningRequest{}, + nil, func(event watch.Event) (bool, error) { switch event.Type { case watch.Modified, watch.Added: diff --git a/staging/src/k8s.io/client-go/util/retry/OWNERS b/staging/src/k8s.io/client-go/util/retry/OWNERS old mode 100755 new mode 100644 index a4c1c2d4f8c..dec3e88d631 --- a/staging/src/k8s.io/client-go/util/retry/OWNERS +++ b/staging/src/k8s.io/client-go/util/retry/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - caesarxuchao diff --git a/staging/src/k8s.io/cloud-provider/BUILD b/staging/src/k8s.io/cloud-provider/BUILD index 7a5b27310b0..15b27865955 100644 --- a/staging/src/k8s.io/cloud-provider/BUILD +++ b/staging/src/k8s.io/cloud-provider/BUILD @@ -38,6 +38,7 @@ filegroup( "//staging/src/k8s.io/cloud-provider/features:all-srcs", "//staging/src/k8s.io/cloud-provider/node:all-srcs", "//staging/src/k8s.io/cloud-provider/service/helpers:all-srcs", + "//staging/src/k8s.io/cloud-provider/volume:all-srcs", ], tags = ["automanaged"], ) diff --git a/staging/src/k8s.io/cloud-provider/CONTRIBUTING.md b/staging/src/k8s.io/cloud-provider/CONTRIBUTING.md index 7d70c78eb48..fe4643fdb94 100644 --- a/staging/src/k8s.io/cloud-provider/CONTRIBUTING.md +++ b/staging/src/k8s.io/cloud-provider/CONTRIBUTING.md @@ -6,4 +6,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/cloud-provider](https://git.k8s.io/kubernetes/staging/src/k8s.io/cloud-provider) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json b/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json index bdf16ca909d..30d9990e932 100644 --- a/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json +++ b/staging/src/k8s.io/cloud-provider/Godeps/Godeps.json @@ -38,10 +38,6 @@ "ImportPath": "github.com/golang/protobuf/ptypes/timestamp", "Rev": "b4deda0973fb4c70b50d226b1af49f3da59f5265" }, - { - "ImportPath": "github.com/google/btree", - "Rev": "7d79101e329e5a3adf994758c578dab82b90c017" - }, { "ImportPath": "github.com/google/gofuzz", "Rev": "24818f796faf91cd76ec7bddd72458fbced7a6c1" @@ -58,21 +54,13 @@ "ImportPath": "github.com/googleapis/gnostic/extensions", "Rev": "0c5108395e2debce0d731cf0287ddf7242066aba" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/json-iterator/go", @@ -86,10 +74,6 @@ "ImportPath": "github.com/modern-go/reflect2", "Rev": "94122c33edd36123c84d5368cfb2b69df93a0ec8" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "github.com/spf13/pflag", "Rev": "583c0c0531f06d5278b7d917446061adc344b5cd" @@ -250,6 +234,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -594,6 +582,10 @@ "ImportPath": "k8s.io/client-go/informers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/policy", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -750,6 +742,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -862,6 +858,10 @@ "ImportPath": "k8s.io/client-go/listers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -976,7 +976,7 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/buffer", @@ -994,26 +994,6 @@ "ImportPath": "k8s.io/utils/trace", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, { "ImportPath": "sigs.k8s.io/yaml", "Rev": "fd68e9863619f6ec2fdd8625fe1f02e7c877e480" diff --git a/staging/src/k8s.io/cloud-provider/Godeps/OWNERS b/staging/src/k8s.io/cloud-provider/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/cloud-provider/Godeps/OWNERS +++ b/staging/src/k8s.io/cloud-provider/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/cloud-provider/OWNERS b/staging/src/k8s.io/cloud-provider/OWNERS index 7e9b0f91c11..331a4b58654 100644 --- a/staging/src/k8s.io/cloud-provider/OWNERS +++ b/staging/src/k8s.io/cloud-provider/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - mikedanese - dims diff --git a/staging/src/k8s.io/cloud-provider/volume/BUILD b/staging/src/k8s.io/cloud-provider/volume/BUILD new file mode 100644 index 00000000000..7e447e59b08 --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/BUILD @@ -0,0 +1,27 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["constants.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cloud-provider/volume", + importpath = "k8s.io/cloud-provider/volume", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/cloud-provider/volume/errors:all-srcs", + "//staging/src/k8s.io/cloud-provider/volume/helpers:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cloud-provider/volume/constants.go b/staging/src/k8s.io/cloud-provider/volume/constants.go new file mode 100644 index 00000000000..d05f64ae25d --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/constants.go @@ -0,0 +1,26 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package volume + +const ( + // ProvisionedVolumeName is the name of a volume in an external cloud + // that is being provisioned and thus should be ignored by rest of Kubernetes. + ProvisionedVolumeName = "placeholder-for-provisioning" + + // LabelMultiZoneDelimiter separates zones for volumes + LabelMultiZoneDelimiter = "__" +) diff --git a/staging/src/k8s.io/cloud-provider/volume/errors/BUILD b/staging/src/k8s.io/cloud-provider/volume/errors/BUILD new file mode 100644 index 00000000000..30deba0b0d8 --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/errors/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["errors.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cloud-provider/volume/errors", + importpath = "k8s.io/cloud-provider/volume/errors", + visibility = ["//visibility:public"], + deps = ["//staging/src/k8s.io/apimachinery/pkg/types:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/pkg/volume/util/error.go b/staging/src/k8s.io/cloud-provider/volume/errors/errors.go similarity index 65% rename from pkg/volume/util/error.go rename to staging/src/k8s.io/cloud-provider/volume/errors/errors.go index a52a1b65ce2..5202b4eb310 100644 --- a/pkg/volume/util/error.go +++ b/staging/src/k8s.io/cloud-provider/volume/errors/errors.go @@ -14,12 +14,37 @@ See the License for the specific language governing permissions and limitations under the License. */ -package util +package errors import ( k8stypes "k8s.io/apimachinery/pkg/types" ) +// NewDeletedVolumeInUseError returns a new instance of DeletedVolumeInUseError +// error. +func NewDeletedVolumeInUseError(message string) error { + return deletedVolumeInUseError(message) +} + +type deletedVolumeInUseError string + +var _ error = deletedVolumeInUseError("") + +// IsDeletedVolumeInUse returns true if an error returned from Delete() is +// deletedVolumeInUseError +func IsDeletedVolumeInUse(err error) bool { + switch err.(type) { + case deletedVolumeInUseError: + return true + default: + return false + } +} + +func (err deletedVolumeInUseError) Error() string { + return string(err) +} + // DanglingAttachError indicates volume is attached to a different node // than we expected. type DanglingAttachError struct { diff --git a/staging/src/k8s.io/cloud-provider/volume/helpers/BUILD b/staging/src/k8s.io/cloud-provider/volume/helpers/BUILD new file mode 100644 index 00000000000..03d159ae07b --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/helpers/BUILD @@ -0,0 +1,47 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "rounding.go", + "zones.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/cloud-provider/volume/helpers", + importpath = "k8s.io/cloud-provider/volume/helpers", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//vendor/k8s.io/klog:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = [ + "rounding_test.go", + "zones_test.go", + ], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/api/core/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/cloud-provider/volume/helpers/rounding.go b/staging/src/k8s.io/cloud-provider/volume/helpers/rounding.go new file mode 100644 index 00000000000..a4ccaa03480 --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/helpers/rounding.go @@ -0,0 +1,143 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package helpers + +import ( + "fmt" + + "k8s.io/apimachinery/pkg/api/resource" +) + +const ( + // GB - GigaByte size + GB = 1000 * 1000 * 1000 + // GiB - GibiByte size + GiB = 1024 * 1024 * 1024 + + // MB - MegaByte size + MB = 1000 * 1000 + // MiB - MebiByte size + MiB = 1024 * 1024 + + // KB - KiloByte size + KB = 1000 + // KiB - KibiByte size + KiB = 1024 +) + +// RoundUpToGB rounds up given quantity to chunks of GB +func RoundUpToGB(size resource.Quantity) int64 { + requestBytes := size.Value() + return roundUpSize(requestBytes, GB) +} + +// RoundUpToGiB rounds up given quantity upto chunks of GiB +func RoundUpToGiB(size resource.Quantity) int64 { + requestBytes := size.Value() + return roundUpSize(requestBytes, GiB) +} + +// RoundUpToMB rounds up given quantity to chunks of MB +func RoundUpToMB(size resource.Quantity) int64 { + requestBytes := size.Value() + return roundUpSize(requestBytes, MB) +} + +// RoundUpToMiB rounds up given quantity upto chunks of MiB +func RoundUpToMiB(size resource.Quantity) int64 { + requestBytes := size.Value() + return roundUpSize(requestBytes, MiB) +} + +// RoundUpToKB rounds up given quantity to chunks of KB +func RoundUpToKB(size resource.Quantity) int64 { + requestBytes := size.Value() + return roundUpSize(requestBytes, KB) +} + +// RoundUpToKiB rounds up given quantity upto chunks of KiB +func RoundUpToKiB(size resource.Quantity) int64 { + requestBytes := size.Value() + return roundUpSize(requestBytes, KiB) +} + +// RoundUpToGBInt rounds up given quantity to chunks of GB. It returns an +// int instead of an int64 and an error if there's overflow +func RoundUpToGBInt(size resource.Quantity) (int, error) { + requestBytes := size.Value() + return roundUpSizeInt(requestBytes, GB) +} + +// RoundUpToGiBInt rounds up given quantity upto chunks of GiB. It returns an +// int instead of an int64 and an error if there's overflow +func RoundUpToGiBInt(size resource.Quantity) (int, error) { + requestBytes := size.Value() + return roundUpSizeInt(requestBytes, GiB) +} + +// RoundUpToMBInt rounds up given quantity to chunks of MB. It returns an +// int instead of an int64 and an error if there's overflow +func RoundUpToMBInt(size resource.Quantity) (int, error) { + requestBytes := size.Value() + return roundUpSizeInt(requestBytes, MB) +} + +// RoundUpToMiBInt rounds up given quantity upto chunks of MiB. It returns an +// int instead of an int64 and an error if there's overflow +func RoundUpToMiBInt(size resource.Quantity) (int, error) { + requestBytes := size.Value() + return roundUpSizeInt(requestBytes, MiB) +} + +// RoundUpToKBInt rounds up given quantity to chunks of KB. It returns an +// int instead of an int64 and an error if there's overflow +func RoundUpToKBInt(size resource.Quantity) (int, error) { + requestBytes := size.Value() + return roundUpSizeInt(requestBytes, KB) +} + +// RoundUpToKiBInt rounds up given quantity upto chunks of KiB. It returns an +// int instead of an int64 and an error if there's overflow +func RoundUpToKiBInt(size resource.Quantity) (int, error) { + requestBytes := size.Value() + return roundUpSizeInt(requestBytes, KiB) +} + +// roundUpSizeInt calculates how many allocation units are needed to accommodate +// a volume of given size. It returns an int instead of an int64 and an error if +// there's overflow +func roundUpSizeInt(volumeSizeBytes int64, allocationUnitBytes int64) (int, error) { + roundedUp := roundUpSize(volumeSizeBytes, allocationUnitBytes) + roundedUpInt := int(roundedUp) + if int64(roundedUpInt) != roundedUp { + return 0, fmt.Errorf("capacity %v is too great, casting results in integer overflow", roundedUp) + } + return roundedUpInt, nil +} + +// roundUpSize calculates how many allocation units are needed to accommodate +// a volume of given size. E.g. when user wants 1500MiB volume, while AWS EBS +// allocates volumes in gibibyte-sized chunks, +// RoundUpSize(1500 * 1024*1024, 1024*1024*1024) returns '2' +// (2 GiB is the smallest allocatable volume that can hold 1500MiB) +func roundUpSize(volumeSizeBytes int64, allocationUnitBytes int64) int64 { + roundedUp := volumeSizeBytes / allocationUnitBytes + if volumeSizeBytes%allocationUnitBytes > 0 { + roundedUp++ + } + return roundedUp +} diff --git a/staging/src/k8s.io/cloud-provider/volume/helpers/rounding_test.go b/staging/src/k8s.io/cloud-provider/volume/helpers/rounding_test.go new file mode 100644 index 00000000000..6b2fa12b1b7 --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/helpers/rounding_test.go @@ -0,0 +1,323 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package helpers + +import ( + "testing" + + "k8s.io/apimachinery/pkg/api/resource" +) + +func Test_RoundUpToGB(t *testing.T) { + testcases := []struct { + name string + resource resource.Quantity + roundedVal int64 + }{ + { + name: "round Ki to GB", + resource: resource.MustParse("1000Ki"), + roundedVal: int64(1), + }, + { + name: "round k to GB", + resource: resource.MustParse("1000k"), + roundedVal: int64(1), + }, + { + name: "round Mi to GB", + resource: resource.MustParse("1000Mi"), + roundedVal: int64(2), + }, + { + name: "round M to GB", + resource: resource.MustParse("1000M"), + roundedVal: int64(1), + }, + { + name: "round G to GB", + resource: resource.MustParse("1000G"), + roundedVal: int64(1000), + }, + { + name: "round Gi to GB", + resource: resource.MustParse("1000Gi"), + roundedVal: int64(1074), + }, + } + + for _, test := range testcases { + t.Run(test.name, func(t *testing.T) { + val := RoundUpToGB(test.resource) + if val != test.roundedVal { + t.Logf("actual rounded value: %d", val) + t.Logf("expected rounded value: %d", test.roundedVal) + t.Error("unexpected rounded value") + } + }) + } +} + +func Test_RoundUpToGiB(t *testing.T) { + testcases := []struct { + name string + resource resource.Quantity + roundedVal int64 + }{ + { + name: "round Ki to GiB", + resource: resource.MustParse("1000Ki"), + roundedVal: int64(1), + }, + { + name: "round k to GiB", + resource: resource.MustParse("1000k"), + roundedVal: int64(1), + }, + { + name: "round Mi to GiB", + resource: resource.MustParse("1000Mi"), + roundedVal: int64(1), + }, + { + name: "round M to GiB", + resource: resource.MustParse("1000M"), + roundedVal: int64(1), + }, + { + name: "round G to GiB", + resource: resource.MustParse("1000G"), + roundedVal: int64(932), + }, + { + name: "round Gi to GiB", + resource: resource.MustParse("1000Gi"), + roundedVal: int64(1000), + }, + } + + for _, test := range testcases { + t.Run(test.name, func(t *testing.T) { + val := RoundUpToGiB(test.resource) + if val != test.roundedVal { + t.Logf("actual rounded value: %d", val) + t.Logf("expected rounded value: %d", test.roundedVal) + t.Error("unexpected rounded value") + } + }) + } +} + +func Test_RoundUpToMB(t *testing.T) { + testcases := []struct { + name string + resource resource.Quantity + roundedVal int64 + }{ + { + name: "round Ki to MB", + resource: resource.MustParse("1000Ki"), + roundedVal: int64(2), + }, + { + name: "round k to MB", + resource: resource.MustParse("1000k"), + roundedVal: int64(1), + }, + { + name: "round Mi to MB", + resource: resource.MustParse("1000Mi"), + roundedVal: int64(1049), + }, + { + name: "round M to MB", + resource: resource.MustParse("1000M"), + roundedVal: int64(1000), + }, + { + name: "round G to MB", + resource: resource.MustParse("1000G"), + roundedVal: int64(1000000), + }, + { + name: "round Gi to MB", + resource: resource.MustParse("1000Gi"), + roundedVal: int64(1073742), + }, + } + + for _, test := range testcases { + t.Run(test.name, func(t *testing.T) { + val := RoundUpToMB(test.resource) + if val != test.roundedVal { + t.Logf("actual rounded value: %d", val) + t.Logf("expected rounded value: %d", test.roundedVal) + t.Error("unexpected rounded value") + } + }) + } +} + +func Test_RoundUpToMiB(t *testing.T) { + testcases := []struct { + name string + resource resource.Quantity + roundedVal int64 + }{ + { + name: "round Ki to MiB", + resource: resource.MustParse("1000Ki"), + roundedVal: int64(1), + }, + { + name: "round k to MiB", + resource: resource.MustParse("1000k"), + roundedVal: int64(1), + }, + { + name: "round Mi to MiB", + resource: resource.MustParse("1000Mi"), + roundedVal: int64(1000), + }, + { + name: "round M to MiB", + resource: resource.MustParse("1000M"), + roundedVal: int64(954), + }, + { + name: "round G to MiB", + resource: resource.MustParse("1000G"), + roundedVal: int64(953675), + }, + { + name: "round Gi to MiB", + resource: resource.MustParse("1000Gi"), + roundedVal: int64(1024000), + }, + } + + for _, test := range testcases { + t.Run(test.name, func(t *testing.T) { + val := RoundUpToMiB(test.resource) + if val != test.roundedVal { + t.Logf("actual rounded value: %d", val) + t.Logf("expected rounded value: %d", test.roundedVal) + t.Error("unexpected rounded value") + } + }) + } +} + +func Test_RoundUpToKB(t *testing.T) { + testcases := []struct { + name string + resource resource.Quantity + roundedVal int64 + }{ + { + name: "round Ki to KB", + resource: resource.MustParse("1000Ki"), + roundedVal: int64(1024), + }, + { + name: "round k to KB", + resource: resource.MustParse("1000k"), + roundedVal: int64(1000), + }, + { + name: "round Mi to KB", + resource: resource.MustParse("1000Mi"), + roundedVal: int64(1048576), + }, + { + name: "round M to KB", + resource: resource.MustParse("1000M"), + roundedVal: int64(1000000), + }, + { + name: "round G to KB", + resource: resource.MustParse("1000G"), + roundedVal: int64(1000000000), + }, + { + name: "round Gi to KB", + resource: resource.MustParse("1000Gi"), + roundedVal: int64(1073741824), + }, + } + + for _, test := range testcases { + t.Run(test.name, func(t *testing.T) { + val := RoundUpToKB(test.resource) + if val != test.roundedVal { + t.Logf("actual rounded value: %d", val) + t.Logf("expected rounded value: %d", test.roundedVal) + t.Error("unexpected rounded value") + } + }) + } +} + +func Test_RoundUpToKiB(t *testing.T) { + testcases := []struct { + name string + resource resource.Quantity + roundedVal int64 + }{ + { + name: "round Ki to KiB", + resource: resource.MustParse("1000Ki"), + roundedVal: int64(1000), + }, + { + name: "round k to KiB", + resource: resource.MustParse("1000k"), + roundedVal: int64(977), + }, + { + name: "round Mi to KiB", + resource: resource.MustParse("1000Mi"), + roundedVal: int64(1024000), + }, + { + name: "round M to KiB", + resource: resource.MustParse("1000M"), + roundedVal: int64(976563), + }, + { + name: "round G to KiB", + resource: resource.MustParse("1000G"), + roundedVal: int64(976562500), + }, + { + name: "round Gi to KiB", + resource: resource.MustParse("1000Gi"), + roundedVal: int64(1048576000), + }, + } + + for _, test := range testcases { + t.Run(test.name, func(t *testing.T) { + val := RoundUpToKiB(test.resource) + if val != test.roundedVal { + t.Logf("actual rounded value: %d", val) + t.Logf("expected rounded value: %d", test.roundedVal) + t.Error("unexpected rounded value") + } + }) + } +} diff --git a/staging/src/k8s.io/cloud-provider/volume/helpers/zones.go b/staging/src/k8s.io/cloud-provider/volume/helpers/zones.go new file mode 100644 index 00000000000..ec9c5d99158 --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/helpers/zones.go @@ -0,0 +1,310 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package helpers + +import ( + "fmt" + "hash/fnv" + "math/rand" + "strconv" + "strings" + + "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/sets" + cloudvolume "k8s.io/cloud-provider/volume" + "k8s.io/klog" +) + +// LabelZonesToSet converts a PV label value from string containing a delimited list of zones to set +func LabelZonesToSet(labelZonesValue string) (sets.String, error) { + return stringToSet(labelZonesValue, cloudvolume.LabelMultiZoneDelimiter) +} + +// ZonesSetToLabelValue converts zones set to label value +func ZonesSetToLabelValue(strSet sets.String) string { + return strings.Join(strSet.UnsortedList(), cloudvolume.LabelMultiZoneDelimiter) +} + +// ZonesToSet converts a string containing a comma separated list of zones to set +func ZonesToSet(zonesString string) (sets.String, error) { + zones, err := stringToSet(zonesString, ",") + if err != nil { + return nil, fmt.Errorf("error parsing zones %s, must be strings separated by commas: %v", zonesString, err) + } + return zones, nil +} + +// StringToSet converts a string containing list separated by specified delimiter to a set +func stringToSet(str, delimiter string) (sets.String, error) { + zonesSlice := strings.Split(str, delimiter) + zonesSet := make(sets.String) + for _, zone := range zonesSlice { + trimmedZone := strings.TrimSpace(zone) + if trimmedZone == "" { + return make(sets.String), fmt.Errorf( + "%q separated list (%q) must not contain an empty string", + delimiter, + str) + } + zonesSet.Insert(trimmedZone) + } + return zonesSet, nil +} + +// LabelZonesToList converts a PV label value from string containing a delimited list of zones to list +func LabelZonesToList(labelZonesValue string) ([]string, error) { + return stringToList(labelZonesValue, cloudvolume.LabelMultiZoneDelimiter) +} + +// StringToList converts a string containing list separated by specified delimiter to a list +func stringToList(str, delimiter string) ([]string, error) { + zonesSlice := make([]string, 0) + for _, zone := range strings.Split(str, delimiter) { + trimmedZone := strings.TrimSpace(zone) + if trimmedZone == "" { + return nil, fmt.Errorf( + "%q separated list (%q) must not contain an empty string", + delimiter, + str) + } + zonesSlice = append(zonesSlice, trimmedZone) + } + return zonesSlice, nil +} + +// SelectZoneForVolume is a wrapper around SelectZonesForVolume +// to select a single zone for a volume based on parameters +func SelectZoneForVolume(zoneParameterPresent, zonesParameterPresent bool, zoneParameter string, zonesParameter, zonesWithNodes sets.String, node *v1.Node, allowedTopologies []v1.TopologySelectorTerm, pvcName string) (string, error) { + zones, err := SelectZonesForVolume(zoneParameterPresent, zonesParameterPresent, zoneParameter, zonesParameter, zonesWithNodes, node, allowedTopologies, pvcName, 1) + if err != nil { + return "", err + } + zone, ok := zones.PopAny() + if !ok { + return "", fmt.Errorf("could not determine a zone to provision volume in") + } + return zone, nil +} + +// SelectZonesForVolume selects zones for a volume based on several factors: +// node.zone, allowedTopologies, zone/zones parameters from storageclass, +// zones with active nodes from the cluster. The number of zones = replicas. +func SelectZonesForVolume(zoneParameterPresent, zonesParameterPresent bool, zoneParameter string, zonesParameter, zonesWithNodes sets.String, node *v1.Node, allowedTopologies []v1.TopologySelectorTerm, pvcName string, numReplicas uint32) (sets.String, error) { + if zoneParameterPresent && zonesParameterPresent { + return nil, fmt.Errorf("both zone and zones StorageClass parameters must not be used at the same time") + } + + var zoneFromNode string + // pick one zone from node if present + if node != nil { + // VolumeScheduling implicit since node is not nil + if zoneParameterPresent || zonesParameterPresent { + return nil, fmt.Errorf("zone[s] cannot be specified in StorageClass if VolumeBindingMode is set to WaitForFirstConsumer. Please specify allowedTopologies in StorageClass for constraining zones") + } + + // pick node's zone for one of the replicas + var ok bool + zoneFromNode, ok = node.ObjectMeta.Labels[v1.LabelZoneFailureDomain] + if !ok { + return nil, fmt.Errorf("%s Label for node missing", v1.LabelZoneFailureDomain) + } + // if single replica volume and node with zone found, return immediately + if numReplicas == 1 { + return sets.NewString(zoneFromNode), nil + } + } + + // pick zone from allowedZones if specified + allowedZones, err := ZonesFromAllowedTopologies(allowedTopologies) + if err != nil { + return nil, err + } + + if (len(allowedTopologies) > 0) && (allowedZones.Len() == 0) { + return nil, fmt.Errorf("no matchLabelExpressions with %s key found in allowedTopologies. Please specify matchLabelExpressions with %s key", v1.LabelZoneFailureDomain, v1.LabelZoneFailureDomain) + } + + if allowedZones.Len() > 0 { + // VolumeScheduling implicit since allowedZones present + if zoneParameterPresent || zonesParameterPresent { + return nil, fmt.Errorf("zone[s] cannot be specified in StorageClass if allowedTopologies specified") + } + // scheduler will guarantee if node != null above, zoneFromNode is member of allowedZones. + // so if zoneFromNode != "", we can safely assume it is part of allowedZones. + zones, err := chooseZonesForVolumeIncludingZone(allowedZones, pvcName, zoneFromNode, numReplicas) + if err != nil { + return nil, fmt.Errorf("cannot process zones in allowedTopologies: %v", err) + } + return zones, nil + } + + // pick zone from parameters if present + if zoneParameterPresent { + if numReplicas > 1 { + return nil, fmt.Errorf("zone cannot be specified if desired number of replicas for pv is greather than 1. Please specify zones or allowedTopologies to specify desired zones") + } + return sets.NewString(zoneParameter), nil + } + + if zonesParameterPresent { + if uint32(zonesParameter.Len()) < numReplicas { + return nil, fmt.Errorf("not enough zones found in zones parameter to provision a volume with %d replicas. Found %d zones, need %d zones", numReplicas, zonesParameter.Len(), numReplicas) + } + // directly choose from zones parameter; no zone from node need to be considered + return ChooseZonesForVolume(zonesParameter, pvcName, numReplicas), nil + } + + // pick zone from zones with nodes + if zonesWithNodes.Len() > 0 { + // If node != null (and thus zoneFromNode != ""), zoneFromNode will be member of zonesWithNodes + zones, err := chooseZonesForVolumeIncludingZone(zonesWithNodes, pvcName, zoneFromNode, numReplicas) + if err != nil { + return nil, fmt.Errorf("cannot process zones where nodes exist in the cluster: %v", err) + } + return zones, nil + } + return nil, fmt.Errorf("cannot determine zones to provision volume in") +} + +// ZonesFromAllowedTopologies returns a list of zones specified in allowedTopologies +func ZonesFromAllowedTopologies(allowedTopologies []v1.TopologySelectorTerm) (sets.String, error) { + zones := make(sets.String) + for _, term := range allowedTopologies { + for _, exp := range term.MatchLabelExpressions { + if exp.Key == v1.LabelZoneFailureDomain { + for _, value := range exp.Values { + zones.Insert(value) + } + } else { + return nil, fmt.Errorf("unsupported key found in matchLabelExpressions: %s", exp.Key) + } + } + } + return zones, nil +} + +// chooseZonesForVolumeIncludingZone is a wrapper around ChooseZonesForVolume that ensures zoneToInclude is chosen +// zoneToInclude can either be empty in which case it is ignored. If non-empty, zoneToInclude is expected to be member of zones. +// numReplicas is expected to be > 0 and <= zones.Len() +func chooseZonesForVolumeIncludingZone(zones sets.String, pvcName, zoneToInclude string, numReplicas uint32) (sets.String, error) { + if numReplicas == 0 { + return nil, fmt.Errorf("invalid number of replicas passed") + } + if uint32(zones.Len()) < numReplicas { + return nil, fmt.Errorf("not enough zones found to provision a volume with %d replicas. Need at least %d distinct zones for a volume with %d replicas", numReplicas, numReplicas, numReplicas) + } + if zoneToInclude != "" && !zones.Has(zoneToInclude) { + return nil, fmt.Errorf("zone to be included: %s needs to be member of set: %v", zoneToInclude, zones) + } + if uint32(zones.Len()) == numReplicas { + return zones, nil + } + if zoneToInclude != "" { + zones.Delete(zoneToInclude) + numReplicas = numReplicas - 1 + } + zonesChosen := ChooseZonesForVolume(zones, pvcName, numReplicas) + if zoneToInclude != "" { + zonesChosen.Insert(zoneToInclude) + } + return zonesChosen, nil +} + +// ChooseZonesForVolume is identical to ChooseZoneForVolume, but selects a multiple zones, for multi-zone disks. +func ChooseZonesForVolume(zones sets.String, pvcName string, numZones uint32) sets.String { + // No zones available, return empty set. + replicaZones := sets.NewString() + if zones.Len() == 0 { + return replicaZones + } + + // We create the volume in a zone determined by the name + // Eventually the scheduler will coordinate placement into an available zone + hash, index := getPVCNameHashAndIndexOffset(pvcName) + + // Zones.List returns zones in a consistent order (sorted) + // We do have a potential failure case where volumes will not be properly spread, + // if the set of zones changes during StatefulSet volume creation. However, this is + // probably relatively unlikely because we expect the set of zones to be essentially + // static for clusters. + // Hopefully we can address this problem if/when we do full scheduler integration of + // PVC placement (which could also e.g. avoid putting volumes in overloaded or + // unhealthy zones) + zoneSlice := zones.List() + + startingIndex := index * numZones + for index = startingIndex; index < startingIndex+numZones; index++ { + zone := zoneSlice[(hash+index)%uint32(len(zoneSlice))] + replicaZones.Insert(zone) + } + + klog.V(2).Infof("Creating volume for replicated PVC %q; chosen zones=%q from zones=%q", + pvcName, replicaZones.UnsortedList(), zoneSlice) + return replicaZones +} + +func getPVCNameHashAndIndexOffset(pvcName string) (hash uint32, index uint32) { + if pvcName == "" { + // We should always be called with a name; this shouldn't happen + klog.Warningf("No name defined during volume create; choosing random zone") + + hash = rand.Uint32() + } else { + hashString := pvcName + + // Heuristic to make sure that volumes in a StatefulSet are spread across zones + // StatefulSet PVCs are (currently) named ClaimName-StatefulSetName-Id, + // where Id is an integer index. + // Note though that if a StatefulSet pod has multiple claims, we need them to be + // in the same zone, because otherwise the pod will be unable to mount both volumes, + // and will be unschedulable. So we hash _only_ the "StatefulSetName" portion when + // it looks like `ClaimName-StatefulSetName-Id`. + // We continue to round-robin volume names that look like `Name-Id` also; this is a useful + // feature for users that are creating statefulset-like functionality without using statefulsets. + lastDash := strings.LastIndexByte(pvcName, '-') + if lastDash != -1 { + statefulsetIDString := pvcName[lastDash+1:] + statefulsetID, err := strconv.ParseUint(statefulsetIDString, 10, 32) + if err == nil { + // Offset by the statefulsetID, so we round-robin across zones + index = uint32(statefulsetID) + // We still hash the volume name, but only the prefix + hashString = pvcName[:lastDash] + + // In the special case where it looks like `ClaimName-StatefulSetName-Id`, + // hash only the StatefulSetName, so that different claims on the same StatefulSet + // member end up in the same zone. + // Note that StatefulSetName (and ClaimName) might themselves both have dashes. + // We actually just take the portion after the final - of ClaimName-StatefulSetName. + // For our purposes it doesn't much matter (just suboptimal spreading). + lastDash := strings.LastIndexByte(hashString, '-') + if lastDash != -1 { + hashString = hashString[lastDash+1:] + } + + klog.V(2).Infof("Detected StatefulSet-style volume name %q; index=%d", pvcName, index) + } + } + + // We hash the (base) volume name, so we don't bias towards the first N zones + h := fnv.New32() + h.Write([]byte(hashString)) + hash = h.Sum32() + } + + return hash, index +} diff --git a/staging/src/k8s.io/cloud-provider/volume/helpers/zones_test.go b/staging/src/k8s.io/cloud-provider/volume/helpers/zones_test.go new file mode 100644 index 00000000000..e7a5e5b32f3 --- /dev/null +++ b/staging/src/k8s.io/cloud-provider/volume/helpers/zones_test.go @@ -0,0 +1,1639 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package helpers + +import ( + "hash/fnv" + "testing" + + "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/sets" +) + +func TestZonesToSet(t *testing.T) { + functionUnderTest := "ZonesToSet" + // First part: want an error + sliceOfZones := []string{"", ",", "us-east-1a, , us-east-1d", ", us-west-1b", "us-west-2b,"} + for _, zones := range sliceOfZones { + if got, err := ZonesToSet(zones); err == nil { + t.Errorf("%v(%v) returned (%v), want (%v)", functionUnderTest, zones, got, "an error") + } + } + + // Second part: want no error + tests := []struct { + zones string + want sets.String + }{ + { + zones: "us-east-1a", + want: sets.String{"us-east-1a": sets.Empty{}}, + }, + { + zones: "us-east-1a, us-west-2a", + want: sets.String{ + "us-east-1a": sets.Empty{}, + "us-west-2a": sets.Empty{}, + }, + }, + } + for _, tt := range tests { + if got, err := ZonesToSet(tt.zones); err != nil || !got.Equal(tt.want) { + t.Errorf("%v(%v) returned (%v), want (%v)", functionUnderTest, tt.zones, got, tt.want) + } + } +} + +func TestChooseZonesForVolume(t *testing.T) { + checkFnv32(t, "henley", 1180403676) + // 1180403676 mod 3 == 0, so the offset from "henley" is 0, which makes it easier to verify this by inspection + + // A few others + checkFnv32(t, "henley-", 2652299129) + checkFnv32(t, "henley-a", 1459735322) + checkFnv32(t, "", 2166136261) + + tests := []struct { + Zones sets.String + VolumeName string + NumZones uint32 + Expected sets.String + }{ + // Test for PVC names that don't have a dash + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley", + NumZones: 1, + Expected: sets.NewString("a" /* hash("henley") == 0 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley", + NumZones: 2, + Expected: sets.NewString("a" /* hash("henley") == 0 */, "b"), + }, + // Tests for PVC names that end in - number, but don't look like statefulset PVCs + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-0", + NumZones: 1, + Expected: sets.NewString("a" /* hash("henley") == 0 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-0", + NumZones: 2, + Expected: sets.NewString("a" /* hash("henley") == 0 */, "b"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-1", + NumZones: 1, + Expected: sets.NewString("b" /* hash("henley") + 1 == 1 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-1", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley") + 1 + 1(startingIndex) == 2 */, "a"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-2", + NumZones: 1, + Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-2", + NumZones: 2, + Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-3", + NumZones: 1, + Expected: sets.NewString("a" /* hash("henley") + 3 == 3 === 0 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-3", + NumZones: 2, + Expected: sets.NewString("a" /* hash("henley") + 3 + 3(startingIndex) == 6 */, "b"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-4", + NumZones: 1, + Expected: sets.NewString("b" /* hash("henley") + 4 == 4 === 1 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-4", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley") + 4 + 4(startingIndex) == 8 */, "a"), + }, + // Tests for PVC names that are edge cases + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-", + NumZones: 1, + Expected: sets.NewString("c" /* hash("henley-") = 2652299129 === 2 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley-") = 2652299129 === 2 mod 3 = 2 */, "a"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-a", + NumZones: 1, + Expected: sets.NewString("c" /* hash("henley-a") = 1459735322 === 2 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "henley-a", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley-a") = 1459735322 === 2 mod 3 = 2 */, "a"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium--1", + NumZones: 1, + Expected: sets.NewString("c" /* hash("") + 1 == 2166136261 + 1 === 2 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium--1", + NumZones: 2, + Expected: sets.NewString("a" /* hash("") + 1 + 1(startingIndex) == 2166136261 + 1 + 1 === 3 mod 3 = 0 */, "b"), + }, + // Tests for PVC names for simple StatefulSet cases + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-1", + NumZones: 1, + Expected: sets.NewString("b" /* hash("henley") + 1 == 1 */), + }, + // Tests for PVC names for simple StatefulSet cases + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-1", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley") + 1 + 1(startingIndex) == 2 */, "a"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "loud-henley-1", + NumZones: 1, + Expected: sets.NewString("b" /* hash("henley") + 1 == 1 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "loud-henley-1", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley") + 1 + 1(startingIndex) == 2 */, "a"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "quiet-henley-2", + NumZones: 1, + Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "quiet-henley-2", + NumZones: 2, + Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-2", + NumZones: 1, + Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-2", + NumZones: 2, + Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-3", + NumZones: 1, + Expected: sets.NewString("a" /* hash("henley") + 3 == 3 === 0 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-3", + NumZones: 2, + Expected: sets.NewString("a" /* hash("henley") + 3 + 3(startingIndex) == 6 === 6 mod 3 = 0 */, "b"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-4", + NumZones: 1, + Expected: sets.NewString("b" /* hash("henley") + 4 == 4 === 1 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley-4", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley") + 4 + 4(startingIndex) == 8 === 2 mod 3 */, "a"), + }, + // Tests for statefulsets (or claims) with dashes in the names + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-alpha-henley-2", + NumZones: 1, + Expected: sets.NewString("c" /* hash("henley") + 2 == 2 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-alpha-henley-2", + NumZones: 2, + Expected: sets.NewString("b" /* hash("henley") + 2 + 2(startingIndex) == 4 */, "c"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-beta-henley-3", + NumZones: 1, + Expected: sets.NewString("a" /* hash("henley") + 3 == 3 === 0 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-beta-henley-3", + NumZones: 2, + Expected: sets.NewString("a" /* hash("henley") + 3 + 3(startingIndex) == 6 === 0 mod 3 */, "b"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-gamma-henley-4", + NumZones: 1, + Expected: sets.NewString("b" /* hash("henley") + 4 == 4 === 1 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-gamma-henley-4", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley") + 4 + 4(startingIndex) == 8 === 2 mod 3 */, "a"), + }, + // Tests for statefulsets name ending in - + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--2", + NumZones: 1, + Expected: sets.NewString("a" /* hash("") + 2 == 0 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--2", + NumZones: 2, + Expected: sets.NewString("c" /* hash("") + 2 + 2(startingIndex) == 2 mod 3 */, "a"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--3", + NumZones: 1, + Expected: sets.NewString("b" /* hash("") + 3 == 1 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--3", + NumZones: 2, + Expected: sets.NewString("b" /* hash("") + 3 + 3(startingIndex) == 1 mod 3 */, "c"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--4", + NumZones: 1, + Expected: sets.NewString("c" /* hash("") + 4 == 2 mod 3 */), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--4", + NumZones: 2, + Expected: sets.NewString("a" /* hash("") + 4 + 4(startingIndex) == 0 mod 3 */, "b"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--4", + NumZones: 3, + Expected: sets.NewString("c" /* hash("") + 4 == 2 mod 3 */, "a", "b"), + }, + { + Zones: sets.NewString("a", "b", "c"), + VolumeName: "medium-henley--4", + NumZones: 4, + Expected: sets.NewString("c" /* hash("") + 4 + 9(startingIndex) == 2 mod 3 */, "a", "b", "c"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-0", + NumZones: 2, + Expected: sets.NewString("a" /* hash("henley") == 0 */, "b"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-1", + NumZones: 2, + Expected: sets.NewString("c" /* hash("henley") == 0 + 2 */, "d"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-2", + NumZones: 2, + Expected: sets.NewString("e" /* hash("henley") == 0 + 2 + 2(startingIndex) */, "f"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-3", + NumZones: 2, + Expected: sets.NewString("g" /* hash("henley") == 0 + 2 + 4(startingIndex) */, "h"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-0", + NumZones: 3, + Expected: sets.NewString("a" /* hash("henley") == 0 */, "b", "c"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-1", + NumZones: 3, + Expected: sets.NewString("d" /* hash("henley") == 0 + 1 + 2(startingIndex) */, "e", "f"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-2", + NumZones: 3, + Expected: sets.NewString("g" /* hash("henley") == 0 + 2 + 4(startingIndex) */, "h", "i"), + }, + { + Zones: sets.NewString("a", "b", "c", "d", "e", "f", "g", "h", "i"), + VolumeName: "henley-3", + NumZones: 3, + Expected: sets.NewString("a" /* hash("henley") == 0 + 3 + 6(startingIndex) */, "b", "c"), + }, + // Test for no zones + { + Zones: sets.NewString(), + VolumeName: "henley-1", + Expected: sets.NewString(), + }, + { + Zones: nil, + VolumeName: "henley-2", + Expected: sets.NewString(), + }, + } + + for _, test := range tests { + actual := ChooseZonesForVolume(test.Zones, test.VolumeName, test.NumZones) + + if !actual.Equal(test.Expected) { + t.Errorf("Test %v failed, expected zone %#v, actual %#v", test, test.Expected, actual) + } + } +} + +func TestSelectZoneForVolume(t *testing.T) { + + nodeWithZoneLabels := &v1.Node{} + nodeWithZoneLabels.Labels = map[string]string{v1.LabelZoneFailureDomain: "zoneX"} + + nodeWithNoLabels := &v1.Node{} + + tests := []struct { + // Parameters passed by test to SelectZoneForVolume + Name string + ZonePresent bool + Zone string + ZonesPresent bool + Zones string + ZonesWithNodes string + Node *v1.Node + AllowedTopologies []v1.TopologySelectorTerm + // Expectations around returned zone from SelectZoneForVolume + Reject bool // expect error due to validation failing + ExpectSpecificZone bool // expect returned zone to specifically match a single zone (rather than one from a set) + ExpectedZone string // single zone that should perfectly match returned zone (requires ExpectSpecificZone to be true) + ExpectedZones string // set of zones one of whose members should match returned zone (requires ExpectSpecificZone to be false) + }{ + // NEGATIVE TESTS + + // Zone and Zones are both specified [Fail] + // [1] Node irrelevant + // [2] Zone and Zones parameters presents + // [3] AllowedTopologies irrelevant + { + Name: "Nil_Node_with_Zone_Zones_parameters_present", + ZonePresent: true, + Zone: "zoneX", + ZonesPresent: true, + Zones: "zoneX,zoneY", + Reject: true, + }, + + // Node has no zone labels [Fail] + // [1] Node with no zone labels + // [2] Zone/Zones parameter irrelevant + // [3] AllowedTopologies irrelevant + { + Name: "Node_with_no_Zone_labels", + Node: nodeWithNoLabels, + Reject: true, + }, + + // Node with Zone labels as well as Zone parameter specified [Fail] + // [1] Node with zone labels + // [2] Zone parameter specified + // [3] AllowedTopologies irrelevant + { + Name: "Node_with_Zone_labels_and_Zone_parameter_present", + Node: nodeWithZoneLabels, + ZonePresent: true, + Zone: "zoneX", + Reject: true, + }, + + // Node with Zone labels as well as Zones parameter specified [Fail] + // [1] Node with zone labels + // [2] Zones parameter specified + // [3] AllowedTopologies irrelevant + { + Name: "Node_with_Zone_labels_and_Zones_parameter_present", + Node: nodeWithZoneLabels, + ZonesPresent: true, + Zones: "zoneX,zoneY", + Reject: true, + }, + + // Zone parameter as well as AllowedTopologies specified [Fail] + // [1] nil Node + // [2] Zone parameter specified + // [3] AllowedTopologies specified + { + Name: "Nil_Node_and_Zone_parameter_and_Allowed_Topology_term", + Node: nil, + ZonePresent: true, + Zone: "zoneX", + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + }, + Reject: true, + }, + + // Zones parameter as well as AllowedTopologies specified [Fail] + // [1] nil Node + // [2] Zones parameter specified + // [3] AllowedTopologies specified + { + Name: "Nil_Node_and_Zones_parameter_and_Allowed_Topology_term", + Node: nil, + ZonesPresent: true, + Zones: "zoneX,zoneY", + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + }, + Reject: true, + }, + + // Key specified in AllowedTopologies is not LabelZoneFailureDomain [Fail] + // [1] nil Node + // [2] no Zone/Zones parameter + // [3] AllowedTopologies with invalid key specified + { + Name: "Nil_Node_and_Invalid_Allowed_Topology_Key", + Node: nil, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: "invalid_key", + Values: []string{"zoneX"}, + }, + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneY"}, + }, + }, + }, + }, + Reject: true, + }, + + // AllowedTopologies without keys specifying LabelZoneFailureDomain [Fail] + // [1] nil Node + // [2] no Zone/Zones parameter + // [3] Invalid AllowedTopologies + { + Name: "Nil_Node_and_Invalid_AllowedTopologies", + Node: nil, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{}, + }, + }, + Reject: true, + }, + + // POSITIVE TESTS WITH VolumeScheduling ENABLED + + // Select zone from active zones [Pass] + // [1] nil Node + // [2] no Zone parameter specified + // [3] no AllowedTopologies + { + Name: "Nil_Node_and_No_Zone_Zones_parameter_and_no_Allowed_topologies_and_VolumeScheduling_enabled", + Node: nil, + ZonesWithNodes: "zoneX,zoneY", + Reject: false, + ExpectedZones: "zoneX,zoneY", + }, + + // Select zone from single zone parameter [Pass] + // [1] nil Node + // [2] Zone parameter specified + // [3] no AllowedTopology specified + { + Name: "Nil_Node_and_Zone_parameter_present_and_VolumeScheduling_enabled", + ZonePresent: true, + Zone: "zoneX", + Node: nil, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + }, + + // Select zone from zones parameter [Pass] + // [1] nil Node + // [2] Zones parameter specified + // [3] no AllowedTopology + { + Name: "Nil_Node_and_Zones_parameter_present_and_VolumeScheduling_enabled", + ZonesPresent: true, + Zones: "zoneX,zoneY", + Node: nil, + Reject: false, + ExpectedZones: "zoneX,zoneY", + }, + + // Select zone from node label [Pass] + // [1] Node with zone labels + // [2] no zone/zones parameters + // [3] no AllowedTopology + { + Name: "Node_with_Zone_labels_and_VolumeScheduling_enabled", + Node: nodeWithZoneLabels, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + }, + + // Select zone from node label [Pass] + // [1] Node with zone labels + // [2] no Zone/Zones parameters + // [3] AllowedTopology with single term with multiple values specified (ignored) + { + Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_values_and_VolumeScheduling_enabled", + Node: nodeWithZoneLabels, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneZ", "zoneY"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + }, + + // Select Zone from AllowedTopologies [Pass] + // [1] nil Node + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with single term with multiple values specified + { + Name: "Nil_Node_with_Multiple_Allowed_Topology_values_and_VolumeScheduling_enabled", + Node: nil, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX", "zoneY"}, + }, + }, + }, + }, + Reject: false, + ExpectedZones: "zoneX,zoneY", + }, + + // Select zone from AllowedTopologies [Pass] + // [1] nil Node + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with multiple terms specified + { + Name: "Nil_Node_and_Multiple_Allowed_Topology_terms_and_VolumeScheduling_enabled", + Node: nil, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneY"}, + }, + }, + }, + }, + Reject: false, + ExpectedZones: "zoneX,zoneY", + }, + + // Select Zone from AllowedTopologies [Pass] + // Note: Dual replica with same AllowedTopologies will fail: Nil_Node_and_Single_Allowed_Topology_term_value_and_Dual_replicas + // [1] nil Node + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with single term and value specified + { + Name: "Nil_Node_and_Single_Allowed_Topology_term_value_and_VolumeScheduling_enabled", + Node: nil, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + }, + } + + for _, test := range tests { + t.Run(test.Name, func(t *testing.T) { + var zonesParameter, zonesWithNodes sets.String + var err error + + if test.Zones != "" { + zonesParameter, err = ZonesToSet(test.Zones) + if err != nil { + t.Fatalf("Could not convert Zones to a set: %s. This is a test error %s", test.Zones, test.Name) + } + } + + if test.ZonesWithNodes != "" { + zonesWithNodes, err = ZonesToSet(test.ZonesWithNodes) + if err != nil { + t.Fatalf("Could not convert specified ZonesWithNodes to a set: %s. This is a test error %s", test.ZonesWithNodes, test.Name) + } + } + + zone, err := SelectZoneForVolume(test.ZonePresent, test.ZonesPresent, test.Zone, zonesParameter, zonesWithNodes, test.Node, test.AllowedTopologies, test.Name) + + if test.Reject && err == nil { + t.Errorf("Unexpected zone from SelectZoneForVolume for %s", zone) + } + + if !test.Reject { + if err != nil { + t.Errorf("Unexpected error from SelectZoneForVolume for %s; Error: %v", test.Name, err) + } + + if test.ExpectSpecificZone == true { + if zone != test.ExpectedZone { + t.Errorf("Expected zone %v does not match obtained zone %v for %s", test.ExpectedZone, zone, test.Name) + } + } + + if test.ExpectedZones != "" { + expectedZones, err := ZonesToSet(test.ExpectedZones) + if err != nil { + t.Fatalf("Could not convert ExpectedZones to a set: %s. This is a test error", test.ExpectedZones) + } + if !expectedZones.Has(zone) { + t.Errorf("Obtained zone %s not member of expectedZones %s", zone, expectedZones) + } + } + } + }) + } +} + +func TestSelectZonesForVolume(t *testing.T) { + + nodeWithZoneLabels := &v1.Node{} + nodeWithZoneLabels.Labels = map[string]string{v1.LabelZoneFailureDomain: "zoneX"} + + nodeWithNoLabels := &v1.Node{} + + tests := []struct { + // Parameters passed by test to SelectZonesForVolume + Name string + ReplicaCount uint32 + ZonePresent bool + Zone string + ZonesPresent bool + Zones string + ZonesWithNodes string + Node *v1.Node + AllowedTopologies []v1.TopologySelectorTerm + // Expectations around returned zones from SelectZonesForVolume + Reject bool // expect error due to validation failing + ExpectSpecificZones bool // expect set of returned zones to be equal to ExpectedZones (rather than subset of ExpectedZones) + ExpectedZones string // set of zones that is a superset of returned zones or equal to returned zones (if ExpectSpecificZones is set) + ExpectSpecificZone bool // expect set of returned zones to include ExpectedZone as a member + ExpectedZone string // zone that should be a member of returned zones + }{ + // NEGATIVE TESTS + + // Zone and Zones are both specified [Fail] + // [1] Node irrelevant + // [2] Zone and Zones parameters presents + // [3] AllowedTopologies irrelevant + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_with_Zone_Zones_parameters_present", + ZonePresent: true, + Zone: "zoneX", + ZonesPresent: true, + Zones: "zoneX,zoneY", + Reject: true, + }, + + // Node has no zone labels [Fail] + // [1] Node with no zone labels + // [2] Zone/Zones parameter irrelevant + // [3] AllowedTopologies irrelevant + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Node_with_no_Zone_labels", + Node: nodeWithNoLabels, + Reject: true, + }, + + // Node with Zone labels as well as Zone parameter specified [Fail] + // [1] Node with zone labels + // [2] Zone parameter specified + // [3] AllowedTopologies irrelevant + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Node_with_Zone_labels_and_Zone_parameter_present", + Node: nodeWithZoneLabels, + ZonePresent: true, + Zone: "zoneX", + Reject: true, + }, + + // Node with Zone labels as well as Zones parameter specified [Fail] + // [1] Node with zone labels + // [2] Zones parameter specified + // [3] AllowedTopologies irrelevant + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Node_with_Zone_labels_and_Zones_parameter_present", + Node: nodeWithZoneLabels, + ZonesPresent: true, + Zones: "zoneX,zoneY", + Reject: true, + }, + + // Zone parameter as well as AllowedTopologies specified [Fail] + // [1] nil Node + // [2] Zone parameter specified + // [3] AllowedTopologies specified + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_and_Zone_parameter_and_Allowed_Topology_term", + Node: nil, + ZonePresent: true, + Zone: "zoneX", + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + }, + Reject: true, + }, + + // Zones parameter as well as AllowedTopologies specified [Fail] + // [1] nil Node + // [2] Zones parameter specified + // [3] AllowedTopologies specified + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_and_Zones_parameter_and_Allowed_Topology_term", + Node: nil, + ZonesPresent: true, + Zones: "zoneX,zoneY", + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + }, + Reject: true, + }, + + // Key specified in AllowedTopologies is not LabelZoneFailureDomain [Fail] + // [1] nil Node + // [2] no Zone/Zones parameter + // [3] AllowedTopologies with invalid key specified + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_and_Invalid_Allowed_Topology_Key", + Node: nil, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: "invalid_key", + Values: []string{"zoneX"}, + }, + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneY"}, + }, + }, + }, + }, + Reject: true, + }, + + // AllowedTopologies without keys specifying LabelZoneFailureDomain [Fail] + // [1] nil Node + // [2] no Zone/Zones parameter + // [3] Invalid AllowedTopologies + // [4] ReplicaCount irrelevant + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_and_Invalid_AllowedTopologies", + Node: nil, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{}, + }, + }, + Reject: true, + }, + + // Zone specified with ReplicaCount > 1 [Fail] + // [1] nil Node + // [2] Zone/Zones parameter specified + // [3] AllowedTopologies irrelevant + // [4] ReplicaCount > 1 + // [5] ZonesWithNodes irrelevant + { + Name: "Zone_and_Replicas_mismatched", + Node: nil, + ZonePresent: true, + Zone: "zoneX", + ReplicaCount: 2, + Reject: true, + }, + + // Not enough zones in Zones parameter to satisfy ReplicaCount [Fail] + // [1] nil Node + // [2] Zone/Zones parameter specified + // [3] AllowedTopologies irrelevant + // [4] ReplicaCount > zones + // [5] ZonesWithNodes irrelevant + { + Name: "Zones_and_Replicas_mismatched", + Node: nil, + ZonesPresent: true, + Zones: "zoneX", + ReplicaCount: 2, + Reject: true, + }, + + // Not enough zones in ZonesWithNodes to satisfy ReplicaCount [Fail] + // [1] nil Node + // [2] no Zone/Zones parameter specified + // [3] AllowedTopologies irrelevant + // [4] ReplicaCount > ZonesWithNodes + // [5] ZonesWithNodes specified but not enough + { + Name: "Zones_and_Replicas_mismatched", + Node: nil, + ZonesWithNodes: "zoneX", + ReplicaCount: 2, + Reject: true, + }, + + // Not enough zones in AllowedTopologies to satisfy ReplicaCount [Fail] + // [1] nil Node + // [2] Zone/Zones parameter specified + // [3] Invalid AllowedTopologies + // [4] ReplicaCount > zones + // [5] ZonesWithNodes irrelevant + { + Name: "AllowedTopologies_and_Replicas_mismatched", + Node: nil, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + }, + Reject: true, + }, + + // POSITIVE TESTS + + // Select zones from zones parameter [Pass] + // [1] nil Node (Node irrelevant) + // [2] Zones parameter specified + // [3] no AllowedTopologies + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Zones_parameter_Dual_replica_Superset", + ZonesPresent: true, + Zones: "zoneW,zoneX,zoneY,zoneZ", + ReplicaCount: 2, + Reject: false, + ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", + }, + + // Select zones from zones parameter [Pass] + // [1] nil Node (Node irrelevant) + // [2] Zones parameter specified + // [3] no AllowedTopologies + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Zones_parameter_Dual_replica_Match", + ZonesPresent: true, + Zones: "zoneX,zoneY", + ReplicaCount: 2, + Reject: false, + ExpectSpecificZones: true, + ExpectedZones: "zoneX,zoneY", + }, + + // Select zones from active zones with nodes [Pass] + // [1] nil Node (Node irrelevant) + // [2] no Zone parameter + // [3] no AllowedTopologies + // [4] ReplicaCount specified + // [5] ZonesWithNodes specified + { + Name: "Active_zones_Nil_node_Dual_replica_Superset", + ZonesWithNodes: "zoneW,zoneX,zoneY,zoneZ", + ReplicaCount: 2, + Reject: false, + ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", + }, + + // Select zones from active zones [Pass] + // [1] nil Node (Node irrelevant) + // [2] no Zone[s] parameter + // [3] no AllowedTopologies + // [4] ReplicaCount specified + // [5] ZonesWithNodes specified + { + Name: "Active_zones_Nil_node_Dual_replica_Match", + ZonesWithNodes: "zoneW,zoneX", + ReplicaCount: 2, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectSpecificZones: true, + ExpectedZones: "zoneW,zoneX", + }, + + // Select zones from node label and active zones [Pass] + // [1] Node with zone labels + // [2] no Zone parameter + // [3] no AllowedTopologies + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Active_zones_Node_with_Zone_labels_Dual_replica_Superset", + Node: nodeWithZoneLabels, + ZonesWithNodes: "zoneW,zoneX,zoneY,zoneZ", + ReplicaCount: 2, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", + }, + + // Select zones from node label and active zones [Pass] + // [1] Node with zone labels + // [2] no Zone[s] parameter + // [3] no AllowedTopologies + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Active_zones_Node_with_Zone_labels_Dual_replica_Match", + Node: nodeWithZoneLabels, + ZonesWithNodes: "zoneW,zoneX", + ReplicaCount: 2, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectSpecificZones: true, + ExpectedZones: "zoneW,zoneX", + }, + + // Select zones from node label and AllowedTopologies [Pass] + // [1] Node with zone labels + // [2] no Zone/Zones parameters + // [3] AllowedTopologies with single term with multiple values specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + // Note: the test Name suffix is used as the pvcname and it's suffix is important to influence ChooseZonesForVolume + // to NOT pick zoneX from AllowedTopologies if zoneFromNode is incorrectly set or not set at all. + { + Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_values_Superset-1", + Node: nodeWithZoneLabels, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneV", "zoneW", "zoneX", "zoneY", "zoneZ"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectedZones: "zoneV,zoneW,zoneX,zoneY,zoneZ", + }, + + // Select zones from node label and AllowedTopologies [Pass] + // [1] Node with zone labels + // [2] no Zone/Zones parameters + // [3] AllowedTopologies with single term with multiple values specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_values_Match", + Node: nodeWithZoneLabels, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX", "zoneY"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectSpecificZones: true, + ExpectedZones: "zoneX,zoneY", + }, + + // Select Zones from AllowedTopologies [Pass] + // [1] nil Node + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with single term with multiple values specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_with_Multiple_Allowed_Topology_values_Superset", + Node: nil, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX", "zoneY", "zoneZ"}, + }, + }, + }, + }, + Reject: false, + ExpectedZones: "zoneX,zoneY,zoneZ", + }, + + // Select Zones from AllowedTopologies [Pass] + // [1] nil Node + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with single term with multiple values specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_with_Multiple_Allowed_Topology_values_Match", + Node: nil, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX", "zoneY"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZones: true, + ExpectedZones: "zoneX,zoneY", + }, + + // Select zones from node label and AllowedTopologies [Pass] + // [1] Node with zone labels + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with multiple terms specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + // Note: the test Name is used as the pvcname and it's hash is important to influence ChooseZonesForVolume + // to NOT pick zoneX from AllowedTopologies of 5 zones. If zoneFromNode (zoneX) is incorrectly set or + // not set at all in SelectZonesForVolume it will be detected. + { + Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_terms_Superset-2", + Node: nodeWithZoneLabels, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneV"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneW"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneY"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneZ"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectedZones: "zoneV,zoneW,zoneX,zoneY,zoneZ", + }, + + // Select zones from node label and AllowedTopologies [Pass] + // [1] Node with zone labels + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with multiple terms specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Node_with_Zone_labels_and_Multiple_Allowed_Topology_terms_Match", + Node: nodeWithZoneLabels, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneY"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectSpecificZones: true, + ExpectedZones: "zoneX,zoneY", + }, + + // Select zones from AllowedTopologies [Pass] + // [1] nil Node + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with multiple terms specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_and_Multiple_Allowed_Topology_terms_Superset", + Node: nil, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneY"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneZ"}, + }, + }, + }, + }, + Reject: false, + ExpectedZones: "zoneX,zoneY,zoneZ", + }, + + // Select zones from AllowedTopologies [Pass] + // [1] nil Node + // [2] no Zone/Zones parametes specified + // [3] AllowedTopologies with multiple terms specified + // [4] ReplicaCount specified + // [5] ZonesWithNodes irrelevant + { + Name: "Nil_Node_and_Multiple_Allowed_Topology_terms_Match", + Node: nil, + ReplicaCount: 2, + AllowedTopologies: []v1.TopologySelectorTerm{ + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneX"}, + }, + }, + }, + { + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: []string{"zoneY"}, + }, + }, + }, + }, + Reject: false, + ExpectSpecificZones: true, + ExpectedZones: "zoneX,zoneY", + }, + } + + for _, test := range tests { + var zonesParameter, zonesWithNodes sets.String + var err error + + if test.Zones != "" { + zonesParameter, err = ZonesToSet(test.Zones) + if err != nil { + t.Errorf("Could not convert Zones to a set: %s. This is a test error %s", test.Zones, test.Name) + continue + } + } + + if test.ZonesWithNodes != "" { + zonesWithNodes, err = ZonesToSet(test.ZonesWithNodes) + if err != nil { + t.Errorf("Could not convert specified ZonesWithNodes to a set: %s. This is a test error %s", test.ZonesWithNodes, test.Name) + continue + } + } + + zones, err := SelectZonesForVolume(test.ZonePresent, test.ZonesPresent, test.Zone, zonesParameter, zonesWithNodes, test.Node, test.AllowedTopologies, test.Name, test.ReplicaCount) + + if test.Reject && err == nil { + t.Errorf("Unexpected zones from SelectZonesForVolume in %s. Zones: %v", test.Name, zones) + continue + } + + if !test.Reject { + if err != nil { + t.Errorf("Unexpected error from SelectZonesForVolume in %s; Error: %v", test.Name, err) + continue + } + + if uint32(zones.Len()) != test.ReplicaCount { + t.Errorf("Number of elements in returned zones %v does not equal replica count %d in %s", zones, test.ReplicaCount, test.Name) + continue + } + + expectedZones, err := ZonesToSet(test.ExpectedZones) + if err != nil { + t.Errorf("Could not convert ExpectedZones to a set: %v. This is a test error in %s", test.ExpectedZones, test.Name) + continue + } + + if test.ExpectSpecificZones && !zones.Equal(expectedZones) { + t.Errorf("Expected zones %v does not match obtained zones %v in %s", expectedZones, zones, test.Name) + continue + } + + if test.ExpectSpecificZone && !zones.Has(test.ExpectedZone) { + t.Errorf("Expected zone %s not found in obtained zones %v in %s", test.ExpectedZone, zones, test.Name) + continue + } + + if !expectedZones.IsSuperset(zones) { + t.Errorf("Obtained zones %v not subset of of expectedZones %v in %s", zones, expectedZones, test.Name) + } + } + } +} + +func TestChooseZonesForVolumeIncludingZone(t *testing.T) { + tests := []struct { + // Parameters passed by test to chooseZonesForVolumeIncludingZone + Name string + ReplicaCount uint32 + Zones string + ZoneToInclude string + // Expectations around returned zones from chooseZonesForVolumeIncludingZone + Reject bool // expect error due to validation failing + ExpectSpecificZones bool // expect set of returned zones to be equal to ExpectedZones (rather than subset of ExpectedZones) + ExpectedZones string // set of zones that is a superset of returned zones or equal to returned zones (if ExpectSpecificZones is set) + ExpectSpecificZone bool // expect set of returned zones to include ExpectedZone as a member + ExpectedZone string // zone that should be a member of returned zones + }{ + // NEGATIVE TESTS + + // Not enough zones specified to fit ReplicaCount [Fail] + { + Name: "Too_Few_Zones", + ReplicaCount: 2, + Zones: "zoneX", + Reject: true, + }, + + // Invalid ReplicaCount [Fail] + { + Name: "Zero_Replica_Count", + ReplicaCount: 0, + Zones: "zoneY,zoneZ", + Reject: true, + }, + + // Invalid ZoneToInclude [Fail] + { + Name: "ZoneToInclude_Not_In_Zones_Single_replica_Dual_zones", + ReplicaCount: 1, + ZoneToInclude: "zoneX", + Zones: "zoneY,zoneZ", + Reject: true, + }, + + // Invalid ZoneToInclude [Fail] + { + Name: "ZoneToInclude_Not_In_Zones_Single_replica_Single_zone", + ReplicaCount: 1, + ZoneToInclude: "zoneX", + Zones: "zoneY", + Reject: true, + }, + + // Invalid ZoneToInclude [Fail] + { + Name: "ZoneToInclude_Not_In_Zones_Dual_replica_Multiple_zones", + ReplicaCount: 2, + ZoneToInclude: "zoneX", + Zones: "zoneY,zoneZ,zoneW", + Reject: true, + }, + + // POSITIVE TESTS + + // Pick any one zone from Zones + { + Name: "No_zones_to_include_and_Single_replica_and_Superset", + ReplicaCount: 1, + Zones: "zoneX,zoneY,zoneZ", + Reject: false, + ExpectedZones: "zoneX,zoneY,zoneZ", + }, + + // Pick any two zones from Zones + { + Name: "No_zones_to_include_and_Dual_replicas_and_Superset", + ReplicaCount: 2, + Zones: "zoneW,zoneX,zoneY,zoneZ", + Reject: false, + ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", + }, + + // Pick the two zones from Zones + { + Name: "No_zones_to_include_and_Dual_replicas_and_Match", + ReplicaCount: 2, + Zones: "zoneX,zoneY", + Reject: false, + ExpectSpecificZones: true, + ExpectedZones: "zoneX,zoneY", + }, + + // Pick one zone from ZoneToInclude (other zones ignored) + { + Name: "Include_zone_and_Single_replica_and_Match", + ReplicaCount: 1, + Zones: "zoneW,zoneX,zoneY,zoneZ", + ZoneToInclude: "zoneX", + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectSpecificZones: true, + ExpectedZones: "zoneX", + }, + + // Pick one zone from ZoneToInclude (other zones ignored) + { + Name: "Include_zone_and_single_replica_and_Match", + ReplicaCount: 1, + Zones: "zoneX", + ZoneToInclude: "zoneX", + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectSpecificZones: true, + ExpectedZones: "zoneX", + }, + + // Pick one zone from Zones and the other from ZoneToInclude + { + Name: "Include_zone_and_dual_replicas_and_Superset", + ReplicaCount: 2, + Zones: "zoneW,zoneX,zoneY,zoneZ", + ZoneToInclude: "zoneX", + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectedZones: "zoneW,zoneX,zoneY,zoneZ", + }, + + // Pick one zone from Zones and the other from ZoneToInclude + { + Name: "Include_zone_and_dual_replicas_and_Match", + ReplicaCount: 2, + Zones: "zoneX,zoneY", + ZoneToInclude: "zoneX", + Reject: false, + ExpectSpecificZone: true, + ExpectedZone: "zoneX", + ExpectSpecificZones: true, + ExpectedZones: "zoneX,zoneY", + }, + } + for _, test := range tests { + zonesParameter, err := ZonesToSet(test.Zones) + if err != nil { + t.Errorf("Could not convert Zones to a set: %s. This is a test error %s", test.Zones, test.Name) + continue + } + + zones, err := chooseZonesForVolumeIncludingZone(zonesParameter, test.Name, test.ZoneToInclude, test.ReplicaCount) + if test.Reject && err == nil { + t.Errorf("Unexpected zones from chooseZonesForVolumeIncludingZone in %s. Zones: %v", test.Name, zones) + continue + } + if !test.Reject { + if err != nil { + t.Errorf("Unexpected error from chooseZonesForVolumeIncludingZone in %s; Error: %v", test.Name, err) + continue + } + + if uint32(zones.Len()) != test.ReplicaCount { + t.Errorf("Number of elements in returned zones %v does not equal replica count %d in %s", zones, test.ReplicaCount, test.Name) + continue + } + + expectedZones, err := ZonesToSet(test.ExpectedZones) + if err != nil { + t.Errorf("Could not convert ExpectedZones to a set: %v. This is a test error in %s", test.ExpectedZones, test.Name) + continue + } + + if test.ExpectSpecificZones && !zones.Equal(expectedZones) { + t.Errorf("Expected zones %v does not match obtained zones %v in %s", expectedZones, zones, test.Name) + continue + } + + if test.ExpectSpecificZone && !zones.Has(test.ExpectedZone) { + t.Errorf("Expected zone %s not found in obtained zones %v in %s", test.ExpectedZone, zones, test.Name) + continue + } + + if !expectedZones.IsSuperset(zones) { + t.Errorf("Obtained zones %v not subset of of expectedZones %v in %s", zones, expectedZones, test.Name) + } + } + } +} + +func checkFnv32(t *testing.T, s string, expected uint32) { + h := fnv.New32() + h.Write([]byte(s)) + h.Sum32() + + if h.Sum32() != expected { + t.Fatalf("hash of %q was %v, expected %v", s, h.Sum32(), expected) + } +} diff --git a/staging/src/k8s.io/cluster-bootstrap/CONTRIBUTING.md b/staging/src/k8s.io/cluster-bootstrap/CONTRIBUTING.md index ffee3e77235..9ae1fdd358d 100644 --- a/staging/src/k8s.io/cluster-bootstrap/CONTRIBUTING.md +++ b/staging/src/k8s.io/cluster-bootstrap/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/cluster-bootstrap](https://git.k8s.io/kubernetes/staging/src/k8s.io/cluster-bootstrap) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/cluster-bootstrap/Godeps/OWNERS b/staging/src/k8s.io/cluster-bootstrap/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/cluster-bootstrap/Godeps/OWNERS +++ b/staging/src/k8s.io/cluster-bootstrap/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/cluster-bootstrap/OWNERS b/staging/src/k8s.io/cluster-bootstrap/OWNERS index 376b5d35e25..6bdd0fd0b1a 100644 --- a/staging/src/k8s.io/cluster-bootstrap/OWNERS +++ b/staging/src/k8s.io/cluster-bootstrap/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cluster-lifecycle-leads reviewers: diff --git a/staging/src/k8s.io/cluster-bootstrap/token/OWNERS b/staging/src/k8s.io/cluster-bootstrap/token/OWNERS index 8a2f5b5915b..3f679cd5682 100644 --- a/staging/src/k8s.io/cluster-bootstrap/token/OWNERS +++ b/staging/src/k8s.io/cluster-bootstrap/token/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - jbeda - luxas diff --git a/staging/src/k8s.io/code-generator/CONTRIBUTING.md b/staging/src/k8s.io/code-generator/CONTRIBUTING.md index bc4e7697e86..8901222b611 100644 --- a/staging/src/k8s.io/code-generator/CONTRIBUTING.md +++ b/staging/src/k8s.io/code-generator/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/code-generator](https://git.k8s.io/kubernetes/staging/src/k8s.io/code-generator) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/code-generator/Godeps/OWNERS b/staging/src/k8s.io/code-generator/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/code-generator/Godeps/OWNERS +++ b/staging/src/k8s.io/code-generator/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/code-generator/OWNERS b/staging/src/k8s.io/code-generator/OWNERS index 4155fc60ccd..6f7abe3edb1 100644 --- a/staging/src/k8s.io/code-generator/OWNERS +++ b/staging/src/k8s.io/code-generator/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - lavalamp - wojtek-t diff --git a/staging/src/k8s.io/code-generator/README.md b/staging/src/k8s.io/code-generator/README.md index 5808c86b354..e03c6bf55ef 100644 --- a/staging/src/k8s.io/code-generator/README.md +++ b/staging/src/k8s.io/code-generator/README.md @@ -1,6 +1,6 @@ # code-generator -Golang code-generators used to implement [Kubernetes-style API types](https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md). +Golang code-generators used to implement [Kubernetes-style API types](https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md). ## Purpose diff --git a/staging/src/k8s.io/code-generator/cmd/client-gen/OWNERS b/staging/src/k8s.io/code-generator/cmd/client-gen/OWNERS index 0c408a1aa94..62866d0b194 100644 --- a/staging/src/k8s.io/code-generator/cmd/client-gen/OWNERS +++ b/staging/src/k8s.io/code-generator/cmd/client-gen/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - lavalamp - wojtek-t diff --git a/staging/src/k8s.io/code-generator/cmd/client-gen/README.md b/staging/src/k8s.io/code-generator/cmd/client-gen/README.md index d1d67abdf98..092a61151c6 100644 --- a/staging/src/k8s.io/code-generator/cmd/client-gen/README.md +++ b/staging/src/k8s.io/code-generator/cmd/client-gen/README.md @@ -1,4 +1,4 @@ -See [generating-clientset.md](https://git.k8s.io/community/contributors/devel/generating-clientset.md) +See [generating-clientset.md](https://git.k8s.io/community/contributors/devel/sig-api-machinery/generating-clientset.md) [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/staging/src/k8s.io/code-generator/client-gen/README.md?pixel)]() diff --git a/staging/src/k8s.io/code-generator/cmd/go-to-protobuf/OWNERS b/staging/src/k8s.io/code-generator/cmd/go-to-protobuf/OWNERS index 05d4b2a6574..613659162a9 100644 --- a/staging/src/k8s.io/code-generator/cmd/go-to-protobuf/OWNERS +++ b/staging/src/k8s.io/code-generator/cmd/go-to-protobuf/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - smarterclayton reviewers: diff --git a/staging/src/k8s.io/code-generator/cmd/import-boss/main.go b/staging/src/k8s.io/code-generator/cmd/import-boss/main.go index c0f10c3a49c..da099fda718 100644 --- a/staging/src/k8s.io/code-generator/cmd/import-boss/main.go +++ b/staging/src/k8s.io/code-generator/cmd/import-boss/main.go @@ -22,9 +22,13 @@ limitations under the License. // // If an ".import-restrictions" file is found, then all imports of the package // are checked against each "rule" in the file. A rule consists of three parts: -// * A SelectorRegexp, to select the import paths that the rule applies to. -// * A list of AllowedPrefixes -// * A list of ForbiddenPrefixes +// +// - A SelectorRegexp, to select the import paths that the rule applies to. +// +// - A list of AllowedPrefixes +// +// - A list of ForbiddenPrefixes +// // An import is allowed if it matches at least one allowed prefix and does not // match any forbidden prefix. An example file looks like this: // diff --git a/staging/src/k8s.io/code-generator/cmd/informer-gen/generators/generic.go b/staging/src/k8s.io/code-generator/cmd/informer-gen/generators/generic.go index 5ee918f17ea..cad907990f7 100644 --- a/staging/src/k8s.io/code-generator/cmd/informer-gen/generators/generic.go +++ b/staging/src/k8s.io/code-generator/cmd/informer-gen/generators/generic.go @@ -113,7 +113,9 @@ func (g *genericGenerator) GenerateType(c *generator.Context, t *types.Type, w i GoName: namer.IC(v.Version.NonEmpty()), Resources: orderer.OrderTypes(g.typesForGroupVersion[gv]), } - schemeGVs[version] = c.Universe.Variable(types.Name{Package: g.typesForGroupVersion[gv][0].Name.Package, Name: "SchemeGroupVersion"}) + func() { + schemeGVs[version] = c.Universe.Variable(types.Name{Package: g.typesForGroupVersion[gv][0].Name.Package, Name: "SchemeGroupVersion"}) + }() group.Versions = append(group.Versions, version) } sort.Sort(versionSort(group.Versions)) diff --git a/staging/src/k8s.io/component-base/CONTRIBUTING.md b/staging/src/k8s.io/component-base/CONTRIBUTING.md index 3b98c63f6b7..f54b9e7ee3f 100644 --- a/staging/src/k8s.io/component-base/CONTRIBUTING.md +++ b/staging/src/k8s.io/component-base/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/component-base](https://git.k8s.io/kubernetes/staging/src/k8s.io/component-base) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/component-base/Godeps/OWNERS b/staging/src/k8s.io/component-base/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/component-base/Godeps/OWNERS +++ b/staging/src/k8s.io/component-base/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/component-base/OWNERS b/staging/src/k8s.io/component-base/OWNERS index 45b975e4de3..59950cd8922 100644 --- a/staging/src/k8s.io/component-base/OWNERS +++ b/staging/src/k8s.io/component-base/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - luxas - sttts diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/BUILD b/staging/src/k8s.io/component-base/cli/flag/BUILD similarity index 88% rename from staging/src/k8s.io/apiserver/pkg/util/flag/BUILD rename to staging/src/k8s.io/component-base/cli/flag/BUILD index 7841681a86e..8a09eea7623 100644 --- a/staging/src/k8s.io/apiserver/pkg/util/flag/BUILD +++ b/staging/src/k8s.io/component-base/cli/flag/BUILD @@ -37,11 +37,10 @@ go_library( "string_flag.go", "tristate.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/flag", - importpath = "k8s.io/apiserver/pkg/util/flag", + importmap = "k8s.io/kubernetes/vendor/k8s.io/component-base/cli/flag", + importpath = "k8s.io/component-base/cli/flag", deps = [ "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", - "//vendor/github.com/docker/docker/pkg/term:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/ciphersuites_flag.go b/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/ciphersuites_flag.go rename to staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/ciphersuites_flag_test.go b/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag_test.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/ciphersuites_flag_test.go rename to staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag_test.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/colon_separated_multimap_string_string.go b/staging/src/k8s.io/component-base/cli/flag/colon_separated_multimap_string_string.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/colon_separated_multimap_string_string.go rename to staging/src/k8s.io/component-base/cli/flag/colon_separated_multimap_string_string.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/colon_separated_multimap_string_string_test.go b/staging/src/k8s.io/component-base/cli/flag/colon_separated_multimap_string_string_test.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/colon_separated_multimap_string_string_test.go rename to staging/src/k8s.io/component-base/cli/flag/colon_separated_multimap_string_string_test.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/configuration_map.go b/staging/src/k8s.io/component-base/cli/flag/configuration_map.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/configuration_map.go rename to staging/src/k8s.io/component-base/cli/flag/configuration_map.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/flags.go b/staging/src/k8s.io/component-base/cli/flag/flags.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/flags.go rename to staging/src/k8s.io/component-base/cli/flag/flags.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/langle_separated_map_string_string.go b/staging/src/k8s.io/component-base/cli/flag/langle_separated_map_string_string.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/langle_separated_map_string_string.go rename to staging/src/k8s.io/component-base/cli/flag/langle_separated_map_string_string.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/langle_separated_map_string_string_test.go b/staging/src/k8s.io/component-base/cli/flag/langle_separated_map_string_string_test.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/langle_separated_map_string_string_test.go rename to staging/src/k8s.io/component-base/cli/flag/langle_separated_map_string_string_test.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/map_string_bool.go b/staging/src/k8s.io/component-base/cli/flag/map_string_bool.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/map_string_bool.go rename to staging/src/k8s.io/component-base/cli/flag/map_string_bool.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/map_string_bool_test.go b/staging/src/k8s.io/component-base/cli/flag/map_string_bool_test.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/map_string_bool_test.go rename to staging/src/k8s.io/component-base/cli/flag/map_string_bool_test.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/map_string_string.go b/staging/src/k8s.io/component-base/cli/flag/map_string_string.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/map_string_string.go rename to staging/src/k8s.io/component-base/cli/flag/map_string_string.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/map_string_string_test.go b/staging/src/k8s.io/component-base/cli/flag/map_string_string_test.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/map_string_string_test.go rename to staging/src/k8s.io/component-base/cli/flag/map_string_string_test.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/namedcertkey_flag.go b/staging/src/k8s.io/component-base/cli/flag/namedcertkey_flag.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/namedcertkey_flag.go rename to staging/src/k8s.io/component-base/cli/flag/namedcertkey_flag.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/namedcertkey_flag_test.go b/staging/src/k8s.io/component-base/cli/flag/namedcertkey_flag_test.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/namedcertkey_flag_test.go rename to staging/src/k8s.io/component-base/cli/flag/namedcertkey_flag_test.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/noop.go b/staging/src/k8s.io/component-base/cli/flag/noop.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/noop.go rename to staging/src/k8s.io/component-base/cli/flag/noop.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/omitempty.go b/staging/src/k8s.io/component-base/cli/flag/omitempty.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/omitempty.go rename to staging/src/k8s.io/component-base/cli/flag/omitempty.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/sectioned.go b/staging/src/k8s.io/component-base/cli/flag/sectioned.go similarity index 79% rename from staging/src/k8s.io/apiserver/pkg/util/flag/sectioned.go rename to staging/src/k8s.io/component-base/cli/flag/sectioned.go index 52275aa6f3c..493a6c0f0f9 100644 --- a/staging/src/k8s.io/apiserver/pkg/util/flag/sectioned.go +++ b/staging/src/k8s.io/component-base/cli/flag/sectioned.go @@ -22,7 +22,6 @@ import ( "io" "strings" - "github.com/docker/docker/pkg/term" "github.com/spf13/pflag" ) @@ -78,18 +77,3 @@ func PrintSections(w io.Writer, fss NamedFlagSets, cols int) { } } } - -// TerminalSize returns the current width and height of the user's terminal. If it isn't a terminal, -// nil is returned. On error, zero values are returned for width and height. -// Usually w must be the stdout of the process. Stderr won't work. -func TerminalSize(w io.Writer) (int, int, error) { - outFd, isTerminal := term.GetFdInfo(w) - if !isTerminal { - return 0, 0, fmt.Errorf("given writer is no terminal") - } - winsize, err := term.GetWinsize(outFd) - if err != nil { - return 0, 0, err - } - return int(winsize.Width), int(winsize.Height), nil -} diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/string_flag.go b/staging/src/k8s.io/component-base/cli/flag/string_flag.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/string_flag.go rename to staging/src/k8s.io/component-base/cli/flag/string_flag.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/flag/tristate.go b/staging/src/k8s.io/component-base/cli/flag/tristate.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/flag/tristate.go rename to staging/src/k8s.io/component-base/cli/flag/tristate.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/globalflag/BUILD b/staging/src/k8s.io/component-base/cli/globalflag/BUILD similarity index 80% rename from staging/src/k8s.io/apiserver/pkg/util/globalflag/BUILD rename to staging/src/k8s.io/component-base/cli/globalflag/BUILD index 7b8b694d5ee..1026eb654c0 100644 --- a/staging/src/k8s.io/apiserver/pkg/util/globalflag/BUILD +++ b/staging/src/k8s.io/component-base/cli/globalflag/BUILD @@ -3,8 +3,8 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") go_library( name = "go_default_library", srcs = ["globalflags.go"], - importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/globalflag", - importpath = "k8s.io/apiserver/pkg/util/globalflag", + importmap = "k8s.io/kubernetes/vendor/k8s.io/component-base/cli/globalflag", + importpath = "k8s.io/component-base/cli/globalflag", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/component-base/logs:go_default_library", @@ -17,7 +17,7 @@ go_test( srcs = ["globalflags_test.go"], embed = [":go_default_library"], deps = [ - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], ) diff --git a/staging/src/k8s.io/apiserver/pkg/util/globalflag/globalflags.go b/staging/src/k8s.io/component-base/cli/globalflag/globalflags.go similarity index 100% rename from staging/src/k8s.io/apiserver/pkg/util/globalflag/globalflags.go rename to staging/src/k8s.io/component-base/cli/globalflag/globalflags.go diff --git a/staging/src/k8s.io/apiserver/pkg/util/globalflag/globalflags_test.go b/staging/src/k8s.io/component-base/cli/globalflag/globalflags_test.go similarity index 95% rename from staging/src/k8s.io/apiserver/pkg/util/globalflag/globalflags_test.go rename to staging/src/k8s.io/component-base/cli/globalflag/globalflags_test.go index 16475154ab6..c3ee85304ea 100644 --- a/staging/src/k8s.io/apiserver/pkg/util/globalflag/globalflags_test.go +++ b/staging/src/k8s.io/component-base/cli/globalflag/globalflags_test.go @@ -25,11 +25,11 @@ import ( "github.com/spf13/pflag" - apiserverflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" ) func TestAddGlobalFlags(t *testing.T) { - namedFlagSets := &apiserverflag.NamedFlagSets{} + namedFlagSets := &cliflag.NamedFlagSets{} nfs := namedFlagSets.FlagSet("global") AddGlobalFlags(nfs, "test-cmd") diff --git a/staging/src/k8s.io/component-base/config/OWNERS b/staging/src/k8s.io/component-base/config/OWNERS index e0c2557b840..11d499d75d9 100644 --- a/staging/src/k8s.io/component-base/config/OWNERS +++ b/staging/src/k8s.io/component-base/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/csi-api/CONTRIBUTING.md b/staging/src/k8s.io/csi-api/CONTRIBUTING.md index f793e3047d6..f82be8de049 100644 --- a/staging/src/k8s.io/csi-api/CONTRIBUTING.md +++ b/staging/src/k8s.io/csi-api/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/csi-api](https://git.k8s.io/kubernetes/staging/src/k8s.io/csi-api) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information. +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information. diff --git a/staging/src/k8s.io/csi-api/Godeps/Godeps.json b/staging/src/k8s.io/csi-api/Godeps/Godeps.json index a237fc94783..e410475bb5f 100644 --- a/staging/src/k8s.io/csi-api/Godeps/Godeps.json +++ b/staging/src/k8s.io/csi-api/Godeps/Godeps.json @@ -12,7 +12,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -42,10 +42,6 @@ "ImportPath": "github.com/golang/protobuf/ptypes/timestamp", "Rev": "b4deda0973fb4c70b50d226b1af49f3da59f5265" }, - { - "ImportPath": "github.com/google/btree", - "Rev": "7d79101e329e5a3adf994758c578dab82b90c017" - }, { "ImportPath": "github.com/google/gofuzz", "Rev": "24818f796faf91cd76ec7bddd72458fbced7a6c1" @@ -62,21 +58,13 @@ "ImportPath": "github.com/googleapis/gnostic/extensions", "Rev": "0c5108395e2debce0d731cf0287ddf7242066aba" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/json-iterator/go", @@ -90,10 +78,6 @@ "ImportPath": "github.com/modern-go/reflect2", "Rev": "94122c33edd36123c84d5368cfb2b69df93a0ec8" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "golang.org/x/crypto/ssh/terminal", "Rev": "de0752318171da717af4ce24d0a2e8626afaeb11" @@ -250,6 +234,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -544,7 +532,7 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/buffer", @@ -558,26 +546,6 @@ "ImportPath": "k8s.io/utils/trace", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, { "ImportPath": "sigs.k8s.io/yaml", "Rev": "fd68e9863619f6ec2fdd8625fe1f02e7c877e480" diff --git a/staging/src/k8s.io/csi-api/Godeps/OWNERS b/staging/src/k8s.io/csi-api/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/csi-api/Godeps/OWNERS +++ b/staging/src/k8s.io/csi-api/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/csi-api/OWNERS b/staging/src/k8s.io/csi-api/OWNERS index 6dfb625d93c..6c8129e2cfc 100644 --- a/staging/src/k8s.io/csi-api/OWNERS +++ b/staging/src/k8s.io/csi-api/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - jsafrane - saad-ali diff --git a/staging/src/k8s.io/csi-api/hack/update-codegen.sh b/staging/src/k8s.io/csi-api/hack/update-codegen.sh index 106cf6ed92e..f36b7fff976 100755 --- a/staging/src/k8s.io/csi-api/hack/update-codegen.sh +++ b/staging/src/k8s.io/csi-api/hack/update-codegen.sh @@ -18,15 +18,15 @@ set -o errexit set -o nounset set -o pipefail -SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/.. -CODEGEN_PKG=${CODEGEN_PKG:-$(cd ${SCRIPT_ROOT}; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} # generate the code with: # --output-base because this script should also be able to run inside the vendor dir of # k8s.io/kubernetes. The output-base is needed for the generators to output into the vendor dir # instead of the $GOPATH directly. For normal projects this can be dropped. -${CODEGEN_PKG}/generate-groups.sh "deepcopy,client,informer,lister" \ +"${CODEGEN_PKG}"/generate-groups.sh "deepcopy,client,informer,lister" \ k8s.io/csi-api/pkg/client k8s.io/csi-api/pkg/apis \ csi:v1alpha1 \ - --output-base "$(dirname ${BASH_SOURCE})/../../.." \ - --go-header-file ${SCRIPT_ROOT}/hack/boilerplate.go.txt + --output-base "$(dirname "${BASH_SOURCE[0]}")/../../.." \ + --go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt diff --git a/staging/src/k8s.io/csi-api/hack/verify-codegen.sh b/staging/src/k8s.io/csi-api/hack/verify-codegen.sh index 8be07ea160b..08318721bf3 100755 --- a/staging/src/k8s.io/csi-api/hack/verify-codegen.sh +++ b/staging/src/k8s.io/csi-api/hack/verify-codegen.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")/.. +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. DIFFROOT="${SCRIPT_ROOT}/pkg" TMP_DIFFROOT="${SCRIPT_ROOT}/_tmp/pkg" diff --git a/staging/src/k8s.io/csi-api/pkg/apis/OWNERS b/staging/src/k8s.io/csi-api/pkg/apis/OWNERS index 1cfcd56de87..e6a4a6c2fb1 100644 --- a/staging/src/k8s.io/csi-api/pkg/apis/OWNERS +++ b/staging/src/k8s.io/csi-api/pkg/apis/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/csi-api/pkg/crd/BUILD b/staging/src/k8s.io/csi-api/pkg/crd/BUILD index 71a403cd573..8571f80248b 100644 --- a/staging/src/k8s.io/csi-api/pkg/crd/BUILD +++ b/staging/src/k8s.io/csi-api/pkg/crd/BUILD @@ -12,8 +12,8 @@ go_test( name = "go_default_test", srcs = ["crd_test.go"], data = [ + ":csi-manifests", "//cluster/addons:addon-srcs", - "//staging/src/k8s.io/csi-api/pkg/crd:manifests", ], embed = [":go_default_library"], deps = ["//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library"], @@ -28,9 +28,7 @@ filegroup( filegroup( name = "csi-manifests", - srcs = [ - "//staging/src/k8s.io/csi-api/pkg/crd:manifests", - ], + srcs = glob(["manifests/**"]), visibility = ["//visibility:public"], ) diff --git a/staging/src/k8s.io/csi-api/pkg/crd/OWNERS b/staging/src/k8s.io/csi-api/pkg/crd/OWNERS index 1cfcd56de87..e6a4a6c2fb1 100644 --- a/staging/src/k8s.io/csi-api/pkg/crd/OWNERS +++ b/staging/src/k8s.io/csi-api/pkg/crd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/csi-translation-lib/CONTRIBUTING.md b/staging/src/k8s.io/csi-translation-lib/CONTRIBUTING.md index f793e3047d6..f82be8de049 100644 --- a/staging/src/k8s.io/csi-translation-lib/CONTRIBUTING.md +++ b/staging/src/k8s.io/csi-translation-lib/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/csi-api](https://git.k8s.io/kubernetes/staging/src/k8s.io/csi-api) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information. +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information. diff --git a/staging/src/k8s.io/csi-translation-lib/Godeps/Godeps.json b/staging/src/k8s.io/csi-translation-lib/Godeps/Godeps.json index e3385165391..75a383f117c 100644 --- a/staging/src/k8s.io/csi-translation-lib/Godeps/Godeps.json +++ b/staging/src/k8s.io/csi-translation-lib/Godeps/Godeps.json @@ -142,6 +142,10 @@ "ImportPath": "k8s.io/apimachinery/third_party/forked/golang/reflect", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/cloud-provider/volume", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/klog", "Rev": "8139d8cb77af419532b33dfa7dd09fbc5f1d344f" diff --git a/staging/src/k8s.io/csi-translation-lib/Godeps/OWNERS b/staging/src/k8s.io/csi-translation-lib/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/csi-translation-lib/Godeps/OWNERS +++ b/staging/src/k8s.io/csi-translation-lib/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/csi-translation-lib/OWNERS b/staging/src/k8s.io/csi-translation-lib/OWNERS index ffaf7ecaa59..4a86b4784c9 100644 --- a/staging/src/k8s.io/csi-translation-lib/OWNERS +++ b/staging/src/k8s.io/csi-translation-lib/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - davidz627 - saad-ali diff --git a/staging/src/k8s.io/csi-translation-lib/plugins/BUILD b/staging/src/k8s.io/csi-translation-lib/plugins/BUILD index 3afa8d26e47..683440587dd 100644 --- a/staging/src/k8s.io/csi-translation-lib/plugins/BUILD +++ b/staging/src/k8s.io/csi-translation-lib/plugins/BUILD @@ -14,6 +14,7 @@ go_library( deps = [ "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume:go_default_library", ], ) diff --git a/staging/src/k8s.io/csi-translation-lib/plugins/gce_pd.go b/staging/src/k8s.io/csi-translation-lib/plugins/gce_pd.go index 9082b739366..ddf73ff1378 100644 --- a/staging/src/k8s.io/csi-translation-lib/plugins/gce_pd.go +++ b/staging/src/k8s.io/csi-translation-lib/plugins/gce_pd.go @@ -23,6 +23,7 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" + cloudvolume "k8s.io/cloud-provider/volume" ) const ( @@ -39,10 +40,6 @@ const ( volIDDiskNameValue = 5 volIDTotalElements = 6 - // LabelZoneFailureDomain is the label on PVs indicating the zone they are provisioned in - LabelZoneFailureDomain = "failure-domain.beta.kubernetes.io/zone" - // LabelMultiZoneDelimiter separates zones for RePD volumes - LabelMultiZoneDelimiter = "__" // UnspecifiedValue is used for an unknown zone string UnspecifiedValue = "UNSPECIFIED" ) @@ -72,8 +69,8 @@ func (g *gcePersistentDiskCSITranslator) TranslateInTreePVToCSI(pv *v1.Persisten return nil, fmt.Errorf("pv is nil or GCE Persistent Disk source not defined on pv") } - zonesLabel := pv.Labels[LabelZoneFailureDomain] - zones := strings.Split(zonesLabel, LabelMultiZoneDelimiter) + zonesLabel := pv.Labels[v1.LabelZoneFailureDomain] + zones := strings.Split(zonesLabel, cloudvolume.LabelMultiZoneDelimiter) if len(zones) == 1 && len(zones[0]) != 0 { // Zonal volID = fmt.Sprintf(volIDZonalFmt, UnspecifiedValue, zones[0], pv.Spec.GCEPersistentDisk.PDName) diff --git a/staging/src/k8s.io/kube-aggregator/CONTRIBUTING.md b/staging/src/k8s.io/kube-aggregator/CONTRIBUTING.md index 4466b66c992..78c3e2db99e 100644 --- a/staging/src/k8s.io/kube-aggregator/CONTRIBUTING.md +++ b/staging/src/k8s.io/kube-aggregator/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/kube-aggregator](https://git.k8s.io/kubernetes/staging/src/k8s.io/kube-aggregator) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json index 7a497ef629d..ba4ab7ec013 100644 --- a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json +++ b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json @@ -6,14 +6,6 @@ "./..." ], "Deps": [ - { - "ImportPath": "github.com/Azure/go-ansiterm", - "Rev": "d6e3b3328b783f23731bc4d058875b0371ff8109" - }, - { - "ImportPath": "github.com/Azure/go-ansiterm/winterm", - "Rev": "d6e3b3328b783f23731bc4d058875b0371ff8109" - }, { "ImportPath": "github.com/NYTimes/gziphandler", "Rev": "56545f4a5d46df9a6648819d1664c3a03a13ffdb" @@ -70,14 +62,6 @@ "ImportPath": "github.com/davecgh/go-spew/spew", "Rev": "782f4967f2dc4564575ca782fe2d04090b5faca8" }, - { - "ImportPath": "github.com/docker/docker/pkg/term", - "Rev": "a9fbbdc8dd8794b20af358382ab780559bca589d" - }, - { - "ImportPath": "github.com/docker/docker/pkg/term/windows", - "Rev": "a9fbbdc8dd8794b20af358382ab780559bca589d" - }, { "ImportPath": "github.com/docker/spdystream", "Rev": "449fdfce4d962303d702fec724ef0ad181c92528" @@ -96,7 +80,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/go-openapi/jsonpointer", @@ -154,10 +138,6 @@ "ImportPath": "github.com/golang/protobuf/ptypes/timestamp", "Rev": "b4deda0973fb4c70b50d226b1af49f3da59f5265" }, - { - "ImportPath": "github.com/google/btree", - "Rev": "7d79101e329e5a3adf994758c578dab82b90c017" - }, { "ImportPath": "github.com/google/gofuzz", "Rev": "24818f796faf91cd76ec7bddd72458fbced7a6c1" @@ -174,25 +154,17 @@ "ImportPath": "github.com/googleapis/gnostic/extensions", "Rev": "0c5108395e2debce0d731cf0287ddf7242066aba" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/grpc-ecosystem/go-grpc-prometheus", "Rev": "2500245aa6110c562d17020fb31a2c133d737799" }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/imdario/mergo", @@ -242,13 +214,9 @@ "ImportPath": "github.com/pborman/uuid", "Rev": "ca53cad383cad2479bbba7f7a1a05797ec1386e4" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/prometheus/client_golang/prometheus", @@ -282,10 +250,6 @@ "ImportPath": "github.com/prometheus/procfs/xfs", "Rev": "65c1f6f8f0fc1e2185eb9863a3bc751496404259" }, - { - "ImportPath": "github.com/sirupsen/logrus", - "Rev": "89742aefa4b206dcf400792f3bd35b542998eb3b" - }, { "ImportPath": "github.com/spf13/cobra", "Rev": "c439c4fa093711d42e1b01acb1235b52004753c1" @@ -618,6 +582,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1206,10 +1174,6 @@ "ImportPath": "k8s.io/apiserver/pkg/util/feature", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, - { - "ImportPath": "k8s.io/apiserver/pkg/util/flag", - "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" - }, { "ImportPath": "k8s.io/apiserver/pkg/util/flushwriter", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1394,6 +1358,10 @@ "ImportPath": "k8s.io/client-go/informers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/policy", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1550,6 +1518,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1662,6 +1634,10 @@ "ImportPath": "k8s.io/client-go/listers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1806,6 +1782,10 @@ "ImportPath": "k8s.io/client-go/util/workqueue", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/component-base/cli/flag", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/component-base/logs", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1816,31 +1796,31 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/aggregator", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/builder", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/common", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/handler", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/schemaconv", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/buffer", diff --git a/staging/src/k8s.io/kube-aggregator/Godeps/OWNERS b/staging/src/k8s.io/kube-aggregator/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/kube-aggregator/Godeps/OWNERS +++ b/staging/src/k8s.io/kube-aggregator/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/kube-aggregator/OWNERS b/staging/src/k8s.io/kube-aggregator/OWNERS index aac40258802..67bdbcc50ed 100644 --- a/staging/src/k8s.io/kube-aggregator/OWNERS +++ b/staging/src/k8s.io/kube-aggregator/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - lavalamp diff --git a/staging/src/k8s.io/kube-aggregator/hack/build-image.sh b/staging/src/k8s.io/kube-aggregator/hack/build-image.sh index ee09df3ebd1..cae43ecac10 100755 --- a/staging/src/k8s.io/kube-aggregator/hack/build-image.sh +++ b/staging/src/k8s.io/kube-aggregator/hack/build-image.sh @@ -14,8 +14,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +set -o errexit +set -o nounset +set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../../../../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../../../../.. source "${KUBE_ROOT}/hack/lib/util.sh" # Register function to be called on EXIT to remove generated binary. diff --git a/staging/src/k8s.io/kube-aggregator/hack/local-up-kube-aggregator.sh b/staging/src/k8s.io/kube-aggregator/hack/local-up-kube-aggregator.sh index 158d02affa3..fbe4b204ec6 100755 --- a/staging/src/k8s.io/kube-aggregator/hack/local-up-kube-aggregator.sh +++ b/staging/src/k8s.io/kube-aggregator/hack/local-up-kube-aggregator.sh @@ -20,7 +20,7 @@ set -o errexit set -o nounset set -o pipefail -AGG_ROOT=$(dirname "${BASH_SOURCE}")/.. +AGG_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. KUBE_ROOT=${AGG_ROOT}/../../../.. source "${KUBE_ROOT}/hack/lib/init.sh" @@ -68,10 +68,10 @@ function start_kube-aggregator { kubectl -n kube-public delete configmap etcd-ca kube-aggregator-ca client-ca request-header-ca > /dev/null 2>&1 || true kubectl -n kube-public delete -f "${AGG_ROOT}/artifacts/self-contained" > /dev/null 2>&1 || true - ${sudo} $(which kubectl) -n kube-public create secret tls auth-proxy-client --cert="${FRONT_PROXY_CLIENT_CERT}" --key="${FRONT_PROXY_CLIENT_KEY}" - ${sudo} $(which kubectl) -n kube-public create secret tls serving-etcd --cert="${AGGREGATOR_CERT_DIR}/serving-etcd.crt" --key="${AGGREGATOR_CERT_DIR}/serving-etcd.key" - ${sudo} $(which kubectl) -n kube-public create secret tls serving-kube-aggregator --cert="${SERVING_CERT}" --key="${SERVING_KEY}" - ${sudo} $(which kubectl) -n kube-public create secret tls kube-aggregator-etcd --cert="${AGGREGATOR_CERT_DIR}/client-kube-aggregator-etcd.crt" --key="${AGGREGATOR_CERT_DIR}/client-kube-aggregator-etcd.key" + ${sudo} "$(which kubectl)" -n kube-public create secret tls auth-proxy-client --cert="${FRONT_PROXY_CLIENT_CERT}" --key="${FRONT_PROXY_CLIENT_KEY}" + ${sudo} "$(which kubectl)" -n kube-public create secret tls serving-etcd --cert="${AGGREGATOR_CERT_DIR}/serving-etcd.crt" --key="${AGGREGATOR_CERT_DIR}/serving-etcd.key" + ${sudo} "$(which kubectl)" -n kube-public create secret tls serving-kube-aggregator --cert="${SERVING_CERT}" --key="${SERVING_KEY}" + ${sudo} "$(which kubectl)" -n kube-public create secret tls kube-aggregator-etcd --cert="${AGGREGATOR_CERT_DIR}/client-kube-aggregator-etcd.crt" --key="${AGGREGATOR_CERT_DIR}/client-kube-aggregator-etcd.key" kubectl -n kube-public create configmap etcd-ca --from-file="ca.crt=${AGGREGATOR_CERT_DIR}/etcd-ca.crt" || true kubectl -n kube-public create configmap kube-aggregator-ca --from-file="ca.crt=${SERVING_CERT_CA_CERT}" || true kubectl -n kube-public create configmap client-ca --from-file="ca.crt=${CLIENT_CERT_CA_CERT}" || true diff --git a/staging/src/k8s.io/kube-aggregator/hack/register-all-apis-from.sh b/staging/src/k8s.io/kube-aggregator/hack/register-all-apis-from.sh index fc20f937687..de98c81f157 100755 --- a/staging/src/k8s.io/kube-aggregator/hack/register-all-apis-from.sh +++ b/staging/src/k8s.io/kube-aggregator/hack/register-all-apis-from.sh @@ -36,7 +36,7 @@ function cleanup { trap cleanup EXIT -scriptDir=$(dirname "${BASH_SOURCE}") +scriptDir=$(dirname "${BASH_SOURCE[0]}") # this uses discovery from a kube-like API server to register ALL the API versions that server provides # first argument is reference to kube-config file that points the API server you're adding from @@ -53,38 +53,40 @@ AGG_KUBECONFIG=${4} caBundle=$(base64 /var/run/kubernetes/server-ca.crt | awk 'BEGIN{ORS="";} {print}') # if we have a /api endpoint, then we need to register that -if kubectl --kubeconfig=${FROM_KUBECONFIG} get --raw / | grep -q /api/v1; then +if kubectl --kubeconfig="${FROM_KUBECONFIG}" get --raw / | grep -q /api/v1; then group="" version="v1" resourceName=${version}.${group} - resourceFileName=${dir}/${resourceName}.yaml - cp ${scriptDir}/apiservice-template.yaml ${resourceFileName} - ${SED} -i "s/RESOURCE_NAME/${resourceName}/" ${resourceFileName} - ${SED} -i "s/API_GROUP/${group}/" ${resourceFileName} - ${SED} -i "s/API_VERSION/${version}/" ${resourceFileName} - ${SED} -i "s/SERVICE_NAMESPACE/${SERVICE_NAMESPACE}/" ${resourceFileName} - ${SED} -i "s/SERVICE_NAME/${SERVICE_NAME}/" ${resourceFileName} - ${SED} -i "s/CA_BUNDLE/${caBundle}/" ${resourceFileName} + resourceFileName="${dir}/${resourceName}.yaml" + cp "${scriptDir}/apiservice-template.yaml" "${resourceFileName}" + ${SED} -i "s/RESOURCE_NAME/${resourceName}/" "${resourceFileName}" + ${SED} -i "s/API_GROUP/${group}/" "${resourceFileName}" + ${SED} -i "s/API_VERSION/${version}/" "${resourceFileName}" + ${SED} -i "s/SERVICE_NAMESPACE/${SERVICE_NAMESPACE}/" "${resourceFileName}" + ${SED} -i "s/SERVICE_NAME/${SERVICE_NAME}/" "${resourceFileName}" + ${SED} -i "s/CA_BUNDLE/${caBundle}/" "${resourceFileName}" echo "registering ${resourceName} using ${resourceFileName}" - kubectl --kubeconfig=${AGG_KUBECONFIG} create -f ${resourceFileName} + kubectl --kubeconfig="${AGG_KUBECONFIG}" create -f "${resourceFileName}" fi -groupVersions=( $(kubectl --kubeconfig=${FROM_KUBECONFIG} get --raw / | grep /apis/ | sed 's/",.*//' | sed 's|.*"/apis/||' | grep '/') ) +while IFS=$'\n' read -r groupVersion; + do groupVersions+=("$groupVersion"); +done < <(kubectl get --raw / | grep /apis/ | sed 's/",.*//' | sed 's|.*"/apis/||' | grep '/') for groupVersion in "${groupVersions[@]}"; do - group=$(echo $groupVersion | awk -F/ '{print $1}') - version=$(echo $groupVersion | awk -F/ '{print $2}') + group=$(echo "$groupVersion" | awk -F/ '{print $1}') + version=$(echo "$groupVersion" | awk -F/ '{print $2}') resourceName=${version}.${group} resourceFileName=${dir}/${resourceName}.yaml - cp ${scriptDir}/apiservice-template.yaml ${resourceFileName} - ${SED} -i "s/RESOURCE_NAME/${resourceName}/" ${resourceFileName} - ${SED} -i "s/API_GROUP/${group}/" ${resourceFileName} - ${SED} -i "s/API_VERSION/${version}/" ${resourceFileName} - ${SED} -i "s/SERVICE_NAMESPACE/${SERVICE_NAMESPACE}/" ${resourceFileName} - ${SED} -i "s/SERVICE_NAME/${SERVICE_NAME}/" ${resourceFileName} - ${SED} -i "s/CA_BUNDLE/${caBundle}/" ${resourceFileName} + cp "${scriptDir}/apiservice-template.yaml" "${resourceFileName}" + ${SED} -i "s/RESOURCE_NAME/${resourceName}/" "${resourceFileName}" + ${SED} -i "s/API_GROUP/${group}/" "${resourceFileName}" + ${SED} -i "s/API_VERSION/${version}/" "${resourceFileName}" + ${SED} -i "s/SERVICE_NAMESPACE/${SERVICE_NAMESPACE}/" "${resourceFileName}" + ${SED} -i "s/SERVICE_NAME/${SERVICE_NAME}/" "${resourceFileName}" + ${SED} -i "s/CA_BUNDLE/${caBundle}/" "${resourceFileName}" echo "registering ${resourceName} using ${resourceFileName}" - kubectl --kubeconfig=${AGG_KUBECONFIG} create -f ${resourceFileName} + kubectl --kubeconfig="${AGG_KUBECONFIG}" create -f "${resourceFileName}" done diff --git a/staging/src/k8s.io/kube-aggregator/hack/update-codegen.sh b/staging/src/k8s.io/kube-aggregator/hack/update-codegen.sh index 97388362d23..d50f15cfdb3 100755 --- a/staging/src/k8s.io/kube-aggregator/hack/update-codegen.sh +++ b/staging/src/k8s.io/kube-aggregator/hack/update-codegen.sh @@ -18,22 +18,22 @@ set -o errexit set -o nounset set -o pipefail -SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/.. -CODEGEN_PKG=${CODEGEN_PKG:-$(cd ${SCRIPT_ROOT}; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} CLIENTSET_NAME_VERSIONED=clientset \ CLIENTSET_PKG_NAME=clientset_generated \ -${CODEGEN_PKG}/generate-groups.sh deepcopy,client,lister,informer \ +"${CODEGEN_PKG}/generate-groups.sh" deepcopy,client,lister,informer \ k8s.io/kube-aggregator/pkg/client k8s.io/kube-aggregator/pkg/apis \ "apiregistration:v1beta1,v1" \ - --output-base "$(dirname ${BASH_SOURCE})/../../.." \ - --go-header-file ${SCRIPT_ROOT}/hack/boilerplate.go.txt + --output-base "$(dirname "${BASH_SOURCE[0]}")/../../.." \ + --go-header-file "${SCRIPT_ROOT}/hack/boilerplate.go.txt" CLIENTSET_NAME_VERSIONED=clientset \ CLIENTSET_PKG_NAME=clientset_generated \ CLIENTSET_NAME_INTERNAL=internalclientset \ -${CODEGEN_PKG}/generate-internal-groups.sh deepcopy,client,lister,informer,conversion \ +"${CODEGEN_PKG}/generate-internal-groups.sh" deepcopy,client,lister,informer,conversion \ k8s.io/kube-aggregator/pkg/client k8s.io/kube-aggregator/pkg/apis k8s.io/kube-aggregator/pkg/apis \ "apiregistration:v1beta1,v1" \ - --output-base "$(dirname ${BASH_SOURCE})/../../.." \ - --go-header-file ${SCRIPT_ROOT}/hack/boilerplate.go.txt + --output-base "$(dirname "${BASH_SOURCE[0]}")/../../.." \ + --go-header-file "${SCRIPT_ROOT}/hack/boilerplate.go.txt" diff --git a/staging/src/k8s.io/kube-aggregator/hack/verify-codegen.sh b/staging/src/k8s.io/kube-aggregator/hack/verify-codegen.sh index 9fae05895f0..fb4bc53081b 100755 --- a/staging/src/k8s.io/kube-aggregator/hack/verify-codegen.sh +++ b/staging/src/k8s.io/kube-aggregator/hack/verify-codegen.sh @@ -18,8 +18,7 @@ set -o errexit set -o nounset set -o pipefail -SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")/.. -SCRIPT_BASE=${SCRIPT_ROOT}/../.. +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. DIFFROOT="${SCRIPT_ROOT}/pkg" TMP_DIFFROOT="${SCRIPT_ROOT}/_tmp/pkg" diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/OWNERS b/staging/src/k8s.io/kube-aggregator/pkg/apis/OWNERS index bae178f8175..38336c177f9 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/OWNERS +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/doc.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/doc.go index 3bd2bc737c8..394bcbc8ef8 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/doc.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/doc.go @@ -17,5 +17,5 @@ limitations under the License. // +k8s:deepcopy-gen=package // +groupName=apiregistration.k8s.io -// Package api is the internal version of the API. +// Package apiregistration is the internal version of the API. package apiregistration // import "k8s.io/kube-aggregator/pkg/apis/apiregistration" diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers.go index 488ce21330e..0f1d6bc6e11 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers.go @@ -25,6 +25,10 @@ import ( "k8s.io/apimachinery/pkg/version" ) +// SortedByGroupAndVersion sorts APIServices into their different groups, and then sorts them based on their versions. +// For example, the first element of the first array contains the APIService with the highest version number, in the +// group with the highest priority; while the last element of the last array contains the APIService with the lowest +// version number, in the group with the lowest priority. func SortedByGroupAndVersion(servers []*APIService) [][]*APIService { serversByGroupPriorityMinimum := ByGroupPriorityMinimum(servers) sort.Sort(serversByGroupPriorityMinimum) diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers_test.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers_test.go index 59b0ed61dee..8553b9db553 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers_test.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/helpers_test.go @@ -38,13 +38,13 @@ func TestGetAPIServiceConditionByType(t *testing.T) { }{ { name: "Should find a matching condition from apiService", - apiService: makeNewApiService("v1", 100, conditionA, conditionB), + apiService: makeNewAPIService("v1", 100, conditionA, conditionB), conditionType: a, expectedCondition: &conditionA, }, { name: "Should not find a matching condition", - apiService: makeNewApiService("v1", 100, conditionA), + apiService: makeNewAPIService("v1", 100, conditionA), conditionType: b, expectedCondition: nil, }, @@ -69,19 +69,19 @@ func TestIsAPIServiceConditionTrue(t *testing.T) { }{ { name: "Should return false when condition of type is not present", - apiService: makeNewApiService("v1", 100), + apiService: makeNewAPIService("v1", 100), conditionType: a, expected: false, }, { name: "Should return false when condition of type is present but status is not ConditionTrue", - apiService: makeNewApiService("v1", 100, conditionAFalse), + apiService: makeNewAPIService("v1", 100, conditionAFalse), conditionType: a, expected: false, }, { name: "Should return false when condition of type is present but status is not ConditionTrue", - apiService: makeNewApiService("v1", 100, conditionATrue), + apiService: makeNewAPIService("v1", 100, conditionATrue), conditionType: a, expected: true, }, @@ -109,7 +109,7 @@ func TestSetAPIServiceCondition(t *testing.T) { }{ { name: "Should set a new condition with type where previously there was no condition of that type", - apiService: makeNewApiService("v1", 100), + apiService: makeNewAPIService("v1", 100), conditionType: a, initialCondition: nil, setCondition: conditionA1, @@ -117,7 +117,7 @@ func TestSetAPIServiceCondition(t *testing.T) { }, { name: "Should override a condition of type, when a condition of that type existed previously", - apiService: makeNewApiService("v1", 100, conditionA1), + apiService: makeNewAPIService("v1", 100, conditionA1), conditionType: a, initialCondition: &conditionA1, setCondition: conditionA2, @@ -175,7 +175,7 @@ func TestSortedAPIServicesByVersion(t *testing.T) { for _, tc := range tests { apiServices := make([]*APIService, 0) for _, v := range tc.versions { - apiServices = append(apiServices, makeNewApiService(v, 100)) + apiServices = append(apiServices, makeNewAPIService(v, 100)) } sortedServices := SortedByGroupAndVersion(apiServices) actual := make([]string, 0) @@ -188,7 +188,7 @@ func TestSortedAPIServicesByVersion(t *testing.T) { } } -func makeNewApiService(version string, priority int32, conditions ...APIServiceCondition) *APIService { +func makeNewAPIService(version string, priority int32, conditions ...APIServiceCondition) *APIService { status := APIServiceStatus{Conditions: conditions} return &APIService{Spec: APIServiceSpec{Version: version, VersionPriority: priority}, Status: status} } diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/register.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/register.go index 2ab61e9b4fe..7b88df42fa2 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/register.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/register.go @@ -21,6 +21,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) +// GroupName is the API group for apiregistration const GroupName = "apiregistration.k8s.io" // SchemeGroupVersion is group version used to register these objects @@ -37,8 +38,10 @@ func Resource(resource string) schema.GroupResource { } var ( + // SchemeBuilder is the scheme builder with scheme init functions to run for this API package SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme + // AddToScheme is a common registration function for mapping packaged scoped group & version keys to a scheme + AddToScheme = SchemeBuilder.AddToScheme ) // Adds the list of known types to the given scheme. diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go index 459edfe763c..a8e345f81b9 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go @@ -57,7 +57,7 @@ type APIServiceSpec struct { // +optional CABundle []byte - // GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. + // GroupPriorityMinimum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. // Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. // The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). // The secondary sort is based on the alphabetical comparison of the name of the object. (v1.bar before v1.foo) @@ -78,6 +78,7 @@ type APIServiceSpec struct { VersionPriority int32 } +// ConditionStatus indicates the status of a condition (true, false, or unknown). type ConditionStatus string // These are valid condition statuses. "ConditionTrue" means a resource is in the condition; @@ -90,7 +91,7 @@ const ( ConditionUnknown ConditionStatus = "Unknown" ) -// APIConditionConditionType is a valid value for APIServiceCondition.Type +// APIServiceConditionType is a valid value for APIServiceCondition.Type type APIServiceConditionType string const ( diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto index f33fc31dc70..120215725bc 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto @@ -40,6 +40,7 @@ message APIService { optional APIServiceStatus status = 3; } +// APIServiceCondition describes the state of an APIService at a particular point message APIServiceCondition { // Type is the type of the condition. optional string type = 1; diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/register.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/register.go index 70d277fdf41..cab9dff6648 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/register.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/register.go @@ -22,6 +22,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) +// GroupName is the API group for apiregistration const GroupName = "apiregistration.k8s.io" // SchemeGroupVersion is group version used to register these objects @@ -33,11 +34,13 @@ func Resource(resource string) schema.GroupResource { } var ( + // SchemeBuilder is the scheme builder with scheme init functions to run for this API package // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api. // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme + // AddToScheme is a common registration function for mapping packaged scoped group & version keys to a scheme + AddToScheme = localSchemeBuilder.AddToScheme ) func init() { diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go index 171ed303acc..0a87c9fae3d 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go @@ -81,6 +81,7 @@ type APIServiceSpec struct { // Priority int64 `json:"priority" protobuf:"varint,6,opt,name=priority"` } +// ConditionStatus indicates the status of a condition (true, false, or unknown). type ConditionStatus string // These are valid condition statuses. "ConditionTrue" means a resource is in the condition; @@ -93,7 +94,7 @@ const ( ConditionUnknown ConditionStatus = "Unknown" ) -// APIConditionConditionType is a valid value for APIServiceCondition.Type +// APIServiceConditionType is a valid value for APIServiceCondition.Type type APIServiceConditionType string const ( @@ -101,6 +102,7 @@ const ( Available APIServiceConditionType = "Available" ) +// APIServiceCondition describes the state of an APIService at a particular point type APIServiceCondition struct { // Type is the type of the condition. Type APIServiceConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=APIServiceConditionType"` diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/generated.proto b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/generated.proto index d3b30e742b9..a0214537a6e 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/generated.proto +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/generated.proto @@ -40,6 +40,7 @@ message APIService { optional APIServiceStatus status = 3; } +// APIServiceCondition describes the state of an APIService at a particular point message APIServiceCondition { // Type is the type of the condition. optional string type = 1; diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/register.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/register.go index 38babafa9ea..f6a9fabb07e 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/register.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/register.go @@ -22,6 +22,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) +// GroupName is the API group for apiregistration const GroupName = "apiregistration.k8s.io" // SchemeGroupVersion is group version used to register these objects @@ -33,11 +34,13 @@ func Resource(resource string) schema.GroupResource { } var ( + // SchemeBuilder is the scheme builder with scheme init functions to run for this API package // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api. // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme + // AddToScheme is a common registration function for mapping packaged scoped group & version keys to a scheme + AddToScheme = localSchemeBuilder.AddToScheme ) func init() { diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go index a95c5642d9b..02bddab23ab 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go @@ -81,6 +81,7 @@ type APIServiceSpec struct { // Priority int64 `json:"priority" protobuf:"varint,6,opt,name=priority"` } +// ConditionStatus indicates the status of a condition (true, false, or unknown). type ConditionStatus string // These are valid condition statuses. "ConditionTrue" means a resource is in the condition; @@ -93,7 +94,7 @@ const ( ConditionUnknown ConditionStatus = "Unknown" ) -// APIConditionConditionType is a valid value for APIServiceCondition.Type +// APIServiceConditionType is a valid value for APIServiceCondition.Type type APIServiceConditionType string const ( @@ -101,6 +102,7 @@ const ( Available APIServiceConditionType = "Available" ) +// APIServiceCondition describes the state of an APIService at a particular point type APIServiceCondition struct { // Type is the type of the condition. Type APIServiceConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=APIServiceConditionType"` diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/validation/validation.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/validation/validation.go index 725cf71337f..0ffa3fc9186 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/validation/validation.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/validation/validation.go @@ -27,6 +27,7 @@ import ( "k8s.io/kube-aggregator/pkg/apis/apiregistration" ) +// ValidateAPIService validates that the APIService is correctly defined. func ValidateAPIService(apiService *apiregistration.APIService) field.ErrorList { requiredName := apiService.Spec.Version + "." + apiService.Spec.Group @@ -88,6 +89,7 @@ func ValidateAPIService(apiService *apiregistration.APIService) field.ErrorList return allErrs } +// ValidateAPIServiceUpdate validates an update of APIService. func ValidateAPIServiceUpdate(newAPIService *apiregistration.APIService, oldAPIService *apiregistration.APIService) field.ErrorList { allErrs := validation.ValidateObjectMetaUpdate(&newAPIService.ObjectMeta, &oldAPIService.ObjectMeta, field.NewPath("metadata")) allErrs = append(allErrs, ValidateAPIService(newAPIService)...) @@ -95,6 +97,7 @@ func ValidateAPIServiceUpdate(newAPIService *apiregistration.APIService, oldAPIS return allErrs } +// ValidateAPIServiceStatus validates that the APIService status is one of 'True', 'False' or 'Unknown'. func ValidateAPIServiceStatus(status *apiregistration.APIServiceStatus, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} @@ -110,6 +113,7 @@ func ValidateAPIServiceStatus(status *apiregistration.APIServiceStatus, fldPath return allErrs } +// ValidateAPIServiceStatusUpdate validates an update of the status field of APIService. func ValidateAPIServiceStatusUpdate(newAPIService *apiregistration.APIService, oldAPIService *apiregistration.APIService) field.ErrorList { allErrs := validation.ValidateObjectMetaUpdate(&newAPIService.ObjectMeta, &oldAPIService.ObjectMeta, field.NewPath("metadata")) allErrs = append(allErrs, ValidateAPIServiceStatus(&newAPIService.Status, field.NewPath("status"))...) diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/BUILD b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/BUILD index aa5763bd528..a931e6fc793 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/BUILD +++ b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/BUILD @@ -78,6 +78,7 @@ go_library( "//staging/src/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/controllers:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi:go_default_library", + "//staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/controllers/status:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/rest:go_default_library", "//vendor/k8s.io/klog:go_default_library", diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go index 0741e5486d6..a135cd93ecb 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go @@ -35,6 +35,7 @@ import ( informers "k8s.io/kube-aggregator/pkg/client/informers/internalversion" listers "k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion" openapicontroller "k8s.io/kube-aggregator/pkg/controllers/openapi" + openapiaggregator "k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator" statuscontrollers "k8s.io/kube-aggregator/pkg/controllers/status" apiservicerest "k8s.io/kube-aggregator/pkg/registry/apiservice/rest" ) @@ -56,6 +57,7 @@ func init() { // legacyAPIServiceName is the fixed name of the only non-groupified API version const legacyAPIServiceName = "v1." +// ExtraConfig represents APIServices-specific configuration type ExtraConfig struct { // ProxyClientCert/Key are the client cert used to identify this proxy. Backing APIServices use // this to confirm the proxy's identity @@ -70,6 +72,7 @@ type ExtraConfig struct { ServiceResolver ServiceResolver } +// Config represents the configuration needed to create an APIAggregator. type Config struct { GenericConfig *genericapiserver.RecommendedConfig ExtraConfig ExtraConfig @@ -80,6 +83,7 @@ type completedConfig struct { ExtraConfig *ExtraConfig } +// CompletedConfig same as Config, just to swap private object. type CompletedConfig struct { // Embed a private pointer that cannot be instantiated outside of this package. *completedConfig @@ -131,11 +135,11 @@ func (cfg *Config) Complete() CompletedConfig { return CompletedConfig{&c} } -// New returns a new instance of APIAggregator from the given config. +// NewWithDelegate returns a new instance of APIAggregator from the given config. func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.DelegationTarget) (*APIAggregator, error) { // Prevent generic API server to install OpenAPI handler. Aggregator server // has its own customized OpenAPI handler. - openApiConfig := c.GenericConfig.OpenAPIConfig + openAPIConfig := c.GenericConfig.OpenAPIConfig c.GenericConfig.OpenAPIConfig = nil genericServer, err := c.GenericConfig.New("kube-aggregator", delegationTarget) @@ -187,35 +191,35 @@ func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.Deleg s.serviceResolver, ) - s.GenericAPIServer.AddPostStartHook("start-kube-aggregator-informers", func(context genericapiserver.PostStartHookContext) error { + s.GenericAPIServer.AddPostStartHookOrDie("start-kube-aggregator-informers", func(context genericapiserver.PostStartHookContext) error { informerFactory.Start(context.StopCh) c.GenericConfig.SharedInformerFactory.Start(context.StopCh) return nil }) - s.GenericAPIServer.AddPostStartHook("apiservice-registration-controller", func(context genericapiserver.PostStartHookContext) error { + s.GenericAPIServer.AddPostStartHookOrDie("apiservice-registration-controller", func(context genericapiserver.PostStartHookContext) error { go apiserviceRegistrationController.Run(context.StopCh) return nil }) - s.GenericAPIServer.AddPostStartHook("apiservice-status-available-controller", func(context genericapiserver.PostStartHookContext) error { + s.GenericAPIServer.AddPostStartHookOrDie("apiservice-status-available-controller", func(context genericapiserver.PostStartHookContext) error { // if we end up blocking for long periods of time, we may need to increase threadiness. go availableController.Run(5, context.StopCh) return nil }) - if openApiConfig != nil { - specDownloader := openapicontroller.NewDownloader() - openAPIAggregator, err := openapicontroller.BuildAndRegisterAggregator( + if openAPIConfig != nil { + specDownloader := openapiaggregator.NewDownloader() + openAPIAggregator, err := openapiaggregator.BuildAndRegisterAggregator( &specDownloader, delegationTarget, s.GenericAPIServer.Handler.GoRestfulContainer.RegisteredWebServices(), - openApiConfig, + openAPIConfig, s.GenericAPIServer.Handler.NonGoRestfulMux) if err != nil { return nil, err } s.openAPIAggregationController = openapicontroller.NewAggregationController(&specDownloader, openAPIAggregator) - s.GenericAPIServer.AddPostStartHook("apiservice-openapi-controller", func(context genericapiserver.PostStartHookContext) error { + s.GenericAPIServer.AddPostStartHookOrDie("apiservice-openapi-controller", func(context genericapiserver.PostStartHookContext) error { go s.openAPIAggregationController.Run(context.StopCh) return nil }) @@ -305,6 +309,7 @@ func (s *APIAggregator) RemoveAPIService(apiServiceName string) { // We don't need this right away because the handler properly delegates when no versions are present } +// DefaultAPIResourceConfigSource returns default configuration for an APIResource. func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig { ret := serverstorage.NewResourceConfig() // NOTE: GroupVersions listed here will be enabled by default. Don't put alpha versions in the list. diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go index f0b61a67c30..b74143fea31 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go @@ -34,11 +34,13 @@ import ( "k8s.io/kube-aggregator/pkg/controllers" ) +// APIHandlerManager defines the behaviour that an API handler should have. type APIHandlerManager interface { AddAPIService(apiService *apiregistration.APIService) error RemoveAPIService(apiServiceName string) } +// APIServiceRegistrationController is responsible for registering and removing API services. type APIServiceRegistrationController struct { apiHandlerManager APIHandlerManager @@ -51,6 +53,7 @@ type APIServiceRegistrationController struct { queue workqueue.RateLimitingInterface } +// NewAPIServiceRegistrationController returns a new APIServiceRegistrationController. func NewAPIServiceRegistrationController(apiServiceInformer informers.APIServiceInformer, apiHandlerManager APIHandlerManager) *APIServiceRegistrationController { c := &APIServiceRegistrationController{ apiHandlerManager: apiHandlerManager, @@ -83,6 +86,7 @@ func (c *APIServiceRegistrationController) sync(key string) error { return c.apiHandlerManager.AddAPIService(apiService) } +// Run starts APIServiceRegistrationController which will process all registration requests until stopCh is closed. func (c *APIServiceRegistrationController) Run(stopCh <-chan struct{}) { defer utilruntime.HandleCrash() defer c.queue.ShutDown() diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy_test.go b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy_test.go index b4ed4b77bdc..aa54adfff30 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy_test.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy_test.go @@ -399,12 +399,12 @@ func TestProxyUpgrade(t *testing.T) { })) backendServer := httptest.NewUnstartedServer(backendHandler) - if cert, err := tls.X509KeyPair(svcCrt, svcKey); err != nil { + cert, err := tls.X509KeyPair(svcCrt, svcKey) + if err != nil { t.Errorf("https (valid hostname): %v", err) return - } else { - backendServer.TLS = &tls.Config{Certificates: []tls.Certificate{cert}} } + backendServer.TLS = &tls.Config{Certificates: []tls.Certificate{cert}} backendServer.StartTLS() defer backendServer.Close() diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/resolvers.go b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/resolvers.go index 532bc7f6157..587b8a208d5 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/resolvers.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/resolvers.go @@ -46,7 +46,7 @@ func (r *aggregatorEndpointRouting) ResolveEndpoint(namespace, name string) (*ur return proxy.ResolveEndpoint(r.services, r.endpoints, namespace, name) } -// NewEndpointServiceResolver returns a ServiceResolver that directly calls the +// NewClusterIPServiceResolver returns a ServiceResolver that directly calls the // service's cluster IP. func NewClusterIPServiceResolver(services listersv1.ServiceLister) ServiceResolver { return &aggregatorClusterRouting{ diff --git a/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go b/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go index e40f37136d3..9dd8d7021f7 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go @@ -36,6 +36,7 @@ import ( const defaultEtcdPathPrefix = "/registry/kube-aggregator.kubernetes.io/" +// AggregatorOptions contains everything necessary to create and run an API Aggregator. type AggregatorOptions struct { RecommendedOptions *genericoptions.RecommendedOptions APIEnablement *genericoptions.APIEnablementOptions @@ -99,6 +100,7 @@ func NewDefaultOptions(out, err io.Writer) *AggregatorOptions { return o } +// Validate validates all the required options. func (o AggregatorOptions) Validate(args []string) error { errors := []error{} errors = append(errors, o.RecommendedOptions.Validate()...) @@ -106,10 +108,12 @@ func (o AggregatorOptions) Validate(args []string) error { return utilerrors.NewAggregate(errors) } +// Complete fills in missing Options. func (o *AggregatorOptions) Complete() error { return nil } +// RunAggregator runs the API Aggregator. func (o AggregatorOptions) RunAggregator(stopCh <-chan struct{}) error { // TODO have a "real" external address if err := o.RecommendedOptions.SecureServing.MaybeDefaultWithSelfSignedCerts("localhost", nil, nil); err != nil { @@ -118,7 +122,7 @@ func (o AggregatorOptions) RunAggregator(stopCh <-chan struct{}) error { serverConfig := genericapiserver.NewRecommendedConfig(aggregatorscheme.Codecs) - if err := o.RecommendedOptions.ApplyTo(serverConfig, aggregatorscheme.Scheme); err != nil { + if err := o.RecommendedOptions.ApplyTo(serverConfig); err != nil { return err } if err := o.APIEnablement.ApplyTo(&serverConfig.Config, apiserver.DefaultAPIResourceConfigSource(), aggregatorscheme.Scheme); err != nil { diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/autoregister/autoregister_controller.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/autoregister/autoregister_controller.go index 3815c7d4635..52776e72f04 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/controllers/autoregister/autoregister_controller.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/autoregister/autoregister_controller.go @@ -39,6 +39,7 @@ import ( ) const ( + // AutoRegisterManagedLabel is a label attached to the APIService that identifies how the APIService wants to be synced. AutoRegisterManagedLabel = "kube-aggregator.kubernetes.io/automanaged" // manageOnStart is a value for the AutoRegisterManagedLabel that indicates the APIService wants to be synced one time when the controller starts. @@ -81,6 +82,7 @@ type autoRegisterController struct { queue workqueue.RateLimitingInterface } +// NewAutoRegisterController creates a new autoRegisterController. func NewAutoRegisterController(apiServiceInformer informers.APIServiceInformer, apiServiceClient apiregistrationclient.APIServicesGetter) *autoRegisterController { c := &autoRegisterController{ apiServiceLister: apiServiceInformer.Lister(), @@ -127,6 +129,7 @@ func NewAutoRegisterController(apiServiceInformer informers.APIServiceInformer, return c } +// Run starts the autoregister controller in a loop which syncs API services until stopCh is closed. func (c *autoRegisterController) Run(threadiness int, stopCh <-chan struct{}) { // don't let panics crash the process defer utilruntime.HandleCrash() @@ -267,6 +270,7 @@ func (c *autoRegisterController) checkAPIService(name string) (err error) { return err } +// GetAPIServiceToSync gets a single API service to sync. func (c *autoRegisterController) GetAPIServiceToSync(name string) *apiregistration.APIService { c.apiServicesToSyncLock.RLock() defer c.apiServicesToSyncLock.RUnlock() @@ -274,10 +278,12 @@ func (c *autoRegisterController) GetAPIServiceToSync(name string) *apiregistrati return c.apiServicesToSync[name] } +// AddAPIServiceToSyncOnStart registers an API service to sync only when the controller starts. func (c *autoRegisterController) AddAPIServiceToSyncOnStart(in *apiregistration.APIService) { c.addAPIServiceToSync(in, manageOnStart) } +// AddAPIServiceToSync registers an API service to sync continuously. func (c *autoRegisterController) AddAPIServiceToSync(in *apiregistration.APIService) { c.addAPIServiceToSync(in, manageContinuously) } @@ -296,6 +302,7 @@ func (c *autoRegisterController) addAPIServiceToSync(in *apiregistration.APIServ c.queue.Add(apiService.Name) } +// RemoveAPIServiceToSync deletes a registered APIService. func (c *autoRegisterController) RemoveAPIServiceToSync(name string) { c.apiServicesToSyncLock.Lock() defer c.apiServicesToSyncLock.Unlock() diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD index 9a4bef259a2..6115841cb9a 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD @@ -1,41 +1,18 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") +load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = [ - "aggregator.go", - "controller.go", - "downloader.go", - ], + srcs = ["controller.go"], importmap = "k8s.io/kubernetes/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi", importpath = "k8s.io/kube-aggregator/pkg/controllers/openapi", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/authentication/user:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/endpoints/request:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", "//staging/src/k8s.io/client-go/util/workqueue:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library", - "//vendor/github.com/emicklei/go-restful:go_default_library", - "//vendor/github.com/go-openapi/spec:go_default_library", + "//staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator:go_default_library", "//vendor/k8s.io/klog:go_default_library", - "//vendor/k8s.io/kube-openapi/pkg/aggregator:go_default_library", - "//vendor/k8s.io/kube-openapi/pkg/builder:go_default_library", - "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library", - "//vendor/k8s.io/kube-openapi/pkg/handler:go_default_library", - ], -) - -go_test( - name = "go_default_test", - srcs = ["aggregator_test.go"], - embed = [":go_default_library"], - deps = [ - "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library", - "//vendor/github.com/go-openapi/spec:go_default_library", - "//vendor/github.com/stretchr/testify/assert:go_default_library", ], ) @@ -48,7 +25,10 @@ filegroup( filegroup( name = "all-srcs", - srcs = [":package-srcs"], + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator:all-srcs", + ], tags = ["automanaged"], visibility = ["//visibility:public"], ) diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/BUILD b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/BUILD new file mode 100644 index 00000000000..01e155402ff --- /dev/null +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/BUILD @@ -0,0 +1,53 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = [ + "aggregator.go", + "downloader.go", + "priority.go", + ], + importmap = "k8s.io/kubernetes/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator", + importpath = "k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/apiserver/pkg/authentication/user:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/endpoints/request:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", + "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library", + "//vendor/github.com/emicklei/go-restful:go_default_library", + "//vendor/github.com/go-openapi/spec:go_default_library", + "//vendor/k8s.io/kube-openapi/pkg/aggregator:go_default_library", + "//vendor/k8s.io/kube-openapi/pkg/builder:go_default_library", + "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library", + "//vendor/k8s.io/kube-openapi/pkg/handler:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = [ + "downloader_test.go", + "priority_test.go", + ], + embed = [":go_default_library"], + deps = [ + "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library", + "//vendor/github.com/go-openapi/spec:go_default_library", + "//vendor/github.com/stretchr/testify/assert:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/aggregator.go similarity index 75% rename from staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator.go rename to staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/aggregator.go index 343cdee3ddd..ca36b8e7902 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/aggregator.go @@ -14,12 +14,11 @@ See the License for the specific language governing permissions and limitations under the License. */ -package openapi +package aggregator import ( "fmt" "net/http" - "sort" "sync" "time" @@ -34,6 +33,15 @@ import ( "k8s.io/kube-openapi/pkg/handler" ) +// SpecAggregator calls out to http handlers of APIServices and merges specs. It keeps state of the last +// known specs including the http etag. +type SpecAggregator interface { + AddUpdateAPIService(handler http.Handler, apiService *apiregistration.APIService) error + UpdateAPIServiceSpec(apiServiceName string, spec *spec.Swagger, etag string) error + RemoveAPIServiceSpec(apiServiceName string) error + GetAPIServiceInfo(apiServiceName string) (handler http.Handler, etag string, exists bool) +} + const ( aggregatorUser = "system:aggregator" specDownloadTimeout = 60 * time.Second @@ -43,42 +51,16 @@ const ( locallyGeneratedEtagPrefix = "\"6E8F849B434D4B98A569B9D7718876E9-" ) -type specAggregator struct { - // mutex protects all members of this struct. - rwMutex sync.RWMutex - - // Map of API Services' OpenAPI specs by their name - openAPISpecs map[string]*openAPISpecInfo - - // provided for dynamic OpenAPI spec - openAPIVersionedService *handler.OpenAPIService -} - -var _ AggregationManager = &specAggregator{} - -// This function is not thread safe as it only being called on startup. -func (s *specAggregator) addLocalSpec(spec *spec.Swagger, localHandler http.Handler, name, etag string) { - localAPIService := apiregistration.APIService{} - localAPIService.Name = name - s.openAPISpecs[name] = &openAPISpecInfo{ - etag: etag, - apiService: localAPIService, - handler: localHandler, - spec: spec, - } -} - // BuildAndRegisterAggregator registered OpenAPI aggregator handler. This function is not thread safe as it only being called on startup. func BuildAndRegisterAggregator(downloader *Downloader, delegationTarget server.DelegationTarget, webServices []*restful.WebService, - config *common.Config, pathHandler common.PathHandler) (AggregationManager, error) { + config *common.Config, pathHandler common.PathHandler) (SpecAggregator, error) { s := &specAggregator{ openAPISpecs: map[string]*openAPISpecInfo{}, } i := 0 // Build Aggregator's spec - aggregatorOpenAPISpec, err := builder.BuildOpenAPISpec( - webServices, config) + aggregatorOpenAPISpec, err := builder.BuildOpenAPISpec(webServices, config) if err != nil { return nil, err } @@ -118,6 +100,31 @@ func BuildAndRegisterAggregator(downloader *Downloader, delegationTarget server. return s, nil } +type specAggregator struct { + // mutex protects all members of this struct. + rwMutex sync.RWMutex + + // Map of API Services' OpenAPI specs by their name + openAPISpecs map[string]*openAPISpecInfo + + // provided for dynamic OpenAPI spec + openAPIVersionedService *handler.OpenAPIService +} + +var _ SpecAggregator = &specAggregator{} + +// This function is not thread safe as it only being called on startup. +func (s *specAggregator) addLocalSpec(spec *spec.Swagger, localHandler http.Handler, name, etag string) { + localAPIService := apiregistration.APIService{} + localAPIService.Name = name + s.openAPISpecs[name] = &openAPISpecInfo{ + etag: etag, + apiService: localAPIService, + handler: localHandler, + spec: spec, + } +} + // openAPISpecInfo is used to store OpenAPI spec with its priority. // It can be used to sort specs with their priorities. type openAPISpecInfo struct { @@ -129,59 +136,6 @@ type openAPISpecInfo struct { etag string } -// byPriority can be used in sort.Sort to sort specs with their priorities. -type byPriority struct { - specs []openAPISpecInfo - groupPriorities map[string]int32 -} - -func (a byPriority) Len() int { return len(a.specs) } -func (a byPriority) Swap(i, j int) { a.specs[i], a.specs[j] = a.specs[j], a.specs[i] } -func (a byPriority) Less(i, j int) bool { - // All local specs will come first - if a.specs[i].apiService.Spec.Service == nil && a.specs[j].apiService.Spec.Service != nil { - return true - } - if a.specs[i].apiService.Spec.Service != nil && a.specs[j].apiService.Spec.Service == nil { - return false - } - // WARNING: This will result in not following priorities for local APIServices. - if a.specs[i].apiService.Spec.Service == nil { - // Sort local specs with their name. This is the order in the delegation chain (aggregator first). - return a.specs[i].apiService.Name < a.specs[j].apiService.Name - } - var iPriority, jPriority int32 - if a.specs[i].apiService.Spec.Group == a.specs[j].apiService.Spec.Group { - iPriority = a.specs[i].apiService.Spec.VersionPriority - jPriority = a.specs[i].apiService.Spec.VersionPriority - } else { - iPriority = a.groupPriorities[a.specs[i].apiService.Spec.Group] - jPriority = a.groupPriorities[a.specs[j].apiService.Spec.Group] - } - if iPriority != jPriority { - // Sort by priority, higher first - return iPriority > jPriority - } - // Sort by service name. - return a.specs[i].apiService.Name < a.specs[j].apiService.Name -} - -func sortByPriority(specs []openAPISpecInfo) { - b := byPriority{ - specs: specs, - groupPriorities: map[string]int32{}, - } - for _, spec := range specs { - if spec.apiService.Spec.Service == nil { - continue - } - if pr, found := b.groupPriorities[spec.apiService.Spec.Group]; !found || spec.apiService.Spec.GroupPriorityMinimum > pr { - b.groupPriorities[spec.apiService.Spec.Group] = spec.apiService.Spec.GroupPriorityMinimum - } - } - sort.Sort(b) -} - // buildOpenAPISpec aggregates all OpenAPI specs. It is not thread-safe. The caller is responsible to hold proper locks. func (s *specAggregator) buildOpenAPISpec() (specToReturn *spec.Swagger, err error) { specs := []openAPISpecInfo{} @@ -196,13 +150,12 @@ func (s *specAggregator) buildOpenAPISpec() (specToReturn *spec.Swagger, err err } sortByPriority(specs) for _, specInfo := range specs { - // TODO: Make kube-openapi.MergeSpec(s) accept nil or empty spec as destination and just clone the spec in that case. if specToReturn == nil { - specToReturn, err = aggregator.CloneSpec(specInfo.spec) - if err != nil { - return nil, err - } - continue + specToReturn = &spec.Swagger{} + *specToReturn = *specInfo.spec + // Paths and Definitions are set by MergeSpecsIgnorePathConflict + specToReturn.Paths = nil + specToReturn.Definitions = nil } if err := aggregator.MergeSpecsIgnorePathConflict(specToReturn, specInfo.spec); err != nil { return nil, err @@ -267,7 +220,7 @@ func (s *specAggregator) UpdateAPIServiceSpec(apiServiceName string, spec *spec. // For APIServices (non-local) specs, only merge their /apis/ prefixed endpoint as it is the only paths // proxy handler delegates. if specInfo.apiService.Spec.Service != nil { - aggregator.FilterSpecByPaths(spec, []string{"/apis/"}) + spec = aggregator.FilterSpecByPathsWithoutSideEffects(spec, []string{"/apis/"}) } return s.tryUpdatingServiceSpecs(&openAPISpecInfo{ diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/downloader.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/downloader.go similarity index 86% rename from staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/downloader.go rename to staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/downloader.go index ea25e10ff1f..cb9deb0cbd6 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/downloader.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/downloader.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package openapi +package aggregator import ( "crypto/sha512" @@ -38,6 +38,70 @@ func NewDownloader() Downloader { return Downloader{} } +func (s *Downloader) handlerWithUser(handler http.Handler, info user.Info) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + req = req.WithContext(request.WithUser(req.Context(), info)) + handler.ServeHTTP(w, req) + }) +} + +func etagFor(data []byte) string { + return fmt.Sprintf("%s%X\"", locallyGeneratedEtagPrefix, sha512.Sum512(data)) +} + +// Download downloads openAPI spec from /openapi/v2 endpoint of the given handler. +// httpStatus is only valid if err == nil +func (s *Downloader) Download(handler http.Handler, etag string) (returnSpec *spec.Swagger, newEtag string, httpStatus int, err error) { + handler = s.handlerWithUser(handler, &user.DefaultInfo{Name: aggregatorUser}) + handler = http.TimeoutHandler(handler, specDownloadTimeout, "request timed out") + + req, err := http.NewRequest("GET", "/openapi/v2", nil) + if err != nil { + return nil, "", 0, err + } + req.Header.Add("Accept", "application/json") + + // Only pass eTag if it is not generated locally + if len(etag) > 0 && !strings.HasPrefix(etag, locallyGeneratedEtagPrefix) { + req.Header.Add("If-None-Match", etag) + } + + writer := newInMemoryResponseWriter() + handler.ServeHTTP(writer, req) + + switch writer.respCode { + case http.StatusNotModified: + if len(etag) == 0 { + return nil, etag, http.StatusNotModified, fmt.Errorf("http.StatusNotModified is not allowed in absence of etag") + } + return nil, etag, http.StatusNotModified, nil + case http.StatusNotFound: + // Gracefully skip 404, assuming the server won't provide any spec + return nil, "", http.StatusNotFound, nil + case http.StatusOK: + openAPISpec := &spec.Swagger{} + if err := json.Unmarshal(writer.data, openAPISpec); err != nil { + return nil, "", 0, err + } + newEtag = writer.Header().Get("Etag") + if len(newEtag) == 0 { + newEtag = etagFor(writer.data) + if len(etag) > 0 && strings.HasPrefix(etag, locallyGeneratedEtagPrefix) { + // The function call with an etag and server does not report an etag. + // That means this server does not support etag and the etag that passed + // to the function generated previously by us. Just compare etags and + // return StatusNotModified if they are the same. + if etag == newEtag { + return nil, etag, http.StatusNotModified, nil + } + } + } + return openAPISpec, newEtag, http.StatusOK, nil + default: + return nil, "", 0, fmt.Errorf("failed to retrieve openAPI spec, http error: %s", writer.String()) + } +} + // inMemoryResponseWriter is a http.Writer that keep the response in memory. type inMemoryResponseWriter struct { writeHeaderCalled bool @@ -77,84 +141,3 @@ func (r *inMemoryResponseWriter) String() string { } return s } - -func (s *Downloader) handlerWithUser(handler http.Handler, info user.Info) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - req = req.WithContext(request.WithUser(req.Context(), info)) - handler.ServeHTTP(w, req) - }) -} - -func etagFor(data []byte) string { - return fmt.Sprintf("%s%X\"", locallyGeneratedEtagPrefix, sha512.Sum512(data)) -} - -// Download downloads openAPI spec from /openapi/v2 or /swagger.json endpoint of the given handler. -// httpStatus is only valid if err == nil -func (s *Downloader) Download(handler http.Handler, etag string) (returnSpec *spec.Swagger, newEtag string, httpStatus int, err error) { - handler = s.handlerWithUser(handler, &user.DefaultInfo{Name: aggregatorUser}) - handler = http.TimeoutHandler(handler, specDownloadTimeout, "request timed out") - - req, err := http.NewRequest("GET", "/openapi/v2", nil) - if err != nil { - return nil, "", 0, err - } - req.Header.Add("Accept", "application/json") - - // Only pass eTag if it is not generated locally - if len(etag) > 0 && !strings.HasPrefix(etag, locallyGeneratedEtagPrefix) { - req.Header.Add("If-None-Match", etag) - } - - writer := newInMemoryResponseWriter() - handler.ServeHTTP(writer, req) - - // single endpoint not found/registered in old server, try to fetch old endpoint - // TODO(roycaihw): remove this in 1.11 - if writer.respCode == http.StatusForbidden || writer.respCode == http.StatusNotFound { - req, err = http.NewRequest("GET", "/swagger.json", nil) - if err != nil { - return nil, "", 0, err - } - - // Only pass eTag if it is not generated locally - if len(etag) > 0 && !strings.HasPrefix(etag, locallyGeneratedEtagPrefix) { - req.Header.Add("If-None-Match", etag) - } - - writer = newInMemoryResponseWriter() - handler.ServeHTTP(writer, req) - } - - switch writer.respCode { - case http.StatusNotModified: - if len(etag) == 0 { - return nil, etag, http.StatusNotModified, fmt.Errorf("http.StatusNotModified is not allowed in absence of etag") - } - return nil, etag, http.StatusNotModified, nil - case http.StatusNotFound: - // Gracefully skip 404, assuming the server won't provide any spec - return nil, "", http.StatusNotFound, nil - case http.StatusOK: - openAPISpec := &spec.Swagger{} - if err := json.Unmarshal(writer.data, openAPISpec); err != nil { - return nil, "", 0, err - } - newEtag = writer.Header().Get("Etag") - if len(newEtag) == 0 { - newEtag = etagFor(writer.data) - if len(etag) > 0 && strings.HasPrefix(etag, locallyGeneratedEtagPrefix) { - // The function call with an etag and server does not report an etag. - // That means this server does not support etag and the etag that passed - // to the function generated previously by us. Just compare etags and - // return StatusNotModified if they are the same. - if etag == newEtag { - return nil, etag, http.StatusNotModified, nil - } - } - } - return openAPISpec, newEtag, http.StatusOK, nil - default: - return nil, "", 0, fmt.Errorf("failed to retrieve openAPI spec, http error: %s", writer.String()) - } -} diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator_test.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/downloader_test.go similarity index 57% rename from staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator_test.go rename to staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/downloader_test.go index 5409483f22f..6d530d6154f 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator_test.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/downloader_test.go @@ -14,84 +14,17 @@ See the License for the specific language governing permissions and limitations under the License. */ -package openapi +package aggregator import ( "fmt" "net/http" - "reflect" "testing" "github.com/go-openapi/spec" "github.com/stretchr/testify/assert" - - "k8s.io/kube-aggregator/pkg/apis/apiregistration" ) -func newAPIServiceForTest(name, group string, minGroupPriority, versionPriority int32) apiregistration.APIService { - r := apiregistration.APIService{} - r.Spec.Group = group - r.Spec.GroupPriorityMinimum = minGroupPriority - r.Spec.VersionPriority = versionPriority - r.Spec.Service = &apiregistration.ServiceReference{} - r.Name = name - return r -} - -func newLocalAPIServiceForTest(name, group string, minGroupPriority, versionPriority int32) apiregistration.APIService { - r := apiregistration.APIService{} - r.Spec.Group = group - r.Spec.GroupPriorityMinimum = minGroupPriority - r.Spec.VersionPriority = versionPriority - r.Name = name - return r -} - -func assertSortedServices(t *testing.T, actual []openAPISpecInfo, expectedNames []string) { - actualNames := []string{} - for _, a := range actual { - actualNames = append(actualNames, a.apiService.Name) - } - if !reflect.DeepEqual(actualNames, expectedNames) { - t.Errorf("Expected %s got %s.", expectedNames, actualNames) - } -} - -func TestAPIServiceSort(t *testing.T) { - list := []openAPISpecInfo{ - { - apiService: newAPIServiceForTest("FirstService", "Group1", 10, 5), - spec: &spec.Swagger{}, - }, - { - apiService: newAPIServiceForTest("SecondService", "Group2", 15, 3), - spec: &spec.Swagger{}, - }, - { - apiService: newAPIServiceForTest("FirstServiceInternal", "Group1", 16, 3), - spec: &spec.Swagger{}, - }, - { - apiService: newAPIServiceForTest("ThirdService", "Group3", 15, 3), - spec: &spec.Swagger{}, - }, - { - apiService: newLocalAPIServiceForTest("FirstLocalSpec", "Group1", 15, 5), - spec: &spec.Swagger{}, - }, - { - apiService: newLocalAPIServiceForTest("SecondLocalSpec", "Group2", 14, 6), - spec: &spec.Swagger{}, - }, - { - apiService: newLocalAPIServiceForTest("ThirdLocalSpec", "Group3", 16, 3), - spec: &spec.Swagger{}, - }, - } - sortByPriority(list) - assertSortedServices(t, list, []string{"FirstLocalSpec", "SecondLocalSpec", "ThirdLocalSpec", "FirstService", "FirstServiceInternal", "SecondService", "ThirdService"}) -} - type handlerTest struct { etag string data []byte @@ -157,7 +90,6 @@ func assertDownloadedSpec(actualSpec *spec.Swagger, actualEtag string, err error } func TestDownloadOpenAPISpec(t *testing.T) { - s := Downloader{} // Test with no eTag @@ -178,9 +110,4 @@ func TestDownloadOpenAPISpec(t *testing.T) { actualSpec, actualEtag, _, err = s.Download( handlerTest{data: []byte("{\"id\": \"test\"}"), etag: "etag_test1"}, "etag_test2") assert.NoError(t, assertDownloadedSpec(actualSpec, actualEtag, err, "test", "etag_test1")) - - // Test old server fallback path - actualSpec, actualEtag, _, err = s.Download(handlerDeprecatedTest{data: []byte("{\"id\": \"test\"}")}, "") - assert.NoError(t, assertDownloadedSpec(actualSpec, actualEtag, err, "test", "\"6E8F849B434D4B98A569B9D7718876E9-356ECAB19D7FBE1336BABB1E70F8F3025050DE218BE78256BE81620681CFC9A268508E542B8B55974E17B2184BBFC8FFFAA577E51BE195D32B3CA2547818ABE4\"")) - } diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/priority.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/priority.go new file mode 100644 index 00000000000..9847de3c6c6 --- /dev/null +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/priority.go @@ -0,0 +1,74 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package aggregator + +import ( + "sort" +) + +// byPriority can be used in sort.Sort to sort specs with their priorities. +type byPriority struct { + specs []openAPISpecInfo + groupPriorities map[string]int32 +} + +func (a byPriority) Len() int { return len(a.specs) } +func (a byPriority) Swap(i, j int) { a.specs[i], a.specs[j] = a.specs[j], a.specs[i] } +func (a byPriority) Less(i, j int) bool { + // All local specs will come first + if a.specs[i].apiService.Spec.Service == nil && a.specs[j].apiService.Spec.Service != nil { + return true + } + if a.specs[i].apiService.Spec.Service != nil && a.specs[j].apiService.Spec.Service == nil { + return false + } + // WARNING: This will result in not following priorities for local APIServices. + if a.specs[i].apiService.Spec.Service == nil { + // Sort local specs with their name. This is the order in the delegation chain (aggregator first). + return a.specs[i].apiService.Name < a.specs[j].apiService.Name + } + var iPriority, jPriority int32 + if a.specs[i].apiService.Spec.Group == a.specs[j].apiService.Spec.Group { + iPriority = a.specs[i].apiService.Spec.VersionPriority + jPriority = a.specs[i].apiService.Spec.VersionPriority + } else { + iPriority = a.groupPriorities[a.specs[i].apiService.Spec.Group] + jPriority = a.groupPriorities[a.specs[j].apiService.Spec.Group] + } + if iPriority != jPriority { + // Sort by priority, higher first + return iPriority > jPriority + } + // Sort by service name. + return a.specs[i].apiService.Name < a.specs[j].apiService.Name +} + +func sortByPriority(specs []openAPISpecInfo) { + b := byPriority{ + specs: specs, + groupPriorities: map[string]int32{}, + } + for _, spec := range specs { + if spec.apiService.Spec.Service == nil { + continue + } + if pr, found := b.groupPriorities[spec.apiService.Spec.Group]; !found || spec.apiService.Spec.GroupPriorityMinimum > pr { + b.groupPriorities[spec.apiService.Spec.Group] = spec.apiService.Spec.GroupPriorityMinimum + } + } + sort.Sort(b) +} diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/priority_test.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/priority_test.go new file mode 100644 index 00000000000..085ed15fd61 --- /dev/null +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator/priority_test.go @@ -0,0 +1,69 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package aggregator + +import ( + "reflect" + "testing" + + "github.com/go-openapi/spec" + + "k8s.io/kube-aggregator/pkg/apis/apiregistration" +) + +func newAPIServiceForTest(name, group string, minGroupPriority, versionPriority int32) apiregistration.APIService { + r := apiregistration.APIService{} + r.Spec.Group = group + r.Spec.GroupPriorityMinimum = minGroupPriority + r.Spec.VersionPriority = versionPriority + r.Spec.Service = &apiregistration.ServiceReference{} + r.Name = name + return r +} + +func assertSortedServices(t *testing.T, actual []openAPISpecInfo, expectedNames []string) { + actualNames := []string{} + for _, a := range actual { + actualNames = append(actualNames, a.apiService.Name) + } + if !reflect.DeepEqual(actualNames, expectedNames) { + t.Errorf("Expected %s got %s.", expectedNames, actualNames) + } +} + +func TestAPIServiceSort(t *testing.T) { + list := []openAPISpecInfo{ + { + apiService: newAPIServiceForTest("FirstService", "Group1", 10, 5), + spec: &spec.Swagger{}, + }, + { + apiService: newAPIServiceForTest("SecondService", "Group2", 15, 3), + spec: &spec.Swagger{}, + }, + { + apiService: newAPIServiceForTest("FirstServiceInternal", "Group1", 16, 3), + spec: &spec.Swagger{}, + }, + { + apiService: newAPIServiceForTest("ThirdService", "Group3", 15, 3), + spec: &spec.Swagger{}, + }, + } + sortByPriority(list) + assertSortedServices(t, list, []string{"FirstService", "FirstServiceInternal", "SecondService", "ThirdService"}) +} diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/controller.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/controller.go index 49d190e9020..764d7b8f3ab 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/controller.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/openapi/controller.go @@ -21,13 +21,12 @@ import ( "net/http" "time" - "github.com/go-openapi/spec" - "k8s.io/klog" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/util/workqueue" + "k8s.io/klog" "k8s.io/kube-aggregator/pkg/apis/apiregistration" + "k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator" ) const ( @@ -43,27 +42,19 @@ const ( syncNothing ) -// AggregationManager is the interface between this controller and OpenAPI Aggregator service. -type AggregationManager interface { - AddUpdateAPIService(handler http.Handler, apiService *apiregistration.APIService) error - UpdateAPIServiceSpec(apiServiceName string, spec *spec.Swagger, etag string) error - RemoveAPIServiceSpec(apiServiceName string) error - GetAPIServiceInfo(apiServiceName string) (handler http.Handler, etag string, exists bool) -} - // AggregationController periodically check for changes in OpenAPI specs of APIServices and update/remove // them if necessary. type AggregationController struct { - openAPIAggregationManager AggregationManager + openAPIAggregationManager aggregator.SpecAggregator queue workqueue.RateLimitingInterface - downloader *Downloader + downloader *aggregator.Downloader // To allow injection for testing. syncHandler func(key string) (syncAction, error) } // NewAggregationController creates new OpenAPI aggregation controller. -func NewAggregationController(downloader *Downloader, openAPIAggregationManager AggregationManager) *AggregationController { +func NewAggregationController(downloader *aggregator.Downloader, openAPIAggregationManager aggregator.SpecAggregator) *AggregationController { c := &AggregationController{ openAPIAggregationManager: openAPIAggregationManager, queue: workqueue.NewNamedRateLimitingQueue( @@ -136,7 +127,7 @@ func (c *AggregationController) sync(key string) (syncAction, error) { return syncRequeueRateLimited, err case httpStatus == http.StatusNotModified: case httpStatus == http.StatusNotFound || returnSpec == nil: - return syncRequeueRateLimited, fmt.Errorf("OpenAPI spec does not exists") + return syncRequeueRateLimited, fmt.Errorf("OpenAPI spec does not exist") case httpStatus == http.StatusOK: if err := c.openAPIAggregationManager.UpdateAPIServiceSpec(key, returnSpec, newEtag); err != nil { return syncRequeueRateLimited, err diff --git a/staging/src/k8s.io/kube-aggregator/pkg/controllers/status/available_controller.go b/staging/src/k8s.io/kube-aggregator/pkg/controllers/status/available_controller.go index 364e00ae9fb..acbd5c089bd 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/controllers/status/available_controller.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/controllers/status/available_controller.go @@ -46,10 +46,12 @@ import ( "k8s.io/kube-aggregator/pkg/controllers" ) +// ServiceResolver knows how to convert a service reference into an actual location. type ServiceResolver interface { ResolveEndpoint(namespace, name string) (*url.URL, error) } +// AvailableConditionController handles checking the availability of registered API services. type AvailableConditionController struct { apiServiceClient apiregistrationclient.APIServicesGetter @@ -72,6 +74,7 @@ type AvailableConditionController struct { queue workqueue.RateLimitingInterface } +// NewAvailableConditionController returns a new AvailableConditionController. func NewAvailableConditionController( apiServiceInformer informers.APIServiceInformer, serviceInformer v1informers.ServiceInformer, @@ -309,6 +312,7 @@ func updateAPIServiceStatus(client apiregistrationclient.APIServicesGetter, orig return newAPIService, nil } +// Run starts the AvailableConditionController loop which manages the availability condition of API services. func (c *AvailableConditionController) Run(threadiness int, stopCh <-chan struct{}) { defer utilruntime.HandleCrash() defer c.queue.ShutDown() diff --git a/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD b/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD index 34c772a362a..8cd7fac7d8e 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD +++ b/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD @@ -16,6 +16,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", "//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library", + "//staging/src/k8s.io/apiserver/pkg/registry/rest:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/names:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library", diff --git a/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd/etcd.go b/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd/etcd.go index 57fee68103a..54651155d5d 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd/etcd.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd/etcd.go @@ -32,7 +32,7 @@ import ( "k8s.io/kube-aggregator/pkg/registry/apiservice" ) -// rest implements a RESTStorage for API services against etcd +// REST implements a RESTStorage for API services against etcd type REST struct { *genericregistry.Store } @@ -59,6 +59,7 @@ func NewREST(scheme *runtime.Scheme, optsGetter generic.RESTOptionsGetter) *REST var swaggerMetadataDescriptions = metav1.ObjectMeta{}.SwaggerDoc() +// ConvertToTable implements the TableConvertor interface for REST. func (c *REST) ConvertToTable(ctx context.Context, obj runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error) { table := &metav1beta1.Table{ ColumnDefinitions: []metav1beta1.TableColumnDefinition{ @@ -121,12 +122,14 @@ func NewStatusREST(scheme *runtime.Scheme, rest *REST) *StatusREST { return &StatusREST{store: &statusStore} } +// StatusREST implements the REST endpoint for changing the status of an APIService. type StatusREST struct { store *genericregistry.Store } var _ = rest.Patcher(&StatusREST{}) +// New creates a new APIService object. func (r *StatusREST) New() runtime.Object { return &apiregistration.APIService{} } diff --git a/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/strategy.go b/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/strategy.go index 636e8e44702..d9bfe543e27 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/strategy.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/strategy.go @@ -25,6 +25,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/validation/field" "k8s.io/apiserver/pkg/registry/generic" + "k8s.io/apiserver/pkg/registry/rest" "k8s.io/apiserver/pkg/storage" "k8s.io/apiserver/pkg/storage/names" @@ -37,7 +38,11 @@ type apiServerStrategy struct { names.NameGenerator } -func NewStrategy(typer runtime.ObjectTyper) apiServerStrategy { +// apiServerStrategy must implement rest.RESTCreateUpdateStrategy +var _ rest.RESTCreateUpdateStrategy = apiServerStrategy{} + +// NewStrategy creates a new apiServerStrategy. +func NewStrategy(typer runtime.ObjectTyper) rest.RESTCreateUpdateStrategy { return apiServerStrategy{typer, names.SimpleNameGenerator} } @@ -85,7 +90,8 @@ type apiServerStatusStrategy struct { names.NameGenerator } -func NewStatusStrategy(typer runtime.ObjectTyper) apiServerStatusStrategy { +// NewStatusStrategy creates a new apiServerStatusStrategy. +func NewStatusStrategy(typer runtime.ObjectTyper) rest.RESTUpdateStrategy { return apiServerStatusStrategy{typer, names.SimpleNameGenerator} } @@ -111,19 +117,22 @@ func (apiServerStatusStrategy) AllowUnconditionalUpdate() bool { return false } +// Canonicalize normalizes the object after validation. func (apiServerStatusStrategy) Canonicalize(obj runtime.Object) { } +// ValidateUpdate validates an update of apiServerStatusStrategy. func (apiServerStatusStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { return validation.ValidateAPIServiceStatusUpdate(obj.(*apiregistration.APIService), old.(*apiregistration.APIService)) } +// GetAttrs returns the labels and fields of an API server for filtering purposes. func GetAttrs(obj runtime.Object) (labels.Set, fields.Set, error) { apiserver, ok := obj.(*apiregistration.APIService) if !ok { - return nil, nil, fmt.Errorf("given object is not a APIService.") + return nil, nil, fmt.Errorf("given object is not a APIService") } - return labels.Set(apiserver.ObjectMeta.Labels), APIServiceToSelectableFields(apiserver), nil + return labels.Set(apiserver.ObjectMeta.Labels), ToSelectableFields(apiserver), nil } // MatchAPIService is the filter used by the generic etcd backend to watch events @@ -136,7 +145,7 @@ func MatchAPIService(label labels.Selector, field fields.Selector) storage.Selec } } -// APIServiceToSelectableFields returns a field set that represents the object. -func APIServiceToSelectableFields(obj *apiregistration.APIService) fields.Set { +// ToSelectableFields returns a field set that represents the object. +func ToSelectableFields(obj *apiregistration.APIService) fields.Set { return generic.ObjectMetaFieldsSet(&obj.ObjectMeta, true) } diff --git a/staging/src/k8s.io/kube-controller-manager/CONTRIBUTING.md b/staging/src/k8s.io/kube-controller-manager/CONTRIBUTING.md index 12511d88107..6ae6577f066 100644 --- a/staging/src/k8s.io/kube-controller-manager/CONTRIBUTING.md +++ b/staging/src/k8s.io/kube-controller-manager/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/kube-controller-manager](https://git.k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/kube-controller-manager/Godeps/OWNERS b/staging/src/k8s.io/kube-controller-manager/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/kube-controller-manager/Godeps/OWNERS +++ b/staging/src/k8s.io/kube-controller-manager/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/kube-controller-manager/OWNERS b/staging/src/k8s.io/kube-controller-manager/OWNERS index 7b38dc3b373..10bff6ab77c 100644 --- a/staging/src/k8s.io/kube-controller-manager/OWNERS +++ b/staging/src/k8s.io/kube-controller-manager/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - deads2k - luxas diff --git a/staging/src/k8s.io/kube-controller-manager/config/OWNERS b/staging/src/k8s.io/kube-controller-manager/config/OWNERS index b6f183359ba..b3f2f4d316c 100644 --- a/staging/src/k8s.io/kube-controller-manager/config/OWNERS +++ b/staging/src/k8s.io/kube-controller-manager/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/kube-proxy/CONTRIBUTING.md b/staging/src/k8s.io/kube-proxy/CONTRIBUTING.md index 19e40c4db83..6f80589ec78 100644 --- a/staging/src/k8s.io/kube-proxy/CONTRIBUTING.md +++ b/staging/src/k8s.io/kube-proxy/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/kube-proxy](https://git.k8s.io/kubernetes/staging/src/k8s.io/kube-proxy) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/kube-proxy/Godeps/OWNERS b/staging/src/k8s.io/kube-proxy/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/kube-proxy/Godeps/OWNERS +++ b/staging/src/k8s.io/kube-proxy/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/kube-proxy/OWNERS b/staging/src/k8s.io/kube-proxy/OWNERS index f820d85fb16..89b8cc04572 100644 --- a/staging/src/k8s.io/kube-proxy/OWNERS +++ b/staging/src/k8s.io/kube-proxy/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-network-approvers - sttts diff --git a/staging/src/k8s.io/kube-proxy/config/OWNERS b/staging/src/k8s.io/kube-proxy/config/OWNERS index 7156a9b8b27..6a6e8cacc9d 100644 --- a/staging/src/k8s.io/kube-proxy/config/OWNERS +++ b/staging/src/k8s.io/kube-proxy/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go b/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go index ecf95d68d26..b266a5c3d7b 100644 --- a/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go +++ b/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go @@ -74,6 +74,20 @@ type KubeProxyConntrackConfiguration struct { TCPCloseWaitTimeout *metav1.Duration `json:"tcpCloseWaitTimeout"` } +// KubeProxyWinkernelConfiguration contains Windows/HNS settings for +// the Kubernetes proxy server. +type KubeProxyWinkernelConfiguration struct { + // networkName is the name of the network kube-proxy will use + // to create endpoints and policies + NetworkName string `json:"networkName"` + // sourceVip is the IP address of the source VIP endoint used for + // NAT when loadbalancing + SourceVip string `json:"sourceVip"` + // enableDSR tells kube-proxy whether HNS policies should be created + // with DSR + EnableDSR bool `json:"enableDSR"` +} + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // KubeProxyConfiguration contains everything necessary to configure the @@ -136,6 +150,8 @@ type KubeProxyConfiguration struct { // If set it to a non-zero IP block, kube-proxy will filter that down to just the IPs that applied to the node. // An empty string slice is meant to select all network interfaces. NodePortAddresses []string `json:"nodePortAddresses"` + // winkernel contains winkernel-related configuration options. + Winkernel KubeProxyWinkernelConfiguration `json:"winkernel"` } // Currently, three modes of proxy are available in Linux platform: 'userspace' (older, going to be EOL), 'iptables' diff --git a/staging/src/k8s.io/kube-proxy/config/v1alpha1/zz_generated.deepcopy.go b/staging/src/k8s.io/kube-proxy/config/v1alpha1/zz_generated.deepcopy.go index ca70abbdc97..ff0252d416a 100644 --- a/staging/src/k8s.io/kube-proxy/config/v1alpha1/zz_generated.deepcopy.go +++ b/staging/src/k8s.io/kube-proxy/config/v1alpha1/zz_generated.deepcopy.go @@ -52,6 +52,7 @@ func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) { *out = make([]string, len(*in)) copy(*out, *in) } + out.Winkernel = in.Winkernel return } @@ -159,3 +160,19 @@ func (in *KubeProxyIPVSConfiguration) DeepCopy() *KubeProxyIPVSConfiguration { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeProxyWinkernelConfiguration) DeepCopyInto(out *KubeProxyWinkernelConfiguration) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeProxyWinkernelConfiguration. +func (in *KubeProxyWinkernelConfiguration) DeepCopy() *KubeProxyWinkernelConfiguration { + if in == nil { + return nil + } + out := new(KubeProxyWinkernelConfiguration) + in.DeepCopyInto(out) + return out +} diff --git a/staging/src/k8s.io/kube-scheduler/CONTRIBUTING.md b/staging/src/k8s.io/kube-scheduler/CONTRIBUTING.md index 68294346fd6..96dabc3c9a4 100644 --- a/staging/src/k8s.io/kube-scheduler/CONTRIBUTING.md +++ b/staging/src/k8s.io/kube-scheduler/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/kube-scheduler](https://git.k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/kube-scheduler/Godeps/OWNERS b/staging/src/k8s.io/kube-scheduler/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/kube-scheduler/Godeps/OWNERS +++ b/staging/src/k8s.io/kube-scheduler/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/kube-scheduler/OWNERS b/staging/src/k8s.io/kube-scheduler/OWNERS old mode 100755 new mode 100644 index 13f210bae43..613b3a5f834 --- a/staging/src/k8s.io/kube-scheduler/OWNERS +++ b/staging/src/k8s.io/kube-scheduler/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-scheduling-maintainers - sttts diff --git a/staging/src/k8s.io/kube-scheduler/README.md b/staging/src/k8s.io/kube-scheduler/README.md index 4082eafed10..be9b6860321 100644 --- a/staging/src/k8s.io/kube-scheduler/README.md +++ b/staging/src/k8s.io/kube-scheduler/README.md @@ -1,6 +1,6 @@ # kube-scheduler -Implements [KEP 14 - Moving ComponentConfig API types to staging repos](https://github.com/kubernetes/community/blob/master/keps/sig-cluster-lifecycle/0014-20180707-componentconfig-api-types-to-staging.md#kube-scheduler-changes) +Implements [KEP 14 - Moving ComponentConfig API types to staging repos](https://git.k8s.io/enhancements/keps/sig-cluster-lifecycle/0014-20180707-componentconfig-api-types-to-staging.md#kube-scheduler-changes) This repo provides external, versioned ComponentConfig API types for configuring the kube-scheduler. These external types can easily be vendored and used by any third-party tool writing Kubernetes diff --git a/staging/src/k8s.io/kube-scheduler/config/OWNERS b/staging/src/k8s.io/kube-scheduler/config/OWNERS index 18a8557ccb9..9584e0e8313 100644 --- a/staging/src/k8s.io/kube-scheduler/config/OWNERS +++ b/staging/src/k8s.io/kube-scheduler/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/kubelet/CONTRIBUTING.md b/staging/src/k8s.io/kubelet/CONTRIBUTING.md index b3d96ad1337..be789a9d981 100644 --- a/staging/src/k8s.io/kubelet/CONTRIBUTING.md +++ b/staging/src/k8s.io/kubelet/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/kubelet](https://git.k8s.io/kubernetes/staging/src/k8s.io/kubelet) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/kubelet/Godeps/OWNERS b/staging/src/k8s.io/kubelet/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/kubelet/Godeps/OWNERS +++ b/staging/src/k8s.io/kubelet/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/kubelet/OWNERS b/staging/src/k8s.io/kubelet/OWNERS index fd46cbf2bb1..128c82716dc 100644 --- a/staging/src/k8s.io/kubelet/OWNERS +++ b/staging/src/k8s.io/kubelet/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-node-approvers - sttts diff --git a/staging/src/k8s.io/kubelet/README.md b/staging/src/k8s.io/kubelet/README.md index 239f50818db..9baec718030 100644 --- a/staging/src/k8s.io/kubelet/README.md +++ b/staging/src/k8s.io/kubelet/README.md @@ -1,6 +1,6 @@ # kubelet -Implements [KEP 14 - Moving ComponentConfig API types to staging repos](https://github.com/kubernetes/community/blob/master/keps/sig-cluster-lifecycle/0014-20180707-componentconfig-api-types-to-staging.md#kubelet-changes) +Implements [KEP 14 - Moving ComponentConfig API types to staging repos](https://git.k8s.io/enhancements/keps/sig-cluster-lifecycle/0014-20180707-componentconfig-api-types-to-staging.md#kubelet-changes) This repo provides external, versioned ComponentConfig API types for configuring the kubelet. These external types can easily be vendored and used by any third-party tool writing Kubernetes diff --git a/staging/src/k8s.io/kubelet/config/OWNERS b/staging/src/k8s.io/kubelet/config/OWNERS index 930fcf08b7e..a459a8f87ad 100644 --- a/staging/src/k8s.io/kubelet/config/OWNERS +++ b/staging/src/k8s.io/kubelet/config/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/metrics/CONTRIBUTING.md b/staging/src/k8s.io/metrics/CONTRIBUTING.md index e28789c8a8b..1751b8e4356 100644 --- a/staging/src/k8s.io/metrics/CONTRIBUTING.md +++ b/staging/src/k8s.io/metrics/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/metrics](https://git.k8s.io/kubernetes/staging/src/k8s.io/metrics) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/metrics/Godeps/Godeps.json b/staging/src/k8s.io/metrics/Godeps/Godeps.json index 59413af373f..c711b0cfcde 100644 --- a/staging/src/k8s.io/metrics/Godeps/Godeps.json +++ b/staging/src/k8s.io/metrics/Godeps/Godeps.json @@ -12,7 +12,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -42,10 +42,6 @@ "ImportPath": "github.com/golang/protobuf/ptypes/timestamp", "Rev": "b4deda0973fb4c70b50d226b1af49f3da59f5265" }, - { - "ImportPath": "github.com/google/btree", - "Rev": "7d79101e329e5a3adf994758c578dab82b90c017" - }, { "ImportPath": "github.com/google/gofuzz", "Rev": "24818f796faf91cd76ec7bddd72458fbced7a6c1" @@ -62,14 +58,6 @@ "ImportPath": "github.com/googleapis/gnostic/extensions", "Rev": "0c5108395e2debce0d731cf0287ddf7242066aba" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/json-iterator/go", "Rev": "ab8a2e0c74be9d3be70b3184d9acc634935ded82" @@ -82,13 +70,9 @@ "ImportPath": "github.com/modern-go/reflect2", "Rev": "94122c33edd36123c84d5368cfb2b69df93a0ec8" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "github.com/pmezard/go-difflib/difflib", - "Rev": "d8ed2627bdf02c080bf22230dbb337003b7aba2d" + "Rev": "5d4384ee4fb2527b0a1256a821ebfc92f91efefc" }, { "ImportPath": "github.com/stretchr/testify/assert", @@ -254,6 +238,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -520,32 +508,12 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/integer", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, { "ImportPath": "sigs.k8s.io/yaml", "Rev": "fd68e9863619f6ec2fdd8625fe1f02e7c877e480" diff --git a/staging/src/k8s.io/metrics/Godeps/OWNERS b/staging/src/k8s.io/metrics/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/metrics/Godeps/OWNERS +++ b/staging/src/k8s.io/metrics/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/metrics/OWNERS b/staging/src/k8s.io/metrics/OWNERS index c532d6440a9..bc445c0f98b 100644 --- a/staging/src/k8s.io/metrics/OWNERS +++ b/staging/src/k8s.io/metrics/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - DirectXMan12 - piosz diff --git a/staging/src/k8s.io/metrics/pkg/apis/OWNERS b/staging/src/k8s.io/metrics/pkg/apis/OWNERS index 083228551a4..f7329139ff7 100644 --- a/staging/src/k8s.io/metrics/pkg/apis/OWNERS +++ b/staging/src/k8s.io/metrics/pkg/apis/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/node-api/CONTRIBUTING.md b/staging/src/k8s.io/node-api/CONTRIBUTING.md index 37da989dcd6..d0eb795213f 100644 --- a/staging/src/k8s.io/node-api/CONTRIBUTING.md +++ b/staging/src/k8s.io/node-api/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/node-api](https://git.k8s.io/kubernetes/staging/src/k8s.io/node-api) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information. +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information. diff --git a/staging/src/k8s.io/node-api/Godeps/Godeps.json b/staging/src/k8s.io/node-api/Godeps/Godeps.json index 2b8827599e6..41803566ae4 100644 --- a/staging/src/k8s.io/node-api/Godeps/Godeps.json +++ b/staging/src/k8s.io/node-api/Godeps/Godeps.json @@ -12,7 +12,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -42,10 +42,6 @@ "ImportPath": "github.com/golang/protobuf/ptypes/timestamp", "Rev": "b4deda0973fb4c70b50d226b1af49f3da59f5265" }, - { - "ImportPath": "github.com/google/btree", - "Rev": "7d79101e329e5a3adf994758c578dab82b90c017" - }, { "ImportPath": "github.com/google/gofuzz", "Rev": "24818f796faf91cd76ec7bddd72458fbced7a6c1" @@ -62,21 +58,13 @@ "ImportPath": "github.com/googleapis/gnostic/extensions", "Rev": "0c5108395e2debce0d731cf0287ddf7242066aba" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/json-iterator/go", @@ -90,10 +78,6 @@ "ImportPath": "github.com/modern-go/reflect2", "Rev": "94122c33edd36123c84d5368cfb2b69df93a0ec8" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "golang.org/x/crypto/ssh/terminal", "Rev": "de0752318171da717af4ce24d0a2e8626afaeb11" @@ -250,6 +234,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -544,7 +532,7 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/buffer", @@ -558,26 +546,6 @@ "ImportPath": "k8s.io/utils/trace", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, { "ImportPath": "sigs.k8s.io/yaml", "Rev": "fd68e9863619f6ec2fdd8625fe1f02e7c877e480" diff --git a/staging/src/k8s.io/node-api/Godeps/OWNERS b/staging/src/k8s.io/node-api/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/node-api/Godeps/OWNERS +++ b/staging/src/k8s.io/node-api/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/node-api/OWNERS b/staging/src/k8s.io/node-api/OWNERS index 03759e15dc5..e4fbee7e901 100644 --- a/staging/src/k8s.io/node-api/OWNERS +++ b/staging/src/k8s.io/node-api/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - tallclair - dchen1107 diff --git a/staging/src/k8s.io/node-api/hack/update-codegen.sh b/staging/src/k8s.io/node-api/hack/update-codegen.sh index c92b3cc9f68..44c091269a6 100755 --- a/staging/src/k8s.io/node-api/hack/update-codegen.sh +++ b/staging/src/k8s.io/node-api/hack/update-codegen.sh @@ -18,15 +18,15 @@ set -o errexit set -o nounset set -o pipefail -SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/.. -CODEGEN_PKG=${CODEGEN_PKG:-$(cd ${SCRIPT_ROOT}; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} # generate the code with: # --output-base because this script should also be able to run inside the vendor dir of # k8s.io/kubernetes. The output-base is needed for the generators to output into the vendor dir # instead of the $GOPATH directly. For normal projects this can be dropped. -${CODEGEN_PKG}/generate-groups.sh "deepcopy,client,informer,lister" \ +"${CODEGEN_PKG}/generate-groups.sh" "deepcopy,client,informer,lister" \ k8s.io/node-api/pkg/client k8s.io/node-api/pkg/apis \ "node:v1alpha1" \ - --output-base "$(dirname ${BASH_SOURCE})/../../.." \ - --go-header-file ${SCRIPT_ROOT}/hack/boilerplate.go.txt + --output-base "$(dirname "${BASH_SOURCE[0]}")/../../.." \ + --go-header-file "${SCRIPT_ROOT}/hack/boilerplate.go.txt" diff --git a/staging/src/k8s.io/node-api/hack/verify-codegen.sh b/staging/src/k8s.io/node-api/hack/verify-codegen.sh index d02a6fa395e..d91566e6228 100755 --- a/staging/src/k8s.io/node-api/hack/verify-codegen.sh +++ b/staging/src/k8s.io/node-api/hack/verify-codegen.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")/.. +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. DIFFROOT="${SCRIPT_ROOT}/pkg" TMP_DIFFROOT="${SCRIPT_ROOT}/_tmp/pkg" diff --git a/staging/src/k8s.io/node-api/pkg/apis/OWNERS b/staging/src/k8s.io/node-api/pkg/apis/OWNERS index bae178f8175..38336c177f9 100644 --- a/staging/src/k8s.io/node-api/pkg/apis/OWNERS +++ b/staging/src/k8s.io/node-api/pkg/apis/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # Disable inheritance as this is an api owners file options: no_parent_owners: true diff --git a/staging/src/k8s.io/node-api/pkg/apis/node/v1alpha1/types.go b/staging/src/k8s.io/node-api/pkg/apis/node/v1alpha1/types.go index 1951321da26..5239e61cbb1 100644 --- a/staging/src/k8s.io/node-api/pkg/apis/node/v1alpha1/types.go +++ b/staging/src/k8s.io/node-api/pkg/apis/node/v1alpha1/types.go @@ -30,7 +30,7 @@ import ( // defined by a user or cluster provisioner, and referenced in the PodSpec. The // Kubelet is responsible for resolving the RuntimeClassName reference before // running the pod. For more details, see -// https://git.k8s.io/enhancements/keps/sig-node/0014-runtime-class.md +// https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md type RuntimeClass struct { metav1.TypeMeta `json:",inline"` // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata diff --git a/staging/src/k8s.io/sample-apiserver/BUILD b/staging/src/k8s.io/sample-apiserver/BUILD index 1a61b65ff3a..5f12cfd9d36 100644 --- a/staging/src/k8s.io/sample-apiserver/BUILD +++ b/staging/src/k8s.io/sample-apiserver/BUILD @@ -39,11 +39,11 @@ filegroup( "//staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer:all-srcs", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle:all-srcs", "//staging/src/k8s.io/sample-apiserver/pkg/apiserver:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1:all-srcs", "//staging/src/k8s.io/sample-apiserver/pkg/cmd/server:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1:all-srcs", "//staging/src/k8s.io/sample-apiserver/pkg/registry:all-srcs", ], tags = ["automanaged"], diff --git a/staging/src/k8s.io/sample-apiserver/CONTRIBUTING.md b/staging/src/k8s.io/sample-apiserver/CONTRIBUTING.md index ea81280507b..532a034bd3e 100644 --- a/staging/src/k8s.io/sample-apiserver/CONTRIBUTING.md +++ b/staging/src/k8s.io/sample-apiserver/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/sample-apiserver](https://git.k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json index f8f07ecee36..9b7236f32ac 100644 --- a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json @@ -6,14 +6,6 @@ "./..." ], "Deps": [ - { - "ImportPath": "github.com/Azure/go-ansiterm", - "Rev": "d6e3b3328b783f23731bc4d058875b0371ff8109" - }, - { - "ImportPath": "github.com/Azure/go-ansiterm/winterm", - "Rev": "d6e3b3328b783f23731bc4d058875b0371ff8109" - }, { "ImportPath": "github.com/NYTimes/gziphandler", "Rev": "56545f4a5d46df9a6648819d1664c3a03a13ffdb" @@ -70,14 +62,6 @@ "ImportPath": "github.com/davecgh/go-spew/spew", "Rev": "782f4967f2dc4564575ca782fe2d04090b5faca8" }, - { - "ImportPath": "github.com/docker/docker/pkg/term", - "Rev": "a9fbbdc8dd8794b20af358382ab780559bca589d" - }, - { - "ImportPath": "github.com/docker/docker/pkg/term/windows", - "Rev": "a9fbbdc8dd8794b20af358382ab780559bca589d" - }, { "ImportPath": "github.com/emicklei/go-restful", "Rev": "ff4f55a206334ef123e4f79bbf348980da81ca46" @@ -88,7 +72,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/go-openapi/jsonpointer", @@ -146,10 +130,6 @@ "ImportPath": "github.com/golang/protobuf/ptypes/timestamp", "Rev": "b4deda0973fb4c70b50d226b1af49f3da59f5265" }, - { - "ImportPath": "github.com/google/btree", - "Rev": "7d79101e329e5a3adf994758c578dab82b90c017" - }, { "ImportPath": "github.com/google/gofuzz", "Rev": "24818f796faf91cd76ec7bddd72458fbced7a6c1" @@ -166,25 +146,17 @@ "ImportPath": "github.com/googleapis/gnostic/extensions", "Rev": "0c5108395e2debce0d731cf0287ddf7242066aba" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/grpc-ecosystem/go-grpc-prometheus", "Rev": "2500245aa6110c562d17020fb31a2c133d737799" }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/imdario/mergo", @@ -230,10 +202,6 @@ "ImportPath": "github.com/pborman/uuid", "Rev": "ca53cad383cad2479bbba7f7a1a05797ec1386e4" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "github.com/prometheus/client_golang/prometheus", "Rev": "abad2d1bd44235a26707c172eab6bca5bf2dbad3" @@ -266,10 +234,6 @@ "ImportPath": "github.com/prometheus/procfs/xfs", "Rev": "65c1f6f8f0fc1e2185eb9863a3bc751496404259" }, - { - "ImportPath": "github.com/sirupsen/logrus", - "Rev": "89742aefa4b206dcf400792f3bd35b542998eb3b" - }, { "ImportPath": "github.com/spf13/cobra", "Rev": "c439c4fa093711d42e1b01acb1235b52004753c1" @@ -590,6 +554,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1170,10 +1138,6 @@ "ImportPath": "k8s.io/apiserver/pkg/util/feature", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, - { - "ImportPath": "k8s.io/apiserver/pkg/util/flag", - "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" - }, { "ImportPath": "k8s.io/apiserver/pkg/util/flushwriter", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1354,6 +1318,10 @@ "ImportPath": "k8s.io/client-go/informers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/policy", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1510,6 +1478,10 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1622,6 +1594,10 @@ "ImportPath": "k8s.io/client-go/listers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1762,6 +1738,10 @@ "ImportPath": "k8s.io/client-go/util/retry", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/component-base/cli/flag", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/component-base/logs", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1772,27 +1752,27 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/builder", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/common", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/handler", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/schemaconv", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/buffer", diff --git a/staging/src/k8s.io/sample-apiserver/Godeps/OWNERS b/staging/src/k8s.io/sample-apiserver/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/sample-apiserver/Godeps/OWNERS +++ b/staging/src/k8s.io/sample-apiserver/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/sample-apiserver/OWNERS b/staging/src/k8s.io/sample-apiserver/OWNERS index 2268629156c..6cc66aedb61 100644 --- a/staging/src/k8s.io/sample-apiserver/OWNERS +++ b/staging/src/k8s.io/sample-apiserver/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - lavalamp - smarterclayton diff --git a/staging/src/k8s.io/sample-apiserver/hack/update-codegen.sh b/staging/src/k8s.io/sample-apiserver/hack/update-codegen.sh index d4883f401b4..7b01b94ffc8 100755 --- a/staging/src/k8s.io/sample-apiserver/hack/update-codegen.sh +++ b/staging/src/k8s.io/sample-apiserver/hack/update-codegen.sh @@ -26,16 +26,16 @@ CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code- # k8s.io/kubernetes. The output-base is needed for the generators to output into the vendor dir # instead of the $GOPATH directly. For normal projects this can be dropped. "${CODEGEN_PKG}/generate-groups.sh" all \ - k8s.io/sample-apiserver/pkg/client k8s.io/sample-apiserver/pkg/apis \ + k8s.io/sample-apiserver/pkg/generated k8s.io/sample-apiserver/pkg/apis \ "wardle:v1alpha1,v1beta1" \ --output-base "$(dirname "${BASH_SOURCE[0]}")/../../.." \ --go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt "${CODEGEN_PKG}/generate-internal-groups.sh" "deepcopy,defaulter,conversion" \ - k8s.io/sample-apiserver/pkg/client k8s.io/sample-apiserver/pkg/apis k8s.io/sample-apiserver/pkg/apis \ + k8s.io/sample-apiserver/pkg/generated k8s.io/sample-apiserver/pkg/apis k8s.io/sample-apiserver/pkg/apis \ "wardle:v1alpha1,v1beta1" \ --output-base "$(dirname "${BASH_SOURCE[0]}")/../../.." \ --go-header-file "${SCRIPT_ROOT}/hack/boilerplate.go.txt" -# To use your own boilerplate text use: +# To use your own boilerplate text append: # --go-header-file "${SCRIPT_ROOT}/hack/custom-boilerplate.go.txt" diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/BUILD index 6a4c5dfea82..719354f310e 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/BUILD @@ -18,8 +18,8 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1:go_default_library", ], ) @@ -35,8 +35,8 @@ go_test( "//staging/src/k8s.io/client-go/testing:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission.go index 70d618614a9..474c1a58d10 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission.go @@ -26,8 +26,8 @@ import ( "k8s.io/apiserver/pkg/admission" "k8s.io/sample-apiserver/pkg/admission/wardleinitializer" "k8s.io/sample-apiserver/pkg/apis/wardle" - informers "k8s.io/sample-apiserver/pkg/client/informers/externalversions" - listers "k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1" + informers "k8s.io/sample-apiserver/pkg/generated/informers/externalversions" + listers "k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1" ) // Register registers a plugin @@ -47,7 +47,7 @@ var _ = wardleinitializer.WantsInternalWardleInformerFactory(&DisallowFlunder{}) // Admit ensures that the object in-flight is of kind Flunder. // In addition checks that the Name is not on the banned list. // The list is stored in Fischers API objects. -func (d *DisallowFlunder) Admit(a admission.Attributes) error { +func (d *DisallowFlunder) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { // we are only interested in flunders if a.GetKind().GroupKind() != wardle.Kind("Flunder") { return nil diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go index b60ae0dbae8..a6479aa1a98 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go @@ -28,8 +28,8 @@ import ( "k8s.io/sample-apiserver/pkg/admission/plugin/banflunder" "k8s.io/sample-apiserver/pkg/admission/wardleinitializer" wardle "k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1" - "k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake" - informers "k8s.io/sample-apiserver/pkg/client/informers/externalversions" + "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake" + informers "k8s.io/sample-apiserver/pkg/generated/informers/externalversions" ) // TestBanfluderAdmissionPlugin tests various test cases against @@ -138,6 +138,7 @@ func TestBanflunderAdmissionPlugin(t *testing.T) { admission.Create, false, nil), + nil, ) // validate diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/BUILD index 0d9f62e676a..592f8e6e80b 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/BUILD @@ -16,7 +16,7 @@ go_library( importpath = "k8s.io/sample-apiserver/pkg/admission/wardleinitializer", deps = [ "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions:go_default_library", ], ) @@ -26,8 +26,8 @@ go_test( embed = [":go_default_library"], deps = [ "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/interfaces.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/interfaces.go index 248cd045d82..f7f1710d932 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/interfaces.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/interfaces.go @@ -18,7 +18,7 @@ package wardleinitializer import ( "k8s.io/apiserver/pkg/admission" - informers "k8s.io/sample-apiserver/pkg/client/informers/externalversions" + informers "k8s.io/sample-apiserver/pkg/generated/informers/externalversions" ) // WantsInternalWardleInformerFactory defines a function which sets InformerFactory for admission plugins that need it diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go index 455d51c9eaa..b2fb815b00f 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go @@ -18,7 +18,7 @@ package wardleinitializer import ( "k8s.io/apiserver/pkg/admission" - informers "k8s.io/sample-apiserver/pkg/client/informers/externalversions" + informers "k8s.io/sample-apiserver/pkg/generated/informers/externalversions" ) type pluginInitializer struct { diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go index ff6fee1a92f..8e994d71e14 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go @@ -22,8 +22,8 @@ import ( "k8s.io/apiserver/pkg/admission" "k8s.io/sample-apiserver/pkg/admission/wardleinitializer" - "k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake" - informers "k8s.io/sample-apiserver/pkg/client/informers/externalversions" + "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake" + informers "k8s.io/sample-apiserver/pkg/generated/informers/externalversions" ) // TestWantsInternalWardleInformerFactory ensures that the informer factory is injected @@ -48,7 +48,9 @@ type wantInternalWardleInformerFactory struct { func (self *wantInternalWardleInformerFactory) SetInternalWardleInformerFactory(sf informers.SharedInformerFactory) { self.sf = sf } -func (self *wantInternalWardleInformerFactory) Admit(a admission.Attributes) error { return nil } +func (self *wantInternalWardleInformerFactory) Admit(a admission.Attributes, o admission.ObjectInterfaces) error { + return nil +} func (self *wantInternalWardleInformerFactory) Handles(o admission.Operation) bool { return false } func (self *wantInternalWardleInformerFactory) ValidateInitialization() error { return nil } diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/BUILD deleted file mode 100644 index b9d40edbb21..00000000000 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/BUILD +++ /dev/null @@ -1,32 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["interface.go"], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle", - importpath = "k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1:all-srcs", - ], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD index db6621acce8..9f704e55c17 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD @@ -19,8 +19,8 @@ go_library( "//staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apiserver:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go index e492925353e..48aa538ba08 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go @@ -31,8 +31,8 @@ import ( "k8s.io/sample-apiserver/pkg/admission/wardleinitializer" "k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1" "k8s.io/sample-apiserver/pkg/apiserver" - clientset "k8s.io/sample-apiserver/pkg/client/clientset/versioned" - informers "k8s.io/sample-apiserver/pkg/client/informers/externalversions" + clientset "k8s.io/sample-apiserver/pkg/generated/clientset/versioned" + informers "k8s.io/sample-apiserver/pkg/generated/informers/externalversions" ) const defaultEtcdPathPrefix = "/registry/wardle.kubernetes.io" @@ -120,7 +120,7 @@ func (o *WardleServerOptions) Config() (*apiserver.Config, error) { } serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) - if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil { + if err := o.RecommendedOptions.ApplyTo(serverConfig); err != nil { return nil, err } @@ -142,7 +142,7 @@ func (o WardleServerOptions) RunWardleServer(stopCh <-chan struct{}) error { return err } - server.GenericAPIServer.AddPostStartHook("start-sample-server-informers", func(context genericapiserver.PostStartHookContext) error { + server.GenericAPIServer.AddPostStartHookOrDie("start-sample-server-informers", func(context genericapiserver.PostStartHookContext) error { config.GenericConfig.SharedInformerFactory.Start(context.StopCh) o.SharedInformerFactory.Start(context.StopCh) return nil diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/BUILD similarity index 50% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/BUILD index 20e8e6b30b1..03e39d2319f 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/BUILD @@ -6,15 +6,15 @@ go_library( "clientset.go", "doc.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/clientset/versioned", - importpath = "k8s.io/sample-apiserver/pkg/client/clientset/versioned", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/clientset/versioned", + importpath = "k8s.io/sample-apiserver/pkg/generated/clientset/versioned", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/client-go/discovery:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/util/flowcontrol:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1:go_default_library", ], ) @@ -29,10 +29,10 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/clientset.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/clientset.go similarity index 94% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/clientset.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/clientset.go index b7f427f256c..d22823aab94 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/clientset.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/clientset.go @@ -22,8 +22,8 @@ import ( discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" - wardlev1alpha1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1" - wardlev1beta1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1" + wardlev1alpha1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1" + wardlev1beta1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1" ) type Interface interface { diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/doc.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/doc.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/doc.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/doc.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/BUILD similarity index 66% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/BUILD index 4aaa5139047..141d293e023 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/BUILD @@ -7,8 +7,8 @@ go_library( "doc.go", "register.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake", - importpath = "k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake", + importpath = "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -22,11 +22,11 @@ go_library( "//staging/src/k8s.io/client-go/testing:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/clientset_generated.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/clientset_generated.go similarity index 85% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/clientset_generated.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/clientset_generated.go index 83b23e9b93c..3a79d302ebf 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/clientset_generated.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/clientset_generated.go @@ -24,11 +24,11 @@ import ( "k8s.io/client-go/discovery" fakediscovery "k8s.io/client-go/discovery/fake" "k8s.io/client-go/testing" - clientset "k8s.io/sample-apiserver/pkg/client/clientset/versioned" - wardlev1alpha1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1" - fakewardlev1alpha1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake" - wardlev1beta1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1" - fakewardlev1beta1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake" + clientset "k8s.io/sample-apiserver/pkg/generated/clientset/versioned" + wardlev1alpha1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1" + fakewardlev1alpha1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake" + wardlev1beta1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1" + fakewardlev1beta1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake" ) // NewSimpleClientset returns a clientset that will respond with the provided objects. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/doc.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/doc.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/doc.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/doc.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/register.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/register.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/fake/register.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/fake/register.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme/BUILD similarity index 89% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme/BUILD index e219b42738c..adc9841132e 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme/BUILD @@ -6,8 +6,8 @@ go_library( "doc.go", "register.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme", - importpath = "k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme", + importpath = "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme/doc.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme/doc.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme/doc.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme/doc.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme/register.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme/register.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme/register.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme/register.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/BUILD similarity index 74% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/BUILD index 5f6e724cb9b..5d0b3ea270c 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/BUILD @@ -9,8 +9,8 @@ go_library( "generated_expansion.go", "wardle_client.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1", - importpath = "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1", + importpath = "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -19,7 +19,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme:go_default_library", ], ) @@ -34,7 +34,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/doc.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/doc.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/doc.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/doc.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/BUILD similarity index 80% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/BUILD index 16aff3400eb..9ad92b82b24 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/BUILD @@ -8,8 +8,8 @@ go_library( "fake_flunder.go", "fake_wardle_client.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake", - importpath = "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake", + importpath = "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -20,7 +20,7 @@ go_library( "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/testing:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/doc.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/doc.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/doc.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/doc.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/fake_fischer.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/fake_fischer.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/fake_fischer.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/fake_fischer.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/fake_flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/fake_flunder.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/fake_flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/fake_flunder.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/fake_wardle_client.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/fake_wardle_client.go similarity index 92% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/fake_wardle_client.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/fake_wardle_client.go index 5803c786a3f..da5149d5662 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fake/fake_wardle_client.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fake/fake_wardle_client.go @@ -21,7 +21,7 @@ package fake import ( rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" - v1alpha1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1" + v1alpha1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1" ) type FakeWardleV1alpha1 struct { diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fischer.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fischer.go similarity index 98% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fischer.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fischer.go index b6cb6b7c327..a8b9b55e8d9 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/fischer.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/fischer.go @@ -26,7 +26,7 @@ import ( watch "k8s.io/apimachinery/pkg/watch" rest "k8s.io/client-go/rest" v1alpha1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1" - scheme "k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme" + scheme "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme" ) // FischersGetter has a method to return a FischerInterface. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/flunder.go similarity index 98% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/flunder.go index 5ff17cb4cc8..3e0d2079883 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/flunder.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/flunder.go @@ -26,7 +26,7 @@ import ( watch "k8s.io/apimachinery/pkg/watch" rest "k8s.io/client-go/rest" v1alpha1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1" - scheme "k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme" + scheme "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme" ) // FlundersGetter has a method to return a FlunderInterface. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/generated_expansion.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/generated_expansion.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/generated_expansion.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/generated_expansion.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/wardle_client.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/wardle_client.go similarity index 97% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/wardle_client.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/wardle_client.go index c63e25fd238..3f9b044056e 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1alpha1/wardle_client.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1alpha1/wardle_client.go @@ -22,7 +22,7 @@ import ( serializer "k8s.io/apimachinery/pkg/runtime/serializer" rest "k8s.io/client-go/rest" v1alpha1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1" - "k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme" + "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme" ) type WardleV1alpha1Interface interface { diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/BUILD similarity index 74% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/BUILD index 10042b29d39..790eb6500ae 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/BUILD @@ -8,8 +8,8 @@ go_library( "generated_expansion.go", "wardle_client.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1", - importpath = "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1", + importpath = "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -18,7 +18,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme:go_default_library", ], ) @@ -33,7 +33,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/doc.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/doc.go new file mode 100644 index 00000000000..771101956f3 --- /dev/null +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1beta1 diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/BUILD similarity index 80% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/BUILD index c669dd4ec2d..f5c508c878b 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/BUILD @@ -7,8 +7,8 @@ go_library( "fake_flunder.go", "fake_wardle_client.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake", - importpath = "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake", + importpath = "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -19,7 +19,7 @@ go_library( "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/testing:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/doc.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/doc.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/doc.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/doc.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/fake_flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/fake_flunder.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/fake_flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/fake_flunder.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/fake_wardle_client.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/fake_wardle_client.go similarity index 92% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/fake_wardle_client.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/fake_wardle_client.go index b91fa5e78a4..f1784fd2426 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/fake/fake_wardle_client.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/fake/fake_wardle_client.go @@ -21,7 +21,7 @@ package fake import ( rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" - v1beta1 "k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1" + v1beta1 "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1" ) type FakeWardleV1beta1 struct { diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/flunder.go similarity index 98% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/flunder.go index 19e60f95c6a..3f3a1bded9d 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/flunder.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/flunder.go @@ -26,7 +26,7 @@ import ( watch "k8s.io/apimachinery/pkg/watch" rest "k8s.io/client-go/rest" v1beta1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1" - scheme "k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme" + scheme "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme" ) // FlundersGetter has a method to return a FlunderInterface. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/generated_expansion.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/generated_expansion.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/generated_expansion.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/generated_expansion.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/wardle_client.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/wardle_client.go similarity index 97% rename from staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/wardle_client.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/wardle_client.go index c75abb3236a..af66da35912 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned/typed/wardle/v1beta1/wardle_client.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned/typed/wardle/v1beta1/wardle_client.go @@ -22,7 +22,7 @@ import ( serializer "k8s.io/apimachinery/pkg/runtime/serializer" rest "k8s.io/client-go/rest" v1beta1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1" - "k8s.io/sample-apiserver/pkg/client/clientset/versioned/scheme" + "k8s.io/sample-apiserver/pkg/generated/clientset/versioned/scheme" ) type WardleV1beta1Interface interface { diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/BUILD similarity index 60% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/BUILD index e31fe08c1ca..effa446b971 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/BUILD @@ -6,8 +6,8 @@ go_library( "factory.go", "generic.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/informers/externalversions", - importpath = "k8s.io/sample-apiserver/pkg/client/informers/externalversions", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/informers/externalversions", + importpath = "k8s.io/sample-apiserver/pkg/generated/informers/externalversions", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -16,9 +16,9 @@ go_library( "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle:go_default_library", ], ) @@ -33,8 +33,8 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces:all-srcs", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/factory.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/factory.go similarity index 95% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/factory.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/factory.go index 208e2dfac8f..b5aa28e9765 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/factory.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/factory.go @@ -27,9 +27,9 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" - versioned "k8s.io/sample-apiserver/pkg/client/clientset/versioned" - internalinterfaces "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces" - wardle "k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle" + versioned "k8s.io/sample-apiserver/pkg/generated/clientset/versioned" + internalinterfaces "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces" + wardle "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle" ) // SharedInformerOption defines the functional option type for SharedInformerFactory. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/generic.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/generic.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/generic.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/generic.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces/BUILD similarity index 74% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces/BUILD index 37101a39266..650cc4bb16a 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces/BUILD @@ -3,14 +3,14 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["factory_interfaces.go"], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces", - importpath = "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces", + importpath = "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 95% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go index 7410b6fe2ae..f71c664287c 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -24,7 +24,7 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" - versioned "k8s.io/sample-apiserver/pkg/client/clientset/versioned" + versioned "k8s.io/sample-apiserver/pkg/generated/clientset/versioned" ) // NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/BUILD new file mode 100644 index 00000000000..8fe48f73423 --- /dev/null +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/BUILD @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["interface.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle", + importpath = "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1:all-srcs", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/interface.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/interface.go similarity index 85% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/interface.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/interface.go index 78c3fa35701..4a71ce6d7d0 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/interface.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/interface.go @@ -19,9 +19,9 @@ limitations under the License. package wardle import ( - internalinterfaces "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1" - v1beta1 "k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1" + internalinterfaces "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1" + v1beta1 "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1" ) // Interface provides access to each of this group's versions. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/BUILD similarity index 66% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/BUILD index 20dac34d8ae..d9df7af1503 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/BUILD @@ -7,8 +7,8 @@ go_library( "flunder.go", "interface.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1", - importpath = "k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1", + importpath = "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -16,9 +16,9 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/fischer.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/fischer.go similarity index 92% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/fischer.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/fischer.go index dfae5d022b5..c748ace4e1c 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/fischer.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/fischer.go @@ -26,9 +26,9 @@ import ( watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" wardlev1alpha1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1" - versioned "k8s.io/sample-apiserver/pkg/client/clientset/versioned" - internalinterfaces "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1" + versioned "k8s.io/sample-apiserver/pkg/generated/clientset/versioned" + internalinterfaces "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1" ) // FischerInformer provides access to a shared informer and lister for diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/flunder.go similarity index 92% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/flunder.go index f843a36333f..c6f4f387578 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/flunder.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/flunder.go @@ -26,9 +26,9 @@ import ( watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" wardlev1alpha1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1alpha1" - versioned "k8s.io/sample-apiserver/pkg/client/clientset/versioned" - internalinterfaces "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1" + versioned "k8s.io/sample-apiserver/pkg/generated/clientset/versioned" + internalinterfaces "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1" ) // FlunderInformer provides access to a shared informer and lister for diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/interface.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/interface.go similarity index 94% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/interface.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/interface.go index c0e369419a9..c6e666705d5 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1alpha1/interface.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1alpha1/interface.go @@ -19,7 +19,7 @@ limitations under the License. package v1alpha1 import ( - internalinterfaces "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces" + internalinterfaces "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/BUILD similarity index 66% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/BUILD index 16cc71ff89e..cdf9b2b7760 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/BUILD @@ -6,8 +6,8 @@ go_library( "flunder.go", "interface.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1", - importpath = "k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1", + importpath = "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -15,9 +15,9 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces:go_default_library", - "//staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces:go_default_library", + "//staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/flunder.go similarity index 93% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/flunder.go index 22b105b646d..368b14e1b7d 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/flunder.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/flunder.go @@ -26,9 +26,9 @@ import ( watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" wardlev1beta1 "k8s.io/sample-apiserver/pkg/apis/wardle/v1beta1" - versioned "k8s.io/sample-apiserver/pkg/client/clientset/versioned" - internalinterfaces "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces" - v1beta1 "k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1" + versioned "k8s.io/sample-apiserver/pkg/generated/clientset/versioned" + internalinterfaces "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces" + v1beta1 "k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1" ) // FlunderInformer provides access to a shared informer and lister for diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/interface.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/interface.go similarity index 93% rename from staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/interface.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/interface.go index 46690bc743b..7ccaa12ea11 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/informers/externalversions/wardle/v1beta1/interface.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/informers/externalversions/wardle/v1beta1/interface.go @@ -19,7 +19,7 @@ limitations under the License. package v1beta1 import ( - internalinterfaces "k8s.io/sample-apiserver/pkg/client/informers/externalversions/internalinterfaces" + internalinterfaces "k8s.io/sample-apiserver/pkg/generated/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/BUILD similarity index 88% rename from staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/BUILD index 79395f2c14a..26526188365 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/BUILD @@ -7,8 +7,8 @@ go_library( "fischer.go", "flunder.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1", - importpath = "k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1", + importpath = "k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/expansion_generated.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/expansion_generated.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/expansion_generated.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/expansion_generated.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/fischer.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/fischer.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/fischer.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/fischer.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/flunder.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1alpha1/flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1alpha1/flunder.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1/BUILD similarity index 88% rename from staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1/BUILD rename to staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1/BUILD index 6cfc3f7472b..f19258945e2 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1/BUILD @@ -6,8 +6,8 @@ go_library( "expansion_generated.go", "flunder.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1", - importpath = "k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1", + importpath = "k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1/expansion_generated.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1/expansion_generated.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1/expansion_generated.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1/expansion_generated.go diff --git a/staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1/flunder.go b/staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1/flunder.go similarity index 100% rename from staging/src/k8s.io/sample-apiserver/pkg/client/listers/wardle/v1beta1/flunder.go rename to staging/src/k8s.io/sample-apiserver/pkg/generated/listers/wardle/v1beta1/flunder.go diff --git a/staging/src/k8s.io/sample-cli-plugin/CONTRIBUTING.md b/staging/src/k8s.io/sample-cli-plugin/CONTRIBUTING.md index d7556b8163a..0c02f77b31e 100644 --- a/staging/src/k8s.io/sample-cli-plugin/CONTRIBUTING.md +++ b/staging/src/k8s.io/sample-cli-plugin/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/sample-cli-plugin](https://git.k8s.io/kubernetes/staging/src/k8s.io/sample-cli-plugin) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json b/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json index 47c64bc67dd..e3eb79beb55 100644 --- a/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-cli-plugin/Godeps/Godeps.json @@ -12,7 +12,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -282,6 +282,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -482,6 +486,10 @@ "ImportPath": "k8s.io/client-go/discovery", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/discovery/cached/disk", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/scheme", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -578,26 +586,6 @@ "ImportPath": "k8s.io/utils/integer", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, { "ImportPath": "sigs.k8s.io/yaml", "Rev": "fd68e9863619f6ec2fdd8625fe1f02e7c877e480" diff --git a/staging/src/k8s.io/sample-cli-plugin/Godeps/OWNERS b/staging/src/k8s.io/sample-cli-plugin/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/sample-cli-plugin/Godeps/OWNERS +++ b/staging/src/k8s.io/sample-cli-plugin/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/sample-cli-plugin/OWNERS b/staging/src/k8s.io/sample-cli-plugin/OWNERS index 24989e58670..af797353124 100644 --- a/staging/src/k8s.io/sample-cli-plugin/OWNERS +++ b/staging/src/k8s.io/sample-cli-plugin/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - juanvallejo - soltysh diff --git a/staging/src/k8s.io/sample-controller/BUILD b/staging/src/k8s.io/sample-controller/BUILD index a95c03ffb1e..a9ce76b126c 100644 --- a/staging/src/k8s.io/sample-controller/BUILD +++ b/staging/src/k8s.io/sample-controller/BUILD @@ -28,11 +28,11 @@ go_library( "//staging/src/k8s.io/client-go/tools/record:go_default_library", "//staging/src/k8s.io/client-go/util/workqueue:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/signals:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], @@ -56,9 +56,9 @@ filegroup( srcs = [ ":package-srcs", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller:all-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned:all-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions:all-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1:all-srcs", "//staging/src/k8s.io/sample-controller/pkg/signals:all-srcs", ], tags = ["automanaged"], @@ -81,7 +81,7 @@ go_test( "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/client-go/tools/record:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-controller/CONTRIBUTING.md b/staging/src/k8s.io/sample-controller/CONTRIBUTING.md index 76949e8bbf7..94b4ecd60e0 100644 --- a/staging/src/k8s.io/sample-controller/CONTRIBUTING.md +++ b/staging/src/k8s.io/sample-controller/CONTRIBUTING.md @@ -4,4 +4,4 @@ Do not open pull requests directly against this repository, they will be ignored This repository is published from [kubernetes/kubernetes/staging/src/k8s.io/sample-controller](https://git.k8s.io/kubernetes/staging/src/k8s.io/sample-controller) by the [kubernetes publishing-bot](https://git.k8s.io/publishing-bot). -Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/staging.md) for more information +Please see [Staging Directory and Publishing](https://git.k8s.io/community/contributors/devel/sig-architecture/staging.md) for more information diff --git a/staging/src/k8s.io/sample-controller/Godeps/Godeps.json b/staging/src/k8s.io/sample-controller/Godeps/Godeps.json index 4ec020c7c3c..7074170ad5e 100644 --- a/staging/src/k8s.io/sample-controller/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-controller/Godeps/Godeps.json @@ -12,7 +12,7 @@ }, { "ImportPath": "github.com/evanphx/json-patch", - "Rev": "d4020504c68b6bfa818032bedfb48e33e9638506" + "Rev": "5858425f75500d40c52783dce87d085a483ce135" }, { "ImportPath": "github.com/gogo/protobuf/proto", @@ -46,10 +46,6 @@ "ImportPath": "github.com/golang/protobuf/ptypes/timestamp", "Rev": "b4deda0973fb4c70b50d226b1af49f3da59f5265" }, - { - "ImportPath": "github.com/google/btree", - "Rev": "7d79101e329e5a3adf994758c578dab82b90c017" - }, { "ImportPath": "github.com/google/gofuzz", "Rev": "24818f796faf91cd76ec7bddd72458fbced7a6c1" @@ -66,21 +62,13 @@ "ImportPath": "github.com/googleapis/gnostic/extensions", "Rev": "0c5108395e2debce0d731cf0287ddf7242066aba" }, - { - "ImportPath": "github.com/gregjones/httpcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, - { - "ImportPath": "github.com/gregjones/httpcache/diskcache", - "Rev": "787624de3eb7bd915c329cba748687a3b22666a6" - }, { "ImportPath": "github.com/hashicorp/golang-lru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/hashicorp/golang-lru/simplelru", - "Rev": "a0d98a5f288019575c6d1f4bb1573fef2d1fcdc4" + "Rev": "20f1fb78b0740ba8c3cb143a61e86ba5c8669768" }, { "ImportPath": "github.com/imdario/mergo", @@ -98,10 +86,6 @@ "ImportPath": "github.com/modern-go/reflect2", "Rev": "94122c33edd36123c84d5368cfb2b69df93a0ec8" }, - { - "ImportPath": "github.com/peterbourgon/diskv", - "Rev": "5f041e8faa004a95c88a202771f4cc3e991971e6" - }, { "ImportPath": "github.com/spf13/pflag", "Rev": "583c0c0531f06d5278b7d917446061adc344b5cd" @@ -262,6 +246,10 @@ "ImportPath": "k8s.io/api/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/api/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/api/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -602,6 +590,10 @@ "ImportPath": "k8s.io/client-go/informers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/informers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/informers/policy", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -850,6 +842,14 @@ "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1/fake", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, + { + "ImportPath": "k8s.io/client-go/kubernetes/typed/networking/v1beta1/fake", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/kubernetes/typed/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1002,6 +1002,10 @@ "ImportPath": "k8s.io/client-go/listers/networking/v1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }, + { + "ImportPath": "k8s.io/client-go/listers/networking/v1beta1", + "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + }, { "ImportPath": "k8s.io/client-go/listers/policy/v1beta1", "Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" @@ -1152,7 +1156,7 @@ }, { "ImportPath": "k8s.io/kube-openapi/pkg/util/proto", - "Rev": "ced9eb3070a5f1c548ef46e8dfe2a97c208d9f03" + "Rev": "d7c86cdc46e3a4fcf892b32dd7bc3aa775e0870e" }, { "ImportPath": "k8s.io/utils/buffer", @@ -1166,26 +1170,6 @@ "ImportPath": "k8s.io/utils/trace", "Rev": "ed37f7428a91fc2a81070808937195dcd46d320e" }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/fieldpath", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/merge", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/schema", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/typed", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, - { - "ImportPath": "sigs.k8s.io/structured-merge-diff/value", - "Rev": "e5e029740eb81ee0217ecf9d950c25a0eeb9688a" - }, { "ImportPath": "sigs.k8s.io/yaml", "Rev": "fd68e9863619f6ec2fdd8625fe1f02e7c877e480" diff --git a/staging/src/k8s.io/sample-controller/Godeps/OWNERS b/staging/src/k8s.io/sample-controller/Godeps/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/staging/src/k8s.io/sample-controller/Godeps/OWNERS +++ b/staging/src/k8s.io/sample-controller/Godeps/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/staging/src/k8s.io/sample-controller/OWNERS b/staging/src/k8s.io/sample-controller/OWNERS index 0d8570da80d..9459a738561 100644 --- a/staging/src/k8s.io/sample-controller/OWNERS +++ b/staging/src/k8s.io/sample-controller/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sttts - munnerz diff --git a/staging/src/k8s.io/sample-controller/README.md b/staging/src/k8s.io/sample-controller/README.md index 244ff48cc47..b4388f565ec 100644 --- a/staging/src/k8s.io/sample-controller/README.md +++ b/staging/src/k8s.io/sample-controller/README.md @@ -42,6 +42,8 @@ This is an example of how to build a kube-like controller with a single type. ```sh # assumes you have a working kubeconfig, not required if operating in-cluster +$ go get k8s.io/sample-controller +$ cd $GOPATH/src/k8s.io/sample-controller $ go build -o sample-controller . $ ./sample-controller -kubeconfig=$HOME/.kube/config diff --git a/staging/src/k8s.io/sample-controller/controller.go b/staging/src/k8s.io/sample-controller/controller.go index bea78e72e7e..82c023cdc51 100644 --- a/staging/src/k8s.io/sample-controller/controller.go +++ b/staging/src/k8s.io/sample-controller/controller.go @@ -38,10 +38,10 @@ import ( "k8s.io/klog" samplev1alpha1 "k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1" - clientset "k8s.io/sample-controller/pkg/client/clientset/versioned" - samplescheme "k8s.io/sample-controller/pkg/client/clientset/versioned/scheme" - informers "k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1" - listers "k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1" + clientset "k8s.io/sample-controller/pkg/generated/clientset/versioned" + samplescheme "k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme" + informers "k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1" + listers "k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1" ) const controllerAgentName = "sample-controller" diff --git a/staging/src/k8s.io/sample-controller/controller_test.go b/staging/src/k8s.io/sample-controller/controller_test.go index f25459c6c90..42e5fa03218 100644 --- a/staging/src/k8s.io/sample-controller/controller_test.go +++ b/staging/src/k8s.io/sample-controller/controller_test.go @@ -34,8 +34,8 @@ import ( "k8s.io/client-go/tools/record" samplecontroller "k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1" - "k8s.io/sample-controller/pkg/client/clientset/versioned/fake" - informers "k8s.io/sample-controller/pkg/client/informers/externalversions" + "k8s.io/sample-controller/pkg/generated/clientset/versioned/fake" + informers "k8s.io/sample-controller/pkg/generated/informers/externalversions" ) var ( diff --git a/staging/src/k8s.io/sample-controller/hack/update-codegen.sh b/staging/src/k8s.io/sample-controller/hack/update-codegen.sh index 196973b0934..5562672b966 100755 --- a/staging/src/k8s.io/sample-controller/hack/update-codegen.sh +++ b/staging/src/k8s.io/sample-controller/hack/update-codegen.sh @@ -26,10 +26,10 @@ CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code- # k8s.io/kubernetes. The output-base is needed for the generators to output into the vendor dir # instead of the $GOPATH directly. For normal projects this can be dropped. "${CODEGEN_PKG}"/generate-groups.sh "deepcopy,client,informer,lister" \ - k8s.io/sample-controller/pkg/client k8s.io/sample-controller/pkg/apis \ + k8s.io/sample-controller/pkg/generated k8s.io/sample-controller/pkg/apis \ samplecontroller:v1alpha1 \ --output-base "$(dirname "${BASH_SOURCE[0]}")/../../.." \ --go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt -# To use your own boilerplate text use: +# To use your own boilerplate text append: # --go-header-file "${SCRIPT_ROOT}"/hack/custom-boilerplate.go.txt diff --git a/staging/src/k8s.io/sample-controller/main.go b/staging/src/k8s.io/sample-controller/main.go index d8167715602..e8574a24577 100644 --- a/staging/src/k8s.io/sample-controller/main.go +++ b/staging/src/k8s.io/sample-controller/main.go @@ -27,8 +27,8 @@ import ( // Uncomment the following line to load the gcp plugin (only required to authenticate against GKE clusters). // _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" - clientset "k8s.io/sample-controller/pkg/client/clientset/versioned" - informers "k8s.io/sample-controller/pkg/client/informers/externalversions" + clientset "k8s.io/sample-controller/pkg/generated/clientset/versioned" + informers "k8s.io/sample-controller/pkg/generated/informers/externalversions" "k8s.io/sample-controller/pkg/signals" ) diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/BUILD b/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/BUILD deleted file mode 100644 index afbcd16925a..00000000000 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/BUILD +++ /dev/null @@ -1,30 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["interface.go"], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller", - importpath = "k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller", - visibility = ["//visibility:public"], - deps = [ - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1:all-srcs", - ], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/BUILD similarity index 57% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/BUILD index 85452aa3775..b2b4c629ed9 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/BUILD @@ -6,14 +6,14 @@ go_library( "clientset.go", "doc.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/clientset/versioned", - importpath = "k8s.io/sample-controller/pkg/client/clientset/versioned", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/clientset/versioned", + importpath = "k8s.io/sample-controller/pkg/generated/clientset/versioned", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/client-go/discovery:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/util/flowcontrol:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1:go_default_library", ], ) @@ -28,9 +28,9 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake:all-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme:all-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/clientset.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/clientset.go similarity index 96% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/clientset.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/clientset.go index 5bdd7290421..9dd86db1f38 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/clientset.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/clientset.go @@ -22,7 +22,7 @@ import ( discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" - samplecontrollerv1alpha1 "k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1" + samplecontrollerv1alpha1 "k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1" ) type Interface interface { diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/doc.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/doc.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/doc.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/doc.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/BUILD similarity index 73% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/BUILD index ffdfadaf3b3..83599769051 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/BUILD @@ -7,8 +7,8 @@ go_library( "doc.go", "register.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/clientset/versioned/fake", - importpath = "k8s.io/sample-controller/pkg/client/clientset/versioned/fake", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake", + importpath = "k8s.io/sample-controller/pkg/generated/clientset/versioned/fake", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -21,9 +21,9 @@ go_library( "//staging/src/k8s.io/client-go/discovery/fake:go_default_library", "//staging/src/k8s.io/client-go/testing:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/clientset_generated.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/clientset_generated.go similarity index 89% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/clientset_generated.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/clientset_generated.go index 7a388a439c9..6bed11af721 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/clientset_generated.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/clientset_generated.go @@ -24,9 +24,9 @@ import ( "k8s.io/client-go/discovery" fakediscovery "k8s.io/client-go/discovery/fake" "k8s.io/client-go/testing" - clientset "k8s.io/sample-controller/pkg/client/clientset/versioned" - samplecontrollerv1alpha1 "k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1" - fakesamplecontrollerv1alpha1 "k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake" + clientset "k8s.io/sample-controller/pkg/generated/clientset/versioned" + samplecontrollerv1alpha1 "k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1" + fakesamplecontrollerv1alpha1 "k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake" ) // NewSimpleClientset returns a clientset that will respond with the provided objects. diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/doc.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/doc.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/doc.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/doc.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/register.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/register.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/fake/register.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/fake/register.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme/BUILD similarity index 89% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme/BUILD index 1abbd08ada9..b261407c04f 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme/BUILD @@ -6,8 +6,8 @@ go_library( "doc.go", "register.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme", - importpath = "k8s.io/sample-controller/pkg/client/clientset/versioned/scheme", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme", + importpath = "k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme/doc.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme/doc.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme/doc.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme/doc.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme/register.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme/register.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme/register.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme/register.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/BUILD similarity index 72% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/BUILD index 69d3fc3b4c8..f99d5fd6ed5 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/BUILD @@ -8,8 +8,8 @@ go_library( "generated_expansion.go", "samplecontroller_client.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1", - importpath = "k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1", + importpath = "k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -18,7 +18,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/scheme:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme:go_default_library", ], ) @@ -33,7 +33,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/doc.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/doc.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/doc.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/doc.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/BUILD similarity index 79% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/BUILD index 57ec23a4c05..fd3491aa213 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/BUILD @@ -7,8 +7,8 @@ go_library( "fake_foo.go", "fake_samplecontroller_client.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake", - importpath = "k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake", + importpath = "k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -19,7 +19,7 @@ go_library( "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/testing:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/doc.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/doc.go new file mode 100644 index 00000000000..16f44399065 --- /dev/null +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_foo.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_foo.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_foo.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_foo.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_samplecontroller_client.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_samplecontroller_client.go similarity index 91% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_samplecontroller_client.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_samplecontroller_client.go index 17a28bb6e8c..02088eba870 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_samplecontroller_client.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/fake/fake_samplecontroller_client.go @@ -21,7 +21,7 @@ package fake import ( rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" - v1alpha1 "k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1" + v1alpha1 "k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1" ) type FakeSamplecontrollerV1alpha1 struct { diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/foo.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/foo.go similarity index 98% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/foo.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/foo.go index 48bc2152f1c..46738c05b78 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/foo.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/foo.go @@ -26,7 +26,7 @@ import ( watch "k8s.io/apimachinery/pkg/watch" rest "k8s.io/client-go/rest" v1alpha1 "k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1" - scheme "k8s.io/sample-controller/pkg/client/clientset/versioned/scheme" + scheme "k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme" ) // FoosGetter has a method to return a FooInterface. diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/generated_expansion.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/generated_expansion.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/generated_expansion.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/generated_expansion.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/samplecontroller_client.go b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/samplecontroller_client.go similarity index 97% rename from staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/samplecontroller_client.go rename to staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/samplecontroller_client.go index c59278504ed..57ce1df2f75 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned/typed/samplecontroller/v1alpha1/samplecontroller_client.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned/typed/samplecontroller/v1alpha1/samplecontroller_client.go @@ -22,7 +22,7 @@ import ( serializer "k8s.io/apimachinery/pkg/runtime/serializer" rest "k8s.io/client-go/rest" v1alpha1 "k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1" - "k8s.io/sample-controller/pkg/client/clientset/versioned/scheme" + "k8s.io/sample-controller/pkg/generated/clientset/versioned/scheme" ) type SamplecontrollerV1alpha1Interface interface { diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/BUILD similarity index 57% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/BUILD index 4fa41112a60..555a5def7d8 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/BUILD @@ -6,8 +6,8 @@ go_library( "factory.go", "generic.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/informers/externalversions", - importpath = "k8s.io/sample-controller/pkg/client/informers/externalversions", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/informers/externalversions", + importpath = "k8s.io/sample-controller/pkg/generated/informers/externalversions", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -15,9 +15,9 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller:go_default_library", ], ) @@ -32,8 +32,8 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces:all-srcs", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces:all-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/factory.go b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/factory.go similarity index 95% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/factory.go rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/factory.go index b6cf4fe8d76..a22e1054c5f 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/factory.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/factory.go @@ -27,9 +27,9 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" - versioned "k8s.io/sample-controller/pkg/client/clientset/versioned" - internalinterfaces "k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces" - samplecontroller "k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller" + versioned "k8s.io/sample-controller/pkg/generated/clientset/versioned" + internalinterfaces "k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces" + samplecontroller "k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller" ) // SharedInformerOption defines the functional option type for SharedInformerFactory. diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/generic.go b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/generic.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/generic.go rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/generic.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces/BUILD similarity index 73% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces/BUILD index 77cf96e5c22..1cc775ad73f 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces/BUILD @@ -3,14 +3,14 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["factory_interfaces.go"], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces", - importpath = "k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces", + importpath = "k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go similarity index 94% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go index 8ab887c1d8e..71c802bab91 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -24,7 +24,7 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" cache "k8s.io/client-go/tools/cache" - versioned "k8s.io/sample-controller/pkg/client/clientset/versioned" + versioned "k8s.io/sample-controller/pkg/generated/clientset/versioned" ) // NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. diff --git a/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/BUILD new file mode 100644 index 00000000000..b0b56590f76 --- /dev/null +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["interface.go"], + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller", + importpath = "k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller", + visibility = ["//visibility:public"], + deps = [ + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/interface.go b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/interface.go similarity index 87% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/interface.go rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/interface.go index 145651cc1f4..d06266ac5c2 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/interface.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/interface.go @@ -19,8 +19,8 @@ limitations under the License. package samplecontroller import ( - internalinterfaces "k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1" + internalinterfaces "k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1" ) // Interface provides access to each of this group's versions. diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/BUILD similarity index 64% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/BUILD index e32e3da1583..d5a45d04ff2 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/BUILD @@ -6,8 +6,8 @@ go_library( "foo.go", "interface.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1", - importpath = "k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1", + importpath = "k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -15,9 +15,9 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", "//staging/src/k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/clientset/versioned:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces:go_default_library", - "//staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/clientset/versioned:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces:go_default_library", + "//staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1:go_default_library", ], ) diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/foo.go b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/foo.go similarity index 92% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/foo.go rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/foo.go index e9319290ab8..21fda895bd5 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/foo.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/foo.go @@ -26,9 +26,9 @@ import ( watch "k8s.io/apimachinery/pkg/watch" cache "k8s.io/client-go/tools/cache" samplecontrollerv1alpha1 "k8s.io/sample-controller/pkg/apis/samplecontroller/v1alpha1" - versioned "k8s.io/sample-controller/pkg/client/clientset/versioned" - internalinterfaces "k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1" + versioned "k8s.io/sample-controller/pkg/generated/clientset/versioned" + internalinterfaces "k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1" ) // FooInformer provides access to a shared informer and lister for diff --git a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/interface.go b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/interface.go similarity index 92% rename from staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/interface.go rename to staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/interface.go index 92ab70f7dab..403b027604e 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/informers/externalversions/samplecontroller/v1alpha1/interface.go +++ b/staging/src/k8s.io/sample-controller/pkg/generated/informers/externalversions/samplecontroller/v1alpha1/interface.go @@ -19,7 +19,7 @@ limitations under the License. package v1alpha1 import ( - internalinterfaces "k8s.io/sample-controller/pkg/client/informers/externalversions/internalinterfaces" + internalinterfaces "k8s.io/sample-controller/pkg/generated/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1/BUILD b/staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1/BUILD similarity index 86% rename from staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1/BUILD rename to staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1/BUILD index 7f8f9e41c09..ace18506ca7 100644 --- a/staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1/BUILD +++ b/staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1/BUILD @@ -6,8 +6,8 @@ go_library( "expansion_generated.go", "foo.go", ], - importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1", - importpath = "k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1", + importmap = "k8s.io/kubernetes/vendor/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1", + importpath = "k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", diff --git a/staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1/expansion_generated.go b/staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1/expansion_generated.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1/expansion_generated.go rename to staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1/expansion_generated.go diff --git a/staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1/foo.go b/staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1/foo.go similarity index 100% rename from staging/src/k8s.io/sample-controller/pkg/client/listers/samplecontroller/v1alpha1/foo.go rename to staging/src/k8s.io/sample-controller/pkg/generated/listers/samplecontroller/v1alpha1/foo.go diff --git a/test/OWNERS b/test/OWNERS index 832701e5309..85c87efbb8f 100644 --- a/test/OWNERS +++ b/test/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - bowei - rramkumar1 @@ -15,6 +17,7 @@ reviewers: - madhusudancs - marun - mikedanese + - msau42 # for test/e2e/commmon/{*volume,empty_dir}.go and test/e2e/framework/{pv|volume}_util.go - ncdc - pwittrock # for test/e2e/kubectl.go - saad-ali @@ -47,6 +50,7 @@ approvers: - madhusudancs - marun - mikedanese + - msau42 # for test/e2e/commmon/{*volume,empty_dir}.go and test/e2e/framework/{pv|volume}_util.go - ncdc - pwittrock # for test/e2e/kubectl.go - saad-ali diff --git a/test/cmd/OWNERS b/test/cmd/OWNERS index ce699e9679a..d3e63eb0d8a 100644 --- a/test/cmd/OWNERS +++ b/test/cmd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/test/cmd/apply.sh b/test/cmd/apply.sh index dabc0ff66fc..be33cbc0cd0 100755 --- a/test/cmd/apply.sh +++ b/test/cmd/apply.sh @@ -224,6 +224,77 @@ __EOF__ kubectl delete -f hack/testdata/service-revision2.yaml "${kube_flags[@]}" + set +o nounset + set +o errexit +} + +# Runs tests related to kubectl apply (server-side) +run_kubectl_apply_tests() { + set -o nounset + set -o errexit + set -x + + create_and_use_new_namespace + kube::log::status "Testing kubectl apply --server-side" + ## kubectl apply should create the resource that doesn't exist yet + # Pre-Condition: no POD exists + kube::test::get_object_assert pods "{{range.items}}{{$id_field}}:{{end}}" '' + # Command: apply a pod "test-pod" (doesn't exist) should create this pod + kubectl apply --server-side -f hack/testdata/pod.yaml "${kube_flags[@]}" + # Post-Condition: pod "test-pod" is created + kube::test::get_object_assert 'pods test-pod' "{{${labels_field}.name}}" 'test-pod-label' + # Clean up + kubectl delete pods test-pod "${kube_flags[@]}" + + ## kubectl apply --server-dry-run + # Pre-Condition: no POD exists + kube::test::get_object_assert pods "{{range.items}}{{$id_field}}:{{end}}" '' + + # apply dry-run + kubectl apply --server-side --server-dry-run -f hack/testdata/pod.yaml "${kube_flags[@]}" + # No pod exists + kube::test::get_object_assert pods "{{range.items}}{{$id_field}}:{{end}}" '' + # apply non dry-run creates the pod + kubectl apply --server-side -f hack/testdata/pod.yaml "${kube_flags[@]}" + # apply changes + kubectl apply --server-side --server-dry-run -f hack/testdata/pod-apply.yaml "${kube_flags[@]}" + # Post-Condition: label still has initial value + kube::test::get_object_assert 'pods test-pod' "{{${labels_field}.name}}" 'test-pod-label' + + # clean-up + kubectl delete -f hack/testdata/pod.yaml "${kube_flags[@]}" + + ## kubectl apply dry-run on CR + # Create CRD + kubectl "${kube_flags_with_token[@]}" create -f - << __EOF__ +{ + "kind": "CustomResourceDefinition", + "apiVersion": "apiextensions.k8s.io/v1beta1", + "metadata": { + "name": "resources.mygroup.example.com" + }, + "spec": { + "group": "mygroup.example.com", + "version": "v1alpha1", + "scope": "Namespaced", + "names": { + "plural": "resources", + "singular": "resource", + "kind": "Kind", + "listKind": "KindList" + } + } +} +__EOF__ + + # Dry-run create the CR + kubectl "${kube_flags[@]}" apply --server-side --server-dry-run -f hack/testdata/CRD/resource.yaml "${kube_flags[@]}" + # Make sure that the CR doesn't exist + ! kubectl "${kube_flags[@]}" get resource/myobj + + # clean-up + kubectl "${kube_flags[@]}" delete customresourcedefinition resources.mygroup.example.com + set +o nounset set +o errexit } diff --git a/test/cmd/core.sh b/test/cmd/core.sh index 5f645c2d5c5..125c2923dee 100755 --- a/test/cmd/core.sh +++ b/test/cmd/core.sh @@ -992,6 +992,32 @@ __EOF__ # Post-condition: Only the default kubernetes services exist kube::test::get_object_assert services "{{range.items}}{{$id_field}}:{{end}}" 'kubernetes:' + ### Create deployent and service + # Pre-condition: no deployment exists + kube::test::wait_object_assert deployment "{{range.items}}{{$id_field}}:{{end}}" '' + # Command + kubectl run testmetadata --image=nginx --replicas=2 --port=80 --expose --service-overrides='{ "metadata": { "annotations": { "zone-context": "home" } } } ' + # Check result + kube::test::get_object_assert deployment "{{range.items}}{{$id_field}}:{{end}}" 'testmetadata:' + kube::test::get_object_assert 'service testmetadata' "{{.metadata.annotations}}" "map\[zone-context:home\]" + + ### Expose deployment as a new service + # Command + kubectl expose deployment testmetadata --port=1000 --target-port=80 --type=NodePort --name=exposemetadata --overrides='{ "metadata": { "annotations": { "zone-context": "work" } } } ' + # Check result + kube::test::get_object_assert 'service exposemetadata' "{{.metadata.annotations}}" "map\[zone-context:work\]" + + # Clean-Up + # Command + kubectl delete service exposemetadata testmetadata "${kube_flags[@]}" + if [[ "${WAIT_FOR_DELETION:-}" == "true" ]]; then + kube::test::wait_object_assert services "{{range.items}}{{$id_field}}:{{end}}" 'kubernetes:' + fi + kubectl delete deployment testmetadata "${kube_flags[@]}" + if [[ "${WAIT_FOR_DELETION:-}" == "true" ]]; then + kube::test::wait_object_assert deployment "{{range.items}}{{$id_field}}:{{end}}" '' + fi + set +o nounset set +o errexit } diff --git a/test/conformance/OWNERS b/test/conformance/OWNERS index 8a14a1e9b9d..ca8c2cb5473 100644 --- a/test/conformance/OWNERS +++ b/test/conformance/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # This is the owner of the test code. The test data itself is owned by sig-architecture. reviewers: - mml diff --git a/test/conformance/testdata/OWNERS b/test/conformance/testdata/OWNERS index 3dfb0c82ba4..b75318b1fb7 100644 --- a/test/conformance/testdata/OWNERS +++ b/test/conformance/testdata/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + # To be owned by sig-architecture. options: no_parent_owners: true diff --git a/test/e2e/README.md b/test/e2e/README.md index d5c5db59448..b707b8250a2 100644 --- a/test/e2e/README.md +++ b/test/e2e/README.md @@ -1,3 +1,3 @@ -See [e2e-tests](https://git.k8s.io/community/contributors/devel/e2e-tests.md) +See [e2e-tests](https://git.k8s.io/community/contributors/devel/sig-testing/e2e-tests.md) [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/e2e/README.md?pixel)]() diff --git a/test/e2e/apimachinery/resource_quota.go b/test/e2e/apimachinery/resource_quota.go index 50f097995fe..dc276d85563 100644 --- a/test/e2e/apimachinery/resource_quota.go +++ b/test/e2e/apimachinery/resource_quota.go @@ -18,6 +18,7 @@ package apimachinery import ( "fmt" + "strconv" "time" appsv1 "k8s.io/api/apps/v1" @@ -50,29 +51,37 @@ var _ = SIGDescribe("ResourceQuota", func() { f := framework.NewDefaultFramework("resourcequota") It("should create a ResourceQuota and ensure its status is promptly calculated.", func() { + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) }) It("should create a ResourceQuota and capture the life of a service.", func() { + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) @@ -83,7 +92,7 @@ var _ = SIGDescribe("ResourceQuota", func() { By("Ensuring resource quota status captures service creation") usedResources = v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourceServices] = resource.MustParse("1") err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) @@ -116,16 +125,20 @@ var _ = SIGDescribe("ResourceQuota", func() { defaultSecrets := fmt.Sprintf("%d", found) hardSecrets := fmt.Sprintf("%d", found+1) + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) resourceQuota.Spec.Hard[v1.ResourceSecrets] = resource.MustParse(hardSecrets) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourceSecrets] = resource.MustParse(defaultSecrets) err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) @@ -154,15 +167,19 @@ var _ = SIGDescribe("ResourceQuota", func() { }) It("should create a ResourceQuota and capture the life of a pod.", func() { + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) @@ -181,7 +198,7 @@ var _ = SIGDescribe("ResourceQuota", func() { podToUpdate := pod By("Ensuring ResourceQuota status captures the pod usage") - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourcePods] = resource.MustParse("1") usedResources[v1.ResourceCPU] = requests[v1.ResourceCPU] usedResources[v1.ResourceMemory] = requests[v1.ResourceMemory] @@ -229,7 +246,7 @@ var _ = SIGDescribe("ResourceQuota", func() { Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status released the pod usage") - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourcePods] = resource.MustParse("0") usedResources[v1.ResourceCPU] = resource.MustParse("0") usedResources[v1.ResourceMemory] = resource.MustParse("0") @@ -256,15 +273,19 @@ var _ = SIGDescribe("ResourceQuota", func() { defaultConfigMaps := fmt.Sprintf("%d", found) hardConfigMaps := fmt.Sprintf("%d", found+1) + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourceConfigMaps] = resource.MustParse(defaultConfigMaps) err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) @@ -276,7 +297,7 @@ var _ = SIGDescribe("ResourceQuota", func() { By("Ensuring resource quota status captures configMap creation") usedResources = v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) // we expect there to be two configmaps because each namespace will receive // a ca.crt configmap by default. // ref:https://github.com/kubernetes/kubernetes/pull/68812 @@ -295,15 +316,19 @@ var _ = SIGDescribe("ResourceQuota", func() { }) It("should create a ResourceQuota and capture the life of a replication controller.", func() { + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourceReplicationControllers] = resource.MustParse("0") err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) @@ -330,15 +355,19 @@ var _ = SIGDescribe("ResourceQuota", func() { }) It("should create a ResourceQuota and capture the life of a replica set.", func() { + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourceName("count/replicasets.apps")] = resource.MustParse("0") err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) Expect(err).NotTo(HaveOccurred()) @@ -365,15 +394,19 @@ var _ = SIGDescribe("ResourceQuota", func() { }) It("should create a ResourceQuota and capture the life of a persistent volume claim. [sig-storage]", func() { + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourcePersistentVolumeClaims] = resource.MustParse("0") usedResources[v1.ResourceRequestsStorage] = resource.MustParse("0") err = waitForResourceQuota(f.ClientSet, f.Namespace.Name, quotaName, usedResources) @@ -403,15 +436,19 @@ var _ = SIGDescribe("ResourceQuota", func() { }) It("should create a ResourceQuota and capture the life of a persistent volume claim with a storage class. [sig-storage]", func() { + By("Counting existing ResourceQuota") + c, err := countResourceQuota(f.ClientSet, f.Namespace.Name) + Expect(err).NotTo(HaveOccurred()) + By("Creating a ResourceQuota") quotaName := "test-quota" resourceQuota := newTestResourceQuota(quotaName) - resourceQuota, err := createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) + resourceQuota, err = createResourceQuota(f.ClientSet, f.Namespace.Name, resourceQuota) Expect(err).NotTo(HaveOccurred()) By("Ensuring resource quota status is calculated") usedResources := v1.ResourceList{} - usedResources[v1.ResourceQuotas] = resource.MustParse("1") + usedResources[v1.ResourceQuotas] = resource.MustParse(strconv.Itoa(c + 1)) usedResources[v1.ResourcePersistentVolumeClaims] = resource.MustParse("0") usedResources[v1.ResourceRequestsStorage] = resource.MustParse("0") usedResources[core.V1ResourceByStorageClass(classGold, v1.ResourcePersistentVolumeClaims)] = resource.MustParse("0") @@ -1405,6 +1442,23 @@ func deleteResourceQuota(c clientset.Interface, namespace, name string) error { return c.CoreV1().ResourceQuotas(namespace).Delete(name, nil) } +// countResourceQuota counts the number of ResourceQuota in the specified namespace +func countResourceQuota(c clientset.Interface, namespace string) (int, error) { + found, unchanged := 0, 0 + return found, wait.Poll(1*time.Second, 30*time.Second, func() (bool, error) { + resourceQuotas, err := c.CoreV1().ResourceQuotas(namespace).List(metav1.ListOptions{}) + Expect(err).NotTo(HaveOccurred()) + if len(resourceQuotas.Items) == found { + // loop until the number of resource quotas has stabilized for 5 seconds + unchanged++ + return unchanged > 4, nil + } + unchanged = 0 + found = len(resourceQuotas.Items) + return false, nil + }) +} + // wait for resource quota status to show the expected used resources value func waitForResourceQuota(c clientset.Interface, ns, quotaName string, used v1.ResourceList) error { return wait.Poll(framework.Poll, resourceQuotaTimeout, func() (bool, error) { diff --git a/test/e2e/apimachinery/webhook.go b/test/e2e/apimachinery/webhook.go index 7f6dba57c35..92de1b41096 100644 --- a/test/e2e/apimachinery/webhook.go +++ b/test/e2e/apimachinery/webhook.go @@ -183,6 +183,24 @@ var _ = SIGDescribe("AdmissionWebhook", func() { testCRDDenyWebhook(f) }) + It("Should mutate custom resource with different stored version", func() { + testcrd, err := framework.CreateMultiVersionTestCRDWithV1Storage(f) + if err != nil { + return + } + defer testcrd.CleanUp() + webhookCleanup := registerMutatingWebhookForCustomResource(f, context, testcrd) + defer webhookCleanup() + testMultiVersionCustomResourceWebhook(f, testcrd) + }) + + It("Should deny crd creation", func() { + crdWebhookCleanup := registerValidatingWebhookForCRD(f, context) + defer crdWebhookCleanup() + + testCRDDenyWebhook(f) + }) + // TODO: add more e2e tests for mutating webhooks // 1. mutating webhook that mutates pod // 2. mutating webhook that sends empty patch @@ -1154,7 +1172,7 @@ func registerWebhookForCustomResource(f *framework.Framework, context *certConte { Name: "deny-unwanted-custom-resource-data.k8s.io", Rules: []v1beta1.RuleWithOperations{{ - Operations: []v1beta1.OperationType{v1beta1.Create}, + Operations: []v1beta1.OperationType{v1beta1.Create, v1beta1.Update}, Rule: v1beta1.Rule{ APIGroups: []string{testcrd.ApiGroup}, APIVersions: testcrd.GetAPIVersions(), @@ -1195,7 +1213,7 @@ func registerMutatingWebhookForCustomResource(f *framework.Framework, context *c { Name: "mutate-custom-resource-data-stage-1.k8s.io", Rules: []v1beta1.RuleWithOperations{{ - Operations: []v1beta1.OperationType{v1beta1.Create}, + Operations: []v1beta1.OperationType{v1beta1.Create, v1beta1.Update}, Rule: v1beta1.Rule{ APIGroups: []string{testcrd.ApiGroup}, APIVersions: testcrd.GetAPIVersions(), @@ -1292,6 +1310,37 @@ func testMutatingCustomResourceWebhook(f *framework.Framework, crd *apiextension } } +func testMultiVersionCustomResourceWebhook(f *framework.Framework, testcrd *framework.TestCrd) { + customResourceClient := testcrd.GetV1DynamicClient() + By("Creating a custom resource while v1 is storage version") + crName := "cr-instance-1" + cr := &unstructured.Unstructured{ + Object: map[string]interface{}{ + "kind": testcrd.Crd.Spec.Names.Kind, + "apiVersion": testcrd.Crd.Spec.Group + "/" + testcrd.Crd.Spec.Version, + "metadata": map[string]interface{}{ + "name": crName, + "namespace": f.Namespace.Name, + }, + "data": map[string]interface{}{ + "mutation-start": "yes", + }, + }, + } + _, err := customResourceClient.Create(cr, metav1.CreateOptions{}) + Expect(err).NotTo(HaveOccurred(), "failed to create custom resource %s in namespace: %s", crName, f.Namespace.Name) + + By("Patching Custom Resource Definition to set v2 as storage") + apiVersionWithV2StoragePatch := fmt.Sprint(`{"spec": {"versions": [{"name": "v1", "storage": false, "served": true},{"name": "v2", "storage": true, "served": true}]}}`) + _, err = testcrd.ApiExtensionClient.ApiextensionsV1beta1().CustomResourceDefinitions().Patch(testcrd.Crd.Name, types.StrategicMergePatchType, []byte(apiVersionWithV2StoragePatch)) + Expect(err).NotTo(HaveOccurred(), "failed to patch custom resource definition %s in namespace: %s", testcrd.Crd.Name, f.Namespace.Name) + + By("Patching the custom resource while v2 is storage version") + crDummyPatch := fmt.Sprint(`[{ "op": "add", "path": "/dummy", "value": "test" }]`) + _, err = testcrd.DynamicClients["v2"].Patch(crName, types.JSONPatchType, []byte(crDummyPatch), metav1.PatchOptions{}) + Expect(err).NotTo(HaveOccurred(), "failed to patch custom resource %s in namespace: %s", crName, f.Namespace.Name) +} + func registerValidatingWebhookForCRD(f *framework.Framework, context *certContext) func() { client := f.ClientSet By("Registering the crd webhook via the AdmissionRegistration API") diff --git a/test/e2e/apps/OWNERS b/test/e2e/apps/OWNERS old mode 100755 new mode 100644 index c65807b470a..ce7cdaf8c4d --- a/test/e2e/apps/OWNERS +++ b/test/e2e/apps/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - janetkuo - nikhiljindal diff --git a/test/e2e/apps/statefulset.go b/test/e2e/apps/statefulset.go index b35b9dc7736..2985d2df2c3 100644 --- a/test/e2e/apps/statefulset.go +++ b/test/e2e/apps/statefulset.go @@ -275,7 +275,7 @@ var _ = SIGDescribe("StatefulSet", func() { Description: StatefulSet's RollingUpdate strategy MUST support the Partition parameter for canaries and phased rollouts. If a Pod is deleted while a rolling update is in progress, StatefulSet MUST restore the Pod without violating the Partition. This test does not depend on a preexisting default StorageClass or a dynamic provisioner. */ framework.ConformanceIt("should perform canary updates and phased rolling updates of template modifications", func() { - By("Creating a new StaefulSet") + By("Creating a new StatefulSet") ss := framework.NewStatefulSet("ss2", ns, headlessSvcName, 3, nil, nil, labels) sst := framework.NewStatefulSetTester(c) sst.SetHttpProbe(ss) @@ -475,7 +475,7 @@ var _ = SIGDescribe("StatefulSet", func() { } } Expect(ss.Status.CurrentRevision).To(Equal(updateRevision), - fmt.Sprintf("StatefulSet %s/%s current revision %s does not equal update revison %s on update completion", + fmt.Sprintf("StatefulSet %s/%s current revision %s does not equal update revision %s on update completion", ss.Namespace, ss.Name, ss.Status.CurrentRevision, @@ -783,7 +783,7 @@ var _ = SIGDescribe("StatefulSet", func() { return nil }, framework.StatefulPodTimeout, 2*time.Second).Should(BeNil()) }) - /* Comment it for now until scale sub-resource is finalized in ref:pull/53679 for scale-sub resource specific comment. + It("should have a working scale subresource", func() { By("Creating statefulset " + ssName + " in namespace " + ns) ss := framework.NewStatefulSet(ssName, ns, headlessSvcName, 1, nil, nil, labels) @@ -795,10 +795,7 @@ var _ = SIGDescribe("StatefulSet", func() { ss = sst.WaitForStatus(ss) By("getting scale subresource") - scale := framework.NewStatefulSetScale(ss) - scaleResult := &appsv1beta2.Scale{} - - err = c.AppsV1().RESTClient().Get().AbsPath("/apis/apps/v1").Namespace(ns).Resource("statefulsets").Name(ssName).SubResource("scale").Do().Into(scale) + scale, err := c.AppsV1().StatefulSets(ns).GetScale(ssName, metav1.GetOptions{}) if err != nil { framework.Failf("Failed to get scale subresource: %v", err) } @@ -806,9 +803,8 @@ var _ = SIGDescribe("StatefulSet", func() { Expect(scale.Status.Replicas).To(Equal(int32(1))) By("updating a scale subresource") - scale.ResourceVersion = "" //unconditionally update to 2 replicas scale.Spec.Replicas = 2 - err = c.AppsV1().RESTClient().Put().AbsPath("/apis/apps/v1").Namespace(ns).Resource("statefulsets").Name(ssName).SubResource("scale").Body(scale).Do().Into(scaleResult) + scaleResult, err := c.AppsV1().StatefulSets(ns).UpdateScale(ssName, scale) if err != nil { framework.Failf("Failed to put scale subresource: %v", err) } @@ -821,7 +817,6 @@ var _ = SIGDescribe("StatefulSet", func() { } Expect(*(ss.Spec.Replicas)).To(Equal(int32(2))) }) - */ }) framework.KubeDescribe("Deploy clustered applications [Feature:StatefulSet] [Slow]", func() { diff --git a/test/e2e/auth/OWNERS b/test/e2e/auth/OWNERS index eb25e40da46..9d06868f54c 100644 --- a/test/e2e/auth/OWNERS +++ b/test/e2e/auth/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - liggitt - mikedanese diff --git a/test/e2e/autoscaling/OWNERS b/test/e2e/autoscaling/OWNERS index 28a0c8a5593..36021184738 100644 --- a/test/e2e/autoscaling/OWNERS +++ b/test/e2e/autoscaling/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - jszczepkowski - sig-autoscaling-maintainers diff --git a/test/e2e/cloud/OWNERS b/test/e2e/cloud/OWNERS index 0805f928cc5..3d2ae59cdde 100644 --- a/test/e2e/cloud/OWNERS +++ b/test/e2e/cloud/OWNERS @@ -1,4 +1,5 @@ # See the OWNERS docs at https://go.k8s.io/owners + approvers: - andrewsykim - cheftako diff --git a/test/e2e/common/BUILD b/test/e2e/common/BUILD index 4f4ee5a8d85..bcd82581dc2 100644 --- a/test/e2e/common/BUILD +++ b/test/e2e/common/BUILD @@ -49,7 +49,6 @@ go_library( "//pkg/client/clientset_generated/internalclientset:go_default_library", "//pkg/client/conditions:go_default_library", "//pkg/kubelet:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/kubelet/images:go_default_library", "//pkg/kubelet/sysctl:go_default_library", "//pkg/security/apparmor:go_default_library", diff --git a/test/e2e/common/empty_dir.go b/test/e2e/common/empty_dir.go index a42df9dc5c8..c721081b51b 100644 --- a/test/e2e/common/empty_dir.go +++ b/test/e2e/common/empty_dir.go @@ -19,6 +19,7 @@ package common import ( "fmt" "path" + "time" . "github.com/onsi/ginkgo" "k8s.io/api/core/v1" @@ -205,6 +206,79 @@ var _ = Describe("[sig-storage] EmptyDir volumes", func() { framework.ConformanceIt("should support (non-root,0777,default) [LinuxOnly] [NodeConformance]", func() { doTest0777(f, testImageNonRootUid, v1.StorageMediumDefault) }) + + It("pod should support shared volumes between containers", func() { + var ( + volumeName = "shared-data" + busyBoxMainVolumeMountPath = "/usr/share/volumeshare" + busyBoxSubVolumeMountPath = "/pod-data" + busyBoxMainVolumeFilePath = fmt.Sprintf("%s/shareddata.txt", busyBoxMainVolumeMountPath) + busyBoxSubVolumeFilePath = fmt.Sprintf("%s/shareddata.txt", busyBoxSubVolumeMountPath) + message = "Hello from the busy-box sub-container" + busyBoxMainContainerName = "busybox-main-container" + busyBoxSubContainerName = "busybox-sub-container" + resultString = "" + ) + + pod := &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: "pod-sharedvolume-" + string(uuid.NewUUID()), + }, + Spec: v1.PodSpec{ + Volumes: []v1.Volume{ + { + Name: volumeName, + VolumeSource: v1.VolumeSource{ + EmptyDir: new(v1.EmptyDirVolumeSource), + }, + }, + }, + Containers: []v1.Container{ + { + Name: busyBoxMainContainerName, + Image: imageutils.GetE2EImage(imageutils.BusyBox), + Command: []string{"/bin/sh"}, + Args: []string{"-c", "sleep 10"}, + VolumeMounts: []v1.VolumeMount{ + { + Name: volumeName, + MountPath: busyBoxMainVolumeMountPath, + }, + }, + }, + { + Name: busyBoxSubContainerName, + Image: imageutils.GetE2EImage(imageutils.BusyBox), + Command: []string{"/bin/sh"}, + Args: []string{"-c", fmt.Sprintf("echo %s > %s", message, busyBoxSubVolumeFilePath)}, + VolumeMounts: []v1.VolumeMount{ + { + Name: volumeName, + MountPath: busyBoxSubVolumeMountPath, + }, + }, + }, + }, + RestartPolicy: v1.RestartPolicyNever, + }, + } + + var err error + By("Creating Pod") + pod = f.PodClient().CreateSync(pod) + + By("Waiting for the pod running") + err = f.WaitForPodRunning(pod.Name) + framework.ExpectNoError(err, "failed to deploy pod %s", pod.Name) + + By("Geting the pod") + pod, err = f.PodClient().Get(pod.Name, metav1.GetOptions{}) + framework.ExpectNoError(err, "failed to get pod %s", pod.Name) + + By("Reading file content from the nginx-container") + resultString, err = framework.LookForStringInFile(f.Namespace.Name, pod.Name, busyBoxMainContainerName, busyBoxMainVolumeFilePath, message, 30*time.Second) + framework.ExpectNoError(err, "failed to match expected string %s with %s", message, resultString) + }) }) const ( diff --git a/test/e2e/common/expansion.go b/test/e2e/common/expansion.go index 71f0bf13b67..ae3a00e255e 100644 --- a/test/e2e/common/expansion.go +++ b/test/e2e/common/expansion.go @@ -17,11 +17,14 @@ limitations under the License. package common import ( + "fmt" "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" + "k8s.io/apimachinery/pkg/util/wait" "k8s.io/kubernetes/test/e2e/framework" imageutils "k8s.io/kubernetes/test/utils/image" + "time" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -175,9 +178,9 @@ var _ = framework.KubeDescribe("Variable Expansion", func() { }, VolumeMounts: []v1.VolumeMount{ { - Name: "workdir1", - MountPath: "/logscontainer", - SubPath: "$(POD_NAME)", + Name: "workdir1", + MountPath: "/logscontainer", + SubPathExpr: "$(POD_NAME)", }, { Name: "workdir2", @@ -235,9 +238,9 @@ var _ = framework.KubeDescribe("Variable Expansion", func() { }, VolumeMounts: []v1.VolumeMount{ { - Name: "workdir1", - MountPath: "/logscontainer", - SubPath: "$(POD_NAME)", + Name: "workdir1", + MountPath: "/logscontainer", + SubPathExpr: "$(POD_NAME)", }, }, }, @@ -284,9 +287,9 @@ var _ = framework.KubeDescribe("Variable Expansion", func() { }, VolumeMounts: []v1.VolumeMount{ { - Name: "workdir1", - MountPath: "/logscontainer", - SubPath: "$(POD_NAME)", + Name: "workdir1", + MountPath: "/logscontainer", + SubPathExpr: "$(POD_NAME)", }, }, }, @@ -306,6 +309,338 @@ var _ = framework.KubeDescribe("Variable Expansion", func() { // Pod should fail testPodFailSubpath(f, pod) }) + + /* + Testname: var-expansion-subpath-ready-from-failed-state + Description: Verify that a failing subpath expansion can be modified during the lifecycle of a container. + */ + It("should verify that a failing subpath expansion can be modified during the lifecycle of a container [Feature:VolumeSubpathEnvExpansion][NodeAlphaFeature:VolumeSubpathEnvExpansion][Slow]", func() { + + podName := "var-expansion-" + string(uuid.NewUUID()) + containerName := "dapi-container" + pod := &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: podName, + Labels: map[string]string{"name": podName}, + Annotations: map[string]string{"notmysubpath": "mypath"}, + }, + Spec: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: containerName, + Image: imageutils.GetE2EImage(imageutils.BusyBox), + Command: []string{"sh", "-c", "tail -f /dev/null"}, + Env: []v1.EnvVar{ + { + Name: "POD_NAME", + Value: "foo", + }, + { + Name: "ANNOTATION", + ValueFrom: &v1.EnvVarSource{ + FieldRef: &v1.ObjectFieldSelector{ + APIVersion: "v1", + FieldPath: "metadata.annotations['mysubpath']", + }, + }, + }, + }, + VolumeMounts: []v1.VolumeMount{ + { + Name: "workdir1", + MountPath: "/subpath_mount", + SubPathExpr: "$(ANNOTATION)/$(POD_NAME)", + }, + { + Name: "workdir2", + MountPath: "/volume_mount", + }, + }, + }, + }, + Volumes: []v1.Volume{ + { + Name: "workdir1", + VolumeSource: v1.VolumeSource{ + HostPath: &v1.HostPathVolumeSource{Path: "/tmp"}, + }, + }, + { + Name: "workdir2", + VolumeSource: v1.VolumeSource{ + HostPath: &v1.HostPathVolumeSource{Path: "/tmp"}, + }, + }, + }, + }, + } + + By("creating the pod with failed condition") + pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Create(pod) + Expect(err).ToNot(HaveOccurred(), "while creating pod") + + err = framework.WaitTimeoutForPodRunningInNamespace(f.ClientSet, pod.Name, pod.Namespace, framework.PodStartShortTimeout) + Expect(err).To(HaveOccurred(), "while waiting for pod to be running") + + var podClient *framework.PodClient + podClient = f.PodClient() + + By("updating the pod") + podClient.Update(podName, func(pod *v1.Pod) { + pod.ObjectMeta.Annotations = map[string]string{"mysubpath": "mypath"} + }) + + By("waiting for pod running") + err = framework.WaitTimeoutForPodRunningInNamespace(f.ClientSet, pod.Name, pod.Namespace, framework.PodStartShortTimeout) + Expect(err).NotTo(HaveOccurred(), "while waiting for pod to be running") + + By("deleting the pod gracefully") + err = framework.DeletePodWithWait(f, f.ClientSet, pod) + Expect(err).NotTo(HaveOccurred(), "failed to delete pod") + }) + + /* + Testname: var-expansion-subpath-test-writes + Description: Verify that a subpath expansion can be used to write files into subpaths. + 1. valid subpathexpr starts a container running + 2. test for valid subpath writes + 3. successful expansion of the subpathexpr isn't required for volume cleanup + + */ + It("should succeed in writing subpaths in container [Feature:VolumeSubpathEnvExpansion][NodeAlphaFeature:VolumeSubpathEnvExpansion][Slow]", func() { + + podName := "var-expansion-" + string(uuid.NewUUID()) + containerName := "dapi-container" + pod := &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: podName, + Labels: map[string]string{"name": podName}, + Annotations: map[string]string{"mysubpath": "mypath"}, + }, + Spec: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: containerName, + Image: imageutils.GetE2EImage(imageutils.BusyBox), + Command: []string{"sh", "-c", "tail -f /dev/null"}, + Env: []v1.EnvVar{ + { + Name: "POD_NAME", + Value: "foo", + }, + { + Name: "ANNOTATION", + ValueFrom: &v1.EnvVarSource{ + FieldRef: &v1.ObjectFieldSelector{ + APIVersion: "v1", + FieldPath: "metadata.annotations['mysubpath']", + }, + }, + }, + }, + VolumeMounts: []v1.VolumeMount{ + { + Name: "workdir1", + MountPath: "/subpath_mount", + SubPathExpr: "$(ANNOTATION)/$(POD_NAME)", + }, + { + Name: "workdir2", + MountPath: "/volume_mount", + }, + }, + }, + }, + RestartPolicy: v1.RestartPolicyNever, + Volumes: []v1.Volume{ + { + Name: "workdir1", + VolumeSource: v1.VolumeSource{ + HostPath: &v1.HostPathVolumeSource{Path: "/tmp"}, + }, + }, + { + Name: "workdir2", + VolumeSource: v1.VolumeSource{ + HostPath: &v1.HostPathVolumeSource{Path: "/tmp"}, + }, + }, + }, + }, + } + + By("creating the pod") + pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Create(pod) + + By("waiting for pod running") + err = framework.WaitTimeoutForPodRunningInNamespace(f.ClientSet, pod.Name, pod.Namespace, framework.PodStartShortTimeout) + Expect(err).NotTo(HaveOccurred(), "while waiting for pod to be running") + + By("creating a file in subpath") + cmd := "touch /volume_mount/mypath/foo/test.log" + _, err = framework.RunHostCmd(pod.Namespace, pod.Name, cmd) + if err != nil { + framework.Failf("expected to be able to write to subpath") + } + + By("test for file in mounted path") + cmd = "test -f /subpath_mount/test.log" + _, err = framework.RunHostCmd(pod.Namespace, pod.Name, cmd) + if err != nil { + framework.Failf("expected to be able to verify file") + } + + By("updating the annotation value") + var podClient *framework.PodClient + podClient = f.PodClient() + + podClient.Update(podName, func(pod *v1.Pod) { + pod.ObjectMeta.Annotations["mysubpath"] = "mynewpath" + }) + + By("waiting for annotated pod running") + err = framework.WaitTimeoutForPodRunningInNamespace(f.ClientSet, pod.Name, pod.Namespace, framework.PodStartShortTimeout) + Expect(err).NotTo(HaveOccurred(), "while waiting for annotated pod to be running") + + By("deleting the pod gracefully") + err = framework.DeletePodWithWait(f, f.ClientSet, pod) + Expect(err).NotTo(HaveOccurred(), "failed to delete pod") + }) + + /* + Testname: var-expansion-subpath-lifecycle + Description: Verify should not change the subpath mount on a container restart if the environment variable changes + 1. valid subpathexpr starts a container running + 2. test for valid subpath writes + 3. container restarts + 4. delete cleanly + + */ + + It("should not change the subpath mount on a container restart if the environment variable changes [Feature:VolumeSubpathEnvExpansion][NodeAlphaFeature:VolumeSubpathEnvExpansion][Slow]", func() { + + suffix := string(uuid.NewUUID()) + podName := fmt.Sprintf("var-expansion-%s", suffix) + containerName := "dapi-container" + pod := &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: podName, + Labels: map[string]string{"name": podName}, + Annotations: map[string]string{"mysubpath": "foo"}, + }, + Spec: v1.PodSpec{ + InitContainers: []v1.Container{ + { + Name: fmt.Sprintf("init-volume-%s", suffix), + Image: imageutils.GetE2EImage(imageutils.BusyBox), + Command: []string{"sh", "-c", "mkdir -p /volume_mount/foo; touch /volume_mount/foo/test.log"}, + VolumeMounts: []v1.VolumeMount{ + { + Name: "workdir1", + MountPath: "/subpath_mount", + }, + { + Name: "workdir2", + MountPath: "/volume_mount", + }, + }, + }, + }, + + Containers: []v1.Container{ + { + Name: containerName, + Image: imageutils.GetE2EImage(imageutils.BusyBox), + Command: []string{"/bin/sh", "-ec", "sleep 100000"}, + Env: []v1.EnvVar{ + { + Name: "POD_NAME", + ValueFrom: &v1.EnvVarSource{ + FieldRef: &v1.ObjectFieldSelector{ + APIVersion: "v1", + FieldPath: "metadata.annotations['mysubpath']", + }, + }, + }, + }, + VolumeMounts: []v1.VolumeMount{ + { + Name: "workdir1", + MountPath: "/subpath_mount", + SubPathExpr: "$(POD_NAME)", + }, + { + Name: "workdir2", + MountPath: "/volume_mount", + }, + }, + }, + }, + RestartPolicy: v1.RestartPolicyOnFailure, + Volumes: []v1.Volume{ + { + Name: "workdir1", + VolumeSource: v1.VolumeSource{ + HostPath: &v1.HostPathVolumeSource{Path: "/tmp"}, + }, + }, + { + Name: "workdir2", + VolumeSource: v1.VolumeSource{ + HostPath: &v1.HostPathVolumeSource{Path: "/tmp"}, + }, + }, + }, + }, + } + + // Add liveness probe to subpath container + pod.Spec.Containers[0].LivenessProbe = &v1.Probe{ + Handler: v1.Handler{ + Exec: &v1.ExecAction{ + + Command: []string{"cat", "/subpath_mount/test.log"}, + }, + }, + InitialDelaySeconds: 1, + FailureThreshold: 1, + PeriodSeconds: 2, + } + + // Start pod + By(fmt.Sprintf("Creating pod %s", pod.Name)) + pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Create(pod) + Expect(err).ToNot(HaveOccurred(), "while creating pod") + defer func() { + framework.DeletePodWithWait(f, f.ClientSet, pod) + }() + err = framework.WaitForPodRunningInNamespace(f.ClientSet, pod) + Expect(err).ToNot(HaveOccurred(), "while waiting for pod to be running") + + var podClient *framework.PodClient + podClient = f.PodClient() + + By("updating the pod") + podClient.Update(podName, func(pod *v1.Pod) { + pod.ObjectMeta.Annotations = map[string]string{"mysubpath": "newsubpath"} + }) + + By("waiting for pod and container restart") + waitForPodContainerRestart(f, pod, "/volume_mount/foo/test.log") + + By("test for subpath mounted with old value") + cmd := "test -f /volume_mount/foo/test.log" + _, err = framework.RunHostCmd(pod.Namespace, pod.Name, cmd) + if err != nil { + framework.Failf("expected to be able to verify old file exists") + } + + cmd = "test ! -f /volume_mount/newsubpath/test.log" + _, err = framework.RunHostCmd(pod.Namespace, pod.Name, cmd) + if err != nil { + framework.Failf("expected to be able to verify new file does not exist") + } + }) }) func testPodFailSubpath(f *framework.Framework, pod *v1.Pod) { @@ -320,3 +655,70 @@ func testPodFailSubpath(f *framework.Framework, pod *v1.Pod) { err = framework.WaitTimeoutForPodRunningInNamespace(f.ClientSet, pod.Name, pod.Namespace, framework.PodStartShortTimeout) Expect(err).To(HaveOccurred(), "while waiting for pod to be running") } + +// Tests that the existing subpath mount is detected when a container restarts +func waitForPodContainerRestart(f *framework.Framework, pod *v1.Pod, volumeMount string) { + + By("Failing liveness probe") + out, err := framework.RunKubectl("exec", fmt.Sprintf("--namespace=%s", pod.Namespace), pod.Name, "--container", pod.Spec.Containers[0].Name, "--", "/bin/sh", "-c", fmt.Sprintf("rm %v", volumeMount)) + + framework.Logf("Pod exec output: %v", out) + Expect(err).ToNot(HaveOccurred(), "while failing liveness probe") + + // Check that container has restarted + By("Waiting for container to restart") + restarts := int32(0) + err = wait.PollImmediate(10*time.Second, 2*time.Minute, func() (bool, error) { + pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Get(pod.Name, metav1.GetOptions{}) + if err != nil { + return false, err + } + for _, status := range pod.Status.ContainerStatuses { + if status.Name == pod.Spec.Containers[0].Name { + framework.Logf("Container %v, restarts: %v", status.Name, status.RestartCount) + restarts = status.RestartCount + if restarts > 0 { + framework.Logf("Container has restart count: %v", restarts) + return true, nil + } + } + } + return false, nil + }) + Expect(err).ToNot(HaveOccurred(), "while waiting for container to restart") + + // Fix liveness probe + By("Rewriting the file") + out, err = framework.RunKubectl("exec", fmt.Sprintf("--namespace=%s", pod.Namespace), pod.Name, "--container", pod.Spec.Containers[0].Name, "--", "/bin/sh", "-c", fmt.Sprintf("echo test-after > %v", volumeMount)) + framework.Logf("Pod exec output: %v", out) + Expect(err).ToNot(HaveOccurred(), "while rewriting the probe file") + + // Wait for container restarts to stabilize + By("Waiting for container to stop restarting") + stableCount := int(0) + stableThreshold := int(time.Minute / framework.Poll) + err = wait.PollImmediate(framework.Poll, 2*time.Minute, func() (bool, error) { + pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Get(pod.Name, metav1.GetOptions{}) + if err != nil { + return false, err + } + for _, status := range pod.Status.ContainerStatuses { + if status.Name == pod.Spec.Containers[0].Name { + if status.RestartCount == restarts { + stableCount++ + if stableCount > stableThreshold { + framework.Logf("Container restart has stabilized") + return true, nil + } + } else { + restarts = status.RestartCount + stableCount = 0 + framework.Logf("Container has restart count: %v", restarts) + } + break + } + } + return false, nil + }) + Expect(err).ToNot(HaveOccurred(), "while waiting for container to stabilize") +} diff --git a/test/e2e/common/networking.go b/test/e2e/common/networking.go index cbfc66a87f7..e48a646aca2 100644 --- a/test/e2e/common/networking.go +++ b/test/e2e/common/networking.go @@ -38,7 +38,7 @@ var _ = Describe("[sig-network] Networking", func() { This test is marked LinuxOnly since HostNetwork is not supported on other platforms like Windows. */ framework.ConformanceIt("should function for intra-pod communication: http [LinuxOnly] [NodeConformance]", func() { - config := framework.NewCoreNetworkingTestConfig(f) + config := framework.NewCoreNetworkingTestConfig(f, true) for _, endpointPod := range config.EndpointPods { config.DialFromTestContainer("http", endpointPod.Status.PodIP, framework.EndpointHttpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) } @@ -52,7 +52,7 @@ var _ = Describe("[sig-network] Networking", func() { This test is marked LinuxOnly since HostNetwork is not supported on other platforms like Windows. */ framework.ConformanceIt("should function for intra-pod communication: udp [LinuxOnly] [NodeConformance]", func() { - config := framework.NewCoreNetworkingTestConfig(f) + config := framework.NewCoreNetworkingTestConfig(f, true) for _, endpointPod := range config.EndpointPods { config.DialFromTestContainer("udp", endpointPod.Status.PodIP, framework.EndpointUdpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) } @@ -66,7 +66,7 @@ var _ = Describe("[sig-network] Networking", func() { This test is marked LinuxOnly since HostNetwork is not supported on other platforms like Windows. */ framework.ConformanceIt("should function for node-pod communication: http [LinuxOnly] [NodeConformance]", func() { - config := framework.NewCoreNetworkingTestConfig(f) + config := framework.NewCoreNetworkingTestConfig(f, true) for _, endpointPod := range config.EndpointPods { config.DialFromNode("http", endpointPod.Status.PodIP, framework.EndpointHttpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) } @@ -80,7 +80,7 @@ var _ = Describe("[sig-network] Networking", func() { This test is marked LinuxOnly since HostNetwork is not supported on other platforms like Windows. */ framework.ConformanceIt("should function for node-pod communication: udp [LinuxOnly] [NodeConformance]", func() { - config := framework.NewCoreNetworkingTestConfig(f) + config := framework.NewCoreNetworkingTestConfig(f, true) for _, endpointPod := range config.EndpointPods { config.DialFromNode("udp", endpointPod.Status.PodIP, framework.EndpointUdpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) } diff --git a/test/e2e/common/runtime.go b/test/e2e/common/runtime.go index 194151af1c4..5c62ef271d5 100644 --- a/test/e2e/common/runtime.go +++ b/test/e2e/common/runtime.go @@ -19,6 +19,7 @@ package common import ( "fmt" "path" + "strings" "time" "k8s.io/api/core/v1" @@ -272,18 +273,24 @@ while true; do sleep 1; done waiting: true, }, { + // TODO(claudiub): Add a Windows equivalent test. description: "should be able to pull image from gcr.io [LinuxOnly]", - image: "gcr.io/google-containers/debian-base:0.4.0", + image: "gcr.io/google-containers/debian-base:0.4.1", phase: v1.PodRunning, waiting: false, }, { - // TODO(claudiub): Remove the [LinuxOnly] tag when a Windows-friendly image is used instead of alpine. description: "should be able to pull image from docker hub [LinuxOnly]", image: "alpine:3.7", phase: v1.PodRunning, waiting: false, }, + { + description: "should be able to pull image from docker hub [WindowsOnly]", + image: "e2eteam/busybox:1.29", + phase: v1.PodRunning, + waiting: false, + }, { description: "should not be able to pull from private registry without secret", image: "gcr.io/authenticated-image-pulling/alpine:3.7", @@ -300,6 +307,9 @@ while true; do sleep 1; done } { testCase := testCase It(testCase.description+" [NodeConformance]", func() { + if strings.Contains(testCase.description, "[WindowsOnly]") { + framework.SkipUnlessNodeOSDistroIs("windows") + } name := "image-pull-test" command := []string{"/bin/sh", "-c", "while true; do sleep 1; done"} container := ConformanceContainer{ diff --git a/test/e2e/common/util.go b/test/e2e/common/util.go index d45dbe4d0ab..113f1fffca1 100644 --- a/test/e2e/common/util.go +++ b/test/e2e/common/util.go @@ -28,7 +28,6 @@ import ( "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/test/e2e/framework" imageutils "k8s.io/kubernetes/test/utils/image" @@ -147,7 +146,7 @@ func RestartNodes(c clientset.Interface, nodes []v1.Node) error { for i := range nodes { node := &nodes[i] zone := framework.TestContext.CloudConfig.Zone - if z, ok := node.Labels[kubeletapis.LabelZoneFailureDomain]; ok { + if z, ok := node.Labels[v1.LabelZoneFailureDomain]; ok { zone = z } nodeNamesByZone[zone] = append(nodeNamesByZone[zone], node.Name) diff --git a/test/e2e/framework/BUILD b/test/e2e/framework/BUILD index 355c0bccf2c..aad01bab4fb 100644 --- a/test/e2e/framework/BUILD +++ b/test/e2e/framework/BUILD @@ -56,7 +56,6 @@ go_library( "//pkg/controller/nodelifecycle:go_default_library", "//pkg/controller/service:go_default_library", "//pkg/features:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/kubelet/apis/config:go_default_library", "//pkg/kubelet/apis/stats/v1alpha1:go_default_library", "//pkg/kubelet/dockershim/metrics:go_default_library", @@ -109,9 +108,8 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/apiserver/pkg/authentication/serviceaccount:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/discovery:go_default_library", - "//staging/src/k8s.io/client-go/discovery/cached:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/apps/v1:go_default_library", @@ -127,6 +125,7 @@ go_library( "//staging/src/k8s.io/client-go/tools/remotecommand:go_default_library", "//staging/src/k8s.io/client-go/tools/watch:go_default_library", "//staging/src/k8s.io/client-go/util/retry:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/csi-api/pkg/client/clientset/versioned:go_default_library", "//staging/src/k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset:go_default_library", "//staging/src/k8s.io/node-api/pkg/client/clientset/versioned:go_default_library", diff --git a/test/e2e/framework/crd_util.go b/test/e2e/framework/crd_util.go index dc48d188d76..0bd0365dfff 100644 --- a/test/e2e/framework/crd_util.go +++ b/test/e2e/framework/crd_util.go @@ -121,6 +121,24 @@ func CreateTestCRD(f *Framework) (*TestCrd, error) { return CreateMultiVersionTestCRD(f, group, apiVersions, nil) } +// CreateTestCRD creates a new CRD specifically for the calling test. +func CreateMultiVersionTestCRDWithV1Storage(f *Framework) (*TestCrd, error) { + group := fmt.Sprintf("%s-multiversion-crd-test.k8s.io", f.BaseName) + apiVersions := []apiextensionsv1beta1.CustomResourceDefinitionVersion{ + { + Name: "v1", + Served: true, + Storage: true, + }, + { + Name: "v2", + Served: true, + Storage: false, + }, + } + return CreateMultiVersionTestCRD(f, group, apiVersions, nil) +} + // newCRDForTest generates a CRD definition for the test func newCRDForTest(testcrd *TestCrd) *apiextensionsv1beta1.CustomResourceDefinition { return &apiextensionsv1beta1.CustomResourceDefinition{ diff --git a/test/e2e/framework/exec_util.go b/test/e2e/framework/exec_util.go index 229c604c47d..730ddc67cb2 100644 --- a/test/e2e/framework/exec_util.go +++ b/test/e2e/framework/exec_util.go @@ -53,7 +53,7 @@ func (f *Framework) ExecWithOptions(options ExecOptions) (string, string, error) Logf("ExecWithOptions %+v", options) config, err := LoadConfig() - Expect(err).NotTo(HaveOccurred(), "failed to load restclient config") + ExpectNoError(err, "failed to load restclient config") const tty = false @@ -101,7 +101,7 @@ func (f *Framework) ExecCommandInContainerWithFullOutput(podName, containerName func (f *Framework) ExecCommandInContainer(podName, containerName string, cmd ...string) string { stdout, stderr, err := f.ExecCommandInContainerWithFullOutput(podName, containerName, cmd...) Logf("Exec stderr: %q", stderr) - Expect(err).NotTo(HaveOccurred(), + ExpectNoError(err, "failed to execute command in pod %v, container %v: %v", podName, containerName, err) return stdout @@ -113,14 +113,14 @@ func (f *Framework) ExecShellInContainer(podName, containerName string, cmd stri func (f *Framework) ExecCommandInPod(podName string, cmd ...string) string { pod, err := f.PodClient().Get(podName, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred(), "failed to get pod") + ExpectNoError(err, "failed to get pod") Expect(pod.Spec.Containers).NotTo(BeEmpty()) return f.ExecCommandInContainer(podName, pod.Spec.Containers[0].Name, cmd...) } func (f *Framework) ExecCommandInPodWithFullOutput(podName string, cmd ...string) (string, string, error) { pod, err := f.PodClient().Get(podName, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred(), "failed to get pod") + ExpectNoError(err, "failed to get pod") Expect(pod.Spec.Containers).NotTo(BeEmpty()) return f.ExecCommandInContainerWithFullOutput(podName, pod.Spec.Containers[0].Name, cmd...) } diff --git a/test/e2e/framework/framework.go b/test/e2e/framework/framework.go index 4acc0bf9855..b86813cca3a 100644 --- a/test/e2e/framework/framework.go +++ b/test/e2e/framework/framework.go @@ -40,7 +40,7 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/discovery" - cacheddiscovery "k8s.io/client-go/discovery/cached" + cacheddiscovery "k8s.io/client-go/discovery/cached/memory" "k8s.io/client-go/dynamic" clientset "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" @@ -119,7 +119,7 @@ type Framework struct { TestSummaries []TestDataSummary // Place to keep ClusterAutoscaler metrics from before test in order to compute delta. - clusterAutoscalerMetricsBeforeTest metrics.MetricsCollection + clusterAutoscalerMetricsBeforeTest metrics.Collection } type TestDataSummary interface { @@ -175,7 +175,7 @@ func (f *Framework) BeforeEach() { componentTexts) } - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) config.QPS = f.Options.ClientQPS config.Burst = f.Options.ClientBurst if f.Options.GroupVersion != nil { @@ -185,23 +185,23 @@ func (f *Framework) BeforeEach() { config.ContentType = TestContext.KubeAPIContentType } f.ClientSet, err = clientset.NewForConfig(config) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) f.APIExtensionsClientSet, err = apiextensionsclient.NewForConfig(config) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) f.InternalClientset, err = internalclientset.NewForConfig(config) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) f.AggregatorClient, err = aggregatorclient.NewForConfig(config) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) f.DynamicClient, err = dynamic.NewForConfig(config) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) // csi.storage.k8s.io is based on CRD, which is served only as JSON jsonConfig := config jsonConfig.ContentType = "application/json" f.CSIClientSet, err = csi.NewForConfig(jsonConfig) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) // node.k8s.io is also based on CRD f.NodeAPIClientSet, err = nodeapiclient.NewForConfig(jsonConfig) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) // create scales getter, set GroupVersion and NegotiatedSerializer to default values // as they are required when creating a REST client. @@ -212,9 +212,9 @@ func (f *Framework) BeforeEach() { config.NegotiatedSerializer = legacyscheme.Codecs } restClient, err := rest.RESTClientFor(config) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) discoClient, err := discovery.NewDiscoveryClientForConfig(config) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) cachedDiscoClient := cacheddiscovery.NewMemCacheClient(discoClient) restMapper := restmapper.NewDeferredDiscoveryRESTMapper(cachedDiscoClient) restMapper.Reset() @@ -229,14 +229,14 @@ func (f *Framework) BeforeEach() { namespace, err := f.CreateNamespace(f.BaseName, map[string]string{ "e2e-framework": f.BaseName, }) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) f.Namespace = namespace if TestContext.VerifyServiceAccount { By("Waiting for a default service account to be provisioned in namespace") err = WaitForDefaultServiceAccountInNamespace(f.ClientSet, namespace.Name) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) } else { Logf("Skipping waiting for service account") } diff --git a/test/e2e/framework/gpu_util.go b/test/e2e/framework/gpu_util.go index ff652e8d353..15d78443330 100644 --- a/test/e2e/framework/gpu_util.go +++ b/test/e2e/framework/gpu_util.go @@ -20,8 +20,6 @@ import ( "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" - - . "github.com/onsi/gomega" "k8s.io/klog" ) @@ -53,7 +51,7 @@ func NumberOfNVIDIAGPUs(node *v1.Node) int64 { // NVIDIADevicePlugin returns the official Google Device Plugin pod for NVIDIA GPU in GKE func NVIDIADevicePlugin() *v1.Pod { ds, err := DsFromManifest(GPUDevicePluginDSYAML) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) p := &v1.Pod{ ObjectMeta: metav1.ObjectMeta{ Name: "device-plugin-nvidia-gpu-" + string(uuid.NewUUID()), diff --git a/test/e2e/framework/ingress/BUILD b/test/e2e/framework/ingress/BUILD index fcccf5b6c8b..4df49ca9f3e 100644 --- a/test/e2e/framework/ingress/BUILD +++ b/test/e2e/framework/ingress/BUILD @@ -22,7 +22,6 @@ go_library( "//test/e2e/manifest:go_default_library", "//test/utils:go_default_library", "//vendor/github.com/onsi/ginkgo:go_default_library", - "//vendor/github.com/onsi/gomega:go_default_library", "//vendor/google.golang.org/api/compute/v1:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], diff --git a/test/e2e/framework/ingress/ingress_utils.go b/test/e2e/framework/ingress/ingress_utils.go index 1c230ada96c..6a91c2d59e7 100644 --- a/test/e2e/framework/ingress/ingress_utils.go +++ b/test/e2e/framework/ingress/ingress_utils.go @@ -54,7 +54,6 @@ import ( testutils "k8s.io/kubernetes/test/utils" . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" ) const ( @@ -753,14 +752,14 @@ func (j *IngressTestJig) GetIngressNodePorts(includeDefaultBackend bool) []strin return nodePorts } -// GetIngressNodePorts returns related backend services' svcPorts. +// GetServicePorts returns related backend services' svcPorts. // Current GCE ingress controller allows traffic to the default HTTP backend // by default, so retrieve its nodePort if includeDefaultBackend is true. func (j *IngressTestJig) GetServicePorts(includeDefaultBackend bool) map[string]v1.ServicePort { svcPorts := make(map[string]v1.ServicePort) if includeDefaultBackend { defaultSvc, err := j.Client.CoreV1().Services(metav1.NamespaceSystem).Get(defaultBackendName, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) svcPorts[defaultBackendName] = defaultSvc.Spec.Ports[0] } @@ -775,7 +774,7 @@ func (j *IngressTestJig) GetServicePorts(includeDefaultBackend bool) map[string] } for _, svcName := range backendSvcs { svc, err := j.Client.CoreV1().Services(j.Ingress.Namespace).Get(svcName, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) svcPorts[svcName] = svc.Spec.Ports[0] } return svcPorts diff --git a/test/e2e/framework/kubelet_stats.go b/test/e2e/framework/kubelet_stats.go index 3803f088210..9b8f4c9cb72 100644 --- a/test/e2e/framework/kubelet_stats.go +++ b/test/e2e/framework/kubelet_stats.go @@ -102,13 +102,13 @@ func getKubeletMetrics(c clientset.Interface, nodeName string) (metrics.KubeletM // Note that the KubeletMetrics passed in should not contain subsystem prefix. func GetDefaultKubeletLatencyMetrics(ms metrics.KubeletMetrics) KubeletLatencyMetrics { latencyMetricNames := sets.NewString( - kubeletmetrics.PodWorkerLatencyKey, - kubeletmetrics.PodWorkerStartLatencyKey, - kubeletmetrics.PodStartLatencyKey, + kubeletmetrics.PodWorkerDurationKey, + kubeletmetrics.PodWorkerStartDurationKey, + kubeletmetrics.PodStartDurationKey, kubeletmetrics.CgroupManagerOperationsKey, dockermetrics.DockerOperationsLatencyKey, - kubeletmetrics.PodWorkerStartLatencyKey, - kubeletmetrics.PLEGRelistLatencyKey, + kubeletmetrics.PodWorkerStartDurationKey, + kubeletmetrics.PLEGRelistDurationKey, ) return GetKubeletLatencyMetrics(ms, latencyMetricNames) } diff --git a/test/e2e/framework/metrics/api_server_metrics.go b/test/e2e/framework/metrics/api_server_metrics.go index edc1d82712a..2305d07da23 100644 --- a/test/e2e/framework/metrics/api_server_metrics.go +++ b/test/e2e/framework/metrics/api_server_metrics.go @@ -16,26 +16,28 @@ limitations under the License. package metrics -type ApiServerMetrics Metrics +// APIServerMetrics is metrics for API server +type APIServerMetrics Metrics -func (m *ApiServerMetrics) Equal(o ApiServerMetrics) bool { +// Equal returns true if all metrics are the same as the arguments. +func (m *APIServerMetrics) Equal(o APIServerMetrics) bool { return (*Metrics)(m).Equal(Metrics(o)) } -func NewApiServerMetrics() ApiServerMetrics { +func newAPIServerMetrics() APIServerMetrics { result := NewMetrics() - return ApiServerMetrics(result) + return APIServerMetrics(result) } -func parseApiServerMetrics(data string) (ApiServerMetrics, error) { - result := NewApiServerMetrics() +func parseAPIServerMetrics(data string) (APIServerMetrics, error) { + result := newAPIServerMetrics() if err := parseMetrics(data, (*Metrics)(&result)); err != nil { - return ApiServerMetrics{}, err + return APIServerMetrics{}, err } return result, nil } -func (g *MetricsGrabber) getMetricsFromApiServer() (string, error) { +func (g *Grabber) getMetricsFromAPIServer() (string, error) { rawOutput, err := g.client.CoreV1().RESTClient().Get().RequestURI("/metrics").Do().Raw() if err != nil { return "", err diff --git a/test/e2e/framework/metrics/cluster_autoscaler_metrics.go b/test/e2e/framework/metrics/cluster_autoscaler_metrics.go index 9aa7dfebecc..0863890fbdb 100644 --- a/test/e2e/framework/metrics/cluster_autoscaler_metrics.go +++ b/test/e2e/framework/metrics/cluster_autoscaler_metrics.go @@ -16,19 +16,21 @@ limitations under the License. package metrics +// ClusterAutoscalerMetrics is metrics for cluster autoscaller type ClusterAutoscalerMetrics Metrics +// Equal returns true if all metrics are the same as the arguments. func (m *ClusterAutoscalerMetrics) Equal(o ClusterAutoscalerMetrics) bool { return (*Metrics)(m).Equal(Metrics(o)) } -func NewClusterAutoscalerMetrics() ClusterAutoscalerMetrics { +func newClusterAutoscalerMetrics() ClusterAutoscalerMetrics { result := NewMetrics() return ClusterAutoscalerMetrics(result) } func parseClusterAutoscalerMetrics(data string) (ClusterAutoscalerMetrics, error) { - result := NewClusterAutoscalerMetrics() + result := newClusterAutoscalerMetrics() if err := parseMetrics(data, (*Metrics)(&result)); err != nil { return ClusterAutoscalerMetrics{}, err } diff --git a/test/e2e/framework/metrics/controller_manager_metrics.go b/test/e2e/framework/metrics/controller_manager_metrics.go index 60f0e9649b8..511189244af 100644 --- a/test/e2e/framework/metrics/controller_manager_metrics.go +++ b/test/e2e/framework/metrics/controller_manager_metrics.go @@ -16,19 +16,21 @@ limitations under the License. package metrics +// ControllerManagerMetrics is metrics for controller manager type ControllerManagerMetrics Metrics +// Equal returns true if all metrics are the same as the arguments. func (m *ControllerManagerMetrics) Equal(o ControllerManagerMetrics) bool { return (*Metrics)(m).Equal(Metrics(o)) } -func NewControllerManagerMetrics() ControllerManagerMetrics { +func newControllerManagerMetrics() ControllerManagerMetrics { result := NewMetrics() return ControllerManagerMetrics(result) } func parseControllerManagerMetrics(data string) (ControllerManagerMetrics, error) { - result := NewControllerManagerMetrics() + result := newControllerManagerMetrics() if err := parseMetrics(data, (*Metrics)(&result)); err != nil { return ControllerManagerMetrics{}, err } diff --git a/test/e2e/framework/metrics/generic_metrics.go b/test/e2e/framework/metrics/generic_metrics.go index 7257c9120f7..5afcde56c24 100644 --- a/test/e2e/framework/metrics/generic_metrics.go +++ b/test/e2e/framework/metrics/generic_metrics.go @@ -17,7 +17,6 @@ limitations under the License. package metrics import ( - "fmt" "io" "reflect" "strings" @@ -27,8 +26,10 @@ import ( "k8s.io/klog" ) +// Metrics is generic metrics for other specific metrics type Metrics map[string]model.Samples +// Equal returns true if all metrics are the same as the arguments. func (m *Metrics) Equal(o Metrics) bool { leftKeySet := []string{} rightKeySet := []string{} @@ -49,26 +50,7 @@ func (m *Metrics) Equal(o Metrics) bool { return true } -func PrintSample(sample *model.Sample) string { - buf := make([]string, 0) - // Id is a VERY special label. For 'normal' container it's useless, but it's necessary - // for 'system' containers (e.g. /docker-daemon, /kubelet, etc.). We know if that's the - // case by checking if there's a label "kubernetes_container_name" present. It's hacky - // but it works... - _, normalContainer := sample.Metric["kubernetes_container_name"] - for k, v := range sample.Metric { - if strings.HasPrefix(string(k), "__") { - continue - } - - if string(k) == "id" && normalContainer { - continue - } - buf = append(buf, fmt.Sprintf("%v=%v", string(k), v)) - } - return fmt.Sprintf("[%v] = %v", strings.Join(buf, ","), sample.Value) -} - +// NewMetrics returns new metrics which are initialized. func NewMetrics() Metrics { result := make(Metrics) return result diff --git a/test/e2e/framework/metrics/kubelet_metrics.go b/test/e2e/framework/metrics/kubelet_metrics.go index cf2d666e8b0..a10a7b9c8a3 100644 --- a/test/e2e/framework/metrics/kubelet_metrics.go +++ b/test/e2e/framework/metrics/kubelet_metrics.go @@ -23,12 +23,19 @@ import ( "time" ) +const ( + proxyTimeout = 2 * time.Minute +) + +// KubeletMetrics is metrics for kubelet type KubeletMetrics Metrics +// Equal returns true if all metrics are the same as the arguments. func (m *KubeletMetrics) Equal(o KubeletMetrics) bool { return (*Metrics)(m).Equal(Metrics(o)) } +// NewKubeletMetrics returns new metrics which are initialized. func NewKubeletMetrics() KubeletMetrics { result := NewMetrics() return KubeletMetrics(result) @@ -58,7 +65,7 @@ func parseKubeletMetrics(data string) (KubeletMetrics, error) { return result, nil } -func (g *MetricsGrabber) getMetricsFromNode(nodeName string, kubeletPort int) (string, error) { +func (g *Grabber) getMetricsFromNode(nodeName string, kubeletPort int) (string, error) { // There's a problem with timing out during proxy. Wrapping this in a goroutine to prevent deadlock. // Hanging goroutine will be leaked. finished := make(chan struct{}) @@ -74,7 +81,7 @@ func (g *MetricsGrabber) getMetricsFromNode(nodeName string, kubeletPort int) (s finished <- struct{}{} }() select { - case <-time.After(ProxyTimeout): + case <-time.After(proxyTimeout): return "", fmt.Errorf("Timed out when waiting for proxy to gather metrics from %v", nodeName) case <-finished: if err != nil { diff --git a/test/e2e/framework/metrics/metrics_grabber.go b/test/e2e/framework/metrics/metrics_grabber.go index 667ecc29d65..d975eb3a0b3 100644 --- a/test/e2e/framework/metrics/metrics_grabber.go +++ b/test/e2e/framework/metrics/metrics_grabber.go @@ -18,7 +18,6 @@ package metrics import ( "fmt" - "time" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" @@ -30,22 +29,20 @@ import ( "k8s.io/klog" ) -const ( - ProxyTimeout = 2 * time.Minute -) - -type MetricsCollection struct { - ApiServerMetrics ApiServerMetrics +// Collection is metrics collection of components +type Collection struct { + APIServerMetrics APIServerMetrics ControllerManagerMetrics ControllerManagerMetrics KubeletMetrics map[string]KubeletMetrics SchedulerMetrics SchedulerMetrics ClusterAutoscalerMetrics ClusterAutoscalerMetrics } -type MetricsGrabber struct { +// Grabber provides functions which grab metrics from components +type Grabber struct { client clientset.Interface externalClient clientset.Interface - grabFromApiServer bool + grabFromAPIServer bool grabFromControllerManager bool grabFromKubelets bool grabFromScheduler bool @@ -54,7 +51,8 @@ type MetricsGrabber struct { registeredMaster bool } -func NewMetricsGrabber(c clientset.Interface, ec clientset.Interface, kubelets bool, scheduler bool, controllers bool, apiServer bool, clusterAutoscaler bool) (*MetricsGrabber, error) { +// NewMetricsGrabber returns new metrics which are initialized. +func NewMetricsGrabber(c clientset.Interface, ec clientset.Interface, kubelets bool, scheduler bool, controllers bool, apiServer bool, clusterAutoscaler bool) (*Grabber, error) { registeredMaster := false masterName := "" nodeList, err := c.CoreV1().Nodes().List(metav1.ListOptions{}) @@ -82,10 +80,10 @@ func NewMetricsGrabber(c clientset.Interface, ec clientset.Interface, kubelets b } } - return &MetricsGrabber{ + return &Grabber{ client: c, externalClient: ec, - grabFromApiServer: apiServer, + grabFromAPIServer: apiServer, grabFromControllerManager: controllers, grabFromKubelets: kubelets, grabFromScheduler: scheduler, @@ -96,11 +94,12 @@ func NewMetricsGrabber(c clientset.Interface, ec clientset.Interface, kubelets b } // HasRegisteredMaster returns if metrics grabber was able to find a master node -func (g *MetricsGrabber) HasRegisteredMaster() bool { +func (g *Grabber) HasRegisteredMaster() bool { return g.registeredMaster } -func (g *MetricsGrabber) GrabFromKubelet(nodeName string) (KubeletMetrics, error) { +// GrabFromKubelet returns metrics from kubelet +func (g *Grabber) GrabFromKubelet(nodeName string) (KubeletMetrics, error) { nodes, err := g.client.CoreV1().Nodes().List(metav1.ListOptions{FieldSelector: fields.Set{api.ObjectNameField: nodeName}.AsSelector().String()}) if err != nil { return KubeletMetrics{}, err @@ -112,9 +111,9 @@ func (g *MetricsGrabber) GrabFromKubelet(nodeName string) (KubeletMetrics, error return g.grabFromKubeletInternal(nodeName, int(kubeletPort)) } -func (g *MetricsGrabber) grabFromKubeletInternal(nodeName string, kubeletPort int) (KubeletMetrics, error) { +func (g *Grabber) grabFromKubeletInternal(nodeName string, kubeletPort int) (KubeletMetrics, error) { if kubeletPort <= 0 || kubeletPort > 65535 { - return KubeletMetrics{}, fmt.Errorf("Invalid Kubelet port %v. Skipping Kubelet's metrics gathering.", kubeletPort) + return KubeletMetrics{}, fmt.Errorf("Invalid Kubelet port %v. Skipping Kubelet's metrics gathering", kubeletPort) } output, err := g.getMetricsFromNode(nodeName, int(kubeletPort)) if err != nil { @@ -123,9 +122,10 @@ func (g *MetricsGrabber) grabFromKubeletInternal(nodeName string, kubeletPort in return parseKubeletMetrics(output) } -func (g *MetricsGrabber) GrabFromScheduler() (SchedulerMetrics, error) { +// GrabFromScheduler returns metrics from scheduler +func (g *Grabber) GrabFromScheduler() (SchedulerMetrics, error) { if !g.registeredMaster { - return SchedulerMetrics{}, fmt.Errorf("Master's Kubelet is not registered. Skipping Scheduler's metrics gathering.") + return SchedulerMetrics{}, fmt.Errorf("Master's Kubelet is not registered. Skipping Scheduler's metrics gathering") } output, err := g.getMetricsFromPod(g.client, fmt.Sprintf("%v-%v", "kube-scheduler", g.masterName), metav1.NamespaceSystem, ports.InsecureSchedulerPort) if err != nil { @@ -134,9 +134,10 @@ func (g *MetricsGrabber) GrabFromScheduler() (SchedulerMetrics, error) { return parseSchedulerMetrics(output) } -func (g *MetricsGrabber) GrabFromClusterAutoscaler() (ClusterAutoscalerMetrics, error) { +// GrabFromClusterAutoscaler returns metrics from cluster autoscaler +func (g *Grabber) GrabFromClusterAutoscaler() (ClusterAutoscalerMetrics, error) { if !g.registeredMaster && g.externalClient == nil { - return ClusterAutoscalerMetrics{}, fmt.Errorf("Master's Kubelet is not registered. Skipping ClusterAutoscaler's metrics gathering.") + return ClusterAutoscalerMetrics{}, fmt.Errorf("Master's Kubelet is not registered. Skipping ClusterAutoscaler's metrics gathering") } var client clientset.Interface var namespace string @@ -154,9 +155,10 @@ func (g *MetricsGrabber) GrabFromClusterAutoscaler() (ClusterAutoscalerMetrics, return parseClusterAutoscalerMetrics(output) } -func (g *MetricsGrabber) GrabFromControllerManager() (ControllerManagerMetrics, error) { +// GrabFromControllerManager returns metrics from controller manager +func (g *Grabber) GrabFromControllerManager() (ControllerManagerMetrics, error) { if !g.registeredMaster { - return ControllerManagerMetrics{}, fmt.Errorf("Master's Kubelet is not registered. Skipping ControllerManager's metrics gathering.") + return ControllerManagerMetrics{}, fmt.Errorf("Master's Kubelet is not registered. Skipping ControllerManager's metrics gathering") } output, err := g.getMetricsFromPod(g.client, fmt.Sprintf("%v-%v", "kube-controller-manager", g.masterName), metav1.NamespaceSystem, ports.InsecureKubeControllerManagerPort) if err != nil { @@ -165,23 +167,25 @@ func (g *MetricsGrabber) GrabFromControllerManager() (ControllerManagerMetrics, return parseControllerManagerMetrics(output) } -func (g *MetricsGrabber) GrabFromApiServer() (ApiServerMetrics, error) { - output, err := g.getMetricsFromApiServer() +// GrabFromAPIServer returns metrics from API server +func (g *Grabber) GrabFromAPIServer() (APIServerMetrics, error) { + output, err := g.getMetricsFromAPIServer() if err != nil { - return ApiServerMetrics{}, nil + return APIServerMetrics{}, nil } - return parseApiServerMetrics(output) + return parseAPIServerMetrics(output) } -func (g *MetricsGrabber) Grab() (MetricsCollection, error) { - result := MetricsCollection{} +// Grab returns metrics from corresponding component +func (g *Grabber) Grab() (Collection, error) { + result := Collection{} var errs []error - if g.grabFromApiServer { - metrics, err := g.GrabFromApiServer() + if g.grabFromAPIServer { + metrics, err := g.GrabFromAPIServer() if err != nil { errs = append(errs, err) } else { - result.ApiServerMetrics = metrics + result.APIServerMetrics = metrics } } if g.grabFromScheduler { @@ -230,7 +234,7 @@ func (g *MetricsGrabber) Grab() (MetricsCollection, error) { return result, nil } -func (g *MetricsGrabber) getMetricsFromPod(client clientset.Interface, podName string, namespace string, port int) (string, error) { +func (g *Grabber) getMetricsFromPod(client clientset.Interface, podName string, namespace string, port int) (string, error) { rawOutput, err := client.CoreV1().RESTClient().Get(). Namespace(namespace). Resource("pods"). diff --git a/test/e2e/framework/metrics/scheduler_metrics.go b/test/e2e/framework/metrics/scheduler_metrics.go index 6fb7ae6614a..7378ea902e4 100644 --- a/test/e2e/framework/metrics/scheduler_metrics.go +++ b/test/e2e/framework/metrics/scheduler_metrics.go @@ -16,19 +16,21 @@ limitations under the License. package metrics +// SchedulerMetrics is metrics for scheduler type SchedulerMetrics Metrics +// Equal returns true if all metrics are the same as the arguments. func (m *SchedulerMetrics) Equal(o SchedulerMetrics) bool { return (*Metrics)(m).Equal(Metrics(o)) } -func NewSchedulerMetrics() SchedulerMetrics { +func newSchedulerMetrics() SchedulerMetrics { result := NewMetrics() return SchedulerMetrics(result) } func parseSchedulerMetrics(data string) (SchedulerMetrics, error) { - result := NewSchedulerMetrics() + result := newSchedulerMetrics() if err := parseMetrics(data, (*Metrics)(&result)); err != nil { return SchedulerMetrics{}, err } diff --git a/test/e2e/framework/metrics_util.go b/test/e2e/framework/metrics_util.go index 83adb80b4c6..3d83e2b7c0a 100644 --- a/test/e2e/framework/metrics_util.go +++ b/test/e2e/framework/metrics_util.go @@ -65,12 +65,12 @@ const ( caFunctionMetricLabel = "function" ) -type MetricsForE2E metrics.MetricsCollection +type MetricsForE2E metrics.Collection func (m *MetricsForE2E) filterMetrics() { - interestingApiServerMetrics := make(metrics.ApiServerMetrics) - for _, metric := range InterestingApiServerMetrics { - interestingApiServerMetrics[metric] = (*m).ApiServerMetrics[metric] + interestingAPIServerMetrics := make(metrics.APIServerMetrics) + for _, metric := range InterestingAPIServerMetrics { + interestingAPIServerMetrics[metric] = (*m).APIServerMetrics[metric] } interestingControllerManagerMetrics := make(metrics.ControllerManagerMetrics) for _, metric := range InterestingControllerManagerMetrics { @@ -87,29 +87,49 @@ func (m *MetricsForE2E) filterMetrics() { interestingKubeletMetrics[kubelet][metric] = grabbed[metric] } } - (*m).ApiServerMetrics = interestingApiServerMetrics + (*m).APIServerMetrics = interestingAPIServerMetrics (*m).ControllerManagerMetrics = interestingControllerManagerMetrics (*m).KubeletMetrics = interestingKubeletMetrics } +func printSample(sample *model.Sample) string { + buf := make([]string, 0) + // Id is a VERY special label. For 'normal' container it's useless, but it's necessary + // for 'system' containers (e.g. /docker-daemon, /kubelet, etc.). We know if that's the + // case by checking if there's a label "kubernetes_container_name" present. It's hacky + // but it works... + _, normalContainer := sample.Metric["kubernetes_container_name"] + for k, v := range sample.Metric { + if strings.HasPrefix(string(k), "__") { + continue + } + + if string(k) == "id" && normalContainer { + continue + } + buf = append(buf, fmt.Sprintf("%v=%v", string(k), v)) + } + return fmt.Sprintf("[%v] = %v", strings.Join(buf, ","), sample.Value) +} + func (m *MetricsForE2E) PrintHumanReadable() string { buf := bytes.Buffer{} - for _, interestingMetric := range InterestingApiServerMetrics { + for _, interestingMetric := range InterestingAPIServerMetrics { buf.WriteString(fmt.Sprintf("For %v:\n", interestingMetric)) - for _, sample := range (*m).ApiServerMetrics[interestingMetric] { - buf.WriteString(fmt.Sprintf("\t%v\n", metrics.PrintSample(sample))) + for _, sample := range (*m).APIServerMetrics[interestingMetric] { + buf.WriteString(fmt.Sprintf("\t%v\n", printSample(sample))) } } for _, interestingMetric := range InterestingControllerManagerMetrics { buf.WriteString(fmt.Sprintf("For %v:\n", interestingMetric)) for _, sample := range (*m).ControllerManagerMetrics[interestingMetric] { - buf.WriteString(fmt.Sprintf("\t%v\n", metrics.PrintSample(sample))) + buf.WriteString(fmt.Sprintf("\t%v\n", printSample(sample))) } } for _, interestingMetric := range InterestingClusterAutoscalerMetrics { buf.WriteString(fmt.Sprintf("For %v:\n", interestingMetric)) for _, sample := range (*m).ClusterAutoscalerMetrics[interestingMetric] { - buf.WriteString(fmt.Sprintf("\t%v\n", metrics.PrintSample(sample))) + buf.WriteString(fmt.Sprintf("\t%v\n", printSample(sample))) } } for kubelet, grabbed := range (*m).KubeletMetrics { @@ -117,7 +137,7 @@ func (m *MetricsForE2E) PrintHumanReadable() string { for _, interestingMetric := range InterestingKubeletMetrics { buf.WriteString(fmt.Sprintf("\tFor %v:\n", interestingMetric)) for _, sample := range grabbed[interestingMetric] { - buf.WriteString(fmt.Sprintf("\t\t%v\n", metrics.PrintSample(sample))) + buf.WriteString(fmt.Sprintf("\t\t%v\n", printSample(sample))) } } } @@ -135,17 +155,12 @@ func (m *MetricsForE2E) SummaryKind() string { var SchedulingLatencyMetricName = model.LabelValue(schedulermetric.SchedulerSubsystem + "_" + schedulermetric.SchedulingLatencyName) -var InterestingApiServerMetrics = []string{ +var InterestingAPIServerMetrics = []string{ "apiserver_request_total", // TODO(krzysied): apiserver_request_latencies_summary is a deprecated metric. // It should be replaced with new metric. "apiserver_request_latencies_summary", - "etcd_helper_cache_entry_total", - "etcd_helper_cache_hit_total", - "etcd_helper_cache_miss_total", - "etcd_request_cache_add_latency_seconds", - "etcd_request_cache_get_latency_seconds", - "etcd_request_latency_seconds", + "apiserver_init_events_total", } var InterestingControllerManagerMetrics = []string{ @@ -171,11 +186,11 @@ var InterestingControllerManagerMetrics = []string{ var InterestingKubeletMetrics = []string{ "kubelet_container_manager_latency_microseconds", "kubelet_docker_errors", - "kubelet_docker_operations_latency_microseconds", + "kubelet_docker_operations_latency_seconds", "kubelet_generate_pod_status_latency_microseconds", - "kubelet_pod_start_latency_microseconds", - "kubelet_pod_worker_latency_microseconds", - "kubelet_pod_worker_start_latency_microseconds", + "kubelet_pod_start_duration_seconds", + "kubelet_pod_worker_duration_seconds", + "kubelet_pod_worker_start_duration_seconds", "kubelet_sync_pods_latency_microseconds", } @@ -799,7 +814,7 @@ func PrintLatencies(latencies []PodLatencyData, header string) { Logf("perc50: %v, perc90: %v, perc99: %v", metrics.Perc50, metrics.Perc90, metrics.Perc99) } -func (m *MetricsForE2E) computeClusterAutoscalerMetricsDelta(before metrics.MetricsCollection) { +func (m *MetricsForE2E) computeClusterAutoscalerMetricsDelta(before metrics.Collection) { if beforeSamples, found := before.ClusterAutoscalerMetrics[caFunctionMetric]; found { if afterSamples, found := m.ClusterAutoscalerMetrics[caFunctionMetric]; found { beforeSamplesMap := make(map[string]*model.Sample) diff --git a/test/e2e/framework/networking_utils.go b/test/e2e/framework/networking_utils.go index 01de115692b..7d43570aa9c 100644 --- a/test/e2e/framework/networking_utils.go +++ b/test/e2e/framework/networking_utils.go @@ -28,7 +28,6 @@ import ( "time" . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" @@ -69,15 +68,15 @@ var NetexecImageName = imageutils.GetE2EImage(imageutils.Netexec) // NewNetworkingTestConfig creates and sets up a new test config helper. func NewNetworkingTestConfig(f *Framework) *NetworkingTestConfig { - config := &NetworkingTestConfig{f: f, Namespace: f.Namespace.Name} + config := &NetworkingTestConfig{f: f, Namespace: f.Namespace.Name, HostNetwork: true} By(fmt.Sprintf("Performing setup for networking test in namespace %v", config.Namespace)) config.setup(getServiceSelector()) return config } // NewNetworkingTestNodeE2EConfig creates and sets up a new test config helper for Node E2E. -func NewCoreNetworkingTestConfig(f *Framework) *NetworkingTestConfig { - config := &NetworkingTestConfig{f: f, Namespace: f.Namespace.Name} +func NewCoreNetworkingTestConfig(f *Framework, hostNetwork bool) *NetworkingTestConfig { + config := &NetworkingTestConfig{f: f, Namespace: f.Namespace.Name, HostNetwork: hostNetwork} By(fmt.Sprintf("Performing setup for networking test in namespace %v", config.Namespace)) config.setupCore(getServiceSelector()) return config @@ -98,9 +97,10 @@ type NetworkingTestConfig struct { // TestContaienrPod is a test pod running the netexec image. It is capable // of executing tcp/udp requests against ip:port. TestContainerPod *v1.Pod - // HostTestContainerPod is a pod running with hostNetworking=true, and the - // hostexec image. + // HostTestContainerPod is a pod running using the hostexec image. HostTestContainerPod *v1.Pod + // if the HostTestContainerPod is running with HostNetwork=true. + HostNetwork bool // EndpointPods are the pods belonging to the Service created by this // test config. Each invocation of `setup` creates a service with // 1 pod per node running the netexecImage. @@ -507,13 +507,13 @@ func (config *NetworkingTestConfig) createSessionAffinityService(selector map[st func (config *NetworkingTestConfig) DeleteNodePortService() { err := config.getServiceClient().Delete(config.NodePortService.Name, nil) - Expect(err).NotTo(HaveOccurred(), "error while deleting NodePortService. err:%v)", err) + ExpectNoError(err, "error while deleting NodePortService. err:%v)", err) time.Sleep(15 * time.Second) // wait for kube-proxy to catch up with the service being deleted. } func (config *NetworkingTestConfig) createTestPods() { testContainerPod := config.createTestPodSpec() - hostTestContainerPod := NewHostExecPodSpec(config.Namespace, hostTestPodName) + hostTestContainerPod := NewExecPodSpec(config.Namespace, hostTestPodName, config.HostNetwork) config.createPod(testContainerPod) config.createPod(hostTestContainerPod) @@ -535,13 +535,13 @@ func (config *NetworkingTestConfig) createTestPods() { func (config *NetworkingTestConfig) createService(serviceSpec *v1.Service) *v1.Service { _, err := config.getServiceClient().Create(serviceSpec) - Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create %s service: %v", serviceSpec.Name, err)) + ExpectNoError(err, fmt.Sprintf("Failed to create %s service: %v", serviceSpec.Name, err)) err = WaitForService(config.f.ClientSet, config.Namespace, serviceSpec.Name, true, 5*time.Second, 45*time.Second) - Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("error while waiting for service:%s err: %v", serviceSpec.Name, err)) + ExpectNoError(err, fmt.Sprintf("error while waiting for service:%s err: %v", serviceSpec.Name, err)) createdService, err := config.getServiceClient().Get(serviceSpec.Name, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create %s service: %v", serviceSpec.Name, err)) + ExpectNoError(err, fmt.Sprintf("Failed to create %s service: %v", serviceSpec.Name, err)) return createdService } @@ -705,7 +705,7 @@ func CheckReachabilityFromPod(expectToBeReachable bool, timeout time.Duration, n } return true, nil }) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) } // Does an HTTP GET, but does not reuse TCP connections diff --git a/test/e2e/framework/providers/aws/aws.go b/test/e2e/framework/providers/aws/aws.go index 1514ee715b9..b0b8dc8a888 100644 --- a/test/e2e/framework/providers/aws/aws.go +++ b/test/e2e/framework/providers/aws/aws.go @@ -32,25 +32,28 @@ import ( ) func init() { - framework.RegisterProvider("aws", NewProvider) + framework.RegisterProvider("aws", newProvider) } -func NewProvider() (framework.ProviderInterface, error) { +func newProvider() (framework.ProviderInterface, error) { if framework.TestContext.CloudConfig.Zone == "" { return nil, fmt.Errorf("gce-zone must be specified for AWS") } return &Provider{}, nil } +// Provider is a structure to handle AWS clouds for e2e testing type Provider struct { framework.NullProvider } +// ResizeGroup resizes an instance group func (p *Provider) ResizeGroup(group string, size int32) error { client := autoscaling.New(session.New()) return awscloud.ResizeInstanceGroup(client, group, int(size)) } +// GroupSize returns the size of an instance group func (p *Provider) GroupSize(group string) (int, error) { client := autoscaling.New(session.New()) instanceGroup, err := awscloud.DescribeInstanceGroup(client, group) @@ -63,6 +66,7 @@ func (p *Provider) GroupSize(group string) (int, error) { return instanceGroup.CurrentSize() } +// DeleteNode deletes a node which is specified as the argument func (p *Provider) DeleteNode(node *v1.Node) error { client := newAWSClient("") @@ -80,6 +84,7 @@ func (p *Provider) DeleteNode(node *v1.Node) error { return err } +// CreatePD creates a persistent volume on the specified availability zone func (p *Provider) CreatePD(zone string) (string, error) { client := newAWSClient(zone) request := &ec2.CreateVolumeInput{} @@ -98,6 +103,7 @@ func (p *Provider) CreatePD(zone string) (string, error) { return volumeName, nil } +// DeletePD deletes a persistent volume func (p *Provider) DeletePD(pdName string) error { client := newAWSClient("") @@ -116,6 +122,7 @@ func (p *Provider) DeletePD(pdName string) error { return nil } +// CreatePVSource creates a persistent volume source func (p *Provider) CreatePVSource(zone, diskName string) (*v1.PersistentVolumeSource, error) { return &v1.PersistentVolumeSource{ AWSElasticBlockStore: &v1.AWSElasticBlockStoreVolumeSource{ @@ -125,6 +132,7 @@ func (p *Provider) CreatePVSource(zone, diskName string) (*v1.PersistentVolumeSo }, nil } +// DeletePVSource deletes a persistent volume source func (p *Provider) DeletePVSource(pvSource *v1.PersistentVolumeSource) error { return framework.DeletePDWithRetry(pvSource.AWSElasticBlockStore.VolumeID) } diff --git a/test/e2e/framework/providers/azure/azure.go b/test/e2e/framework/providers/azure/azure.go index e001778f4bc..32c500a081a 100644 --- a/test/e2e/framework/providers/azure/azure.go +++ b/test/e2e/framework/providers/azure/azure.go @@ -28,10 +28,10 @@ import ( ) func init() { - framework.RegisterProvider("azure", NewProvider) + framework.RegisterProvider("azure", newProvider) } -func NewProvider() (framework.ProviderInterface, error) { +func newProvider() (framework.ProviderInterface, error) { if framework.TestContext.CloudConfig.ConfigFile == "" { return nil, fmt.Errorf("config-file must be specified for Azure") } @@ -47,16 +47,19 @@ func NewProvider() (framework.ProviderInterface, error) { }, err } +//Provider is a structure to handle Azure clouds for e2e testing type Provider struct { framework.NullProvider azureCloud *azure.Cloud } +// DeleteNode deletes a node which is specified as the argument func (p *Provider) DeleteNode(node *v1.Node) error { return errors.New("not implemented yet") } +// CreatePD creates a persistent volume func (p *Provider) CreatePD(zone string) (string, error) { pdName := fmt.Sprintf("%s-%s", framework.TestContext.Prefix, string(uuid.NewUUID())) _, diskURI, _, err := p.azureCloud.CreateVolume(pdName, "" /* account */, "" /* sku */, "" /* location */, 1 /* sizeGb */) @@ -66,6 +69,7 @@ func (p *Provider) CreatePD(zone string) (string, error) { return diskURI, nil } +// DeletePD deletes a persistent volume func (p *Provider) DeletePD(pdName string) error { if err := p.azureCloud.DeleteVolume(pdName); err != nil { framework.Logf("failed to delete Azure volume %q: %v", pdName, err) @@ -74,6 +78,7 @@ func (p *Provider) DeletePD(pdName string) error { return nil } +// EnableAndDisableInternalLB returns functions for both enabling and disabling internal Load Balancer func (p *Provider) EnableAndDisableInternalLB() (enable, disable func(svc *v1.Service)) { enable = func(svc *v1.Service) { svc.ObjectMeta.Annotations = map[string]string{azure.ServiceAnnotationLoadBalancerInternal: "true"} diff --git a/test/e2e/framework/providers/gce/BUILD b/test/e2e/framework/providers/gce/BUILD index 26f978b789b..ac4dbf0dbec 100644 --- a/test/e2e/framework/providers/gce/BUILD +++ b/test/e2e/framework/providers/gce/BUILD @@ -20,7 +20,6 @@ go_library( "//staging/src/k8s.io/cloud-provider:go_default_library", "//test/e2e/framework:go_default_library", "//vendor/github.com/onsi/ginkgo:go_default_library", - "//vendor/github.com/onsi/gomega:go_default_library", "//vendor/google.golang.org/api/compute/v1:go_default_library", "//vendor/google.golang.org/api/googleapi:go_default_library", "//vendor/k8s.io/utils/exec:go_default_library", diff --git a/test/e2e/framework/providers/gce/firewall.go b/test/e2e/framework/providers/gce/firewall.go index 70468920d21..dc8a0ec8fbd 100644 --- a/test/e2e/framework/providers/gce/firewall.go +++ b/test/e2e/framework/providers/gce/firewall.go @@ -31,8 +31,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" cloudprovider "k8s.io/cloud-provider" "k8s.io/kubernetes/test/e2e/framework" - - . "github.com/onsi/gomega" ) const ( @@ -118,7 +116,7 @@ func GetClusterName(instancePrefix string) string { // From cluster/gce/util.sh, all firewall rules should be consistent with the ones created by startup scripts. func GetE2eFirewalls(masterName, masterTag, nodeTag, network, clusterIpRange string) []*compute.Firewall { instancePrefix, err := GetInstancePrefix(masterName) - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) clusterName := GetClusterName(instancePrefix) fws := []*compute.Firewall{} diff --git a/test/e2e/framework/providers/gce/ingress.go b/test/e2e/framework/providers/gce/ingress.go index 9ea772c7ee9..d8873d9ddfc 100644 --- a/test/e2e/framework/providers/gce/ingress.go +++ b/test/e2e/framework/providers/gce/ingress.go @@ -27,7 +27,6 @@ import ( "time" . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" compute "google.golang.org/api/compute/v1" "google.golang.org/api/googleapi" "k8s.io/api/core/v1" @@ -137,7 +136,7 @@ func (cont *GCEIngressController) ListGlobalForwardingRules() []*compute.Forward gceCloud := cont.Cloud.Provider.(*Provider).gceCloud fwdList := []*compute.ForwardingRule{} l, err := gceCloud.ListGlobalForwardingRules() - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) for _, fwd := range l { if cont.isOwned(fwd.Name) { fwdList = append(fwdList, fwd) @@ -171,7 +170,7 @@ func (cont *GCEIngressController) deleteForwardingRule(del bool) string { func (cont *GCEIngressController) GetGlobalAddress(ipName string) *compute.Address { gceCloud := cont.Cloud.Provider.(*Provider).gceCloud ip, err := gceCloud.GetGlobalAddress(ipName) - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) return ip } @@ -199,7 +198,7 @@ func (cont *GCEIngressController) ListTargetHttpProxies() []*compute.TargetHttpP gceCloud := cont.Cloud.Provider.(*Provider).gceCloud tpList := []*compute.TargetHttpProxy{} l, err := gceCloud.ListTargetHTTPProxies() - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) for _, tp := range l { if cont.isOwned(tp.Name) { tpList = append(tpList, tp) @@ -212,7 +211,7 @@ func (cont *GCEIngressController) ListTargetHttpsProxies() []*compute.TargetHttp gceCloud := cont.Cloud.Provider.(*Provider).gceCloud tpsList := []*compute.TargetHttpsProxy{} l, err := gceCloud.ListTargetHTTPSProxies() - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) for _, tps := range l { if cont.isOwned(tps.Name) { tpsList = append(tpsList, tps) @@ -260,7 +259,7 @@ func (cont *GCEIngressController) ListUrlMaps() []*compute.UrlMap { gceCloud := cont.Cloud.Provider.(*Provider).gceCloud umList := []*compute.UrlMap{} l, err := gceCloud.ListURLMaps() - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) for _, um := range l { if cont.isOwned(um.Name) { umList = append(umList, um) @@ -302,7 +301,7 @@ func (cont *GCEIngressController) ListGlobalBackendServices() []*compute.Backend gceCloud := cont.Cloud.Provider.(*Provider).gceCloud beList := []*compute.BackendService{} l, err := gceCloud.ListGlobalBackendServices() - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) for _, be := range l { if cont.isOwned(be.Name) { beList = append(beList, be) @@ -374,7 +373,7 @@ func (cont *GCEIngressController) ListSslCertificates() []*compute.SslCertificat gceCloud := cont.Cloud.Provider.(*Provider).gceCloud sslList := []*compute.SslCertificate{} l, err := gceCloud.ListSslCertificates() - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) for _, ssl := range l { if cont.isOwned(ssl.Name) { sslList = append(sslList, ssl) @@ -415,7 +414,7 @@ func (cont *GCEIngressController) ListInstanceGroups() []*compute.InstanceGroup gceCloud := cont.Cloud.Provider.(*Provider).gceCloud igList := []*compute.InstanceGroup{} l, err := gceCloud.ListInstanceGroups(cont.Cloud.Zone) - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) for _, ig := range l { if cont.isOwned(ig.Name) { igList = append(igList, ig) @@ -565,7 +564,7 @@ func (cont *GCEIngressController) GetFirewallRuleName() string { // methods here to be consistent with rest of the code in this repo. func (cont *GCEIngressController) GetFirewallRule() *compute.Firewall { fw, err := cont.GetFirewallRuleOrError() - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) return fw } diff --git a/test/e2e/framework/providers/kubemark/kubemark.go b/test/e2e/framework/providers/kubemark/kubemark.go index 6b9552b3322..0c5a8960586 100644 --- a/test/e2e/framework/providers/kubemark/kubemark.go +++ b/test/e2e/framework/providers/kubemark/kubemark.go @@ -61,9 +61,9 @@ func (p *Provider) FrameworkBeforeEach(f *framework.Framework) { externalConfig, err := clientcmd.BuildConfigFromFlags("", *kubemarkExternalKubeConfig) externalConfig.QPS = f.Options.ClientQPS externalConfig.Burst = f.Options.ClientBurst - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) externalClient, err := clientset.NewForConfig(externalConfig) - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) f.KubemarkExternalClusterClientSet = externalClient p.closeChannel = make(chan struct{}) externalInformerFactory := informers.NewSharedInformerFactory(externalClient, 0) @@ -71,7 +71,7 @@ func (p *Provider) FrameworkBeforeEach(f *framework.Framework) { kubemarkNodeInformer := kubemarkInformerFactory.Core().V1().Nodes() go kubemarkNodeInformer.Informer().Run(p.closeChannel) p.controller, err = kubemark.NewKubemarkController(externalClient, externalInformerFactory, f.ClientSet, kubemarkNodeInformer) - Expect(err).NotTo(HaveOccurred()) + framework.ExpectNoError(err) externalInformerFactory.Start(p.closeChannel) Expect(p.controller.WaitForCacheSync(p.closeChannel)).To(BeTrue()) go p.controller.Run(p.closeChannel) diff --git a/test/e2e/framework/service_util.go b/test/e2e/framework/service_util.go index 628d309253a..75cbc73be31 100644 --- a/test/e2e/framework/service_util.go +++ b/test/e2e/framework/service_util.go @@ -45,7 +45,6 @@ import ( imageutils "k8s.io/kubernetes/test/utils/image" . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" ) const ( @@ -349,7 +348,7 @@ func GetNodePublicIps(c clientset.Interface) ([]string, error) { func PickNodeIP(c clientset.Interface) string { publicIps, err := GetNodePublicIps(c) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) if len(publicIps) == 0 { Failf("got unexpected number (%d) of public IPs", len(publicIps)) } diff --git a/test/e2e/framework/statefulset_utils.go b/test/e2e/framework/statefulset_utils.go index 4b295b58e6b..24d8a39964a 100644 --- a/test/e2e/framework/statefulset_utils.go +++ b/test/e2e/framework/statefulset_utils.go @@ -26,8 +26,6 @@ import ( "strings" "time" - . "github.com/onsi/gomega" - apps "k8s.io/api/apps/v1" appsV1beta2 "k8s.io/api/apps/v1beta2" "k8s.io/api/core/v1" @@ -98,18 +96,18 @@ func (s *StatefulSetTester) CreateStatefulSet(manifestPath, ns string) *apps.Sta Logf("Parsing statefulset from %v", mkpath("statefulset.yaml")) ss, err := manifest.StatefulSetFromManifest(mkpath("statefulset.yaml"), ns) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) Logf("Parsing service from %v", mkpath("service.yaml")) svc, err := manifest.SvcFromManifest(mkpath("service.yaml")) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) Logf(fmt.Sprintf("creating " + ss.Name + " service")) _, err = s.c.CoreV1().Services(ns).Create(svc) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) Logf(fmt.Sprintf("creating statefulset %v/%v with %d replicas and selector %+v", ss.Namespace, ss.Name, *(ss.Spec.Replicas), ss.Spec.Selector)) _, err = s.c.AppsV1().StatefulSets(ns).Create(ss) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) s.WaitForRunningAndReady(*ss.Spec.Replicas, ss) return ss } @@ -187,7 +185,7 @@ type VerifyStatefulPodFunc func(*v1.Pod) func (s *StatefulSetTester) VerifyPodAtIndex(index int, ss *apps.StatefulSet, verify VerifyStatefulPodFunc) { name := getStatefulSetPodNameAtIndex(index, ss) pod, err := s.c.CoreV1().Pods(ss.Namespace).Get(name, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to get stateful pod %s for StatefulSet %s/%s", name, ss.Namespace, ss.Name)) + ExpectNoError(err, fmt.Sprintf("Failed to get stateful pod %s for StatefulSet %s/%s", name, ss.Namespace, ss.Name)) verify(pod) } diff --git a/test/e2e/framework/test_context.go b/test/e2e/framework/test_context.go index 900ed011437..f2cbb30d16e 100644 --- a/test/e2e/framework/test_context.go +++ b/test/e2e/framework/test_context.go @@ -27,10 +27,10 @@ import ( "github.com/onsi/ginkgo/config" "github.com/pkg/errors" - utilflag "k8s.io/apiserver/pkg/util/flag" restclient "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/klog" kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config" ) @@ -247,7 +247,7 @@ func RegisterCommonFlags() { flag.StringVar(&TestContext.Host, "host", "", fmt.Sprintf("The host, or apiserver, to connect to. Will default to %s if this argument and --kubeconfig are not set", defaultHost)) flag.StringVar(&TestContext.ReportPrefix, "report-prefix", "", "Optional prefix for JUnit XML reports. Default is empty, which doesn't prepend anything to the default name.") flag.StringVar(&TestContext.ReportDir, "report-dir", "", "Path to the directory where the JUnit XML reports should be saved. Default is empty, which doesn't generate these reports.") - flag.Var(utilflag.NewMapStringBool(&TestContext.FeatureGates), "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features.") + flag.Var(cliflag.NewMapStringBool(&TestContext.FeatureGates), "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features.") flag.StringVar(&TestContext.ContainerRuntime, "container-runtime", "docker", "The container runtime of cluster VM instances (docker/remote).") flag.StringVar(&TestContext.ContainerRuntimeEndpoint, "container-runtime-endpoint", "unix:///var/run/dockershim.sock", "The container runtime endpoint of cluster VM instances.") flag.StringVar(&TestContext.ContainerRuntimeProcessName, "container-runtime-process-name", "dockerd", "The name of the container runtime process.") diff --git a/test/e2e/framework/timer/timer.go b/test/e2e/framework/timer/timer.go index 37769cb3449..9620ae021c5 100644 --- a/test/e2e/framework/timer/timer.go +++ b/test/e2e/framework/timer/timer.go @@ -29,7 +29,7 @@ import ( var now = time.Now -// Represents a phase of a test. Phases can overlap. +// Phase represents a phase of a test. Phases can overlap. type Phase struct { sequenceNumber int name string @@ -63,9 +63,8 @@ func (phase *Phase) duration() time.Duration { func (phase *Phase) humanReadable() string { if phase.ended() { return fmt.Sprintf("Phase %s: %v\n", phase.label(), phase.duration()) - } else { - return fmt.Sprintf("Phase %s: %v so far\n", phase.label(), phase.duration()) } + return fmt.Sprintf("Phase %s: %v so far\n", phase.label(), phase.duration()) } // A TestPhaseTimer groups phases and provides a way to export their measurements as JSON or human-readable text. @@ -93,10 +92,12 @@ func (timer *TestPhaseTimer) StartPhase(sequenceNumber int, phaseName string) *P return newPhase } +// SummaryKind returns the summary of test summary. func (timer *TestPhaseTimer) SummaryKind() string { return "TestPhaseTimer" } +// PrintHumanReadable returns durations of all phases. func (timer *TestPhaseTimer) PrintHumanReadable() string { buf := bytes.Buffer{} timer.lock.Lock() @@ -107,6 +108,7 @@ func (timer *TestPhaseTimer) PrintHumanReadable() string { return buf.String() } +// PrintJSON returns durations of all phases with JSON format. func (timer *TestPhaseTimer) PrintJSON() string { data := perftype.PerfData{ Version: "v1", diff --git a/test/e2e/framework/util.go b/test/e2e/framework/util.go index 6155095d33f..72ce584f770 100644 --- a/test/e2e/framework/util.go +++ b/test/e2e/framework/util.go @@ -86,7 +86,6 @@ import ( nodectlr "k8s.io/kubernetes/pkg/controller/nodelifecycle" "k8s.io/kubernetes/pkg/controller/service" "k8s.io/kubernetes/pkg/features" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/kubelet/util/format" "k8s.io/kubernetes/pkg/master/ports" "k8s.io/kubernetes/pkg/scheduler/algorithm/predicates" @@ -187,6 +186,9 @@ const ( // restart before test is considered failed. RestartPodReadyAgainTimeout = 5 * time.Minute + // How long for snapshot to create snapshotContent + SnapshotCreateTimeout = 5 * time.Minute + // Number of objects that gc can delete in a second. // GC issues 2 requestes for single delete. gcThroughput = 10 @@ -827,7 +829,7 @@ func LogContainersInPodsWithLabels(c clientset.Interface, ns string, match map[s func DeleteNamespaces(c clientset.Interface, deleteFilter, skipFilter []string) ([]string, error) { By("Deleting namespaces") nsList, err := c.CoreV1().Namespaces().List(metav1.ListOptions{}) - Expect(err).NotTo(HaveOccurred(), "Failed to get namespace list") + ExpectNoError(err, "Failed to get namespace list") var deleted []string var wg sync.WaitGroup OUTER: @@ -1833,7 +1835,7 @@ func WaitForEndpoint(c clientset.Interface, ns, name string) error { Logf("Endpoint %s/%s is not ready yet", ns, name) continue } - Expect(err).NotTo(HaveOccurred(), "Failed to get endpoints for %s/%s", ns, name) + ExpectNoError(err, "Failed to get endpoints for %s/%s", ns, name) if len(endpoint.Subsets) == 0 || len(endpoint.Subsets[0].Addresses) == 0 { Logf("Endpoint %s/%s is not ready yet", ns, name) continue @@ -1865,7 +1867,7 @@ func (r podProxyResponseChecker) CheckAllResponses() (done bool, err error) { successes := 0 options := metav1.ListOptions{LabelSelector: r.label.String()} currentPods, err := r.c.CoreV1().Pods(r.ns).List(options) - Expect(err).NotTo(HaveOccurred(), "Failed to get list of currentPods in namespace: %s", r.ns) + ExpectNoError(err, "Failed to get list of currentPods in namespace: %s", r.ns) for i, pod := range r.pods.Items { // Check that the replica list remains unchanged, otherwise we have problems. if !isElementOf(pod.UID, currentPods) { @@ -2301,7 +2303,7 @@ func (b kubectlBuilder) ExecOrDie() string { Logf("stdout: %q", retryStr) Logf("err: %v", retryErr) } - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) return str } @@ -2496,7 +2498,7 @@ type EventsLister func(opts metav1.ListOptions, ns string) (*v1.EventList, error func DumpEventsInNamespace(eventsLister EventsLister, namespace string) { By(fmt.Sprintf("Collecting events from namespace %q.", namespace)) events, err := eventsLister(metav1.ListOptions{}, namespace) - Expect(err).NotTo(HaveOccurred(), "failed to list events in namespace %q", namespace) + ExpectNoError(err, "failed to list events in namespace %q", namespace) By(fmt.Sprintf("Found %d events.", len(events.Items))) // Sort events by their first timestamp @@ -3380,8 +3382,8 @@ func NodeAddresses(nodelist *v1.NodeList, addrType v1.NodeAddressType) []string return hosts } -// NewHostExecPodSpec returns the pod spec of hostexec pod -func NewHostExecPodSpec(ns, name string) *v1.Pod { +// NewExecPodSpec returns the pod spec of hostexec pod +func NewExecPodSpec(ns, name string, hostNetwork bool) *v1.Pod { immediate := int64(0) pod := &v1.Pod{ ObjectMeta: metav1.ObjectMeta{ @@ -3396,7 +3398,7 @@ func NewHostExecPodSpec(ns, name string) *v1.Pod { ImagePullPolicy: v1.PullIfNotPresent, }, }, - HostNetwork: true, + HostNetwork: hostNetwork, SecurityContext: &v1.PodSecurityContext{}, TerminationGracePeriodSeconds: &immediate, }, @@ -3439,7 +3441,7 @@ func RunHostCmdWithRetries(ns, name, cmd string, interval, timeout time.Duration // LaunchHostExecPod launches a hostexec pod in the given namespace and waits // until it's Running func LaunchHostExecPod(client clientset.Interface, ns, name string) *v1.Pod { - hostExecPod := NewHostExecPodSpec(ns, name) + hostExecPod := NewExecPodSpec(ns, name, true) pod, err := client.CoreV1().Pods(ns).Create(hostExecPod) ExpectNoError(err) err = WaitForPodRunningInNamespace(client, pod) @@ -3479,7 +3481,7 @@ func CreateExecPodOrFail(client clientset.Interface, ns, generateName string, tw tweak(execPod) } created, err := client.CoreV1().Pods(ns).Create(execPod) - Expect(err).NotTo(HaveOccurred(), "failed to create new exec pod in namespace: %s", ns) + ExpectNoError(err, "failed to create new exec pod in namespace: %s", ns) err = wait.PollImmediate(Poll, 5*time.Minute, func() (bool, error) { retrievedPod, err := client.CoreV1().Pods(execPod.Namespace).Get(created.Name, metav1.GetOptions{}) if err != nil { @@ -3490,7 +3492,7 @@ func CreateExecPodOrFail(client clientset.Interface, ns, generateName string, tw } return retrievedPod.Status.Phase == v1.PodRunning, nil }) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) return created.Name } @@ -3515,13 +3517,13 @@ func CreatePodOrFail(c clientset.Interface, ns, name string, labels map[string]s }, } _, err := c.CoreV1().Pods(ns).Create(pod) - Expect(err).NotTo(HaveOccurred(), "failed to create pod %s in namespace %s", name, ns) + ExpectNoError(err, "failed to create pod %s in namespace %s", name, ns) } func DeletePodOrFail(c clientset.Interface, ns, name string) { By(fmt.Sprintf("Deleting pod %s in namespace %s", name, ns)) err := c.CoreV1().Pods(ns).Delete(name, nil) - Expect(err).NotTo(HaveOccurred(), "failed to delete pod %s in namespace %s", name, ns) + ExpectNoError(err, "failed to delete pod %s in namespace %s", name, ns) } // CheckPodsRunningReady returns whether all pods whose names are listed in @@ -4224,16 +4226,10 @@ func OpenWebSocketForURL(url *url.URL, config *restclient.Config, protocols []st if err != nil { return nil, fmt.Errorf("Failed to create tls config: %v", err) } - if tlsConfig != nil { + if url.Scheme == "https" { url.Scheme = "wss" - if !strings.Contains(url.Host, ":") { - url.Host += ":443" - } } else { url.Scheme = "ws" - if !strings.Contains(url.Host, ":") { - url.Host += ":80" - } } headers, err := headersForConfig(config, url) if err != nil { @@ -5137,7 +5133,7 @@ func GetClusterZones(c clientset.Interface) (sets.String, error) { // collect values of zone label from all nodes zones := sets.NewString() for _, node := range nodes.Items { - if zone, found := node.Labels[kubeletapis.LabelZoneFailureDomain]; found { + if zone, found := node.Labels[v1.LabelZoneFailureDomain]; found { zones.Insert(zone) } } diff --git a/test/e2e/framework/volume_util.go b/test/e2e/framework/volume_util.go index 3687c22960f..b5c95741fdd 100644 --- a/test/e2e/framework/volume_util.go +++ b/test/e2e/framework/volume_util.go @@ -168,7 +168,7 @@ func NewGlusterfsServer(cs clientset.Interface, namespace string) (config Volume }, } endpoints, err := cs.CoreV1().Endpoints(namespace).Create(endpoints) - Expect(err).NotTo(HaveOccurred(), "failed to create endpoints for Gluster server") + ExpectNoError(err, "failed to create endpoints for Gluster server") return config, pod, ip } @@ -468,19 +468,19 @@ func TestVolumeClient(client clientset.Interface, config VolumeTestConfig, fsGro for i, test := range tests { fileName := fmt.Sprintf("/opt/%d/%s", i, test.File) _, err = LookForStringInPodExec(config.Namespace, clientPod.Name, []string{"cat", fileName}, test.ExpectedContent, time.Minute) - Expect(err).NotTo(HaveOccurred(), "failed: finding the contents of the mounted file %s.", fileName) + ExpectNoError(err, "failed: finding the contents of the mounted file %s.", fileName) } if fsGroup != nil { By("Checking fsGroup is correct.") _, err = LookForStringInPodExec(config.Namespace, clientPod.Name, []string{"ls", "-ld", "/opt/0"}, strconv.Itoa(int(*fsGroup)), time.Minute) - Expect(err).NotTo(HaveOccurred(), "failed: getting the right privileges in the file %v", int(*fsGroup)) + ExpectNoError(err, "failed: getting the right privileges in the file %v", int(*fsGroup)) } if fsType != "" { By("Checking fsType is correct.") _, err = LookForStringInPodExec(config.Namespace, clientPod.Name, []string{"grep", " /opt/0 ", "/proc/mounts"}, fsType, time.Minute) - Expect(err).NotTo(HaveOccurred(), "failed: getting the right fsType %s", fsType) + ExpectNoError(err, "failed: getting the right fsType %s", fsType) } } @@ -537,12 +537,14 @@ func InjectHtml(client clientset.Interface, config VolumeTestConfig, volume v1.V defer func() { podClient.Delete(podName, nil) + err := waitForPodNotFoundInNamespace(client, podName, injectPod.Namespace, PodDeleteTimeout) + ExpectNoError(err) }() injectPod, err := podClient.Create(injectPod) ExpectNoError(err, "Failed to create injector pod: %v", err) err = WaitForPodSuccessInNamespace(client, injectPod.Name, injectPod.Namespace) - Expect(err).NotTo(HaveOccurred()) + ExpectNoError(err) } func CreateGCEVolume() (*v1.PersistentVolumeSource, string) { diff --git a/test/e2e/instrumentation/OWNERS b/test/e2e/instrumentation/OWNERS index 3914495866f..cd8bb57c268 100644 --- a/test/e2e/instrumentation/OWNERS +++ b/test/e2e/instrumentation/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - DirectXMan12 - fabxc diff --git a/test/e2e/instrumentation/logging/OWNERS b/test/e2e/instrumentation/logging/OWNERS index c76a20b5677..6abb7c89ca6 100644 --- a/test/e2e/instrumentation/logging/OWNERS +++ b/test/e2e/instrumentation/logging/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - coffeepac - monotek diff --git a/test/e2e/instrumentation/monitoring/BUILD b/test/e2e/instrumentation/monitoring/BUILD index 5fae723aa8e..0b635c1455c 100644 --- a/test/e2e/instrumentation/monitoring/BUILD +++ b/test/e2e/instrumentation/monitoring/BUILD @@ -29,7 +29,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/selection:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/client-go/discovery:go_default_library", - "//staging/src/k8s.io/client-go/discovery/cached:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/restmapper:go_default_library", "//staging/src/k8s.io/metrics/pkg/client/custom_metrics:go_default_library", diff --git a/test/e2e/instrumentation/monitoring/custom_metrics_stackdriver.go b/test/e2e/instrumentation/monitoring/custom_metrics_stackdriver.go index 9c77aa43a40..e3af1b01870 100644 --- a/test/e2e/instrumentation/monitoring/custom_metrics_stackdriver.go +++ b/test/e2e/instrumentation/monitoring/custom_metrics_stackdriver.go @@ -33,7 +33,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/selection" "k8s.io/client-go/discovery" - cacheddiscovery "k8s.io/client-go/discovery/cached" + cacheddiscovery "k8s.io/client-go/discovery/cached/memory" "k8s.io/client-go/restmapper" "k8s.io/kubernetes/test/e2e/framework" customclient "k8s.io/metrics/pkg/client/custom_metrics" diff --git a/test/e2e/instrumentation/monitoring/metrics_grabber.go b/test/e2e/instrumentation/monitoring/metrics_grabber.go index e0d038a6a46..afcc9039811 100644 --- a/test/e2e/instrumentation/monitoring/metrics_grabber.go +++ b/test/e2e/instrumentation/monitoring/metrics_grabber.go @@ -32,7 +32,7 @@ import ( var _ = instrumentation.SIGDescribe("MetricsGrabber", func() { f := framework.NewDefaultFramework("metrics-grabber") var c, ec clientset.Interface - var grabber *metrics.MetricsGrabber + var grabber *metrics.Grabber gin.BeforeEach(func() { var err error c = f.ClientSet @@ -44,7 +44,7 @@ var _ = instrumentation.SIGDescribe("MetricsGrabber", func() { gin.It("should grab all metrics from API server.", func() { gin.By("Connecting to /metrics endpoint") - response, err := grabber.GrabFromApiServer() + response, err := grabber.GrabFromAPIServer() framework.ExpectNoError(err) gom.Expect(response).NotTo(gom.BeEmpty()) }) diff --git a/test/e2e/kubectl/OWNERS b/test/e2e/kubectl/OWNERS index ce699e9679a..d3e63eb0d8a 100644 --- a/test/e2e/kubectl/OWNERS +++ b/test/e2e/kubectl/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/test/e2e/kubectl/kubectl.go b/test/e2e/kubectl/kubectl.go index 078323e4565..4c8320e951c 100644 --- a/test/e2e/kubectl/kubectl.go +++ b/test/e2e/kubectl/kubectl.go @@ -514,8 +514,23 @@ var _ = SIGDescribe("Kubectl client", func() { runOutput := framework.NewKubectlCommand(nsFlag, "run", "run-test", "--image="+busyboxImage, "--restart=OnFailure", "--attach=true", "--stdin", "--", "sh", "-c", "cat && echo 'stdin closed'"). WithStdinData("abcd1234"). ExecOrDie() - Expect(runOutput).To(ContainSubstring("abcd1234")) - Expect(runOutput).To(ContainSubstring("stdin closed")) + + g := func(pods []*v1.Pod) sort.Interface { return sort.Reverse(controller.ActivePods(pods)) } + runTestPod, _, err := polymorphichelpers.GetFirstPod(f.ClientSet.CoreV1(), ns, "run=run-test", 1*time.Minute, g) + Expect(err).To(BeNil()) + // NOTE: we cannot guarantee our output showed up in the container logs before stdin was closed, so we have + // to loop test. + err = wait.PollImmediate(time.Second, time.Minute, func() (bool, error) { + if !framework.CheckPodsRunningReady(c, ns, []string{runTestPod.Name}, 1*time.Second) { + framework.Failf("Pod %q of Job %q should still be running", runTestPod.Name, "run-test") + } + logOutput := framework.RunKubectlOrDie(nsFlag, "logs", runTestPod.Name) + Expect(runOutput).To(ContainSubstring("abcd1234")) + Expect(runOutput).To(ContainSubstring("stdin closed")) + return strings.Contains(logOutput, "abcd1234"), nil + }) + Expect(err).To(BeNil()) + Expect(c.BatchV1().Jobs(ns).Delete("run-test", nil)).To(BeNil()) By("executing a command with run and attach without stdin") @@ -531,11 +546,9 @@ var _ = SIGDescribe("Kubectl client", func() { WithStdinData("abcd1234\n"). ExecOrDie() Expect(runOutput).ToNot(ContainSubstring("stdin closed")) - g := func(pods []*v1.Pod) sort.Interface { return sort.Reverse(controller.ActivePods(pods)) } - runTestPod, _, err := polymorphichelpers.GetFirstPod(f.ClientSet.CoreV1(), ns, "run=run-test-3", 1*time.Minute, g) - if err != nil { - os.Exit(1) - } + g = func(pods []*v1.Pod) sort.Interface { return sort.Reverse(controller.ActivePods(pods)) } + runTestPod, _, err = polymorphichelpers.GetFirstPod(f.ClientSet.CoreV1(), ns, "run=run-test-3", 1*time.Minute, g) + Expect(err).To(BeNil()) if !framework.CheckPodsRunningReady(c, ns, []string{runTestPod.Name}, time.Minute) { framework.Failf("Pod %q of Job %q should still be running", runTestPod.Name, "run-test-3") } @@ -550,9 +563,6 @@ var _ = SIGDescribe("Kubectl client", func() { Expect(logOutput).ToNot(ContainSubstring("stdin closed")) return strings.Contains(logOutput, "abcd1234"), nil }) - if err != nil { - os.Exit(1) - } Expect(err).To(BeNil()) Expect(c.BatchV1().Jobs(ns).Delete("run-test-3", nil)).To(BeNil()) diff --git a/test/e2e/lifecycle/OWNERS b/test/e2e/lifecycle/OWNERS index b47b8c6f0ed..598596bf175 100644 --- a/test/e2e/lifecycle/OWNERS +++ b/test/e2e/lifecycle/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cluster-lifecycle-maintainers reviewers: diff --git a/test/e2e/lifecycle/bootstrap/OWNERS b/test/e2e/lifecycle/bootstrap/OWNERS index 54f38546f7d..b6f8ac41fc6 100644 --- a/test/e2e/lifecycle/bootstrap/OWNERS +++ b/test/e2e/lifecycle/bootstrap/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: #sig-cluster-lifecycle is the owner of this feature - jbeda - luxas diff --git a/test/e2e/network/BUILD b/test/e2e/network/BUILD index a1987d8644c..8df831586ee 100644 --- a/test/e2e/network/BUILD +++ b/test/e2e/network/BUILD @@ -35,7 +35,6 @@ go_library( "//pkg/client/clientset_generated/internalclientset:go_default_library", "//pkg/cloudprovider/providers/gce:go_default_library", "//pkg/controller/endpoint:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/master/ports:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/test/e2e/network/OWNERS b/test/e2e/network/OWNERS index 064cbc393ef..9af008152f7 100644 --- a/test/e2e/network/OWNERS +++ b/test/e2e/network/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - sig-network-reviewers approvers: diff --git a/test/e2e/network/firewall.go b/test/e2e/network/firewall.go index 32e4c1ace1c..db43181ab7a 100644 --- a/test/e2e/network/firewall.go +++ b/test/e2e/network/firewall.go @@ -25,7 +25,6 @@ import ( clientset "k8s.io/client-go/kubernetes" cloudprovider "k8s.io/cloud-provider" gcecloud "k8s.io/kubernetes/pkg/cloudprovider/providers/gce" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/pkg/master/ports" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/framework/providers/gce" @@ -142,7 +141,7 @@ var _ = SIGDescribe("Firewall rule", func() { // Instance could run in a different zone in multi-zone test. Figure out which zone // it is in before proceeding. zone := cloudConfig.Zone - if zoneInLabel, ok := nodeList.Items[0].Labels[kubeletapis.LabelZoneFailureDomain]; ok { + if zoneInLabel, ok := nodeList.Items[0].Labels[v1.LabelZoneFailureDomain]; ok { zone = zoneInLabel } removedTags := gce.SetInstanceTags(cloudConfig, nodesNames[0], zone, []string{}) diff --git a/test/e2e/node/OWNERS b/test/e2e/node/OWNERS index 82e510eaaab..7695cc16b12 100644 --- a/test/e2e/node/OWNERS +++ b/test/e2e/node/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - Random-Liu - dchen1107 diff --git a/test/e2e/node/README.md b/test/e2e/node/README.md index 55520d7e2f0..cbe89081bee 100644 --- a/test/e2e/node/README.md +++ b/test/e2e/node/README.md @@ -1,9 +1,9 @@ # WARNING: Do not add tests in this directory There are two types of end-to-end tests in Kubernetes: - * [Cluster end-to-end tests](https://git.k8s.io/community/contributors/devel/e2e-tests.md) + * [Cluster end-to-end tests](https://git.k8s.io/community/contributors/devel/sig-testing/e2e-tests.md) * [Node end-to-end - tests](https://github.com/kubernetes/community/blob/master/contributors/devel/e2e-node-tests.md) + tests](https://git.k8s.io/community/contributors/devel/sig-node/e2e-node-tests.md) Tests located in `${KUBE_ROOT}/test/e2e/common` are shared by both Cluster and Node E2E test jobs. Tests in `${KUBE_ROOT}/test/e2e_node` are exclusively diff --git a/test/e2e/scalability/BUILD b/test/e2e/scalability/BUILD index 0d7e0e47f69..7e9f5a1ddd6 100644 --- a/test/e2e/scalability/BUILD +++ b/test/e2e/scalability/BUILD @@ -29,7 +29,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/discovery:go_default_library", - "//staging/src/k8s.io/client-go/discovery/cached:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", diff --git a/test/e2e/scalability/OWNERS b/test/e2e/scalability/OWNERS index 80e945f3982..f0717a5361c 100644 --- a/test/e2e/scalability/OWNERS +++ b/test/e2e/scalability/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - gmarek - shyamjvs diff --git a/test/e2e/scalability/load.go b/test/e2e/scalability/load.go index a89067886cd..43ebd350bef 100644 --- a/test/e2e/scalability/load.go +++ b/test/e2e/scalability/load.go @@ -37,7 +37,7 @@ import ( utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/discovery" - cacheddiscovery "k8s.io/client-go/discovery/cached" + cacheddiscovery "k8s.io/client-go/discovery/cached/memory" "k8s.io/client-go/dynamic" clientset "k8s.io/client-go/kubernetes" restclient "k8s.io/client-go/rest" diff --git a/test/e2e/scheduling/BUILD b/test/e2e/scheduling/BUILD index 9d58bc67694..bf1260593ff 100644 --- a/test/e2e/scheduling/BUILD +++ b/test/e2e/scheduling/BUILD @@ -22,7 +22,6 @@ go_library( "//pkg/apis/core:go_default_library", "//pkg/apis/extensions:go_default_library", "//pkg/apis/scheduling:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/algorithm/priorities/util:go_default_library", "//pkg/scheduler/api:go_default_library", "//staging/src/k8s.io/api/apps/v1:go_default_library", diff --git a/test/e2e/scheduling/OWNERS b/test/e2e/scheduling/OWNERS index d2792efd526..60d3f73d36d 100644 --- a/test/e2e/scheduling/OWNERS +++ b/test/e2e/scheduling/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-scheduling-maintainers reviewers: diff --git a/test/e2e/scheduling/ubernetes_lite.go b/test/e2e/scheduling/ubernetes_lite.go index ba95b362928..f985f133e06 100644 --- a/test/e2e/scheduling/ubernetes_lite.go +++ b/test/e2e/scheduling/ubernetes_lite.go @@ -28,7 +28,6 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/apimachinery/pkg/util/uuid" clientset "k8s.io/client-go/kubernetes" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/test/e2e/framework" testutils "k8s.io/kubernetes/test/utils" imageutils "k8s.io/kubernetes/test/utils/image" @@ -117,12 +116,12 @@ func SpreadServiceOrFail(f *framework.Framework, replicaCount int, image string) // Find the name of the zone in which a Node is running func getZoneNameForNode(node v1.Node) (string, error) { for key, value := range node.Labels { - if key == kubeletapis.LabelZoneFailureDomain { + if key == v1.LabelZoneFailureDomain { return value, nil } } return "", fmt.Errorf("Zone name for node %s not found. No label with key %s", - node.Name, kubeletapis.LabelZoneFailureDomain) + node.Name, v1.LabelZoneFailureDomain) } // Return the number of zones in which we have nodes in this cluster. diff --git a/test/e2e/scheduling/ubernetes_lite_volumes.go b/test/e2e/scheduling/ubernetes_lite_volumes.go index 0493a87866f..c4ffd285d39 100644 --- a/test/e2e/scheduling/ubernetes_lite_volumes.go +++ b/test/e2e/scheduling/ubernetes_lite_volumes.go @@ -28,7 +28,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/uuid" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/framework/providers/gce" ) @@ -166,7 +165,7 @@ func OnlyAllowNodeZones(f *framework.Framework, zoneCount int, image string) { pv, err := c.CoreV1().PersistentVolumes().Get(claim.Spec.VolumeName, metav1.GetOptions{}) Expect(err).NotTo(HaveOccurred()) - pvZone, ok := pv.ObjectMeta.Labels[kubeletapis.LabelZoneFailureDomain] + pvZone, ok := pv.ObjectMeta.Labels[v1.LabelZoneFailureDomain] Expect(ok).To(BeTrue(), "PV has no LabelZone to be found") pvZones.Insert(pvZone) } diff --git a/test/e2e/storage/BUILD b/test/e2e/storage/BUILD index 34162b86735..7ecc8bf88c3 100644 --- a/test/e2e/storage/BUILD +++ b/test/e2e/storage/BUILD @@ -35,7 +35,6 @@ go_library( "//pkg/apis/core/v1/helper:go_default_library", "//pkg/apis/storage/v1/util:go_default_library", "//pkg/client/conditions:go_default_library", - "//pkg/kubelet/apis:go_default_library", "//pkg/kubelet/metrics:go_default_library", "//pkg/util/slice:go_default_library", "//pkg/volume/util:go_default_library", @@ -64,15 +63,13 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/authentication/serviceaccount:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library", - "//staging/src/k8s.io/csi-api/pkg/apis/csi/v1alpha1:go_default_library", + "//staging/src/k8s.io/cloud-provider/volume/helpers:go_default_library", "//staging/src/k8s.io/csi-api/pkg/client/clientset/versioned:go_default_library", "//test/e2e/framework:go_default_library", "//test/e2e/framework/metrics:go_default_library", - "//test/e2e/framework/podlogs:go_default_library", "//test/e2e/framework/providers/gce:go_default_library", "//test/e2e/framework/testfiles:go_default_library", "//test/e2e/storage/drivers:go_default_library", - "//test/e2e/storage/testpatterns:go_default_library", "//test/e2e/storage/testsuites:go_default_library", "//test/e2e/storage/utils:go_default_library", "//test/utils/image:go_default_library", diff --git a/test/e2e/storage/OWNERS b/test/e2e/storage/OWNERS index 46424783f87..e60b9938ebc 100644 --- a/test/e2e/storage/OWNERS +++ b/test/e2e/storage/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - rootfs diff --git a/test/e2e/storage/csi_volumes.go b/test/e2e/storage/csi_volumes.go index 171adbf2630..5ddd5972909 100644 --- a/test/e2e/storage/csi_volumes.go +++ b/test/e2e/storage/csi_volumes.go @@ -17,11 +17,10 @@ limitations under the License. package storage import ( - "context" "encoding/json" "fmt" - "regexp" "strings" + "time" "k8s.io/api/core/v1" storagev1 "k8s.io/api/storage/v1" @@ -29,12 +28,9 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" clientset "k8s.io/client-go/kubernetes" - csiv1alpha1 "k8s.io/csi-api/pkg/apis/csi/v1alpha1" csiclient "k8s.io/csi-api/pkg/client/clientset/versioned" "k8s.io/kubernetes/test/e2e/framework" - "k8s.io/kubernetes/test/e2e/framework/podlogs" "k8s.io/kubernetes/test/e2e/storage/drivers" - "k8s.io/kubernetes/test/e2e/storage/testpatterns" "k8s.io/kubernetes/test/e2e/storage/testsuites" "k8s.io/kubernetes/test/e2e/storage/utils" imageutils "k8s.io/kubernetes/test/utils/image" @@ -44,13 +40,12 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/util/rand" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" ) // List of testDrivers to be executed in below loop -var csiTestDrivers = []func(config testsuites.TestConfig) testsuites.TestDriver{ +var csiTestDrivers = []func() testsuites.TestDriver{ drivers.InitHostPathCSIDriver, - drivers.InitGcePDCSIDriver, + func() testsuites.TestDriver { return drivers.InitGcePDCSIDriver(false /* topology enabled */) }, drivers.InitGcePDExternalCSIDriver, drivers.InitHostPathV0CSIDriver, // Don't run tests with mock driver (drivers.InitMockCSIDriver), it does not provide persistent storage. @@ -63,212 +58,137 @@ var csiTestSuites = []func() testsuites.TestSuite{ testsuites.InitVolumeModeTestSuite, testsuites.InitSubPathTestSuite, testsuites.InitProvisioningTestSuite, -} - -func csiTunePattern(patterns []testpatterns.TestPattern) []testpatterns.TestPattern { - tunedPatterns := []testpatterns.TestPattern{} - - for _, pattern := range patterns { - // Skip inline volume and pre-provsioned PV tests for csi drivers - if pattern.VolType == testpatterns.InlineVolume || pattern.VolType == testpatterns.PreprovisionedPV { - continue - } - tunedPatterns = append(tunedPatterns, pattern) - } - - return tunedPatterns + testsuites.InitSnapshottableTestSuite, } // This executes testSuites for csi volumes. var _ = utils.SIGDescribe("CSI Volumes", func() { - f := framework.NewDefaultFramework("csi-volumes") - - var ( - cancel context.CancelFunc - cs clientset.Interface - csics csiclient.Interface - ns *v1.Namespace - // Common configuration options for each driver. - config = testsuites.TestConfig{ - Framework: f, - Prefix: "csi", - } - ) - - BeforeEach(func() { - ctx, c := context.WithCancel(context.Background()) - cancel = c - cs = f.ClientSet - csics = f.CSIClientSet - ns = f.Namespace - - // Debugging of the following tests heavily depends on the log output - // of the different containers. Therefore include all of that in log - // files (when using --report-dir, as in the CI) or the output stream - // (otherwise). - to := podlogs.LogOutput{ - StatusWriter: GinkgoWriter, - } - if framework.TestContext.ReportDir == "" { - to.LogWriter = GinkgoWriter - } else { - test := CurrentGinkgoTestDescription() - reg := regexp.MustCompile("[^a-zA-Z0-9_-]+") - // We end the prefix with a slash to ensure that all logs - // end up in a directory named after the current test. - to.LogPathPrefix = framework.TestContext.ReportDir + "/" + - reg.ReplaceAllString(test.FullTestText, "_") + "/" - } - podlogs.CopyAllLogs(ctx, cs, ns.Name, to) - - // pod events are something that the framework already collects itself - // after a failed test. Logging them live is only useful for interactive - // debugging, not when we collect reports. - if framework.TestContext.ReportDir == "" { - podlogs.WatchPods(ctx, cs, ns.Name, GinkgoWriter) - } - }) - - AfterEach(func() { - cancel() - }) - for _, initDriver := range csiTestDrivers { - curDriver := initDriver(config) - curConfig := curDriver.GetDriverInfo().Config + curDriver := initDriver() + Context(testsuites.GetDriverNameWithFeatureTags(curDriver), func() { - BeforeEach(func() { - // Reset config. The driver might have modified its copy - // in a previous test. - curDriver.GetDriverInfo().Config = curConfig - - // setupDriver - curDriver.CreateDriver() - }) - - AfterEach(func() { - // Cleanup driver - curDriver.CleanupDriver() - }) - - testsuites.RunTestSuite(f, curDriver, csiTestSuites, csiTunePattern) + testsuites.DefineTestSuite(curDriver, csiTestSuites) }) } Context("CSI Topology test using GCE PD driver [Feature:CSINodeInfo]", func() { - newConfig := config - newConfig.TopologyEnabled = true - driver := drivers.InitGcePDCSIDriver(newConfig).(testsuites.DynamicPVTestDriver) // TODO (#71289) eliminate by moving this test to common test suite. + f := framework.NewDefaultFramework("csitopology") + driver := drivers.InitGcePDCSIDriver(true /* topology enabled */).(testsuites.DynamicPVTestDriver) // TODO (#71289) eliminate by moving this test to common test suite. + var ( + config *testsuites.PerTestConfig + testCleanup func() + ) BeforeEach(func() { - driver.CreateDriver() + config, testCleanup = driver.PrepareTest(f) }) AfterEach(func() { - driver.CleanupDriver() + if testCleanup != nil { + testCleanup() + } }) It("should provision zonal PD with immediate volume binding and AllowedTopologies set and mount the volume to a pod", func() { suffix := "topology-positive" - testTopologyPositive(cs, suffix, ns.GetName(), false /* delayBinding */, true /* allowedTopologies */) + testTopologyPositive(config.Framework.ClientSet, suffix, config.Framework.Namespace.GetName(), false /* delayBinding */, true /* allowedTopologies */) }) It("should provision zonal PD with delayed volume binding and mount the volume to a pod", func() { suffix := "delayed" - testTopologyPositive(cs, suffix, ns.GetName(), true /* delayBinding */, false /* allowedTopologies */) + testTopologyPositive(config.Framework.ClientSet, suffix, config.Framework.Namespace.GetName(), true /* delayBinding */, false /* allowedTopologies */) }) It("should provision zonal PD with delayed volume binding and AllowedTopologies set and mount the volume to a pod", func() { suffix := "delayed-topology-positive" - testTopologyPositive(cs, suffix, ns.GetName(), true /* delayBinding */, true /* allowedTopologies */) + testTopologyPositive(config.Framework.ClientSet, suffix, config.Framework.Namespace.GetName(), true /* delayBinding */, true /* allowedTopologies */) }) It("should fail to schedule a pod with a zone missing from AllowedTopologies; PD is provisioned with immediate volume binding", func() { - framework.SkipUnlessMultizone(cs) + framework.SkipUnlessMultizone(config.Framework.ClientSet) suffix := "topology-negative" - testTopologyNegative(cs, suffix, ns.GetName(), false /* delayBinding */) + testTopologyNegative(config.Framework.ClientSet, suffix, config.Framework.Namespace.GetName(), false /* delayBinding */) }) It("should fail to schedule a pod with a zone missing from AllowedTopologies; PD is provisioned with delayed volume binding", func() { - framework.SkipUnlessMultizone(cs) + framework.SkipUnlessMultizone(config.Framework.ClientSet) suffix := "delayed-topology-negative" - testTopologyNegative(cs, suffix, ns.GetName(), true /* delayBinding */) + testTopologyNegative(config.Framework.ClientSet, suffix, config.Framework.Namespace.GetName(), true /* delayBinding */) }) }) // The CSIDriverRegistry feature gate is needed for this test in Kubernetes 1.12. - Context("CSI attach test using HostPath driver [Feature:CSIDriverRegistry]", func() { + + Context("CSI attach test using mock driver [Feature:CSIDriverRegistry]", func() { var ( + err error driver testsuites.TestDriver ) - BeforeEach(func() { - config := testsuites.TestConfig{ - Framework: f, - Prefix: "csi-attach", - } - driver = drivers.InitHostPathCSIDriver(config) - driver.CreateDriver() - }) - - AfterEach(func() { - driver.CleanupDriver() - }) - tests := []struct { - name string - driverAttachable bool - driverExists bool - expectVolumeAttachment bool + name string + driverAttachable bool + deployDriverCRD bool }{ { - name: "non-attachable volume does not need VolumeAttachment", - driverAttachable: false, - driverExists: true, - expectVolumeAttachment: false, + name: "should not require VolumeAttach for drivers without attachment", + driverAttachable: false, + deployDriverCRD: true, }, { - name: "attachable volume needs VolumeAttachment", - driverAttachable: true, - driverExists: true, - expectVolumeAttachment: true, + name: "should require VolumeAttach for drivers with attachment", + driverAttachable: true, + deployDriverCRD: true, }, { - name: "volume with no CSI driver needs VolumeAttachment", - driverExists: false, - expectVolumeAttachment: true, + name: "should preserve attachment policy when no CSIDriver present", + driverAttachable: true, + deployDriverCRD: false, }, } for _, t := range tests { test := t + f := framework.NewDefaultFramework("csiattach") + It(test.name, func() { - if test.driverExists { - csiDriver := createCSIDriver(csics, testsuites.GetUniqueDriverName(driver), test.driverAttachable, nil) - if csiDriver != nil { - defer csics.CsiV1alpha1().CSIDrivers().Delete(csiDriver.Name, nil) - } + cs := f.ClientSet + csics := f.CSIClientSet + ns := f.Namespace + + driver = drivers.InitMockCSIDriver(test.deployDriverCRD, test.driverAttachable, nil) + config, testCleanup := driver.PrepareTest(f) + driverName := config.GetUniqueDriverName() + defer testCleanup() + + if test.deployDriverCRD { + err = waitForCSIDriver(csics, driverName) + framework.ExpectNoError(err, "Failed to get CSIDriver: %v", err) + defer destroyCSIDriver(csics, driverName) } By("Creating pod") var sc *storagev1.StorageClass if dDriver, ok := driver.(testsuites.DynamicPVTestDriver); ok { - sc = dDriver.GetDynamicProvisionStorageClass("") + sc = dDriver.GetDynamicProvisionStorageClass(config, "") } - nodeName := driver.GetDriverInfo().Config.ClientNodeName + nodeName := config.ClientNodeName scTest := testsuites.StorageClassTest{ Name: driver.GetDriverInfo().Name, Provisioner: sc.Provisioner, Parameters: sc.Parameters, ClaimSize: "1Gi", ExpectedSize: "1Gi", - NodeName: nodeName, } - class, claim, pod := startPausePod(cs, scTest, ns.Name) + nodeSelection := testsuites.NodeSelection{ + Name: nodeName, + } + class, claim, pod := startPausePod(cs, scTest, nodeSelection, ns.Name) if class != nil { defer cs.StorageV1().StorageClasses().Delete(class.Name, nil) } if claim != nil { - defer cs.CoreV1().PersistentVolumeClaims(ns.Name).Delete(claim.Name, nil) + // Fully delete PV before deleting CSI driver + defer deleteVolume(cs, claim) } if pod != nil { // Fully delete (=unmount) the pod before deleting CSI driver @@ -278,124 +198,122 @@ var _ = utils.SIGDescribe("CSI Volumes", func() { return } - err := framework.WaitForPodNameRunningInNamespace(cs, pod.Name, pod.Namespace) + err = framework.WaitForPodNameRunningInNamespace(cs, pod.Name, pod.Namespace) framework.ExpectNoError(err, "Failed to start pod: %v", err) By("Checking if VolumeAttachment was created for the pod") - // Check that VolumeAttachment does not exist handle := getVolumeHandle(cs, claim) attachmentHash := sha256.Sum256([]byte(fmt.Sprintf("%s%s%s", handle, scTest.Provisioner, nodeName))) attachmentName := fmt.Sprintf("csi-%x", attachmentHash) _, err = cs.StorageV1beta1().VolumeAttachments().Get(attachmentName, metav1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - if test.expectVolumeAttachment { + if test.driverAttachable { framework.ExpectNoError(err, "Expected VolumeAttachment but none was found") } } else { framework.ExpectNoError(err, "Failed to find VolumeAttachment") } } - if !test.expectVolumeAttachment { + if !test.driverAttachable { Expect(err).To(HaveOccurred(), "Unexpected VolumeAttachment found") } }) } }) - Context("CSI workload information [Feature:CSIDriverRegistry]", func() { + Context("CSI workload information using mock driver [Feature:CSIDriverRegistry]", func() { var ( + err error driver testsuites.TestDriver podInfoV1 = "v1" podInfoUnknown = "unknown" podInfoEmpty = "" ) - BeforeEach(func() { - config := testsuites.TestConfig{ - Framework: f, - Prefix: "csi-workload", - } - driver = drivers.InitMockCSIDriver(config) - driver.CreateDriver() - }) - - AfterEach(func() { - driver.CleanupDriver() - }) - tests := []struct { name string podInfoOnMountVersion *string - driverExists bool + deployDriverCRD bool expectPodInfo bool }{ { name: "should not be passed when podInfoOnMountVersion=nil", podInfoOnMountVersion: nil, - driverExists: true, + deployDriverCRD: true, expectPodInfo: false, }, { name: "should be passed when podInfoOnMountVersion=v1", podInfoOnMountVersion: &podInfoV1, - driverExists: true, + deployDriverCRD: true, expectPodInfo: true, }, { name: "should not be passed when podInfoOnMountVersion=", podInfoOnMountVersion: &podInfoEmpty, - driverExists: true, + deployDriverCRD: true, expectPodInfo: false, }, { name: "should not be passed when podInfoOnMountVersion=", podInfoOnMountVersion: &podInfoUnknown, - driverExists: true, + deployDriverCRD: true, expectPodInfo: false, }, { - name: "should not be passed when CSIDriver does not exist", - driverExists: false, - expectPodInfo: false, + name: "should not be passed when CSIDriver does not exist", + deployDriverCRD: false, + expectPodInfo: false, }, } for _, t := range tests { test := t + f := framework.NewDefaultFramework("csiworkload") + It(test.name, func() { - if test.driverExists { - csiDriver := createCSIDriver(csics, testsuites.GetUniqueDriverName(driver), true, test.podInfoOnMountVersion) - if csiDriver != nil { - defer csics.CsiV1alpha1().CSIDrivers().Delete(csiDriver.Name, nil) - } + cs := f.ClientSet + csics := f.CSIClientSet + ns := f.Namespace + + driver = drivers.InitMockCSIDriver(test.deployDriverCRD, true, test.podInfoOnMountVersion) + config, testCleanup := driver.PrepareTest(f) + driverName := config.GetUniqueDriverName() + defer testCleanup() + + if test.deployDriverCRD { + err = waitForCSIDriver(csics, driverName) + framework.ExpectNoError(err, "Failed to get CSIDriver: %v", err) + defer destroyCSIDriver(csics, driverName) } By("Creating pod") var sc *storagev1.StorageClass if dDriver, ok := driver.(testsuites.DynamicPVTestDriver); ok { - sc = dDriver.GetDynamicProvisionStorageClass("") + sc = dDriver.GetDynamicProvisionStorageClass(config, "") } - nodeName := driver.GetDriverInfo().Config.ClientNodeName + nodeName := config.ClientNodeName scTest := testsuites.StorageClassTest{ Name: driver.GetDriverInfo().Name, Parameters: sc.Parameters, ClaimSize: "1Gi", ExpectedSize: "1Gi", - // The mock driver only works when everything runs on a single node. - NodeName: nodeName, // Provisioner and storage class name must match what's used in // csi-storageclass.yaml, plus the test-specific suffix. Provisioner: sc.Provisioner, StorageClassName: "csi-mock-sc-" + f.UniqueName, - // Mock driver does not provide any persistency. - SkipWriteReadCheck: true, } - class, claim, pod := startPausePod(cs, scTest, ns.Name) + nodeSelection := testsuites.NodeSelection{ + // The mock driver only works when everything runs on a single node. + Name: nodeName, + } + class, claim, pod := startPausePod(cs, scTest, nodeSelection, ns.Name) if class != nil { defer cs.StorageV1().StorageClasses().Delete(class.Name, nil) } if claim != nil { - defer cs.CoreV1().PersistentVolumeClaims(ns.Name).Delete(claim.Name, nil) + // Fully delete PV before deleting CSI driver + defer deleteVolume(cs, claim) } if pod != nil { // Fully delete (=unmount) the pod before deleting CSI driver @@ -404,7 +322,7 @@ var _ = utils.SIGDescribe("CSI Volumes", func() { if pod == nil { return } - err := framework.WaitForPodNameRunningInNamespace(cs, pod.Name, pod.Namespace) + err = framework.WaitForPodNameRunningInNamespace(cs, pod.Name, pod.Namespace) framework.ExpectNoError(err, "Failed to start pod: %v", err) By("Checking CSI driver logs") // The driver is deployed as a statefulset with stable pod names @@ -425,14 +343,16 @@ func testTopologyPositive(cs clientset.Interface, suffix, namespace string, dela topoZone := getRandomClusterZone(cs) addSingleCSIZoneAllowedTopologyToStorageClass(cs, class, topoZone) } - claim := newClaim(test, namespace, suffix) - claim.Spec.StorageClassName = &class.Name + test.Client = cs + test.Claim = newClaim(test, namespace, suffix) + test.Claim.Spec.StorageClassName = &class.Name + test.Class = class if delayBinding { - _, node := testsuites.TestBindingWaitForFirstConsumer(test, cs, claim, class) + _, node := test.TestBindingWaitForFirstConsumer(nil /* node selector */, false /* expect unschedulable */) Expect(node).ToNot(BeNil(), "Unexpected nil node found") } else { - testsuites.TestDynamicProvisioning(test, cs, claim, class) + test.TestDynamicProvisioning() } } @@ -450,34 +370,48 @@ func testTopologyNegative(cs clientset.Interface, suffix, namespace string, dela test := createGCEPDStorageClassTest() test.DelayBinding = delayBinding - test.NodeSelector = map[string]string{kubeletapis.LabelZoneFailureDomain: podZone} - test.ExpectUnschedulable = true + nodeSelector := map[string]string{v1.LabelZoneFailureDomain: podZone} - class := newStorageClass(test, namespace, suffix) - addSingleCSIZoneAllowedTopologyToStorageClass(cs, class, pvZone) - claim := newClaim(test, namespace, suffix) - claim.Spec.StorageClassName = &class.Name + test.Client = cs + test.Class = newStorageClass(test, namespace, suffix) + addSingleCSIZoneAllowedTopologyToStorageClass(cs, test.Class, pvZone) + test.Claim = newClaim(test, namespace, suffix) + test.Claim.Spec.StorageClassName = &test.Class.Name if delayBinding { - testsuites.TestBindingWaitForFirstConsumer(test, cs, claim, class) + test.TestBindingWaitForFirstConsumer(nodeSelector, true /* expect unschedulable */) } else { - testsuites.TestDynamicProvisioning(test, cs, claim, class) + test.PvCheck = func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + // Ensure that a pod cannot be scheduled in an unsuitable zone. + pod := testsuites.StartInPodWithVolume(cs, namespace, claim.Name, "pvc-tester-unschedulable", "sleep 100000", + testsuites.NodeSelection{Selector: nodeSelector}) + defer testsuites.StopPod(cs, pod) + framework.ExpectNoError(framework.WaitForPodNameUnschedulableInNamespace(cs, pod.Name, pod.Namespace), "pod should be unschedulable") + } + test.TestDynamicProvisioning() } } -func createCSIDriver(csics csiclient.Interface, name string, attachable bool, podInfoOnMountVersion *string) *csiv1alpha1.CSIDriver { - By("Creating CSIDriver instance") - driver := &csiv1alpha1.CSIDriver{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - Spec: csiv1alpha1.CSIDriverSpec{ - AttachRequired: &attachable, - PodInfoOnMountVersion: podInfoOnMountVersion, - }, +func waitForCSIDriver(csics csiclient.Interface, driverName string) error { + timeout := 2 * time.Minute + + framework.Logf("waiting up to %v for CSIDriver %q", timeout, driverName) + for start := time.Now(); time.Since(start) < timeout; time.Sleep(framework.Poll) { + _, err := csics.CsiV1alpha1().CSIDrivers().Get(driverName, metav1.GetOptions{}) + if !errors.IsNotFound(err) { + return err + } + } + return fmt.Errorf("gave up after waiting %v for CSIDriver %q.", timeout, driverName) +} + +func destroyCSIDriver(csics csiclient.Interface, driverName string) { + driverGet, err := csics.CsiV1alpha1().CSIDrivers().Get(driverName, metav1.GetOptions{}) + if err == nil { + framework.Logf("deleting %s.%s: %s", driverGet.TypeMeta.APIVersion, driverGet.TypeMeta.Kind, driverGet.ObjectMeta.Name) + // Uncomment the following line to get full dump of CSIDriver object + // framework.Logf("%s", framework.PrettyPrint(driverGet)) + csics.CsiV1alpha1().CSIDrivers().Delete(driverName, nil) } - driver, err := csics.CsiV1alpha1().CSIDrivers().Create(driver) - framework.ExpectNoError(err, "Failed to create CSIDriver: %v", err) - return driver } func getVolumeHandle(cs clientset.Interface, claim *v1.PersistentVolumeClaim) string { @@ -500,7 +434,16 @@ func getVolumeHandle(cs clientset.Interface, claim *v1.PersistentVolumeClaim) st return pv.Spec.CSI.VolumeHandle } -func startPausePod(cs clientset.Interface, t testsuites.StorageClassTest, ns string) (*storagev1.StorageClass, *v1.PersistentVolumeClaim, *v1.Pod) { +func deleteVolume(cs clientset.Interface, claim *v1.PersistentVolumeClaim) { + // re-get the claim to the latest state with bound volume + claim, err := cs.CoreV1().PersistentVolumeClaims(claim.Namespace).Get(claim.Name, metav1.GetOptions{}) + if err == nil { + cs.CoreV1().PersistentVolumeClaims(claim.Namespace).Delete(claim.Name, nil) + framework.WaitForPersistentVolumeDeleted(cs, claim.Spec.VolumeName, framework.Poll, 2*time.Minute) + } +} + +func startPausePod(cs clientset.Interface, t testsuites.StorageClassTest, node testsuites.NodeSelection, ns string) (*storagev1.StorageClass, *v1.PersistentVolumeClaim, *v1.Pod) { class := newStorageClass(t, ns, "") class, err := cs.StorageV1().StorageClasses().Create(class) framework.ExpectNoError(err, "Failed to create class : %v", err) @@ -514,6 +457,9 @@ func startPausePod(cs clientset.Interface, t testsuites.StorageClassTest, ns str GenerateName: "pvc-volume-tester-", }, Spec: v1.PodSpec{ + NodeName: node.Name, + NodeSelector: node.Selector, + Affinity: node.Affinity, Containers: []v1.Container{ { Name: "volume-tester", @@ -541,9 +487,6 @@ func startPausePod(cs clientset.Interface, t testsuites.StorageClassTest, ns str }, } - if len(t.NodeName) != 0 { - pod.Spec.NodeName = t.NodeName - } pod, err = cs.CoreV1().Pods(ns).Create(pod) framework.ExpectNoError(err, "Failed to create pod: %v", err) return class, claim, pod diff --git a/test/e2e/storage/drivers/BUILD b/test/e2e/storage/drivers/BUILD index da57c59f188..6e763ddee6d 100644 --- a/test/e2e/storage/drivers/BUILD +++ b/test/e2e/storage/drivers/BUILD @@ -10,12 +10,12 @@ go_library( importpath = "k8s.io/kubernetes/test/e2e/storage/drivers", visibility = ["//visibility:public"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/rbac/v1beta1:go_default_library", "//staging/src/k8s.io/api/storage/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/uuid:go_default_library", diff --git a/test/e2e/storage/drivers/csi.go b/test/e2e/storage/drivers/csi.go index 6551854e643..5afdd770db4 100644 --- a/test/e2e/storage/drivers/csi.go +++ b/test/e2e/storage/drivers/csi.go @@ -41,6 +41,7 @@ import ( . "github.com/onsi/ginkgo" storagev1 "k8s.io/api/storage/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/testpatterns" @@ -55,12 +56,11 @@ const ( // hostpathCSI type hostpathCSIDriver struct { - cleanup func() driverInfo testsuites.DriverInfo manifests []string } -func initHostPathCSIDriver(name string, config testsuites.TestConfig, manifests ...string) testsuites.TestDriver { +func initHostPathCSIDriver(name string, capabilities map[testsuites.Capability]bool, manifests ...string) testsuites.TestDriver { return &hostpathCSIDriver{ driverInfo: testsuites.DriverInfo{ Name: name, @@ -69,11 +69,7 @@ func initHostPathCSIDriver(name string, config testsuites.TestConfig, manifests SupportedFsType: sets.NewString( "", // Default fsType ), - Capabilities: map[testsuites.Capability]bool{ - testsuites.CapPersistence: true, - }, - - Config: config, + Capabilities: capabilities, }, manifests: manifests, } @@ -81,15 +77,19 @@ func initHostPathCSIDriver(name string, config testsuites.TestConfig, manifests var _ testsuites.TestDriver = &hostpathCSIDriver{} var _ testsuites.DynamicPVTestDriver = &hostpathCSIDriver{} +var _ testsuites.SnapshottableTestDriver = &hostpathCSIDriver{} // InitHostPathCSIDriver returns hostpathCSIDriver that implements TestDriver interface -func InitHostPathCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { - return initHostPathCSIDriver("csi-hostpath", config, +func InitHostPathCSIDriver() testsuites.TestDriver { + return initHostPathCSIDriver("csi-hostpath", + map[testsuites.Capability]bool{testsuites.CapPersistence: true, testsuites.CapDataSource: true, testsuites.CapMultiPODs: true}, "test/e2e/testing-manifests/storage-csi/driver-registrar/rbac.yaml", "test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml", "test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml", + "test/e2e/testing-manifests/storage-csi/external-snapshotter/rbac.yaml", "test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-attacher.yaml", "test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-provisioner.yaml", + "test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-snapshotter.yaml", "test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpathplugin.yaml", "test/e2e/testing-manifests/storage-csi/hostpath/hostpath/e2e-test-rbac.yaml", ) @@ -102,67 +102,100 @@ func (h *hostpathCSIDriver) GetDriverInfo() *testsuites.DriverInfo { func (h *hostpathCSIDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (h *hostpathCSIDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { - provisioner := testsuites.GetUniqueDriverName(h) +func (h *hostpathCSIDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { + provisioner := config.GetUniqueDriverName() parameters := map[string]string{} - ns := h.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", provisioner) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) } +func (h *hostpathCSIDriver) GetSnapshotClass(config *testsuites.PerTestConfig) *unstructured.Unstructured { + snapshotter := config.GetUniqueDriverName() + parameters := map[string]string{} + ns := config.Framework.Namespace.Name + suffix := fmt.Sprintf("%s-vsc", snapshotter) + + return testsuites.GetSnapshotClass(snapshotter, parameters, ns, suffix) +} + func (h *hostpathCSIDriver) GetClaimSize() string { return "5Gi" } -func (h *hostpathCSIDriver) CreateDriver() { +func (h *hostpathCSIDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { By(fmt.Sprintf("deploying %s driver", h.driverInfo.Name)) - f := h.driverInfo.Config.Framework + cancelLogging := testsuites.StartPodLogs(f) cs := f.ClientSet // The hostpath CSI driver only works when everything runs on the same node. nodes := framework.GetReadySchedulableNodesOrDie(cs) nodeName := nodes.Items[rand.Intn(len(nodes.Items))].Name - h.driverInfo.Config.ClientNodeName = nodeName + config := &testsuites.PerTestConfig{ + Driver: h, + Prefix: "hostpath", + Framework: f, + ClientNodeName: nodeName, + } // TODO (?): the storage.csi.image.version and storage.csi.image.registry // settings are ignored for this test. We could patch the image definitions. o := utils.PatchCSIOptions{ OldDriverName: h.driverInfo.Name, - NewDriverName: testsuites.GetUniqueDriverName(h), + NewDriverName: config.GetUniqueDriverName(), DriverContainerName: "hostpath", - DriverContainerArguments: []string{"--drivername=csi-hostpath-" + f.UniqueName}, + DriverContainerArguments: []string{"--drivername=" + config.GetUniqueDriverName()}, ProvisionerContainerName: "csi-provisioner", + SnapshotterContainerName: "csi-snapshotter", NodeName: nodeName, } - cleanup, err := h.driverInfo.Config.Framework.CreateFromManifests(func(item interface{}) error { - return utils.PatchCSIDeployment(h.driverInfo.Config.Framework, o, item) + cleanup, err := config.Framework.CreateFromManifests(func(item interface{}) error { + return utils.PatchCSIDeployment(config.Framework, o, item) }, h.manifests...) - h.cleanup = cleanup if err != nil { framework.Failf("deploying %s driver: %v", h.driverInfo.Name, err) } -} -func (h *hostpathCSIDriver) CleanupDriver() { - if h.cleanup != nil { + return config, func() { By(fmt.Sprintf("uninstalling %s driver", h.driverInfo.Name)) - h.cleanup() + cleanup() + cancelLogging() } } // mockCSI type mockCSIDriver struct { - cleanup func() - driverInfo testsuites.DriverInfo + driverInfo testsuites.DriverInfo + manifests []string + podInfoVersion *string + attachable bool } var _ testsuites.TestDriver = &mockCSIDriver{} var _ testsuites.DynamicPVTestDriver = &mockCSIDriver{} // InitMockCSIDriver returns a mockCSIDriver that implements TestDriver interface -func InitMockCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitMockCSIDriver(registerDriver, driverAttachable bool, podInfoVersion *string) testsuites.TestDriver { + driverManifests := []string{ + "test/e2e/testing-manifests/storage-csi/cluster-driver-registrar/rbac.yaml", + "test/e2e/testing-manifests/storage-csi/driver-registrar/rbac.yaml", + "test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml", + "test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml", + "test/e2e/testing-manifests/storage-csi/mock/csi-mock-rbac.yaml", + "test/e2e/testing-manifests/storage-csi/mock/csi-storageclass.yaml", + "test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml", + } + + if registerDriver { + driverManifests = append(driverManifests, "test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml") + } + + if driverAttachable { + driverManifests = append(driverManifests, "test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml") + } + return &mockCSIDriver{ driverInfo: testsuites.DriverInfo{ Name: "csi-mock", @@ -176,8 +209,10 @@ func InitMockCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapFsGroup: false, testsuites.CapExec: false, }, - Config: config, }, + manifests: driverManifests, + podInfoVersion: podInfoVersion, + attachable: driverAttachable, } } @@ -188,10 +223,10 @@ func (m *mockCSIDriver) GetDriverInfo() *testsuites.DriverInfo { func (m *mockCSIDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (m *mockCSIDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { - provisioner := testsuites.GetUniqueDriverName(m) +func (m *mockCSIDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { + provisioner := config.GetUniqueDriverName() parameters := map[string]string{} - ns := m.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", provisioner) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) @@ -201,52 +236,57 @@ func (m *mockCSIDriver) GetClaimSize() string { return "5Gi" } -func (m *mockCSIDriver) CreateDriver() { +func (m *mockCSIDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { By("deploying csi mock driver") - f := m.driverInfo.Config.Framework + cancelLogging := testsuites.StartPodLogs(f) cs := f.ClientSet // pods should be scheduled on the node nodes := framework.GetReadySchedulableNodesOrDie(cs) node := nodes.Items[rand.Intn(len(nodes.Items))] - m.driverInfo.Config.ClientNodeName = node.Name + config := &testsuites.PerTestConfig{ + Driver: m, + Prefix: "mock", + Framework: f, + ClientNodeName: node.Name, + } + + containerArgs := []string{"--name=csi-mock-" + f.UniqueName} + if !m.attachable { + containerArgs = append(containerArgs, "--disable-attach") + } // TODO (?): the storage.csi.image.version and storage.csi.image.registry // settings are ignored for this test. We could patch the image definitions. o := utils.PatchCSIOptions{ - OldDriverName: "csi-mock", - NewDriverName: "csi-mock-" + f.UniqueName, - DriverContainerName: "mock", - DriverContainerArguments: []string{"--name=csi-mock-" + f.UniqueName}, - ProvisionerContainerName: "csi-provisioner", - NodeName: m.driverInfo.Config.ClientNodeName, + OldDriverName: "csi-mock", + NewDriverName: "csi-mock-" + f.UniqueName, + DriverContainerName: "mock", + DriverContainerArguments: containerArgs, + ProvisionerContainerName: "csi-provisioner", + ClusterRegistrarContainerName: "csi-cluster-driver-registrar", + NodeName: config.ClientNodeName, + PodInfoVersion: m.podInfoVersion, } cleanup, err := f.CreateFromManifests(func(item interface{}) error { return utils.PatchCSIDeployment(f, o, item) }, - "test/e2e/testing-manifests/storage-csi/driver-registrar/rbac.yaml", - "test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml", - "test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml", - "test/e2e/testing-manifests/storage-csi/mock/csi-mock-rbac.yaml", - "test/e2e/testing-manifests/storage-csi/mock/csi-storageclass.yaml", - "test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml", - ) - m.cleanup = cleanup + m.manifests...) if err != nil { framework.Failf("deploying csi mock driver: %v", err) } -} -func (m *mockCSIDriver) CleanupDriver() { - if m.cleanup != nil { + return config, func() { By("uninstalling csi mock driver") - m.cleanup() + cleanup() + cancelLogging() } } // InitHostPathV0CSIDriver returns a variant of hostpathCSIDriver with different manifests. -func InitHostPathV0CSIDriver(config testsuites.TestConfig) testsuites.TestDriver { - return initHostPathCSIDriver("csi-hostpath-v0", config, +func InitHostPathV0CSIDriver() testsuites.TestDriver { + return initHostPathCSIDriver("csi-hostpath-v0", + map[testsuites.Capability]bool{testsuites.CapPersistence: true, testsuites.CapMultiPODs: true}, "test/e2e/testing-manifests/storage-csi/driver-registrar/rbac.yaml", "test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml", "test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml", @@ -259,16 +299,17 @@ func InitHostPathV0CSIDriver(config testsuites.TestConfig) testsuites.TestDriver // gce-pd type gcePDCSIDriver struct { - cleanup func() - driverInfo testsuites.DriverInfo + topologyEnabled bool + driverInfo testsuites.DriverInfo } var _ testsuites.TestDriver = &gcePDCSIDriver{} var _ testsuites.DynamicPVTestDriver = &gcePDCSIDriver{} // InitGcePDCSIDriver returns gcePDCSIDriver that implements TestDriver interface -func InitGcePDCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitGcePDCSIDriver(topologyEnabled bool) testsuites.TestDriver { return &gcePDCSIDriver{ + topologyEnabled: topologyEnabled, driverInfo: testsuites.DriverInfo{ Name: GCEPDCSIProvisionerName, FeatureTag: "[Serial]", @@ -284,9 +325,8 @@ func InitGcePDCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapPersistence: true, testsuites.CapFsGroup: true, testsuites.CapExec: true, + testsuites.CapMultiPODs: true, }, - - Config: config, }, } } @@ -296,21 +336,14 @@ func (g *gcePDCSIDriver) GetDriverInfo() *testsuites.DriverInfo { } func (g *gcePDCSIDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { - f := g.driverInfo.Config.Framework framework.SkipUnlessProviderIs("gce", "gke") - if !g.driverInfo.Config.TopologyEnabled { - // Topology is disabled in external-provisioner, so in a multizone cluster, a pod could be - // scheduled in a different zone from the provisioned volume, causing basic provisioning - // tests to fail. - framework.SkipIfMultizone(f.ClientSet) - } if pattern.FsType == "xfs" { framework.SkipUnlessNodeOSDistroIs("ubuntu", "custom") } } -func (g *gcePDCSIDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { - ns := g.driverInfo.Config.Framework.Namespace.Name +func (g *gcePDCSIDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { + ns := config.Framework.Namespace.Name provisioner := g.driverInfo.Name suffix := fmt.Sprintf("%s-sc", g.driverInfo.Name) @@ -326,8 +359,16 @@ func (g *gcePDCSIDriver) GetClaimSize() string { return "5Gi" } -func (g *gcePDCSIDriver) CreateDriver() { +func (g *gcePDCSIDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + if !g.topologyEnabled { + // Topology is disabled in external-provisioner, so in a multizone cluster, a pod could be + // scheduled in a different zone from the provisioned volume, causing basic provisioning + // tests to fail. + framework.SkipIfMultizone(f.ClientSet) + } + By("deploying csi gce-pd driver") + cancelLogging := testsuites.StartPodLogs(f) // It would be safer to rename the gcePD driver, but that // hasn't been done before either and attempts to do so now led to // errors during driver registration, therefore it is disabled @@ -340,7 +381,7 @@ func (g *gcePDCSIDriver) CreateDriver() { // DriverContainerName: "gce-driver", // ProvisionerContainerName: "csi-external-provisioner", // } - createGCESecrets(g.driverInfo.Config.Framework.ClientSet, g.driverInfo.Config.Framework.Namespace.Name) + createGCESecrets(f.ClientSet, f.Namespace.Name) manifests := []string{ "test/e2e/testing-manifests/storage-csi/driver-registrar/rbac.yaml", @@ -350,23 +391,25 @@ func (g *gcePDCSIDriver) CreateDriver() { "test/e2e/testing-manifests/storage-csi/gce-pd/node_ds.yaml", } - if g.driverInfo.Config.TopologyEnabled { + if g.topologyEnabled { manifests = append(manifests, "test/e2e/testing-manifests/storage-csi/gce-pd/controller_ss_alpha.yaml") } else { manifests = append(manifests, "test/e2e/testing-manifests/storage-csi/gce-pd/controller_ss.yaml") } - cleanup, err := g.driverInfo.Config.Framework.CreateFromManifests(nil, manifests...) - g.cleanup = cleanup + cleanup, err := f.CreateFromManifests(nil, manifests...) if err != nil { framework.Failf("deploying csi gce-pd driver: %v", err) } -} -func (g *gcePDCSIDriver) CleanupDriver() { - By("uninstalling gce-pd driver") - if g.cleanup != nil { - g.cleanup() - } + return &testsuites.PerTestConfig{ + Driver: g, + Prefix: "gcepd", + Framework: f, + }, func() { + By("uninstalling gce-pd driver") + cleanup() + cancelLogging() + } } // gcePd-external @@ -378,7 +421,7 @@ var _ testsuites.TestDriver = &gcePDExternalCSIDriver{} var _ testsuites.DynamicPVTestDriver = &gcePDExternalCSIDriver{} // InitGcePDExternalCSIDriver returns gcePDExternalCSIDriver that implements TestDriver interface -func InitGcePDExternalCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitGcePDExternalCSIDriver() testsuites.TestDriver { return &gcePDExternalCSIDriver{ driverInfo: testsuites.DriverInfo{ Name: GCEPDCSIProvisionerName, @@ -396,9 +439,8 @@ func InitGcePDExternalCSIDriver(config testsuites.TestConfig) testsuites.TestDri testsuites.CapPersistence: true, testsuites.CapFsGroup: true, testsuites.CapExec: true, + testsuites.CapMultiPODs: true, }, - - Config: config, }, } } @@ -409,14 +451,13 @@ func (g *gcePDExternalCSIDriver) GetDriverInfo() *testsuites.DriverInfo { func (g *gcePDExternalCSIDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { framework.SkipUnlessProviderIs("gce", "gke") - framework.SkipIfMultizone(g.driverInfo.Config.Framework.ClientSet) if pattern.FsType == "xfs" { framework.SkipUnlessNodeOSDistroIs("ubuntu", "custom") } } -func (g *gcePDExternalCSIDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { - ns := g.driverInfo.Config.Framework.Namespace.Name +func (g *gcePDExternalCSIDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { + ns := config.Framework.Namespace.Name provisioner := g.driverInfo.Name suffix := fmt.Sprintf("%s-sc", g.driverInfo.Name) @@ -432,8 +473,12 @@ func (g *gcePDExternalCSIDriver) GetClaimSize() string { return "5Gi" } -func (g *gcePDExternalCSIDriver) CreateDriver() { -} +func (g *gcePDExternalCSIDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + framework.SkipIfMultizone(f.ClientSet) -func (g *gcePDExternalCSIDriver) CleanupDriver() { + return &testsuites.PerTestConfig{ + Driver: g, + Prefix: "gcepdext", + Framework: f, + }, func() {} } diff --git a/test/e2e/storage/drivers/in_tree.go b/test/e2e/storage/drivers/in_tree.go index 908516da6e5..1be2ef18088 100644 --- a/test/e2e/storage/drivers/in_tree.go +++ b/test/e2e/storage/drivers/in_tree.go @@ -39,6 +39,7 @@ import ( "fmt" "math/rand" "os/exec" + "strconv" "strings" "time" @@ -52,7 +53,6 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apiserver/pkg/authentication/serviceaccount" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/testpatterns" "k8s.io/kubernetes/test/e2e/storage/testsuites" @@ -69,9 +69,10 @@ type nfsDriver struct { driverInfo testsuites.DriverInfo } -type nfsTestResource struct { +type nfsVolume struct { serverIP string serverPod *v1.Pod + f *framework.Framework } var _ testsuites.TestDriver = &nfsDriver{} @@ -81,7 +82,7 @@ var _ testsuites.PreprovisionedPVTestDriver = &nfsDriver{} var _ testsuites.DynamicPVTestDriver = &nfsDriver{} // InitNFSDriver returns nfsDriver that implements TestDriver interface -func InitNFSDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitNFSDriver() testsuites.TestDriver { return &nfsDriver{ driverInfo: testsuites.DriverInfo{ Name: "nfs", @@ -95,8 +96,6 @@ func InitNFSDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapPersistence: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -108,34 +107,34 @@ func (n *nfsDriver) GetDriverInfo() *testsuites.DriverInfo { func (n *nfsDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (n *nfsDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - ntr, ok := testResource.(*nfsTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to NFS Test Resource") +func (n *nfsDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + nv, ok := volume.(*nfsVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to NFS test volume") return &v1.VolumeSource{ NFS: &v1.NFSVolumeSource{ - Server: ntr.serverIP, + Server: nv.serverIP, Path: "/", ReadOnly: readOnly, }, } } -func (n *nfsDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - ntr, ok := testResource.(*nfsTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to NFS Test Resource") +func (n *nfsDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + nv, ok := volume.(*nfsVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to NFS test volume") return &v1.PersistentVolumeSource{ NFS: &v1.NFSVolumeSource{ - Server: ntr.serverIP, + Server: nv.serverIP, Path: "/", ReadOnly: readOnly, }, - } + }, nil } -func (n *nfsDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { +func (n *nfsDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { provisioner := n.externalPluginName parameters := map[string]string{"mountOptions": "vers=4.1"} - ns := n.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", n.driverInfo.Name) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) @@ -145,8 +144,7 @@ func (n *nfsDriver) GetClaimSize() string { return "5Gi" } -func (n *nfsDriver) CreateDriver() { - f := n.driverInfo.Config.Framework +func (n *nfsDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { cs := f.ClientSet ns := f.Namespace n.externalPluginName = fmt.Sprintf("example.com/nfs-%s", ns.Name) @@ -163,35 +161,36 @@ func (n *nfsDriver) CreateDriver() { By("creating an external dynamic provisioner pod") n.externalProvisionerPod = utils.StartExternalProvisioner(cs, ns.Name, n.externalPluginName) + + return &testsuites.PerTestConfig{ + Driver: n, + Prefix: "nfs", + Framework: f, + }, func() { + framework.ExpectNoError(framework.DeletePodWithWait(f, cs, n.externalProvisionerPod)) + clusterRoleBindingName := ns.Name + "--" + "cluster-admin" + cs.RbacV1beta1().ClusterRoleBindings().Delete(clusterRoleBindingName, metav1.NewDeleteOptions(0)) + } } -func (n *nfsDriver) CleanupDriver() { - f := n.driverInfo.Config.Framework - cs := f.ClientSet - ns := f.Namespace - - framework.ExpectNoError(framework.DeletePodWithWait(f, cs, n.externalProvisionerPod)) - clusterRoleBindingName := ns.Name + "--" + "cluster-admin" - cs.RbacV1beta1().ClusterRoleBindings().Delete(clusterRoleBindingName, metav1.NewDeleteOptions(0)) -} - -func (n *nfsDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := n.driverInfo.Config.Framework +func (n *nfsDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework cs := f.ClientSet ns := f.Namespace // NewNFSServer creates a pod for InlineVolume and PreprovisionedPV, // and startExternalProvisioner creates a pods for DynamicPV. - // Therefore, we need a different CreateDriver logic for volType. + // Therefore, we need a different PrepareTest logic for volType. switch volType { case testpatterns.InlineVolume: fallthrough case testpatterns.PreprovisionedPV: - config, serverPod, serverIP := framework.NewNFSServer(cs, ns.Name, []string{}) - n.driverInfo.Config.ServerConfig = &config - return &nfsTestResource{ + c, serverPod, serverIP := framework.NewNFSServer(cs, ns.Name, []string{}) + config.ServerConfig = &c + return &nfsVolume{ serverIP: serverIP, serverPod: serverPod, + f: f, } case testpatterns.DynamicPV: // Do nothing @@ -201,22 +200,8 @@ func (n *nfsDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { return nil } -func (n *nfsDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - f := n.driverInfo.Config.Framework - - ntr, ok := testResource.(*nfsTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to NFS Test Resource") - - switch volType { - case testpatterns.InlineVolume: - fallthrough - case testpatterns.PreprovisionedPV: - framework.CleanUpVolumeServer(f, ntr.serverPod) - case testpatterns.DynamicPV: - // Do nothing - default: - framework.Failf("Unsupported volType:%v is specified", volType) - } +func (v *nfsVolume) DeleteVolume() { + framework.CleanUpVolumeServer(v.f, v.serverPod) } // Gluster @@ -224,9 +209,10 @@ type glusterFSDriver struct { driverInfo testsuites.DriverInfo } -type glusterTestResource struct { +type glusterVolume struct { prefix string serverPod *v1.Pod + f *framework.Framework } var _ testsuites.TestDriver = &glusterFSDriver{} @@ -235,7 +221,7 @@ var _ testsuites.InlineVolumeTestDriver = &glusterFSDriver{} var _ testsuites.PreprovisionedPVTestDriver = &glusterFSDriver{} // InitGlusterFSDriver returns glusterFSDriver that implements TestDriver interface -func InitGlusterFSDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitGlusterFSDriver() testsuites.TestDriver { return &glusterFSDriver{ driverInfo: testsuites.DriverInfo{ Name: "gluster", @@ -247,8 +233,6 @@ func InitGlusterFSDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapPersistence: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -261,11 +245,11 @@ func (g *glusterFSDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) framework.SkipUnlessNodeOSDistroIs("gci", "ubuntu", "custom") } -func (g *glusterFSDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - gtr, ok := testResource.(*glusterTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Gluster Test Resource") +func (g *glusterFSDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + gv, ok := volume.(*glusterVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Gluster test volume") - name := gtr.prefix + "-server" + name := gv.prefix + "-server" return &v1.VolumeSource{ Glusterfs: &v1.GlusterfsVolumeSource{ EndpointsName: name, @@ -276,11 +260,11 @@ func (g *glusterFSDriver) GetVolumeSource(readOnly bool, fsType string, testReso } } -func (g *glusterFSDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - gtr, ok := testResource.(*glusterTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Gluster Test Resource") +func (g *glusterFSDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + gv, ok := volume.(*glusterVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Gluster test volume") - name := gtr.prefix + "-server" + name := gv.prefix + "-server" return &v1.PersistentVolumeSource{ Glusterfs: &v1.GlusterfsPersistentVolumeSource{ EndpointsName: name, @@ -288,37 +272,37 @@ func (g *glusterFSDriver) GetPersistentVolumeSource(readOnly bool, fsType string Path: "test_vol", ReadOnly: readOnly, }, - } + }, nil } -func (g *glusterFSDriver) CreateDriver() { +func (g *glusterFSDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: g, + Prefix: "gluster", + Framework: f, + }, func() {} } -func (g *glusterFSDriver) CleanupDriver() { -} - -func (g *glusterFSDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := g.driverInfo.Config.Framework +func (g *glusterFSDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework cs := f.ClientSet ns := f.Namespace - config, serverPod, _ := framework.NewGlusterfsServer(cs, ns.Name) - g.driverInfo.Config.ServerConfig = &config - return &glusterTestResource{ + c, serverPod, _ := framework.NewGlusterfsServer(cs, ns.Name) + config.ServerConfig = &c + return &glusterVolume{ prefix: config.Prefix, serverPod: serverPod, + f: f, } } -func (g *glusterFSDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - f := g.driverInfo.Config.Framework +func (v *glusterVolume) DeleteVolume() { + f := v.f cs := f.ClientSet ns := f.Namespace - gtr, ok := testResource.(*glusterTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Gluster Test Resource") - - name := gtr.prefix + "-server" + name := v.prefix + "-server" framework.Logf("Deleting Gluster endpoints %q...", name) err := cs.CoreV1().Endpoints(ns.Name).Delete(name, nil) @@ -328,8 +312,8 @@ func (g *glusterFSDriver) DeleteVolume(volType testpatterns.TestVolType, testRes } framework.Logf("Gluster endpoints %q not found, assuming deleted", name) } - framework.Logf("Deleting Gluster server pod %q...", gtr.serverPod.Name) - err = framework.DeletePodWithWait(f, cs, gtr.serverPod) + framework.Logf("Deleting Gluster server pod %q...", v.serverPod.Name) + err = framework.DeletePodWithWait(f, cs, v.serverPod) if err != nil { framework.Failf("Gluster server pod delete failed: %v", err) } @@ -340,9 +324,10 @@ func (g *glusterFSDriver) DeleteVolume(volType testpatterns.TestVolType, testRes type iSCSIDriver struct { driverInfo testsuites.DriverInfo } -type iSCSITestResource struct { +type iSCSIVolume struct { serverPod *v1.Pod serverIP string + f *framework.Framework } var _ testsuites.TestDriver = &iSCSIDriver{} @@ -351,7 +336,7 @@ var _ testsuites.InlineVolumeTestDriver = &iSCSIDriver{} var _ testsuites.PreprovisionedPVTestDriver = &iSCSIDriver{} // InitISCSIDriver returns iSCSIDriver that implements TestDriver interface -func InitISCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitISCSIDriver() testsuites.TestDriver { return &iSCSIDriver{ driverInfo: testsuites.DriverInfo{ Name: "iscsi", @@ -370,8 +355,6 @@ func InitISCSIDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapBlock: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -383,13 +366,13 @@ func (i *iSCSIDriver) GetDriverInfo() *testsuites.DriverInfo { func (i *iSCSIDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (i *iSCSIDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - itr, ok := testResource.(*iSCSITestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to iSCSI Test Resource") +func (i *iSCSIDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + iv, ok := volume.(*iSCSIVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to iSCSI test volume") volSource := v1.VolumeSource{ ISCSI: &v1.ISCSIVolumeSource{ - TargetPortal: itr.serverIP + ":3260", + TargetPortal: iv.serverIP + ":3260", // from test/images/volume/iscsi/initiatorname.iscsi IQN: "iqn.2003-01.org.linux-iscsi.f21.x8664:sn.4b0aae584f7c", Lun: 0, @@ -402,13 +385,13 @@ func (i *iSCSIDriver) GetVolumeSource(readOnly bool, fsType string, testResource return &volSource } -func (i *iSCSIDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - itr, ok := testResource.(*iSCSITestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to iSCSI Test Resource") +func (i *iSCSIDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + iv, ok := volume.(*iSCSIVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to iSCSI test volume") pvSource := v1.PersistentVolumeSource{ ISCSI: &v1.ISCSIPersistentVolumeSource{ - TargetPortal: itr.serverIP + ":3260", + TargetPortal: iv.serverIP + ":3260", IQN: "iqn.2003-01.org.linux-iscsi.f21.x8664:sn.4b0aae584f7c", Lun: 0, ReadOnly: readOnly, @@ -417,35 +400,33 @@ func (i *iSCSIDriver) GetPersistentVolumeSource(readOnly bool, fsType string, te if fsType != "" { pvSource.ISCSI.FSType = fsType } - return &pvSource + return &pvSource, nil } -func (i *iSCSIDriver) CreateDriver() { +func (i *iSCSIDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: i, + Prefix: "iscsi", + Framework: f, + }, func() {} } -func (i *iSCSIDriver) CleanupDriver() { -} - -func (i *iSCSIDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := i.driverInfo.Config.Framework +func (i *iSCSIDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework cs := f.ClientSet ns := f.Namespace - config, serverPod, serverIP := framework.NewISCSIServer(cs, ns.Name) - i.driverInfo.Config.ServerConfig = &config - return &iSCSITestResource{ + c, serverPod, serverIP := framework.NewISCSIServer(cs, ns.Name) + config.ServerConfig = &c + return &iSCSIVolume{ serverPod: serverPod, serverIP: serverIP, + f: f, } } -func (i *iSCSIDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - f := i.driverInfo.Config.Framework - - itr, ok := testResource.(*iSCSITestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to iSCSI Test Resource") - - framework.CleanUpVolumeServer(f, itr.serverPod) +func (v *iSCSIVolume) DeleteVolume() { + framework.CleanUpVolumeServer(v.f, v.serverPod) } // Ceph RBD @@ -453,10 +434,11 @@ type rbdDriver struct { driverInfo testsuites.DriverInfo } -type rbdTestResource struct { +type rbdVolume struct { serverPod *v1.Pod serverIP string secret *v1.Secret + f *framework.Framework } var _ testsuites.TestDriver = &rbdDriver{} @@ -465,7 +447,7 @@ var _ testsuites.InlineVolumeTestDriver = &rbdDriver{} var _ testsuites.PreprovisionedPVTestDriver = &rbdDriver{} // InitRbdDriver returns rbdDriver that implements TestDriver interface -func InitRbdDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitRbdDriver() testsuites.TestDriver { return &rbdDriver{ driverInfo: testsuites.DriverInfo{ Name: "rbd", @@ -484,8 +466,6 @@ func InitRbdDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapBlock: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -497,18 +477,18 @@ func (r *rbdDriver) GetDriverInfo() *testsuites.DriverInfo { func (r *rbdDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (r *rbdDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - rtr, ok := testResource.(*rbdTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to RBD Test Resource") +func (r *rbdDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + rv, ok := volume.(*rbdVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to RBD test volume") volSource := v1.VolumeSource{ RBD: &v1.RBDVolumeSource{ - CephMonitors: []string{rtr.serverIP}, + CephMonitors: []string{rv.serverIP}, RBDPool: "rbd", RBDImage: "foo", RadosUser: "admin", SecretRef: &v1.LocalObjectReference{ - Name: rtr.secret.Name, + Name: rv.secret.Name, }, ReadOnly: readOnly, }, @@ -519,21 +499,21 @@ func (r *rbdDriver) GetVolumeSource(readOnly bool, fsType string, testResource i return &volSource } -func (r *rbdDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - f := r.driverInfo.Config.Framework - ns := f.Namespace +func (r *rbdDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + rv, ok := volume.(*rbdVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to RBD test volume") - rtr, ok := testResource.(*rbdTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to RBD Test Resource") + f := rv.f + ns := f.Namespace pvSource := v1.PersistentVolumeSource{ RBD: &v1.RBDPersistentVolumeSource{ - CephMonitors: []string{rtr.serverIP}, + CephMonitors: []string{rv.serverIP}, RBDPool: "rbd", RBDImage: "foo", RadosUser: "admin", SecretRef: &v1.SecretReference{ - Name: rtr.secret.Name, + Name: rv.secret.Name, Namespace: ns.Name, }, ReadOnly: readOnly, @@ -542,36 +522,34 @@ func (r *rbdDriver) GetPersistentVolumeSource(readOnly bool, fsType string, test if fsType != "" { pvSource.RBD.FSType = fsType } - return &pvSource + return &pvSource, nil } -func (r *rbdDriver) CreateDriver() { +func (r *rbdDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: r, + Prefix: "rbd", + Framework: f, + }, func() {} } -func (r *rbdDriver) CleanupDriver() { -} - -func (r *rbdDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := r.driverInfo.Config.Framework +func (r *rbdDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework cs := f.ClientSet ns := f.Namespace - config, serverPod, secret, serverIP := framework.NewRBDServer(cs, ns.Name) - r.driverInfo.Config.ServerConfig = &config - return &rbdTestResource{ + c, serverPod, secret, serverIP := framework.NewRBDServer(cs, ns.Name) + config.ServerConfig = &c + return &rbdVolume{ serverPod: serverPod, serverIP: serverIP, secret: secret, + f: f, } } -func (r *rbdDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - f := r.driverInfo.Config.Framework - - rtr, ok := testResource.(*rbdTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to RBD Test Resource") - - framework.CleanUpVolumeServerWithSecret(f, rtr.serverPod, rtr.secret) +func (v *rbdVolume) DeleteVolume() { + framework.CleanUpVolumeServerWithSecret(v.f, v.serverPod, v.secret) } // Ceph @@ -583,10 +561,11 @@ type cephFSDriver struct { driverInfo testsuites.DriverInfo } -type cephTestResource struct { +type cephVolume struct { serverPod *v1.Pod serverIP string secret *v1.Secret + f *framework.Framework } var _ testsuites.TestDriver = &cephFSDriver{} @@ -595,7 +574,7 @@ var _ testsuites.InlineVolumeTestDriver = &cephFSDriver{} var _ testsuites.PreprovisionedPVTestDriver = &cephFSDriver{} // InitCephFSDriver returns cephFSDriver that implements TestDriver interface -func InitCephFSDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitCephFSDriver() testsuites.TestDriver { return &cephFSDriver{ driverInfo: testsuites.DriverInfo{ Name: "ceph", @@ -608,8 +587,6 @@ func InitCephFSDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapPersistence: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -621,69 +598,66 @@ func (c *cephFSDriver) GetDriverInfo() *testsuites.DriverInfo { func (c *cephFSDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (c *cephFSDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - ctr, ok := testResource.(*cephTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Ceph Test Resource") +func (c *cephFSDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + cv, ok := volume.(*cephVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Ceph test volume") return &v1.VolumeSource{ CephFS: &v1.CephFSVolumeSource{ - Monitors: []string{ctr.serverIP + ":6789"}, + Monitors: []string{cv.serverIP + ":6789"}, User: "kube", SecretRef: &v1.LocalObjectReference{ - Name: ctr.secret.Name, + Name: cv.secret.Name, }, ReadOnly: readOnly, }, } } -func (c *cephFSDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - f := c.driverInfo.Config.Framework - ns := f.Namespace +func (c *cephFSDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + cv, ok := volume.(*cephVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Ceph test volume") - ctr, ok := testResource.(*cephTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Ceph Test Resource") + ns := cv.f.Namespace return &v1.PersistentVolumeSource{ CephFS: &v1.CephFSPersistentVolumeSource{ - Monitors: []string{ctr.serverIP + ":6789"}, + Monitors: []string{cv.serverIP + ":6789"}, User: "kube", SecretRef: &v1.SecretReference{ - Name: ctr.secret.Name, + Name: cv.secret.Name, Namespace: ns.Name, }, ReadOnly: readOnly, }, - } + }, nil } -func (c *cephFSDriver) CreateDriver() { +func (c *cephFSDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: c, + Prefix: "cephfs", + Framework: f, + }, func() {} } -func (c *cephFSDriver) CleanupDriver() { -} - -func (c *cephFSDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := c.driverInfo.Config.Framework +func (c *cephFSDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework cs := f.ClientSet ns := f.Namespace - config, serverPod, secret, serverIP := framework.NewRBDServer(cs, ns.Name) - c.driverInfo.Config.ServerConfig = &config - return &cephTestResource{ + cfg, serverPod, secret, serverIP := framework.NewRBDServer(cs, ns.Name) + config.ServerConfig = &cfg + return &cephVolume{ serverPod: serverPod, serverIP: serverIP, secret: secret, + f: f, } } -func (c *cephFSDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - f := c.driverInfo.Config.Framework - - ctr, ok := testResource.(*cephTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Ceph Test Resource") - - framework.CleanUpVolumeServerWithSecret(f, ctr.serverPod, ctr.secret) +func (v *cephVolume) DeleteVolume() { + framework.CleanUpVolumeServerWithSecret(v.f, v.serverPod, v.secret) } // Hostpath @@ -698,7 +672,7 @@ var _ testsuites.PreprovisionedVolumeTestDriver = &hostPathDriver{} var _ testsuites.InlineVolumeTestDriver = &hostPathDriver{} // InitHostPathDriver returns hostPathDriver that implements TestDriver interface -func InitHostPathDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitHostPathDriver() testsuites.TestDriver { return &hostPathDriver{ driverInfo: testsuites.DriverInfo{ Name: "hostPath", @@ -709,8 +683,6 @@ func InitHostPathDriver(config testsuites.TestConfig) testsuites.TestDriver { Capabilities: map[testsuites.Capability]bool{ testsuites.CapPersistence: true, }, - - Config: config, }, } } @@ -722,7 +694,7 @@ func (h *hostPathDriver) GetDriverInfo() *testsuites.DriverInfo { func (h *hostPathDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (h *hostPathDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { +func (h *hostPathDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { // hostPath doesn't support readOnly volume if readOnly { return nil @@ -734,26 +706,25 @@ func (h *hostPathDriver) GetVolumeSource(readOnly bool, fsType string, testResou } } -func (h *hostPathDriver) CreateDriver() { +func (h *hostPathDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: h, + Prefix: "hostpath", + Framework: f, + }, func() {} } -func (h *hostPathDriver) CleanupDriver() { -} - -func (h *hostPathDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := h.driverInfo.Config.Framework +func (h *hostPathDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework cs := f.ClientSet // pods should be scheduled on the node nodes := framework.GetReadySchedulableNodesOrDie(cs) node := nodes.Items[rand.Intn(len(nodes.Items))] - h.driverInfo.Config.ClientNodeName = node.Name + config.ClientNodeName = node.Name return nil } -func (h *hostPathDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { -} - // HostPathSymlink type hostPathSymlinkDriver struct { node v1.Node @@ -761,10 +732,11 @@ type hostPathSymlinkDriver struct { driverInfo testsuites.DriverInfo } -type hostPathSymlinkTestResource struct { +type hostPathSymlinkVolume struct { targetPath string sourcePath string prepPod *v1.Pod + f *framework.Framework } var _ testsuites.TestDriver = &hostPathSymlinkDriver{} @@ -772,7 +744,7 @@ var _ testsuites.PreprovisionedVolumeTestDriver = &hostPathSymlinkDriver{} var _ testsuites.InlineVolumeTestDriver = &hostPathSymlinkDriver{} // InitHostPathSymlinkDriver returns hostPathSymlinkDriver that implements TestDriver interface -func InitHostPathSymlinkDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitHostPathSymlinkDriver() testsuites.TestDriver { return &hostPathSymlinkDriver{ driverInfo: testsuites.DriverInfo{ Name: "hostPathSymlink", @@ -783,8 +755,6 @@ func InitHostPathSymlinkDriver(config testsuites.TestConfig) testsuites.TestDriv Capabilities: map[testsuites.Capability]bool{ testsuites.CapPersistence: true, }, - - Config: config, }, } } @@ -796,9 +766,9 @@ func (h *hostPathSymlinkDriver) GetDriverInfo() *testsuites.DriverInfo { func (h *hostPathSymlinkDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (h *hostPathSymlinkDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - htr, ok := testResource.(*hostPathSymlinkTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Hostpath Symlink Test Resource") +func (h *hostPathSymlinkDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + hv, ok := volume.(*hostPathSymlinkVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Hostpath Symlink test volume") // hostPathSymlink doesn't support readOnly volume if readOnly { @@ -806,19 +776,21 @@ func (h *hostPathSymlinkDriver) GetVolumeSource(readOnly bool, fsType string, te } return &v1.VolumeSource{ HostPath: &v1.HostPathVolumeSource{ - Path: htr.targetPath, + Path: hv.targetPath, }, } } -func (h *hostPathSymlinkDriver) CreateDriver() { +func (h *hostPathSymlinkDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: h, + Prefix: "hostpathsymlink", + Framework: f, + }, func() {} } -func (h *hostPathSymlinkDriver) CleanupDriver() { -} - -func (h *hostPathSymlinkDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := h.driverInfo.Config.Framework +func (h *hostPathSymlinkDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework cs := f.ClientSet sourcePath := fmt.Sprintf("/tmp/%v", f.Namespace.Name) @@ -828,7 +800,7 @@ func (h *hostPathSymlinkDriver) CreateVolume(volType testpatterns.TestVolType) i // pods should be scheduled on the node nodes := framework.GetReadySchedulableNodesOrDie(cs) node := nodes.Items[rand.Intn(len(nodes.Items))] - h.driverInfo.Config.ClientNodeName = node.Name + config.ClientNodeName = node.Name cmd := fmt.Sprintf("mkdir %v -m 777 && ln -s %v %v", sourcePath, sourcePath, targetPath) privileged := true @@ -878,23 +850,21 @@ func (h *hostPathSymlinkDriver) CreateVolume(volType testpatterns.TestVolType) i err = framework.DeletePodWithWait(f, f.ClientSet, pod) Expect(err).ToNot(HaveOccurred(), "while deleting hostPath init pod") - return &hostPathSymlinkTestResource{ + return &hostPathSymlinkVolume{ sourcePath: sourcePath, targetPath: targetPath, prepPod: prepPod, + f: f, } } -func (h *hostPathSymlinkDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - f := h.driverInfo.Config.Framework +func (v *hostPathSymlinkVolume) DeleteVolume() { + f := v.f - htr, ok := testResource.(*hostPathSymlinkTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Hostpath Symlink Test Resource") + cmd := fmt.Sprintf("rm -rf %v&& rm -rf %v", v.targetPath, v.sourcePath) + v.prepPod.Spec.Containers[0].Command = []string{"/bin/sh", "-ec", cmd} - cmd := fmt.Sprintf("rm -rf %v&& rm -rf %v", htr.targetPath, htr.sourcePath) - htr.prepPod.Spec.Containers[0].Command = []string{"/bin/sh", "-ec", cmd} - - pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Create(htr.prepPod) + pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Create(v.prepPod) Expect(err).ToNot(HaveOccurred(), "while creating hostPath teardown pod") err = framework.WaitForPodSuccessInNamespace(f.ClientSet, pod.Name, pod.Namespace) @@ -914,7 +884,7 @@ var _ testsuites.PreprovisionedVolumeTestDriver = &emptydirDriver{} var _ testsuites.InlineVolumeTestDriver = &emptydirDriver{} // InitEmptydirDriver returns emptydirDriver that implements TestDriver interface -func InitEmptydirDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitEmptydirDriver() testsuites.TestDriver { return &emptydirDriver{ driverInfo: testsuites.DriverInfo{ Name: "emptydir", @@ -925,8 +895,6 @@ func InitEmptydirDriver(config testsuites.TestConfig) testsuites.TestDriver { Capabilities: map[testsuites.Capability]bool{ testsuites.CapExec: true, }, - - Config: config, }, } } @@ -938,7 +906,7 @@ func (e *emptydirDriver) GetDriverInfo() *testsuites.DriverInfo { func (e *emptydirDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { } -func (e *emptydirDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { +func (e *emptydirDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { // emptydir doesn't support readOnly volume if readOnly { return nil @@ -948,17 +916,16 @@ func (e *emptydirDriver) GetVolumeSource(readOnly bool, fsType string, testResou } } -func (e *emptydirDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { +func (e *emptydirDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { return nil } -func (e *emptydirDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { -} - -func (e *emptydirDriver) CreateDriver() { -} - -func (e *emptydirDriver) CleanupDriver() { +func (e *emptydirDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: e, + Prefix: "emptydir", + Framework: f, + }, func() {} } // Cinder @@ -970,7 +937,7 @@ type cinderDriver struct { driverInfo testsuites.DriverInfo } -type cinderTestResource struct { +type cinderVolume struct { volumeName string volumeID string } @@ -982,7 +949,7 @@ var _ testsuites.PreprovisionedPVTestDriver = &cinderDriver{} var _ testsuites.DynamicPVTestDriver = &cinderDriver{} // InitCinderDriver returns cinderDriver that implements TestDriver interface -func InitCinderDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitCinderDriver() testsuites.TestDriver { return &cinderDriver{ driverInfo: testsuites.DriverInfo{ Name: "cinder", @@ -996,8 +963,6 @@ func InitCinderDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapFsGroup: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -1010,13 +975,13 @@ func (c *cinderDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { framework.SkipUnlessProviderIs("openstack") } -func (c *cinderDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - ctr, ok := testResource.(*cinderTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Cinder Test Resource") +func (c *cinderDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + cv, ok := volume.(*cinderVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Cinder test volume") volSource := v1.VolumeSource{ Cinder: &v1.CinderVolumeSource{ - VolumeID: ctr.volumeID, + VolumeID: cv.volumeID, ReadOnly: readOnly, }, } @@ -1026,29 +991,29 @@ func (c *cinderDriver) GetVolumeSource(readOnly bool, fsType string, testResourc return &volSource } -func (c *cinderDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - ctr, ok := testResource.(*cinderTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Cinder Test Resource") +func (c *cinderDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + cv, ok := volume.(*cinderVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Cinder test volume") pvSource := v1.PersistentVolumeSource{ Cinder: &v1.CinderPersistentVolumeSource{ - VolumeID: ctr.volumeID, + VolumeID: cv.volumeID, ReadOnly: readOnly, }, } if fsType != "" { pvSource.Cinder.FSType = fsType } - return &pvSource + return &pvSource, nil } -func (c *cinderDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { +func (c *cinderDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { provisioner := "kubernetes.io/cinder" parameters := map[string]string{} if fsType != "" { parameters["fsType"] = fsType } - ns := c.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", c.driverInfo.Name) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) @@ -1058,14 +1023,16 @@ func (c *cinderDriver) GetClaimSize() string { return "5Gi" } -func (c *cinderDriver) CreateDriver() { +func (c *cinderDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: c, + Prefix: "cinder", + Framework: f, + }, func() {} } -func (c *cinderDriver) CleanupDriver() { -} - -func (c *cinderDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := c.driverInfo.Config.Framework +func (c *cinderDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework ns := f.Namespace // We assume that namespace.Name is a random string @@ -1095,20 +1062,15 @@ func (c *cinderDriver) CreateVolume(volType testpatterns.TestVolType) interface{ } framework.Logf("Volume ID: %s", volumeID) Expect(volumeID).NotTo(Equal("")) - return &cinderTestResource{ + return &cinderVolume{ volumeName: volumeName, volumeID: volumeID, } } -func (c *cinderDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - ctr, ok := testResource.(*cinderTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Cinder Test Resource") +func (v *cinderVolume) DeleteVolume() { + name := v.volumeName - deleteCinderVolume(ctr.volumeName) -} - -func deleteCinderVolume(name string) error { // Try to delete the volume for several seconds - it takes // a while for the plugin to detach it. var output []byte @@ -1120,12 +1082,11 @@ func deleteCinderVolume(name string) error { output, err = exec.Command("cinder", "delete", name).CombinedOutput() if err == nil { framework.Logf("Cinder volume %s deleted", name) - return nil + return } framework.Logf("Failed to delete volume %s: %v", name, err) } framework.Logf("Giving up deleting volume %s: %v\n%s", name, err, string(output[:])) - return err } // GCE @@ -1133,7 +1094,7 @@ type gcePdDriver struct { driverInfo testsuites.DriverInfo } -type gcePdTestResource struct { +type gcePdVolume struct { volumeName string } @@ -1144,7 +1105,7 @@ var _ testsuites.PreprovisionedPVTestDriver = &gcePdDriver{} var _ testsuites.DynamicPVTestDriver = &gcePdDriver{} // InitGceDriver returns gcePdDriver that implements TestDriver interface -func InitGcePdDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitGcePdDriver() testsuites.TestDriver { return &gcePdDriver{ driverInfo: testsuites.DriverInfo{ Name: "gcepd", @@ -1163,8 +1124,6 @@ func InitGcePdDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapBlock: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -1177,12 +1136,12 @@ func (g *gcePdDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { framework.SkipUnlessProviderIs("gce", "gke") } -func (g *gcePdDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - gtr, ok := testResource.(*gcePdTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to GCE PD Test Resource") +func (g *gcePdDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + gv, ok := volume.(*gcePdVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to GCE PD test volume") volSource := v1.VolumeSource{ GCEPersistentDisk: &v1.GCEPersistentDiskVolumeSource{ - PDName: gtr.volumeName, + PDName: gv.volumeName, ReadOnly: readOnly, }, } @@ -1192,28 +1151,28 @@ func (g *gcePdDriver) GetVolumeSource(readOnly bool, fsType string, testResource return &volSource } -func (g *gcePdDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - gtr, ok := testResource.(*gcePdTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to GCE PD Test Resource") +func (g *gcePdDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + gv, ok := volume.(*gcePdVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to GCE PD test volume") pvSource := v1.PersistentVolumeSource{ GCEPersistentDisk: &v1.GCEPersistentDiskVolumeSource{ - PDName: gtr.volumeName, + PDName: gv.volumeName, ReadOnly: readOnly, }, } if fsType != "" { pvSource.GCEPersistentDisk.FSType = fsType } - return &pvSource + return &pvSource, nil } -func (g *gcePdDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { +func (g *gcePdDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { provisioner := "kubernetes.io/gce-pd" parameters := map[string]string{} if fsType != "" { parameters["fsType"] = fsType } - ns := g.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", g.driverInfo.Name) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) @@ -1223,32 +1182,32 @@ func (h *gcePdDriver) GetClaimSize() string { return "5Gi" } -func (g *gcePdDriver) CreateDriver() { +func (g *gcePdDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: g, + Prefix: "gcepd", + Framework: f, + }, func() {} } -func (g *gcePdDriver) CleanupDriver() { -} - -func (g *gcePdDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { +func (g *gcePdDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { if volType == testpatterns.InlineVolume { // PD will be created in framework.TestContext.CloudConfig.Zone zone, // so pods should be also scheduled there. - g.driverInfo.Config.ClientNodeSelector = map[string]string{ - kubeletapis.LabelZoneFailureDomain: framework.TestContext.CloudConfig.Zone, + config.ClientNodeSelector = map[string]string{ + v1.LabelZoneFailureDomain: framework.TestContext.CloudConfig.Zone, } } By("creating a test gce pd volume") vname, err := framework.CreatePDWithRetry() Expect(err).NotTo(HaveOccurred()) - return &gcePdTestResource{ + return &gcePdVolume{ volumeName: vname, } } -func (g *gcePdDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - gtr, ok := testResource.(*gcePdTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to GCE PD Test Resource") - framework.DeletePDWithRetry(gtr.volumeName) +func (v *gcePdVolume) DeleteVolume() { + framework.DeletePDWithRetry(v.volumeName) } // vSphere @@ -1256,7 +1215,7 @@ type vSphereDriver struct { driverInfo testsuites.DriverInfo } -type vSphereTestResource struct { +type vSphereVolume struct { volumePath string nodeInfo *vspheretest.NodeInfo } @@ -1268,7 +1227,7 @@ var _ testsuites.PreprovisionedPVTestDriver = &vSphereDriver{} var _ testsuites.DynamicPVTestDriver = &vSphereDriver{} // InitVSphereDriver returns vSphereDriver that implements TestDriver interface -func InitVSphereDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitVSphereDriver() testsuites.TestDriver { return &vSphereDriver{ driverInfo: testsuites.DriverInfo{ Name: "vSphere", @@ -1282,8 +1241,6 @@ func InitVSphereDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapFsGroup: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -1295,9 +1252,9 @@ func (v *vSphereDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { framework.SkipUnlessProviderIs("vsphere") } -func (v *vSphereDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - vtr, ok := testResource.(*vSphereTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to vSphere Test Resource") +func (v *vSphereDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + vsv, ok := volume.(*vSphereVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to vSphere test volume") // vSphere driver doesn't seem to support readOnly volume // TODO: check if it is correct @@ -1306,7 +1263,7 @@ func (v *vSphereDriver) GetVolumeSource(readOnly bool, fsType string, testResour } volSource := v1.VolumeSource{ VsphereVolume: &v1.VsphereVirtualDiskVolumeSource{ - VolumePath: vtr.volumePath, + VolumePath: vsv.volumePath, }, } if fsType != "" { @@ -1315,33 +1272,33 @@ func (v *vSphereDriver) GetVolumeSource(readOnly bool, fsType string, testResour return &volSource } -func (v *vSphereDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - vtr, ok := testResource.(*vSphereTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to vSphere Test Resource") +func (v *vSphereDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + vsv, ok := volume.(*vSphereVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to vSphere test volume") // vSphere driver doesn't seem to support readOnly volume // TODO: check if it is correct if readOnly { - return nil + return nil, nil } pvSource := v1.PersistentVolumeSource{ VsphereVolume: &v1.VsphereVirtualDiskVolumeSource{ - VolumePath: vtr.volumePath, + VolumePath: vsv.volumePath, }, } if fsType != "" { pvSource.VsphereVolume.FSType = fsType } - return &pvSource + return &pvSource, nil } -func (v *vSphereDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { +func (v *vSphereDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { provisioner := "kubernetes.io/vsphere-volume" parameters := map[string]string{} if fsType != "" { parameters["fsType"] = fsType } - ns := v.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", v.driverInfo.Name) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) @@ -1351,29 +1308,28 @@ func (v *vSphereDriver) GetClaimSize() string { return "5Gi" } -func (v *vSphereDriver) CreateDriver() { +func (v *vSphereDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: v, + Prefix: "vsphere", + Framework: f, + }, func() {} } -func (v *vSphereDriver) CleanupDriver() { -} - -func (v *vSphereDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { - f := v.driverInfo.Config.Framework +func (v *vSphereDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + f := config.Framework vspheretest.Bootstrap(f) nodeInfo := vspheretest.GetReadySchedulableRandomNodeInfo() volumePath, err := nodeInfo.VSphere.CreateVolume(&vspheretest.VolumeOptions{}, nodeInfo.DataCenterRef) Expect(err).NotTo(HaveOccurred()) - return &vSphereTestResource{ + return &vSphereVolume{ volumePath: volumePath, nodeInfo: nodeInfo, } } -func (v *vSphereDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - vtr, ok := testResource.(*vSphereTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to vSphere Test Resource") - - vtr.nodeInfo.VSphere.DeleteVolume(vtr.volumePath, vtr.nodeInfo.DataCenterRef) +func (v *vSphereVolume) DeleteVolume() { + v.nodeInfo.VSphere.DeleteVolume(v.volumePath, v.nodeInfo.DataCenterRef) } // Azure @@ -1381,7 +1337,7 @@ type azureDriver struct { driverInfo testsuites.DriverInfo } -type azureTestResource struct { +type azureVolume struct { volumeName string } @@ -1392,7 +1348,7 @@ var _ testsuites.PreprovisionedPVTestDriver = &azureDriver{} var _ testsuites.DynamicPVTestDriver = &azureDriver{} // InitAzureDriver returns azureDriver that implements TestDriver interface -func InitAzureDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitAzureDriver() testsuites.TestDriver { return &azureDriver{ driverInfo: testsuites.DriverInfo{ Name: "azure", @@ -1407,8 +1363,6 @@ func InitAzureDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapBlock: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -1421,16 +1375,16 @@ func (a *azureDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { framework.SkipUnlessProviderIs("azure") } -func (a *azureDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { - atr, ok := testResource.(*azureTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Azure Test Resource") +func (a *azureDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { + av, ok := volume.(*azureVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Azure test volume") - diskName := atr.volumeName[(strings.LastIndex(atr.volumeName, "/") + 1):] + diskName := av.volumeName[(strings.LastIndex(av.volumeName, "/") + 1):] volSource := v1.VolumeSource{ AzureDisk: &v1.AzureDiskVolumeSource{ DiskName: diskName, - DataDiskURI: atr.volumeName, + DataDiskURI: av.volumeName, ReadOnly: &readOnly, }, } @@ -1440,32 +1394,32 @@ func (a *azureDriver) GetVolumeSource(readOnly bool, fsType string, testResource return &volSource } -func (a *azureDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { - atr, ok := testResource.(*azureTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Azure Test Resource") +func (a *azureDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + av, ok := volume.(*azureVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to Azure test volume") - diskName := atr.volumeName[(strings.LastIndex(atr.volumeName, "/") + 1):] + diskName := av.volumeName[(strings.LastIndex(av.volumeName, "/") + 1):] pvSource := v1.PersistentVolumeSource{ AzureDisk: &v1.AzureDiskVolumeSource{ DiskName: diskName, - DataDiskURI: atr.volumeName, + DataDiskURI: av.volumeName, ReadOnly: &readOnly, }, } if fsType != "" { pvSource.AzureDisk.FSType = &fsType } - return &pvSource + return &pvSource, nil } -func (a *azureDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { +func (a *azureDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { provisioner := "kubernetes.io/azure-disk" parameters := map[string]string{} if fsType != "" { parameters["fsType"] = fsType } - ns := a.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", a.driverInfo.Name) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) @@ -1475,26 +1429,25 @@ func (a *azureDriver) GetClaimSize() string { return "5Gi" } -func (a *azureDriver) CreateDriver() { +func (a *azureDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: a, + Prefix: "azure", + Framework: f, + }, func() {} } -func (a *azureDriver) CleanupDriver() { -} - -func (a *azureDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { +func (a *azureDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { By("creating a test azure disk volume") volumeName, err := framework.CreatePDWithRetry() Expect(err).NotTo(HaveOccurred()) - return &azureTestResource{ + return &azureVolume{ volumeName: volumeName, } } -func (a *azureDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { - atr, ok := testResource.(*azureTestResource) - Expect(ok).To(BeTrue(), "Failed to cast test resource to Azure Test Resource") - - framework.DeletePDWithRetry(atr.volumeName) +func (v *azureVolume) DeleteVolume() { + framework.DeletePDWithRetry(v.volumeName) } // AWS @@ -1513,7 +1466,7 @@ var _ testsuites.TestDriver = &awsDriver{} var _ testsuites.DynamicPVTestDriver = &awsDriver{} // InitAwsDriver returns awsDriver that implements TestDriver interface -func InitAwsDriver(config testsuites.TestConfig) testsuites.TestDriver { +func InitAwsDriver() testsuites.TestDriver { return &awsDriver{ driverInfo: testsuites.DriverInfo{ Name: "aws", @@ -1529,8 +1482,6 @@ func InitAwsDriver(config testsuites.TestConfig) testsuites.TestDriver { testsuites.CapBlock: true, testsuites.CapExec: true, }, - - Config: config, }, } } @@ -1545,7 +1496,7 @@ func (a *awsDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { // TODO: Fix authorization error in attach operation and uncomment below /* -func (a *awsDriver) GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource { +func (a *awsDriver) GetVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) *v1.VolumeSource { volSource := v1.VolumeSource{ AWSElasticBlockStore: &v1.AWSElasticBlockStoreVolumeSource{ VolumeID: a.volumeName, @@ -1558,7 +1509,7 @@ func (a *awsDriver) GetVolumeSource(readOnly bool, fsType string, testResource i return &volSource } -func (a *awsDriver) GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource { +func (a *awsDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { pvSource := v1.PersistentVolumeSource{ AWSElasticBlockStore: &v1.AWSElasticBlockStoreVolumeSource{ VolumeID: a.volumeName, @@ -1572,13 +1523,13 @@ func (a *awsDriver) GetPersistentVolumeSource(readOnly bool, fsType string, test } */ -func (a *awsDriver) GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass { +func (a *awsDriver) GetDynamicProvisionStorageClass(config *testsuites.PerTestConfig, fsType string) *storagev1.StorageClass { provisioner := "kubernetes.io/aws-ebs" parameters := map[string]string{} if fsType != "" { parameters["fsType"] = fsType } - ns := a.driverInfo.Config.Framework.Namespace.Name + ns := config.Framework.Namespace.Name suffix := fmt.Sprintf("%s-sc", a.driverInfo.Name) return testsuites.GetStorageClass(provisioner, parameters, nil, ns, suffix) @@ -1588,22 +1539,203 @@ func (a *awsDriver) GetClaimSize() string { return "5Gi" } -func (a *awsDriver) CreateDriver() { -} - -func (a *awsDriver) CleanupDriver() { +func (a *awsDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + return &testsuites.PerTestConfig{ + Driver: a, + Prefix: "aws", + Framework: f, + }, func() {} } // TODO: Fix authorization error in attach operation and uncomment below /* -func (a *awsDriver) CreateVolume(volType testpatterns.TestVolType) interface{} { +func (a *awsDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { By("creating a test aws volume") var err error a.volumeName, err = framework.CreatePDWithRetry() Expect(err).NotTo(HaveOccurred()) } -func (a *awsDriver) DeleteVolume(volType testpatterns.TestVolType, testResource interface{}) { +DeleteVolume() { framework.DeletePDWithRetry(a.volumeName) } */ + +// local +type localDriver struct { + driverInfo testsuites.DriverInfo + node *v1.Node + hostExec utils.HostExec + // volumeType represents local volume type we are testing, e.g. tmpfs, + // directory, block device. + volumeType utils.LocalVolumeType + ltrMgr utils.LocalTestResourceManager +} + +type localVolume struct { + ltrMgr utils.LocalTestResourceManager + ltr *utils.LocalTestResource +} + +var ( + // capabilities + defaultLocalVolumeCapabilities = map[testsuites.Capability]bool{ + testsuites.CapPersistence: true, + testsuites.CapFsGroup: true, + testsuites.CapBlock: false, + testsuites.CapExec: true, + } + localVolumeCapabitilies = map[utils.LocalVolumeType]map[testsuites.Capability]bool{ + utils.LocalVolumeBlock: { + testsuites.CapPersistence: true, + testsuites.CapFsGroup: true, + testsuites.CapBlock: true, + testsuites.CapExec: true, + }, + } + // fstype + defaultLocalVolumeSupportedFsTypes = sets.NewString("") + localVolumeSupportedFsTypes = map[utils.LocalVolumeType]sets.String{ + utils.LocalVolumeBlock: sets.NewString( + "", // Default fsType + "ext2", + "ext3", + "ext4", + //"xfs", disabled see issue https://github.com/kubernetes/kubernetes/issues/74095 + ), + } + // max file size + defaultLocalVolumeMaxFileSize = testpatterns.FileSizeSmall + localVolumeMaxFileSizes = map[utils.LocalVolumeType]int64{} +) + +var _ testsuites.TestDriver = &localDriver{} +var _ testsuites.PreprovisionedVolumeTestDriver = &localDriver{} +var _ testsuites.PreprovisionedPVTestDriver = &localDriver{} + +func InitLocalDriverWithVolumeType(volumeType utils.LocalVolumeType) func() testsuites.TestDriver { + maxFileSize := defaultLocalVolumeMaxFileSize + if maxFileSizeByVolType, ok := localVolumeMaxFileSizes[volumeType]; ok { + maxFileSize = maxFileSizeByVolType + } + supportedFsTypes := defaultLocalVolumeSupportedFsTypes + if supportedFsTypesByType, ok := localVolumeSupportedFsTypes[volumeType]; ok { + supportedFsTypes = supportedFsTypesByType + } + capabilities := defaultLocalVolumeCapabilities + if capabilitiesByType, ok := localVolumeCapabitilies[volumeType]; ok { + capabilities = capabilitiesByType + } + return func() testsuites.TestDriver { + // custom tag to distinguish from tests of other volume types + featureTag := fmt.Sprintf("[LocalVolumeType: %s]", volumeType) + // For GCE Local SSD volumes, we must run serially + if volumeType == utils.LocalVolumeGCELocalSSD { + featureTag += " [Serial]" + } + return &localDriver{ + driverInfo: testsuites.DriverInfo{ + Name: "local", + FeatureTag: featureTag, + MaxFileSize: maxFileSize, + SupportedFsType: supportedFsTypes, + Capabilities: capabilities, + }, + volumeType: volumeType, + } + } +} + +func (l *localDriver) GetDriverInfo() *testsuites.DriverInfo { + return &l.driverInfo +} + +func (l *localDriver) SkipUnsupportedTest(pattern testpatterns.TestPattern) { + if l.volumeType == utils.LocalVolumeGCELocalSSD { + ssdInterface := "scsi" + filesystemType := "fs" + ssdCmd := fmt.Sprintf("ls -1 /mnt/disks/by-uuid/google-local-ssds-%s-%s/ | wc -l", ssdInterface, filesystemType) + res, err := l.hostExec.IssueCommandWithResult(ssdCmd, l.node) + Expect(err).NotTo(HaveOccurred()) + num, err := strconv.Atoi(strings.TrimSpace(res)) + Expect(err).NotTo(HaveOccurred()) + if num < 1 { + framework.Skipf("Requires at least 1 %s %s localSSD ", ssdInterface, filesystemType) + } + } +} + +func (l *localDriver) PrepareTest(f *framework.Framework) (*testsuites.PerTestConfig, func()) { + // choose a randome node to test against + nodes := framework.GetReadySchedulableNodesOrDie(f.ClientSet) + l.node = &nodes.Items[rand.Intn(len(nodes.Items))] + + l.hostExec = utils.NewHostExec(f) + l.ltrMgr = utils.NewLocalResourceManager("local-driver", l.hostExec, "/tmp") + + return &testsuites.PerTestConfig{ + Driver: l, + Prefix: "local", + Framework: f, + ClientNodeName: l.node.Name, + }, func() { + l.hostExec.Cleanup() + } +} + +func (l *localDriver) CreateVolume(config *testsuites.PerTestConfig, volType testpatterns.TestVolType) testsuites.TestVolume { + switch volType { + case testpatterns.PreprovisionedPV: + node := l.node + // assign this to schedule pod on this node + config.ClientNodeName = node.Name + return &localVolume{ + ltrMgr: l.ltrMgr, + ltr: l.ltrMgr.Create(node, l.volumeType, nil), + } + default: + framework.Failf("Unsupported volType: %v is specified", volType) + } + return nil +} + +func (v *localVolume) DeleteVolume() { + v.ltrMgr.Remove(v.ltr) +} + +func (l *localDriver) nodeAffinityForNode(node *v1.Node) *v1.VolumeNodeAffinity { + nodeKey := "kubernetes.io/hostname" + if node.Labels == nil { + framework.Failf("Node does not have labels") + } + nodeValue, found := node.Labels[nodeKey] + if !found { + framework.Failf("Node does not have required label %q", nodeKey) + } + return &v1.VolumeNodeAffinity{ + Required: &v1.NodeSelector{ + NodeSelectorTerms: []v1.NodeSelectorTerm{ + { + MatchExpressions: []v1.NodeSelectorRequirement{ + { + Key: nodeKey, + Operator: v1.NodeSelectorOpIn, + Values: []string{nodeValue}, + }, + }, + }, + }, + }, + } +} + +func (l *localDriver) GetPersistentVolumeSource(readOnly bool, fsType string, volume testsuites.TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) { + lv, ok := volume.(*localVolume) + Expect(ok).To(BeTrue(), "Failed to cast test volume to local test volume") + return &v1.PersistentVolumeSource{ + Local: &v1.LocalVolumeSource{ + Path: lv.ltr.Path, + FSType: &fsType, + }, + }, l.nodeAffinityForNode(lv.ltr.Node) +} diff --git a/test/e2e/storage/flexvolume_mounted_volume_resize.go b/test/e2e/storage/flexvolume_mounted_volume_resize.go index eb120773028..0d95e127fd7 100644 --- a/test/e2e/storage/flexvolume_mounted_volume_resize.go +++ b/test/e2e/storage/flexvolume_mounted_volume_resize.go @@ -18,6 +18,8 @@ package storage import ( "fmt" + "path" + . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "k8s.io/api/core/v1" @@ -27,8 +29,8 @@ import ( utilerrors "k8s.io/apimachinery/pkg/util/errors" clientset "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/test/e2e/framework" + "k8s.io/kubernetes/test/e2e/storage/testsuites" "k8s.io/kubernetes/test/e2e/storage/utils" - "path" ) var _ = utils.SIGDescribe("Mounted flexvolume expand[Slow]", func() { @@ -72,7 +74,14 @@ var _ = utils.SIGDescribe("Mounted flexvolume expand[Slow]", func() { isNodeLabeled = true } - resizableSc, err = createStorageClass(ns, c) + test := testsuites.StorageClassTest{ + Name: "flexvolume-resize", + ClaimSize: "2Gi", + AllowVolumeExpansion: true, + Provisioner: "flex-expand", + } + + resizableSc, err = createStorageClass(test, ns, "resizing", c) if err != nil { fmt.Printf("storage class creation error: %v\n", err) } diff --git a/test/e2e/storage/flexvolume_online_resize.go b/test/e2e/storage/flexvolume_online_resize.go index f1a915e586b..f51e078b97c 100644 --- a/test/e2e/storage/flexvolume_online_resize.go +++ b/test/e2e/storage/flexvolume_online_resize.go @@ -18,6 +18,8 @@ package storage import ( "fmt" + "path" + . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "k8s.io/api/core/v1" @@ -26,21 +28,10 @@ import ( utilerrors "k8s.io/apimachinery/pkg/util/errors" clientset "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/test/e2e/framework" + "k8s.io/kubernetes/test/e2e/storage/testsuites" "k8s.io/kubernetes/test/e2e/storage/utils" - "path" ) -func createStorageClass(ns string, c clientset.Interface) (*storage.StorageClass, error) { - bindingMode := storage.VolumeBindingImmediate - stKlass := getStorageClass("flex-expand", map[string]string{}, &bindingMode, ns, "resizing") - allowExpansion := true - stKlass.AllowVolumeExpansion = &allowExpansion - - var err error - stKlass, err = c.StorageV1().StorageClasses().Create(stKlass) - return stKlass, err -} - var _ = utils.SIGDescribe("Mounted flexvolume volume expand [Slow] [Feature:ExpandInUsePersistentVolumes]", func() { var ( c clientset.Interface @@ -82,7 +73,14 @@ var _ = utils.SIGDescribe("Mounted flexvolume volume expand [Slow] [Feature:Expa isNodeLabeled = true } - resizableSc, err = createStorageClass(ns, c) + test := testsuites.StorageClassTest{ + Name: "flexvolume-resize", + ClaimSize: "2Gi", + AllowVolumeExpansion: true, + Provisioner: "flex-expand", + } + + resizableSc, err = createStorageClass(test, ns, "resizing", c) if err != nil { fmt.Printf("storage class creation error: %v\n", err) } diff --git a/test/e2e/storage/in_tree_volumes.go b/test/e2e/storage/in_tree_volumes.go index 7769a329fd7..23ceaa3c860 100644 --- a/test/e2e/storage/in_tree_volumes.go +++ b/test/e2e/storage/in_tree_volumes.go @@ -18,15 +18,13 @@ package storage import ( . "github.com/onsi/ginkgo" - "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/drivers" - "k8s.io/kubernetes/test/e2e/storage/testpatterns" "k8s.io/kubernetes/test/e2e/storage/testsuites" "k8s.io/kubernetes/test/e2e/storage/utils" ) // List of testDrivers to be executed in below loop -var testDrivers = []func(config testsuites.TestConfig) testsuites.TestDriver{ +var testDrivers = []func() testsuites.TestDriver{ drivers.InitNFSDriver, drivers.InitGlusterFSDriver, drivers.InitISCSIDriver, @@ -40,6 +38,14 @@ var testDrivers = []func(config testsuites.TestConfig) testsuites.TestDriver{ drivers.InitVSphereDriver, drivers.InitAzureDriver, drivers.InitAwsDriver, + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeDirectory), + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeDirectoryLink), + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeDirectoryBindMounted), + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeDirectoryLinkBindMounted), + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeTmpfs), + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeBlock), + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeBlockFS), + drivers.InitLocalDriverWithVolumeType(utils.LocalVolumeGCELocalSSD), } // List of testSuites to be executed in below loop @@ -51,41 +57,13 @@ var testSuites = []func() testsuites.TestSuite{ testsuites.InitProvisioningTestSuite, } -func intreeTunePattern(patterns []testpatterns.TestPattern) []testpatterns.TestPattern { - return patterns -} - // This executes testSuites for in-tree volumes. var _ = utils.SIGDescribe("In-tree Volumes", func() { - f := framework.NewDefaultFramework("volumes") - - var ( - // Common configuration options for all drivers. - config = testsuites.TestConfig{ - Framework: f, - Prefix: "in-tree", - } - ) - for _, initDriver := range testDrivers { - curDriver := initDriver(config) - curConfig := curDriver.GetDriverInfo().Config + curDriver := initDriver() + Context(testsuites.GetDriverNameWithFeatureTags(curDriver), func() { - BeforeEach(func() { - // Reset config. The driver might have modified its copy - // in a previous test. - curDriver.GetDriverInfo().Config = curConfig - - // setupDriver - curDriver.CreateDriver() - }) - - AfterEach(func() { - // Cleanup driver - curDriver.CleanupDriver() - }) - - testsuites.RunTestSuite(f, curDriver, testSuites, intreeTunePattern) + testsuites.DefineTestSuite(curDriver, testSuites) }) } }) diff --git a/test/e2e/storage/mounted_volume_resize.go b/test/e2e/storage/mounted_volume_resize.go index 54feb244aac..15f0e041a68 100644 --- a/test/e2e/storage/mounted_volume_resize.go +++ b/test/e2e/storage/mounted_volume_resize.go @@ -35,7 +35,7 @@ import ( "k8s.io/kubernetes/test/e2e/storage/utils" ) -var _ = utils.SIGDescribe("Mounted volume expand[Slow]", func() { +var _ = utils.SIGDescribe("Mounted volume expand", func() { var ( c clientset.Interface ns string @@ -74,10 +74,12 @@ var _ = utils.SIGDescribe("Mounted volume expand[Slow]", func() { } test := testsuites.StorageClassTest{ - Name: "default", - ClaimSize: "2Gi", + Name: "default", + ClaimSize: "2Gi", + AllowVolumeExpansion: true, + DelayBinding: true, } - resizableSc, err = createResizableStorageClass(test, ns, "resizing", c) + resizableSc, err = createStorageClass(test, ns, "resizing", c) Expect(err).NotTo(HaveOccurred(), "Error creating resizable storage class") Expect(*resizableSc.AllowVolumeExpansion).To(BeTrue()) @@ -106,17 +108,22 @@ var _ = utils.SIGDescribe("Mounted volume expand[Slow]", func() { }) It("Should verify mounted devices can be resized", func() { - By("Waiting for PVC to be in bound phase") pvcClaims := []*v1.PersistentVolumeClaim{pvc} - pvs, err := framework.WaitForPVClaimBoundPhase(c, pvcClaims, framework.ClaimProvisionTimeout) - Expect(err).NotTo(HaveOccurred(), "Failed waiting for PVC to be bound %v", err) - Expect(len(pvs)).To(Equal(1)) - By("Creating a deployment with the provisioned volume") + // The reason we use a node selector is because we do not want pod to move to different node when pod is deleted. + // Keeping pod on same node reproduces the scenario that volume might already be mounted when resize is attempted. + // We should consider adding a unit test that exercises this better. + By("Creating a deployment with selected PVC") deployment, err := framework.CreateDeployment(c, int32(1), map[string]string{"test": "app"}, nodeKeyValueLabel, ns, pvcClaims, "") Expect(err).NotTo(HaveOccurred(), "Failed creating deployment %v", err) defer c.AppsV1().Deployments(ns).Delete(deployment.Name, &metav1.DeleteOptions{}) + // PVC should be bound at this point + By("Checking for bound PVC") + pvs, err := framework.WaitForPVClaimBoundPhase(c, pvcClaims, framework.ClaimProvisionTimeout) + Expect(err).NotTo(HaveOccurred(), "Failed waiting for PVC to be bound %v", err) + Expect(len(pvs)).To(Equal(1)) + By("Expanding current pvc") newSize := resource.MustParse("6Gi") pvc, err = expandPVCSize(pvc, newSize, c) diff --git a/test/e2e/storage/persistent_volumes-local.go b/test/e2e/storage/persistent_volumes-local.go index 047ca401686..6093c71a0dd 100644 --- a/test/e2e/storage/persistent_volumes-local.go +++ b/test/e2e/storage/persistent_volumes-local.go @@ -824,7 +824,7 @@ func setupLocalVolumeDirectory(config *localTestConfig, node *v1.Node) *localTes // launchNodeExecPodForLocalPV launches a hostexec pod for local PV and waits // until it's Running. func launchNodeExecPodForLocalPV(client clientset.Interface, ns, node string) *v1.Pod { - hostExecPod := framework.NewHostExecPodSpec(ns, fmt.Sprintf("hostexec-%s", node)) + hostExecPod := framework.NewExecPodSpec(ns, fmt.Sprintf("hostexec-%s", node), true) hostExecPod.Spec.NodeName = node hostExecPod.Spec.Volumes = []v1.Volume{ { diff --git a/test/e2e/storage/pvc_protection.go b/test/e2e/storage/pvc_protection.go index 5c2868dc088..64011df46fd 100644 --- a/test/e2e/storage/pvc_protection.go +++ b/test/e2e/storage/pvc_protection.go @@ -37,6 +37,7 @@ var _ = utils.SIGDescribe("PVC Protection", func() { err error pvc *v1.PersistentVolumeClaim pvcCreatedAndNotDeleted bool + pod *v1.Pod ) f := framework.NewDefaultFramework("pvc-protection") @@ -57,6 +58,11 @@ var _ = utils.SIGDescribe("PVC Protection", func() { Expect(err).NotTo(HaveOccurred(), "Error creating PVC") pvcCreatedAndNotDeleted = true + By("Creating a Pod that becomes Running and therefore is actively using the PVC") + pvcClaims := []*v1.PersistentVolumeClaim{pvc} + pod, err = framework.CreatePod(client, nameSpace, nil, pvcClaims, false, "") + Expect(err).NotTo(HaveOccurred(), "While creating pod that uses the PVC or waiting for the Pod to become Running") + By("Waiting for PVC to become Bound") err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, client, nameSpace, pvc.Name, framework.Poll, framework.ClaimBindingTimeout) Expect(err).NotTo(HaveOccurred(), "Failed waiting for PVC to be bound %v", err) @@ -74,6 +80,10 @@ var _ = utils.SIGDescribe("PVC Protection", func() { }) It("Verify \"immediate\" deletion of a PVC that is not in active use by a pod", func() { + By("Deleting the pod using the PVC") + err = framework.DeletePodWithWait(f, client, pod) + Expect(err).NotTo(HaveOccurred(), "Error terminating and deleting pod") + By("Deleting the PVC") err = client.CoreV1().PersistentVolumeClaims(pvc.Namespace).Delete(pvc.Name, metav1.NewDeleteOptions(0)) Expect(err).NotTo(HaveOccurred(), "Error deleting PVC") @@ -82,11 +92,6 @@ var _ = utils.SIGDescribe("PVC Protection", func() { }) It("Verify that PVC in active use by a pod is not removed immediately", func() { - By("Creating a Pod that becomes Running and therefore is actively using the PVC") - pvcClaims := []*v1.PersistentVolumeClaim{pvc} - pod, err := framework.CreatePod(client, nameSpace, nil, pvcClaims, false, "") - Expect(err).NotTo(HaveOccurred(), "While creating pod that uses the PVC or waiting for the Pod to become Running") - By("Deleting the PVC, however, the PVC must not be removed from the system as it's in active use by a pod") err = client.CoreV1().PersistentVolumeClaims(pvc.Namespace).Delete(pvc.Name, metav1.NewDeleteOptions(0)) Expect(err).NotTo(HaveOccurred(), "Error deleting PVC") @@ -106,11 +111,6 @@ var _ = utils.SIGDescribe("PVC Protection", func() { }) It("Verify that scheduling of a pod that uses PVC that is being deleted fails and the pod becomes Unschedulable", func() { - By("Creating first Pod that becomes Running and therefore is actively using the PVC") - pvcClaims := []*v1.PersistentVolumeClaim{pvc} - firstPod, err := framework.CreatePod(client, nameSpace, nil, pvcClaims, false, "") - Expect(err).NotTo(HaveOccurred(), "While creating pod that uses the PVC or waiting for the Pod to become Running") - By("Deleting the PVC, however, the PVC must not be removed from the system as it's in active use by a pod") err = client.CoreV1().PersistentVolumeClaims(pvc.Namespace).Delete(pvc.Name, metav1.NewDeleteOptions(0)) Expect(err).NotTo(HaveOccurred(), "Error deleting PVC") @@ -121,7 +121,7 @@ var _ = utils.SIGDescribe("PVC Protection", func() { Expect(pvc.ObjectMeta.DeletionTimestamp).NotTo(Equal(nil)) By("Creating second Pod whose scheduling fails because it uses a PVC that is being deleted") - secondPod, err2 := framework.CreateUnschedulablePod(client, nameSpace, nil, pvcClaims, false, "") + secondPod, err2 := framework.CreateUnschedulablePod(client, nameSpace, nil, []*v1.PersistentVolumeClaim{pvc}, false, "") Expect(err2).NotTo(HaveOccurred(), "While creating second pod that uses a PVC that is being deleted and that is Unschedulable") By("Deleting the second pod that uses the PVC that is being deleted") @@ -134,7 +134,7 @@ var _ = utils.SIGDescribe("PVC Protection", func() { Expect(pvc.ObjectMeta.DeletionTimestamp).NotTo(Equal(nil)) By("Deleting the first pod that uses the PVC") - err = framework.DeletePodWithWait(f, client, firstPod) + err = framework.DeletePodWithWait(f, client, pod) Expect(err).NotTo(HaveOccurred(), "Error terminating and deleting pod") By("Checking that the PVC is automatically removed from the system because it's no longer in active use by a pod") diff --git a/test/e2e/storage/regional_pd.go b/test/e2e/storage/regional_pd.go index 3765964b6fb..5cf05f9816a 100644 --- a/test/e2e/storage/regional_pd.go +++ b/test/e2e/storage/regional_pd.go @@ -37,10 +37,8 @@ import ( "k8s.io/apimachinery/pkg/util/strategicpatch" "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" + volumehelpers "k8s.io/cloud-provider/volume/helpers" podutil "k8s.io/kubernetes/pkg/api/v1/pod" - "k8s.io/kubernetes/pkg/kubelet/apis" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - "k8s.io/kubernetes/pkg/volume/util" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/testsuites" "k8s.io/kubernetes/test/e2e/storage/utils" @@ -110,12 +108,14 @@ func testVolumeProvisioning(c clientset.Interface, ns string) { }, ClaimSize: "1.5Gi", ExpectedSize: "2Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - err := checkGCEPD(volume, "pd-standard") - if err != nil { - return err - } - return verifyZonesInPV(volume, sets.NewString(cloudZones...), true /* match */) + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + var err error + err = checkGCEPD(volume, "pd-standard") + Expect(err).NotTo(HaveOccurred(), "checkGCEPD") + err = verifyZonesInPV(volume, sets.NewString(cloudZones...), true /* match */) + Expect(err).NotTo(HaveOccurred(), "verifyZonesInPV") + + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, { @@ -128,25 +128,26 @@ func testVolumeProvisioning(c clientset.Interface, ns string) { }, ClaimSize: "1.5Gi", ExpectedSize: "2Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - err := checkGCEPD(volume, "pd-standard") - if err != nil { - return err - } + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + var err error + err = checkGCEPD(volume, "pd-standard") + Expect(err).NotTo(HaveOccurred(), "checkGCEPD") zones, err := framework.GetClusterZones(c) - if err != nil { - return err - } - return verifyZonesInPV(volume, zones, false /* match */) + Expect(err).NotTo(HaveOccurred(), "GetClusterZones") + err = verifyZonesInPV(volume, zones, false /* match */) + Expect(err).NotTo(HaveOccurred(), "verifyZonesInPV") + + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, } for _, test := range tests { - class := newStorageClass(test, ns, "" /* suffix */) - claim := newClaim(test, ns, "" /* suffix */) - claim.Spec.StorageClassName = &class.Name - testsuites.TestDynamicProvisioning(test, c, claim, class) + test.Client = c + test.Class = newStorageClass(test, ns, "" /* suffix */) + test.Claim = newClaim(test, ns, "" /* suffix */) + test.Claim.Spec.StorageClassName = &test.Class.Name + test.TestDynamicProvisioning() } } @@ -205,10 +206,10 @@ func testZonalFailover(c clientset.Interface, ns string) { nodeName := pod.Spec.NodeName node, err := c.CoreV1().Nodes().Get(nodeName, metav1.GetOptions{}) Expect(err).ToNot(HaveOccurred()) - podZone := node.Labels[apis.LabelZoneFailureDomain] + podZone := node.Labels[v1.LabelZoneFailureDomain] By("tainting nodes in the zone the pod is scheduled in") - selector := labels.SelectorFromSet(labels.Set(map[string]string{apis.LabelZoneFailureDomain: podZone})) + selector := labels.SelectorFromSet(labels.Set(map[string]string{v1.LabelZoneFailureDomain: podZone})) nodesInZone, err := c.CoreV1().Nodes().List(metav1.ListOptions{LabelSelector: selector.String()}) Expect(err).ToNot(HaveOccurred()) removeTaintFunc := addTaint(c, ns, nodesInZone.Items, podZone) @@ -237,7 +238,7 @@ func testZonalFailover(c clientset.Interface, ns string) { if err != nil { return false, nil } - newPodZone := node.Labels[apis.LabelZoneFailureDomain] + newPodZone := node.Labels[v1.LabelZoneFailureDomain] return newPodZone == otherZone, nil }) Expect(err).NotTo(HaveOccurred(), "Error waiting for pod to be scheduled in a different zone (%q): %v", otherZone, err) @@ -301,6 +302,7 @@ func addTaint(c clientset.Interface, ns string, nodes []v1.Node, podZone string) func testRegionalDelayedBinding(c clientset.Interface, ns string, pvcCount int) { test := testsuites.StorageClassTest{ + Client: c, Name: "Regional PD storage class with waitForFirstConsumer test on GCE", Provisioner: "kubernetes.io/gce-pd", Parameters: map[string]string{ @@ -312,20 +314,20 @@ func testRegionalDelayedBinding(c clientset.Interface, ns string, pvcCount int) } suffix := "delayed-regional" - class := newStorageClass(test, ns, suffix) + test.Class = newStorageClass(test, ns, suffix) var claims []*v1.PersistentVolumeClaim for i := 0; i < pvcCount; i++ { claim := newClaim(test, ns, suffix) - claim.Spec.StorageClassName = &class.Name + claim.Spec.StorageClassName = &test.Class.Name claims = append(claims, claim) } - pvs, node := testsuites.TestBindingWaitForFirstConsumerMultiPVC(test, c, claims, class) + pvs, node := test.TestBindingWaitForFirstConsumerMultiPVC(claims, nil /* node selector */, false /* expect unschedulable */) if node == nil { framework.Failf("unexpected nil node found") } - zone, ok := node.Labels[kubeletapis.LabelZoneFailureDomain] + zone, ok := node.Labels[v1.LabelZoneFailureDomain] if !ok { - framework.Failf("label %s not found on Node", kubeletapis.LabelZoneFailureDomain) + framework.Failf("label %s not found on Node", v1.LabelZoneFailureDomain) } for _, pv := range pvs { checkZoneFromLabelAndAffinity(pv, zone, false) @@ -345,17 +347,20 @@ func testRegionalAllowedTopologies(c clientset.Interface, ns string) { } suffix := "topo-regional" - class := newStorageClass(test, ns, suffix) + test.Client = c + test.Class = newStorageClass(test, ns, suffix) zones := getTwoRandomZones(c) - addAllowedTopologiesToStorageClass(c, class, zones) - claim := newClaim(test, ns, suffix) - claim.Spec.StorageClassName = &class.Name - pv := testsuites.TestDynamicProvisioning(test, c, claim, class) + addAllowedTopologiesToStorageClass(c, test.Class, zones) + test.Claim = newClaim(test, ns, suffix) + test.Claim.Spec.StorageClassName = &test.Class.Name + + pv := test.TestDynamicProvisioning() checkZonesFromLabelAndAffinity(pv, sets.NewString(zones...), true) } func testRegionalAllowedTopologiesWithDelayedBinding(c clientset.Interface, ns string, pvcCount int) { test := testsuites.StorageClassTest{ + Client: c, Name: "Regional PD storage class with allowedTopologies and waitForFirstConsumer test on GCE", Provisioner: "kubernetes.io/gce-pd", Parameters: map[string]string{ @@ -367,22 +372,22 @@ func testRegionalAllowedTopologiesWithDelayedBinding(c clientset.Interface, ns s } suffix := "topo-delayed-regional" - class := newStorageClass(test, ns, suffix) + test.Class = newStorageClass(test, ns, suffix) topoZones := getTwoRandomZones(c) - addAllowedTopologiesToStorageClass(c, class, topoZones) + addAllowedTopologiesToStorageClass(c, test.Class, topoZones) var claims []*v1.PersistentVolumeClaim for i := 0; i < pvcCount; i++ { claim := newClaim(test, ns, suffix) - claim.Spec.StorageClassName = &class.Name + claim.Spec.StorageClassName = &test.Class.Name claims = append(claims, claim) } - pvs, node := testsuites.TestBindingWaitForFirstConsumerMultiPVC(test, c, claims, class) + pvs, node := test.TestBindingWaitForFirstConsumerMultiPVC(claims, nil /* node selector */, false /* expect unschedulable */) if node == nil { framework.Failf("unexpected nil node found") } - nodeZone, ok := node.Labels[kubeletapis.LabelZoneFailureDomain] + nodeZone, ok := node.Labels[v1.LabelZoneFailureDomain] if !ok { - framework.Failf("label %s not found on Node", kubeletapis.LabelZoneFailureDomain) + framework.Failf("label %s not found on Node", v1.LabelZoneFailureDomain) } zoneFound := false for _, zone := range topoZones { @@ -423,7 +428,7 @@ func addAllowedTopologiesToStorageClass(c clientset.Interface, sc *storage.Stora term := v1.TopologySelectorTerm{ MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Values: zones, }, }, @@ -585,7 +590,7 @@ func waitForStatefulSetReplicasNotReady(statefulSetName, ns string, c clientset. // If match is true, check if zones in PV exactly match zones given. // Otherwise, check whether zones in PV is superset of zones given. func verifyZonesInPV(volume *v1.PersistentVolume, zones sets.String, match bool) error { - pvZones, err := util.LabelZonesToSet(volume.Labels[apis.LabelZoneFailureDomain]) + pvZones, err := volumehelpers.LabelZonesToSet(volume.Labels[v1.LabelZoneFailureDomain]) if err != nil { return err } diff --git a/test/e2e/storage/testpatterns/testpattern.go b/test/e2e/storage/testpatterns/testpattern.go index 26b311697f9..a9fc2df37c2 100644 --- a/test/e2e/storage/testpatterns/testpattern.go +++ b/test/e2e/storage/testpatterns/testpattern.go @@ -17,7 +17,7 @@ limitations under the License. package testpatterns import ( - v1 "k8s.io/api/core/v1" + "k8s.io/api/core/v1" "k8s.io/kubernetes/test/e2e/framework" ) @@ -45,13 +45,22 @@ var ( DynamicPV TestVolType = "DynamicPV" ) +// TestSnapshotType represents a snapshot type to be tested in a TestSuite +type TestSnapshotType string + +var ( + // DynamicCreatedSnapshot represents a snapshot type for dynamic created snapshot + DynamicCreatedSnapshot TestSnapshotType = "DynamicSnapshot" +) + // TestPattern represents a combination of parameters to be tested in a TestSuite type TestPattern struct { - Name string // Name of TestPattern - FeatureTag string // featureTag for the TestSuite - VolType TestVolType // Volume type of the volume - FsType string // Fstype of the volume - VolMode v1.PersistentVolumeMode // PersistentVolumeMode of the volume + Name string // Name of TestPattern + FeatureTag string // featureTag for the TestSuite + VolType TestVolType // Volume type of the volume + FsType string // Fstype of the volume + VolMode v1.PersistentVolumeMode // PersistentVolumeMode of the volume + SnapshotType TestSnapshotType // Snapshot type of the snapshot } var ( @@ -165,4 +174,12 @@ var ( VolType: DynamicPV, VolMode: v1.PersistentVolumeBlock, } + + // Definitions for snapshot case + + // DynamicSnapshot is TestPattern for "Dynamic snapshot" + DynamicSnapshot = TestPattern{ + Name: "Dynamic Snapshot", + SnapshotType: DynamicCreatedSnapshot, + } ) diff --git a/test/e2e/storage/testsuites/BUILD b/test/e2e/storage/testsuites/BUILD index e0b5ad79864..e6a0221a404 100644 --- a/test/e2e/storage/testsuites/BUILD +++ b/test/e2e/storage/testsuites/BUILD @@ -6,6 +6,7 @@ go_library( "base.go", "driveroperations.go", "provisioning.go", + "snapshottable.go", "subpath.go", "testdriver.go", "volume_io.go", @@ -20,13 +21,17 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/rand:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", + "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//test/e2e/framework:go_default_library", + "//test/e2e/framework/podlogs:go_default_library", "//test/e2e/storage/testpatterns:go_default_library", "//test/e2e/storage/utils:go_default_library", "//test/utils/image:go_default_library", diff --git a/test/e2e/storage/testsuites/base.go b/test/e2e/storage/testsuites/base.go index c1fba8a2453..85dd8347c6f 100644 --- a/test/e2e/storage/testsuites/base.go +++ b/test/e2e/storage/testsuites/base.go @@ -17,19 +17,24 @@ limitations under the License. package testsuites import ( + "context" "fmt" + "regexp" "time" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" + "k8s.io/api/core/v1" storagev1 "k8s.io/api/storage/v1" apierrs "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" utilerrors "k8s.io/apimachinery/pkg/util/errors" clientset "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/test/e2e/framework" + "k8s.io/kubernetes/test/e2e/framework/podlogs" "k8s.io/kubernetes/test/e2e/storage/testpatterns" ) @@ -37,10 +42,10 @@ import ( type TestSuite interface { // getTestSuiteInfo returns the TestSuiteInfo for this TestSuite getTestSuiteInfo() TestSuiteInfo - // skipUnsupportedTest skips the test if this TestSuite is not suitable to be tested with the combination of TestPattern and TestDriver - skipUnsupportedTest(testpatterns.TestPattern, TestDriver) - // execTest executes test of the testpattern for the driver - execTest(TestDriver, testpatterns.TestPattern) + // defineTest defines tests of the testpattern for the driver. + // Called inside a Ginkgo context that reflects the current driver and test pattern, + // so the test suite can define tests directly with ginkgo.It. + defineTests(TestDriver, testpatterns.TestPattern) } // TestSuiteInfo represents a set of parameters for TestSuite @@ -52,11 +57,8 @@ type TestSuiteInfo struct { // TestResource represents an interface for resources that is used by TestSuite type TestResource interface { - // setupResource sets up test resources to be used for the tests with the - // combination of TestDriver and TestPattern - setupResource(TestDriver, testpatterns.TestPattern) - // cleanupResource clean up the test resources created in SetupResource - cleanupResource(TestDriver, testpatterns.TestPattern) + // cleanupResource cleans up the test resources created when setting up the resource + cleanupResource() } func getTestNameStr(suite TestSuite, pattern testpatterns.TestPattern) string { @@ -64,58 +66,77 @@ func getTestNameStr(suite TestSuite, pattern testpatterns.TestPattern) string { return fmt.Sprintf("[Testpattern: %s]%s %s%s", pattern.Name, pattern.FeatureTag, tsInfo.name, tsInfo.featureTag) } -// RunTestSuite runs all testpatterns of all testSuites for a driver -func RunTestSuite(f *framework.Framework, driver TestDriver, tsInits []func() TestSuite, tunePatternFunc func([]testpatterns.TestPattern) []testpatterns.TestPattern) { +// DefineTestSuite defines tests for all testpatterns and all testSuites for a driver +func DefineTestSuite(driver TestDriver, tsInits []func() TestSuite) { for _, testSuiteInit := range tsInits { suite := testSuiteInit() - patterns := tunePatternFunc(suite.getTestSuiteInfo().testPatterns) - - for _, pattern := range patterns { - suite.execTest(driver, pattern) + for _, pattern := range suite.getTestSuiteInfo().testPatterns { + p := pattern + Context(getTestNameStr(suite, p), func() { + BeforeEach(func() { + // Skip unsupported tests to avoid unnecessary resource initialization + skipUnsupportedTest(driver, p) + }) + suite.defineTests(driver, p) + }) } } } -// skipUnsupportedTest will skip tests if the combination of driver, testsuite, and testpattern +// skipUnsupportedTest will skip tests if the combination of driver, and testpattern // is not suitable to be tested. // Whether it needs to be skipped is checked by following steps: -// 1. Check if Whether volType is supported by driver from its interface -// 2. Check if fsType is supported -// 3. Check with driver specific logic -// 4. Check with testSuite specific logic -func skipUnsupportedTest(suite TestSuite, driver TestDriver, pattern testpatterns.TestPattern) { +// 1. Check if Whether SnapshotType is supported by driver from its interface +// 2. Check if Whether volType is supported by driver from its interface +// 3. Check if fsType is supported +// 4. Check with driver specific logic +// +// Test suites can also skip tests inside their own defineTests function or in +// individual tests. +func skipUnsupportedTest(driver TestDriver, pattern testpatterns.TestPattern) { dInfo := driver.GetDriverInfo() - - // 1. Check if Whether volType is supported by driver from its interface var isSupported bool - switch pattern.VolType { - case testpatterns.InlineVolume: - _, isSupported = driver.(InlineVolumeTestDriver) - case testpatterns.PreprovisionedPV: - _, isSupported = driver.(PreprovisionedPVTestDriver) - case testpatterns.DynamicPV: - _, isSupported = driver.(DynamicPVTestDriver) - default: - isSupported = false + + // 1. Check if Whether SnapshotType is supported by driver from its interface + // if isSupported, we still execute the driver and suite tests + if len(pattern.SnapshotType) > 0 { + switch pattern.SnapshotType { + case testpatterns.DynamicCreatedSnapshot: + _, isSupported = driver.(SnapshottableTestDriver) + default: + isSupported = false + } + if !isSupported { + framework.Skipf("Driver %s doesn't support snapshot type %v -- skipping", dInfo.Name, pattern.SnapshotType) + } + } else { + // 2. Check if Whether volType is supported by driver from its interface + switch pattern.VolType { + case testpatterns.InlineVolume: + _, isSupported = driver.(InlineVolumeTestDriver) + case testpatterns.PreprovisionedPV: + _, isSupported = driver.(PreprovisionedPVTestDriver) + case testpatterns.DynamicPV: + _, isSupported = driver.(DynamicPVTestDriver) + default: + isSupported = false + } + + if !isSupported { + framework.Skipf("Driver %s doesn't support %v -- skipping", dInfo.Name, pattern.VolType) + } + + // 3. Check if fsType is supported + if !dInfo.SupportedFsType.Has(pattern.FsType) { + framework.Skipf("Driver %s doesn't support %v -- skipping", dInfo.Name, pattern.FsType) + } + if pattern.FsType == "xfs" && framework.NodeOSDistroIs("gci") { + framework.Skipf("Distro doesn't support xfs -- skipping") + } } - if !isSupported { - framework.Skipf("Driver %s doesn't support %v -- skipping", dInfo.Name, pattern.VolType) - } - - // 2. Check if fsType is supported - if !dInfo.SupportedFsType.Has(pattern.FsType) { - framework.Skipf("Driver %s doesn't support %v -- skipping", dInfo.Name, pattern.FsType) - } - if pattern.FsType == "xfs" && framework.NodeOSDistroIs("gci") { - framework.Skipf("Distro doesn't support xfs -- skipping") - } - - // 3. Check with driver specific logic + // 4. Check with driver specific logic driver.SkipUnsupportedTest(pattern) - - // 4. Check with testSuite specific logic - suite.skipUnsupportedTest(pattern, driver) } // genericVolumeTestResource is a generic implementation of TestResource that wil be able to @@ -124,42 +145,47 @@ func skipUnsupportedTest(suite TestSuite, driver TestDriver, pattern testpattern // Also, see subpath.go in the same directory for how to extend and use it. type genericVolumeTestResource struct { driver TestDriver + config *PerTestConfig + pattern testpatterns.TestPattern volType string volSource *v1.VolumeSource pvc *v1.PersistentVolumeClaim pv *v1.PersistentVolume sc *storagev1.StorageClass - driverTestResource interface{} + volume TestVolume } var _ TestResource = &genericVolumeTestResource{} -// setupResource sets up genericVolumeTestResource -func (r *genericVolumeTestResource) setupResource(driver TestDriver, pattern testpatterns.TestPattern) { - r.driver = driver +func createGenericVolumeTestResource(driver TestDriver, config *PerTestConfig, pattern testpatterns.TestPattern) *genericVolumeTestResource { + r := genericVolumeTestResource{ + driver: driver, + config: config, + pattern: pattern, + } dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework + f := config.Framework cs := f.ClientSet fsType := pattern.FsType volType := pattern.VolType // Create volume for pre-provisioned volume tests - r.driverTestResource = CreateVolume(driver, volType) + r.volume = CreateVolume(driver, config, volType) switch volType { case testpatterns.InlineVolume: framework.Logf("Creating resource for inline volume") if iDriver, ok := driver.(InlineVolumeTestDriver); ok { - r.volSource = iDriver.GetVolumeSource(false, fsType, r.driverTestResource) + r.volSource = iDriver.GetVolumeSource(false, fsType, r.volume) r.volType = dInfo.Name } case testpatterns.PreprovisionedPV: framework.Logf("Creating resource for pre-provisioned PV") if pDriver, ok := driver.(PreprovisionedPVTestDriver); ok { - pvSource := pDriver.GetPersistentVolumeSource(false, fsType, r.driverTestResource) + pvSource, volumeNodeAffinity := pDriver.GetPersistentVolumeSource(false, fsType, r.volume) if pvSource != nil { - r.volSource, r.pv, r.pvc = createVolumeSourceWithPVCPV(f, dInfo.Name, pvSource, false) + r.volSource, r.pv, r.pvc = createVolumeSourceWithPVCPV(f, dInfo.Name, pvSource, volumeNodeAffinity, false) } r.volType = fmt.Sprintf("%s-preprovisionedPV", dInfo.Name) } @@ -167,7 +193,7 @@ func (r *genericVolumeTestResource) setupResource(driver TestDriver, pattern tes framework.Logf("Creating resource for dynamic PV") if dDriver, ok := driver.(DynamicPVTestDriver); ok { claimSize := dDriver.GetClaimSize() - r.sc = dDriver.GetDynamicProvisionStorageClass(fsType) + r.sc = dDriver.GetDynamicProvisionStorageClass(r.config, fsType) By("creating a StorageClass " + r.sc.Name) var err error @@ -187,13 +213,14 @@ func (r *genericVolumeTestResource) setupResource(driver TestDriver, pattern tes if r.volSource == nil { framework.Skipf("Driver %s doesn't support %v -- skipping", dInfo.Name, volType) } + + return &r } // cleanupResource cleans up genericVolumeTestResource -func (r *genericVolumeTestResource) cleanupResource(driver TestDriver, pattern testpatterns.TestPattern) { - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework - volType := pattern.VolType +func (r *genericVolumeTestResource) cleanupResource() { + f := r.config.Framework + volType := r.pattern.VolType if r.pvc != nil || r.pv != nil { switch volType { @@ -224,19 +251,23 @@ func (r *genericVolumeTestResource) cleanupResource(driver TestDriver, pattern t } // Cleanup volume for pre-provisioned volume tests - DeleteVolume(driver, volType, r.driverTestResource) + if r.volume != nil { + r.volume.DeleteVolume() + } } func createVolumeSourceWithPVCPV( f *framework.Framework, name string, pvSource *v1.PersistentVolumeSource, + volumeNodeAffinity *v1.VolumeNodeAffinity, readOnly bool, ) (*v1.VolumeSource, *v1.PersistentVolume, *v1.PersistentVolumeClaim) { pvConfig := framework.PersistentVolumeConfig{ NamePrefix: fmt.Sprintf("%s-", name), StorageClassName: f.Namespace.Name, PVSource: *pvSource, + NodeAffinity: volumeNodeAffinity, } pvcConfig := framework.PersistentVolumeClaimConfig{ StorageClassName: &f.Namespace.Name, @@ -335,7 +366,7 @@ func deleteStorageClass(cs clientset.Interface, className string) { // the testsuites package whereas framework.VolumeTestConfig is merely // an implementation detail. It contains fields that have no effect, // which makes it unsuitable for use in the testsuits public API. -func convertTestConfig(in *TestConfig) framework.VolumeTestConfig { +func convertTestConfig(in *PerTestConfig) framework.VolumeTestConfig { if in.ServerConfig != nil { return *in.ServerConfig } @@ -347,3 +378,64 @@ func convertTestConfig(in *TestConfig) framework.VolumeTestConfig { NodeSelector: in.ClientNodeSelector, } } + +func getSnapshot(claimName string, ns, snapshotClassName string) *unstructured.Unstructured { + snapshot := &unstructured.Unstructured{ + Object: map[string]interface{}{ + "kind": "VolumeSnapshot", + "apiVersion": snapshotAPIVersion, + "metadata": map[string]interface{}{ + "generateName": "snapshot-", + "namespace": ns, + }, + "spec": map[string]interface{}{ + "snapshotClassName": snapshotClassName, + "source": map[string]interface{}{ + "name": claimName, + "kind": "PersistentVolumeClaim", + }, + }, + }, + } + + return snapshot +} + +// StartPodLogs begins capturing log output and events from current +// and future pods running in the namespace of the framework. That +// ends when the returned cleanup function is called. +// +// The output goes to log files (when using --report-dir, as in the +// CI) or the output stream (otherwise). +func StartPodLogs(f *framework.Framework) func() { + ctx, cancel := context.WithCancel(context.Background()) + cs := f.ClientSet + ns := f.Namespace + + to := podlogs.LogOutput{ + StatusWriter: GinkgoWriter, + } + if framework.TestContext.ReportDir == "" { + to.LogWriter = GinkgoWriter + } else { + test := CurrentGinkgoTestDescription() + reg := regexp.MustCompile("[^a-zA-Z0-9_-]+") + // We end the prefix with a slash to ensure that all logs + // end up in a directory named after the current test. + // + // TODO: use a deeper directory hierarchy once gubernator + // supports that (https://github.com/kubernetes/test-infra/issues/10289). + to.LogPathPrefix = framework.TestContext.ReportDir + "/" + + reg.ReplaceAllString(test.FullTestText, "_") + "/" + } + podlogs.CopyAllLogs(ctx, cs, ns.Name, to) + + // pod events are something that the framework already collects itself + // after a failed test. Logging them live is only useful for interactive + // debugging, not when we collect reports. + if framework.TestContext.ReportDir == "" { + podlogs.WatchPods(ctx, cs, ns.Name, GinkgoWriter) + } + + return cancel +} diff --git a/test/e2e/storage/testsuites/driveroperations.go b/test/e2e/storage/testsuites/driveroperations.go index 1e233b48387..d17b3619bfc 100644 --- a/test/e2e/storage/testsuites/driveroperations.go +++ b/test/e2e/storage/testsuites/driveroperations.go @@ -21,6 +21,7 @@ import ( storagev1 "k8s.io/api/storage/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/testpatterns" ) @@ -36,13 +37,13 @@ func GetDriverNameWithFeatureTags(driver TestDriver) string { } // CreateVolume creates volume for test unless dynamicPV test -func CreateVolume(driver TestDriver, volType testpatterns.TestVolType) interface{} { +func CreateVolume(driver TestDriver, config *PerTestConfig, volType testpatterns.TestVolType) TestVolume { switch volType { case testpatterns.InlineVolume: fallthrough case testpatterns.PreprovisionedPV: if pDriver, ok := driver.(PreprovisionedVolumeTestDriver); ok { - return pDriver.CreateVolume(volType) + return pDriver.CreateVolume(config, volType) } case testpatterns.DynamicPV: // No need to create volume @@ -52,22 +53,6 @@ func CreateVolume(driver TestDriver, volType testpatterns.TestVolType) interface return nil } -// DeleteVolume deletes volume for test unless dynamicPV test -func DeleteVolume(driver TestDriver, volType testpatterns.TestVolType, testResource interface{}) { - switch volType { - case testpatterns.InlineVolume: - fallthrough - case testpatterns.PreprovisionedPV: - if pDriver, ok := driver.(PreprovisionedVolumeTestDriver); ok { - pDriver.DeleteVolume(volType, testResource) - } - case testpatterns.DynamicPV: - // No need to delete volume - default: - framework.Failf("Invalid volType specified: %v", volType) - } -} - // GetStorageClass constructs a new StorageClass instance // with a unique name that is based on namespace + suffix. func GetStorageClass( @@ -95,7 +80,26 @@ func GetStorageClass( } } -// GetUniqueDriverName returns unique driver name that can be used parallelly in tests -func GetUniqueDriverName(driver TestDriver) string { - return fmt.Sprintf("%s-%s", driver.GetDriverInfo().Name, driver.GetDriverInfo().Config.Framework.UniqueName) +// GetSnapshotClass constructs a new SnapshotClass instance +// with a unique name that is based on namespace + suffix. +func GetSnapshotClass( + snapshotter string, + parameters map[string]string, + ns string, + suffix string, +) *unstructured.Unstructured { + snapshotClass := &unstructured.Unstructured{ + Object: map[string]interface{}{ + "kind": "VolumeSnapshotClass", + "apiVersion": snapshotAPIVersion, + "metadata": map[string]interface{}{ + // Name must be unique, so let's base it on namespace name + "name": ns + "-" + suffix, + }, + "snapshotter": snapshotter, + "parameters": parameters, + }, + } + + return snapshotClass } diff --git a/test/e2e/storage/testsuites/provisioning.go b/test/e2e/storage/testsuites/provisioning.go index 442a719f226..9bca03aa78d 100644 --- a/test/e2e/storage/testsuites/provisioning.go +++ b/test/e2e/storage/testsuites/provisioning.go @@ -18,40 +18,43 @@ package testsuites import ( "fmt" + "sync" "time" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - apierrs "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/api/resource" - "k8s.io/api/core/v1" storage "k8s.io/api/storage/v1" + apierrs "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/dynamic" clientset "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/testpatterns" imageutils "k8s.io/kubernetes/test/utils/image" ) -// StorageClassTest represents parameters to be used by provisioning tests +// StorageClassTest represents parameters to be used by provisioning tests. +// Not all parameters are used by all tests. type StorageClassTest struct { - Name string - CloudProviders []string - Provisioner string - StorageClassName string - Parameters map[string]string - DelayBinding bool - ClaimSize string - ExpectedSize string - PvCheck func(volume *v1.PersistentVolume) error - NodeName string - SkipWriteReadCheck bool - VolumeMode *v1.PersistentVolumeMode - NodeSelector map[string]string // NodeSelector for the pod - ExpectUnschedulable bool // Whether the test pod is expected to be unschedulable + Client clientset.Interface + Claim *v1.PersistentVolumeClaim + Class *storage.StorageClass + Name string + CloudProviders []string + Provisioner string + StorageClassName string + Parameters map[string]string + DelayBinding bool + ClaimSize string + ExpectedSize string + PvCheck func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) + VolumeMode *v1.PersistentVolumeMode + AllowVolumeExpansion bool } type provisioningTestSuite struct { @@ -76,136 +79,219 @@ func (p *provisioningTestSuite) getTestSuiteInfo() TestSuiteInfo { return p.tsInfo } -func (p *provisioningTestSuite) skipUnsupportedTest(pattern testpatterns.TestPattern, driver TestDriver) { -} +func (p *provisioningTestSuite) defineTests(driver TestDriver, pattern testpatterns.TestPattern) { + type local struct { + config *PerTestConfig + testCleanup func() -func createProvisioningTestInput(driver TestDriver, pattern testpatterns.TestPattern) (provisioningTestResource, provisioningTestInput) { - // Setup test resource for driver and testpattern - resource := provisioningTestResource{} - resource.setupResource(driver, pattern) - - input := provisioningTestInput{ - testCase: StorageClassTest{ - ClaimSize: resource.claimSize, - ExpectedSize: resource.claimSize, - }, - cs: driver.GetDriverInfo().Config.Framework.ClientSet, - pvc: resource.pvc, - sc: resource.sc, - dInfo: driver.GetDriverInfo(), + testCase *StorageClassTest + cs clientset.Interface + pvc *v1.PersistentVolumeClaim + sc *storage.StorageClass } + var ( + dInfo = driver.GetDriverInfo() + dDriver DynamicPVTestDriver + l local + ) - if driver.GetDriverInfo().Config.ClientNodeName != "" { - input.testCase.NodeName = driver.GetDriverInfo().Config.ClientNodeName - } - - return resource, input -} - -func (p *provisioningTestSuite) execTest(driver TestDriver, pattern testpatterns.TestPattern) { - Context(getTestNameStr(p, pattern), func() { - var ( - resource provisioningTestResource - input provisioningTestInput - needsCleanup bool - ) - - BeforeEach(func() { - needsCleanup = false - // Skip unsupported tests to avoid unnecessary resource initialization - skipUnsupportedTest(p, driver, pattern) - needsCleanup = true - - // Create test input - resource, input = createProvisioningTestInput(driver, pattern) - }) - - AfterEach(func() { - if needsCleanup { - resource.cleanupResource(driver, pattern) - } - }) - - // Ginkgo's "Global Shared Behaviors" require arguments for a shared function - // to be a single struct and to be passed as a pointer. - // Please see https://onsi.github.io/ginkgo/#global-shared-behaviors for details. - testProvisioning(&input) - }) -} - -type provisioningTestResource struct { - driver TestDriver - - claimSize string - sc *storage.StorageClass - pvc *v1.PersistentVolumeClaim -} - -var _ TestResource = &provisioningTestResource{} - -func (p *provisioningTestResource) setupResource(driver TestDriver, pattern testpatterns.TestPattern) { - // Setup provisioningTest resource - switch pattern.VolType { - case testpatterns.DynamicPV: - if dDriver, ok := driver.(DynamicPVTestDriver); ok { - p.sc = dDriver.GetDynamicProvisionStorageClass("") - if p.sc == nil { - framework.Skipf("Driver %q does not define Dynamic Provision StorageClass - skipping", driver.GetDriverInfo().Name) - } - p.driver = driver - p.claimSize = dDriver.GetClaimSize() - p.pvc = getClaim(p.claimSize, driver.GetDriverInfo().Config.Framework.Namespace.Name) - p.pvc.Spec.StorageClassName = &p.sc.Name - framework.Logf("In creating storage class object and pvc object for driver - sc: %v, pvc: %v", p.sc, p.pvc) + BeforeEach(func() { + // Check preconditions. + if pattern.VolType != testpatterns.DynamicPV { + framework.Skipf("Suite %q does not support %v", p.tsInfo.name, pattern.VolType) + } + ok := false + dDriver, ok = driver.(DynamicPVTestDriver) + if !ok { + framework.Skipf("Driver %s doesn't support %v -- skipping", dInfo.Name, pattern.VolType) + } + }) + + // This intentionally comes after checking the preconditions because it + // registers its own BeforeEach which creates the namespace. Beware that it + // also registers an AfterEach which renders f unusable. Any code using + // f must run inside an It or Context callback. + f := framework.NewDefaultFramework("provisioning") + + init := func() { + l = local{} + + // Now do the more expensive test initialization. + l.config, l.testCleanup = driver.PrepareTest(f) + l.cs = l.config.Framework.ClientSet + claimSize := dDriver.GetClaimSize() + l.sc = dDriver.GetDynamicProvisionStorageClass(l.config, "") + if l.sc == nil { + framework.Skipf("Driver %q does not define Dynamic Provision StorageClass - skipping", dInfo.Name) + } + l.pvc = getClaim(claimSize, l.config.Framework.Namespace.Name) + l.pvc.Spec.StorageClassName = &l.sc.Name + framework.Logf("In creating storage class object and pvc object for driver - sc: %v, pvc: %v", l.sc, l.pvc) + l.testCase = &StorageClassTest{ + Client: l.config.Framework.ClientSet, + Claim: l.pvc, + Class: l.sc, + ClaimSize: claimSize, + ExpectedSize: claimSize, } - default: - framework.Failf("Dynamic Provision test doesn't support: %s", pattern.VolType) } -} -func (p *provisioningTestResource) cleanupResource(driver TestDriver, pattern testpatterns.TestPattern) { -} + cleanup := func() { + if l.testCleanup != nil { + l.testCleanup() + l.testCleanup = nil + } + } -type provisioningTestInput struct { - testCase StorageClassTest - cs clientset.Interface - pvc *v1.PersistentVolumeClaim - sc *storage.StorageClass - dInfo *DriverInfo -} - -func testProvisioning(input *provisioningTestInput) { It("should provision storage with defaults", func() { - TestDynamicProvisioning(input.testCase, input.cs, input.pvc, input.sc) + init() + defer cleanup() + + l.testCase.TestDynamicProvisioning() }) It("should provision storage with mount options", func() { - if input.dInfo.SupportedMountOption == nil { - framework.Skipf("Driver %q does not define supported mount option - skipping", input.dInfo.Name) + if dInfo.SupportedMountOption == nil { + framework.Skipf("Driver %q does not define supported mount option - skipping", dInfo.Name) } - input.sc.MountOptions = input.dInfo.SupportedMountOption.Union(input.dInfo.RequiredMountOption).List() - TestDynamicProvisioning(input.testCase, input.cs, input.pvc, input.sc) + init() + defer cleanup() + + l.testCase.Class.MountOptions = dInfo.SupportedMountOption.Union(dInfo.RequiredMountOption).List() + l.testCase.TestDynamicProvisioning() + }) + + It("should access volume from different nodes", func() { + init() + defer cleanup() + + // The assumption is that if the test hasn't been + // locked onto a single node, then the driver is + // usable on all of them *and* supports accessing a volume + // from any node. + if l.config.ClientNodeName != "" { + framework.Skipf("Driver %q only supports testing on one node - skipping", dInfo.Name) + } + + // Ensure that we actually have more than one node. + nodes := framework.GetReadySchedulableNodesOrDie(l.cs) + if len(nodes.Items) <= 1 { + framework.Skipf("need more than one node - skipping") + } + l.testCase.PvCheck = func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + PVMultiNodeCheck(l.cs, claim, volume, NodeSelection{Name: l.config.ClientNodeName}) + } + l.testCase.TestDynamicProvisioning() }) It("should create and delete block persistent volumes", func() { - if !input.dInfo.Capabilities[CapBlock] { - framework.Skipf("Driver %q does not support BlockVolume - skipping", input.dInfo.Name) + if !dInfo.Capabilities[CapBlock] { + framework.Skipf("Driver %q does not support BlockVolume - skipping", dInfo.Name) } + + init() + defer cleanup() + block := v1.PersistentVolumeBlock - input.testCase.VolumeMode = &block - input.testCase.SkipWriteReadCheck = true - input.pvc.Spec.VolumeMode = &block - TestDynamicProvisioning(input.testCase, input.cs, input.pvc, input.sc) + l.testCase.VolumeMode = &block + l.pvc.Spec.VolumeMode = &block + l.testCase.TestDynamicProvisioning() + }) + + It("should provision storage with snapshot data source [Feature:VolumeSnapshotDataSource]", func() { + if !dInfo.Capabilities[CapDataSource] { + framework.Skipf("Driver %q does not support populate data from snapshot - skipping", dInfo.Name) + } + + sDriver, ok := driver.(SnapshottableTestDriver) + if !ok { + framework.Failf("Driver %q has CapDataSource but does not implement SnapshottableTestDriver", dInfo.Name) + } + + init() + defer cleanup() + + dc := l.config.Framework.DynamicClient + vsc := sDriver.GetSnapshotClass(l.config) + dataSource, cleanupFunc := prepareDataSourceForProvisioning(NodeSelection{Name: l.config.ClientNodeName}, l.cs, dc, l.pvc, l.sc, vsc) + defer cleanupFunc() + + l.pvc.Spec.DataSource = dataSource + l.testCase.PvCheck = func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + By("checking whether the created volume has the pre-populated data") + command := fmt.Sprintf("grep '%s' /mnt/test/initialData", claim.Namespace) + RunInPodWithVolume(l.cs, claim.Namespace, claim.Name, "pvc-snapshot-tester", command, NodeSelection{Name: l.config.ClientNodeName}) + } + l.testCase.TestDynamicProvisioning() + }) + + It("should allow concurrent writes on the same node", func() { + if !dInfo.Capabilities[CapMultiPODs] { + framework.Skipf("Driver %q does not support multiple concurrent pods - skipping", dInfo.Name) + } + + init() + defer cleanup() + + l.testCase.PvCheck = func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + // We start two pods concurrently on the same node, + // using the same PVC. Both wait for other to create a + // file before returning. The pods are forced onto the + // same node via pod affinity. + wg := sync.WaitGroup{} + wg.Add(2) + firstPodName := "pvc-tester-first" + secondPodName := "pvc-tester-second" + run := func(podName, command string) { + defer GinkgoRecover() + defer wg.Done() + node := NodeSelection{ + Name: l.config.ClientNodeName, + } + if podName == secondPodName { + node.Affinity = &v1.Affinity{ + PodAffinity: &v1.PodAffinity{ + RequiredDuringSchedulingIgnoredDuringExecution: []v1.PodAffinityTerm{ + {LabelSelector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + // Set by RunInPodWithVolume. + "app": firstPodName, + }, + }, + TopologyKey: "kubernetes.io/hostname", + }, + }, + }, + } + } + RunInPodWithVolume(l.cs, claim.Namespace, claim.Name, podName, command, node) + } + go run(firstPodName, "touch /mnt/test/first && while ! [ -f /mnt/test/second ]; do sleep 1; done") + go run(secondPodName, "touch /mnt/test/second && while ! [ -f /mnt/test/first ]; do sleep 1; done") + wg.Wait() + } + l.testCase.TestDynamicProvisioning() }) } -// TestDynamicProvisioning tests dynamic provisioning with specified StorageClassTest and storageClass -func TestDynamicProvisioning(t StorageClassTest, client clientset.Interface, claim *v1.PersistentVolumeClaim, class *storage.StorageClass) *v1.PersistentVolume { +// TestDynamicProvisioning tests dynamic provisioning with specified StorageClassTest +func (t StorageClassTest) TestDynamicProvisioning() *v1.PersistentVolume { + client := t.Client + Expect(client).NotTo(BeNil(), "StorageClassTest.Client is required") + claim := t.Claim + Expect(claim).NotTo(BeNil(), "StorageClassTest.Claim is required") + class := t.Class + var err error if class != nil { + Expect(*claim.Spec.StorageClassName).To(Equal(class.Name)) By("creating a StorageClass " + class.Name) - class, err = client.StorageV1().StorageClasses().Create(class) + _, err = client.StorageV1().StorageClasses().Create(class) + // The "should provision storage with snapshot data source" test already has created the class. + // TODO: make class creation optional and remove the IsAlreadyExists exception + Expect(err == nil || apierrs.IsAlreadyExists(err)).To(Equal(true)) + class, err = client.StorageV1().StorageClasses().Get(class.Name, metav1.GetOptions{}) Expect(err).NotTo(HaveOccurred()) defer func() { framework.Logf("deleting storage class %s", class.Name) @@ -264,30 +350,9 @@ func TestDynamicProvisioning(t StorageClassTest, client clientset.Interface, cla // Run the checker if t.PvCheck != nil { - err = t.PvCheck(pv) - Expect(err).NotTo(HaveOccurred()) + t.PvCheck(claim, pv) } - if !t.SkipWriteReadCheck { - // We start two pods: - // - The first writes 'hello word' to the /mnt/test (= the volume). - // - The second one runs grep 'hello world' on /mnt/test. - // If both succeed, Kubernetes actually allocated something that is - // persistent across pods. - By("checking the created volume is writable and has the PV's mount options") - command := "echo 'hello world' > /mnt/test/data" - // We give the first pod the secondary responsibility of checking the volume has - // been mounted with the PV's mount options, if the PV was provisioned with any - for _, option := range pv.Spec.MountOptions { - // Get entry, get mount options at 6th word, replace brackets with commas - command += fmt.Sprintf(" && ( mount | grep 'on /mnt/test' | awk '{print $6}' | sed 's/^(/,/; s/)$/,/' | grep -q ,%s, )", option) - } - command += " || (mount | grep 'on /mnt/test'; false)" - runInPodWithVolume(client, claim.Namespace, claim.Name, t.NodeName, command, t.NodeSelector, t.ExpectUnschedulable) - - By("checking the created volume is readable and retains data") - runInPodWithVolume(client, claim.Namespace, claim.Name, t.NodeName, "grep 'hello world' /mnt/test/data", t.NodeSelector, t.ExpectUnschedulable) - } By(fmt.Sprintf("deleting claim %q/%q", claim.Namespace, claim.Name)) framework.ExpectNoError(client.CoreV1().PersistentVolumeClaims(claim.Namespace).Delete(claim.Name, nil)) @@ -306,29 +371,139 @@ func TestDynamicProvisioning(t StorageClassTest, client clientset.Interface, cla return pv } -func TestBindingWaitForFirstConsumer(t StorageClassTest, client clientset.Interface, claim *v1.PersistentVolumeClaim, class *storage.StorageClass) (*v1.PersistentVolume, *v1.Node) { - pvs, node := TestBindingWaitForFirstConsumerMultiPVC(t, client, []*v1.PersistentVolumeClaim{claim}, class) +// PVWriteReadSingleNodeCheck checks that a PV retains data on a single node. +// +// It starts two pods: +// - The first pod writes 'hello word' to the /mnt/test (= the volume) on one node. +// - The second pod runs grep 'hello world' on /mnt/test on the same node. +// +// The node is selected by Kubernetes when scheduling the first +// pod. It's then selected via its name for the second pod. +// +// If both succeed, Kubernetes actually allocated something that is +// persistent across pods. +// +// This is a common test that can be called from a StorageClassTest.PvCheck. +func PVWriteReadSingleNodeCheck(client clientset.Interface, claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume, node NodeSelection) { + By(fmt.Sprintf("checking the created volume is writable and has the PV's mount options on node %+v", node)) + command := "echo 'hello world' > /mnt/test/data" + // We give the first pod the secondary responsibility of checking the volume has + // been mounted with the PV's mount options, if the PV was provisioned with any + for _, option := range volume.Spec.MountOptions { + // Get entry, get mount options at 6th word, replace brackets with commas + command += fmt.Sprintf(" && ( mount | grep 'on /mnt/test' | awk '{print $6}' | sed 's/^(/,/; s/)$/,/' | grep -q ,%s, )", option) + } + command += " || (mount | grep 'on /mnt/test'; false)" + pod := StartInPodWithVolume(client, claim.Namespace, claim.Name, "pvc-volume-tester-writer", command, node) + defer func() { + // pod might be nil now. + StopPod(client, pod) + }() + framework.ExpectNoError(framework.WaitForPodSuccessInNamespaceSlow(client, pod.Name, pod.Namespace)) + runningPod, err := client.CoreV1().Pods(pod.Namespace).Get(pod.Name, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred(), "get pod") + actualNodeName := runningPod.Spec.NodeName + StopPod(client, pod) + pod = nil // Don't stop twice. + + By(fmt.Sprintf("checking the created volume is readable and retains data on the same node %q", actualNodeName)) + command = "grep 'hello world' /mnt/test/data" + RunInPodWithVolume(client, claim.Namespace, claim.Name, "pvc-volume-tester-reader", command, NodeSelection{Name: actualNodeName}) +} + +// PVMultiNodeCheck checks that a PV retains data when moved between nodes. +// +// It starts these pods: +// - The first pod writes 'hello word' to the /mnt/test (= the volume) on one node. +// - The second pod runs grep 'hello world' on /mnt/test on another node. +// +// The first node is selected by Kubernetes when scheduling the first pod. The second pod uses the same criteria, except that a special anti-affinity +// for the first node gets added. This test can only pass if the cluster has more than one +// suitable node. The caller has to ensure that. +// +// If all succeeds, Kubernetes actually allocated something that is +// persistent across pods and across nodes. +// +// This is a common test that can be called from a StorageClassTest.PvCheck. +func PVMultiNodeCheck(client clientset.Interface, claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume, node NodeSelection) { + Expect(node.Name).To(Equal(""), "this test only works when not locked onto a single node") + + var pod *v1.Pod + defer func() { + // passing pod = nil is okay. + StopPod(client, pod) + }() + + By(fmt.Sprintf("checking the created volume is writable and has the PV's mount options on node %+v", node)) + command := "echo 'hello world' > /mnt/test/data" + pod = StartInPodWithVolume(client, claim.Namespace, claim.Name, "pvc-writer-node1", command, node) + framework.ExpectNoError(framework.WaitForPodSuccessInNamespaceSlow(client, pod.Name, pod.Namespace)) + runningPod, err := client.CoreV1().Pods(pod.Namespace).Get(pod.Name, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred(), "get pod") + actualNodeName := runningPod.Spec.NodeName + StopPod(client, pod) + pod = nil // Don't stop twice. + + // Add node-anti-affinity. + secondNode := node + if secondNode.Affinity == nil { + secondNode.Affinity = &v1.Affinity{} + } + if secondNode.Affinity.NodeAffinity == nil { + secondNode.Affinity.NodeAffinity = &v1.NodeAffinity{} + } + if secondNode.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution == nil { + secondNode.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution = &v1.NodeSelector{} + } + secondNode.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms = append(secondNode.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms, + v1.NodeSelectorTerm{ + // https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity warns + // that "the value of kubernetes.io/hostname may be the same as the Node name in some environments and a different value in other environments". + // So this might be cleaner: + // MatchFields: []v1.NodeSelectorRequirement{ + // {Key: "name", Operator: v1.NodeSelectorOpNotIn, Values: []string{actualNodeName}}, + // }, + // However, "name", "Name", "ObjectMeta.Name" all got rejected with "not a valid field selector key". + + MatchExpressions: []v1.NodeSelectorRequirement{ + {Key: "kubernetes.io/hostname", Operator: v1.NodeSelectorOpNotIn, Values: []string{actualNodeName}}, + }, + }) + + By(fmt.Sprintf("checking the created volume is readable and retains data on another node %+v", secondNode)) + command = "grep 'hello world' /mnt/test/data" + pod = StartInPodWithVolume(client, claim.Namespace, claim.Name, "pvc-reader-node2", command, secondNode) + framework.ExpectNoError(framework.WaitForPodSuccessInNamespaceSlow(client, pod.Name, pod.Namespace)) + runningPod, err = client.CoreV1().Pods(pod.Namespace).Get(pod.Name, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred(), "get pod") + Expect(runningPod.Spec.NodeName).NotTo(Equal(actualNodeName), "second pod should have run on a different node") + StopPod(client, pod) + pod = nil +} + +func (t StorageClassTest) TestBindingWaitForFirstConsumer(nodeSelector map[string]string, expectUnschedulable bool) (*v1.PersistentVolume, *v1.Node) { + pvs, node := t.TestBindingWaitForFirstConsumerMultiPVC([]*v1.PersistentVolumeClaim{t.Claim}, nodeSelector, expectUnschedulable) if pvs == nil { return nil, node } return pvs[0], node } -func TestBindingWaitForFirstConsumerMultiPVC(t StorageClassTest, client clientset.Interface, claims []*v1.PersistentVolumeClaim, class *storage.StorageClass) ([]*v1.PersistentVolume, *v1.Node) { +func (t StorageClassTest) TestBindingWaitForFirstConsumerMultiPVC(claims []*v1.PersistentVolumeClaim, nodeSelector map[string]string, expectUnschedulable bool) ([]*v1.PersistentVolume, *v1.Node) { var err error Expect(len(claims)).ToNot(Equal(0)) namespace := claims[0].Namespace - By("creating a storage class " + class.Name) - class, err = client.StorageV1().StorageClasses().Create(class) + By("creating a storage class " + t.Class.Name) + class, err := t.Client.StorageV1().StorageClasses().Create(t.Class) Expect(err).NotTo(HaveOccurred()) - defer deleteStorageClass(client, class.Name) + defer deleteStorageClass(t.Client, class.Name) By("creating claims") var claimNames []string var createdClaims []*v1.PersistentVolumeClaim for _, claim := range claims { - c, err := client.CoreV1().PersistentVolumeClaims(claim.Namespace).Create(claim) + c, err := t.Client.CoreV1().PersistentVolumeClaims(claim.Namespace).Create(claim) claimNames = append(claimNames, c.Name) createdClaims = append(createdClaims, c) Expect(err).NotTo(HaveOccurred()) @@ -336,7 +511,7 @@ func TestBindingWaitForFirstConsumerMultiPVC(t StorageClassTest, client clientse defer func() { var errors map[string]error for _, claim := range createdClaims { - err := framework.DeletePersistentVolumeClaim(client, claim.Name, claim.Namespace) + err := framework.DeletePersistentVolumeClaim(t.Client, claim.Name, claim.Namespace) if err != nil { errors[claim.Name] = err } @@ -350,44 +525,44 @@ func TestBindingWaitForFirstConsumerMultiPVC(t StorageClassTest, client clientse // Wait for ClaimProvisionTimeout (across all PVCs in parallel) and make sure the phase did not become Bound i.e. the Wait errors out By("checking the claims are in pending state") - err = framework.WaitForPersistentVolumeClaimsPhase(v1.ClaimBound, client, namespace, claimNames, 2*time.Second /* Poll */, framework.ClaimProvisionShortTimeout, true) + err = framework.WaitForPersistentVolumeClaimsPhase(v1.ClaimBound, t.Client, namespace, claimNames, 2*time.Second /* Poll */, framework.ClaimProvisionShortTimeout, true) Expect(err).To(HaveOccurred()) - verifyPVCsPending(client, createdClaims) + verifyPVCsPending(t.Client, createdClaims) By("creating a pod referring to the claims") // Create a pod referring to the claim and wait for it to get to running var pod *v1.Pod - if t.ExpectUnschedulable { - pod, err = framework.CreateUnschedulablePod(client, namespace, t.NodeSelector, createdClaims, true /* isPrivileged */, "" /* command */) + if expectUnschedulable { + pod, err = framework.CreateUnschedulablePod(t.Client, namespace, nodeSelector, createdClaims, true /* isPrivileged */, "" /* command */) } else { - pod, err = framework.CreatePod(client, namespace, nil /* nodeSelector */, createdClaims, true /* isPrivileged */, "" /* command */) + pod, err = framework.CreatePod(t.Client, namespace, nil /* nodeSelector */, createdClaims, true /* isPrivileged */, "" /* command */) } Expect(err).NotTo(HaveOccurred()) defer func() { - framework.DeletePodOrFail(client, pod.Namespace, pod.Name) - framework.WaitForPodToDisappear(client, pod.Namespace, pod.Name, labels.Everything(), framework.Poll, framework.PodDeleteTimeout) + framework.DeletePodOrFail(t.Client, pod.Namespace, pod.Name) + framework.WaitForPodToDisappear(t.Client, pod.Namespace, pod.Name, labels.Everything(), framework.Poll, framework.PodDeleteTimeout) }() - if t.ExpectUnschedulable { + if expectUnschedulable { // Verify that no claims are provisioned. - verifyPVCsPending(client, createdClaims) + verifyPVCsPending(t.Client, createdClaims) return nil, nil } // collect node details - node, err := client.CoreV1().Nodes().Get(pod.Spec.NodeName, metav1.GetOptions{}) + node, err := t.Client.CoreV1().Nodes().Get(pod.Spec.NodeName, metav1.GetOptions{}) Expect(err).NotTo(HaveOccurred()) By("re-checking the claims to see they binded") var pvs []*v1.PersistentVolume for _, claim := range createdClaims { // Get new copy of the claim - claim, err = client.CoreV1().PersistentVolumeClaims(claim.Namespace).Get(claim.Name, metav1.GetOptions{}) + claim, err = t.Client.CoreV1().PersistentVolumeClaims(claim.Namespace).Get(claim.Name, metav1.GetOptions{}) Expect(err).NotTo(HaveOccurred()) // make sure claim did bind - err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, client, claim.Namespace, claim.Name, framework.Poll, framework.ClaimProvisionTimeout) + err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, t.Client, claim.Namespace, claim.Name, framework.Poll, framework.ClaimProvisionTimeout) Expect(err).NotTo(HaveOccurred()) - pv, err := client.CoreV1().PersistentVolumes().Get(claim.Spec.VolumeName, metav1.GetOptions{}) + pv, err := t.Client.CoreV1().PersistentVolumes().Get(claim.Spec.VolumeName, metav1.GetOptions{}) Expect(err).NotTo(HaveOccurred()) pvs = append(pvs, pv) } @@ -395,17 +570,40 @@ func TestBindingWaitForFirstConsumerMultiPVC(t StorageClassTest, client clientse return pvs, node } -// runInPodWithVolume runs a command in a pod with given claim mounted to /mnt directory. -func runInPodWithVolume(c clientset.Interface, ns, claimName, nodeName, command string, nodeSelector map[string]string, unschedulable bool) { +// NodeSelection specifies where to run a pod, using a combination of fixed node name, +// node selector and/or affinity. +type NodeSelection struct { + Name string + Selector map[string]string + Affinity *v1.Affinity +} + +// RunInPodWithVolume runs a command in a pod with given claim mounted to /mnt directory. +// It starts, checks, collects output and stops it. +func RunInPodWithVolume(c clientset.Interface, ns, claimName, podName, command string, node NodeSelection) { + pod := StartInPodWithVolume(c, ns, claimName, podName, command, node) + defer StopPod(c, pod) + framework.ExpectNoError(framework.WaitForPodSuccessInNamespaceSlow(c, pod.Name, pod.Namespace)) +} + +// StartInPodWithVolume starts a command in a pod with given claim mounted to /mnt directory +// The caller is responsible for checking the pod and deleting it. +func StartInPodWithVolume(c clientset.Interface, ns, claimName, podName, command string, node NodeSelection) *v1.Pod { pod := &v1.Pod{ TypeMeta: metav1.TypeMeta{ Kind: "Pod", APIVersion: "v1", }, ObjectMeta: metav1.ObjectMeta{ - GenerateName: "pvc-volume-tester-", + GenerateName: podName + "-", + Labels: map[string]string{ + "app": podName, + }, }, Spec: v1.PodSpec{ + NodeName: node.Name, + NodeSelector: node.Selector, + Affinity: node.Affinity, Containers: []v1.Container{ { Name: "volume-tester", @@ -432,30 +630,26 @@ func runInPodWithVolume(c clientset.Interface, ns, claimName, nodeName, command }, }, }, - NodeSelector: nodeSelector, }, } - if len(nodeName) != 0 { - pod.Spec.NodeName = nodeName - } pod, err := c.CoreV1().Pods(ns).Create(pod) framework.ExpectNoError(err, "Failed to create pod: %v", err) - defer func() { - body, err := c.CoreV1().Pods(ns).GetLogs(pod.Name, &v1.PodLogOptions{}).Do().Raw() - if err != nil { - framework.Logf("Error getting logs for pod %s: %v", pod.Name, err) - } else { - framework.Logf("Pod %s has the following logs: %s", pod.Name, body) - } - framework.DeletePodOrFail(c, ns, pod.Name) - }() + return pod +} - if unschedulable { - framework.ExpectNoError(framework.WaitForPodNameUnschedulableInNamespace(c, pod.Name, pod.Namespace)) - } else { - framework.ExpectNoError(framework.WaitForPodSuccessInNamespaceSlow(c, pod.Name, pod.Namespace)) +// StopPod first tries to log the output of the pod's container, then deletes the pod. +func StopPod(c clientset.Interface, pod *v1.Pod) { + if pod == nil { + return } + body, err := c.CoreV1().Pods(pod.Namespace).GetLogs(pod.Name, &v1.PodLogOptions{}).Do().Raw() + if err != nil { + framework.Logf("Error getting logs for pod %s: %v", pod.Name, err) + } else { + framework.Logf("Pod %s has the following logs: %s", pod.Name, body) + } + framework.DeletePodOrFail(c, pod.Namespace, pod.Name) } func verifyPVCsPending(client clientset.Interface, pvcs []*v1.PersistentVolumeClaim) { @@ -466,3 +660,76 @@ func verifyPVCsPending(client clientset.Interface, pvcs []*v1.PersistentVolumeCl Expect(claim.Status.Phase).To(Equal(v1.ClaimPending)) } } + +func prepareDataSourceForProvisioning( + node NodeSelection, + client clientset.Interface, + dynamicClient dynamic.Interface, + initClaim *v1.PersistentVolumeClaim, + class *storage.StorageClass, + snapshotClass *unstructured.Unstructured, +) (*v1.TypedLocalObjectReference, func()) { + var err error + if class != nil { + By("[Initialize dataSource]creating a StorageClass " + class.Name) + _, err = client.StorageV1().StorageClasses().Create(class) + Expect(err).NotTo(HaveOccurred()) + } + + By("[Initialize dataSource]creating a initClaim") + updatedClaim, err := client.CoreV1().PersistentVolumeClaims(initClaim.Namespace).Create(initClaim) + Expect(err).NotTo(HaveOccurred()) + err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, client, updatedClaim.Namespace, updatedClaim.Name, framework.Poll, framework.ClaimProvisionTimeout) + Expect(err).NotTo(HaveOccurred()) + + By("[Initialize dataSource]checking the initClaim") + // Get new copy of the initClaim + _, err = client.CoreV1().PersistentVolumeClaims(updatedClaim.Namespace).Get(updatedClaim.Name, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + + // write namespace to the /mnt/test (= the volume). + By("[Initialize dataSource]write data to volume") + command := fmt.Sprintf("echo '%s' > /mnt/test/initialData", updatedClaim.GetNamespace()) + RunInPodWithVolume(client, updatedClaim.Namespace, updatedClaim.Name, "pvc-snapshot-writer", command, node) + + By("[Initialize dataSource]creating a SnapshotClass") + snapshotClass, err = dynamicClient.Resource(snapshotClassGVR).Create(snapshotClass, metav1.CreateOptions{}) + + By("[Initialize dataSource]creating a snapshot") + snapshot := getSnapshot(updatedClaim.Name, updatedClaim.Namespace, snapshotClass.GetName()) + snapshot, err = dynamicClient.Resource(snapshotGVR).Namespace(updatedClaim.Namespace).Create(snapshot, metav1.CreateOptions{}) + Expect(err).NotTo(HaveOccurred()) + + WaitForSnapshotReady(dynamicClient, snapshot.GetNamespace(), snapshot.GetName(), framework.Poll, framework.SnapshotCreateTimeout) + Expect(err).NotTo(HaveOccurred()) + + By("[Initialize dataSource]checking the snapshot") + // Get new copy of the snapshot + snapshot, err = dynamicClient.Resource(snapshotGVR).Namespace(snapshot.GetNamespace()).Get(snapshot.GetName(), metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + group := "snapshot.storage.k8s.io" + dataSourceRef := &v1.TypedLocalObjectReference{ + APIGroup: &group, + Kind: "VolumeSnapshot", + Name: snapshot.GetName(), + } + + cleanupFunc := func() { + framework.Logf("deleting snapshot %q/%q", snapshot.GetNamespace(), snapshot.GetName()) + err = dynamicClient.Resource(snapshotGVR).Namespace(updatedClaim.Namespace).Delete(snapshot.GetName(), nil) + if err != nil && !apierrs.IsNotFound(err) { + framework.Failf("Error deleting snapshot %q. Error: %v", snapshot.GetName(), err) + } + + framework.Logf("deleting initClaim %q/%q", updatedClaim.Namespace, updatedClaim.Name) + err = client.CoreV1().PersistentVolumeClaims(updatedClaim.Namespace).Delete(updatedClaim.Name, nil) + if err != nil && !apierrs.IsNotFound(err) { + framework.Failf("Error deleting initClaim %q. Error: %v", updatedClaim.Name, err) + } + + framework.Logf("deleting SnapshotClass %s", snapshotClass.GetName()) + framework.ExpectNoError(dynamicClient.Resource(snapshotClassGVR).Delete(snapshotClass.GetName(), nil)) + } + + return dataSourceRef, cleanupFunc +} diff --git a/test/e2e/storage/testsuites/snapshottable.go b/test/e2e/storage/testsuites/snapshottable.go new file mode 100644 index 00000000000..64507514500 --- /dev/null +++ b/test/e2e/storage/testsuites/snapshottable.go @@ -0,0 +1,230 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package testsuites + +import ( + "fmt" + "time" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + + "k8s.io/api/core/v1" + apierrs "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/client-go/dynamic" + "k8s.io/kubernetes/test/e2e/framework" + "k8s.io/kubernetes/test/e2e/storage/testpatterns" +) + +// snapshot CRD api group +const snapshotGroup = "snapshot.storage.k8s.io" + +// snapshot CRD api version +const snapshotAPIVersion = "snapshot.storage.k8s.io/v1alpha1" + +var ( + snapshotGVR = schema.GroupVersionResource{Group: snapshotGroup, Version: "v1alpha1", Resource: "volumesnapshots"} + snapshotClassGVR = schema.GroupVersionResource{Group: snapshotGroup, Version: "v1alpha1", Resource: "volumesnapshotclasses"} + snapshotContentGVR = schema.GroupVersionResource{Group: snapshotGroup, Version: "v1alpha1", Resource: "volumesnapshotcontents"} +) + +type SnapshotClassTest struct { + Name string + CloudProviders []string + Snapshotter string + Parameters map[string]string + NodeName string + NodeSelector map[string]string // NodeSelector for the pod +} + +type snapshottableTestSuite struct { + tsInfo TestSuiteInfo +} + +var _ TestSuite = &snapshottableTestSuite{} + +// InitSnapshottableTestSuite returns snapshottableTestSuite that implements TestSuite interface +func InitSnapshottableTestSuite() TestSuite { + return &snapshottableTestSuite{ + tsInfo: TestSuiteInfo{ + name: "snapshottable", + testPatterns: []testpatterns.TestPattern{ + testpatterns.DynamicSnapshot, + }, + }, + } +} + +func (s *snapshottableTestSuite) getTestSuiteInfo() TestSuiteInfo { + return s.tsInfo +} + +func (s *snapshottableTestSuite) defineTests(driver TestDriver, pattern testpatterns.TestPattern) { + var ( + sDriver SnapshottableTestDriver + dDriver DynamicPVTestDriver + ) + + BeforeEach(func() { + // Check preconditions. + Expect(pattern.SnapshotType).To(Equal(testpatterns.DynamicCreatedSnapshot)) + dInfo := driver.GetDriverInfo() + ok := false + sDriver, ok = driver.(SnapshottableTestDriver) + if !dInfo.Capabilities[CapDataSource] || !ok { + framework.Skipf("Driver %q does not support snapshots - skipping", dInfo.Name) + } + dDriver, ok = driver.(DynamicPVTestDriver) + if !ok { + framework.Skipf("Driver %q does not support dynamic provisioning - skipping", driver.GetDriverInfo().Name) + } + }) + + // This intentionally comes after checking the preconditions because it + // registers its own BeforeEach which creates the namespace. Beware that it + // also registers an AfterEach which renders f unusable. Any code using + // f must run inside an It or Context callback. + f := framework.NewDefaultFramework("snapshotting") + + It("should create snapshot with defaults [Feature:VolumeSnapshotDataSource]", func() { + cs := f.ClientSet + dc := f.DynamicClient + + // Now do the more expensive test initialization. + config, testCleanup := driver.PrepareTest(f) + defer testCleanup() + + vsc := sDriver.GetSnapshotClass(config) + class := dDriver.GetDynamicProvisionStorageClass(config, "") + if class == nil { + framework.Skipf("Driver %q does not define Dynamic Provision StorageClass - skipping", driver.GetDriverInfo().Name) + } + + claimSize := dDriver.GetClaimSize() + pvc := getClaim(claimSize, config.Framework.Namespace.Name) + pvc.Spec.StorageClassName = &class.Name + framework.Logf("In creating storage class object and pvc object for driver - sc: %v, pvc: %v", class, pvc) + + By("creating a StorageClass " + class.Name) + class, err := cs.StorageV1().StorageClasses().Create(class) + Expect(err).NotTo(HaveOccurred()) + defer func() { + framework.Logf("deleting storage class %s", class.Name) + framework.ExpectNoError(cs.StorageV1().StorageClasses().Delete(class.Name, nil)) + }() + + By("creating a claim") + pvc, err = cs.CoreV1().PersistentVolumeClaims(pvc.Namespace).Create(pvc) + Expect(err).NotTo(HaveOccurred()) + defer func() { + framework.Logf("deleting claim %q/%q", pvc.Namespace, pvc.Name) + // typically this claim has already been deleted + err = cs.CoreV1().PersistentVolumeClaims(pvc.Namespace).Delete(pvc.Name, nil) + if err != nil && !apierrs.IsNotFound(err) { + framework.Failf("Error deleting claim %q. Error: %v", pvc.Name, err) + } + }() + err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, cs, pvc.Namespace, pvc.Name, framework.Poll, framework.ClaimProvisionTimeout) + Expect(err).NotTo(HaveOccurred()) + + By("checking the claim") + // Get new copy of the claim + pvc, err = cs.CoreV1().PersistentVolumeClaims(pvc.Namespace).Get(pvc.Name, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + + // Get the bound PV + pv, err := cs.CoreV1().PersistentVolumes().Get(pvc.Spec.VolumeName, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + + By("creating a SnapshotClass") + vsc, err = dc.Resource(snapshotClassGVR).Create(vsc, metav1.CreateOptions{}) + Expect(err).NotTo(HaveOccurred()) + defer func() { + framework.Logf("deleting SnapshotClass %s", vsc.GetName()) + framework.ExpectNoError(dc.Resource(snapshotClassGVR).Delete(vsc.GetName(), nil)) + }() + + By("creating a snapshot") + snapshot := getSnapshot(pvc.Name, pvc.Namespace, vsc.GetName()) + + snapshot, err = dc.Resource(snapshotGVR).Namespace(snapshot.GetNamespace()).Create(snapshot, metav1.CreateOptions{}) + Expect(err).NotTo(HaveOccurred()) + defer func() { + framework.Logf("deleting snapshot %q/%q", snapshot.GetNamespace(), snapshot.GetName()) + // typically this snapshot has already been deleted + err = dc.Resource(snapshotGVR).Namespace(snapshot.GetNamespace()).Delete(snapshot.GetName(), nil) + if err != nil && !apierrs.IsNotFound(err) { + framework.Failf("Error deleting snapshot %q. Error: %v", pvc.Name, err) + } + }() + err = WaitForSnapshotReady(dc, snapshot.GetNamespace(), snapshot.GetName(), framework.Poll, framework.SnapshotCreateTimeout) + Expect(err).NotTo(HaveOccurred()) + + By("checking the snapshot") + // Get new copy of the snapshot + snapshot, err = dc.Resource(snapshotGVR).Namespace(snapshot.GetNamespace()).Get(snapshot.GetName(), metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + + // Get the bound snapshotContent + snapshotSpec := snapshot.Object["spec"].(map[string]interface{}) + snapshotContentName := snapshotSpec["snapshotContentName"].(string) + snapshotContent, err := dc.Resource(snapshotContentGVR).Get(snapshotContentName, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + + snapshotContentSpec := snapshotContent.Object["spec"].(map[string]interface{}) + volumeSnapshotRef := snapshotContentSpec["volumeSnapshotRef"].(map[string]interface{}) + persistentVolumeRef := snapshotContentSpec["persistentVolumeRef"].(map[string]interface{}) + + // Check SnapshotContent properties + By("checking the SnapshotContent") + Expect(snapshotContentSpec["snapshotClassName"]).To(Equal(vsc.GetName())) + Expect(volumeSnapshotRef["name"]).To(Equal(snapshot.GetName())) + Expect(volumeSnapshotRef["namespace"]).To(Equal(snapshot.GetNamespace())) + Expect(persistentVolumeRef["name"]).To(Equal(pv.Name)) + }) +} + +// WaitForSnapshotReady waits for a VolumeSnapshot to be ready to use or until timeout occurs, whichever comes first. +func WaitForSnapshotReady(c dynamic.Interface, ns string, snapshotName string, Poll, timeout time.Duration) error { + framework.Logf("Waiting up to %v for VolumeSnapshot %s to become ready", timeout, snapshotName) + for start := time.Now(); time.Since(start) < timeout; time.Sleep(Poll) { + snapshot, err := c.Resource(snapshotGVR).Namespace(ns).Get(snapshotName, metav1.GetOptions{}) + if err != nil { + framework.Logf("Failed to get claim %q, retrying in %v. Error: %v", snapshotName, Poll, err) + continue + } else { + status := snapshot.Object["status"] + if status == nil { + framework.Logf("VolumeSnapshot %s found but is not ready.", snapshotName) + continue + } + value := status.(map[string]interface{}) + if value["readyToUse"] == true { + framework.Logf("VolumeSnapshot %s found and is ready", snapshotName, time.Since(start)) + return nil + } else if value["ready"] == true { + framework.Logf("VolumeSnapshot %s found and is ready", snapshotName, time.Since(start)) + return nil + } else { + framework.Logf("VolumeSnapshot %s found but is not ready.", snapshotName) + } + } + } + return fmt.Errorf("VolumeSnapshot %s is not ready within %v", snapshotName, timeout) +} diff --git a/test/e2e/storage/testsuites/subpath.go b/test/e2e/storage/testsuites/subpath.go index 3e35e2ecda2..adfb87e78aa 100644 --- a/test/e2e/storage/testsuites/subpath.go +++ b/test/e2e/storage/testsuites/subpath.go @@ -71,346 +71,351 @@ func (s *subPathTestSuite) getTestSuiteInfo() TestSuiteInfo { return s.tsInfo } -func (s *subPathTestSuite) skipUnsupportedTest(pattern testpatterns.TestPattern, driver TestDriver) { -} +func (s *subPathTestSuite) defineTests(driver TestDriver, pattern testpatterns.TestPattern) { + type local struct { + config *PerTestConfig + testCleanup func() -func createSubPathTestInput(pattern testpatterns.TestPattern, resource subPathTestResource) subPathTestInput { - driver := resource.driver - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework - subPath := f.Namespace.Name - subPathDir := filepath.Join(volumePath, subPath) - - return subPathTestInput{ - f: f, - subPathDir: subPathDir, - filePathInSubpath: filepath.Join(volumePath, fileName), - filePathInVolume: filepath.Join(subPathDir, fileName), - volType: resource.volType, - pod: resource.pod, - formatPod: resource.formatPod, - volSource: resource.genericVolumeTestResource.volSource, - roVol: resource.roVolSource, + resource *genericVolumeTestResource + roVolSource *v1.VolumeSource + pod *v1.Pod + formatPod *v1.Pod + subPathDir string + filePathInSubpath string + filePathInVolume string } -} + var l local -func (s *subPathTestSuite) execTest(driver TestDriver, pattern testpatterns.TestPattern) { - Context(getTestNameStr(s, pattern), func() { - var ( - resource subPathTestResource - input subPathTestInput - needsCleanup bool - ) + // No preconditions to test. Normally they would be in a BeforeEach here. - BeforeEach(func() { - needsCleanup = false - // Skip unsupported tests to avoid unnecessary resource initialization - skipUnsupportedTest(s, driver, pattern) - needsCleanup = true + // This intentionally comes after checking the preconditions because it + // registers its own BeforeEach which creates the namespace. Beware that it + // also registers an AfterEach which renders f unusable. Any code using + // f must run inside an It or Context callback. + f := framework.NewDefaultFramework("provisioning") - // Setup test resource for driver and testpattern - resource = subPathTestResource{} - resource.setupResource(driver, pattern) + init := func() { + l = local{} - // Create test input - input = createSubPathTestInput(pattern, resource) - }) + // Now do the more expensive test initialization. + l.config, l.testCleanup = driver.PrepareTest(f) + l.resource = createGenericVolumeTestResource(driver, l.config, pattern) - AfterEach(func() { - if needsCleanup { - resource.cleanupResource(driver, pattern) + // Setup subPath test dependent resource + volType := pattern.VolType + switch volType { + case testpatterns.InlineVolume: + if iDriver, ok := driver.(InlineVolumeTestDriver); ok { + l.roVolSource = iDriver.GetVolumeSource(true, pattern.FsType, l.resource.volume) } - }) - - testSubPath(&input) - }) -} - -type subPathTestResource struct { - genericVolumeTestResource - - roVolSource *v1.VolumeSource - pod *v1.Pod - formatPod *v1.Pod -} - -var _ TestResource = &subPathTestResource{} - -func (s *subPathTestResource) setupResource(driver TestDriver, pattern testpatterns.TestPattern) { - s.driver = driver - dInfo := s.driver.GetDriverInfo() - f := dInfo.Config.Framework - fsType := pattern.FsType - volType := pattern.VolType - - // Setup generic test resource - s.genericVolumeTestResource.setupResource(driver, pattern) - - // Setup subPath test dependent resource - switch volType { - case testpatterns.InlineVolume: - if iDriver, ok := driver.(InlineVolumeTestDriver); ok { - s.roVolSource = iDriver.GetVolumeSource(true, fsType, s.genericVolumeTestResource.driverTestResource) + case testpatterns.PreprovisionedPV: + l.roVolSource = &v1.VolumeSource{ + PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ + ClaimName: l.resource.pvc.Name, + ReadOnly: true, + }, + } + case testpatterns.DynamicPV: + l.roVolSource = &v1.VolumeSource{ + PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ + ClaimName: l.resource.pvc.Name, + ReadOnly: true, + }, + } + default: + framework.Failf("SubPath test doesn't support: %s", volType) } - case testpatterns.PreprovisionedPV: - s.roVolSource = &v1.VolumeSource{ - PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ - ClaimName: s.genericVolumeTestResource.pvc.Name, - ReadOnly: true, - }, - } - case testpatterns.DynamicPV: - s.roVolSource = &v1.VolumeSource{ - PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ - ClaimName: s.genericVolumeTestResource.pvc.Name, - ReadOnly: true, - }, - } - default: - framework.Failf("SubPath test doesn't support: %s", volType) + + subPath := f.Namespace.Name + l.pod = SubpathTestPod(f, subPath, l.resource.volType, l.resource.volSource, true) + l.pod.Spec.NodeName = l.config.ClientNodeName + l.pod.Spec.NodeSelector = l.config.ClientNodeSelector + + l.formatPod = volumeFormatPod(f, l.resource.volSource) + l.formatPod.Spec.NodeName = l.config.ClientNodeName + l.formatPod.Spec.NodeSelector = l.config.ClientNodeSelector + + l.subPathDir = filepath.Join(volumePath, subPath) + l.filePathInSubpath = filepath.Join(volumePath, fileName) + l.filePathInVolume = filepath.Join(l.subPathDir, fileName) } - subPath := f.Namespace.Name - config := dInfo.Config - s.pod = SubpathTestPod(f, subPath, s.volType, s.volSource, true) - s.pod.Spec.NodeName = config.ClientNodeName - s.pod.Spec.NodeSelector = config.ClientNodeSelector + cleanup := func() { + if l.pod != nil { + By("Deleting pod") + err := framework.DeletePodWithWait(f, f.ClientSet, l.pod) + Expect(err).ToNot(HaveOccurred(), "while deleting pod") + l.pod = nil + } - s.formatPod = volumeFormatPod(f, s.volSource) - s.formatPod.Spec.NodeName = config.ClientNodeName - s.formatPod.Spec.NodeSelector = config.ClientNodeSelector -} + if l.resource != nil { + l.resource.cleanupResource() + l.resource = nil + } -func (s *subPathTestResource) cleanupResource(driver TestDriver, pattern testpatterns.TestPattern) { - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework + if l.testCleanup != nil { + l.testCleanup() + l.testCleanup = nil + } + } - // Cleanup subPath test dependent resource - By("Deleting pod") - err := framework.DeletePodWithWait(f, f.ClientSet, s.pod) - Expect(err).ToNot(HaveOccurred(), "while deleting pod") - - // Cleanup generic test resource - s.genericVolumeTestResource.cleanupResource(driver, pattern) -} - -type subPathTestInput struct { - f *framework.Framework - subPathDir string - filePathInSubpath string - filePathInVolume string - volType string - pod *v1.Pod - formatPod *v1.Pod - volSource *v1.VolumeSource - roVol *v1.VolumeSource -} - -func testSubPath(input *subPathTestInput) { It("should support non-existent path", func() { + init() + defer cleanup() + // Write the file in the subPath from init container 1 - setWriteCommand(input.filePathInSubpath, &input.pod.Spec.InitContainers[1]) + setWriteCommand(l.filePathInSubpath, &l.pod.Spec.InitContainers[1]) // Read it from outside the subPath from container 1 - testReadFile(input.f, input.filePathInVolume, input.pod, 1) + testReadFile(f, l.filePathInVolume, l.pod, 1) }) It("should support existing directory", func() { + init() + defer cleanup() + // Create the directory - setInitCommand(input.pod, fmt.Sprintf("mkdir -p %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("mkdir -p %s", l.subPathDir)) // Write the file in the subPath from init container 1 - setWriteCommand(input.filePathInSubpath, &input.pod.Spec.InitContainers[1]) + setWriteCommand(l.filePathInSubpath, &l.pod.Spec.InitContainers[1]) // Read it from outside the subPath from container 1 - testReadFile(input.f, input.filePathInVolume, input.pod, 1) + testReadFile(f, l.filePathInVolume, l.pod, 1) }) It("should support existing single file", func() { + init() + defer cleanup() + // Create the file in the init container - setInitCommand(input.pod, fmt.Sprintf("mkdir -p %s; echo \"mount-tester new file\" > %s", input.subPathDir, input.filePathInVolume)) + setInitCommand(l.pod, fmt.Sprintf("mkdir -p %s; echo \"mount-tester new file\" > %s", l.subPathDir, l.filePathInVolume)) // Read it from inside the subPath from container 0 - testReadFile(input.f, input.filePathInSubpath, input.pod, 0) + testReadFile(f, l.filePathInSubpath, l.pod, 0) }) It("should support file as subpath", func() { - // Create the file in the init container - setInitCommand(input.pod, fmt.Sprintf("echo %s > %s", input.f.Namespace.Name, input.subPathDir)) + init() + defer cleanup() - TestBasicSubpath(input.f, input.f.Namespace.Name, input.pod) + // Create the file in the init container + setInitCommand(l.pod, fmt.Sprintf("echo %s > %s", f.Namespace.Name, l.subPathDir)) + + TestBasicSubpath(f, f.Namespace.Name, l.pod) }) It("should fail if subpath directory is outside the volume [Slow]", func() { + init() + defer cleanup() + // Create the subpath outside the volume - setInitCommand(input.pod, fmt.Sprintf("ln -s /bin %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("ln -s /bin %s", l.subPathDir)) // Pod should fail - testPodFailSubpath(input.f, input.pod, false) + testPodFailSubpath(f, l.pod, false) }) It("should fail if subpath file is outside the volume [Slow]", func() { + init() + defer cleanup() + // Create the subpath outside the volume - setInitCommand(input.pod, fmt.Sprintf("ln -s /bin/sh %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("ln -s /bin/sh %s", l.subPathDir)) // Pod should fail - testPodFailSubpath(input.f, input.pod, false) + testPodFailSubpath(f, l.pod, false) }) It("should fail if non-existent subpath is outside the volume [Slow]", func() { + init() + defer cleanup() + // Create the subpath outside the volume - setInitCommand(input.pod, fmt.Sprintf("ln -s /bin/notanexistingpath %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("ln -s /bin/notanexistingpath %s", l.subPathDir)) // Pod should fail - testPodFailSubpath(input.f, input.pod, false) + testPodFailSubpath(f, l.pod, false) }) It("should fail if subpath with backstepping is outside the volume [Slow]", func() { + init() + defer cleanup() + // Create the subpath outside the volume - setInitCommand(input.pod, fmt.Sprintf("ln -s ../ %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("ln -s ../ %s", l.subPathDir)) // Pod should fail - testPodFailSubpath(input.f, input.pod, false) + testPodFailSubpath(f, l.pod, false) }) It("should support creating multiple subpath from same volumes [Slow]", func() { + init() + defer cleanup() + subpathDir1 := filepath.Join(volumePath, "subpath1") subpathDir2 := filepath.Join(volumePath, "subpath2") filepath1 := filepath.Join("/test-subpath1", fileName) filepath2 := filepath.Join("/test-subpath2", fileName) - setInitCommand(input.pod, fmt.Sprintf("mkdir -p %s; mkdir -p %s", subpathDir1, subpathDir2)) + setInitCommand(l.pod, fmt.Sprintf("mkdir -p %s; mkdir -p %s", subpathDir1, subpathDir2)) - addSubpathVolumeContainer(&input.pod.Spec.Containers[0], v1.VolumeMount{ + addSubpathVolumeContainer(&l.pod.Spec.Containers[0], v1.VolumeMount{ Name: volumeName, MountPath: "/test-subpath1", SubPath: "subpath1", }) - addSubpathVolumeContainer(&input.pod.Spec.Containers[0], v1.VolumeMount{ + addSubpathVolumeContainer(&l.pod.Spec.Containers[0], v1.VolumeMount{ Name: volumeName, MountPath: "/test-subpath2", SubPath: "subpath2", }) // Write the files from container 0 and instantly read them back - addMultipleWrites(&input.pod.Spec.Containers[0], filepath1, filepath2) - testMultipleReads(input.f, input.pod, 0, filepath1, filepath2) + addMultipleWrites(&l.pod.Spec.Containers[0], filepath1, filepath2) + testMultipleReads(f, l.pod, 0, filepath1, filepath2) }) It("should support restarting containers using directory as subpath [Slow]", func() { - // Create the directory - setInitCommand(input.pod, fmt.Sprintf("mkdir -p %v; touch %v", input.subPathDir, probeFilePath)) + init() + defer cleanup() - testPodContainerRestart(input.f, input.pod) + // Create the directory + setInitCommand(l.pod, fmt.Sprintf("mkdir -p %v; touch %v", l.subPathDir, probeFilePath)) + + testPodContainerRestart(f, l.pod) }) It("should support restarting containers using file as subpath [Slow]", func() { - // Create the file - setInitCommand(input.pod, fmt.Sprintf("touch %v; touch %v", input.subPathDir, probeFilePath)) + init() + defer cleanup() - testPodContainerRestart(input.f, input.pod) + // Create the file + setInitCommand(l.pod, fmt.Sprintf("touch %v; touch %v", l.subPathDir, probeFilePath)) + + testPodContainerRestart(f, l.pod) }) It("should unmount if pod is gracefully deleted while kubelet is down [Disruptive][Slow]", func() { - testSubpathReconstruction(input.f, input.pod, false) + init() + defer cleanup() + + testSubpathReconstruction(f, l.pod, false) }) It("should unmount if pod is force deleted while kubelet is down [Disruptive][Slow]", func() { - if strings.HasPrefix(input.volType, "hostPath") || strings.HasPrefix(input.volType, "csi-hostpath") { + init() + defer cleanup() + + if strings.HasPrefix(l.resource.volType, "hostPath") || strings.HasPrefix(l.resource.volType, "csi-hostpath") { // TODO: This skip should be removed once #61446 is fixed - framework.Skipf("%s volume type does not support reconstruction, skipping", input.volType) + framework.Skipf("%s volume type does not support reconstruction, skipping", l.resource.volType) } - testSubpathReconstruction(input.f, input.pod, true) + + testSubpathReconstruction(f, l.pod, true) }) It("should support readOnly directory specified in the volumeMount", func() { + init() + defer cleanup() + // Create the directory - setInitCommand(input.pod, fmt.Sprintf("mkdir -p %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("mkdir -p %s", l.subPathDir)) // Write the file in the volume from init container 2 - setWriteCommand(input.filePathInVolume, &input.pod.Spec.InitContainers[2]) + setWriteCommand(l.filePathInVolume, &l.pod.Spec.InitContainers[2]) // Read it from inside the subPath from container 0 - input.pod.Spec.Containers[0].VolumeMounts[0].ReadOnly = true - testReadFile(input.f, input.filePathInSubpath, input.pod, 0) + l.pod.Spec.Containers[0].VolumeMounts[0].ReadOnly = true + testReadFile(f, l.filePathInSubpath, l.pod, 0) }) It("should support readOnly file specified in the volumeMount", func() { + init() + defer cleanup() + // Create the file - setInitCommand(input.pod, fmt.Sprintf("touch %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("touch %s", l.subPathDir)) // Write the file in the volume from init container 2 - setWriteCommand(input.subPathDir, &input.pod.Spec.InitContainers[2]) + setWriteCommand(l.subPathDir, &l.pod.Spec.InitContainers[2]) // Read it from inside the subPath from container 0 - input.pod.Spec.Containers[0].VolumeMounts[0].ReadOnly = true - testReadFile(input.f, volumePath, input.pod, 0) + l.pod.Spec.Containers[0].VolumeMounts[0].ReadOnly = true + testReadFile(f, volumePath, l.pod, 0) }) It("should support existing directories when readOnly specified in the volumeSource", func() { - if input.roVol == nil { - framework.Skipf("Volume type %v doesn't support readOnly source", input.volType) + init() + defer cleanup() + if l.roVolSource == nil { + framework.Skipf("Volume type %v doesn't support readOnly source", l.resource.volType) } - pod := input.pod.DeepCopy() + origpod := l.pod.DeepCopy() // Create the directory - setInitCommand(input.pod, fmt.Sprintf("mkdir -p %s", input.subPathDir)) + setInitCommand(l.pod, fmt.Sprintf("mkdir -p %s", l.subPathDir)) // Write the file in the subPath from init container 1 - setWriteCommand(input.filePathInSubpath, &input.pod.Spec.InitContainers[1]) + setWriteCommand(l.filePathInSubpath, &l.pod.Spec.InitContainers[1]) // Read it from inside the subPath from container 0 - testReadFile(input.f, input.filePathInSubpath, input.pod, 0) + testReadFile(f, l.filePathInSubpath, l.pod, 0) // Reset the pod - input.pod = pod + l.pod = origpod // Set volume source to read only - input.pod.Spec.Volumes[0].VolumeSource = *input.roVol + l.pod.Spec.Volumes[0].VolumeSource = *l.roVolSource // Read it from inside the subPath from container 0 - testReadFile(input.f, input.filePathInSubpath, input.pod, 0) + testReadFile(f, l.filePathInSubpath, l.pod, 0) }) It("should verify container cannot write to subpath readonly volumes", func() { - if input.roVol == nil { - framework.Skipf("Volume type %v doesn't support readOnly source", input.volType) + init() + defer cleanup() + if l.roVolSource == nil { + framework.Skipf("Volume type %v doesn't support readOnly source", l.resource.volType) } // Format the volume while it's writable - formatVolume(input.f, input.formatPod) + formatVolume(f, l.formatPod) // Set volume source to read only - input.pod.Spec.Volumes[0].VolumeSource = *input.roVol + l.pod.Spec.Volumes[0].VolumeSource = *l.roVolSource // Write the file in the volume from container 0 - setWriteCommand(input.subPathDir, &input.pod.Spec.Containers[0]) + setWriteCommand(l.subPathDir, &l.pod.Spec.Containers[0]) // Pod should fail - testPodFailSubpath(input.f, input.pod, true) + testPodFailSubpath(f, l.pod, true) }) It("should be able to unmount after the subpath directory is deleted", func() { - // Change volume container to busybox so we can exec later - input.pod.Spec.Containers[1].Image = imageutils.GetE2EImage(imageutils.BusyBox) - input.pod.Spec.Containers[1].Command = []string{"/bin/sh", "-ec", "sleep 100000"} + init() + defer cleanup() - By(fmt.Sprintf("Creating pod %s", input.pod.Name)) - removeUnusedContainers(input.pod) - pod, err := input.f.ClientSet.CoreV1().Pods(input.f.Namespace.Name).Create(input.pod) + // Change volume container to busybox so we can exec later + l.pod.Spec.Containers[1].Image = imageutils.GetE2EImage(imageutils.BusyBox) + l.pod.Spec.Containers[1].Command = []string{"/bin/sh", "-ec", "sleep 100000"} + + By(fmt.Sprintf("Creating pod %s", l.pod.Name)) + removeUnusedContainers(l.pod) + pod, err := f.ClientSet.CoreV1().Pods(f.Namespace.Name).Create(l.pod) Expect(err).ToNot(HaveOccurred(), "while creating pod") defer func() { By(fmt.Sprintf("Deleting pod %s", pod.Name)) - framework.DeletePodWithWait(input.f, input.f.ClientSet, pod) + framework.DeletePodWithWait(f, f.ClientSet, pod) }() // Wait for pod to be running - err = framework.WaitForPodRunningInNamespace(input.f.ClientSet, pod) + err = framework.WaitForPodRunningInNamespace(f.ClientSet, l.pod) Expect(err).ToNot(HaveOccurred(), "while waiting for pod to be running") // Exec into container that mounted the volume, delete subpath directory - rmCmd := fmt.Sprintf("rm -rf %s", input.subPathDir) - _, err = podContainerExec(pod, 1, rmCmd) + rmCmd := fmt.Sprintf("rm -rf %s", l.subPathDir) + _, err = podContainerExec(l.pod, 1, rmCmd) Expect(err).ToNot(HaveOccurred(), "while removing subpath directory") // Delete pod (from defer) and wait for it to be successfully deleted diff --git a/test/e2e/storage/testsuites/testdriver.go b/test/e2e/storage/testsuites/testdriver.go index c5114897d5d..d5b3bf58ba0 100644 --- a/test/e2e/storage/testsuites/testdriver.go +++ b/test/e2e/storage/testsuites/testdriver.go @@ -19,49 +19,68 @@ package testsuites import ( "k8s.io/api/core/v1" storagev1 "k8s.io/api/storage/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/testpatterns" ) -// TestDriver represents an interface for a driver to be tested in TestSuite +// TestDriver represents an interface for a driver to be tested in TestSuite. +// Except for GetDriverInfo, all methods will be called at test runtime and thus +// can use framework.Skipf, framework.Fatal, Gomega assertions, etc. type TestDriver interface { - // GetDriverInfo returns DriverInfo for the TestDriver + // GetDriverInfo returns DriverInfo for the TestDriver. This must be static + // information. GetDriverInfo() *DriverInfo - // CreateDriver creates all driver resources that is required for TestDriver method - // except CreateVolume - CreateDriver() - // CreateDriver cleanup all the resources that is created in CreateDriver - CleanupDriver() - // SkipUnsupportedTest skips test in Testpattern is not suitable to test with the TestDriver + + // SkipUnsupportedTest skips test if Testpattern is not + // suitable to test with the TestDriver. It gets called after + // parsing parameters of the test suite and before the + // framework is initialized. Cheap tests that just check + // parameters like the cloud provider can and should be + // done in SkipUnsupportedTest to avoid setting up more + // expensive resources like framework.Framework. Tests that + // depend on a connection to the cluster can be done in + // PrepareTest once the framework is ready. SkipUnsupportedTest(testpatterns.TestPattern) + + // PrepareTest is called at test execution time each time a new test case is about to start. + // It sets up all necessary resources and returns the per-test configuration + // plus a cleanup function that frees all allocated resources. + PrepareTest(f *framework.Framework) (*PerTestConfig, func()) +} + +// TestVolume is the result of PreprovisionedVolumeTestDriver.CreateVolume. +// The only common functionality is to delete it. Individual driver interfaces +// have additional methods that work with volumes created by them. +type TestVolume interface { + DeleteVolume() } // PreprovisionedVolumeTestDriver represents an interface for a TestDriver that has pre-provisioned volume type PreprovisionedVolumeTestDriver interface { TestDriver - // CreateVolume creates a pre-provisioned volume. - CreateVolume(testpatterns.TestVolType) interface{} - // DeleteVolume deletes a volume that is created in CreateVolume - DeleteVolume(testpatterns.TestVolType, interface{}) + // CreateVolume creates a pre-provisioned volume of the desired volume type. + CreateVolume(config *PerTestConfig, volumeType testpatterns.TestVolType) TestVolume } // InlineVolumeTestDriver represents an interface for a TestDriver that supports InlineVolume type InlineVolumeTestDriver interface { PreprovisionedVolumeTestDriver + // GetVolumeSource returns a volumeSource for inline volume. // It will set readOnly and fsType to the volumeSource, if TestDriver supports both of them. // It will return nil, if the TestDriver doesn't support either of the parameters. - GetVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.VolumeSource + GetVolumeSource(readOnly bool, fsType string, testVolume TestVolume) *v1.VolumeSource } // PreprovisionedPVTestDriver represents an interface for a TestDriver that supports PreprovisionedPV type PreprovisionedPVTestDriver interface { PreprovisionedVolumeTestDriver - // GetPersistentVolumeSource returns a PersistentVolumeSource for pre-provisioned Persistent Volume. + // GetPersistentVolumeSource returns a PersistentVolumeSource with volume node affinity for pre-provisioned Persistent Volume. // It will set readOnly and fsType to the PersistentVolumeSource, if TestDriver supports both of them. // It will return nil, if the TestDriver doesn't support either of the parameters. - GetPersistentVolumeSource(readOnly bool, fsType string, testResource interface{}) *v1.PersistentVolumeSource + GetPersistentVolumeSource(readOnly bool, fsType string, testVolume TestVolume) (*v1.PersistentVolumeSource, *v1.VolumeNodeAffinity) } // DynamicPVTestDriver represents an interface for a TestDriver that supports DynamicPV @@ -70,7 +89,7 @@ type DynamicPVTestDriver interface { // GetDynamicProvisionStorageClass returns a StorageClass dynamic provision Persistent Volume. // It will set fsType to the StorageClass, if TestDriver supports it. // It will return nil, if the TestDriver doesn't support it. - GetDynamicProvisionStorageClass(fsType string) *storagev1.StorageClass + GetDynamicProvisionStorageClass(config *PerTestConfig, fsType string) *storagev1.StorageClass // GetClaimSize returns the size of the volume that is to be provisioned ("5Gi", "1Mi"). // The size must be chosen so that the resulting volume is large enough for all @@ -78,6 +97,14 @@ type DynamicPVTestDriver interface { GetClaimSize() string } +// SnapshottableTestDriver represents an interface for a TestDriver that supports DynamicSnapshot +type SnapshottableTestDriver interface { + TestDriver + // GetSnapshotClass returns a SnapshotClass to create snapshot. + // It will return nil, if the TestDriver doesn't support it. + GetSnapshotClass(config *PerTestConfig) *unstructured.Unstructured +} + // Capability represents a feature that a volume plugin supports type Capability string @@ -86,9 +113,17 @@ const ( CapBlock Capability = "block" // raw block mode CapFsGroup Capability = "fsGroup" // volume ownership via fsGroup CapExec Capability = "exec" // exec a file in the volume + CapDataSource Capability = "dataSource" // support populate data from snapshot + + // multiple pods on a node can use the same volume concurrently; + // for CSI, see: + // - https://github.com/container-storage-interface/spec/pull/150 + // - https://github.com/container-storage-interface/spec/issues/178 + // - NodeStageVolume in the spec + CapMultiPODs Capability = "multipods" ) -// DriverInfo represents a combination of parameters to be used in implementation of TestDriver +// DriverInfo represents static information about a TestDriver. type DriverInfo struct { Name string // Name of the driver FeatureTag string // FeatureTag for the driver @@ -98,14 +133,15 @@ type DriverInfo struct { SupportedMountOption sets.String // Map of string for supported mount option RequiredMountOption sets.String // Map of string for required mount option (Optional) Capabilities map[Capability]bool // Map that represents plugin capabilities - - Config TestConfig // Test configuration for the current test. } -// TestConfig represents parameters that control test execution. -// They can still be modified after defining tests, for example -// in a BeforeEach or when creating the driver. -type TestConfig struct { +// PerTestConfig represents parameters that control test execution. +// One instance gets allocated for each test and is then passed +// via pointer to functions involved in the test. +type PerTestConfig struct { + // The test driver for the test. + Driver TestDriver + // Some short word that gets inserted into dynamically // generated entities (pods, paths) as first part of the name // to make debugging easier. Can be the same for different @@ -130,8 +166,9 @@ type TestConfig struct { // the configuration that then has to be used to run tests. // The values above are ignored for such tests. ServerConfig *framework.VolumeTestConfig - - // TopologyEnabled indicates that the Topology feature gate - // should be enabled in external-provisioner - TopologyEnabled bool +} + +// GetUniqueDriverName returns unique driver name that can be used parallelly in tests +func (config *PerTestConfig) GetUniqueDriverName() string { + return config.Driver.GetDriverInfo().Name + "-" + config.Framework.UniqueName } diff --git a/test/e2e/storage/testsuites/volume_io.go b/test/e2e/storage/testsuites/volume_io.go index ad32f84fa5f..1ec29ba5a07 100644 --- a/test/e2e/storage/testsuites/volume_io.go +++ b/test/e2e/storage/testsuites/volume_io.go @@ -74,87 +74,65 @@ func (t *volumeIOTestSuite) getTestSuiteInfo() TestSuiteInfo { return t.tsInfo } -func (t *volumeIOTestSuite) skipUnsupportedTest(pattern testpatterns.TestPattern, driver TestDriver) { -} +func (t *volumeIOTestSuite) defineTests(driver TestDriver, pattern testpatterns.TestPattern) { + type local struct { + config *PerTestConfig + testCleanup func() -func createVolumeIOTestInput(pattern testpatterns.TestPattern, resource genericVolumeTestResource) volumeIOTestInput { - var fsGroup *int64 - driver := resource.driver - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework - fileSizes := createFileSizes(dInfo.MaxFileSize) - volSource := resource.volSource + resource *genericVolumeTestResource + } + var ( + dInfo = driver.GetDriverInfo() + l local + ) - if volSource == nil { - framework.Skipf("Driver %q does not define volumeSource - skipping", dInfo.Name) + // No preconditions to test. Normally they would be in a BeforeEach here. + + // This intentionally comes after checking the preconditions because it + // registers its own BeforeEach which creates the namespace. Beware that it + // also registers an AfterEach which renders f unusable. Any code using + // f must run inside an It or Context callback. + f := framework.NewDefaultFramework("volumeio") + + init := func() { + l = local{} + + // Now do the more expensive test initialization. + l.config, l.testCleanup = driver.PrepareTest(f) + l.resource = createGenericVolumeTestResource(driver, l.config, pattern) + if l.resource.volSource == nil { + framework.Skipf("Driver %q does not define volumeSource - skipping", dInfo.Name) + } } - if dInfo.Capabilities[CapFsGroup] { - fsGroupVal := int64(1234) - fsGroup = &fsGroupVal + cleanup := func() { + if l.resource != nil { + l.resource.cleanupResource() + l.resource = nil + } + + if l.testCleanup != nil { + l.testCleanup() + l.testCleanup = nil + } } - return volumeIOTestInput{ - f: f, - name: dInfo.Name, - config: &dInfo.Config, - volSource: *volSource, - testFile: fmt.Sprintf("%s_io_test_%s", dInfo.Name, f.Namespace.Name), - podSec: v1.PodSecurityContext{ - FSGroup: fsGroup, - }, - fileSizes: fileSizes, - } -} - -func (t *volumeIOTestSuite) execTest(driver TestDriver, pattern testpatterns.TestPattern) { - Context(getTestNameStr(t, pattern), func() { - var ( - resource genericVolumeTestResource - input volumeIOTestInput - needsCleanup bool - ) - - BeforeEach(func() { - needsCleanup = false - // Skip unsupported tests to avoid unnecessary resource initialization - skipUnsupportedTest(t, driver, pattern) - needsCleanup = true - - // Setup test resource for driver and testpattern - resource = genericVolumeTestResource{} - resource.setupResource(driver, pattern) - - // Create test input - input = createVolumeIOTestInput(pattern, resource) - }) - - AfterEach(func() { - if needsCleanup { - resource.cleanupResource(driver, pattern) - } - }) - - execTestVolumeIO(&input) - }) -} - -type volumeIOTestInput struct { - f *framework.Framework - name string - config *TestConfig - volSource v1.VolumeSource - testFile string - podSec v1.PodSecurityContext - fileSizes []int64 -} - -func execTestVolumeIO(input *volumeIOTestInput) { It("should write files of various sizes, verify size, validate content [Slow]", func() { - f := input.f - cs := f.ClientSet + init() + defer cleanup() - err := testVolumeIO(f, cs, convertTestConfig(input.config), input.volSource, &input.podSec, input.testFile, input.fileSizes) + cs := f.ClientSet + fileSizes := createFileSizes(dInfo.MaxFileSize) + testFile := fmt.Sprintf("%s_io_test_%s", dInfo.Name, f.Namespace.Name) + var fsGroup *int64 + if dInfo.Capabilities[CapFsGroup] { + fsGroupVal := int64(1234) + fsGroup = &fsGroupVal + } + podSec := v1.PodSecurityContext{ + FSGroup: fsGroup, + } + err := testVolumeIO(f, cs, convertTestConfig(l.config), *l.resource.volSource, &podSec, testFile, fileSizes) Expect(err).NotTo(HaveOccurred()) }) } diff --git a/test/e2e/storage/testsuites/volumemode.go b/test/e2e/storage/testsuites/volumemode.go index 03eb2a43b09..b90fddb9b44 100644 --- a/test/e2e/storage/testsuites/volumemode.go +++ b/test/e2e/storage/testsuites/volumemode.go @@ -26,6 +26,7 @@ import ( storagev1 "k8s.io/api/storage/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilerrors "k8s.io/apimachinery/pkg/util/errors" + clientset "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/storage/testpatterns" "k8s.io/kubernetes/test/e2e/storage/utils" @@ -61,319 +62,257 @@ func (t *volumeModeTestSuite) getTestSuiteInfo() TestSuiteInfo { return t.tsInfo } -func (t *volumeModeTestSuite) skipUnsupportedTest(pattern testpatterns.TestPattern, driver TestDriver) { -} +func (t *volumeModeTestSuite) defineTests(driver TestDriver, pattern testpatterns.TestPattern) { + type local struct { + config *PerTestConfig + testCleanup func() -func createVolumeModeTestInput(pattern testpatterns.TestPattern, resource volumeModeTestResource) volumeModeTestInput { - driver := resource.driver - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework - - return volumeModeTestInput{ - f: f, - sc: resource.sc, - pvc: resource.pvc, - pv: resource.pv, - testVolType: pattern.VolType, - nodeName: dInfo.Config.ClientNodeName, - volMode: pattern.VolMode, - isBlockSupported: dInfo.Capabilities[CapBlock], + cs clientset.Interface + ns *v1.Namespace + sc *storagev1.StorageClass + pvc *v1.PersistentVolumeClaim + pv *v1.PersistentVolume + volume TestVolume } -} - -func getVolumeModeTestFunc(pattern testpatterns.TestPattern, driver TestDriver) func(*volumeModeTestInput) { - dInfo := driver.GetDriverInfo() - isBlockSupported := dInfo.Capabilities[CapBlock] - volMode := pattern.VolMode - volType := pattern.VolType - - switch volType { - case testpatterns.PreprovisionedPV: - if volMode == v1.PersistentVolumeBlock && !isBlockSupported { - return testVolumeModeFailForPreprovisionedPV - } - return testVolumeModeSuccessForPreprovisionedPV - case testpatterns.DynamicPV: - if volMode == v1.PersistentVolumeBlock && !isBlockSupported { - return testVolumeModeFailForDynamicPV - } - return testVolumeModeSuccessForDynamicPV - default: - framework.Failf("Volume mode test doesn't support volType: %v", volType) - } - return nil -} - -func (t *volumeModeTestSuite) execTest(driver TestDriver, pattern testpatterns.TestPattern) { - Context(getTestNameStr(t, pattern), func() { - var ( - resource volumeModeTestResource - input volumeModeTestInput - testFunc func(*volumeModeTestInput) - needsCleanup bool - ) - - testFunc = getVolumeModeTestFunc(pattern, driver) - - BeforeEach(func() { - needsCleanup = false - // Skip unsupported tests to avoid unnecessary resource initialization - skipUnsupportedTest(t, driver, pattern) - needsCleanup = true - - // Setup test resource for driver and testpattern - resource = volumeModeTestResource{} - resource.setupResource(driver, pattern) - - // Create test input - input = createVolumeModeTestInput(pattern, resource) - }) - - AfterEach(func() { - if needsCleanup { - resource.cleanupResource(driver, pattern) - } - }) - - testFunc(&input) - }) -} - -type volumeModeTestResource struct { - driver TestDriver - - sc *storagev1.StorageClass - pvc *v1.PersistentVolumeClaim - pv *v1.PersistentVolume - - driverTestResource interface{} -} - -var _ TestResource = &volumeModeTestResource{} - -func (s *volumeModeTestResource) setupResource(driver TestDriver, pattern testpatterns.TestPattern) { - s.driver = driver - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework - ns := f.Namespace - fsType := pattern.FsType - volBindMode := storagev1.VolumeBindingImmediate - volMode := pattern.VolMode - volType := pattern.VolType - var ( - scName string - pvSource *v1.PersistentVolumeSource + dInfo = driver.GetDriverInfo() + l local ) - // Create volume for pre-provisioned volume tests - s.driverTestResource = CreateVolume(driver, volType) + // No preconditions to test. Normally they would be in a BeforeEach here. - switch volType { - case testpatterns.PreprovisionedPV: - if volMode == v1.PersistentVolumeBlock { - scName = fmt.Sprintf("%s-%s-sc-for-block", ns.Name, dInfo.Name) - } else if volMode == v1.PersistentVolumeFilesystem { - scName = fmt.Sprintf("%s-%s-sc-for-file", ns.Name, dInfo.Name) - } - if pDriver, ok := driver.(PreprovisionedPVTestDriver); ok { - pvSource = pDriver.GetPersistentVolumeSource(false, fsType, s.driverTestResource) - if pvSource == nil { - framework.Skipf("Driver %q does not define PersistentVolumeSource - skipping", dInfo.Name) + // This intentionally comes after checking the preconditions because it + // registers its own BeforeEach which creates the namespace. Beware that it + // also registers an AfterEach which renders f unusable. Any code using + // f must run inside an It or Context callback. + f := framework.NewDefaultFramework("volumemode") + + init := func() { + l = local{} + l.ns = f.Namespace + l.cs = f.ClientSet + + // Now do the more expensive test initialization. + l.config, l.testCleanup = driver.PrepareTest(f) + + fsType := pattern.FsType + volBindMode := storagev1.VolumeBindingImmediate + + var ( + scName string + pvSource *v1.PersistentVolumeSource + volumeNodeAffinity *v1.VolumeNodeAffinity + ) + + // Create volume for pre-provisioned volume tests + l.volume = CreateVolume(driver, l.config, pattern.VolType) + + switch pattern.VolType { + case testpatterns.PreprovisionedPV: + if pattern.VolMode == v1.PersistentVolumeBlock { + scName = fmt.Sprintf("%s-%s-sc-for-block", l.ns.Name, dInfo.Name) + } else if pattern.VolMode == v1.PersistentVolumeFilesystem { + scName = fmt.Sprintf("%s-%s-sc-for-file", l.ns.Name, dInfo.Name) } + if pDriver, ok := driver.(PreprovisionedPVTestDriver); ok { + pvSource, volumeNodeAffinity = pDriver.GetPersistentVolumeSource(false, fsType, l.volume) + if pvSource == nil { + framework.Skipf("Driver %q does not define PersistentVolumeSource - skipping", dInfo.Name) + } - sc, pvConfig, pvcConfig := generateConfigsForPreprovisionedPVTest(scName, volBindMode, volMode, *pvSource) - s.sc = sc - s.pv = framework.MakePersistentVolume(pvConfig) - s.pvc = framework.MakePersistentVolumeClaim(pvcConfig, ns.Name) + storageClass, pvConfig, pvcConfig := generateConfigsForPreprovisionedPVTest(scName, volBindMode, pattern.VolMode, *pvSource, volumeNodeAffinity) + l.sc = storageClass + l.pv = framework.MakePersistentVolume(pvConfig) + l.pvc = framework.MakePersistentVolumeClaim(pvcConfig, l.ns.Name) + } + case testpatterns.DynamicPV: + if dDriver, ok := driver.(DynamicPVTestDriver); ok { + l.sc = dDriver.GetDynamicProvisionStorageClass(l.config, fsType) + if l.sc == nil { + framework.Skipf("Driver %q does not define Dynamic Provision StorageClass - skipping", dInfo.Name) + } + l.sc.VolumeBindingMode = &volBindMode + + claimSize := dDriver.GetClaimSize() + l.pvc = getClaim(claimSize, l.ns.Name) + l.pvc.Spec.StorageClassName = &l.sc.Name + l.pvc.Spec.VolumeMode = &pattern.VolMode + } + default: + framework.Failf("Volume mode test doesn't support: %s", pattern.VolType) + } + } + + cleanup := func() { + if l.pv != nil || l.pvc != nil { + By("Deleting pv and pvc") + errs := framework.PVPVCCleanup(f.ClientSet, f.Namespace.Name, l.pv, l.pvc) + if len(errs) > 0 { + framework.Logf("Failed to delete PV and/or PVC: %v", utilerrors.NewAggregate(errs)) + } + l.pv = nil + l.pvc = nil + } + + if l.sc != nil { + By("Deleting sc") + deleteStorageClass(f.ClientSet, l.sc.Name) + l.sc = nil + } + + if l.volume != nil { + l.volume.DeleteVolume() + l.volume = nil + } + + if l.testCleanup != nil { + l.testCleanup() + l.testCleanup = nil + } + } + + // We register different tests depending on the drive + isBlockSupported := dInfo.Capabilities[CapBlock] + switch pattern.VolType { + case testpatterns.PreprovisionedPV: + if pattern.VolMode == v1.PersistentVolumeBlock && !isBlockSupported { + It("should fail to create pod by failing to mount volume", func() { + init() + defer cleanup() + + var err error + + By("Creating sc") + l.sc, err = l.cs.StorageV1().StorageClasses().Create(l.sc) + Expect(err).NotTo(HaveOccurred()) + + By("Creating pv and pvc") + l.pv, err = l.cs.CoreV1().PersistentVolumes().Create(l.pv) + Expect(err).NotTo(HaveOccurred()) + + // Prebind pv + l.pvc.Spec.VolumeName = l.pv.Name + l.pvc, err = l.cs.CoreV1().PersistentVolumeClaims(l.ns.Name).Create(l.pvc) + Expect(err).NotTo(HaveOccurred()) + + framework.ExpectNoError(framework.WaitOnPVandPVC(l.cs, l.ns.Name, l.pv, l.pvc)) + + By("Creating pod") + pod, err := framework.CreateSecPodWithNodeName(l.cs, l.ns.Name, []*v1.PersistentVolumeClaim{l.pvc}, + false, "", false, false, framework.SELinuxLabel, + nil, l.config.ClientNodeName, framework.PodStartTimeout) + defer func() { + framework.ExpectNoError(framework.DeletePodWithWait(f, l.cs, pod)) + }() + Expect(err).To(HaveOccurred()) + }) + } else { + It("should create sc, pod, pv, and pvc, read/write to the pv, and delete all created resources", func() { + init() + defer cleanup() + + var err error + + By("Creating sc") + l.sc, err = l.cs.StorageV1().StorageClasses().Create(l.sc) + Expect(err).NotTo(HaveOccurred()) + + By("Creating pv and pvc") + l.pv, err = l.cs.CoreV1().PersistentVolumes().Create(l.pv) + Expect(err).NotTo(HaveOccurred()) + + // Prebind pv + l.pvc.Spec.VolumeName = l.pv.Name + l.pvc, err = l.cs.CoreV1().PersistentVolumeClaims(l.ns.Name).Create(l.pvc) + Expect(err).NotTo(HaveOccurred()) + + framework.ExpectNoError(framework.WaitOnPVandPVC(l.cs, l.ns.Name, l.pv, l.pvc)) + + By("Creating pod") + pod, err := framework.CreateSecPodWithNodeName(l.cs, l.ns.Name, []*v1.PersistentVolumeClaim{l.pvc}, + false, "", false, false, framework.SELinuxLabel, + nil, l.config.ClientNodeName, framework.PodStartTimeout) + defer func() { + framework.ExpectNoError(framework.DeletePodWithWait(f, l.cs, pod)) + }() + Expect(err).NotTo(HaveOccurred()) + + By("Checking if persistent volume exists as expected volume mode") + utils.CheckVolumeModeOfPath(pod, pattern.VolMode, "/mnt/volume1") + + By("Checking if read/write to persistent volume works properly") + utils.CheckReadWriteToPath(pod, pattern.VolMode, "/mnt/volume1") + }) + // TODO(mkimuram): Add more tests } case testpatterns.DynamicPV: - if dDriver, ok := driver.(DynamicPVTestDriver); ok { - s.sc = dDriver.GetDynamicProvisionStorageClass(fsType) - if s.sc == nil { - framework.Skipf("Driver %q does not define Dynamic Provision StorageClass - skipping", dInfo.Name) - } - s.sc.VolumeBindingMode = &volBindMode + if pattern.VolMode == v1.PersistentVolumeBlock && !isBlockSupported { + It("should fail in binding dynamic provisioned PV to PVC", func() { + init() + defer cleanup() - claimSize := dDriver.GetClaimSize() - s.pvc = getClaim(claimSize, ns.Name) - s.pvc.Spec.StorageClassName = &s.sc.Name - s.pvc.Spec.VolumeMode = &volMode + var err error + + By("Creating sc") + l.sc, err = l.cs.StorageV1().StorageClasses().Create(l.sc) + Expect(err).NotTo(HaveOccurred()) + + By("Creating pv and pvc") + l.pvc, err = l.cs.CoreV1().PersistentVolumeClaims(l.ns.Name).Create(l.pvc) + Expect(err).NotTo(HaveOccurred()) + + err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, l.cs, l.pvc.Namespace, l.pvc.Name, framework.Poll, framework.ClaimProvisionTimeout) + Expect(err).To(HaveOccurred()) + }) + } else { + It("should create sc, pod, pv, and pvc, read/write to the pv, and delete all created resources", func() { + init() + defer cleanup() + + var err error + + By("Creating sc") + l.sc, err = l.cs.StorageV1().StorageClasses().Create(l.sc) + Expect(err).NotTo(HaveOccurred()) + + By("Creating pv and pvc") + l.pvc, err = l.cs.CoreV1().PersistentVolumeClaims(l.ns.Name).Create(l.pvc) + Expect(err).NotTo(HaveOccurred()) + + err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, l.cs, l.pvc.Namespace, l.pvc.Name, framework.Poll, framework.ClaimProvisionTimeout) + Expect(err).NotTo(HaveOccurred()) + + l.pvc, err = l.cs.CoreV1().PersistentVolumeClaims(l.pvc.Namespace).Get(l.pvc.Name, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + + l.pv, err = l.cs.CoreV1().PersistentVolumes().Get(l.pvc.Spec.VolumeName, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred()) + + By("Creating pod") + pod, err := framework.CreateSecPodWithNodeName(l.cs, l.ns.Name, []*v1.PersistentVolumeClaim{l.pvc}, + false, "", false, false, framework.SELinuxLabel, + nil, l.config.ClientNodeName, framework.PodStartTimeout) + defer func() { + framework.ExpectNoError(framework.DeletePodWithWait(f, l.cs, pod)) + }() + Expect(err).NotTo(HaveOccurred()) + + By("Checking if persistent volume exists as expected volume mode") + utils.CheckVolumeModeOfPath(pod, pattern.VolMode, "/mnt/volume1") + + By("Checking if read/write to persistent volume works properly") + utils.CheckReadWriteToPath(pod, pattern.VolMode, "/mnt/volume1") + }) + // TODO(mkimuram): Add more tests } default: - framework.Failf("Volume mode test doesn't support: %s", volType) - } -} - -func (s *volumeModeTestResource) cleanupResource(driver TestDriver, pattern testpatterns.TestPattern) { - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework - cs := f.ClientSet - ns := f.Namespace - volType := pattern.VolType - - By("Deleting pv and pvc") - errs := framework.PVPVCCleanup(cs, ns.Name, s.pv, s.pvc) - if len(errs) > 0 { - framework.Failf("Failed to delete PV and/or PVC: %v", utilerrors.NewAggregate(errs)) - } - By("Deleting sc") - if s.sc != nil { - deleteStorageClass(cs, s.sc.Name) + framework.Failf("Volume mode test doesn't support volType: %v", pattern.VolType) } - // Cleanup volume for pre-provisioned volume tests - DeleteVolume(driver, volType, s.driverTestResource) -} - -type volumeModeTestInput struct { - f *framework.Framework - sc *storagev1.StorageClass - pvc *v1.PersistentVolumeClaim - pv *v1.PersistentVolume - testVolType testpatterns.TestVolType - nodeName string - volMode v1.PersistentVolumeMode - isBlockSupported bool -} - -func testVolumeModeFailForPreprovisionedPV(input *volumeModeTestInput) { - It("should fail to create pod by failing to mount volume", func() { - f := input.f - cs := f.ClientSet - ns := f.Namespace - var err error - - By("Creating sc") - input.sc, err = cs.StorageV1().StorageClasses().Create(input.sc) - Expect(err).NotTo(HaveOccurred()) - - By("Creating pv and pvc") - input.pv, err = cs.CoreV1().PersistentVolumes().Create(input.pv) - Expect(err).NotTo(HaveOccurred()) - - // Prebind pv - input.pvc.Spec.VolumeName = input.pv.Name - input.pvc, err = cs.CoreV1().PersistentVolumeClaims(ns.Name).Create(input.pvc) - Expect(err).NotTo(HaveOccurred()) - - framework.ExpectNoError(framework.WaitOnPVandPVC(cs, ns.Name, input.pv, input.pvc)) - - By("Creating pod") - pod, err := framework.CreateSecPodWithNodeName(cs, ns.Name, []*v1.PersistentVolumeClaim{input.pvc}, - false, "", false, false, framework.SELinuxLabel, - nil, input.nodeName, framework.PodStartTimeout) - defer func() { - framework.ExpectNoError(framework.DeletePodWithWait(f, cs, pod)) - }() - Expect(err).To(HaveOccurred()) - }) -} - -func testVolumeModeSuccessForPreprovisionedPV(input *volumeModeTestInput) { - It("should create sc, pod, pv, and pvc, read/write to the pv, and delete all created resources", func() { - f := input.f - cs := f.ClientSet - ns := f.Namespace - var err error - - By("Creating sc") - input.sc, err = cs.StorageV1().StorageClasses().Create(input.sc) - Expect(err).NotTo(HaveOccurred()) - - By("Creating pv and pvc") - input.pv, err = cs.CoreV1().PersistentVolumes().Create(input.pv) - Expect(err).NotTo(HaveOccurred()) - - // Prebind pv - input.pvc.Spec.VolumeName = input.pv.Name - input.pvc, err = cs.CoreV1().PersistentVolumeClaims(ns.Name).Create(input.pvc) - Expect(err).NotTo(HaveOccurred()) - - framework.ExpectNoError(framework.WaitOnPVandPVC(cs, ns.Name, input.pv, input.pvc)) - - By("Creating pod") - pod, err := framework.CreateSecPodWithNodeName(cs, ns.Name, []*v1.PersistentVolumeClaim{input.pvc}, - false, "", false, false, framework.SELinuxLabel, - nil, input.nodeName, framework.PodStartTimeout) - defer func() { - framework.ExpectNoError(framework.DeletePodWithWait(f, cs, pod)) - }() - Expect(err).NotTo(HaveOccurred()) - - By("Checking if persistent volume exists as expected volume mode") - utils.CheckVolumeModeOfPath(pod, input.volMode, "/mnt/volume1") - - By("Checking if read/write to persistent volume works properly") - utils.CheckReadWriteToPath(pod, input.volMode, "/mnt/volume1") - }) - // TODO(mkimuram): Add more tests -} - -func testVolumeModeFailForDynamicPV(input *volumeModeTestInput) { - It("should fail in binding dynamic provisioned PV to PVC", func() { - f := input.f - cs := f.ClientSet - ns := f.Namespace - var err error - - By("Creating sc") - input.sc, err = cs.StorageV1().StorageClasses().Create(input.sc) - Expect(err).NotTo(HaveOccurred()) - - By("Creating pv and pvc") - input.pvc, err = cs.CoreV1().PersistentVolumeClaims(ns.Name).Create(input.pvc) - Expect(err).NotTo(HaveOccurred()) - - err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, cs, input.pvc.Namespace, input.pvc.Name, framework.Poll, framework.ClaimProvisionTimeout) - Expect(err).To(HaveOccurred()) - }) -} - -func testVolumeModeSuccessForDynamicPV(input *volumeModeTestInput) { - It("should create sc, pod, pv, and pvc, read/write to the pv, and delete all created resources", func() { - f := input.f - cs := f.ClientSet - ns := f.Namespace - var err error - - By("Creating sc") - input.sc, err = cs.StorageV1().StorageClasses().Create(input.sc) - Expect(err).NotTo(HaveOccurred()) - - By("Creating pv and pvc") - input.pvc, err = cs.CoreV1().PersistentVolumeClaims(ns.Name).Create(input.pvc) - Expect(err).NotTo(HaveOccurred()) - - err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, cs, input.pvc.Namespace, input.pvc.Name, framework.Poll, framework.ClaimProvisionTimeout) - Expect(err).NotTo(HaveOccurred()) - - input.pvc, err = cs.CoreV1().PersistentVolumeClaims(input.pvc.Namespace).Get(input.pvc.Name, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred()) - - input.pv, err = cs.CoreV1().PersistentVolumes().Get(input.pvc.Spec.VolumeName, metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred()) - - By("Creating pod") - pod, err := framework.CreateSecPodWithNodeName(cs, ns.Name, []*v1.PersistentVolumeClaim{input.pvc}, - false, "", false, false, framework.SELinuxLabel, - nil, input.nodeName, framework.PodStartTimeout) - defer func() { - framework.ExpectNoError(framework.DeletePodWithWait(f, cs, pod)) - }() - Expect(err).NotTo(HaveOccurred()) - - By("Checking if persistent volume exists as expected volume mode") - utils.CheckVolumeModeOfPath(pod, input.volMode, "/mnt/volume1") - - By("Checking if read/write to persistent volume works properly") - utils.CheckReadWriteToPath(pod, input.volMode, "/mnt/volume1") - }) - // TODO(mkimuram): Add more tests } func generateConfigsForPreprovisionedPVTest(scName string, volBindMode storagev1.VolumeBindingMode, - volMode v1.PersistentVolumeMode, pvSource v1.PersistentVolumeSource) (*storagev1.StorageClass, + volMode v1.PersistentVolumeMode, pvSource v1.PersistentVolumeSource, volumeNodeAffinity *v1.VolumeNodeAffinity) (*storagev1.StorageClass, framework.PersistentVolumeConfig, framework.PersistentVolumeClaimConfig) { // StorageClass scConfig := &storagev1.StorageClass{ @@ -386,6 +325,7 @@ func generateConfigsForPreprovisionedPVTest(scName string, volBindMode storagev1 // PV pvConfig := framework.PersistentVolumeConfig{ PVSource: pvSource, + NodeAffinity: volumeNodeAffinity, NamePrefix: pvNamePrefix, StorageClassName: scName, VolumeMode: &volMode, diff --git a/test/e2e/storage/testsuites/volumes.go b/test/e2e/storage/testsuites/volumes.go index 57222178eb0..3820295dfa6 100644 --- a/test/e2e/storage/testsuites/volumes.go +++ b/test/e2e/storage/testsuites/volumes.go @@ -89,101 +89,80 @@ func skipExecTest(driver TestDriver) { } } -func createVolumesTestInput(pattern testpatterns.TestPattern, resource genericVolumeTestResource) volumesTestInput { - var fsGroup *int64 - driver := resource.driver - dInfo := driver.GetDriverInfo() - f := dInfo.Config.Framework - volSource := resource.volSource +func (t *volumesTestSuite) defineTests(driver TestDriver, pattern testpatterns.TestPattern) { + type local struct { + config *PerTestConfig + testCleanup func() - if volSource == nil { - framework.Skipf("Driver %q does not define volumeSource - skipping", dInfo.Name) + resource *genericVolumeTestResource + } + var dInfo = driver.GetDriverInfo() + var l local + + // No preconditions to test. Normally they would be in a BeforeEach here. + + // This intentionally comes after checking the preconditions because it + // registers its own BeforeEach which creates the namespace. Beware that it + // also registers an AfterEach which renders f unusable. Any code using + // f must run inside an It or Context callback. + f := framework.NewDefaultFramework("volumeio") + + init := func() { + l = local{} + + // Now do the more expensive test initialization. + l.config, l.testCleanup = driver.PrepareTest(f) + l.resource = createGenericVolumeTestResource(driver, l.config, pattern) + if l.resource.volSource == nil { + framework.Skipf("Driver %q does not define volumeSource - skipping", dInfo.Name) + } } - if dInfo.Capabilities[CapFsGroup] { - fsGroupVal := int64(1234) - fsGroup = &fsGroupVal + cleanup := func() { + if l.resource != nil { + l.resource.cleanupResource() + l.resource = nil + } + + if l.testCleanup != nil { + l.testCleanup() + l.testCleanup = nil + } } - return volumesTestInput{ - f: f, - name: dInfo.Name, - config: &dInfo.Config, - fsGroup: fsGroup, - resource: resource, - fsType: pattern.FsType, - tests: []framework.VolumeTest{ + It("should be mountable", func() { + skipPersistenceTest(driver) + init() + defer func() { + framework.VolumeTestCleanup(f, convertTestConfig(l.config)) + cleanup() + }() + + tests := []framework.VolumeTest{ { - Volume: *volSource, + Volume: *l.resource.volSource, File: "index.html", // Must match content ExpectedContent: fmt.Sprintf("Hello from %s from namespace %s", dInfo.Name, f.Namespace.Name), }, - }, - } -} - -func (t *volumesTestSuite) execTest(driver TestDriver, pattern testpatterns.TestPattern) { - Context(getTestNameStr(t, pattern), func() { - var ( - resource genericVolumeTestResource - input volumesTestInput - needsCleanup bool - ) - - BeforeEach(func() { - needsCleanup = false - // Skip unsupported tests to avoid unnecessary resource initialization - skipUnsupportedTest(t, driver, pattern) - needsCleanup = true - - // Setup test resource for driver and testpattern - resource = genericVolumeTestResource{} - resource.setupResource(driver, pattern) - - // Create test input - input = createVolumesTestInput(pattern, resource) - }) - - AfterEach(func() { - if needsCleanup { - resource.cleanupResource(driver, pattern) - } - }) - - testVolumes(&input) + } + config := convertTestConfig(l.config) + framework.InjectHtml(f.ClientSet, config, tests[0].Volume, tests[0].ExpectedContent) + var fsGroup *int64 + if dInfo.Capabilities[CapFsGroup] { + fsGroupVal := int64(1234) + fsGroup = &fsGroupVal + } + framework.TestVolumeClient(f.ClientSet, config, fsGroup, pattern.FsType, tests) }) -} -type volumesTestInput struct { - f *framework.Framework - name string - config *TestConfig - fsGroup *int64 - fsType string - tests []framework.VolumeTest - resource genericVolumeTestResource -} - -func testVolumes(input *volumesTestInput) { - It("should be mountable", func() { - f := input.f - cs := f.ClientSet - defer framework.VolumeTestCleanup(f, convertTestConfig(input.config)) - - skipPersistenceTest(input.resource.driver) - - volumeTest := input.tests - config := convertTestConfig(input.config) - framework.InjectHtml(cs, config, volumeTest[0].Volume, volumeTest[0].ExpectedContent) - framework.TestVolumeClient(cs, config, input.fsGroup, input.fsType, input.tests) - }) It("should allow exec of files on the volume", func() { - f := input.f - skipExecTest(input.resource.driver) + skipExecTest(driver) + init() + defer cleanup() - testScriptInPod(f, input.resource.volType, input.resource.volSource, input.resource.driver.GetDriverInfo().Config.ClientNodeSelector) + testScriptInPod(f, l.resource.volType, l.resource.volSource, l.config.ClientNodeSelector) }) } diff --git a/test/e2e/storage/utils/BUILD b/test/e2e/storage/utils/BUILD index fe99be305f3..26c31d64611 100644 --- a/test/e2e/storage/utils/BUILD +++ b/test/e2e/storage/utils/BUILD @@ -10,6 +10,8 @@ go_library( srcs = [ "deployment.go", "framework.go", + "host_exec.go", + "local.go", "utils.go", ], importpath = "k8s.io/kubernetes/test/e2e/storage/utils", @@ -20,6 +22,7 @@ go_library( "//staging/src/k8s.io/api/storage/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/uuid:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//test/e2e/framework:go_default_library", diff --git a/test/e2e/storage/utils/deployment.go b/test/e2e/storage/utils/deployment.go index fa7ddd5995f..e899f2ca888 100644 --- a/test/e2e/storage/utils/deployment.go +++ b/test/e2e/storage/utils/deployment.go @@ -93,6 +93,14 @@ func PatchCSIDeployment(f *framework.Framework, o PatchCSIOptions, object interf // Driver name is expected to be the same // as the provisioner here. container.Args = append(container.Args, "--provisioner="+o.NewDriverName) + case o.SnapshotterContainerName: + // Driver name is expected to be the same + // as the snapshotter here. + container.Args = append(container.Args, "--snapshotter="+o.NewDriverName) + case o.ClusterRegistrarContainerName: + if o.PodInfoVersion != nil { + container.Args = append(container.Args, "--pod-info-mount-version="+*o.PodInfoVersion) + } } } } @@ -145,6 +153,16 @@ type PatchCSIOptions struct { // If non-empty, --provisioner with new name will be appended // to the argument list. ProvisionerContainerName string + // The name of the container which has the snapshotter binary. + // If non-empty, --snapshotter with new name will be appended + // to the argument list. + SnapshotterContainerName string + // The name of the container which has the cluster-driver-registrar + // binary. + ClusterRegistrarContainerName string // If non-empty, all pods are forced to run on this node. NodeName string + // If not nil, the argument to pass to the cluster-driver-registrar's + // pod-info-mount-version argument. + PodInfoVersion *string } diff --git a/test/e2e/storage/utils/host_exec.go b/test/e2e/storage/utils/host_exec.go new file mode 100644 index 00000000000..48c1e71f900 --- /dev/null +++ b/test/e2e/storage/utils/host_exec.go @@ -0,0 +1,124 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package utils + +import ( + "fmt" + + "k8s.io/api/core/v1" + "k8s.io/kubernetes/test/e2e/framework" +) + +// HostExec represents interface we require to execute commands on remote host. +type HostExec interface { + IssueCommandWithResult(cmd string, node *v1.Node) (string, error) + IssueCommand(cmd string, node *v1.Node) error + Cleanup() +} + +// hostExecutor implements HostExec +type hostExecutor struct { + *framework.Framework + nodeExecPods map[string]*v1.Pod +} + +// NewHostExec returns a HostExec +func NewHostExec(framework *framework.Framework) HostExec { + return &hostExecutor{ + Framework: framework, + nodeExecPods: make(map[string]*v1.Pod), + } +} + +// launchNodeExecPod launches a hostexec pod for local PV and waits +// until it's Running. +func (h *hostExecutor) launchNodeExecPod(node string) *v1.Pod { + f := h.Framework + cs := f.ClientSet + ns := f.Namespace + hostExecPod := framework.NewExecPodSpec(ns.Name, fmt.Sprintf("hostexec-%s", node), true) + hostExecPod.Spec.NodeName = node + hostExecPod.Spec.Volumes = []v1.Volume{ + { + // Required to enter into host mount namespace via nsenter. + Name: "rootfs", + VolumeSource: v1.VolumeSource{ + HostPath: &v1.HostPathVolumeSource{ + Path: "/", + }, + }, + }, + } + hostExecPod.Spec.Containers[0].VolumeMounts = []v1.VolumeMount{ + { + Name: "rootfs", + MountPath: "/rootfs", + ReadOnly: true, + }, + } + hostExecPod.Spec.Containers[0].SecurityContext = &v1.SecurityContext{ + Privileged: func(privileged bool) *bool { + return &privileged + }(true), + } + pod, err := cs.CoreV1().Pods(ns.Name).Create(hostExecPod) + framework.ExpectNoError(err) + err = framework.WaitForPodRunningInNamespace(cs, pod) + framework.ExpectNoError(err) + return pod +} + +// IssueCommandWithResult issues command on given node and returns stdout. +func (h *hostExecutor) IssueCommandWithResult(cmd string, node *v1.Node) (string, error) { + pod, ok := h.nodeExecPods[node.Name] + if !ok { + pod = h.launchNodeExecPod(node.Name) + if pod == nil { + return "", fmt.Errorf("failed to create hostexec pod for node %q", node) + } + h.nodeExecPods[node.Name] = pod + } + args := []string{ + "exec", + fmt.Sprintf("--namespace=%v", pod.Namespace), + pod.Name, + "--", + "nsenter", + "--mount=/rootfs/proc/1/ns/mnt", + "--", + "sh", + "-c", + cmd, + } + return framework.RunKubectl(args...) +} + +// IssueCommand works like IssueCommandWithResult, but discards result. +func (h *hostExecutor) IssueCommand(cmd string, node *v1.Node) error { + _, err := h.IssueCommandWithResult(cmd, node) + return err +} + +// Cleanup cleanup resources it created during test. +// Note that in most cases it is not necessary to call this because we create +// pods under test namespace which will be destroyed in teardown phase. +func (h *hostExecutor) Cleanup() { + for _, pod := range h.nodeExecPods { + framework.DeletePodOrFail(h.Framework.ClientSet, pod.Namespace, pod.Name) + } + h.nodeExecPods = make(map[string]*v1.Pod) +} diff --git a/test/e2e/storage/utils/local.go b/test/e2e/storage/utils/local.go new file mode 100644 index 00000000000..5281b1ab08f --- /dev/null +++ b/test/e2e/storage/utils/local.go @@ -0,0 +1,345 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package utils + +/* + * Various local test resource implementations. + */ + +import ( + "fmt" + "path/filepath" + "strings" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/uuid" + "k8s.io/kubernetes/test/e2e/framework" +) + +// LocalVolumeType represents type of local volume, e.g. tmpfs, directory, +// block, etc. +type LocalVolumeType string + +const ( + // A simple directory as local volume + LocalVolumeDirectory LocalVolumeType = "dir" + // Like LocalVolumeDirectory but it's a symbolic link to directory + LocalVolumeDirectoryLink LocalVolumeType = "dir-link" + // Like LocalVolumeDirectory but bind mounted + LocalVolumeDirectoryBindMounted LocalVolumeType = "dir-bindmounted" + // Like LocalVolumeDirectory but it's a symbolic link to self bind mounted directory + // Note that bind mounting at symbolic link actually mounts at directory it + // links to + LocalVolumeDirectoryLinkBindMounted LocalVolumeType = "dir-link-bindmounted" + // Use temporary filesystem as local volume + LocalVolumeTmpfs LocalVolumeType = "tmpfs" + // Block device, creates a local file, and maps it as a block device + LocalVolumeBlock LocalVolumeType = "block" + // Filesystem backed by a block device + LocalVolumeBlockFS LocalVolumeType = "blockfs" + // Use GCE Local SSD as local volume, this is a filesystem + LocalVolumeGCELocalSSD LocalVolumeType = "gce-localssd-scsi-fs" +) + +// LocalTestResource represents test resource of a local volume. +type LocalTestResource struct { + VolumeType LocalVolumeType + Node *v1.Node + // Volume path, path to filesystem or block device on the node + Path string + // If volume is backed by a loop device, we create loop device storage file + // under this directory. + loopDir string +} + +// LocalTestResourceManager represents interface to create/destroy local test resources on node +type LocalTestResourceManager interface { + Create(node *v1.Node, volumeType LocalVolumeType, parameters map[string]string) *LocalTestResource + Remove(ltr *LocalTestResource) +} + +// ltrMgr implements LocalTestResourceManager +type ltrMgr struct { + prefix string + hostExec HostExec + // hostBase represents a writable directory on the host under which we + // create test directories + hostBase string +} + +// NewLocalResourceManager returns a instance of LocalTestResourceManager +func NewLocalResourceManager(prefix string, hostExec HostExec, hostBase string) LocalTestResourceManager { + return <rMgr{ + prefix: prefix, + hostExec: hostExec, + hostBase: hostBase, + } +} + +// getTestDir returns a test dir under `hostBase` directory with randome name. +func (l *ltrMgr) getTestDir() string { + testDirName := fmt.Sprintf("%s-%s", l.prefix, string(uuid.NewUUID())) + return filepath.Join(l.hostBase, testDirName) +} + +func (l *ltrMgr) setupLocalVolumeTmpfs(node *v1.Node, parameters map[string]string) *LocalTestResource { + hostDir := l.getTestDir() + By(fmt.Sprintf("Creating tmpfs mount point on node %q at path %q", node.Name, hostDir)) + err := l.hostExec.IssueCommand(fmt.Sprintf("mkdir -p %q && sudo mount -t tmpfs -o size=10m tmpfs-%q %q", hostDir, hostDir, hostDir), node) + Expect(err).NotTo(HaveOccurred()) + return &LocalTestResource{ + Node: node, + Path: hostDir, + } +} + +func (l *ltrMgr) cleanupLocalVolumeTmpfs(ltr *LocalTestResource) { + By(fmt.Sprintf("Unmount tmpfs mount point on node %q at path %q", ltr.Node.Name, ltr.Path)) + err := l.hostExec.IssueCommand(fmt.Sprintf("sudo umount %q", ltr.Path), ltr.Node) + Expect(err).NotTo(HaveOccurred()) + + By("Removing the test directory") + err = l.hostExec.IssueCommand(fmt.Sprintf("rm -r %s", ltr.Path), ltr.Node) + Expect(err).NotTo(HaveOccurred()) +} + +// createAndSetupLoopDevice creates an empty file and associates a loop devie with it. +func (l *ltrMgr) createAndSetupLoopDevice(dir string, node *v1.Node, size int) { + By(fmt.Sprintf("Creating block device on node %q using path %q", node.Name, dir)) + mkdirCmd := fmt.Sprintf("mkdir -p %s", dir) + count := size / 4096 + // xfs requires at least 4096 blocks + if count < 4096 { + count = 4096 + } + ddCmd := fmt.Sprintf("dd if=/dev/zero of=%s/file bs=4096 count=%d", dir, count) + losetupCmd := fmt.Sprintf("sudo losetup -f %s/file", dir) + err := l.hostExec.IssueCommand(fmt.Sprintf("%s && %s && %s", mkdirCmd, ddCmd, losetupCmd), node) + Expect(err).NotTo(HaveOccurred()) +} + +// findLoopDevice finds loop device path by its associated storage directory. +func (l *ltrMgr) findLoopDevice(dir string, node *v1.Node) string { + cmd := fmt.Sprintf("E2E_LOOP_DEV=$(sudo losetup | grep %s/file | awk '{ print $1 }') 2>&1 > /dev/null && echo ${E2E_LOOP_DEV}", dir) + loopDevResult, err := l.hostExec.IssueCommandWithResult(cmd, node) + Expect(err).NotTo(HaveOccurred()) + return strings.TrimSpace(loopDevResult) +} + +func (l *ltrMgr) setupLocalVolumeBlock(node *v1.Node, parameters map[string]string) *LocalTestResource { + loopDir := l.getTestDir() + l.createAndSetupLoopDevice(loopDir, node, 20*1024*1024) + loopDev := l.findLoopDevice(loopDir, node) + return &LocalTestResource{ + Node: node, + Path: loopDev, + loopDir: loopDir, + } +} + +// teardownLoopDevice tears down loop device by its associated storage directory. +func (l *ltrMgr) teardownLoopDevice(dir string, node *v1.Node) { + loopDev := l.findLoopDevice(dir, node) + By(fmt.Sprintf("Tear down block device %q on node %q at path %s/file", loopDev, node.Name, dir)) + losetupDeleteCmd := fmt.Sprintf("sudo losetup -d %s", loopDev) + err := l.hostExec.IssueCommand(losetupDeleteCmd, node) + Expect(err).NotTo(HaveOccurred()) + return +} + +func (l *ltrMgr) cleanupLocalVolumeBlock(ltr *LocalTestResource) { + l.teardownLoopDevice(ltr.loopDir, ltr.Node) + By(fmt.Sprintf("Removing the test directory %s", ltr.loopDir)) + removeCmd := fmt.Sprintf("rm -r %s", ltr.loopDir) + err := l.hostExec.IssueCommand(removeCmd, ltr.Node) + Expect(err).NotTo(HaveOccurred()) +} + +func (l *ltrMgr) setupLocalVolumeBlockFS(node *v1.Node, parameters map[string]string) *LocalTestResource { + ltr := l.setupLocalVolumeBlock(node, parameters) + loopDev := ltr.Path + loopDir := ltr.loopDir + // Format and mount at loopDir and give others rwx for read/write testing + cmd := fmt.Sprintf("sudo mkfs -t ext4 %s && sudo mount -t ext4 %s %s && sudo chmod o+rwx %s", loopDev, loopDev, loopDir, loopDir) + err := l.hostExec.IssueCommand(cmd, node) + Expect(err).NotTo(HaveOccurred()) + return &LocalTestResource{ + Node: node, + Path: loopDir, + loopDir: loopDir, + } +} + +func (l *ltrMgr) cleanupLocalVolumeBlockFS(ltr *LocalTestResource) { + umountCmd := fmt.Sprintf("sudo umount %s", ltr.Path) + err := l.hostExec.IssueCommand(umountCmd, ltr.Node) + Expect(err).NotTo(HaveOccurred()) + l.cleanupLocalVolumeBlock(ltr) +} + +func (l *ltrMgr) setupLocalVolumeDirectory(node *v1.Node, parameters map[string]string) *LocalTestResource { + hostDir := l.getTestDir() + mkdirCmd := fmt.Sprintf("mkdir -p %s", hostDir) + err := l.hostExec.IssueCommand(mkdirCmd, node) + Expect(err).NotTo(HaveOccurred()) + return &LocalTestResource{ + Node: node, + Path: hostDir, + } +} + +func (l *ltrMgr) cleanupLocalVolumeDirectory(ltr *LocalTestResource) { + By("Removing the test directory") + removeCmd := fmt.Sprintf("rm -r %s", ltr.Path) + err := l.hostExec.IssueCommand(removeCmd, ltr.Node) + Expect(err).NotTo(HaveOccurred()) +} + +func (l *ltrMgr) setupLocalVolumeDirectoryLink(node *v1.Node, parameters map[string]string) *LocalTestResource { + hostDir := l.getTestDir() + hostDirBackend := hostDir + "-backend" + cmd := fmt.Sprintf("mkdir %s && sudo ln -s %s %s", hostDirBackend, hostDirBackend, hostDir) + err := l.hostExec.IssueCommand(cmd, node) + Expect(err).NotTo(HaveOccurred()) + return &LocalTestResource{ + Node: node, + Path: hostDir, + } +} + +func (l *ltrMgr) cleanupLocalVolumeDirectoryLink(ltr *LocalTestResource) { + By("Removing the test directory") + hostDir := ltr.Path + hostDirBackend := hostDir + "-backend" + removeCmd := fmt.Sprintf("sudo rm -r %s && rm -r %s", hostDir, hostDirBackend) + err := l.hostExec.IssueCommand(removeCmd, ltr.Node) + Expect(err).NotTo(HaveOccurred()) +} + +func (l *ltrMgr) setupLocalVolumeDirectoryBindMounted(node *v1.Node, parameters map[string]string) *LocalTestResource { + hostDir := l.getTestDir() + cmd := fmt.Sprintf("mkdir %s && sudo mount --bind %s %s", hostDir, hostDir, hostDir) + err := l.hostExec.IssueCommand(cmd, node) + Expect(err).NotTo(HaveOccurred()) + return &LocalTestResource{ + Node: node, + Path: hostDir, + } +} + +func (l *ltrMgr) cleanupLocalVolumeDirectoryBindMounted(ltr *LocalTestResource) { + By("Removing the test directory") + hostDir := ltr.Path + removeCmd := fmt.Sprintf("sudo umount %s && rm -r %s", hostDir, hostDir) + err := l.hostExec.IssueCommand(removeCmd, ltr.Node) + Expect(err).NotTo(HaveOccurred()) +} + +func (l *ltrMgr) setupLocalVolumeDirectoryLinkBindMounted(node *v1.Node, parameters map[string]string) *LocalTestResource { + hostDir := l.getTestDir() + hostDirBackend := hostDir + "-backend" + cmd := fmt.Sprintf("mkdir %s && sudo mount --bind %s %s && sudo ln -s %s %s", hostDirBackend, hostDirBackend, hostDirBackend, hostDirBackend, hostDir) + err := l.hostExec.IssueCommand(cmd, node) + Expect(err).NotTo(HaveOccurred()) + return &LocalTestResource{ + Node: node, + Path: hostDir, + } +} + +func (l *ltrMgr) cleanupLocalVolumeDirectoryLinkBindMounted(ltr *LocalTestResource) { + By("Removing the test directory") + hostDir := ltr.Path + hostDirBackend := hostDir + "-backend" + removeCmd := fmt.Sprintf("sudo rm %s && sudo umount %s && rm -r %s", hostDir, hostDirBackend, hostDirBackend) + err := l.hostExec.IssueCommand(removeCmd, ltr.Node) + Expect(err).NotTo(HaveOccurred()) +} + +func (l *ltrMgr) setupLocalVolumeGCELocalSSD(node *v1.Node, parameters map[string]string) *LocalTestResource { + res, err := l.hostExec.IssueCommandWithResult("ls /mnt/disks/by-uuid/google-local-ssds-scsi-fs/", node) + Expect(err).NotTo(HaveOccurred()) + dirName := strings.Fields(res)[0] + hostDir := "/mnt/disks/by-uuid/google-local-ssds-scsi-fs/" + dirName + return &LocalTestResource{ + Node: node, + Path: hostDir, + } +} + +func (l *ltrMgr) cleanupLocalVolumeGCELocalSSD(ltr *LocalTestResource) { + // This filesystem is attached in cluster initialization, we clean all files to make it reusable. + removeCmd := fmt.Sprintf("find '%s' -mindepth 1 -maxdepth 1 -print0 | xargs -r -0 rm -rf", ltr.Path) + err := l.hostExec.IssueCommand(removeCmd, ltr.Node) + Expect(err).NotTo(HaveOccurred()) +} + +func (l *ltrMgr) Create(node *v1.Node, volumeType LocalVolumeType, parameters map[string]string) *LocalTestResource { + var ltr *LocalTestResource + switch volumeType { + case LocalVolumeDirectory: + ltr = l.setupLocalVolumeDirectory(node, parameters) + case LocalVolumeDirectoryLink: + ltr = l.setupLocalVolumeDirectoryLink(node, parameters) + case LocalVolumeDirectoryBindMounted: + ltr = l.setupLocalVolumeDirectoryBindMounted(node, parameters) + case LocalVolumeDirectoryLinkBindMounted: + ltr = l.setupLocalVolumeDirectoryLinkBindMounted(node, parameters) + case LocalVolumeTmpfs: + ltr = l.setupLocalVolumeTmpfs(node, parameters) + case LocalVolumeBlock: + ltr = l.setupLocalVolumeBlock(node, parameters) + case LocalVolumeBlockFS: + ltr = l.setupLocalVolumeBlockFS(node, parameters) + case LocalVolumeGCELocalSSD: + ltr = l.setupLocalVolumeGCELocalSSD(node, parameters) + default: + framework.Failf("Failed to create local test resource on node %q, unsupported volume type: %v is specified", node.Name, volumeType) + return nil + } + if ltr == nil { + framework.Failf("Failed to create local test resource on node %q, volume type: %v, parameters: %v", node.Name, volumeType, parameters) + } + ltr.VolumeType = volumeType + return ltr +} + +func (l *ltrMgr) Remove(ltr *LocalTestResource) { + switch ltr.VolumeType { + case LocalVolumeDirectory: + l.cleanupLocalVolumeDirectory(ltr) + case LocalVolumeDirectoryLink: + l.cleanupLocalVolumeDirectoryLink(ltr) + case LocalVolumeDirectoryBindMounted: + l.cleanupLocalVolumeDirectoryBindMounted(ltr) + case LocalVolumeDirectoryLinkBindMounted: + l.cleanupLocalVolumeDirectoryLinkBindMounted(ltr) + case LocalVolumeTmpfs: + l.cleanupLocalVolumeTmpfs(ltr) + case LocalVolumeBlock: + l.cleanupLocalVolumeBlock(ltr) + case LocalVolumeBlockFS: + l.cleanupLocalVolumeBlockFS(ltr) + case LocalVolumeGCELocalSSD: + l.cleanupLocalVolumeGCELocalSSD(ltr) + default: + framework.Failf("Failed to remove local test resource, unsupported volume type: %v is specified", ltr.VolumeType) + } + return +} diff --git a/test/e2e/storage/volume_expand.go b/test/e2e/storage/volume_expand.go index 1927e970adc..5d9486d4a94 100644 --- a/test/e2e/storage/volume_expand.go +++ b/test/e2e/storage/volume_expand.go @@ -40,7 +40,7 @@ const ( totalResizeWaitPeriod = 20 * time.Minute ) -var _ = utils.SIGDescribe("Volume expand [Slow]", func() { +var _ = utils.SIGDescribe("Volume expand", func() { var ( c clientset.Interface ns string @@ -56,10 +56,11 @@ var _ = utils.SIGDescribe("Volume expand [Slow]", func() { ns = f.Namespace.Name framework.ExpectNoError(framework.WaitForAllNodesSchedulable(c, framework.TestContext.NodeSchedulableTimeout)) test := testsuites.StorageClassTest{ - Name: "default", - ClaimSize: "2Gi", + Name: "default", + ClaimSize: "2Gi", + AllowVolumeExpansion: true, } - resizableSc, err = createResizableStorageClass(test, ns, "resizing", c) + resizableSc, err = createStorageClass(test, ns, "resizing", c) Expect(err).NotTo(HaveOccurred(), "Error creating resizable storage class") Expect(resizableSc.AllowVolumeExpansion).NotTo(BeNil()) Expect(*resizableSc.AllowVolumeExpansion).To(BeTrue()) @@ -75,6 +76,39 @@ var _ = utils.SIGDescribe("Volume expand [Slow]", func() { framework.ExpectNoError(c.StorageV1().StorageClasses().Delete(resizableSc.Name, nil)) }) + It("should not allow expansion of pvcs without AllowVolumeExpansion property", func() { + test := testsuites.StorageClassTest{ + Name: "no-expansion", + ClaimSize: "2Gi", + } + regularSC, err := createStorageClass(test, ns, "noexpand", c) + Expect(err).NotTo(HaveOccurred(), "Error creating non-expandable storage class") + + defer func() { + framework.ExpectNoError(c.StorageV1().StorageClasses().Delete(regularSC.Name, nil)) + }() + Expect(regularSC.AllowVolumeExpansion).To(BeNil()) + + noExpandPVC := newClaim(test, ns, "noexpand") + noExpandPVC.Spec.StorageClassName = ®ularSC.Name + noExpandPVC, err = c.CoreV1().PersistentVolumeClaims(noExpandPVC.Namespace).Create(noExpandPVC) + Expect(err).NotTo(HaveOccurred(), "Error creating pvc") + + defer func() { + framework.ExpectNoError(framework.DeletePersistentVolumeClaim(c, noExpandPVC.Name, noExpandPVC.Namespace)) + }() + + pvcClaims := []*v1.PersistentVolumeClaim{noExpandPVC} + pvs, err := framework.WaitForPVClaimBoundPhase(c, pvcClaims, framework.ClaimProvisionTimeout) + Expect(err).NotTo(HaveOccurred(), "Failed waiting for PVC to be bound %v", err) + Expect(len(pvs)).To(Equal(1)) + + By("Expanding non-expandable pvc") + newSize := resource.MustParse("6Gi") + noExpandPVC, err = expandPVCSize(noExpandPVC, newSize, c) + Expect(err).To(HaveOccurred(), "While updating non-expandable PVC") + }) + It("Verify if editing PVC allows resize", func() { By("Waiting for pvc to be in bound phase") pvcClaims := []*v1.PersistentVolumeClaim{pvc} @@ -134,10 +168,8 @@ var _ = utils.SIGDescribe("Volume expand [Slow]", func() { }) }) -func createResizableStorageClass(t testsuites.StorageClassTest, ns string, suffix string, c clientset.Interface) (*storage.StorageClass, error) { +func createStorageClass(t testsuites.StorageClassTest, ns string, suffix string, c clientset.Interface) (*storage.StorageClass, error) { stKlass := newStorageClass(t, ns, suffix) - allowExpansion := true - stKlass.AllowVolumeExpansion = &allowExpansion var err error stKlass, err = c.StorageV1().StorageClasses().Create(stKlass) diff --git a/test/e2e/storage/volume_metrics.go b/test/e2e/storage/volume_metrics.go index 8c1dccc2d05..06a83ccb178 100644 --- a/test/e2e/storage/volume_metrics.go +++ b/test/e2e/storage/volume_metrics.go @@ -42,7 +42,7 @@ var _ = utils.SIGDescribe("[Serial] Volume metrics", func() { c clientset.Interface ns string pvc *v1.PersistentVolumeClaim - metricsGrabber *metrics.MetricsGrabber + metricsGrabber *metrics.Grabber ) f := framework.NewDefaultFramework("pv") @@ -422,7 +422,7 @@ var _ = utils.SIGDescribe("[Serial] Volume metrics", func() { }) }) -func waitForDetachAndGrabMetrics(oldMetrics map[string]int64, metricsGrabber *metrics.MetricsGrabber) map[string]int64 { +func waitForDetachAndGrabMetrics(oldMetrics map[string]int64, metricsGrabber *metrics.Grabber) map[string]int64 { backoff := wait.Backoff{ Duration: 10 * time.Second, Factor: 1.2, @@ -527,7 +527,7 @@ func findVolumeStatMetric(metricKeyName string, namespace string, pvcName string } // Wait for the count of a pv controller's metric specified by metricName and dimension bigger than zero. -func waitForPVControllerSync(metricsGrabber *metrics.MetricsGrabber, metricName, dimension string) { +func waitForPVControllerSync(metricsGrabber *metrics.Grabber, metricName, dimension string) { backoff := wait.Backoff{ Duration: 10 * time.Second, Factor: 1.2, @@ -608,7 +608,7 @@ func getStatesMetrics(metricKey string, givenMetrics metrics.Metrics) map[string return states } -func waitForADControllerStatesMetrics(metricsGrabber *metrics.MetricsGrabber, metricName string, dimensions []string, stateNames []string) { +func waitForADControllerStatesMetrics(metricsGrabber *metrics.Grabber, metricName string, dimensions []string, stateNames []string) { backoff := wait.Backoff{ Duration: 10 * time.Second, Factor: 1.2, diff --git a/test/e2e/storage/volume_provisioning.go b/test/e2e/storage/volume_provisioning.go index bf61f418e2c..291fb45497b 100644 --- a/test/e2e/storage/volume_provisioning.go +++ b/test/e2e/storage/volume_provisioning.go @@ -43,9 +43,8 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/authentication/serviceaccount" clientset "k8s.io/client-go/kubernetes" + volumehelpers "k8s.io/cloud-provider/volume/helpers" storageutil "k8s.io/kubernetes/pkg/apis/storage/v1/util" - kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis" - volumeutil "k8s.io/kubernetes/pkg/volume/util" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/framework/providers/gce" "k8s.io/kubernetes/test/e2e/storage/testsuites" @@ -71,20 +70,20 @@ func checkZonesFromLabelAndAffinity(pv *v1.PersistentVolume, zones sets.String, if pv == nil { framework.Failf("nil pv passed") } - pvLabel, ok := pv.Labels[kubeletapis.LabelZoneFailureDomain] + pvLabel, ok := pv.Labels[v1.LabelZoneFailureDomain] if !ok { - framework.Failf("label %s not found on PV", kubeletapis.LabelZoneFailureDomain) + framework.Failf("label %s not found on PV", v1.LabelZoneFailureDomain) } - zonesFromLabel, err := volumeutil.LabelZonesToSet(pvLabel) + zonesFromLabel, err := volumehelpers.LabelZonesToSet(pvLabel) if err != nil { framework.Failf("unable to parse zone labels %s: %v", pvLabel, err) } if matchZones && !zonesFromLabel.Equal(zones) { - framework.Failf("value[s] of %s label for PV: %v does not match expected zone[s]: %v", kubeletapis.LabelZoneFailureDomain, zonesFromLabel, zones) + framework.Failf("value[s] of %s label for PV: %v does not match expected zone[s]: %v", v1.LabelZoneFailureDomain, zonesFromLabel, zones) } if !matchZones && !zonesFromLabel.IsSuperset(zones) { - framework.Failf("value[s] of %s label for PV: %v does not contain expected zone[s]: %v", kubeletapis.LabelZoneFailureDomain, zonesFromLabel, zones) + framework.Failf("value[s] of %s label for PV: %v does not contain expected zone[s]: %v", v1.LabelZoneFailureDomain, zonesFromLabel, zones) } if pv.Spec.NodeAffinity == nil { framework.Failf("node affinity not found in PV spec %v", pv.Spec) @@ -96,7 +95,7 @@ func checkZonesFromLabelAndAffinity(pv *v1.PersistentVolume, zones sets.String, for _, term := range pv.Spec.NodeAffinity.Required.NodeSelectorTerms { keyFound := false for _, r := range term.MatchExpressions { - if r.Key != kubeletapis.LabelZoneFailureDomain { + if r.Key != v1.LabelZoneFailureDomain { continue } keyFound = true @@ -110,7 +109,7 @@ func checkZonesFromLabelAndAffinity(pv *v1.PersistentVolume, zones sets.String, break } if !keyFound { - framework.Failf("label %s not found in term %v", kubeletapis.LabelZoneFailureDomain, term) + framework.Failf("label %s not found in term %v", v1.LabelZoneFailureDomain, term) } } } @@ -213,27 +212,28 @@ func testZonalDelayedBinding(c clientset.Interface, ns string, specifyAllowedTop action := "creating claims with class with waitForFirstConsumer" suffix := "delayed" var topoZone string - class := newStorageClass(test, ns, suffix) + test.Client = c + test.Class = newStorageClass(test, ns, suffix) if specifyAllowedTopology { action += " and allowedTopologies" suffix += "-topo" topoZone = getRandomClusterZone(c) - addSingleZoneAllowedTopologyToStorageClass(c, class, topoZone) + addSingleZoneAllowedTopologyToStorageClass(c, test.Class, topoZone) } By(action) var claims []*v1.PersistentVolumeClaim for i := 0; i < pvcCount; i++ { claim := newClaim(test, ns, suffix) - claim.Spec.StorageClassName = &class.Name + claim.Spec.StorageClassName = &test.Class.Name claims = append(claims, claim) } - pvs, node := testsuites.TestBindingWaitForFirstConsumerMultiPVC(test, c, claims, class) + pvs, node := test.TestBindingWaitForFirstConsumerMultiPVC(claims, nil /* node selector */, false /* expect unschedulable */) if node == nil { framework.Failf("unexpected nil node found") } - zone, ok := node.Labels[kubeletapis.LabelZoneFailureDomain] + zone, ok := node.Labels[v1.LabelZoneFailureDomain] if !ok { - framework.Failf("label %s not found on Node", kubeletapis.LabelZoneFailureDomain) + framework.Failf("label %s not found on Node", v1.LabelZoneFailureDomain) } if specifyAllowedTopology && topoZone != zone { framework.Failf("zone specified in allowedTopologies: %s does not match zone of node where PV got provisioned: %s", topoZone, zone) @@ -258,7 +258,6 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { Describe("DynamicProvisioner [Slow]", func() { It("should provision storage with different parameters", func() { - cloudZone := getRandomClusterZone(c) // This test checks that dynamic provisioning can provision a volume // that can be used to persist data among pods. @@ -270,12 +269,14 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { Provisioner: "kubernetes.io/gce-pd", Parameters: map[string]string{ "type": "pd-ssd", - "zone": cloudZone, + "zone": getRandomClusterZone(c), }, ClaimSize: "1.5Gi", ExpectedSize: "2Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - return checkGCEPD(volume, "pd-ssd") + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkGCEPD(volume, "pd-ssd") + Expect(err).NotTo(HaveOccurred(), "checkGCEPD pd-ssd") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, { @@ -287,8 +288,10 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { }, ClaimSize: "1.5Gi", ExpectedSize: "2Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - return checkGCEPD(volume, "pd-standard") + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkGCEPD(volume, "pd-standard") + Expect(err).NotTo(HaveOccurred(), "checkGCEPD pd-standard") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, // AWS @@ -298,12 +301,14 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { Provisioner: "kubernetes.io/aws-ebs", Parameters: map[string]string{ "type": "gp2", - "zone": cloudZone, + "zone": getRandomClusterZone(c), }, ClaimSize: "1.5Gi", ExpectedSize: "2Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - return checkAWSEBS(volume, "gp2", false) + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkAWSEBS(volume, "gp2", false) + Expect(err).NotTo(HaveOccurred(), "checkAWSEBS gp2") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, { @@ -316,8 +321,10 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { }, ClaimSize: "3.5Gi", ExpectedSize: "4Gi", // 4 GiB is minimum for io1 - PvCheck: func(volume *v1.PersistentVolume) error { - return checkAWSEBS(volume, "io1", false) + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkAWSEBS(volume, "io1", false) + Expect(err).NotTo(HaveOccurred(), "checkAWSEBS io1") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, { @@ -329,8 +336,10 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { }, ClaimSize: "500Gi", // minimum for sc1 ExpectedSize: "500Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - return checkAWSEBS(volume, "sc1", false) + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkAWSEBS(volume, "sc1", false) + Expect(err).NotTo(HaveOccurred(), "checkAWSEBS sc1") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, { @@ -342,8 +351,10 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { }, ClaimSize: "500Gi", // minimum for st1 ExpectedSize: "500Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - return checkAWSEBS(volume, "st1", false) + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkAWSEBS(volume, "st1", false) + Expect(err).NotTo(HaveOccurred(), "checkAWSEBS st1") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, { @@ -355,8 +366,10 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { }, ClaimSize: "1Gi", ExpectedSize: "1Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - return checkAWSEBS(volume, "gp2", true) + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkAWSEBS(volume, "gp2", true) + Expect(err).NotTo(HaveOccurred(), "checkAWSEBS gp2 encrypted") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, }, // OpenStack generic tests (works on all OpenStack deployments) @@ -367,7 +380,9 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { Parameters: map[string]string{}, ClaimSize: "1.5Gi", ExpectedSize: "2Gi", - PvCheck: nil, // there is currently nothing to check on OpenStack + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) + }, }, { Name: "Cinder volume with empty volume type and zone on OpenStack", @@ -379,7 +394,9 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { }, ClaimSize: "1.5Gi", ExpectedSize: "2Gi", - PvCheck: nil, // there is currently nothing to check on OpenStack + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) + }, }, // vSphere generic test { @@ -389,7 +406,9 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { Parameters: map[string]string{}, ClaimSize: "1.5Gi", ExpectedSize: "1.5Gi", - PvCheck: nil, + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) + }, }, // Azure { @@ -399,7 +418,9 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { Parameters: map[string]string{}, ClaimSize: "1Gi", ExpectedSize: "1Gi", - PvCheck: nil, + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) + }, }, } @@ -419,10 +440,11 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { By("Testing " + test.Name) suffix := fmt.Sprintf("%d", i) - class := newStorageClass(test, ns, suffix) - claim := newClaim(test, ns, suffix) - claim.Spec.StorageClassName = &class.Name - testsuites.TestDynamicProvisioning(test, c, claim, class) + test.Client = c + test.Class = newStorageClass(test, ns, suffix) + test.Claim = newClaim(test, ns, suffix) + test.Claim.Spec.StorageClassName = &test.Class.Name + test.TestDynamicProvisioning() } // Run the last test with storage.k8s.io/v1beta1 on pvc @@ -434,9 +456,11 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { Expect(err).NotTo(HaveOccurred()) defer deleteStorageClass(c, class.Name) - claim := newClaim(*betaTest, ns, "beta") - claim.Spec.StorageClassName = &(class.Name) - testsuites.TestDynamicProvisioning(*betaTest, c, claim, nil) + betaTest.Client = c + betaTest.Class = nil + betaTest.Claim = newClaim(*betaTest, ns, "beta") + betaTest.Claim.Spec.StorageClassName = &(class.Name) + (*betaTest).TestDynamicProvisioning() } }) @@ -444,6 +468,7 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { framework.SkipUnlessProviderIs("gce", "gke") test := testsuites.StorageClassTest{ + Client: c, Name: "HDD PD on GCE/GKE", CloudProviders: []string{"gce", "gke"}, Provisioner: "kubernetes.io/gce-pd", @@ -452,16 +477,18 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { }, ClaimSize: "1Gi", ExpectedSize: "1Gi", - PvCheck: func(volume *v1.PersistentVolume) error { - return checkGCEPD(volume, "pd-standard") + PvCheck: func(claim *v1.PersistentVolumeClaim, volume *v1.PersistentVolume) { + err := checkGCEPD(volume, "pd-standard") + Expect(err).NotTo(HaveOccurred(), "checkGCEPD") + testsuites.PVWriteReadSingleNodeCheck(c, claim, volume, testsuites.NodeSelection{}) }, } - class := newStorageClass(test, ns, "reclaimpolicy") + test.Class = newStorageClass(test, ns, "reclaimpolicy") retain := v1.PersistentVolumeReclaimRetain - class.ReclaimPolicy = &retain - claim := newClaim(test, ns, "reclaimpolicy") - claim.Spec.StorageClassName = &class.Name - pv := testsuites.TestDynamicProvisioning(test, c, claim, class) + test.Class.ReclaimPolicy = &retain + test.Claim = newClaim(test, ns, "reclaimpolicy") + test.Claim.Spec.StorageClassName = &test.Class.Name + pv := test.TestDynamicProvisioning() By(fmt.Sprintf("waiting for the provisioned PV %q to enter phase %s", pv.Name, v1.VolumeReleased)) framework.ExpectNoError(framework.WaitForPersistentVolumePhase(v1.VolumeReleased, c, pv.Name, 1*time.Second, 30*time.Second)) @@ -695,17 +722,18 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { By("creating a StorageClass") test := testsuites.StorageClassTest{ + Client: c, Name: "external provisioner test", Provisioner: externalPluginName, ClaimSize: "1500Mi", ExpectedSize: "1500Mi", } - class := newStorageClass(test, ns, "external") - claim := newClaim(test, ns, "external") - claim.Spec.StorageClassName = &(class.Name) + test.Class = newStorageClass(test, ns, "external") + test.Claim = newClaim(test, ns, "external") + test.Claim.Spec.StorageClassName = &test.Class.Name By("creating a claim with a external provisioning annotation") - testsuites.TestDynamicProvisioning(test, c, claim, class) + test.TestDynamicProvisioning() }) }) @@ -715,13 +743,14 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { By("creating a claim with no annotation") test := testsuites.StorageClassTest{ + Client: c, Name: "default", ClaimSize: "2Gi", ExpectedSize: "2Gi", } - claim := newClaim(test, ns, "default") - testsuites.TestDynamicProvisioning(test, c, claim, nil) + test.Claim = newClaim(test, ns, "default") + test.TestDynamicProvisioning() }) // Modifying the default storage class can be disruptive to other tests that depend on it @@ -791,23 +820,24 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { It("should create and delete persistent volumes [fast]", func() { By("creating a Gluster DP server Pod") pod := startGlusterDpServerPod(c, ns) - serverUrl := "https://" + pod.Status.PodIP + ":8081" + serverUrl := "http://" + pod.Status.PodIP + ":8081" By("creating a StorageClass") test := testsuites.StorageClassTest{ - Name: "Gluster Dynamic provisioner test", - Provisioner: "kubernetes.io/glusterfs", - ClaimSize: "2Gi", - ExpectedSize: "2Gi", - Parameters: map[string]string{"resturl": serverUrl}, - SkipWriteReadCheck: true, + Client: c, + Name: "Gluster Dynamic provisioner test", + Provisioner: "kubernetes.io/glusterfs", + ClaimSize: "2Gi", + ExpectedSize: "2Gi", + Parameters: map[string]string{"resturl": serverUrl}, } suffix := fmt.Sprintf("glusterdptest") - class := newStorageClass(test, ns, suffix) + test.Class = newStorageClass(test, ns, suffix) By("creating a claim object with a suffix for gluster dynamic provisioner") - claim := newClaim(test, ns, suffix) + test.Claim = newClaim(test, ns, suffix) + test.Claim.Spec.StorageClassName = &test.Class.Name - testsuites.TestDynamicProvisioning(test, c, claim, class) + test.TestDynamicProvisioning() }) }) @@ -906,12 +936,13 @@ var _ = utils.SIGDescribe("Dynamic Provisioning", func() { } By("creating a claim with class with allowedTopologies set") suffix := "topology" - class := newStorageClass(test, ns, suffix) + test.Client = c + test.Class = newStorageClass(test, ns, suffix) zone := getRandomClusterZone(c) - addSingleZoneAllowedTopologyToStorageClass(c, class, zone) - claim := newClaim(test, ns, suffix) - claim.Spec.StorageClassName = &class.Name - pv := testsuites.TestDynamicProvisioning(test, c, claim, class) + addSingleZoneAllowedTopologyToStorageClass(c, test.Class, zone) + test.Claim = newClaim(test, ns, suffix) + test.Claim.Spec.StorageClassName = &test.Class.Name + pv := test.TestDynamicProvisioning() checkZoneFromLabelAndAffinity(pv, zone, true) } }) @@ -1021,7 +1052,7 @@ func addSingleZoneAllowedTopologyToStorageClass(c clientset.Interface, sc *stora term := v1.TopologySelectorTerm{ MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ { - Key: kubeletapis.LabelZoneFailureDomain, + Key: v1.LabelZoneFailureDomain, Values: []string{zone}, }, }, @@ -1041,7 +1072,11 @@ func newStorageClass(t testsuites.StorageClassTest, ns string, suffix string) *s if t.DelayBinding { bindingMode = storage.VolumeBindingWaitForFirstConsumer } - return getStorageClass(pluginName, t.Parameters, &bindingMode, ns, suffix) + sc := getStorageClass(pluginName, t.Parameters, &bindingMode, ns, suffix) + if t.AllowVolumeExpansion { + sc.AllowVolumeExpansion = &t.AllowVolumeExpansion + } + return sc } func getStorageClass( diff --git a/test/e2e/storage/vsphere/BUILD b/test/e2e/storage/vsphere/BUILD index 3c23b80976f..6709ec7389c 100644 --- a/test/e2e/storage/vsphere/BUILD +++ b/test/e2e/storage/vsphere/BUILD @@ -35,6 +35,7 @@ go_library( "vsphere_volume_placement.go", "vsphere_volume_vpxd_restart.go", "vsphere_volume_vsan_policy.go", + "vsphere_zone_support.go", ], importpath = "k8s.io/kubernetes/test/e2e/storage/vsphere", deps = [ @@ -59,6 +60,8 @@ go_library( "//vendor/github.com/vmware/govmomi/find:go_default_library", "//vendor/github.com/vmware/govmomi/object:go_default_library", "//vendor/github.com/vmware/govmomi/session:go_default_library", + "//vendor/github.com/vmware/govmomi/vapi/rest:go_default_library", + "//vendor/github.com/vmware/govmomi/vapi/tags:go_default_library", "//vendor/github.com/vmware/govmomi/vim25:go_default_library", "//vendor/github.com/vmware/govmomi/vim25/mo:go_default_library", "//vendor/github.com/vmware/govmomi/vim25/soap:go_default_library", diff --git a/test/e2e/storage/vsphere/bootstrap.go b/test/e2e/storage/vsphere/bootstrap.go index c556af5e6ac..1775ec40c47 100644 --- a/test/e2e/storage/vsphere/bootstrap.go +++ b/test/e2e/storage/vsphere/bootstrap.go @@ -55,5 +55,10 @@ func bootstrapOnce() { if err != nil { framework.Failf("Failed to bootstrap vSphere with error: %v", err) } + // 4. Generate Zone to Datastore mapping + err = TestContext.NodeMapper.GenerateZoneToDatastoreMap() + if err != nil { + framework.Failf("Failed to generate zone to datastore mapping with error: %v", err) + } close(waiting) } diff --git a/test/e2e/storage/vsphere/nodemapper.go b/test/e2e/storage/vsphere/nodemapper.go index 88122128553..a68a220b13c 100644 --- a/test/e2e/storage/vsphere/nodemapper.go +++ b/test/e2e/storage/vsphere/nodemapper.go @@ -23,9 +23,14 @@ import ( "sync" "github.com/vmware/govmomi/object" + "github.com/vmware/govmomi/vapi/rest" + "github.com/vmware/govmomi/vapi/tags" + "github.com/vmware/govmomi/vim25/mo" "github.com/vmware/govmomi/vim25/types" "k8s.io/api/core/v1" "k8s.io/kubernetes/test/e2e/framework" + + neturl "net/url" ) type NodeMapper struct { @@ -35,11 +40,20 @@ type NodeInfo struct { Name string DataCenterRef types.ManagedObjectReference VirtualMachineRef types.ManagedObjectReference + HostSystemRef types.ManagedObjectReference VSphere *VSphere + Zones []string } +const ( + DatacenterType = "Datacenter" + ClusterComputeResourceType = "ClusterComputeResource" + HostSystemType = "HostSystem" +) + var ( - nameToNodeInfo = make(map[string]*NodeInfo) + nameToNodeInfo = make(map[string]*NodeInfo) + vcToZoneDatastoresMap = make(map[string](map[string][]string)) ) // GenerateNodeMap populates node name to node info map @@ -104,9 +118,11 @@ func (nm *NodeMapper) GenerateNodeMap(vSphereInstances map[string]*VSphere, node continue } if vm != nil { - framework.Logf("Found node %s as vm=%+v in vc=%s and datacenter=%s", - n.Name, vm, res.vs.Config.Hostname, res.datacenter.Name()) - nodeInfo := &NodeInfo{Name: n.Name, DataCenterRef: res.datacenter.Reference(), VirtualMachineRef: vm.Reference(), VSphere: res.vs} + hostSystemRef := res.vs.GetHostFromVMReference(ctx, vm.Reference()) + zones := retrieveZoneInformationForNode(n.Name, res.vs, hostSystemRef) + framework.Logf("Found node %s as vm=%+v placed on host=%+v under zones %s in vc=%s and datacenter=%s", + n.Name, vm, hostSystemRef, zones, res.vs.Config.Hostname, res.datacenter.Name()) + nodeInfo := &NodeInfo{Name: n.Name, DataCenterRef: res.datacenter.Reference(), VirtualMachineRef: vm.Reference(), HostSystemRef: hostSystemRef, VSphere: res.vs, Zones: zones} nm.SetNodeInfo(n.Name, nodeInfo) break } @@ -123,6 +139,144 @@ func (nm *NodeMapper) GenerateNodeMap(vSphereInstances map[string]*VSphere, node return nil } +// Establish rest connection to retrieve tag manager stub +func withTagsClient(ctx context.Context, connection *VSphere, f func(c *rest.Client) error) error { + c := rest.NewClient(connection.Client.Client) + user := neturl.UserPassword(connection.Config.Username, connection.Config.Password) + if err := c.Login(ctx, user); err != nil { + return err + } + defer c.Logout(ctx) + return f(c) +} + +// Iterates over each node and retrieves the zones in which they are placed +func retrieveZoneInformationForNode(nodeName string, connection *VSphere, hostSystemRef types.ManagedObjectReference) []string { + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + var zones []string + pc := connection.Client.ServiceContent.PropertyCollector + withTagsClient(ctx, connection, func(c *rest.Client) error { + client := tags.NewManager(c) + // Example result: ["Host", "Cluster", "Datacenter"] + ancestors, err := mo.Ancestors(ctx, connection.Client, pc, hostSystemRef) + if err != nil { + return err + } + + var validAncestors []mo.ManagedEntity + // Filter out only Datacenter, ClusterComputeResource and HostSystem type objects. These objects will be + // in the following order ["Datacenter" < "ClusterComputeResource" < "HostSystem"] so that the highest + // zone precedence will be received by the HostSystem type. + for _, ancestor := range ancestors { + moType := ancestor.ExtensibleManagedObject.Self.Type + if moType == DatacenterType || moType == ClusterComputeResourceType || moType == HostSystemType { + validAncestors = append(validAncestors, ancestor) + } + } + + for _, ancestor := range validAncestors { + var zonesAttachedToObject []string + tags, err := client.ListAttachedTags(ctx, ancestor) + if err != nil { + return err + } + for _, value := range tags { + tag, err := client.GetTag(ctx, value) + if err != nil { + return err + } + category, err := client.GetCategory(ctx, tag.CategoryID) + if err != nil { + return err + } + switch { + case category.Name == "k8s-zone": + framework.Logf("Found %s associated with %s for %s", tag.Name, ancestor.Name, nodeName) + zonesAttachedToObject = append(zonesAttachedToObject, tag.Name) + case category.Name == "k8s-region": + framework.Logf("Found %s associated with %s for %s", tag.Name, ancestor.Name, nodeName) + } + } + // Overwrite zone information if it exists for this object + if len(zonesAttachedToObject) != 0 { + zones = zonesAttachedToObject + } + } + return nil + }) + return zones +} + +// Generate zone to datastore mapping for easily verifying volume placement +func (nm *NodeMapper) GenerateZoneToDatastoreMap() error { + // 1. Create zone to hosts map for each VC + var vcToZoneHostsMap = make(map[string](map[string][]string)) + // 2. Create host to datastores map for each VC + var vcToHostDatastoresMap = make(map[string](map[string][]string)) + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + // 3. Populate vcToZoneHostsMap and vcToHostDatastoresMap + for _, nodeInfo := range nameToNodeInfo { + vc := nodeInfo.VSphere.Config.Hostname + host := nodeInfo.HostSystemRef.Value + for _, zone := range nodeInfo.Zones { + if vcToZoneHostsMap[vc] == nil { + vcToZoneHostsMap[vc] = make(map[string][]string) + } + // Populating vcToZoneHostsMap using the HostSystemRef and Zone fields from each NodeInfo + hosts := vcToZoneHostsMap[vc][zone] + hosts = append(hosts, host) + vcToZoneHostsMap[vc][zone] = hosts + } + if vcToHostDatastoresMap[vc] == nil { + vcToHostDatastoresMap[vc] = make(map[string][]string) + } + datastores := vcToHostDatastoresMap[vc][host] + // Populating vcToHostDatastoresMap by finding out the datastores mounted on node's host + datastoreRefs := nodeInfo.VSphere.GetDatastoresMountedOnHost(ctx, nodeInfo.HostSystemRef) + for _, datastore := range datastoreRefs { + datastores = append(datastores, datastore.Value) + } + vcToHostDatastoresMap[vc][host] = datastores + } + // 4, Populate vcToZoneDatastoresMap from vcToZoneHostsMap and vcToHostDatastoresMap + for vc, zoneToHostsMap := range vcToZoneHostsMap { + for zone, hosts := range zoneToHostsMap { + commonDatastores := retrieveCommonDatastoresAmongHosts(hosts, vcToHostDatastoresMap[vc]) + if vcToZoneDatastoresMap[vc] == nil { + vcToZoneDatastoresMap[vc] = make(map[string][]string) + } + vcToZoneDatastoresMap[vc][zone] = commonDatastores + } + } + framework.Logf("Zone to datastores map : %+v", vcToZoneDatastoresMap) + return nil +} + +// Retrieves the common datastores from the specified hosts +func retrieveCommonDatastoresAmongHosts(hosts []string, hostToDatastoresMap map[string][]string) []string { + var datastoreCountMap = make(map[string]int) + for _, host := range hosts { + for _, datastore := range hostToDatastoresMap[host] { + datastoreCountMap[datastore] = datastoreCountMap[datastore] + 1 + } + } + var commonDatastores []string + numHosts := len(hosts) + for datastore, count := range datastoreCountMap { + if count == numHosts { + commonDatastores = append(commonDatastores, datastore) + } + } + return commonDatastores +} + +// Get all the datastores in the specified zone +func (nm *NodeMapper) GetDatastoresInZone(vc string, zone string) []string { + return vcToZoneDatastoresMap[vc][zone] +} + // GetNodeInfo return NodeInfo for given nodeName func (nm *NodeMapper) GetNodeInfo(nodeName string) *NodeInfo { return nameToNodeInfo[nodeName] diff --git a/test/e2e/storage/vsphere/pvc_label_selector.go b/test/e2e/storage/vsphere/pvc_label_selector.go index 3de1e2bbcf4..14445d6f372 100644 --- a/test/e2e/storage/vsphere/pvc_label_selector.go +++ b/test/e2e/storage/vsphere/pvc_label_selector.go @@ -34,7 +34,7 @@ import ( Test Steps ---------- 1. Create VMDK. - 2. Create pv with lable volume-type:ssd, volume path set to vmdk created in previous step, and PersistentVolumeReclaimPolicy is set to Delete. + 2. Create pv with label volume-type:ssd, volume path set to vmdk created in previous step, and PersistentVolumeReclaimPolicy is set to Delete. 3. Create PVC (pvc_vvol) with label selector to match with volume-type:vvol 4. Create PVC (pvc_ssd) with label selector to match with volume-type:ssd 5. Wait and verify pvc_ssd is bound with PV. @@ -112,7 +112,7 @@ func testSetupVSpherePVClabelselector(c clientset.Interface, nodeInfo *NodeInfo, return } - By("creating the pv with lable volume-type:ssd") + By("creating the pv with label volume-type:ssd") pv_ssd = getVSpherePersistentVolumeSpec(volumePath, v1.PersistentVolumeReclaimDelete, ssdlabels) pv_ssd, err = c.CoreV1().PersistentVolumes().Create(pv_ssd) if err != nil { diff --git a/test/e2e/storage/vsphere/vsphere.go b/test/e2e/storage/vsphere/vsphere.go index f19a2d5f7aa..29aac56e25f 100644 --- a/test/e2e/storage/vsphere/vsphere.go +++ b/test/e2e/storage/vsphere/vsphere.go @@ -27,6 +27,7 @@ import ( "github.com/vmware/govmomi" "github.com/vmware/govmomi/find" "github.com/vmware/govmomi/object" + "github.com/vmware/govmomi/vim25/mo" "github.com/vmware/govmomi/vim25/soap" "github.com/vmware/govmomi/vim25/types" "k8s.io/kubernetes/test/e2e/framework" @@ -84,6 +85,33 @@ func (vs *VSphere) GetVMByUUID(ctx context.Context, vmUUID string, dc object.Ref return s.FindByUuid(ctx, datacenter, vmUUID, true, nil) } +// Get host object reference of the host on which the specified VM resides +func (vs *VSphere) GetHostFromVMReference(ctx context.Context, vm types.ManagedObjectReference) types.ManagedObjectReference { + Connect(ctx, vs) + var vmMo mo.VirtualMachine + vs.Client.RetrieveOne(ctx, vm, []string{"summary.runtime.host"}, &vmMo) + host := *vmMo.Summary.Runtime.Host + return host +} + +// Get the datastore references of all the datastores mounted on the specified host +func (vs *VSphere) GetDatastoresMountedOnHost(ctx context.Context, host types.ManagedObjectReference) []types.ManagedObjectReference { + Connect(ctx, vs) + var hostMo mo.HostSystem + vs.Client.RetrieveOne(ctx, host, []string{"datastore"}, &hostMo) + return hostMo.Datastore +} + +// Get the datastore reference of the specified datastore +func (vs *VSphere) GetDatastoreRefFromName(ctx context.Context, dc object.Reference, datastoreName string) (types.ManagedObjectReference, error) { + Connect(ctx, vs) + datacenter := object.NewDatacenter(vs.Client.Client, dc.Reference()) + finder := find.NewFinder(vs.Client.Client, false) + finder.SetDatacenter(datacenter) + datastore, err := finder.Datastore(ctx, datastoreName) + return datastore.Reference(), err +} + // GetFolderByPath gets the Folder Object Reference from the given folder path // folderPath should be the full path to folder func (vs *VSphere) GetFolderByPath(ctx context.Context, dc object.Reference, folderPath string) (vmFolderMor types.ManagedObjectReference, err error) { diff --git a/test/e2e/storage/vsphere/vsphere_common.go b/test/e2e/storage/vsphere/vsphere_common.go index 3c93cab6cea..387c4c73db8 100644 --- a/test/e2e/storage/vsphere/vsphere_common.go +++ b/test/e2e/storage/vsphere/vsphere_common.go @@ -52,6 +52,17 @@ const ( VCPPerfIterations = "VCP_PERF_ITERATIONS" ) +const ( + VCPZoneVsanDatastore1 = "VCP_ZONE_VSANDATASTORE1" + VCPZoneVsanDatastore2 = "VCP_ZONE_VSANDATASTORE2" + VCPZoneCompatPolicyName = "VCP_ZONE_COMPATPOLICY_NAME" + VCPZoneNonCompatPolicyName = "VCP_ZONE_NONCOMPATPOLICY_NAME" + VCPZoneA = "VCP_ZONE_A" + VCPZoneB = "VCP_ZONE_B" + VCPZoneC = "VCP_ZONE_C" + VCPZoneD = "VCP_ZONE_D" +) + func GetAndExpectStringEnvVar(varName string) string { varValue := os.Getenv(varName) Expect(varValue).NotTo(BeEmpty(), "ENV "+varName+" is not set") diff --git a/test/e2e/storage/vsphere/vsphere_scale.go b/test/e2e/storage/vsphere/vsphere_scale.go index f09249991f8..aa4360b2918 100644 --- a/test/e2e/storage/vsphere/vsphere_scale.go +++ b/test/e2e/storage/vsphere/vsphere_scale.go @@ -129,7 +129,7 @@ var _ = utils.SIGDescribe("vcp at scale [Feature:vsphere] ", func() { case storageclass4: scParams[Datastore] = datastoreName } - sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(scname, scParams)) + sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(scname, scParams, nil)) Expect(sc).NotTo(BeNil(), "Storage class is empty") Expect(err).NotTo(HaveOccurred(), "Failed to create storage class") defer client.StorageV1().StorageClasses().Delete(scname, nil) diff --git a/test/e2e/storage/vsphere/vsphere_statefulsets.go b/test/e2e/storage/vsphere/vsphere_statefulsets.go index fae38ac0bf3..8f697ed81e7 100644 --- a/test/e2e/storage/vsphere/vsphere_statefulsets.go +++ b/test/e2e/storage/vsphere/vsphere_statefulsets.go @@ -70,7 +70,7 @@ var _ = utils.SIGDescribe("vsphere statefulset", func() { By("Creating StorageClass for Statefulset") scParameters := make(map[string]string) scParameters["diskformat"] = "thin" - scSpec := getVSphereStorageClassSpec(storageclassname, scParameters) + scSpec := getVSphereStorageClassSpec(storageclassname, scParameters, nil) sc, err := client.StorageV1().StorageClasses().Create(scSpec) Expect(err).NotTo(HaveOccurred()) defer client.StorageV1().StorageClasses().Delete(sc.Name, nil) diff --git a/test/e2e/storage/vsphere/vsphere_stress.go b/test/e2e/storage/vsphere/vsphere_stress.go index 260fe84039f..69e792bcdc9 100644 --- a/test/e2e/storage/vsphere/vsphere_stress.go +++ b/test/e2e/storage/vsphere/vsphere_stress.go @@ -85,22 +85,22 @@ var _ = utils.SIGDescribe("vsphere cloud provider stress [Feature:vsphere]", fun var err error switch scname { case storageclass1: - sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass1, nil)) + sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass1, nil, nil)) case storageclass2: var scVSanParameters map[string]string scVSanParameters = make(map[string]string) scVSanParameters[Policy_HostFailuresToTolerate] = "1" - sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass2, scVSanParameters)) + sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass2, scVSanParameters, nil)) case storageclass3: var scSPBMPolicyParameters map[string]string scSPBMPolicyParameters = make(map[string]string) scSPBMPolicyParameters[SpbmStoragePolicy] = policyName - sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass3, scSPBMPolicyParameters)) + sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass3, scSPBMPolicyParameters, nil)) case storageclass4: var scWithDSParameters map[string]string scWithDSParameters = make(map[string]string) scWithDSParameters[Datastore] = datastoreName - scWithDatastoreSpec := getVSphereStorageClassSpec(storageclass4, scWithDSParameters) + scWithDatastoreSpec := getVSphereStorageClassSpec(storageclass4, scWithDSParameters, nil) sc, err = client.StorageV1().StorageClasses().Create(scWithDatastoreSpec) } Expect(sc).NotTo(BeNil()) diff --git a/test/e2e/storage/vsphere/vsphere_utils.go b/test/e2e/storage/vsphere/vsphere_utils.go index 443c3366d81..6ab27cb8749 100644 --- a/test/e2e/storage/vsphere/vsphere_utils.go +++ b/test/e2e/storage/vsphere/vsphere_utils.go @@ -235,7 +235,7 @@ func verifyContentOfVSpherePV(client clientset.Interface, pvc *v1.PersistentVolu framework.Logf("Successfully verified content of the volume") } -func getVSphereStorageClassSpec(name string, scParameters map[string]string) *storage.StorageClass { +func getVSphereStorageClassSpec(name string, scParameters map[string]string, zones []string) *storage.StorageClass { var sc *storage.StorageClass sc = &storage.StorageClass{ @@ -250,6 +250,17 @@ func getVSphereStorageClassSpec(name string, scParameters map[string]string) *st if scParameters != nil { sc.Parameters = scParameters } + if zones != nil { + term := v1.TopologySelectorTerm{ + MatchLabelExpressions: []v1.TopologySelectorLabelRequirement{ + { + Key: v1.LabelZoneFailureDomain, + Values: zones, + }, + }, + } + sc.AllowedTopologies = append(sc.AllowedTopologies, term) + } return sc } @@ -399,6 +410,39 @@ func verifyVSphereVolumesAccessible(c clientset.Interface, pod *v1.Pod, persiste } } +// verify volumes are created on one of the specified zones +func verifyVolumeCreationOnRightZone(persistentvolumes []*v1.PersistentVolume, nodeName string, zones []string) { + for _, pv := range persistentvolumes { + volumePath := pv.Spec.VsphereVolume.VolumePath + // Extract datastoreName from the volume path in the pv spec + // For example : "vsanDatastore" is extracted from "[vsanDatastore] 25d8b159-948c-4b73-e499-02001ad1b044/volume.vmdk" + datastorePathObj, _ := getDatastorePathObjFromVMDiskPath(volumePath) + datastoreName := datastorePathObj.Datastore + nodeInfo := TestContext.NodeMapper.GetNodeInfo(nodeName) + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + // Get the datastore object reference from the datastore name + datastoreRef, err := nodeInfo.VSphere.GetDatastoreRefFromName(ctx, nodeInfo.DataCenterRef, datastoreName) + if err != nil { + Expect(err).NotTo(HaveOccurred()) + } + // Find common datastores among the specified zones + var datastoreCountMap = make(map[string]int) + numZones := len(zones) + var commonDatastores []string + for _, zone := range zones { + datastoreInZone := TestContext.NodeMapper.GetDatastoresInZone(nodeInfo.VSphere.Config.Hostname, zone) + for _, datastore := range datastoreInZone { + datastoreCountMap[datastore] = datastoreCountMap[datastore] + 1 + if datastoreCountMap[datastore] == numZones { + commonDatastores = append(commonDatastores, datastore) + } + } + } + Expect(commonDatastores).To(ContainElement(datastoreRef.Value), "PV was created in an unsupported zone.") + } +} + // Get vSphere Volume Path from PVC func getvSphereVolumePathFromClaim(client clientset.Interface, namespace string, claimName string) string { pvclaim, err := client.CoreV1().PersistentVolumeClaims(namespace).Get(claimName, metav1.GetOptions{}) diff --git a/test/e2e/storage/vsphere/vsphere_volume_datastore.go b/test/e2e/storage/vsphere/vsphere_volume_datastore.go index fcb964b7c17..dfd497fa551 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_datastore.go +++ b/test/e2e/storage/vsphere/vsphere_volume_datastore.go @@ -79,7 +79,7 @@ var _ = utils.SIGDescribe("Volume Provisioning on Datastore [Feature:vsphere]", func invokeInvalidDatastoreTestNeg(client clientset.Interface, namespace string, scParameters map[string]string) error { By("Creating Storage Class With Invalid Datastore") - storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(DatastoreSCName, scParameters)) + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(DatastoreSCName, scParameters, nil)) Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) diff --git a/test/e2e/storage/vsphere/vsphere_volume_diskformat.go b/test/e2e/storage/vsphere/vsphere_volume_diskformat.go index ca90fdf09ac..3b4821144d8 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_diskformat.go +++ b/test/e2e/storage/vsphere/vsphere_volume_diskformat.go @@ -106,7 +106,7 @@ func invokeTest(f *framework.Framework, client clientset.Interface, namespace st scParameters["diskformat"] = diskFormat By("Creating Storage Class With DiskFormat") - storageClassSpec := getVSphereStorageClassSpec("thinsc", scParameters) + storageClassSpec := getVSphereStorageClassSpec("thinsc", scParameters, nil) storageclass, err := client.StorageV1().StorageClasses().Create(storageClassSpec) Expect(err).NotTo(HaveOccurred()) diff --git a/test/e2e/storage/vsphere/vsphere_volume_disksize.go b/test/e2e/storage/vsphere/vsphere_volume_disksize.go index 5e58a81bfc3..76e8f835a46 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_disksize.go +++ b/test/e2e/storage/vsphere/vsphere_volume_disksize.go @@ -77,7 +77,7 @@ var _ = utils.SIGDescribe("Volume Disk Size [Feature:vsphere]", func() { func invokeInvalidDiskSizeTestNeg(client clientset.Interface, namespace string, scParameters map[string]string, diskSize string) error { By("Creating Storage Class With invalid disk size") - storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(DiskSizeSCName, scParameters)) + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(DiskSizeSCName, scParameters, nil)) Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) diff --git a/test/e2e/storage/vsphere/vsphere_volume_fstype.go b/test/e2e/storage/vsphere/vsphere_volume_fstype.go index 74ae2a34fe0..944db736dbc 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_fstype.go +++ b/test/e2e/storage/vsphere/vsphere_volume_fstype.go @@ -146,7 +146,7 @@ func invokeTestForInvalidFstype(f *framework.Framework, client clientset.Interfa } func createVolume(client clientset.Interface, namespace string, scParameters map[string]string) (*v1.PersistentVolumeClaim, []*v1.PersistentVolume) { - storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("fstype", scParameters)) + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("fstype", scParameters, nil)) Expect(err).NotTo(HaveOccurred()) defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) diff --git a/test/e2e/storage/vsphere/vsphere_volume_node_poweroff.go b/test/e2e/storage/vsphere/vsphere_volume_node_poweroff.go index a79699b6f09..1dd9bcfb238 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_node_poweroff.go +++ b/test/e2e/storage/vsphere/vsphere_volume_node_poweroff.go @@ -75,7 +75,7 @@ var _ = utils.SIGDescribe("Node Poweroff [Feature:vsphere] [Slow] [Disruptive]", */ It("verify volume status after node power off", func() { By("Creating a Storage Class") - storageClassSpec := getVSphereStorageClassSpec("test-sc", nil) + storageClassSpec := getVSphereStorageClassSpec("test-sc", nil, nil) storageclass, err := client.StorageV1().StorageClasses().Create(storageClassSpec) Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) diff --git a/test/e2e/storage/vsphere/vsphere_volume_ops_storm.go b/test/e2e/storage/vsphere/vsphere_volume_ops_storm.go index b4d9d8c4a3d..cf24f53d392 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_ops_storm.go +++ b/test/e2e/storage/vsphere/vsphere_volume_ops_storm.go @@ -87,7 +87,7 @@ var _ = utils.SIGDescribe("Volume Operations Storm [Feature:vsphere]", func() { By("Creating Storage Class") scParameters := make(map[string]string) scParameters["diskformat"] = "thin" - storageclass, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("thinsc", scParameters)) + storageclass, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("thinsc", scParameters, nil)) Expect(err).NotTo(HaveOccurred()) By("Creating PVCs using the Storage Class") diff --git a/test/e2e/storage/vsphere/vsphere_volume_perf.go b/test/e2e/storage/vsphere/vsphere_volume_perf.go index b4fe50ba936..8c998aaa2c9 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_perf.go +++ b/test/e2e/storage/vsphere/vsphere_volume_perf.go @@ -128,22 +128,22 @@ func getTestStorageClasses(client clientset.Interface, policyName, datastoreName var err error switch scname { case storageclass1: - sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass1, nil)) + sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass1, nil, nil)) case storageclass2: var scVSanParameters map[string]string scVSanParameters = make(map[string]string) scVSanParameters[Policy_HostFailuresToTolerate] = "1" - sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass2, scVSanParameters)) + sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass2, scVSanParameters, nil)) case storageclass3: var scSPBMPolicyParameters map[string]string scSPBMPolicyParameters = make(map[string]string) scSPBMPolicyParameters[SpbmStoragePolicy] = policyName - sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass3, scSPBMPolicyParameters)) + sc, err = client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec(storageclass3, scSPBMPolicyParameters, nil)) case storageclass4: var scWithDSParameters map[string]string scWithDSParameters = make(map[string]string) scWithDSParameters[Datastore] = datastoreName - scWithDatastoreSpec := getVSphereStorageClassSpec(storageclass4, scWithDSParameters) + scWithDatastoreSpec := getVSphereStorageClassSpec(storageclass4, scWithDSParameters, nil) sc, err = client.StorageV1().StorageClasses().Create(scWithDatastoreSpec) } Expect(sc).NotTo(BeNil()) diff --git a/test/e2e/storage/vsphere/vsphere_volume_vsan_policy.go b/test/e2e/storage/vsphere/vsphere_volume_vsan_policy.go index 1f74978fc16..465a8d9c3d6 100644 --- a/test/e2e/storage/vsphere/vsphere_volume_vsan_policy.go +++ b/test/e2e/storage/vsphere/vsphere_volume_vsan_policy.go @@ -273,7 +273,7 @@ var _ = utils.SIGDescribe("Storage Policy Based Volume Provisioning [Feature:vsp func invokeValidPolicyTest(f *framework.Framework, client clientset.Interface, namespace string, scParameters map[string]string) { By("Creating Storage Class With storage policy params") - storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("storagepolicysc", scParameters)) + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("storagepolicysc", scParameters, nil)) Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) @@ -305,7 +305,7 @@ func invokeValidPolicyTest(f *framework.Framework, client clientset.Interface, n func invokeInvalidPolicyTestNeg(client clientset.Interface, namespace string, scParameters map[string]string) error { By("Creating Storage Class With storage policy params") - storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("storagepolicysc", scParameters)) + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("storagepolicysc", scParameters, nil)) Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) @@ -324,7 +324,7 @@ func invokeInvalidPolicyTestNeg(client clientset.Interface, namespace string, sc func invokeStaleDummyVMTestWithStoragePolicy(client clientset.Interface, masterNode string, namespace string, clusterName string, scParameters map[string]string) { By("Creating Storage Class With storage policy params") - storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("storagepolicysc", scParameters)) + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("storagepolicysc", scParameters, nil)) Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) diff --git a/test/e2e/storage/vsphere/vsphere_zone_support.go b/test/e2e/storage/vsphere/vsphere_zone_support.go new file mode 100644 index 00000000000..5ad8cf1b49c --- /dev/null +++ b/test/e2e/storage/vsphere/vsphere_zone_support.go @@ -0,0 +1,383 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package vsphere + +import ( + "fmt" + "strings" + "time" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + + "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + clientset "k8s.io/client-go/kubernetes" + "k8s.io/kubernetes/test/e2e/framework" + "k8s.io/kubernetes/test/e2e/storage/utils" +) + +/* + Test to verify multi-zone support for dynamic volume provisioning in kubernetes. + The test environment is illustrated below: + + datacenter + --->cluster-vsan-1 (zone-a) ____________________ _________________ + --->host-1 : master | | | | + --->host-2 : node1 | vsanDatastore | | | + --->host-3 : node2 |____________________| | | + | | + | sharedVmfs-0 | + --->cluster-vsan-2 (zone-b) ____________________ | | + --->host-4 : node3 | | | | + --->host-5 : node4 | vsanDatastore (1) | | | + --->host-6 |____________________| |_________________| + + --->cluster-3 (zone-c) ________________ + --->host-7 : node5 | | + | localDatastore | + |________________| + ____________________ + --->host-8 (zone-c) : node6 | | + | localDatastore (1) | + |____________________| + + + Testbed description : + 1. cluster-vsan-1 is tagged with zone-a. So, vsanDatastore inherits zone-a since all the hosts under zone-a have vsanDatastore mounted on them. + 2. cluster-vsan-2 is tagged with zone-b. So, vsanDatastore (1) inherits zone-b since all the hosts under zone-b have vsanDatastore (1) mounted on them. + 3. sharedVmfs-0 inherits both zone-a and zone-b since all the hosts in both zone-a and zone-b have this datastore mounted on them. + 4. cluster-3 is tagged with zone-c. cluster-3 only contains host-7. + 5. host-8 is not under any cluster and is tagged with zone-c. + 6. Since there are no shared datastores between host-7 under cluster-3 and host-8, no datastores in the environment inherit zone-c. + 7. The six worker nodes are distributed among the hosts as shown in the above illustration. + 8. Two storage policies are created on VC. One is a VSAN storage policy named as compatpolicy with hostFailuresToTolerate capability set to 1. + Second is a VSAN storage policy named as noncompatpolicy with hostFailuresToTolerate capability set to 4. + + Testsuite description : + 1. Tests to verify that zone labels are set correctly on a dynamically created PV. + 2. Tests to verify dynamic pv creation fails if availability zones are not specified or if there are no shared datastores under the specified zones. + 3. Tests to verify dynamic pv creation using availability zones works in combination with other storage class parameters such as storage policy, + datastore and VSAN capabilities. + 4. Tests to verify dynamic pv creation using availability zones fails in combination with other storage class parameters such as storage policy, + datastore and VSAN capabilities specifications when any of the former mentioned parameters are incompatible with the rest. +*/ + +var _ = utils.SIGDescribe("Zone Support", func() { + f := framework.NewDefaultFramework("zone-support") + var ( + client clientset.Interface + namespace string + scParameters map[string]string + zones []string + vsanDatastore1 string + vsanDatastore2 string + compatPolicy string + nonCompatPolicy string + zoneA string + zoneB string + zoneC string + zoneD string + ) + BeforeEach(func() { + framework.SkipUnlessProviderIs("vsphere") + Bootstrap(f) + client = f.ClientSet + namespace = f.Namespace.Name + vsanDatastore1 = GetAndExpectStringEnvVar(VCPZoneVsanDatastore1) + vsanDatastore2 = GetAndExpectStringEnvVar(VCPZoneVsanDatastore2) + compatPolicy = GetAndExpectStringEnvVar(VCPZoneCompatPolicyName) + nonCompatPolicy = GetAndExpectStringEnvVar(VCPZoneNonCompatPolicyName) + zoneA = GetAndExpectStringEnvVar(VCPZoneA) + zoneB = GetAndExpectStringEnvVar(VCPZoneB) + zoneC = GetAndExpectStringEnvVar(VCPZoneC) + zoneD = GetAndExpectStringEnvVar(VCPZoneD) + scParameters = make(map[string]string) + zones = make([]string, 0) + nodeList := framework.GetReadySchedulableNodesOrDie(f.ClientSet) + if !(len(nodeList.Items) > 0) { + framework.Failf("Unable to find ready and schedulable Node") + } + }) + + It("Verify dynamically created pv with allowed zones specified in storage class, shows the right zone information on its labels", func() { + By(fmt.Sprintf("Creating storage class with the following zones : %s", zoneA)) + zones = append(zones, zoneA) + verifyPVZoneLabels(client, namespace, nil, zones) + }) + + It("Verify dynamically created pv with multiple zones specified in the storage class, shows both the zones on its labels", func() { + By(fmt.Sprintf("Creating storage class with the following zones : %s, %s", zoneA, zoneB)) + zones = append(zones, zoneA) + zones = append(zones, zoneB) + verifyPVZoneLabels(client, namespace, nil, zones) + }) + + It("Verify PVC creation with invalid zone specified in storage class fails", func() { + By(fmt.Sprintf("Creating storage class with unknown zone : %s", zoneD)) + zones = append(zones, zoneD) + err := verifyPVCCreationFails(client, namespace, nil, zones) + Expect(err).To(HaveOccurred()) + errorMsg := "Failed to find a shared datastore matching zone [" + zoneD + "]" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify a pod is created and attached to a dynamically created PV, based on allowed zones specified in storage class ", func() { + By(fmt.Sprintf("Creating storage class with zones :%s", zoneA)) + zones = append(zones, zoneA) + verifyPVCAndPodCreationSucceeds(client, namespace, nil, zones) + }) + + It("Verify a pod is created and attached to a dynamically created PV, based on multiple zones specified in storage class ", func() { + By(fmt.Sprintf("Creating storage class with zones :%s, %s", zoneA, zoneB)) + zones = append(zones, zoneA) + zones = append(zones, zoneB) + verifyPVCAndPodCreationSucceeds(client, namespace, nil, zones) + }) + + It("Verify a pod is created and attached to a dynamically created PV, based on the allowed zones and datastore specified in storage class", func() { + By(fmt.Sprintf("Creating storage class with zone :%s and datastore :%s", zoneA, vsanDatastore1)) + scParameters[Datastore] = vsanDatastore1 + zones = append(zones, zoneA) + verifyPVCAndPodCreationSucceeds(client, namespace, scParameters, zones) + }) + + It("Verify PVC creation with incompatible datastore and zone combination specified in storage class fails", func() { + By(fmt.Sprintf("Creating storage class with zone :%s and datastore :%s", zoneC, vsanDatastore1)) + scParameters[Datastore] = vsanDatastore1 + zones = append(zones, zoneC) + err := verifyPVCCreationFails(client, namespace, scParameters, zones) + errorMsg := "The specified datastore " + scParameters[Datastore] + " does not match the provided zones : [" + zoneC + "]" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify a pod is created and attached to a dynamically created PV, based on the allowed zones and storage policy specified in storage class", func() { + By(fmt.Sprintf("Creating storage class with zone :%s and storage policy :%s", zoneA, compatPolicy)) + scParameters[SpbmStoragePolicy] = compatPolicy + zones = append(zones, zoneA) + verifyPVCAndPodCreationSucceeds(client, namespace, scParameters, zones) + }) + + It("Verify PVC creation with incompatible storagePolicy and zone combination specified in storage class fails", func() { + By(fmt.Sprintf("Creating storage class with zone :%s and storage policy :%s", zoneA, nonCompatPolicy)) + scParameters[SpbmStoragePolicy] = nonCompatPolicy + zones = append(zones, zoneA) + err := verifyPVCCreationFails(client, namespace, scParameters, zones) + errorMsg := "No compatible datastores found that satisfy the storage policy requirements" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify a pod is created and attached to a dynamically created PV, based on the allowed zones, datastore and storage policy specified in storage class", func() { + By(fmt.Sprintf("Creating storage class with zone :%s datastore :%s and storagePolicy :%s", zoneA, vsanDatastore1, compatPolicy)) + scParameters[SpbmStoragePolicy] = compatPolicy + scParameters[Datastore] = vsanDatastore1 + zones = append(zones, zoneA) + verifyPVCAndPodCreationSucceeds(client, namespace, scParameters, zones) + }) + + It("Verify PVC creation with incompatible storage policy along with compatible zone and datastore combination specified in storage class fails", func() { + By(fmt.Sprintf("Creating storage class with zone :%s datastore :%s and storagePolicy :%s", zoneA, vsanDatastore1, nonCompatPolicy)) + scParameters[SpbmStoragePolicy] = nonCompatPolicy + scParameters[Datastore] = vsanDatastore1 + zones = append(zones, zoneA) + err := verifyPVCCreationFails(client, namespace, scParameters, zones) + errorMsg := "User specified datastore is not compatible with the storagePolicy: \\\"" + nonCompatPolicy + "\\\"." + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify PVC creation with incompatible zone along with compatible storagePolicy and datastore combination specified in storage class fails", func() { + By(fmt.Sprintf("Creating storage class with zone :%s datastore :%s and storagePolicy :%s", zoneC, vsanDatastore2, compatPolicy)) + scParameters[SpbmStoragePolicy] = compatPolicy + scParameters[Datastore] = vsanDatastore2 + zones = append(zones, zoneC) + err := verifyPVCCreationFails(client, namespace, scParameters, zones) + errorMsg := "The specified datastore " + scParameters[Datastore] + " does not match the provided zones : [" + zoneC + "]" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify PVC creation fails if no zones are specified in the storage class (No shared datastores exist among all the nodes)", func() { + By(fmt.Sprintf("Creating storage class with no zones")) + err := verifyPVCCreationFails(client, namespace, nil, nil) + errorMsg := "No shared datastores found in the Kubernetes cluster" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify PVC creation fails if only datastore is specified in the storage class (No shared datastores exist among all the nodes)", func() { + By(fmt.Sprintf("Creating storage class with datastore :%s", vsanDatastore1)) + scParameters[Datastore] = vsanDatastore1 + err := verifyPVCCreationFails(client, namespace, scParameters, nil) + errorMsg := "No shared datastores found in the Kubernetes cluster" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify PVC creation fails if only storage policy is specified in the storage class (No shared datastores exist among all the nodes)", func() { + By(fmt.Sprintf("Creating storage class with storage policy :%s", compatPolicy)) + scParameters[SpbmStoragePolicy] = compatPolicy + err := verifyPVCCreationFails(client, namespace, scParameters, nil) + errorMsg := "No shared datastores found in the Kubernetes cluster" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify PVC creation with compatible policy and datastore without any zones specified in the storage class fails (No shared datastores exist among all the nodes)", func() { + By(fmt.Sprintf("Creating storage class with storage policy :%s and datastore :%s", compatPolicy, vsanDatastore1)) + scParameters[SpbmStoragePolicy] = compatPolicy + scParameters[Datastore] = vsanDatastore1 + err := verifyPVCCreationFails(client, namespace, scParameters, nil) + errorMsg := "No shared datastores found in the Kubernetes cluster" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify PVC creation fails if the availability zone specified in the storage class have no shared datastores under it.", func() { + By(fmt.Sprintf("Creating storage class with zone :%s", zoneC)) + zones = append(zones, zoneC) + err := verifyPVCCreationFails(client, namespace, nil, zones) + errorMsg := "Failed to find a shared datastore matching zone [" + zoneC + "]" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify a pod is created and attached to a dynamically created PV, based on multiple zones specified in the storage class. (No shared datastores exist among both zones)", func() { + By(fmt.Sprintf("Creating storage class with the following zones :%s and %s", zoneA, zoneC)) + zones = append(zones, zoneA) + zones = append(zones, zoneC) + err := verifyPVCCreationFails(client, namespace, nil, zones) + errorMsg := "Failed to find a shared datastore matching zone [" + zoneA + " " + zoneC + "]" + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify PVC creation with an invalid VSAN capability along with a compatible zone combination specified in storage class fails", func() { + By(fmt.Sprintf("Creating storage class with %s :%s and zone :%s", Policy_HostFailuresToTolerate, HostFailuresToTolerateCapabilityInvalidVal, zoneA)) + scParameters[Policy_HostFailuresToTolerate] = HostFailuresToTolerateCapabilityInvalidVal + zones = append(zones, zoneA) + err := verifyPVCCreationFails(client, namespace, scParameters, zones) + errorMsg := "Invalid value for " + Policy_HostFailuresToTolerate + "." + if !strings.Contains(err.Error(), errorMsg) { + Expect(err).NotTo(HaveOccurred(), errorMsg) + } + }) + + It("Verify a pod is created and attached to a dynamically created PV, based on a VSAN capability, datastore and compatible zone specified in storage class", func() { + By(fmt.Sprintf("Creating storage class with %s :%s, %s :%s, datastore :%s and zone :%s", Policy_ObjectSpaceReservation, ObjectSpaceReservationCapabilityVal, Policy_IopsLimit, IopsLimitCapabilityVal, vsanDatastore1, zoneA)) + scParameters[Policy_ObjectSpaceReservation] = ObjectSpaceReservationCapabilityVal + scParameters[Policy_IopsLimit] = IopsLimitCapabilityVal + scParameters[Datastore] = vsanDatastore1 + zones = append(zones, zoneA) + verifyPVCAndPodCreationSucceeds(client, namespace, scParameters, zones) + }) +}) + +func verifyPVCAndPodCreationSucceeds(client clientset.Interface, namespace string, scParameters map[string]string, zones []string) { + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("zone-sc", scParameters, zones)) + Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) + defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) + + By("Creating PVC using the Storage Class") + pvclaim, err := framework.CreatePVC(client, namespace, getVSphereClaimSpecWithStorageClass(namespace, "2Gi", storageclass)) + Expect(err).NotTo(HaveOccurred()) + defer framework.DeletePersistentVolumeClaim(client, pvclaim.Name, namespace) + + var pvclaims []*v1.PersistentVolumeClaim + pvclaims = append(pvclaims, pvclaim) + By("Waiting for claim to be in bound phase") + persistentvolumes, err := framework.WaitForPVClaimBoundPhase(client, pvclaims, framework.ClaimProvisionTimeout) + Expect(err).NotTo(HaveOccurred()) + + By("Creating pod to attach PV to the node") + pod, err := framework.CreatePod(client, namespace, nil, pvclaims, false, "") + Expect(err).NotTo(HaveOccurred()) + + By("Verify persistent volume was created on the right zone") + verifyVolumeCreationOnRightZone(persistentvolumes, pod.Spec.NodeName, zones) + + By("Verify the volume is accessible and available in the pod") + verifyVSphereVolumesAccessible(client, pod, persistentvolumes) + + By("Deleting pod") + framework.DeletePodWithWait(f, client, pod) + + By("Waiting for volumes to be detached from the node") + waitForVSphereDiskToDetach(persistentvolumes[0].Spec.VsphereVolume.VolumePath, pod.Spec.NodeName) +} + +func verifyPVCCreationFails(client clientset.Interface, namespace string, scParameters map[string]string, zones []string) error { + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("zone-sc", scParameters, zones)) + Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) + defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) + + By("Creating PVC using the Storage Class") + pvclaim, err := framework.CreatePVC(client, namespace, getVSphereClaimSpecWithStorageClass(namespace, "2Gi", storageclass)) + Expect(err).NotTo(HaveOccurred()) + defer framework.DeletePersistentVolumeClaim(client, pvclaim.Name, namespace) + + var pvclaims []*v1.PersistentVolumeClaim + pvclaims = append(pvclaims, pvclaim) + + By("Waiting for claim to be in bound phase") + err = framework.WaitForPersistentVolumeClaimPhase(v1.ClaimBound, client, pvclaim.Namespace, pvclaim.Name, framework.Poll, 2*time.Minute) + Expect(err).To(HaveOccurred()) + + eventList, err := client.CoreV1().Events(pvclaim.Namespace).List(metav1.ListOptions{}) + framework.Logf("Failure message : %+q", eventList.Items[0].Message) + return fmt.Errorf("Failure message: %+q", eventList.Items[0].Message) +} + +func verifyPVZoneLabels(client clientset.Interface, namespace string, scParameters map[string]string, zones []string) { + storageclass, err := client.StorageV1().StorageClasses().Create(getVSphereStorageClassSpec("zone-sc", nil, zones)) + Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Failed to create storage class with err: %v", err)) + defer client.StorageV1().StorageClasses().Delete(storageclass.Name, nil) + + By("Creating PVC using the storage class") + pvclaim, err := framework.CreatePVC(client, namespace, getVSphereClaimSpecWithStorageClass(namespace, "2Gi", storageclass)) + Expect(err).NotTo(HaveOccurred()) + defer framework.DeletePersistentVolumeClaim(client, pvclaim.Name, namespace) + + var pvclaims []*v1.PersistentVolumeClaim + pvclaims = append(pvclaims, pvclaim) + By("Waiting for claim to be in bound phase") + persistentvolumes, err := framework.WaitForPVClaimBoundPhase(client, pvclaims, framework.ClaimProvisionTimeout) + Expect(err).NotTo(HaveOccurred()) + + By("Verify zone information is present in the volume labels") + for _, pv := range persistentvolumes { + // Multiple zones are separated with "__" + pvZoneLabels := strings.Split(pv.ObjectMeta.Labels["failure-domain.beta.kubernetes.io/zone"], "__") + for _, zone := range zones { + Expect(pvZoneLabels).Should(ContainElement(zone), "Incorrect or missing zone labels in pv.") + } + } +} diff --git a/test/e2e/testing-manifests/storage-csi/OWNERS b/test/e2e/testing-manifests/storage-csi/OWNERS index 46424783f87..e60b9938ebc 100644 --- a/test/e2e/testing-manifests/storage-csi/OWNERS +++ b/test/e2e/testing-manifests/storage-csi/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - saad-ali - rootfs diff --git a/test/e2e/testing-manifests/storage-csi/cluster-driver-registrar/README.md b/test/e2e/testing-manifests/storage-csi/cluster-driver-registrar/README.md new file mode 100644 index 00000000000..6247e1c98d9 --- /dev/null +++ b/test/e2e/testing-manifests/storage-csi/cluster-driver-registrar/README.md @@ -0,0 +1 @@ +The original file is (or will be) https://github.com/kubernetes-csi/cluster-driver-registrar/blob/master/deploy/kubernetes/rbac.yaml diff --git a/test/e2e/testing-manifests/storage-csi/cluster-driver-registrar/rbac.yaml b/test/e2e/testing-manifests/storage-csi/cluster-driver-registrar/rbac.yaml new file mode 100644 index 00000000000..c3c593537e9 --- /dev/null +++ b/test/e2e/testing-manifests/storage-csi/cluster-driver-registrar/rbac.yaml @@ -0,0 +1,38 @@ +# This YAML file contains all RBAC objects that are necessary to run +# cluster-driver-registrar. +# +# In production, each CSI driver deployment has to be customized: +# - to avoid conflicts, use non-default namespace and different names +# for non-namespaced entities like the ClusterRole + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-cluster-driver-registrar + # replace with non-default namespace name + namespace: default + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: cluster-driver-registrar-runner +rules: + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csidrivers"] + verbs: ["create", "delete"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-cluster-driver-registrar-role +subjects: + - kind: ServiceAccount + name: csi-cluster-driver-registrar + # replace with non-default namespace name + namespace: default +roleRef: + kind: ClusterRole + name: cluster-driver-registrar-runner + apiGroup: rbac.authorization.k8s.io diff --git a/test/e2e/testing-manifests/storage-csi/controller-role.yaml b/test/e2e/testing-manifests/storage-csi/controller-role.yaml index 4efd6bc98de..4242e420719 100644 --- a/test/e2e/testing-manifests/storage-csi/controller-role.yaml +++ b/test/e2e/testing-manifests/storage-csi/controller-role.yaml @@ -1,3 +1,4 @@ -# Replaced by individual roles for external-attacher and external-provisioner: +# Replaced by individual roles for external-attacher, external-provisioner and external-snapshotter: # - https://github.com/kubernetes-csi/external-attacher/blob/master/deploy/kubernetes/rbac.yaml # - https://github.com/kubernetes-csi/external-provisioner/blob/master/deploy/kubernetes/rbac.yaml +# - https://github.com/kubernetes-csi/external-snapshotter/blob/master/deploy/kubernetes/rbac.yaml \ No newline at end of file diff --git a/test/e2e/testing-manifests/storage-csi/external-snapshotter/README.md b/test/e2e/testing-manifests/storage-csi/external-snapshotter/README.md new file mode 100644 index 00000000000..90dab9588d8 --- /dev/null +++ b/test/e2e/testing-manifests/storage-csi/external-snapshotter/README.md @@ -0,0 +1 @@ +The original file is https://github.com/kubernetes-csi/external-snapshotter/blob/master/deploy/kubernetes/rbac.yaml diff --git a/test/e2e/testing-manifests/storage-csi/external-snapshotter/rbac.yaml b/test/e2e/testing-manifests/storage-csi/external-snapshotter/rbac.yaml new file mode 100644 index 00000000000..f29db319289 --- /dev/null +++ b/test/e2e/testing-manifests/storage-csi/external-snapshotter/rbac.yaml @@ -0,0 +1,65 @@ +# Together with the RBAC file for external-provisioner, this YAML file +# contains all RBAC objects that are necessary to run external CSI +# snapshotter. +# +# In production, each CSI driver deployment has to be customized: +# - to avoid conflicts, use non-default namespace and different names +# for non-namespaced entities like the ClusterRole +# - optionally rename the non-namespaced ClusterRole if there +# are conflicts with other deployments + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-snapshotter + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + # rename if there are conflicts + name: external-snapshotter-runner +rules: +- apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] +- apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] +- apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] +- apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] +- apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] +- apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-snapshotter-role +subjects: +- kind: ServiceAccount + name: csi-snapshotter + # replace with non-default namespace name + namespace: default +roleRef: + kind: ClusterRole + # change the name also here if the ClusterRole gets renamed + name: external-snapshotter-runner + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/test/e2e/testing-manifests/storage-csi/hostpath/README.md b/test/e2e/testing-manifests/storage-csi/hostpath/README.md index 6a46c1177df..c2990622700 100644 --- a/test/e2e/testing-manifests/storage-csi/hostpath/README.md +++ b/test/e2e/testing-manifests/storage-csi/hostpath/README.md @@ -1,5 +1,5 @@ A partial copy of https://github.com/kubernetes-csi/docs/tree/master/book/src/example, with some modifications: - serviceAccountName is used instead of the deprecated serviceAccount -- the RBAC roles from driver-registrar, external-attacher and external-provisioner - are used +- the RBAC roles from driver-registrar, external-attacher, external-provisioner + and external-snapshotter are used diff --git a/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-snapshotter.yaml b/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-snapshotter.yaml new file mode 100644 index 00000000000..5fa5011e67a --- /dev/null +++ b/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-snapshotter.yaml @@ -0,0 +1,48 @@ +kind: Service +apiVersion: v1 +metadata: + name: csi-snapshotter + labels: + app: csi-snapshotter +spec: + selector: + app: csi-snapshotter + ports: + - name: dummy + port: 12345 + +--- +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-snapshotter +spec: + serviceName: "csi-snapshotter" + replicas: 1 + selector: + matchLabels: + app: csi-snapshotter + template: + metadata: + labels: + app: csi-snapshotter + spec: + serviceAccount: csi-snapshotter + containers: + - name: csi-snapshotter + image: quay.io/k8scsi/csi-snapshotter:v1.0.1 + args: + - "--csi-address=$(ADDRESS)" + - "--connection-timeout=15s" + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - name: socket-dir + mountPath: /csi + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-hostpath + type: DirectoryOrCreate + name: socket-dir \ No newline at end of file diff --git a/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/e2e-test-rbac.yaml b/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/e2e-test-rbac.yaml index aa008ecac29..c0ec6c0378d 100644 --- a/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/e2e-test-rbac.yaml +++ b/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/e2e-test-rbac.yaml @@ -13,6 +13,9 @@ subjects: - kind: ServiceAccount name: csi-provisioner namespace: default + - kind: ServiceAccount + name: csi-snapshotter + namespace: default roleRef: kind: ClusterRole name: e2e-test-privileged-psp diff --git a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml new file mode 100644 index 00000000000..72f0ebf1bcb --- /dev/null +++ b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml @@ -0,0 +1,33 @@ +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-mockplugin-cluster-driver-registrar +spec: + selector: + matchLabels: + app: csi-mockplugin-cluster-driver-registrar + replicas: 1 + template: + metadata: + labels: + app: csi-mockplugin-cluster-driver-registrar + spec: + serviceAccountName: csi-mock + containers: + - name: csi-cluster-driver-registrar + image: quay.io/k8scsi/csi-cluster-driver-registrar:canary + args: + - --v=5 + - --csi-address=$(ADDRESS) + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-mock + type: DirectoryOrCreate + name: socket-dir diff --git a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml new file mode 100644 index 00000000000..ef9a1cbb64d --- /dev/null +++ b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml @@ -0,0 +1,34 @@ +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-mockplugin-attacher +spec: + selector: + matchLabels: + app: csi-mockplugin-attacher + replicas: 1 + template: + metadata: + labels: + app: csi-mockplugin-attacher + spec: + serviceAccountName: csi-mock + containers: + - name: csi-attacher + image: quay.io/k8scsi/csi-attacher:v1.0.1 + args: + - --v=5 + - --csi-address=$(ADDRESS) + env: + - name: ADDRESS + value: /csi/csi.sock + imagePullPolicy: Always + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - hostPath: + path: /var/lib/kubelet/plugins/csi-mock + type: DirectoryOrCreate + name: socket-dir + diff --git a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml index 1592ccda52d..6aeb02b0aa5 100644 --- a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml +++ b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml @@ -16,18 +16,6 @@ spec: containers: - - name: csi-attacher - image: quay.io/k8scsi/csi-attacher:v1.0.1 - args: - - --v=5 - - --csi-address=$(ADDRESS) - env: - - name: ADDRESS - value: /csi/csi.sock - imagePullPolicy: Always - volumeMounts: - - mountPath: /csi - name: socket-dir - name: csi-provisioner image: quay.io/k8scsi/csi-provisioner:v1.0.1 args: diff --git a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-rbac.yaml b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-rbac.yaml index dd09a7dc44a..dff014b6f20 100644 --- a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-rbac.yaml +++ b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-rbac.yaml @@ -31,6 +31,20 @@ roleRef: name: external-provisioner-runner apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: csi-controller-cluster-driver-registrar-role +subjects: + - kind: ServiceAccount + name: csi-mock + namespace: default +roleRef: + kind: ClusterRole + name: cluster-driver-registrar-runner + apiGroup: rbac.authorization.k8s.io + --- # priviledged Pod Security Policy, previously defined via PrivilegedTestPSPClusterRoleBinding() kind: ClusterRoleBinding diff --git a/test/e2e/upgrades/apparmor.go b/test/e2e/upgrades/apparmor.go index 89614a85981..235710b3640 100644 --- a/test/e2e/upgrades/apparmor.go +++ b/test/e2e/upgrades/apparmor.go @@ -66,7 +66,7 @@ func (t *AppArmorUpgradeTest) Setup(f *framework.Framework) { // pod can still consume the secret. func (t *AppArmorUpgradeTest) Test(f *framework.Framework, done <-chan struct{}, upgrade UpgradeType) { <-done - if upgrade == MasterUpgrade { + if upgrade == MasterUpgrade || upgrade == ClusterUpgrade { t.verifyPodStillUp(f) } t.verifyNodesAppArmorEnabled(f) diff --git a/test/e2e/upgrades/apps/daemonsets.go b/test/e2e/upgrades/apps/daemonsets.go index 7ef91fae289..4e1b0b4ae47 100644 --- a/test/e2e/upgrades/apps/daemonsets.go +++ b/test/e2e/upgrades/apps/daemonsets.go @@ -20,7 +20,7 @@ import ( . "github.com/onsi/ginkgo" apps "k8s.io/api/apps/v1" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/util/wait" @@ -59,6 +59,9 @@ func (t *DaemonSetUpgradeTest) Setup(f *framework.Framework) { Labels: labelSet, }, Spec: v1.PodSpec{ + Tolerations: []v1.Toleration{ + {Operator: v1.TolerationOpExists}, + }, Containers: []v1.Container{ { Name: daemonSetName, diff --git a/test/e2e/upgrades/ingress.go b/test/e2e/upgrades/ingress.go index fbaacc3b7d3..d2d3564eb7b 100644 --- a/test/e2e/upgrades/ingress.go +++ b/test/e2e/upgrades/ingress.go @@ -115,7 +115,7 @@ func (t *IngressUpgradeTest) Setup(f *framework.Framework) { // with a connectvity check to the loadbalancer ip. func (t *IngressUpgradeTest) Test(f *framework.Framework, done <-chan struct{}, upgrade UpgradeType) { switch upgrade { - case MasterUpgrade: + case MasterUpgrade, ClusterUpgrade: // Restarting the ingress controller shouldn't disrupt a steady state // Ingress. Restarting the ingress controller and deleting ingresses // while it's down will leak cloud resources, because the ingress diff --git a/test/e2e/upgrades/nvidia-gpu.go b/test/e2e/upgrades/nvidia-gpu.go index 12abd0e34ac..c2fe6c69e6a 100644 --- a/test/e2e/upgrades/nvidia-gpu.go +++ b/test/e2e/upgrades/nvidia-gpu.go @@ -20,7 +20,7 @@ import ( "regexp" "time" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" "k8s.io/kubernetes/test/e2e/framework" "k8s.io/kubernetes/test/e2e/scheduling" @@ -50,7 +50,7 @@ func (t *NvidiaGPUUpgradeTest) Test(f *framework.Framework, done <-chan struct{} <-done By("Verifying gpu job success") t.verifyJobPodSuccess(f) - if upgrade == MasterUpgrade { + if upgrade == MasterUpgrade || upgrade == ClusterUpgrade { // MasterUpgrade should be totally hitless. job, err := framework.GetJob(f.ClientSet, f.Namespace.Name, "cuda-add") Expect(err).NotTo(HaveOccurred()) diff --git a/test/e2e/upgrades/services.go b/test/e2e/upgrades/services.go index 5cdd2c86ebe..fcdf33c5594 100644 --- a/test/e2e/upgrades/services.go +++ b/test/e2e/upgrades/services.go @@ -17,7 +17,7 @@ limitations under the License. package upgrades import ( - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/kubernetes/test/e2e/framework" @@ -77,7 +77,7 @@ func (t *ServiceUpgradeTest) Setup(f *framework.Framework) { // Test runs a connectivity check to the service. func (t *ServiceUpgradeTest) Test(f *framework.Framework, done <-chan struct{}, upgrade UpgradeType) { switch upgrade { - case MasterUpgrade: + case MasterUpgrade, ClusterUpgrade: t.test(f, done, true) case NodeUpgrade: // Node upgrades should test during disruption only on GCE/GKE for now. diff --git a/test/e2e/upgrades/sysctl.go b/test/e2e/upgrades/sysctl.go index 5105887f0e0..1720a40e7fe 100644 --- a/test/e2e/upgrades/sysctl.go +++ b/test/e2e/upgrades/sysctl.go @@ -22,7 +22,7 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" @@ -52,7 +52,7 @@ func (t *SysctlUpgradeTest) Setup(f *framework.Framework) { func (t *SysctlUpgradeTest) Test(f *framework.Framework, done <-chan struct{}, upgrade UpgradeType) { <-done switch upgrade { - case MasterUpgrade: + case MasterUpgrade, ClusterUpgrade: By("Checking the safe sysctl pod keeps running on master upgrade") pod, err := f.ClientSet.CoreV1().Pods(t.validPod.Namespace).Get(t.validPod.Name, metav1.GetOptions{}) Expect(err).NotTo(HaveOccurred()) diff --git a/test/e2e/windows/BUILD b/test/e2e/windows/BUILD index 98bb0a34cdf..0668d02d6a1 100644 --- a/test/e2e/windows/BUILD +++ b/test/e2e/windows/BUILD @@ -7,6 +7,7 @@ go_library( srcs = [ "density.go", "framework.go", + "networking.go", ], importpath = "k8s.io/kubernetes/test/e2e/windows", visibility = ["//visibility:public"], @@ -15,6 +16,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/uuid:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library", "//staging/src/k8s.io/client-go/tools/cache:go_default_library", diff --git a/test/e2e/windows/OWNERS b/test/e2e/windows/OWNERS index 42be2d20a56..b610aa1aa50 100644 --- a/test/e2e/windows/OWNERS +++ b/test/e2e/windows/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dchen1107 - michmike diff --git a/test/e2e/windows/networking.go b/test/e2e/windows/networking.go new file mode 100644 index 00000000000..ba7e0074787 --- /dev/null +++ b/test/e2e/windows/networking.go @@ -0,0 +1,94 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package windows + +import ( + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/kubernetes/test/e2e/framework" + + . "github.com/onsi/ginkgo" +) + +// NOTE(claudiub): Spawning Pods With HostNetwork enabled is not currently supported by Windows Kubelet. +// TODO(claudiub): Remove this test suite once this PR merges: +// https://github.com/kubernetes/kubernetes/pull/69525 +var _ = Describe("[sig-network] [sig-windows] Networking", func() { + f := framework.NewDefaultFramework("pod-network-test") + + BeforeEach(func() { + // NOTE(claudiub): These tests are Windows specific. + framework.SkipUnlessNodeOSDistroIs("windows") + }) + + Describe("Granular Checks: Pods", func() { + + // Try to hit all endpoints through a test container, retry 5 times, + // expect exactly one unique hostname. Each of these endpoints reports + // its own hostname. + /* + Release : v1.14 + Testname: Networking, intra pod http + Description: Create a hostexec pod that is capable of curl to netcat commands. Create a test Pod that will act as a webserver front end exposing ports 8080 for tcp and 8081 for udp. The netserver service proxies are created on specified number of nodes. + The kubectl exec on the webserver container MUST reach a http port on the each of service proxy endpoints in the cluster and the request MUST be successful. Container will execute curl command to reach the service port within specified max retry limit and MUST result in reporting unique hostnames. + */ + It("should function for intra-pod communication: http", func() { + config := framework.NewCoreNetworkingTestConfig(f, false) + for _, endpointPod := range config.EndpointPods { + config.DialFromTestContainer("http", endpointPod.Status.PodIP, framework.EndpointHttpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) + } + }) + + /* + Release : v1.14 + Testname: Networking, intra pod udp + Description: Create a hostexec pod that is capable of curl to netcat commands. Create a test Pod that will act as a webserver front end exposing ports 8080 for tcp and 8081 for udp. The netserver service proxies are created on specified number of nodes. + The kubectl exec on the webserver container MUST reach a udp port on the each of service proxy endpoints in the cluster and the request MUST be successful. Container will execute curl command to reach the service port within specified max retry limit and MUST result in reporting unique hostnames. + */ + It("should function for intra-pod communication: udp", func() { + config := framework.NewCoreNetworkingTestConfig(f, false) + for _, endpointPod := range config.EndpointPods { + config.DialFromTestContainer("udp", endpointPod.Status.PodIP, framework.EndpointUdpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) + } + }) + + /* + Release : v1.14 + Testname: Networking, intra pod http, from node + Description: Create a hostexec pod that is capable of curl to netcat commands. Create a test Pod that will act as a webserver front end exposing ports 8080 for tcp and 8081 for udp. The netserver service proxies are created on specified number of nodes. + The kubectl exec on the webserver container MUST reach a http port on the each of service proxy endpoints in the cluster using a http post(protocol=tcp) and the request MUST be successful. Container will execute curl command to reach the service port within specified max retry limit and MUST result in reporting unique hostnames. + */ + It("should function for node-pod communication: http", func() { + config := framework.NewCoreNetworkingTestConfig(f, false) + for _, endpointPod := range config.EndpointPods { + config.DialFromNode("http", endpointPod.Status.PodIP, framework.EndpointHttpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) + } + }) + + /* + Release : v1.14 + Testname: Networking, intra pod http, from node + Description: Create a hostexec pod that is capable of curl to netcat commands. Create a test Pod that will act as a webserver front end exposing ports 8080 for tcp and 8081 for udp. The netserver service proxies are created on specified number of nodes. + The kubectl exec on the webserver container MUST reach a http port on the each of service proxy endpoints in the cluster using a http post(protocol=udp) and the request MUST be successful. Container will execute curl command to reach the service port within specified max retry limit and MUST result in reporting unique hostnames. + */ + It("should function for node-pod communication: udp", func() { + config := framework.NewCoreNetworkingTestConfig(f, false) + for _, endpointPod := range config.EndpointPods { + config.DialFromNode("udp", endpointPod.Status.PodIP, framework.EndpointUdpPort, config.MaxTries, 0, sets.NewString(endpointPod.Name)) + } + }) + }) +}) diff --git a/test/e2e_node/BUILD b/test/e2e_node/BUILD index f9177afa7da..e643dc2953a 100644 --- a/test/e2e_node/BUILD +++ b/test/e2e_node/BUILD @@ -165,6 +165,7 @@ go_test( ] + select({ "@io_bazel_rules_go//go/platform:linux": [ "//cmd/kubeadm/app/util/system:go_default_library", + "//pkg/kubelet/stats/pidlimit:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/yaml:go_default_library", diff --git a/test/e2e_node/OWNERS b/test/e2e_node/OWNERS index c625c03e736..8e3400bb6ec 100644 --- a/test/e2e_node/OWNERS +++ b/test/e2e_node/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - Random-Liu - tallclair diff --git a/test/e2e_node/README.md b/test/e2e_node/README.md index 0edc254052b..e3adbc6b885 100644 --- a/test/e2e_node/README.md +++ b/test/e2e_node/README.md @@ -1,3 +1,3 @@ -See [e2e-node-tests](https://git.k8s.io/community/contributors/devel/e2e-node-tests.md) +See [e2e-node-tests](https://git.k8s.io/community/contributors/devel/sig-node/e2e-node-tests.md) [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/e2e_node/README.md?pixel)]() diff --git a/test/e2e_node/density_test.go b/test/e2e_node/density_test.go index f0b943061e6..3a80860a03a 100644 --- a/test/e2e_node/density_test.go +++ b/test/e2e_node/density_test.go @@ -459,12 +459,12 @@ func getPodStartLatency(node string) (framework.KubeletLatencyMetrics, error) { for _, samples := range ms { for _, sample := range samples { - if sample.Metric["__name__"] == kubemetrics.KubeletSubsystem+"_"+kubemetrics.PodStartLatencyKey { + if sample.Metric["__name__"] == kubemetrics.KubeletSubsystem+"_"+kubemetrics.PodStartDurationKey { quantile, _ := strconv.ParseFloat(string(sample.Metric["quantile"]), 64) latencyMetrics = append(latencyMetrics, framework.KubeletLatencyMetric{ Quantile: quantile, - Method: kubemetrics.PodStartLatencyKey, + Method: kubemetrics.PodStartDurationKey, Latency: time.Duration(int(sample.Value)) * time.Microsecond}) } } diff --git a/test/e2e_node/gpu_device_plugin.go b/test/e2e_node/gpu_device_plugin.go index 8328324b695..17a91f054e8 100644 --- a/test/e2e_node/gpu_device_plugin.go +++ b/test/e2e_node/gpu_device_plugin.go @@ -156,7 +156,7 @@ func logDevicePluginMetrics() { framework.ExpectNoError(err) for msKey, samples := range ms { switch msKey { - case kubeletmetrics.KubeletSubsystem + "_" + kubeletmetrics.DevicePluginAllocationLatencyKey: + case kubeletmetrics.KubeletSubsystem + "_" + kubeletmetrics.DevicePluginAllocationDurationKey: for _, sample := range samples { latency := sample.Value resource := string(sample.Metric["resource_name"]) diff --git a/test/e2e_node/jenkins/OWNERS b/test/e2e_node/jenkins/OWNERS index 55ad871379f..fe94d8bdacc 100644 --- a/test/e2e_node/jenkins/OWNERS +++ b/test/e2e_node/jenkins/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dashpole - krzyzacy diff --git a/test/e2e_node/node_container_manager_test.go b/test/e2e_node/node_container_manager_test.go index 904eec89a0a..a25a5bd19f6 100644 --- a/test/e2e_node/node_container_manager_test.go +++ b/test/e2e_node/node_container_manager_test.go @@ -29,8 +29,10 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/kubernetes/pkg/features" kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config" "k8s.io/kubernetes/pkg/kubelet/cm" + "k8s.io/kubernetes/pkg/kubelet/stats/pidlimit" "k8s.io/kubernetes/test/e2e/framework" . "github.com/onsi/ginkgo" @@ -38,14 +40,17 @@ import ( ) func setDesiredConfiguration(initialConfig *kubeletconfig.KubeletConfiguration) { + initialConfig.FeatureGates[string(features.SupportNodePidsLimit)] = true initialConfig.EnforceNodeAllocatable = []string{"pods", kubeReservedCgroup, systemReservedCgroup} initialConfig.SystemReserved = map[string]string{ string(v1.ResourceCPU): "100m", string(v1.ResourceMemory): "100Mi", + string(pidlimit.PIDs): "1000", } initialConfig.KubeReserved = map[string]string{ string(v1.ResourceCPU): "100m", string(v1.ResourceMemory): "100Mi", + string(pidlimit.PIDs): "738", } initialConfig.EvictionHard = map[string]string{"memory.available": "100Mi"} // Necessary for allocatable cgroup creation. @@ -81,8 +86,8 @@ func expectFileValToEqual(filePath string, expectedValue, delta int64) error { return nil } -func getAllocatableLimits(cpu, memory string, capacity v1.ResourceList) (*resource.Quantity, *resource.Quantity) { - var allocatableCPU, allocatableMemory *resource.Quantity +func getAllocatableLimits(cpu, memory, pids string, capacity v1.ResourceList) (*resource.Quantity, *resource.Quantity, *resource.Quantity) { + var allocatableCPU, allocatableMemory, allocatablePIDs *resource.Quantity // Total cpu reservation is 200m. for k, v := range capacity { if k == v1.ResourceCPU { @@ -94,7 +99,13 @@ func getAllocatableLimits(cpu, memory string, capacity v1.ResourceList) (*resour allocatableMemory.Sub(resource.MustParse(memory)) } } - return allocatableCPU, allocatableMemory + // Process IDs are not a node allocatable, so we have to do this ad hoc + pidlimits, err := pidlimit.Stats() + if err == nil && pidlimits != nil && pidlimits.MaxPID != nil { + allocatablePIDs = resource.NewQuantity(int64(*pidlimits.MaxPID), resource.DecimalSI) + allocatablePIDs.Sub(resource.MustParse(pids)) + } + return allocatableCPU, allocatableMemory, allocatablePIDs } const ( @@ -189,7 +200,7 @@ func runTest(f *framework.Framework) error { } node := nodeList.Items[0] capacity := node.Status.Capacity - allocatableCPU, allocatableMemory := getAllocatableLimits("200m", "200Mi", capacity) + allocatableCPU, allocatableMemory, allocatablePIDs := getAllocatableLimits("200m", "200Mi", "1738", capacity) // Total Memory reservation is 200Mi excluding eviction thresholds. // Expect CPU shares on node allocatable cgroup to equal allocatable. if err := expectFileValToEqual(filepath.Join(subsystems.MountPoints["cpu"], "kubepods", "cpu.shares"), int64(cm.MilliCPUToShares(allocatableCPU.MilliValue())), 10); err != nil { @@ -199,11 +210,16 @@ func runTest(f *framework.Framework) error { if err := expectFileValToEqual(filepath.Join(subsystems.MountPoints["memory"], "kubepods", "memory.limit_in_bytes"), allocatableMemory.Value(), 0); err != nil { return err } + // Expect PID limit on node allocatable cgroup to equal allocatable. + if err := expectFileValToEqual(filepath.Join(subsystems.MountPoints["pids"], "kubepods", "pids.max"), allocatablePIDs.Value(), 0); err != nil { + return err + } // Check that Allocatable reported to scheduler includes eviction thresholds. schedulerAllocatable := node.Status.Allocatable // Memory allocatable should take into account eviction thresholds. - allocatableCPU, allocatableMemory = getAllocatableLimits("200m", "300Mi", capacity) + // Process IDs are not a scheduler resource and as such cannot be tested here. + allocatableCPU, allocatableMemory, _ = getAllocatableLimits("200m", "300Mi", "1738", capacity) // Expect allocatable to include all resources in capacity. if len(schedulerAllocatable) != len(capacity) { return fmt.Errorf("Expected all resources in capacity to be found in allocatable") @@ -232,6 +248,11 @@ func runTest(f *framework.Framework) error { if err := expectFileValToEqual(filepath.Join(subsystems.MountPoints["memory"], cgroupManager.Name(kubeReservedCgroupName), "memory.limit_in_bytes"), kubeReservedMemory.Value(), 0); err != nil { return err } + // Expect process ID limit kube reserved cgroup to equal configured value `738`. + kubeReservedPIDs := resource.MustParse(currentConfig.KubeReserved[string(pidlimit.PIDs)]) + if err := expectFileValToEqual(filepath.Join(subsystems.MountPoints["pids"], cgroupManager.Name(kubeReservedCgroupName), "pids.max"), kubeReservedPIDs.Value(), 0); err != nil { + return err + } systemReservedCgroupName := cm.NewCgroupName(cm.RootCgroupName, systemReservedCgroup) if !cgroupManager.Exists(systemReservedCgroupName) { return fmt.Errorf("Expected system reserved cgroup Does not exist") @@ -246,5 +267,10 @@ func runTest(f *framework.Framework) error { if err := expectFileValToEqual(filepath.Join(subsystems.MountPoints["memory"], cgroupManager.Name(systemReservedCgroupName), "memory.limit_in_bytes"), systemReservedMemory.Value(), 0); err != nil { return err } + // Expect process ID limit system reserved cgroup to equal configured value `1000`. + systemReservedPIDs := resource.MustParse(currentConfig.SystemReserved[string(pidlimit.PIDs)]) + if err := expectFileValToEqual(filepath.Join(subsystems.MountPoints["pids"], cgroupManager.Name(systemReservedCgroupName), "pids.max"), systemReservedPIDs.Value(), 0); err != nil { + return err + } return nil } diff --git a/test/e2e_node/perf/workloads/OWNERS b/test/e2e_node/perf/workloads/OWNERS index 541219022b6..9bec9f90839 100644 --- a/test/e2e_node/perf/workloads/OWNERS +++ b/test/e2e_node/perf/workloads/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - vishh - derekwaynecarr diff --git a/test/e2e_node/services/BUILD b/test/e2e_node/services/BUILD index 5eb7899fde2..967ea7a2bd2 100644 --- a/test/e2e_node/services/BUILD +++ b/test/e2e_node/services/BUILD @@ -31,11 +31,11 @@ go_library( "//staging/src/k8s.io/apiserver/pkg/storage/etcd/testing:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/kubelet/config/v1beta1:go_default_library", "//test/e2e/framework:go_default_library", "//test/e2e_node/builder:go_default_library", diff --git a/test/e2e_node/services/kubelet.go b/test/e2e_node/services/kubelet.go index 71487e753d6..82844cd1337 100644 --- a/test/e2e_node/services/kubelet.go +++ b/test/e2e_node/services/kubelet.go @@ -31,7 +31,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilfeature "k8s.io/apiserver/pkg/util/feature" - utilflag "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" kubeletconfigv1beta1 "k8s.io/kubelet/config/v1beta1" "k8s.io/kubernetes/cmd/kubelet/app/options" "k8s.io/kubernetes/pkg/features" @@ -263,7 +263,7 @@ func (e *E2EServices) startKubelet() (*server, error) { // Apply test framework feature gates by default. This could also be overridden // by kubelet-flags. if len(framework.TestContext.FeatureGates) > 0 { - cmdArgs = append(cmdArgs, "--feature-gates", utilflag.NewMapStringBool(&framework.TestContext.FeatureGates).String()) + cmdArgs = append(cmdArgs, "--feature-gates", cliflag.NewMapStringBool(&framework.TestContext.FeatureGates).String()) kc.FeatureGates = framework.TestContext.FeatureGates } diff --git a/test/fixtures/pkg/kubectl/OWNERS b/test/fixtures/pkg/kubectl/OWNERS index ce699e9679a..d3e63eb0d8a 100644 --- a/test/fixtures/pkg/kubectl/OWNERS +++ b/test/fixtures/pkg/kubectl/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/test/images/BUILD b/test/images/BUILD index bf4e0b639bd..c9e026180bf 100644 --- a/test/images/BUILD +++ b/test/images/BUILD @@ -32,6 +32,7 @@ filegroup( "//test/images/porter:all-srcs", "//test/images/resource-consumer:all-srcs", "//test/images/sample-apiserver:all-srcs", + "//test/images/sample-device-plugin:all-srcs", "//test/images/serve-hostname:all-srcs", "//test/images/test-webserver:all-srcs", "//test/images/webhook:all-srcs", diff --git a/test/images/OWNERS b/test/images/OWNERS index 1e4e74e7d50..ac14680a5c0 100644 --- a/test/images/OWNERS +++ b/test/images/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - luxas - mkumatag diff --git a/test/images/cuda-vector-add/BASEIMAGE b/test/images/cuda-vector-add/BASEIMAGE index a7b6d587069..89b44efb366 100644 --- a/test/images/cuda-vector-add/BASEIMAGE +++ b/test/images/cuda-vector-add/BASEIMAGE @@ -1,2 +1,2 @@ -amd64=nvidia/cuda:8.0-devel-ubuntu16.04 -ppc64le=nvidia/cuda-ppc64le:8.0-devel-ubuntu16.04 +amd64=nvidia/cuda:10.0-devel-ubuntu18.04 +ppc64le=nvidia/cuda-ppc64le:10.0-devel-ubuntu18.04 diff --git a/test/images/cuda-vector-add/README.md b/test/images/cuda-vector-add/README.md index db2ad437df8..8fb5d58f878 100644 --- a/test/images/cuda-vector-add/README.md +++ b/test/images/cuda-vector-add/README.md @@ -11,3 +11,8 @@ $ make # Push $ make push ``` + +## Version history: + +1.0: build cuda-vector-add from CUDA 8.0. +2.0: build cuda-vector-add from CUDA 10.0 diff --git a/test/images/cuda-vector-add/VERSION b/test/images/cuda-vector-add/VERSION index d3827e75a5c..cd5ac039d67 100644 --- a/test/images/cuda-vector-add/VERSION +++ b/test/images/cuda-vector-add/VERSION @@ -1 +1 @@ -1.0 +2.0 diff --git a/test/images/image-util.sh b/test/images/image-util.sh index cf882c431ea..8e591885389 100755 --- a/test/images/image-util.sh +++ b/test/images/image-util.sh @@ -127,6 +127,8 @@ push() { kube::util::ensure-gnu-sed + # The manifest command is still experimental as of Docker 18.09.2 + export DOCKER_CLI_EXPERIMENTAL="enabled" # Make archs list into image manifest. Eg: 'amd64 ppc64le' to '${REGISTRY}/${IMAGE}-amd64:${TAG} ${REGISTRY}/${IMAGE}-ppc64le:${TAG}' manifest=$(echo $archs | ${SED} -e "s~[^ ]*~$REGISTRY\/$IMAGE\-&:$TAG~g") docker manifest create --amend ${REGISTRY}/${IMAGE}:${TAG} ${manifest} diff --git a/test/images/logs-generator/README.md b/test/images/logs-generator/README.md index 889ba2a7bdb..6713c4e3a04 100644 --- a/test/images/logs-generator/README.md +++ b/test/images/logs-generator/README.md @@ -3,7 +3,7 @@ ## Overview Logs generator is a tool to create predictable load on the logs delivery system. -Is generates random lines with predictable format and predictable average length. +It generates random lines with predictable format and predictable average length. Each line can be later uniquely identified to ensure logs delivery. ## Usage diff --git a/test/images/no-snat-test-proxy/BUILD b/test/images/no-snat-test-proxy/BUILD index d44716ab4fb..4e27ee6cbb8 100644 --- a/test/images/no-snat-test-proxy/BUILD +++ b/test/images/no-snat-test-proxy/BUILD @@ -16,7 +16,7 @@ go_library( srcs = ["main.go"], importpath = "k8s.io/kubernetes/test/images/no-snat-test-proxy", deps = [ - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], diff --git a/test/images/no-snat-test-proxy/main.go b/test/images/no-snat-test-proxy/main.go index 57bf7e62a9f..6646982b818 100644 --- a/test/images/no-snat-test-proxy/main.go +++ b/test/images/no-snat-test-proxy/main.go @@ -24,7 +24,7 @@ import ( "strings" "github.com/spf13/pflag" - "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/component-base/logs" ) @@ -48,7 +48,7 @@ func main() { m := newMasqTestProxy() m.AddFlags(pflag.CommandLine) - flag.InitFlags() + cliflag.InitFlags() logs.InitLogs() defer logs.FlushLogs() diff --git a/test/images/no-snat-test/BUILD b/test/images/no-snat-test/BUILD index a0a013a3ec1..9d8811d3c26 100644 --- a/test/images/no-snat-test/BUILD +++ b/test/images/no-snat-test/BUILD @@ -16,7 +16,7 @@ go_library( srcs = ["main.go"], importpath = "k8s.io/kubernetes/test/images/no-snat-test", deps = [ - "//staging/src/k8s.io/apiserver/pkg/util/flag:go_default_library", + "//staging/src/k8s.io/component-base/cli/flag:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", ], diff --git a/test/images/no-snat-test/main.go b/test/images/no-snat-test/main.go index 76e3bb6a650..bb94daf1a29 100644 --- a/test/images/no-snat-test/main.go +++ b/test/images/no-snat-test/main.go @@ -25,7 +25,7 @@ import ( "strings" "github.com/spf13/pflag" - "k8s.io/apiserver/pkg/util/flag" + cliflag "k8s.io/component-base/cli/flag" "k8s.io/component-base/logs" ) @@ -52,7 +52,7 @@ func main() { m := newMasqTester() m.AddFlags(pflag.CommandLine) - flag.InitFlags() + cliflag.InitFlags() logs.InitLogs() defer logs.FlushLogs() diff --git a/test/images/pets/peer-finder/BASEIMAGE b/test/images/pets/peer-finder/BASEIMAGE index 975e946af60..108ff914011 100644 --- a/test/images/pets/peer-finder/BASEIMAGE +++ b/test/images/pets/peer-finder/BASEIMAGE @@ -1,4 +1,4 @@ -amd64=k8s.gcr.io/debian-base-amd64:0.4.0 -arm=k8s.gcr.io/debian-base-arm:0.4.0 -arm64=k8s.gcr.io/debian-base-arm64:0.4.0 -ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.0 +amd64=k8s.gcr.io/debian-base-amd64:0.4.1 +arm=k8s.gcr.io/debian-base-arm:0.4.1 +arm64=k8s.gcr.io/debian-base-arm64:0.4.1 +ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.1 diff --git a/test/images/pets/redis-installer/BASEIMAGE b/test/images/pets/redis-installer/BASEIMAGE index 975e946af60..108ff914011 100644 --- a/test/images/pets/redis-installer/BASEIMAGE +++ b/test/images/pets/redis-installer/BASEIMAGE @@ -1,4 +1,4 @@ -amd64=k8s.gcr.io/debian-base-amd64:0.4.0 -arm=k8s.gcr.io/debian-base-arm:0.4.0 -arm64=k8s.gcr.io/debian-base-arm64:0.4.0 -ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.0 +amd64=k8s.gcr.io/debian-base-amd64:0.4.1 +arm=k8s.gcr.io/debian-base-arm:0.4.1 +arm64=k8s.gcr.io/debian-base-arm64:0.4.1 +ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.1 diff --git a/test/images/pets/zookeeper-installer/BASEIMAGE b/test/images/pets/zookeeper-installer/BASEIMAGE index 975e946af60..108ff914011 100644 --- a/test/images/pets/zookeeper-installer/BASEIMAGE +++ b/test/images/pets/zookeeper-installer/BASEIMAGE @@ -1,4 +1,4 @@ -amd64=k8s.gcr.io/debian-base-amd64:0.4.0 -arm=k8s.gcr.io/debian-base-arm:0.4.0 -arm64=k8s.gcr.io/debian-base-arm64:0.4.0 -ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.0 +amd64=k8s.gcr.io/debian-base-amd64:0.4.1 +arm=k8s.gcr.io/debian-base-arm:0.4.1 +arm64=k8s.gcr.io/debian-base-arm64:0.4.1 +ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.1 diff --git a/test/images/resource-consumer/BASEIMAGE b/test/images/resource-consumer/BASEIMAGE index 975e946af60..108ff914011 100644 --- a/test/images/resource-consumer/BASEIMAGE +++ b/test/images/resource-consumer/BASEIMAGE @@ -1,4 +1,4 @@ -amd64=k8s.gcr.io/debian-base-amd64:0.4.0 -arm=k8s.gcr.io/debian-base-arm:0.4.0 -arm64=k8s.gcr.io/debian-base-arm64:0.4.0 -ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.0 +amd64=k8s.gcr.io/debian-base-amd64:0.4.1 +arm=k8s.gcr.io/debian-base-arm:0.4.1 +arm64=k8s.gcr.io/debian-base-arm64:0.4.1 +ppc64le=k8s.gcr.io/debian-base-ppc64le:0.4.1 diff --git a/test/images/sample-device-plugin/BASEIMAGE b/test/images/sample-device-plugin/BASEIMAGE new file mode 100644 index 00000000000..a6161331615 --- /dev/null +++ b/test/images/sample-device-plugin/BASEIMAGE @@ -0,0 +1,5 @@ +amd64=alpine:3.8 +arm=arm32v6/alpine:3.8 +arm64=arm64v8/alpine:3.8 +ppc64le=ppc64le/alpine:3.8 +s390x=s390x/alpine:3.8 diff --git a/test/images/sample-device-plugin/BUILD b/test/images/sample-device-plugin/BUILD new file mode 100644 index 00000000000..15e7fc6b2c2 --- /dev/null +++ b/test/images/sample-device-plugin/BUILD @@ -0,0 +1,35 @@ +package(default_visibility = ["//visibility:public"]) + +load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") + +go_library( + name = "go_default_library", + srcs = ["sampledeviceplugin.go"], + importpath = "k8s.io/kubernetes/test/images/sample-device-plugin", + visibility = ["//visibility:private"], + deps = [ + "//pkg/kubelet/apis/deviceplugin/v1beta1:go_default_library", + "//pkg/kubelet/cm/devicemanager:go_default_library", + "//vendor/k8s.io/klog:go_default_library", + ], +) + +go_binary( + name = "sample-device-plugin", + embed = [":go_default_library"], + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/test/images/sample-device-plugin/Dockerfile b/test/images/sample-device-plugin/Dockerfile new file mode 100644 index 00000000000..206e0ba645c --- /dev/null +++ b/test/images/sample-device-plugin/Dockerfile @@ -0,0 +1,17 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM BASEIMAGE +ADD sampledeviceplugin /sampledeviceplugin +ENTRYPOINT ["/sampledeviceplugin", "-alsologtostderr"] diff --git a/test/images/sample-device-plugin/Makefile b/test/images/sample-device-plugin/Makefile new file mode 100644 index 00000000000..a7921439c67 --- /dev/null +++ b/test/images/sample-device-plugin/Makefile @@ -0,0 +1,25 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +SRCS=sampledeviceplugin +ARCH ?= amd64 +TARGET ?= $(CURDIR) +GOLANG_VERSION ?= latest +SRC_DIR = $(notdir $(shell pwd)) +export + +bin: + ../image-util.sh bin $(SRCS) + +.PHONY: bin diff --git a/test/images/sample-device-plugin/VERSION b/test/images/sample-device-plugin/VERSION new file mode 100644 index 00000000000..d3827e75a5c --- /dev/null +++ b/test/images/sample-device-plugin/VERSION @@ -0,0 +1 @@ +1.0 diff --git a/test/images/sample-device-plugin/sampledeviceplugin.go b/test/images/sample-device-plugin/sampledeviceplugin.go new file mode 100755 index 00000000000..1c8003db592 --- /dev/null +++ b/test/images/sample-device-plugin/sampledeviceplugin.go @@ -0,0 +1,99 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "fmt" + "os" + "path/filepath" + "time" + + "k8s.io/klog" + pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1" + dm "k8s.io/kubernetes/pkg/kubelet/cm/devicemanager" +) + +const ( + resourceName = "example.com/resource" +) + +// stubAllocFunc creates and returns allocation response for the input allocate request +func stubAllocFunc(r *pluginapi.AllocateRequest, devs map[string]pluginapi.Device) (*pluginapi.AllocateResponse, error) { + var responses pluginapi.AllocateResponse + for _, req := range r.ContainerRequests { + response := &pluginapi.ContainerAllocateResponse{} + for _, requestID := range req.DevicesIDs { + dev, ok := devs[requestID] + if !ok { + return nil, fmt.Errorf("invalid allocation request with non-existing device %s", requestID) + } + + if dev.Health != pluginapi.Healthy { + return nil, fmt.Errorf("invalid allocation request with unhealthy device: %s", requestID) + } + + // create fake device file + fpath := filepath.Join("/tmp", dev.ID) + + // clean first + if err := os.RemoveAll(fpath); err != nil { + return nil, fmt.Errorf("failed to clean fake device file from previous run: %s", err) + } + + f, err := os.Create(fpath) + if err != nil && !os.IsExist(err) { + return nil, fmt.Errorf("failed to create fake device file: %s", err) + } + + f.Close() + + response.Mounts = append(response.Mounts, &pluginapi.Mount{ + ContainerPath: fpath, + HostPath: fpath, + }) + } + responses.ContainerResponses = append(responses.ContainerResponses, response) + } + + return &responses, nil +} + +func main() { + devs := []*pluginapi.Device{ + {ID: "Dev-1", Health: pluginapi.Healthy}, + {ID: "Dev-2", Health: pluginapi.Healthy}, + } + + pluginSocksDir := os.Getenv("PLUGIN_SOCK_DIR") + klog.Infof("pluginSocksDir: %s", pluginSocksDir) + if pluginSocksDir == "" { + klog.Errorf("Empty pluginSocksDir") + return + } + socketPath := pluginSocksDir + "/dp." + fmt.Sprintf("%d", time.Now().Unix()) + + dp1 := dm.NewDevicePluginStub(devs, socketPath, resourceName, false) + if err := dp1.Start(); err != nil { + panic(err) + + } + dp1.SetAllocFunc(stubAllocFunc) + if err := dp1.Register(pluginapi.KubeletSocket, resourceName, pluginapi.DevicePluginPath); err != nil { + panic(err) + } + select {} +} diff --git a/test/images/serve-hostname/README.md b/test/images/serve-hostname/README.md index a4647ff95fd..4396a26888f 100644 --- a/test/images/serve-hostname/README.md +++ b/test/images/serve-hostname/README.md @@ -2,7 +2,7 @@ This is a small util app to serve your hostname on TCP and/or UDP. Useful for testing. -The `serve_hostname` Makefile supports multiple architectures, which means it may cross-compile and build an docker image easily. +The `serve_hostname` Makefile supports multiple architectures, which means it may cross-compile and build a docker image easily. Arch-specific busybox images serve as base images. If you are releasing a new version, please bump the `TAG` value in the `Makefile` before building the images. diff --git a/test/integration/apiserver/BUILD b/test/integration/apiserver/BUILD index e1afd14fee9..bc8412d5a2e 100644 --- a/test/integration/apiserver/BUILD +++ b/test/integration/apiserver/BUILD @@ -11,6 +11,8 @@ go_test( srcs = [ "apiserver_test.go", "main_test.go", + "max_json_patch_operations_test.go", + "max_request_body_bytes_test.go", "patch_test.go", "print_test.go", ], @@ -19,6 +21,7 @@ go_test( "integration", ], deps = [ + "//cmd/kube-apiserver/app/options:go_default_library", "//pkg/api/legacyscheme:go_default_library", "//pkg/kubectl/cmd/util:go_default_library", "//pkg/master:go_default_library", @@ -46,7 +49,7 @@ go_test( "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature/testing:go_default_library", "//staging/src/k8s.io/cli-runtime/pkg/genericclioptions:go_default_library", - "//staging/src/k8s.io/client-go/discovery:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/disk:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library", diff --git a/test/integration/apiserver/apply/apply_test.go b/test/integration/apiserver/apply/apply_test.go index f66f6a171a8..81e937dc678 100644 --- a/test/integration/apiserver/apply/apply_test.go +++ b/test/integration/apiserver/apply/apply_test.go @@ -61,32 +61,62 @@ func TestApplyAlsoCreates(t *testing.T) { _, client, closeFn := setup(t) defer closeFn() - _, err := client.CoreV1().RESTClient().Patch(types.ApplyPatchType). - Namespace("default"). - Resource("pods"). - Name("test-pod"). - Body([]byte(`{ - "apiVersion": "v1", - "kind": "Pod", - "metadata": { - "name": "test-pod" - }, - "spec": { - "containers": [{ - "name": "test-container", - "image": "test-image" - }] - } - }`)). - Do(). - Get() - if err != nil { - t.Fatalf("Failed to create object using Apply patch: %v", err) + testCases := []struct { + resource string + name string + body string + }{ + { + resource: "pods", + name: "test-pod", + body: `{ + "apiVersion": "v1", + "kind": "Pod", + "metadata": { + "name": "test-pod" + }, + "spec": { + "containers": [{ + "name": "test-container", + "image": "test-image" + }] + } + }`, + }, { + resource: "services", + name: "test-svc", + body: `{ + "apiVersion": "v1", + "kind": "Service", + "metadata": { + "name": "test-svc" + }, + "spec": { + "ports": [{ + "port": 8080, + "protocol": "UDP" + }] + } + }`, + }, } - _, err = client.CoreV1().RESTClient().Get().Namespace("default").Resource("pods").Name("test-pod").Do().Get() - if err != nil { - t.Fatalf("Failed to retrieve object: %v", err) + for _, tc := range testCases { + _, err := client.CoreV1().RESTClient().Patch(types.ApplyPatchType). + Namespace("default"). + Resource(tc.resource). + Name(tc.name). + Body([]byte(tc.body)). + Do(). + Get() + if err != nil { + t.Fatalf("Failed to create object using Apply patch: %v", err) + } + + _, err = client.CoreV1().RESTClient().Get().Namespace("default").Resource(tc.resource).Name(tc.name).Do().Get() + if err != nil { + t.Fatalf("Failed to retrieve object: %v", err) + } } } @@ -223,7 +253,11 @@ func TestApplyManagedFields(t *testing.T) { "apiVersion": "v1", "kind": "ConfigMap", "metadata": { - "name": "test-cm" + "name": "test-cm", + "namespace": "default", + "labels": { + "test-label": "test" + } }, "data": { "key": "value" @@ -267,16 +301,19 @@ func TestApplyManagedFields(t *testing.T) { "uid": "` + string(accessor.GetUID()) + `", "resourceVersion": "` + accessor.GetResourceVersion() + `", "creationTimestamp": "` + accessor.GetCreationTimestamp().UTC().Format(time.RFC3339) + `", + "labels": { + "test-label": "test" + }, "managedFields": [ { "manager": "apply", "operation": "Apply", "apiVersion": "v1", "fields": { - "f:apiVersion": {}, - "f:kind": {}, "f:metadata": { - "f:name": {} + "f:labels": { + "f:test-label": {} + } } } }, @@ -302,3 +339,54 @@ func TestApplyManagedFields(t *testing.T) { t.Fatalf("Expected:\n%v\nGot:\n%v", string(expected), string(actual)) } } + +// TestApplyRemovesEmptyManagedFields there are no empty managers in managedFields +func TestApplyRemovesEmptyManagedFields(t *testing.T) { + defer utilfeaturetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, genericfeatures.ServerSideApply, true)() + + _, client, closeFn := setup(t) + defer closeFn() + + obj := []byte(`{ + "apiVersion": "v1", + "kind": "ConfigMap", + "metadata": { + "name": "test-cm", + "namespace": "default" + } + }`) + + _, err := client.CoreV1().RESTClient().Patch(types.ApplyPatchType). + Namespace("default"). + Resource("configmaps"). + Name("test-cm"). + Body(obj). + Do(). + Get() + if err != nil { + t.Fatalf("Failed to create object using Apply patch: %v", err) + } + + _, err = client.CoreV1().RESTClient().Patch(types.ApplyPatchType). + Namespace("default"). + Resource("configmaps"). + Name("test-cm"). + Body(obj).Do().Get() + if err != nil { + t.Fatalf("Failed to patch object: %v", err) + } + + object, err := client.CoreV1().RESTClient().Get().Namespace("default").Resource("configmaps").Name("test-cm").Do().Get() + if err != nil { + t.Fatalf("Failed to retrieve object: %v", err) + } + + accessor, err := meta.Accessor(object) + if err != nil { + t.Fatalf("Failed to get meta accessor: %v", err) + } + + if managed := accessor.GetManagedFields(); managed != nil { + t.Fatalf("Object contains unexpected managedFields: %v", managed) + } +} diff --git a/test/integration/apiserver/max_json_patch_operations_test.go b/test/integration/apiserver/max_json_patch_operations_test.go new file mode 100644 index 00000000000..0785428862b --- /dev/null +++ b/test/integration/apiserver/max_json_patch_operations_test.go @@ -0,0 +1,69 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package apiserver + +import ( + "fmt" + "strings" + "testing" + + "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/kubernetes/cmd/kube-apiserver/app/options" + "k8s.io/kubernetes/test/integration/framework" +) + +// Tests that the apiserver limits the number of operations in a json patch. +func TestMaxJSONPatchOperations(t *testing.T) { + stopCh := make(chan struct{}) + defer close(stopCh) + clientSet, _ := framework.StartTestServer(t, stopCh, framework.TestServerSetup{ + ModifyServerRunOptions: func(opts *options.ServerRunOptions) { + opts.GenericServerRunOptions.MaxRequestBodyBytes = 1024 * 1024 + }, + }) + + p := `{"op":"add","path":"/x","value":"y"}` + // maxJSONPatchOperations = 10000 + hugePatch := []byte("[" + strings.Repeat(p+",", 10000) + p + "]") + + c := clientSet.CoreV1().RESTClient() + // Create a secret so we can patch it. + secret := &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + }, + } + _, err := clientSet.CoreV1().Secrets("default").Create(secret) + if err != nil { + t.Fatal(err) + } + + err = c.Patch(types.JSONPatchType).AbsPath(fmt.Sprintf("/api/v1/namespaces/default/secrets/test")). + Body(hugePatch).Do().Error() + if err == nil { + t.Fatalf("unexpected no error") + } + if !errors.IsRequestEntityTooLargeError(err) { + t.Errorf("expected requested entity too large err, got %v", err) + } + if !strings.Contains(err.Error(), "The allowed maximum operations in a JSON patch is") { + t.Errorf("expected the error message to be about maximum operations, got %v", err) + } +} diff --git a/test/integration/apiserver/max_request_body_bytes_test.go b/test/integration/apiserver/max_request_body_bytes_test.go new file mode 100644 index 00000000000..05816d60363 --- /dev/null +++ b/test/integration/apiserver/max_request_body_bytes_test.go @@ -0,0 +1,101 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package apiserver + +import ( + "fmt" + "strings" + "testing" + + "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/kubernetes/cmd/kube-apiserver/app/options" + "k8s.io/kubernetes/test/integration/framework" +) + +// Tests that the apiserver limits the resource size in write operations. +func TestMaxResourceSize(t *testing.T) { + stopCh := make(chan struct{}) + defer close(stopCh) + clientSet, _ := framework.StartTestServer(t, stopCh, framework.TestServerSetup{ + ModifyServerRunOptions: func(opts *options.ServerRunOptions) { + opts.GenericServerRunOptions.MaxRequestBodyBytes = 1024 * 1024 + }, + }) + + hugeData := []byte(strings.Repeat("x", 1024*1024+1)) + + c := clientSet.CoreV1().RESTClient() + t.Run("Create should limit the request body size", func(t *testing.T) { + err := c.Post().AbsPath(fmt.Sprintf("/api/v1/namespaces/default/pods")). + Body(hugeData).Do().Error() + if err == nil { + t.Fatalf("unexpected no error") + } + if !errors.IsRequestEntityTooLargeError(err) { + t.Errorf("expected requested entity too large err, got %v", err) + + } + }) + + // Create a secret so we can update/patch/delete it. + secret := &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + }, + } + _, err := clientSet.CoreV1().Secrets("default").Create(secret) + if err != nil { + t.Fatal(err) + } + + t.Run("Update should limit the request body size", func(t *testing.T) { + err = c.Put().AbsPath(fmt.Sprintf("/api/v1/namespaces/default/secrets/test")). + Body(hugeData).Do().Error() + if err == nil { + t.Fatalf("unexpected no error") + } + if !errors.IsRequestEntityTooLargeError(err) { + t.Errorf("expected requested entity too large err, got %v", err) + + } + }) + t.Run("Patch should limit the request body size", func(t *testing.T) { + err = c.Patch(types.JSONPatchType).AbsPath(fmt.Sprintf("/api/v1/namespaces/default/secrets/test")). + Body(hugeData).Do().Error() + if err == nil { + t.Fatalf("unexpected no error") + } + if !errors.IsRequestEntityTooLargeError(err) { + t.Errorf("expected requested entity too large err, got %v", err) + + } + }) + t.Run("Delete should limit the request body size", func(t *testing.T) { + err = c.Delete().AbsPath(fmt.Sprintf("/api/v1/namespaces/default/secrets/test")). + Body(hugeData).Do().Error() + if err == nil { + t.Fatalf("unexpected no error") + } + if !errors.IsRequestEntityTooLargeError(err) { + t.Errorf("expected requested entity too large err, got %v", err) + + } + }) +} diff --git a/test/integration/apiserver/print_test.go b/test/integration/apiserver/print_test.go index 7ff1d604751..b3cab84f096 100644 --- a/test/integration/apiserver/print_test.go +++ b/test/integration/apiserver/print_test.go @@ -40,7 +40,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/cli-runtime/pkg/genericclioptions" - "k8s.io/client-go/discovery" + diskcached "k8s.io/client-go/discovery/cached/disk" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" "k8s.io/gengo/examples/set-gen/sets" @@ -181,7 +181,7 @@ func TestServerSidePrint(t *testing.T) { os.Remove(cacheDir) }() - cachedClient, err := discovery.NewCachedDiscoveryClientForConfig(restConfig, cacheDir, "", time.Duration(10*time.Minute)) + cachedClient, err := diskcached.NewCachedDiscoveryClientForConfig(restConfig, cacheDir, "", time.Duration(10*time.Minute)) if err != nil { t.Errorf("unexpected error: %v", err) } diff --git a/test/integration/daemonset/OWNERS b/test/integration/daemonset/OWNERS old mode 100755 new mode 100644 index 08876145714..b603f1be9ee --- a/test/integration/daemonset/OWNERS +++ b/test/integration/daemonset/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - mikedanese - kow3ns diff --git a/test/integration/deployment/OWNERS b/test/integration/deployment/OWNERS index 0320f7a4c6a..1b4230aa638 100644 --- a/test/integration/deployment/OWNERS +++ b/test/integration/deployment/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - janetkuo - kargakis diff --git a/test/integration/dryrun/OWNERS b/test/integration/dryrun/OWNERS index e0d0a88788c..bf5772ad4b0 100644 --- a/test/integration/dryrun/OWNERS +++ b/test/integration/dryrun/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - apelisse - deads2k diff --git a/test/integration/etcd/BUILD b/test/integration/etcd/BUILD index 700a438d666..f29d37ba72a 100644 --- a/test/integration/etcd/BUILD +++ b/test/integration/etcd/BUILD @@ -65,7 +65,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", - "//staging/src/k8s.io/client-go/discovery/cached:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", diff --git a/test/integration/etcd/OWNERS b/test/integration/etcd/OWNERS old mode 100755 new mode 100644 index c51396ba345..d92d32ac659 --- a/test/integration/etcd/OWNERS +++ b/test/integration/etcd/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - enj reviewers: diff --git a/test/integration/etcd/data.go b/test/integration/etcd/data.go index 49838c8ce81..30f10155dc5 100644 --- a/test/integration/etcd/data.go +++ b/test/integration/etcd/data.go @@ -266,6 +266,14 @@ func GetEtcdStorageData() map[schema.GroupVersionResource]StorageData { }, // -- + // k8s.io/kubernetes/pkg/apis/networking/v1beta1 + gvr("networking.k8s.io", "v1beta1", "ingresses"): { + Stub: `{"metadata": {"name": "ingress2"}, "spec": {"backend": {"serviceName": "service", "servicePort": 5000}}}`, + ExpectedEtcdPath: "/registry/ingress/etcdstoragepathtestnamespace/ingress2", + ExpectedGVK: gvkP("extensions", "v1beta1", "Ingress"), + }, + // -- + // k8s.io/kubernetes/pkg/apis/networking/v1 gvr("networking.k8s.io", "v1", "networkpolicies"): { Stub: `{"metadata": {"name": "np2"}, "spec": {"podSelector": {"matchLabels": {"e": "f"}}}}`, diff --git a/test/integration/etcd/server.go b/test/integration/etcd/server.go index 60df584222a..1728ce5908d 100644 --- a/test/integration/etcd/server.go +++ b/test/integration/etcd/server.go @@ -39,7 +39,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/wait" genericapiserveroptions "k8s.io/apiserver/pkg/server/options" - cacheddiscovery "k8s.io/client-go/discovery/cached" + cacheddiscovery "k8s.io/client-go/discovery/cached/memory" "k8s.io/client-go/dynamic" clientset "k8s.io/client-go/kubernetes" restclient "k8s.io/client-go/rest" diff --git a/test/integration/framework/BUILD b/test/integration/framework/BUILD index ff697741ba6..d8f30fa7c51 100644 --- a/test/integration/framework/BUILD +++ b/test/integration/framework/BUILD @@ -24,7 +24,6 @@ go_library( "//cmd/kube-apiserver/app/options:go_default_library", "//cmd/kubeadm/app/util/pkiutil:go_default_library", "//pkg/api/legacyscheme:go_default_library", - "//pkg/api/testapi:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/policy/v1beta1:go_default_library", "//pkg/generated/openapi:go_default_library", diff --git a/test/integration/framework/etcd.go b/test/integration/framework/etcd.go index 5756c3e6a4c..97aa267f4bf 100644 --- a/test/integration/framework/etcd.go +++ b/test/integration/framework/etcd.go @@ -35,7 +35,7 @@ var etcdURL = "" const installEtcd = ` Cannot find etcd, cannot run integration tests -Please see https://github.com/kubernetes/community/blob/master/contributors/devel/testing.md#install-etcd-dependency for instructions. +Please see https://git.k8s.io/community/contributors/devel/sig-testing/testing.md#install-etcd-dependency for instructions. You can use 'hack/install-etcd.sh' to install a copy in third_party/. diff --git a/test/integration/framework/master_utils.go b/test/integration/framework/master_utils.go index ad376fe4860..566d11a1579 100644 --- a/test/integration/framework/master_utils.go +++ b/test/integration/framework/master_utils.go @@ -56,7 +56,6 @@ import ( "k8s.io/klog" openapicommon "k8s.io/kube-openapi/pkg/common" "k8s.io/kubernetes/pkg/api/legacyscheme" - "k8s.io/kubernetes/pkg/api/testapi" "k8s.io/kubernetes/pkg/apis/batch" policy "k8s.io/kubernetes/pkg/apis/policy/v1beta1" "k8s.io/kubernetes/pkg/generated/openapi" @@ -263,11 +262,8 @@ func NewMasterConfig() *master.Config { resourceEncoding := serverstorage.NewDefaultResourceEncodingConfig(legacyscheme.Scheme) // FIXME (soltysh): this GroupVersionResource override should be configurable - // we need to set both for the whole group and for cronjobs, separately - resourceEncoding.SetVersionEncoding(batch.GroupName, *testapi.Batch.GroupVersion(), schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal}) resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: batch.GroupName, Resource: "cronjobs"}, schema.GroupVersion{Group: batch.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal}) // we also need to set both for the storage group and for volumeattachments, separately - resourceEncoding.SetVersionEncoding(storage.GroupName, *testapi.Storage.GroupVersion(), schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal}) resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: storage.GroupName, Resource: "volumeattachments"}, schema.GroupVersion{Group: storage.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal}) storageFactory := serverstorage.NewDefaultStorageFactory(etcdOptions.StorageConfig, runtime.ContentTypeJSON, ns, resourceEncoding, master.DefaultAPIResourceConfigSource(), nil) diff --git a/test/integration/garbagecollector/BUILD b/test/integration/garbagecollector/BUILD index e2c2f241ae8..6db4b00506b 100644 --- a/test/integration/garbagecollector/BUILD +++ b/test/integration/garbagecollector/BUILD @@ -25,7 +25,7 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apiserver/pkg/storage/names:go_default_library", - "//staging/src/k8s.io/client-go/discovery/cached:go_default_library", + "//staging/src/k8s.io/client-go/discovery/cached/memory:go_default_library", "//staging/src/k8s.io/client-go/dynamic:go_default_library", "//staging/src/k8s.io/client-go/informers:go_default_library", "//staging/src/k8s.io/client-go/kubernetes:go_default_library", diff --git a/test/integration/garbagecollector/garbage_collector_test.go b/test/integration/garbagecollector/garbage_collector_test.go index 061369dcc96..a7dcd70341d 100644 --- a/test/integration/garbagecollector/garbage_collector_test.go +++ b/test/integration/garbagecollector/garbage_collector_test.go @@ -36,7 +36,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/storage/names" - cacheddiscovery "k8s.io/client-go/discovery/cached" + cacheddiscovery "k8s.io/client-go/discovery/cached/memory" "k8s.io/client-go/dynamic" "k8s.io/client-go/informers" clientset "k8s.io/client-go/kubernetes" diff --git a/test/integration/ipamperf/test-performance.sh b/test/integration/ipamperf/test-performance.sh index 0540978c090..20d9832c87d 100755 --- a/test/integration/ipamperf/test-performance.sh +++ b/test/integration/ipamperf/test-performance.sh @@ -67,13 +67,13 @@ while getopts ":hdr:o:p:ca:k:n:m:l:" opt; do esac done -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../../../ +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../../../ source "${KUBE_ROOT}/hack/lib/init.sh" kube::golang::setup_env -DIR_BASENAME=$(dirname "${BASH_SOURCE}") -pushd ${DIR_BASENAME} +DIR_BASENAME=$(dirname "${BASH_SOURCE[0]}") +pushd "${DIR_BASENAME}" cleanup() { popd 2> /dev/null @@ -87,5 +87,5 @@ kube::etcd::start # Running IPAM tests. It might take a long time. kube::log::status "performance test (IPAM) start" -go test ${PROFILE_OPTS} -test.run=${RUN_PATTERN} -test.timeout=60m -test.short=false -v -args ${TEST_ARGS} +go test "${PROFILE_OPTS}" -test.run="${RUN_PATTERN}" -test.timeout=60m -test.short=false -v -args "${TEST_ARGS}" kube::log::status "... IPAM tests finished." diff --git a/test/integration/scheduler/OWNERS b/test/integration/scheduler/OWNERS index d2792efd526..60d3f73d36d 100644 --- a/test/integration/scheduler/OWNERS +++ b/test/integration/scheduler/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-scheduling-maintainers reviewers: diff --git a/test/integration/scheduler_perf/BUILD b/test/integration/scheduler_perf/BUILD index abaadbe35b7..b83637d6c46 100644 --- a/test/integration/scheduler_perf/BUILD +++ b/test/integration/scheduler_perf/BUILD @@ -34,7 +34,6 @@ go_test( embed = [":go_default_library"], tags = ["integration"], deps = [ - "//pkg/kubelet/apis:go_default_library", "//pkg/scheduler/factory:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", diff --git a/test/integration/scheduler_perf/OWNERS b/test/integration/scheduler_perf/OWNERS index d2792efd526..60d3f73d36d 100644 --- a/test/integration/scheduler_perf/OWNERS +++ b/test/integration/scheduler_perf/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-scheduling-maintainers reviewers: diff --git a/test/integration/scheduler_perf/scheduler_bench_test.go b/test/integration/scheduler_perf/scheduler_bench_test.go index 818eb9a9819..573916dae25 100644 --- a/test/integration/scheduler_perf/scheduler_bench_test.go +++ b/test/integration/scheduler_perf/scheduler_bench_test.go @@ -24,7 +24,6 @@ import ( "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" - "k8s.io/kubernetes/pkg/kubelet/apis" "k8s.io/kubernetes/test/integration/framework" testutils "k8s.io/kubernetes/test/utils" @@ -98,7 +97,7 @@ func BenchmarkSchedulingPodAffinity(b *testing.B) { ) // The test strategy creates pods with affinity for each other. testStrategy := testutils.NewCustomCreatePodStrategy(testBasePod) - nodeStrategy := testutils.NewLabelNodePrepareStrategy(apis.LabelZoneFailureDomain, "zone1") + nodeStrategy := testutils.NewLabelNodePrepareStrategy(v1.LabelZoneFailureDomain, "zone1") for _, test := range tests { name := fmt.Sprintf("%vNodes/%vPods", test.nodes, test.existingPods) b.Run(name, func(b *testing.B) { @@ -119,10 +118,10 @@ func BenchmarkSchedulingNodeAffinity(b *testing.B) { } // The setup strategy creates pods with no affinity rules. setupStrategy := testutils.NewSimpleWithControllerCreatePodStrategy("setup") - testBasePod := makeBasePodWithNodeAffinity(apis.LabelZoneFailureDomain, []string{"zone1", "zone2"}) + testBasePod := makeBasePodWithNodeAffinity(v1.LabelZoneFailureDomain, []string{"zone1", "zone2"}) // The test strategy creates pods with node-affinity for each other. testStrategy := testutils.NewCustomCreatePodStrategy(testBasePod) - nodeStrategy := testutils.NewLabelNodePrepareStrategy(apis.LabelZoneFailureDomain, "zone1") + nodeStrategy := testutils.NewLabelNodePrepareStrategy(v1.LabelZoneFailureDomain, "zone1") for _, test := range tests { name := fmt.Sprintf("%vNodes/%vPods", test.nodes, test.existingPods) b.Run(name, func(b *testing.B) { @@ -148,7 +147,7 @@ func makeBasePodWithPodAntiAffinity(podLabels, affinityLabels map[string]string) LabelSelector: &metav1.LabelSelector{ MatchLabels: affinityLabels, }, - TopologyKey: apis.LabelHostname, + TopologyKey: v1.LabelHostname, }, }, }, @@ -173,7 +172,7 @@ func makeBasePodWithPodAffinity(podLabels, affinityZoneLabels map[string]string) LabelSelector: &metav1.LabelSelector{ MatchLabels: affinityZoneLabels, }, - TopologyKey: apis.LabelZoneFailureDomain, + TopologyKey: v1.LabelZoneFailureDomain, }, }, }, diff --git a/test/integration/scheduler_perf/test-performance.sh b/test/integration/scheduler_perf/test-performance.sh index 472939d5cb4..ad75fae5dfd 100755 --- a/test/integration/scheduler_perf/test-performance.sh +++ b/test/integration/scheduler_perf/test-performance.sh @@ -18,13 +18,13 @@ set -o errexit set -o nounset set -o pipefail -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../../../ +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../../../ source "${KUBE_ROOT}/hack/lib/init.sh" kube::golang::setup_env -DIR_BASENAME=$(dirname "${BASH_SOURCE}") -pushd ${DIR_BASENAME} +DIR_BASENAME=$(dirname "${BASH_SOURCE[0]}") +pushd "${DIR_BASENAME}" cleanup() { popd 2> /dev/null diff --git a/test/integration/serving/BUILD b/test/integration/serving/BUILD index 24fe855f3ee..94797906206 100644 --- a/test/integration/serving/BUILD +++ b/test/integration/serving/BUILD @@ -22,11 +22,8 @@ go_test( "//cmd/kube-controller-manager/app/testing:go_default_library", "//cmd/kube-scheduler/app/testing:go_default_library", "//pkg/cloudprovider/providers/fake:go_default_library", - "//staging/src/k8s.io/api/rbac/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library", - "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/cloud-provider:go_default_library", "//test/integration/framework:go_default_library", ], diff --git a/test/integration/serving/serving_test.go b/test/integration/serving/serving_test.go index 668e1c26454..1e5ce9fb045 100644 --- a/test/integration/serving/serving_test.go +++ b/test/integration/serving/serving_test.go @@ -28,11 +28,8 @@ import ( "strings" "testing" - rbacv1 "k8s.io/api/rbac/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apiserver/pkg/server" "k8s.io/apiserver/pkg/server/options" - "k8s.io/client-go/kubernetes" "k8s.io/cloud-provider" cloudctrlmgrtesting "k8s.io/kubernetes/cmd/cloud-controller-manager/app/testing" kubeapiservertesting "k8s.io/kubernetes/cmd/kube-apiserver/app/testing" @@ -49,6 +46,8 @@ type componentTester interface { type kubeControllerManagerTester struct{} func (kubeControllerManagerTester) StartTestServer(t kubectrlmgrtesting.Logger, customFlags []string) (*options.SecureServingOptionsWithLoopback, *server.SecureServingInfo, *server.DeprecatedInsecureServingInfo, func(), error) { + // avoid starting any controller loops, we're just testing serving + customFlags = append([]string{"--controllers="}, customFlags...) gotResult, err := kubectrlmgrtesting.StartTestServer(t, customFlags) if err != nil { return nil, nil, nil, nil, err @@ -96,7 +95,7 @@ func TestComponentSecureServingAndAuth(t *testing.T) { t.Fatal(err) } tokenFile.WriteString(fmt.Sprintf(` -%s,controller-manager,controller-manager,"" +%s,system:kube-controller-manager,system:kube-controller-manager,"" `, token)) tokenFile.Close() @@ -107,44 +106,6 @@ func TestComponentSecureServingAndAuth(t *testing.T) { }, framework.SharedEtcd()) defer server.TearDownFn() - // allow controller-manager to do SubjectAccessReview - client, err := kubernetes.NewForConfig(server.ClientConfig) - if err != nil { - t.Fatalf("unexpected error creating client config: %v", err) - } - _, err = client.RbacV1().ClusterRoleBindings().Create(&rbacv1.ClusterRoleBinding{ - ObjectMeta: metav1.ObjectMeta{Name: "controller-manager:system:auth-delegator"}, - Subjects: []rbacv1.Subject{{ - Kind: "User", - Name: "controller-manager", - }}, - RoleRef: rbacv1.RoleRef{ - APIGroup: "rbac.authorization.k8s.io", - Kind: "ClusterRole", - Name: "system:auth-delegator", - }, - }) - if err != nil { - t.Fatalf("failed to create system:auth-delegator rbac cluster role binding: %v", err) - } - - // allow controller-manager to read kube-system/extension-apiserver-authentication - _, err = client.RbacV1().RoleBindings("kube-system").Create(&rbacv1.RoleBinding{ - ObjectMeta: metav1.ObjectMeta{Name: "controller-manager:extension-apiserver-authentication-reader"}, - Subjects: []rbacv1.Subject{{ - Kind: "User", - Name: "controller-manager", - }}, - RoleRef: rbacv1.RoleRef{ - APIGroup: "rbac.authorization.k8s.io", - Kind: "Role", - Name: "extension-apiserver-authentication-reader", - }, - }) - if err != nil { - t.Fatalf("failed to create controller-manager:extension-apiserver-authentication-reader rbac role binding: %v", err) - } - // create kubeconfig for the apiserver apiserverConfig, err := ioutil.TempFile("", "kubeconfig") if err != nil { diff --git a/test/integration/statefulset/OWNERS b/test/integration/statefulset/OWNERS index ef439d8b051..0d46fbf12db 100644 --- a/test/integration/statefulset/OWNERS +++ b/test/integration/statefulset/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - barney-s - crimsonfaith91 diff --git a/test/kubemark/OWNERS b/test/kubemark/OWNERS index cf2f885df34..329e8801dc9 100644 --- a/test/kubemark/OWNERS +++ b/test/kubemark/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - gmarek - shyamjvs diff --git a/test/kubemark/configure-kubectl.sh b/test/kubemark/configure-kubectl.sh index eec173b2a59..2ac77b5e73d 100755 --- a/test/kubemark/configure-kubectl.sh +++ b/test/kubemark/configure-kubectl.sh @@ -16,5 +16,5 @@ # This script assumes that kubectl binary is present in PATH. kubectl config set-cluster hollow-cluster --server=http://localhost:8080 --insecure-skip-tls-verify=true -kubectl config set-credentials $(whoami) -kubectl config set-context hollow-context --cluster=hollow-cluster --user=$(whoami) +kubectl config set-credentials "$(whoami)" +kubectl config set-context hollow-context --cluster=hollow-cluster --user="$(whoami)" diff --git a/test/kubemark/pre-existing/util.sh b/test/kubemark/pre-existing/util.sh index 22be7913569..3e279af5e92 100644 --- a/test/kubemark/pre-existing/util.sh +++ b/test/kubemark/pre-existing/util.sh @@ -14,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../../.. source "${KUBE_ROOT}/test/kubemark/common/util.sh" @@ -23,5 +23,5 @@ source "${KUBE_ROOT}/test/kubemark/common/util.sh" function execute-cmd-on-pre-existing-master-with-retries() { IP_WITHOUT_PORT=$(echo "${MASTER_IP}" | cut -f 1 -d ':') || "${MASTER_IP}" - RETRIES="${2:-1}" run-cmd-with-retries ssh kubernetes@"${IP_WITHOUT_PORT}" $1 + RETRIES="${2:-1}" run-cmd-with-retries ssh kubernetes@"${IP_WITHOUT_PORT}" "${1}" } diff --git a/test/test_owners.csv b/test/test_owners.csv index a7729d72d34..6ee4400bc33 100644 --- a/test/test_owners.csv +++ b/test/test_owners.csv @@ -569,7 +569,6 @@ k8s.io/kubernetes/pkg/apis/batch/validation,erictune,0, k8s.io/kubernetes/pkg/apis/componentconfig,jbeda,1, k8s.io/kubernetes/pkg/apis/extensions,bgrant0607,1, k8s.io/kubernetes/pkg/apis/extensions/v1beta1,madhusudancs,1, -k8s.io/kubernetes/pkg/apis/extensions/validation,nikhiljindal,1, k8s.io/kubernetes/pkg/apis/policy/validation,deads2k,1, k8s.io/kubernetes/pkg/apis/rbac/v1alpha1,liggitt,0, k8s.io/kubernetes/pkg/apis/rbac/validation,erictune,0, @@ -745,8 +744,6 @@ k8s.io/kubernetes/pkg/registry/extensions/daemonset,nikhiljindal,1, k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage,kevin-wangzefeng,1, k8s.io/kubernetes/pkg/registry/extensions/deployment,dchen1107,1, k8s.io/kubernetes/pkg/registry/extensions/deployment/storage,timothysc,1, -k8s.io/kubernetes/pkg/registry/extensions/ingress,apelisse,1, -k8s.io/kubernetes/pkg/registry/extensions/ingress/storage,luxas,1, k8s.io/kubernetes/pkg/registry/extensions/replicaset,rrati,0, k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage,wojtek-t,1, k8s.io/kubernetes/pkg/registry/extensions/rest,rrati,0, diff --git a/test/typecheck/OWNERS b/test/typecheck/OWNERS index e40fb6bb555..eeab9960bf8 100644 --- a/test/typecheck/OWNERS +++ b/test/typecheck/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - cblecker - rmmh diff --git a/test/typecheck/README b/test/typecheck/README index 986bbd785b4..85df3f39093 100644 --- a/test/typecheck/README +++ b/test/typecheck/README @@ -19,5 +19,4 @@ Things go/types errors on that go build doesn't: These should be ignored and reported upstream if applicable. - type checking mismatches between staging and generated types Things go build fails on that we don't: - Please send examples of this to rmmh@ and extend this list. - CGo errors, including syntax and linker errors. diff --git a/test/utils/image/OWNERS b/test/utils/image/OWNERS index 1e4e74e7d50..ac14680a5c0 100644 --- a/test/utils/image/OWNERS +++ b/test/utils/image/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - luxas - mkumatag diff --git a/test/utils/image/manifest.go b/test/utils/image/manifest.go index c6090693e4c..266945a4bb8 100644 --- a/test/utils/image/manifest.go +++ b/test/utils/image/manifest.go @@ -99,6 +99,7 @@ var ( BusyBox = Config{dockerLibraryRegistry, "busybox", "1.29"} CheckMetadataConcealment = Config{e2eRegistry, "metadata-concealment", "1.2"} CudaVectorAdd = Config{e2eRegistry, "cuda-vector-add", "1.0"} + CudaVectorAdd2 = Config{e2eRegistry, "cuda-vector-add", "2.0"} Dnsutils = Config{e2eRegistry, "dnsutils", "1.1"} EchoServer = Config{e2eRegistry, "echoserver", "2.2"} EntrypointTester = Config{e2eRegistry, "entrypoint-tester", "1.0"} diff --git a/third_party/OWNERS b/third_party/OWNERS index 4ca753ad31d..d74f3c50dec 100644 --- a/third_party/OWNERS +++ b/third_party/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - lavalamp - smarterclayton diff --git a/third_party/forked/shell2junit/OWNERS b/third_party/forked/shell2junit/OWNERS index 75f74d1e821..57071e0e247 100644 --- a/third_party/forked/shell2junit/OWNERS +++ b/third_party/forked/shell2junit/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - cblecker - ixdy diff --git a/third_party/go-srcimporter/OWNERS b/third_party/go-srcimporter/OWNERS index e40fb6bb555..eeab9960bf8 100644 --- a/third_party/go-srcimporter/OWNERS +++ b/third_party/go-srcimporter/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - cblecker - rmmh diff --git a/translations/OWNERS b/translations/OWNERS index b5535f7410b..600a47fa03e 100644 --- a/translations/OWNERS +++ b/translations/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + reviewers: - brendandburns approvers: diff --git a/translations/kubectl/OWNERS b/translations/kubectl/OWNERS index ce699e9679a..d3e63eb0d8a 100644 --- a/translations/kubectl/OWNERS +++ b/translations/kubectl/OWNERS @@ -1,3 +1,5 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - sig-cli-maintainers reviewers: diff --git a/vendor/BUILD b/vendor/BUILD index 1cc078453dc..23b959ce508 100644 --- a/vendor/BUILD +++ b/vendor/BUILD @@ -65,8 +65,15 @@ filegroup( "//vendor/github.com/bazelbuild/bazel-gazelle/internal/version:all-srcs", "//vendor/github.com/bazelbuild/bazel-gazelle/internal/walk:all-srcs", "//vendor/github.com/bazelbuild/bazel-gazelle/internal/wspace:all-srcs", + "//vendor/github.com/bazelbuild/buildtools/api_proto:all-srcs", "//vendor/github.com/bazelbuild/buildtools/build:all-srcs", + "//vendor/github.com/bazelbuild/buildtools/build_proto:all-srcs", + "//vendor/github.com/bazelbuild/buildtools/buildozer:all-srcs", + "//vendor/github.com/bazelbuild/buildtools/edit:all-srcs", + "//vendor/github.com/bazelbuild/buildtools/file:all-srcs", + "//vendor/github.com/bazelbuild/buildtools/lang:all-srcs", "//vendor/github.com/bazelbuild/buildtools/tables:all-srcs", + "//vendor/github.com/bazelbuild/buildtools/wspace:all-srcs", "//vendor/github.com/beorn7/perks/quantile:all-srcs", "//vendor/github.com/blang/semver:all-srcs", "//vendor/github.com/cespare/prettybench:all-srcs", @@ -491,6 +498,24 @@ filegroup( "//vendor/k8s.io/utils/pointer:all-srcs", "//vendor/k8s.io/utils/strings:all-srcs", "//vendor/k8s.io/utils/trace:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/commands/build:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/constants:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/expansion:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/factory:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/fs:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/git:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/image:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/internal/error:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/loader:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/patch:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/resid:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/target:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers:all-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/types:all-srcs", "//vendor/sigs.k8s.io/structured-merge-diff/fieldpath:all-srcs", "//vendor/sigs.k8s.io/structured-merge-diff/merge:all-srcs", "//vendor/sigs.k8s.io/structured-merge-diff/schema:all-srcs", diff --git a/vendor/OWNERS b/vendor/OWNERS index 3d49f30605a..0f5d2f6734e 100644 --- a/vendor/OWNERS +++ b/vendor/OWNERS @@ -1,2 +1,4 @@ +# See the OWNERS docs at https://go.k8s.io/owners + approvers: - dep-approvers diff --git a/vendor/github.com/Microsoft/go-winio/ea.go b/vendor/github.com/Microsoft/go-winio/ea.go index b37e930d6af..4051c1b33bf 100644 --- a/vendor/github.com/Microsoft/go-winio/ea.go +++ b/vendor/github.com/Microsoft/go-winio/ea.go @@ -1,137 +1,137 @@ -package winio - -import ( - "bytes" - "encoding/binary" - "errors" -) - -type fileFullEaInformation struct { - NextEntryOffset uint32 - Flags uint8 - NameLength uint8 - ValueLength uint16 -} - -var ( - fileFullEaInformationSize = binary.Size(&fileFullEaInformation{}) - - errInvalidEaBuffer = errors.New("invalid extended attribute buffer") - errEaNameTooLarge = errors.New("extended attribute name too large") - errEaValueTooLarge = errors.New("extended attribute value too large") -) - -// ExtendedAttribute represents a single Windows EA. -type ExtendedAttribute struct { - Name string - Value []byte - Flags uint8 -} - -func parseEa(b []byte) (ea ExtendedAttribute, nb []byte, err error) { - var info fileFullEaInformation - err = binary.Read(bytes.NewReader(b), binary.LittleEndian, &info) - if err != nil { - err = errInvalidEaBuffer - return - } - - nameOffset := fileFullEaInformationSize - nameLen := int(info.NameLength) - valueOffset := nameOffset + int(info.NameLength) + 1 - valueLen := int(info.ValueLength) - nextOffset := int(info.NextEntryOffset) - if valueLen+valueOffset > len(b) || nextOffset < 0 || nextOffset > len(b) { - err = errInvalidEaBuffer - return - } - - ea.Name = string(b[nameOffset : nameOffset+nameLen]) - ea.Value = b[valueOffset : valueOffset+valueLen] - ea.Flags = info.Flags - if info.NextEntryOffset != 0 { - nb = b[info.NextEntryOffset:] - } - return -} - -// DecodeExtendedAttributes decodes a list of EAs from a FILE_FULL_EA_INFORMATION -// buffer retrieved from BackupRead, ZwQueryEaFile, etc. -func DecodeExtendedAttributes(b []byte) (eas []ExtendedAttribute, err error) { - for len(b) != 0 { - ea, nb, err := parseEa(b) - if err != nil { - return nil, err - } - - eas = append(eas, ea) - b = nb - } - return -} - -func writeEa(buf *bytes.Buffer, ea *ExtendedAttribute, last bool) error { - if int(uint8(len(ea.Name))) != len(ea.Name) { - return errEaNameTooLarge - } - if int(uint16(len(ea.Value))) != len(ea.Value) { - return errEaValueTooLarge - } - entrySize := uint32(fileFullEaInformationSize + len(ea.Name) + 1 + len(ea.Value)) - withPadding := (entrySize + 3) &^ 3 - nextOffset := uint32(0) - if !last { - nextOffset = withPadding - } - info := fileFullEaInformation{ - NextEntryOffset: nextOffset, - Flags: ea.Flags, - NameLength: uint8(len(ea.Name)), - ValueLength: uint16(len(ea.Value)), - } - - err := binary.Write(buf, binary.LittleEndian, &info) - if err != nil { - return err - } - - _, err = buf.Write([]byte(ea.Name)) - if err != nil { - return err - } - - err = buf.WriteByte(0) - if err != nil { - return err - } - - _, err = buf.Write(ea.Value) - if err != nil { - return err - } - - _, err = buf.Write([]byte{0, 0, 0}[0 : withPadding-entrySize]) - if err != nil { - return err - } - - return nil -} - -// EncodeExtendedAttributes encodes a list of EAs into a FILE_FULL_EA_INFORMATION -// buffer for use with BackupWrite, ZwSetEaFile, etc. -func EncodeExtendedAttributes(eas []ExtendedAttribute) ([]byte, error) { - var buf bytes.Buffer - for i := range eas { - last := false - if i == len(eas)-1 { - last = true - } - - err := writeEa(&buf, &eas[i], last) - if err != nil { - return nil, err - } - } - return buf.Bytes(), nil -} +package winio + +import ( + "bytes" + "encoding/binary" + "errors" +) + +type fileFullEaInformation struct { + NextEntryOffset uint32 + Flags uint8 + NameLength uint8 + ValueLength uint16 +} + +var ( + fileFullEaInformationSize = binary.Size(&fileFullEaInformation{}) + + errInvalidEaBuffer = errors.New("invalid extended attribute buffer") + errEaNameTooLarge = errors.New("extended attribute name too large") + errEaValueTooLarge = errors.New("extended attribute value too large") +) + +// ExtendedAttribute represents a single Windows EA. +type ExtendedAttribute struct { + Name string + Value []byte + Flags uint8 +} + +func parseEa(b []byte) (ea ExtendedAttribute, nb []byte, err error) { + var info fileFullEaInformation + err = binary.Read(bytes.NewReader(b), binary.LittleEndian, &info) + if err != nil { + err = errInvalidEaBuffer + return + } + + nameOffset := fileFullEaInformationSize + nameLen := int(info.NameLength) + valueOffset := nameOffset + int(info.NameLength) + 1 + valueLen := int(info.ValueLength) + nextOffset := int(info.NextEntryOffset) + if valueLen+valueOffset > len(b) || nextOffset < 0 || nextOffset > len(b) { + err = errInvalidEaBuffer + return + } + + ea.Name = string(b[nameOffset : nameOffset+nameLen]) + ea.Value = b[valueOffset : valueOffset+valueLen] + ea.Flags = info.Flags + if info.NextEntryOffset != 0 { + nb = b[info.NextEntryOffset:] + } + return +} + +// DecodeExtendedAttributes decodes a list of EAs from a FILE_FULL_EA_INFORMATION +// buffer retrieved from BackupRead, ZwQueryEaFile, etc. +func DecodeExtendedAttributes(b []byte) (eas []ExtendedAttribute, err error) { + for len(b) != 0 { + ea, nb, err := parseEa(b) + if err != nil { + return nil, err + } + + eas = append(eas, ea) + b = nb + } + return +} + +func writeEa(buf *bytes.Buffer, ea *ExtendedAttribute, last bool) error { + if int(uint8(len(ea.Name))) != len(ea.Name) { + return errEaNameTooLarge + } + if int(uint16(len(ea.Value))) != len(ea.Value) { + return errEaValueTooLarge + } + entrySize := uint32(fileFullEaInformationSize + len(ea.Name) + 1 + len(ea.Value)) + withPadding := (entrySize + 3) &^ 3 + nextOffset := uint32(0) + if !last { + nextOffset = withPadding + } + info := fileFullEaInformation{ + NextEntryOffset: nextOffset, + Flags: ea.Flags, + NameLength: uint8(len(ea.Name)), + ValueLength: uint16(len(ea.Value)), + } + + err := binary.Write(buf, binary.LittleEndian, &info) + if err != nil { + return err + } + + _, err = buf.Write([]byte(ea.Name)) + if err != nil { + return err + } + + err = buf.WriteByte(0) + if err != nil { + return err + } + + _, err = buf.Write(ea.Value) + if err != nil { + return err + } + + _, err = buf.Write([]byte{0, 0, 0}[0 : withPadding-entrySize]) + if err != nil { + return err + } + + return nil +} + +// EncodeExtendedAttributes encodes a list of EAs into a FILE_FULL_EA_INFORMATION +// buffer for use with BackupWrite, ZwSetEaFile, etc. +func EncodeExtendedAttributes(eas []ExtendedAttribute) ([]byte, error) { + var buf bytes.Buffer + for i := range eas { + last := false + if i == len(eas)-1 { + last = true + } + + err := writeEa(&buf, &eas[i], last) + if err != nil { + return nil, err + } + } + return buf.Bytes(), nil +} diff --git a/vendor/github.com/Microsoft/go-winio/file.go b/vendor/github.com/Microsoft/go-winio/file.go index 57ac3696a91..4334ff1cbee 100644 --- a/vendor/github.com/Microsoft/go-winio/file.go +++ b/vendor/github.com/Microsoft/go-winio/file.go @@ -16,7 +16,6 @@ import ( //sys createIoCompletionPort(file syscall.Handle, port syscall.Handle, key uintptr, threadCount uint32) (newport syscall.Handle, err error) = CreateIoCompletionPort //sys getQueuedCompletionStatus(port syscall.Handle, bytes *uint32, key *uintptr, o **ioOperation, timeout uint32) (err error) = GetQueuedCompletionStatus //sys setFileCompletionNotificationModes(h syscall.Handle, flags uint8) (err error) = SetFileCompletionNotificationModes -//sys timeBeginPeriod(period uint32) (n int32) = winmm.timeBeginPeriod type atomicBool int32 @@ -153,8 +152,6 @@ func (f *win32File) prepareIo() (*ioOperation, error) { // ioCompletionProcessor processes completed async IOs forever func ioCompletionProcessor(h syscall.Handle) { - // Set the timer resolution to 1. This fixes a performance regression in golang 1.6. - timeBeginPeriod(1) for { var bytes uint32 var key uintptr diff --git a/vendor/github.com/Microsoft/go-winio/fileinfo.go b/vendor/github.com/Microsoft/go-winio/fileinfo.go index b1d60abb836..ada2fbab632 100644 --- a/vendor/github.com/Microsoft/go-winio/fileinfo.go +++ b/vendor/github.com/Microsoft/go-winio/fileinfo.go @@ -20,7 +20,8 @@ const ( // FileBasicInfo contains file access time and file attributes information. type FileBasicInfo struct { CreationTime, LastAccessTime, LastWriteTime, ChangeTime syscall.Filetime - FileAttributes uintptr // includes padding + FileAttributes uint32 + pad uint32 // padding } // GetFileBasicInfo retrieves times and attributes for a file. diff --git a/vendor/github.com/Microsoft/go-winio/pipe.go b/vendor/github.com/Microsoft/go-winio/pipe.go index 44340b8167b..d99eedb6489 100644 --- a/vendor/github.com/Microsoft/go-winio/pipe.go +++ b/vendor/github.com/Microsoft/go-winio/pipe.go @@ -15,13 +15,13 @@ import ( //sys connectNamedPipe(pipe syscall.Handle, o *syscall.Overlapped) (err error) = ConnectNamedPipe //sys createNamedPipe(name string, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *syscall.SecurityAttributes) (handle syscall.Handle, err error) [failretval==syscall.InvalidHandle] = CreateNamedPipeW //sys createFile(name string, access uint32, mode uint32, sa *syscall.SecurityAttributes, createmode uint32, attrs uint32, templatefile syscall.Handle) (handle syscall.Handle, err error) [failretval==syscall.InvalidHandle] = CreateFileW -//sys waitNamedPipe(name string, timeout uint32) (err error) = WaitNamedPipeW //sys getNamedPipeInfo(pipe syscall.Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error) = GetNamedPipeInfo //sys getNamedPipeHandleState(pipe syscall.Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) = GetNamedPipeHandleStateW //sys localAlloc(uFlags uint32, length uint32) (ptr uintptr) = LocalAlloc const ( cERROR_PIPE_BUSY = syscall.Errno(231) + cERROR_NO_DATA = syscall.Errno(232) cERROR_PIPE_CONNECTED = syscall.Errno(535) cERROR_SEM_TIMEOUT = syscall.Errno(121) @@ -120,6 +120,11 @@ func (f *win32MessageBytePipe) Read(b []byte) (int, error) { // zero-byte message, ensure that all future Read() calls // also return EOF. f.readEOF = true + } else if err == syscall.ERROR_MORE_DATA { + // ERROR_MORE_DATA indicates that the pipe's read mode is message mode + // and the message still has more bytes. Treat this as a success, since + // this package presents all named pipes as byte streams. + err = nil } return n, err } @@ -133,12 +138,14 @@ func (s pipeAddress) String() string { } // DialPipe connects to a named pipe by path, timing out if the connection -// takes longer than the specified duration. If timeout is nil, then the timeout -// is the default timeout established by the pipe server. +// takes longer than the specified duration. If timeout is nil, then we use +// a default timeout of 5 seconds. (We do not use WaitNamedPipe.) func DialPipe(path string, timeout *time.Duration) (net.Conn, error) { var absTimeout time.Time if timeout != nil { absTimeout = time.Now().Add(*timeout) + } else { + absTimeout = time.Now().Add(time.Second * 2) } var err error var h syscall.Handle @@ -147,22 +154,13 @@ func DialPipe(path string, timeout *time.Duration) (net.Conn, error) { if err != cERROR_PIPE_BUSY { break } - now := time.Now() - var ms uint32 - if absTimeout.IsZero() { - ms = cNMPWAIT_USE_DEFAULT_WAIT - } else if now.After(absTimeout) { - ms = cNMPWAIT_NOWAIT - } else { - ms = uint32(absTimeout.Sub(now).Nanoseconds() / 1000 / 1000) - } - err = waitNamedPipe(path, ms) - if err != nil { - if err == cERROR_SEM_TIMEOUT { - return nil, ErrTimeout - } - break + if time.Now().After(absTimeout) { + return nil, ErrTimeout } + + // Wait 10 msec and try again. This is a rather simplistic + // view, as we always try each 10 milliseconds. + time.Sleep(time.Millisecond * 10) } if err != nil { return nil, &os.PathError{Op: "open", Path: path, Err: err} @@ -174,16 +172,6 @@ func DialPipe(path string, timeout *time.Duration) (net.Conn, error) { return nil, err } - var state uint32 - err = getNamedPipeHandleState(h, &state, nil, nil, nil, nil, 0) - if err != nil { - return nil, err - } - - if state&cPIPE_READMODE_MESSAGE != 0 { - return nil, &os.PathError{Op: "open", Path: path, Err: errors.New("message readmode pipes not supported")} - } - f, err := makeWin32File(h) if err != nil { syscall.Close(h) @@ -254,6 +242,36 @@ func (l *win32PipeListener) makeServerPipe() (*win32File, error) { return f, nil } +func (l *win32PipeListener) makeConnectedServerPipe() (*win32File, error) { + p, err := l.makeServerPipe() + if err != nil { + return nil, err + } + + // Wait for the client to connect. + ch := make(chan error) + go func(p *win32File) { + ch <- connectPipe(p) + }(p) + + select { + case err = <-ch: + if err != nil { + p.Close() + p = nil + } + case <-l.closeCh: + // Abort the connect request by closing the handle. + p.Close() + p = nil + err = <-ch + if err == nil || err == ErrFileClosed { + err = ErrPipeListenerClosed + } + } + return p, err +} + func (l *win32PipeListener) listenerRoutine() { closed := false for !closed { @@ -261,31 +279,20 @@ func (l *win32PipeListener) listenerRoutine() { case <-l.closeCh: closed = true case responseCh := <-l.acceptCh: - p, err := l.makeServerPipe() - if err == nil { - // Wait for the client to connect. - ch := make(chan error) - go func(p *win32File) { - ch <- connectPipe(p) - }(p) - select { - case err = <-ch: - if err != nil { - p.Close() - p = nil - } - case <-l.closeCh: - // Abort the connect request by closing the handle. - p.Close() - p = nil - err = <-ch - if err == nil || err == ErrFileClosed { - err = ErrPipeListenerClosed - } - closed = true + var ( + p *win32File + err error + ) + for { + p, err = l.makeConnectedServerPipe() + // If the connection was immediately closed by the client, try + // again. + if err != cERROR_NO_DATA { + break } } responseCh <- acceptResponse{p, err} + closed = err == ErrPipeListenerClosed } } syscall.Close(l.firstHandle) @@ -334,13 +341,23 @@ func ListenPipe(path string, c *PipeConfig) (net.Listener, error) { if err != nil { return nil, err } - // Immediately open and then close a client handle so that the named pipe is - // created but not currently accepting connections. + // Create a client handle and connect it. This results in the pipe + // instance always existing, so that clients see ERROR_PIPE_BUSY + // rather than ERROR_FILE_NOT_FOUND. This ties the first instance + // up so that no other instances can be used. This would have been + // cleaner if the Win32 API matched CreateFile with ConnectNamedPipe + // instead of CreateNamedPipe. (Apparently created named pipes are + // considered to be in listening state regardless of whether any + // active calls to ConnectNamedPipe are outstanding.) h2, err := createFile(path, 0, 0, nil, syscall.OPEN_EXISTING, cSECURITY_SQOS_PRESENT|cSECURITY_ANONYMOUS, 0) if err != nil { syscall.Close(h) return nil, err } + // Close the client handle. The server side of the instance will + // still be busy, leading to ERROR_PIPE_BUSY instead of + // ERROR_NOT_FOUND, as long as we don't close the server handle, + // or disconnect the client with DisconnectNamedPipe. syscall.Close(h2) l := &win32PipeListener{ firstHandle: h, diff --git a/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go b/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go index 4f7a52eeb75..3f527639a47 100644 --- a/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go +++ b/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go @@ -38,14 +38,12 @@ func errnoErr(e syscall.Errno) error { var ( modkernel32 = windows.NewLazySystemDLL("kernel32.dll") - modwinmm = windows.NewLazySystemDLL("winmm.dll") modadvapi32 = windows.NewLazySystemDLL("advapi32.dll") procCancelIoEx = modkernel32.NewProc("CancelIoEx") procCreateIoCompletionPort = modkernel32.NewProc("CreateIoCompletionPort") procGetQueuedCompletionStatus = modkernel32.NewProc("GetQueuedCompletionStatus") procSetFileCompletionNotificationModes = modkernel32.NewProc("SetFileCompletionNotificationModes") - proctimeBeginPeriod = modwinmm.NewProc("timeBeginPeriod") procConnectNamedPipe = modkernel32.NewProc("ConnectNamedPipe") procCreateNamedPipeW = modkernel32.NewProc("CreateNamedPipeW") procCreateFileW = modkernel32.NewProc("CreateFileW") @@ -122,12 +120,6 @@ func setFileCompletionNotificationModes(h syscall.Handle, flags uint8) (err erro return } -func timeBeginPeriod(period uint32) (n int32) { - r0, _, _ := syscall.Syscall(proctimeBeginPeriod.Addr(), 1, uintptr(period), 0, 0) - n = int32(r0) - return -} - func connectNamedPipe(pipe syscall.Handle, o *syscall.Overlapped) (err error) { r1, _, e1 := syscall.Syscall(procConnectNamedPipe.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(o)), 0) if r1 == 0 { diff --git a/vendor/github.com/Microsoft/hcsshim/.gitignore b/vendor/github.com/Microsoft/hcsshim/.gitignore new file mode 100644 index 00000000000..b883f1fdc6d --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/.gitignore @@ -0,0 +1 @@ +*.exe diff --git a/vendor/github.com/Microsoft/hcsshim/.gometalinter.json b/vendor/github.com/Microsoft/hcsshim/.gometalinter.json new file mode 100644 index 00000000000..00e9a6e2ecf --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/.gometalinter.json @@ -0,0 +1,17 @@ +{ + "Vendor": true, + "Deadline": "2m", + "Sort": [ + "linter", + "severity", + "path", + "line" + ], + "Skip": [ + "internal\\schema2" + ], + "EnableGC": true, + "Enable": [ + "gofmt" + ] +} \ No newline at end of file diff --git a/vendor/github.com/Microsoft/hcsshim/BUILD b/vendor/github.com/Microsoft/hcsshim/BUILD index 07859ff2356..29cdebb5529 100644 --- a/vendor/github.com/Microsoft/hcsshim/BUILD +++ b/vendor/github.com/Microsoft/hcsshim/BUILD @@ -3,54 +3,37 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = [ - "activatelayer.go", - "baselayer.go", - "callback.go", - "cgo.go", "container.go", - "createlayer.go", - "createsandboxlayer.go", - "deactivatelayer.go", - "destroylayer.go", "errors.go", - "expandsandboxsize.go", - "exportlayer.go", - "getlayermountpath.go", - "getsharedbaseimages.go", - "guid.go", "hcsshim.go", "hnsendpoint.go", - "hnsfuncs.go", + "hnsglobals.go", "hnsnetwork.go", "hnspolicy.go", "hnspolicylist.go", - "importlayer.go", + "hnssupport.go", "interface.go", - "layerexists.go", - "layerutils.go", - "legacy.go", - "legacy18.go", - "legacy19.go", - "nametoguid.go", - "preparelayer.go", + "layer.go", "process.go", - "processimage.go", - "safeopen.go", - "unpreparelayer.go", - "utils.go", - "version.go", - "waithelper.go", - "zhcsshim.go", + "zsyscall_windows.go", ], - cgo = True, importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim", importpath = "github.com/Microsoft/hcsshim", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/Microsoft/go-winio:go_default_library", - "//vendor/github.com/sirupsen/logrus:go_default_library", - "//vendor/golang.org/x/sys/windows:go_default_library", - ], + "//vendor/github.com/Microsoft/hcsshim/internal/guid:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/hcs:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/hcserror:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/hns:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/mergemaps:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/schema1:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/wclayer:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), ) filegroup( @@ -62,7 +45,27 @@ filegroup( filegroup( name = "all-srcs", - srcs = [":package-srcs"], + srcs = [ + ":package-srcs", + "//vendor/github.com/Microsoft/hcsshim/hcn:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/cni:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/guestrequest:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/guid:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/hcs:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/hcserror:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/hns:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/interop:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/logfields:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/longpath:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/mergemaps:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/regstate:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/runhcs:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/safefile:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/schema1:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/schema2:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/timeout:all-srcs", + "//vendor/github.com/Microsoft/hcsshim/internal/wclayer:all-srcs", + ], tags = ["automanaged"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/Microsoft/hcsshim/README.md b/vendor/github.com/Microsoft/hcsshim/README.md index deca9a97e3b..15b39181a5d 100644 --- a/vendor/github.com/Microsoft/hcsshim/README.md +++ b/vendor/github.com/Microsoft/hcsshim/README.md @@ -1,12 +1,13 @@ # hcsshim -This package supports launching Windows Server containers from Go. It is -primarily used in the [Docker Engine](https://github.com/docker/docker) project, -but it can be freely used by other projects as well. +[![Build status](https://ci.appveyor.com/api/projects/status/nbcw28mnkqml0loa/branch/master?svg=true)](https://ci.appveyor.com/project/WindowsVirtualization/hcsshim/branch/master) +This package contains the Golang interface for using the Windows [Host Compute Service](https://blogs.technet.microsoft.com/virtualization/2017/01/27/introducing-the-host-compute-service-hcs/) (HCS) to launch and manage [Windows Containers](https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/). It also contains other helpers and functions for managing Windows Containers such as the Golang interface for the Host Network Service (HNS). + +It is primarily used in the [Moby Project](https://github.com/moby/moby), but it can be freely used by other projects as well. ## Contributing ---------------- + This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com. @@ -19,6 +20,11 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. +## Dependencies + +This project requires Golang 1.9 or newer to build. + +For system requirements to run this project, see the Microsoft docs on [Windows Container requirements](https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/system-requirements). ## Reporting Security Issues @@ -29,5 +35,7 @@ email to ensure we received your original message. Further information, includin [MSRC PGP](https://technet.microsoft.com/en-us/security/dn606155) key, can be found in the [Security TechCenter](https://technet.microsoft.com/en-us/security/default). -------------------------------------------- +For additional details, see [Report a Computer Security Vulnerability](https://technet.microsoft.com/en-us/security/ff852094.aspx) on Technet + +--------------- Copyright (c) 2018 Microsoft Corp. All rights reserved. diff --git a/vendor/github.com/Microsoft/hcsshim/activatelayer.go b/vendor/github.com/Microsoft/hcsshim/activatelayer.go deleted file mode 100644 index 6d824d7a79a..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/activatelayer.go +++ /dev/null @@ -1,28 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// ActivateLayer will find the layer with the given id and mount it's filesystem. -// For a read/write layer, the mounted filesystem will appear as a volume on the -// host, while a read-only layer is generally expected to be a no-op. -// An activated layer must later be deactivated via DeactivateLayer. -func ActivateLayer(info DriverInfo, id string) error { - title := "hcsshim::ActivateLayer " - logrus.Debugf(title+"Flavour %d ID %s", info.Flavour, id) - - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = activateLayer(&infop, id) - if err != nil { - err = makeErrorf(err, title, "id=%s flavour=%d", id, info.Flavour) - logrus.Error(err) - return err - } - - logrus.Debugf(title+" - succeeded id=%s flavour=%d", id, info.Flavour) - return nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/appveyor.yml b/vendor/github.com/Microsoft/hcsshim/appveyor.yml new file mode 100644 index 00000000000..8eb70480a9e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/appveyor.yml @@ -0,0 +1,28 @@ +version: 0.1.{build} + +image: Visual Studio 2017 + +clone_folder: c:\gopath\src\github.com\Microsoft\hcsshim + +environment: + GOPATH: c:\gopath + PATH: C:\mingw-w64\x86_64-7.2.0-posix-seh-rt_v5-rev1\mingw64\bin;%GOPATH%\bin;%PATH% + +build_script: + - go get -u github.com/alecthomas/gometalinter + - gometalinter.exe --install + - gometalinter.exe --config .gometalinter.json ./... + - go get -v -d -t -tags "functional integration admin" ./... + - go build ./cmd/wclayer + - go build ./cmd/runhcs + - go build ./cmd/tar2ext4 + - go test -v ./... -tags admin + - go test -c ./test/functional/ -tags functional + - go test -c ./test/runhcs/ -tags integration + +artifacts: + - path: 'wclayer.exe' + - path: 'runhcs.exe' + - path: 'tar2ext4.exe' + - path: 'functional.test.exe' + - path: 'runhcs.test.exe' \ No newline at end of file diff --git a/vendor/github.com/Microsoft/hcsshim/callback.go b/vendor/github.com/Microsoft/hcsshim/callback.go deleted file mode 100644 index e8c2b00c8ad..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/callback.go +++ /dev/null @@ -1,79 +0,0 @@ -package hcsshim - -import ( - "sync" - "syscall" -) - -var ( - nextCallback uintptr - callbackMap = map[uintptr]*notifcationWatcherContext{} - callbackMapLock = sync.RWMutex{} - - notificationWatcherCallback = syscall.NewCallback(notificationWatcher) - - // Notifications for HCS_SYSTEM handles - hcsNotificationSystemExited hcsNotification = 0x00000001 - hcsNotificationSystemCreateCompleted hcsNotification = 0x00000002 - hcsNotificationSystemStartCompleted hcsNotification = 0x00000003 - hcsNotificationSystemPauseCompleted hcsNotification = 0x00000004 - hcsNotificationSystemResumeCompleted hcsNotification = 0x00000005 - - // Notifications for HCS_PROCESS handles - hcsNotificationProcessExited hcsNotification = 0x00010000 - - // Common notifications - hcsNotificationInvalid hcsNotification = 0x00000000 - hcsNotificationServiceDisconnect hcsNotification = 0x01000000 -) - -type hcsNotification uint32 -type notificationChannel chan error - -type notifcationWatcherContext struct { - channels notificationChannels - handle hcsCallback -} - -type notificationChannels map[hcsNotification]notificationChannel - -func newChannels() notificationChannels { - channels := make(notificationChannels) - - channels[hcsNotificationSystemExited] = make(notificationChannel, 1) - channels[hcsNotificationSystemCreateCompleted] = make(notificationChannel, 1) - channels[hcsNotificationSystemStartCompleted] = make(notificationChannel, 1) - channels[hcsNotificationSystemPauseCompleted] = make(notificationChannel, 1) - channels[hcsNotificationSystemResumeCompleted] = make(notificationChannel, 1) - channels[hcsNotificationProcessExited] = make(notificationChannel, 1) - channels[hcsNotificationServiceDisconnect] = make(notificationChannel, 1) - return channels -} -func closeChannels(channels notificationChannels) { - close(channels[hcsNotificationSystemExited]) - close(channels[hcsNotificationSystemCreateCompleted]) - close(channels[hcsNotificationSystemStartCompleted]) - close(channels[hcsNotificationSystemPauseCompleted]) - close(channels[hcsNotificationSystemResumeCompleted]) - close(channels[hcsNotificationProcessExited]) - close(channels[hcsNotificationServiceDisconnect]) -} - -func notificationWatcher(notificationType hcsNotification, callbackNumber uintptr, notificationStatus uintptr, notificationData *uint16) uintptr { - var result error - if int32(notificationStatus) < 0 { - result = syscall.Errno(win32FromHresult(notificationStatus)) - } - - callbackMapLock.RLock() - context := callbackMap[callbackNumber] - callbackMapLock.RUnlock() - - if context == nil { - return 0 - } - - context.channels[notificationType] <- result - - return 0 -} diff --git a/vendor/github.com/Microsoft/hcsshim/container.go b/vendor/github.com/Microsoft/hcsshim/container.go index 3354f70efc7..e142c315445 100644 --- a/vendor/github.com/Microsoft/hcsshim/container.go +++ b/vendor/github.com/Microsoft/hcsshim/container.go @@ -1,800 +1,192 @@ package hcsshim import ( - "encoding/json" "fmt" "os" - "sync" - "syscall" "time" - "github.com/sirupsen/logrus" + "github.com/Microsoft/hcsshim/internal/hcs" + "github.com/Microsoft/hcsshim/internal/mergemaps" + "github.com/Microsoft/hcsshim/internal/schema1" ) -var ( - defaultTimeout = time.Minute * 4 -) - -const ( - pendingUpdatesQuery = `{ "PropertyTypes" : ["PendingUpdates"]}` - statisticsQuery = `{ "PropertyTypes" : ["Statistics"]}` - processListQuery = `{ "PropertyTypes" : ["ProcessList"]}` - mappedVirtualDiskQuery = `{ "PropertyTypes" : ["MappedVirtualDisk"]}` -) - -type container struct { - handleLock sync.RWMutex - handle hcsSystem - id string - callbackNumber uintptr -} - // ContainerProperties holds the properties for a container and the processes running in that container -type ContainerProperties struct { - ID string `json:"Id"` - Name string - SystemType string - Owner string - SiloGUID string `json:"SiloGuid,omitempty"` - RuntimeID string `json:"RuntimeId,omitempty"` - IsRuntimeTemplate bool `json:",omitempty"` - RuntimeImagePath string `json:",omitempty"` - Stopped bool `json:",omitempty"` - ExitType string `json:",omitempty"` - AreUpdatesPending bool `json:",omitempty"` - ObRoot string `json:",omitempty"` - Statistics Statistics `json:",omitempty"` - ProcessList []ProcessListItem `json:",omitempty"` - MappedVirtualDiskControllers map[int]MappedVirtualDiskController `json:",omitempty"` -} +type ContainerProperties = schema1.ContainerProperties // MemoryStats holds the memory statistics for a container -type MemoryStats struct { - UsageCommitBytes uint64 `json:"MemoryUsageCommitBytes,omitempty"` - UsageCommitPeakBytes uint64 `json:"MemoryUsageCommitPeakBytes,omitempty"` - UsagePrivateWorkingSetBytes uint64 `json:"MemoryUsagePrivateWorkingSetBytes,omitempty"` -} +type MemoryStats = schema1.MemoryStats // ProcessorStats holds the processor statistics for a container -type ProcessorStats struct { - TotalRuntime100ns uint64 `json:",omitempty"` - RuntimeUser100ns uint64 `json:",omitempty"` - RuntimeKernel100ns uint64 `json:",omitempty"` -} +type ProcessorStats = schema1.ProcessorStats // StorageStats holds the storage statistics for a container -type StorageStats struct { - ReadCountNormalized uint64 `json:",omitempty"` - ReadSizeBytes uint64 `json:",omitempty"` - WriteCountNormalized uint64 `json:",omitempty"` - WriteSizeBytes uint64 `json:",omitempty"` -} +type StorageStats = schema1.StorageStats // NetworkStats holds the network statistics for a container -type NetworkStats struct { - BytesReceived uint64 `json:",omitempty"` - BytesSent uint64 `json:",omitempty"` - PacketsReceived uint64 `json:",omitempty"` - PacketsSent uint64 `json:",omitempty"` - DroppedPacketsIncoming uint64 `json:",omitempty"` - DroppedPacketsOutgoing uint64 `json:",omitempty"` - EndpointId string `json:",omitempty"` - InstanceId string `json:",omitempty"` -} +type NetworkStats = schema1.NetworkStats // Statistics is the structure returned by a statistics call on a container -type Statistics struct { - Timestamp time.Time `json:",omitempty"` - ContainerStartTime time.Time `json:",omitempty"` - Uptime100ns uint64 `json:",omitempty"` - Memory MemoryStats `json:",omitempty"` - Processor ProcessorStats `json:",omitempty"` - Storage StorageStats `json:",omitempty"` - Network []NetworkStats `json:",omitempty"` -} +type Statistics = schema1.Statistics // ProcessList is the structure of an item returned by a ProcessList call on a container -type ProcessListItem struct { - CreateTimestamp time.Time `json:",omitempty"` - ImageName string `json:",omitempty"` - KernelTime100ns uint64 `json:",omitempty"` - MemoryCommitBytes uint64 `json:",omitempty"` - MemoryWorkingSetPrivateBytes uint64 `json:",omitempty"` - MemoryWorkingSetSharedBytes uint64 `json:",omitempty"` - ProcessId uint32 `json:",omitempty"` - UserTime100ns uint64 `json:",omitempty"` -} +type ProcessListItem = schema1.ProcessListItem // MappedVirtualDiskController is the structure of an item returned by a MappedVirtualDiskList call on a container -type MappedVirtualDiskController struct { - MappedVirtualDisks map[int]MappedVirtualDisk `json:",omitempty"` -} +type MappedVirtualDiskController = schema1.MappedVirtualDiskController // Type of Request Support in ModifySystem -type RequestType string +type RequestType = schema1.RequestType // Type of Resource Support in ModifySystem -type ResourceType string +type ResourceType = schema1.ResourceType // RequestType const const ( - Add RequestType = "Add" - Remove RequestType = "Remove" - Network ResourceType = "Network" + Add = schema1.Add + Remove = schema1.Remove + Network = schema1.Network ) // ResourceModificationRequestResponse is the structure used to send request to the container to modify the system // Supported resource types are Network and Request Types are Add/Remove -type ResourceModificationRequestResponse struct { - Resource ResourceType `json:"ResourceType"` - Data interface{} `json:"Settings"` - Request RequestType `json:"RequestType,omitempty"` +type ResourceModificationRequestResponse = schema1.ResourceModificationRequestResponse + +type container struct { + system *hcs.System } -// createContainerAdditionalJSON is read from the environment at initialisation +// createComputeSystemAdditionalJSON is read from the environment at initialisation // time. It allows an environment variable to define additional JSON which -// is merged in the CreateContainer call to HCS. -var createContainerAdditionalJSON string +// is merged in the CreateComputeSystem call to HCS. +var createContainerAdditionalJSON []byte func init() { - createContainerAdditionalJSON = os.Getenv("HCSSHIM_CREATECONTAINER_ADDITIONALJSON") + createContainerAdditionalJSON = ([]byte)(os.Getenv("HCSSHIM_CREATECONTAINER_ADDITIONALJSON")) } // CreateContainer creates a new container with the given configuration but does not start it. func CreateContainer(id string, c *ContainerConfig) (Container, error) { - return createContainerWithJSON(id, c, "") -} - -// CreateContainerWithJSON creates a new container with the given configuration but does not start it. -// It is identical to CreateContainer except that optional additional JSON can be merged before passing to HCS. -func CreateContainerWithJSON(id string, c *ContainerConfig, additionalJSON string) (Container, error) { - return createContainerWithJSON(id, c, additionalJSON) -} - -func createContainerWithJSON(id string, c *ContainerConfig, additionalJSON string) (Container, error) { - operation := "CreateContainer" - title := "HCSShim::" + operation - - container := &container{ - id: id, + fullConfig, err := mergemaps.MergeJSON(c, createContainerAdditionalJSON) + if err != nil { + return nil, fmt.Errorf("failed to merge additional JSON '%s': %s", createContainerAdditionalJSON, err) } - configurationb, err := json.Marshal(c) + system, err := hcs.CreateComputeSystem(id, fullConfig) if err != nil { return nil, err } - - configuration := string(configurationb) - logrus.Debugf(title+" id=%s config=%s", id, configuration) - - // Merge any additional JSON. Priority is given to what is passed in explicitly, - // falling back to what's set in the environment. - if additionalJSON == "" && createContainerAdditionalJSON != "" { - additionalJSON = createContainerAdditionalJSON - } - if additionalJSON != "" { - configurationMap := map[string]interface{}{} - if err := json.Unmarshal([]byte(configuration), &configurationMap); err != nil { - return nil, fmt.Errorf("failed to unmarshal %s: %s", configuration, err) - } - - additionalMap := map[string]interface{}{} - if err := json.Unmarshal([]byte(additionalJSON), &additionalMap); err != nil { - return nil, fmt.Errorf("failed to unmarshal %s: %s", additionalJSON, err) - } - - mergedMap := mergeMaps(additionalMap, configurationMap) - mergedJSON, err := json.Marshal(mergedMap) - if err != nil { - return nil, fmt.Errorf("failed to marshal merged configuration map %+v: %s", mergedMap, err) - } - - configuration = string(mergedJSON) - logrus.Debugf(title+" id=%s merged config=%s", id, configuration) - } - - var ( - resultp *uint16 - identity syscall.Handle - ) - createError := hcsCreateComputeSystem(id, configuration, identity, &container.handle, &resultp) - - if createError == nil || IsPending(createError) { - if err := container.registerCallback(); err != nil { - // Terminate the container if it still exists. We're okay to ignore a failure here. - container.Terminate() - return nil, makeContainerError(container, operation, "", err) - } - } - - err = processAsyncHcsResult(createError, resultp, container.callbackNumber, hcsNotificationSystemCreateCompleted, &defaultTimeout) - if err != nil { - if err == ErrTimeout { - // Terminate the container if it still exists. We're okay to ignore a failure here. - container.Terminate() - } - return nil, makeContainerError(container, operation, configuration, err) - } - - logrus.Debugf(title+" succeeded id=%s handle=%d", id, container.handle) - return container, nil -} - -// mergeMaps recursively merges map `fromMap` into map `ToMap`. Any pre-existing values -// in ToMap are overwritten. Values in fromMap are added to ToMap. -// From http://stackoverflow.com/questions/40491438/merging-two-json-strings-in-golang -func mergeMaps(fromMap, ToMap interface{}) interface{} { - switch fromMap := fromMap.(type) { - case map[string]interface{}: - ToMap, ok := ToMap.(map[string]interface{}) - if !ok { - return fromMap - } - for keyToMap, valueToMap := range ToMap { - if valueFromMap, ok := fromMap[keyToMap]; ok { - fromMap[keyToMap] = mergeMaps(valueFromMap, valueToMap) - } else { - fromMap[keyToMap] = valueToMap - } - } - case nil: - // merge(nil, map[string]interface{...}) -> map[string]interface{...} - ToMap, ok := ToMap.(map[string]interface{}) - if ok { - return ToMap - } - } - return fromMap + return &container{system}, err } // OpenContainer opens an existing container by ID. func OpenContainer(id string) (Container, error) { - operation := "OpenContainer" - title := "HCSShim::" + operation - logrus.Debugf(title+" id=%s", id) - - container := &container{ - id: id, - } - - var ( - handle hcsSystem - resultp *uint16 - ) - err := hcsOpenComputeSystem(id, &handle, &resultp) - err = processHcsResult(err, resultp) + system, err := hcs.OpenComputeSystem(id) if err != nil { - return nil, makeContainerError(container, operation, "", err) + return nil, err } - - container.handle = handle - - if err := container.registerCallback(); err != nil { - return nil, makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s handle=%d", id, handle) - return container, nil + return &container{system}, err } // GetContainers gets a list of the containers on the system that match the query func GetContainers(q ComputeSystemQuery) ([]ContainerProperties, error) { - operation := "GetContainers" - title := "HCSShim::" + operation - - queryb, err := json.Marshal(q) - if err != nil { - return nil, err - } - - query := string(queryb) - logrus.Debugf(title+" query=%s", query) - - var ( - resultp *uint16 - computeSystemsp *uint16 - ) - err = hcsEnumerateComputeSystems(query, &computeSystemsp, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return nil, err - } - - if computeSystemsp == nil { - return nil, ErrUnexpectedValue - } - computeSystemsRaw := convertAndFreeCoTaskMemBytes(computeSystemsp) - computeSystems := []ContainerProperties{} - if err := json.Unmarshal(computeSystemsRaw, &computeSystems); err != nil { - return nil, err - } - - logrus.Debugf(title + " succeeded") - return computeSystems, nil + return hcs.GetComputeSystems(q) } // Start synchronously starts the container. func (container *container) Start() error { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "Start" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - var resultp *uint16 - err := hcsStartComputeSystem(container.handle, "", &resultp) - err = processAsyncHcsResult(err, resultp, container.callbackNumber, hcsNotificationSystemStartCompleted, &defaultTimeout) - if err != nil { - return makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil + return convertSystemError(container.system.Start(), container) } -// Shutdown requests a container shutdown, if IsPending() on the error returned is true, -// it may not actually be shut down until Wait() succeeds. +// Shutdown requests a container shutdown, but it may not actually be shutdown until Wait() succeeds. func (container *container) Shutdown() error { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "Shutdown" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - var resultp *uint16 - err := hcsShutdownComputeSystem(container.handle, "", &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil + return convertSystemError(container.system.Shutdown(), container) } -// Terminate requests a container terminate, if IsPending() on the error returned is true, -// it may not actually be shut down until Wait() succeeds. +// Terminate requests a container terminate, but it may not actually be terminated until Wait() succeeds. func (container *container) Terminate() error { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "Terminate" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - var resultp *uint16 - err := hcsTerminateComputeSystem(container.handle, "", &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil + return convertSystemError(container.system.Terminate(), container) } -// Wait synchronously waits for the container to shutdown or terminate. +// Waits synchronously waits for the container to shutdown or terminate. func (container *container) Wait() error { - operation := "Wait" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - err := waitForNotification(container.callbackNumber, hcsNotificationSystemExited, nil) - if err != nil { - return makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil + return convertSystemError(container.system.Wait(), container) } -// WaitTimeout synchronously waits for the container to terminate or the duration to elapse. -// If the timeout expires, IsTimeout(err) == true -func (container *container) WaitTimeout(timeout time.Duration) error { - operation := "WaitTimeout" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - err := waitForNotification(container.callbackNumber, hcsNotificationSystemExited, &timeout) - if err != nil { - return makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil +// WaitTimeout synchronously waits for the container to terminate or the duration to elapse. It +// returns false if timeout occurs. +func (container *container) WaitTimeout(t time.Duration) error { + return convertSystemError(container.system.WaitTimeout(t), container) } -func (container *container) properties(query string) (*ContainerProperties, error) { - var ( - resultp *uint16 - propertiesp *uint16 - ) - err := hcsGetComputeSystemProperties(container.handle, query, &propertiesp, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return nil, err - } +// Pause pauses the execution of a container. +func (container *container) Pause() error { + return convertSystemError(container.system.Pause(), container) +} - if propertiesp == nil { - return nil, ErrUnexpectedValue - } - propertiesRaw := convertAndFreeCoTaskMemBytes(propertiesp) - properties := &ContainerProperties{} - if err := json.Unmarshal(propertiesRaw, properties); err != nil { - return nil, err - } - return properties, nil +// Resume resumes the execution of a container. +func (container *container) Resume() error { + return convertSystemError(container.system.Resume(), container) } // HasPendingUpdates returns true if the container has updates pending to install func (container *container) HasPendingUpdates() (bool, error) { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "HasPendingUpdates" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return false, makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - properties, err := container.properties(pendingUpdatesQuery) - if err != nil { - return false, makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return properties.AreUpdatesPending, nil + return false, nil } -// Statistics returns statistics for the container +// Statistics returns statistics for the container. This is a legacy v1 call func (container *container) Statistics() (Statistics, error) { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "Statistics" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return Statistics{}, makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - properties, err := container.properties(statisticsQuery) + properties, err := container.system.Properties(schema1.PropertyTypeStatistics) if err != nil { - return Statistics{}, makeContainerError(container, operation, "", err) + return Statistics{}, convertSystemError(err, container) } - logrus.Debugf(title+" succeeded id=%s", container.id) return properties.Statistics, nil } -// ProcessList returns an array of ProcessListItems for the container +// ProcessList returns an array of ProcessListItems for the container. This is a legacy v1 call func (container *container) ProcessList() ([]ProcessListItem, error) { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "ProcessList" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return nil, makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - properties, err := container.properties(processListQuery) + properties, err := container.system.Properties(schema1.PropertyTypeProcessList) if err != nil { - return nil, makeContainerError(container, operation, "", err) + return nil, convertSystemError(err, container) } - logrus.Debugf(title+" succeeded id=%s", container.id) return properties.ProcessList, nil } -// MappedVirtualDisks returns a map of the controllers and the disks mapped -// to a container. -// -// Example of JSON returned by the query. -//{ -// "Id":"1126e8d7d279c707a666972a15976371d365eaf622c02cea2c442b84f6f550a3_svm", -// "SystemType":"Container", -// "RuntimeOsType":"Linux", -// "RuntimeId":"00000000-0000-0000-0000-000000000000", -// "State":"Running", -// "MappedVirtualDiskControllers":{ -// "0":{ -// "MappedVirtualDisks":{ -// "2":{ -// "HostPath":"C:\\lcow\\lcow\\scratch\\1126e8d7d279c707a666972a15976371d365eaf622c02cea2c442b84f6f550a3.vhdx", -// "ContainerPath":"/mnt/gcs/LinuxServiceVM/scratch", -// "Lun":2, -// "CreateInUtilityVM":true -// }, -// "3":{ -// "HostPath":"C:\\lcow\\lcow\\1126e8d7d279c707a666972a15976371d365eaf622c02cea2c442b84f6f550a3\\sandbox.vhdx", -// "Lun":3, -// "CreateInUtilityVM":true, -// "AttachOnly":true -// } -// } -// } -// } -//} +// This is a legacy v1 call func (container *container) MappedVirtualDisks() (map[int]MappedVirtualDiskController, error) { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "MappedVirtualDiskList" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return nil, makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - properties, err := container.properties(mappedVirtualDiskQuery) + properties, err := container.system.Properties(schema1.PropertyTypeMappedVirtualDisk) if err != nil { - return nil, makeContainerError(container, operation, "", err) + return nil, convertSystemError(err, container) } - logrus.Debugf(title+" succeeded id=%s", container.id) return properties.MappedVirtualDiskControllers, nil } -// Pause pauses the execution of the container. This feature is not enabled in TP5. -func (container *container) Pause() error { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "Pause" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - var resultp *uint16 - err := hcsPauseComputeSystem(container.handle, "", &resultp) - err = processAsyncHcsResult(err, resultp, container.callbackNumber, hcsNotificationSystemPauseCompleted, &defaultTimeout) - if err != nil { - return makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil -} - -// Resume resumes the execution of the container. This feature is not enabled in TP5. -func (container *container) Resume() error { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "Resume" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - if container.handle == 0 { - return makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - var resultp *uint16 - err := hcsResumeComputeSystem(container.handle, "", &resultp) - err = processAsyncHcsResult(err, resultp, container.callbackNumber, hcsNotificationSystemResumeCompleted, &defaultTimeout) - if err != nil { - return makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil -} - // CreateProcess launches a new process within the container. func (container *container) CreateProcess(c *ProcessConfig) (Process, error) { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "CreateProcess" - title := "HCSShim::Container::" + operation - var ( - processInfo hcsProcessInformation - processHandle hcsProcess - resultp *uint16 - ) - - if container.handle == 0 { - return nil, makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - // If we are not emulating a console, ignore any console size passed to us - if !c.EmulateConsole { - c.ConsoleSize[0] = 0 - c.ConsoleSize[1] = 0 - } - - configurationb, err := json.Marshal(c) + p, err := container.system.CreateProcess(c) if err != nil { - return nil, makeContainerError(container, operation, "", err) + return nil, convertSystemError(err, container) } - - configuration := string(configurationb) - logrus.Debugf(title+" id=%s config=%s", container.id, configuration) - - err = hcsCreateProcess(container.handle, configuration, &processInfo, &processHandle, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return nil, makeContainerError(container, operation, configuration, err) - } - - process := &process{ - handle: processHandle, - processID: int(processInfo.ProcessId), - container: container, - cachedPipes: &cachedPipes{ - stdIn: processInfo.StdInput, - stdOut: processInfo.StdOutput, - stdErr: processInfo.StdError, - }, - } - - if err := process.registerCallback(); err != nil { - return nil, makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s processid=%d", container.id, process.processID) - return process, nil + return &process{p}, nil } // OpenProcess gets an interface to an existing process within the container. func (container *container) OpenProcess(pid int) (Process, error) { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "OpenProcess" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s, processid=%d", container.id, pid) - var ( - processHandle hcsProcess - resultp *uint16 - ) - - if container.handle == 0 { - return nil, makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - err := hcsOpenProcess(container.handle, uint32(pid), &processHandle, &resultp) - err = processHcsResult(err, resultp) + p, err := container.system.OpenProcess(pid) if err != nil { - return nil, makeContainerError(container, operation, "", err) + return nil, convertSystemError(err, container) } - - process := &process{ - handle: processHandle, - processID: pid, - container: container, - } - - if err := process.registerCallback(); err != nil { - return nil, makeContainerError(container, operation, "", err) - } - - logrus.Debugf(title+" succeeded id=%s processid=%s", container.id, process.processID) - return process, nil + return &process{p}, nil } // Close cleans up any state associated with the container but does not terminate or wait for it. func (container *container) Close() error { - container.handleLock.Lock() - defer container.handleLock.Unlock() - operation := "Close" - title := "HCSShim::Container::" + operation - logrus.Debugf(title+" id=%s", container.id) - - // Don't double free this - if container.handle == 0 { - return nil - } - - if err := container.unregisterCallback(); err != nil { - return makeContainerError(container, operation, "", err) - } - - if err := hcsCloseComputeSystem(container.handle); err != nil { - return makeContainerError(container, operation, "", err) - } - - container.handle = 0 - - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil + return convertSystemError(container.system.Close(), container) } -func (container *container) registerCallback() error { - context := ¬ifcationWatcherContext{ - channels: newChannels(), - } - - callbackMapLock.Lock() - callbackNumber := nextCallback - nextCallback++ - callbackMap[callbackNumber] = context - callbackMapLock.Unlock() - - var callbackHandle hcsCallback - err := hcsRegisterComputeSystemCallback(container.handle, notificationWatcherCallback, callbackNumber, &callbackHandle) - if err != nil { - return err - } - context.handle = callbackHandle - container.callbackNumber = callbackNumber - - return nil -} - -func (container *container) unregisterCallback() error { - callbackNumber := container.callbackNumber - - callbackMapLock.RLock() - context := callbackMap[callbackNumber] - callbackMapLock.RUnlock() - - if context == nil { - return nil - } - - handle := context.handle - - if handle == 0 { - return nil - } - - // hcsUnregisterComputeSystemCallback has its own syncronization - // to wait for all callbacks to complete. We must NOT hold the callbackMapLock. - err := hcsUnregisterComputeSystemCallback(handle) - if err != nil { - return err - } - - closeChannels(context.channels) - - callbackMapLock.Lock() - callbackMap[callbackNumber] = nil - callbackMapLock.Unlock() - - handle = 0 - - return nil -} - -// Modifies the System by sending a request to HCS +// Modify the System func (container *container) Modify(config *ResourceModificationRequestResponse) error { - container.handleLock.RLock() - defer container.handleLock.RUnlock() - operation := "Modify" - title := "HCSShim::Container::" + operation - - if container.handle == 0 { - return makeContainerError(container, operation, "", ErrAlreadyClosed) - } - - requestJSON, err := json.Marshal(config) - if err != nil { - return err - } - - requestString := string(requestJSON) - logrus.Debugf(title+" id=%s request=%s", container.id, requestString) - - var resultp *uint16 - err = hcsModifyComputeSystem(container.handle, requestString, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return makeContainerError(container, operation, "", err) - } - logrus.Debugf(title+" succeeded id=%s", container.id) - return nil + return convertSystemError(container.system.Modify(config), container) } diff --git a/vendor/github.com/Microsoft/hcsshim/createlayer.go b/vendor/github.com/Microsoft/hcsshim/createlayer.go deleted file mode 100644 index 035d9c3947c..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/createlayer.go +++ /dev/null @@ -1,27 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// CreateLayer creates a new, empty, read-only layer on the filesystem based on -// the parent layer provided. -func CreateLayer(info DriverInfo, id, parent string) error { - title := "hcsshim::CreateLayer " - logrus.Debugf(title+"Flavour %d ID %s parent %s", info.Flavour, id, parent) - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = createLayer(&infop, id, parent) - if err != nil { - err = makeErrorf(err, title, "id=%s parent=%s flavour=%d", id, parent, info.Flavour) - logrus.Error(err) - return err - } - - logrus.Debugf(title+" - succeeded id=%s parent=%s flavour=%d", id, parent, info.Flavour) - return nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/createsandboxlayer.go b/vendor/github.com/Microsoft/hcsshim/createsandboxlayer.go deleted file mode 100644 index 7a6a8854cf9..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/createsandboxlayer.go +++ /dev/null @@ -1,35 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// CreateSandboxLayer creates and populates new read-write layer for use by a container. -// This requires both the id of the direct parent layer, as well as the full list -// of paths to all parent layers up to the base (and including the direct parent -// whose id was provided). -func CreateSandboxLayer(info DriverInfo, layerId, parentId string, parentLayerPaths []string) error { - title := "hcsshim::CreateSandboxLayer " - logrus.Debugf(title+"layerId %s parentId %s", layerId, parentId) - - // Generate layer descriptors - layers, err := layerPathsToDescriptors(parentLayerPaths) - if err != nil { - return err - } - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = createSandboxLayer(&infop, layerId, parentId, layers) - if err != nil { - err = makeErrorf(err, title, "layerId=%s parentId=%s", layerId, parentId) - logrus.Error(err) - return err - } - - logrus.Debugf(title+"- succeeded layerId=%s parentId=%s", layerId, parentId) - return nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/deactivatelayer.go b/vendor/github.com/Microsoft/hcsshim/deactivatelayer.go deleted file mode 100644 index fd785030fba..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/deactivatelayer.go +++ /dev/null @@ -1,26 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// DeactivateLayer will dismount a layer that was mounted via ActivateLayer. -func DeactivateLayer(info DriverInfo, id string) error { - title := "hcsshim::DeactivateLayer " - logrus.Debugf(title+"Flavour %d ID %s", info.Flavour, id) - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = deactivateLayer(&infop, id) - if err != nil { - err = makeErrorf(err, title, "id=%s flavour=%d", id, info.Flavour) - logrus.Error(err) - return err - } - - logrus.Debugf(title+"succeeded flavour=%d id=%s", info.Flavour, id) - return nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/destroylayer.go b/vendor/github.com/Microsoft/hcsshim/destroylayer.go deleted file mode 100644 index b1e3b89fc70..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/destroylayer.go +++ /dev/null @@ -1,27 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// DestroyLayer will remove the on-disk files representing the layer with the given -// id, including that layer's containing folder, if any. -func DestroyLayer(info DriverInfo, id string) error { - title := "hcsshim::DestroyLayer " - logrus.Debugf(title+"Flavour %d ID %s", info.Flavour, id) - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = destroyLayer(&infop, id) - if err != nil { - err = makeErrorf(err, title, "id=%s flavour=%d", id, info.Flavour) - logrus.Error(err) - return err - } - - logrus.Debugf(title+"succeeded flavour=%d id=%s", info.Flavour, id) - return nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/errors.go b/vendor/github.com/Microsoft/hcsshim/errors.go index c0c6cac87cc..63efa23c7a4 100644 --- a/vendor/github.com/Microsoft/hcsshim/errors.go +++ b/vendor/github.com/Microsoft/hcsshim/errors.go @@ -1,92 +1,83 @@ package hcsshim import ( - "errors" "fmt" "syscall" + + "github.com/Microsoft/hcsshim/internal/hns" + + "github.com/Microsoft/hcsshim/internal/hcs" + "github.com/Microsoft/hcsshim/internal/hcserror" ) var ( - // ErrComputeSystemDoesNotExist is an error encountered when the container being operated on no longer exists - ErrComputeSystemDoesNotExist = syscall.Errno(0xc037010e) + // ErrComputeSystemDoesNotExist is an error encountered when the container being operated on no longer exists = hcs.exist + ErrComputeSystemDoesNotExist = hcs.ErrComputeSystemDoesNotExist // ErrElementNotFound is an error encountered when the object being referenced does not exist - ErrElementNotFound = syscall.Errno(0x490) + ErrElementNotFound = hcs.ErrElementNotFound // ErrElementNotFound is an error encountered when the object being referenced does not exist - ErrNotSupported = syscall.Errno(0x32) + ErrNotSupported = hcs.ErrNotSupported // ErrInvalidData is an error encountered when the request being sent to hcs is invalid/unsupported // decimal -2147024883 / hex 0x8007000d - ErrInvalidData = syscall.Errno(0xd) + ErrInvalidData = hcs.ErrInvalidData // ErrHandleClose is an error encountered when the handle generating the notification being waited on has been closed - ErrHandleClose = errors.New("hcsshim: the handle generating this notification has been closed") + ErrHandleClose = hcs.ErrHandleClose // ErrAlreadyClosed is an error encountered when using a handle that has been closed by the Close method - ErrAlreadyClosed = errors.New("hcsshim: the handle has already been closed") + ErrAlreadyClosed = hcs.ErrAlreadyClosed // ErrInvalidNotificationType is an error encountered when an invalid notification type is used - ErrInvalidNotificationType = errors.New("hcsshim: invalid notification type") + ErrInvalidNotificationType = hcs.ErrInvalidNotificationType // ErrInvalidProcessState is an error encountered when the process is not in a valid state for the requested operation - ErrInvalidProcessState = errors.New("the process is in an invalid state for the attempted operation") + ErrInvalidProcessState = hcs.ErrInvalidProcessState // ErrTimeout is an error encountered when waiting on a notification times out - ErrTimeout = errors.New("hcsshim: timeout waiting for notification") + ErrTimeout = hcs.ErrTimeout // ErrUnexpectedContainerExit is the error encountered when a container exits while waiting for // a different expected notification - ErrUnexpectedContainerExit = errors.New("unexpected container exit") + ErrUnexpectedContainerExit = hcs.ErrUnexpectedContainerExit // ErrUnexpectedProcessAbort is the error encountered when communication with the compute service // is lost while waiting for a notification - ErrUnexpectedProcessAbort = errors.New("lost communication with compute service") + ErrUnexpectedProcessAbort = hcs.ErrUnexpectedProcessAbort // ErrUnexpectedValue is an error encountered when hcs returns an invalid value - ErrUnexpectedValue = errors.New("unexpected value returned from hcs") + ErrUnexpectedValue = hcs.ErrUnexpectedValue // ErrVmcomputeAlreadyStopped is an error encountered when a shutdown or terminate request is made on a stopped container - ErrVmcomputeAlreadyStopped = syscall.Errno(0xc0370110) + ErrVmcomputeAlreadyStopped = hcs.ErrVmcomputeAlreadyStopped // ErrVmcomputeOperationPending is an error encountered when the operation is being completed asynchronously - ErrVmcomputeOperationPending = syscall.Errno(0xC0370103) + ErrVmcomputeOperationPending = hcs.ErrVmcomputeOperationPending // ErrVmcomputeOperationInvalidState is an error encountered when the compute system is not in a valid state for the requested operation - ErrVmcomputeOperationInvalidState = syscall.Errno(0xc0370105) + ErrVmcomputeOperationInvalidState = hcs.ErrVmcomputeOperationInvalidState // ErrProcNotFound is an error encountered when the the process cannot be found - ErrProcNotFound = syscall.Errno(0x7f) + ErrProcNotFound = hcs.ErrProcNotFound // ErrVmcomputeOperationAccessIsDenied is an error which can be encountered when enumerating compute systems in RS1/RS2 // builds when the underlying silo might be in the process of terminating. HCS was fixed in RS3. - ErrVmcomputeOperationAccessIsDenied = syscall.Errno(0x5) + ErrVmcomputeOperationAccessIsDenied = hcs.ErrVmcomputeOperationAccessIsDenied // ErrVmcomputeInvalidJSON is an error encountered when the compute system does not support/understand the messages sent by management - ErrVmcomputeInvalidJSON = syscall.Errno(0xc037010d) + ErrVmcomputeInvalidJSON = hcs.ErrVmcomputeInvalidJSON // ErrVmcomputeUnknownMessage is an error encountered guest compute system doesn't support the message - ErrVmcomputeUnknownMessage = syscall.Errno(0xc037010b) + ErrVmcomputeUnknownMessage = hcs.ErrVmcomputeUnknownMessage // ErrNotSupported is an error encountered when hcs doesn't support the request - ErrPlatformNotSupported = errors.New("unsupported platform request") + ErrPlatformNotSupported = hcs.ErrPlatformNotSupported ) -type EndpointNotFoundError struct { - EndpointName string -} - -func (e EndpointNotFoundError) Error() string { - return fmt.Sprintf("Endpoint %s not found", e.EndpointName) -} - -type NetworkNotFoundError struct { - NetworkName string -} - -func (e NetworkNotFoundError) Error() string { - return fmt.Sprintf("Network %s not found", e.NetworkName) -} +type EndpointNotFoundError = hns.EndpointNotFoundError +type NetworkNotFoundError = hns.NetworkNotFoundError // ProcessError is an error encountered in HCS during an operation on a Process object type ProcessError struct { @@ -94,6 +85,7 @@ type ProcessError struct { Operation string ExtraInfo string Err error + Events []hcs.ErrorEvent } // ContainerError is an error encountered in HCS during an operation on a Container object @@ -102,6 +94,7 @@ type ContainerError struct { Operation string ExtraInfo string Err error + Events []hcs.ErrorEvent } func (e *ContainerError) Error() string { @@ -113,7 +106,7 @@ func (e *ContainerError) Error() string { return "unexpected nil container for error: " + e.Err.Error() } - s := "container " + e.Container.id + s := "container " + e.Container.system.ID() if e.Operation != "" { s += " encountered an error during " + e.Operation @@ -123,11 +116,15 @@ func (e *ContainerError) Error() string { case nil: break case syscall.Errno: - s += fmt.Sprintf(": failure in a Windows system call: %s (0x%x)", e.Err, win32FromError(e.Err)) + s += fmt.Sprintf(": failure in a Windows system call: %s (0x%x)", e.Err, hcserror.Win32FromError(e.Err)) default: s += fmt.Sprintf(": %s", e.Err.Error()) } + for _, ev := range e.Events { + s += "\n" + ev.String() + } + if e.ExtraInfo != "" { s += " extra info: " + e.ExtraInfo } @@ -153,12 +150,7 @@ func (e *ProcessError) Error() string { return "Unexpected nil process for error: " + e.Err.Error() } - s := fmt.Sprintf("process %d", e.Process.processID) - - if e.Process.container != nil { - s += " in container " + e.Process.container.id - } - + s := fmt.Sprintf("process %d in container %s", e.Process.p.Pid(), e.Process.p.SystemID()) if e.Operation != "" { s += " encountered an error during " + e.Operation } @@ -167,11 +159,15 @@ func (e *ProcessError) Error() string { case nil: break case syscall.Errno: - s += fmt.Sprintf(": failure in a Windows system call: %s (0x%x)", e.Err, win32FromError(e.Err)) + s += fmt.Sprintf(": failure in a Windows system call: %s (0x%x)", e.Err, hcserror.Win32FromError(e.Err)) default: s += fmt.Sprintf(": %s", e.Err.Error()) } + for _, ev := range e.Events { + s += "\n" + ev.String() + } + return s } @@ -189,37 +185,31 @@ func makeProcessError(process *process, operation string, extraInfo string, err // already exited, or does not exist. Both IsAlreadyStopped and IsNotExist // will currently return true when the error is ErrElementNotFound or ErrProcNotFound. func IsNotExist(err error) bool { - err = getInnerError(err) if _, ok := err.(EndpointNotFoundError); ok { return true } if _, ok := err.(NetworkNotFoundError); ok { return true } - return err == ErrComputeSystemDoesNotExist || - err == ErrElementNotFound || - err == ErrProcNotFound + return hcs.IsNotExist(getInnerError(err)) } // IsAlreadyClosed checks if an error is caused by the Container or Process having been // already closed by a call to the Close() method. func IsAlreadyClosed(err error) bool { - err = getInnerError(err) - return err == ErrAlreadyClosed + return hcs.IsAlreadyClosed(getInnerError(err)) } // IsPending returns a boolean indicating whether the error is that // the requested operation is being completed in the background. func IsPending(err error) bool { - err = getInnerError(err) - return err == ErrVmcomputeOperationPending + return hcs.IsPending(getInnerError(err)) } // IsTimeout returns a boolean indicating whether the error is caused by // a timeout waiting for the operation to complete. func IsTimeout(err error) bool { - err = getInnerError(err) - return err == ErrTimeout + return hcs.IsTimeout(getInnerError(err)) } // IsAlreadyStopped returns a boolean indicating whether the error is caused by @@ -228,10 +218,7 @@ func IsTimeout(err error) bool { // already exited, or does not exist. Both IsAlreadyStopped and IsNotExist // will currently return true when the error is ErrElementNotFound or ErrProcNotFound. func IsAlreadyStopped(err error) bool { - err = getInnerError(err) - return err == ErrVmcomputeAlreadyStopped || - err == ErrElementNotFound || - err == ErrProcNotFound + return hcs.IsAlreadyStopped(getInnerError(err)) } // IsNotSupported returns a boolean indicating whether the error is caused by @@ -240,12 +227,7 @@ func IsAlreadyStopped(err error) bool { // ErrVmcomputeInvalidJSON, ErrInvalidData, ErrNotSupported or ErrVmcomputeUnknownMessage // is thrown from the Platform func IsNotSupported(err error) bool { - err = getInnerError(err) - // If Platform doesn't recognize or support the request sent, below errors are seen - return err == ErrVmcomputeInvalidJSON || - err == ErrInvalidData || - err == ErrNotSupported || - err == ErrVmcomputeUnknownMessage + return hcs.IsNotSupported(getInnerError(err)) } func getInnerError(err error) error { @@ -259,3 +241,17 @@ func getInnerError(err error) error { } return err } + +func convertSystemError(err error, c *container) error { + if serr, ok := err.(*hcs.SystemError); ok { + return &ContainerError{Container: c, Operation: serr.Op, ExtraInfo: serr.Extra, Err: serr.Err, Events: serr.Events} + } + return err +} + +func convertProcessError(err error, p *process) error { + if perr, ok := err.(*hcs.ProcessError); ok { + return &ProcessError{Process: p, Operation: perr.Op, Err: perr.Err, Events: perr.Events} + } + return err +} diff --git a/vendor/github.com/Microsoft/hcsshim/expandsandboxsize.go b/vendor/github.com/Microsoft/hcsshim/expandsandboxsize.go deleted file mode 100644 index 6946c6a84f1..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/expandsandboxsize.go +++ /dev/null @@ -1,26 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// ExpandSandboxSize expands the size of a layer to at least size bytes. -func ExpandSandboxSize(info DriverInfo, layerId string, size uint64) error { - title := "hcsshim::ExpandSandboxSize " - logrus.Debugf(title+"layerId=%s size=%d", layerId, size) - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = expandSandboxSize(&infop, layerId, size) - if err != nil { - err = makeErrorf(err, title, "layerId=%s size=%d", layerId, size) - logrus.Error(err) - return err - } - - logrus.Debugf(title+"- succeeded layerId=%s size=%d", layerId, size) - return nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/exportlayer.go b/vendor/github.com/Microsoft/hcsshim/exportlayer.go deleted file mode 100644 index d7025f20bab..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/exportlayer.go +++ /dev/null @@ -1,156 +0,0 @@ -package hcsshim - -import ( - "io" - "io/ioutil" - "os" - "syscall" - - "github.com/Microsoft/go-winio" - "github.com/sirupsen/logrus" -) - -// ExportLayer will create a folder at exportFolderPath and fill that folder with -// the transport format version of the layer identified by layerId. This transport -// format includes any metadata required for later importing the layer (using -// ImportLayer), and requires the full list of parent layer paths in order to -// perform the export. -func ExportLayer(info DriverInfo, layerId string, exportFolderPath string, parentLayerPaths []string) error { - title := "hcsshim::ExportLayer " - logrus.Debugf(title+"flavour %d layerId %s folder %s", info.Flavour, layerId, exportFolderPath) - - // Generate layer descriptors - layers, err := layerPathsToDescriptors(parentLayerPaths) - if err != nil { - return err - } - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = exportLayer(&infop, layerId, exportFolderPath, layers) - if err != nil { - err = makeErrorf(err, title, "layerId=%s flavour=%d folder=%s", layerId, info.Flavour, exportFolderPath) - logrus.Error(err) - return err - } - - logrus.Debugf(title+"succeeded flavour=%d layerId=%s folder=%s", info.Flavour, layerId, exportFolderPath) - return nil -} - -type LayerReader interface { - Next() (string, int64, *winio.FileBasicInfo, error) - Read(b []byte) (int, error) - Close() error -} - -// FilterLayerReader provides an interface for extracting the contents of an on-disk layer. -type FilterLayerReader struct { - context uintptr -} - -// Next reads the next available file from a layer, ensuring that parent directories are always read -// before child files and directories. -// -// Next returns the file's relative path, size, and basic file metadata. Read() should be used to -// extract a Win32 backup stream with the remainder of the metadata and the data. -func (r *FilterLayerReader) Next() (string, int64, *winio.FileBasicInfo, error) { - var fileNamep *uint16 - fileInfo := &winio.FileBasicInfo{} - var deleted uint32 - var fileSize int64 - err := exportLayerNext(r.context, &fileNamep, fileInfo, &fileSize, &deleted) - if err != nil { - if err == syscall.ERROR_NO_MORE_FILES { - err = io.EOF - } else { - err = makeError(err, "ExportLayerNext", "") - } - return "", 0, nil, err - } - fileName := convertAndFreeCoTaskMemString(fileNamep) - if deleted != 0 { - fileInfo = nil - } - if fileName[0] == '\\' { - fileName = fileName[1:] - } - return fileName, fileSize, fileInfo, nil -} - -// Read reads from the current file's Win32 backup stream. -func (r *FilterLayerReader) Read(b []byte) (int, error) { - var bytesRead uint32 - err := exportLayerRead(r.context, b, &bytesRead) - if err != nil { - return 0, makeError(err, "ExportLayerRead", "") - } - if bytesRead == 0 { - return 0, io.EOF - } - return int(bytesRead), nil -} - -// Close frees resources associated with the layer reader. It will return an -// error if there was an error while reading the layer or of the layer was not -// completely read. -func (r *FilterLayerReader) Close() (err error) { - if r.context != 0 { - err = exportLayerEnd(r.context) - if err != nil { - err = makeError(err, "ExportLayerEnd", "") - } - r.context = 0 - } - return -} - -// NewLayerReader returns a new layer reader for reading the contents of an on-disk layer. -// The caller must have taken the SeBackupPrivilege privilege -// to call this and any methods on the resulting LayerReader. -func NewLayerReader(info DriverInfo, layerID string, parentLayerPaths []string) (LayerReader, error) { - if procExportLayerBegin.Find() != nil { - // The new layer reader is not available on this Windows build. Fall back to the - // legacy export code path. - path, err := ioutil.TempDir("", "hcs") - if err != nil { - return nil, err - } - err = ExportLayer(info, layerID, path, parentLayerPaths) - if err != nil { - os.RemoveAll(path) - return nil, err - } - return &legacyLayerReaderWrapper{newLegacyLayerReader(path)}, nil - } - - layers, err := layerPathsToDescriptors(parentLayerPaths) - if err != nil { - return nil, err - } - infop, err := convertDriverInfo(info) - if err != nil { - return nil, err - } - r := &FilterLayerReader{} - err = exportLayerBegin(&infop, layerID, layers, &r.context) - if err != nil { - return nil, makeError(err, "ExportLayerBegin", "") - } - return r, err -} - -type legacyLayerReaderWrapper struct { - *legacyLayerReader -} - -func (r *legacyLayerReaderWrapper) Close() error { - err := r.legacyLayerReader.Close() - os.RemoveAll(r.root) - return err -} diff --git a/vendor/github.com/Microsoft/hcsshim/functional_tests.ps1 b/vendor/github.com/Microsoft/hcsshim/functional_tests.ps1 new file mode 100644 index 00000000000..ce6edbcf329 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/functional_tests.ps1 @@ -0,0 +1,12 @@ +# Requirements so far: +# dockerd running +# - image microsoft/nanoserver (matching host base image) docker load -i c:\baseimages\nanoserver.tar +# - image alpine (linux) docker pull --platform=linux alpine + + +# TODO: Add this a parameter for debugging. ie "functional-tests -debug=$true" +#$env:HCSSHIM_FUNCTIONAL_TESTS_DEBUG="yes please" + +#pushd uvm +go test -v -tags "functional uvmcreate uvmscratch uvmscsi uvmvpmem uvmvsmb uvmp9" ./... +#popd \ No newline at end of file diff --git a/vendor/github.com/Microsoft/hcsshim/getlayermountpath.go b/vendor/github.com/Microsoft/hcsshim/getlayermountpath.go deleted file mode 100644 index 89f8079d0f1..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/getlayermountpath.go +++ /dev/null @@ -1,55 +0,0 @@ -package hcsshim - -import ( - "syscall" - - "github.com/sirupsen/logrus" -) - -// GetLayerMountPath will look for a mounted layer with the given id and return -// the path at which that layer can be accessed. This path may be a volume path -// if the layer is a mounted read-write layer, otherwise it is expected to be the -// folder path at which the layer is stored. -func GetLayerMountPath(info DriverInfo, id string) (string, error) { - title := "hcsshim::GetLayerMountPath " - logrus.Debugf(title+"Flavour %d ID %s", info.Flavour, id) - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return "", err - } - - var mountPathLength uintptr - mountPathLength = 0 - - // Call the procedure itself. - logrus.Debugf("Calling proc (1)") - err = getLayerMountPath(&infop, id, &mountPathLength, nil) - if err != nil { - err = makeErrorf(err, title, "(first call) id=%s flavour=%d", id, info.Flavour) - logrus.Error(err) - return "", err - } - - // Allocate a mount path of the returned length. - if mountPathLength == 0 { - return "", nil - } - mountPathp := make([]uint16, mountPathLength) - mountPathp[0] = 0 - - // Call the procedure again - logrus.Debugf("Calling proc (2)") - err = getLayerMountPath(&infop, id, &mountPathLength, &mountPathp[0]) - if err != nil { - err = makeErrorf(err, title, "(second call) id=%s flavour=%d", id, info.Flavour) - logrus.Error(err) - return "", err - } - - path := syscall.UTF16ToString(mountPathp[0:]) - logrus.Debugf(title+"succeeded flavour=%d id=%s path=%s", info.Flavour, id, path) - return path, nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/getsharedbaseimages.go b/vendor/github.com/Microsoft/hcsshim/getsharedbaseimages.go deleted file mode 100644 index 05d3d9532ae..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/getsharedbaseimages.go +++ /dev/null @@ -1,22 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// GetSharedBaseImages will enumerate the images stored in the common central -// image store and return descriptive info about those images for the purpose -// of registering them with the graphdriver, graph, and tagstore. -func GetSharedBaseImages() (imageData string, err error) { - title := "hcsshim::GetSharedBaseImages " - - logrus.Debugf("Calling proc") - var buffer *uint16 - err = getBaseImages(&buffer) - if err != nil { - err = makeError(err, title, "") - logrus.Error(err) - return - } - imageData = convertAndFreeCoTaskMemString(buffer) - logrus.Debugf(title+" - succeeded output=%s", imageData) - return -} diff --git a/vendor/github.com/Microsoft/hcsshim/guid.go b/vendor/github.com/Microsoft/hcsshim/guid.go deleted file mode 100644 index 620aba123cb..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/guid.go +++ /dev/null @@ -1,19 +0,0 @@ -package hcsshim - -import ( - "crypto/sha1" - "fmt" -) - -type GUID [16]byte - -func NewGUID(source string) *GUID { - h := sha1.Sum([]byte(source)) - var g GUID - copy(g[0:], h[0:16]) - return &g -} - -func (g *GUID) ToString() string { - return fmt.Sprintf("%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x-%02x", g[3], g[2], g[1], g[0], g[5], g[4], g[7], g[6], g[8:10], g[10:]) -} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/BUILD b/vendor/github.com/Microsoft/hcsshim/hcn/BUILD new file mode 100644 index 00000000000..3ea3cb5baf9 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/BUILD @@ -0,0 +1,48 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "hcn.go", + "hcnendpoint.go", + "hcnerrors.go", + "hcnglobals.go", + "hcnloadbalancer.go", + "hcnnamespace.go", + "hcnnetwork.go", + "hcnpolicy.go", + "hcnsupport.go", + "zsyscall_windows.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/hcn", + importpath = "github.com/Microsoft/hcsshim/hcn", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/Microsoft/hcsshim/internal/cni:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/guid:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/hcserror:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/interop:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/regstate:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/runhcs:go_default_library", + "//vendor/github.com/sirupsen/logrus:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcn.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcn.go new file mode 100644 index 00000000000..651c3cea540 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcn.go @@ -0,0 +1,168 @@ +// Package hcn is a shim for the Host Compute Networking (HCN) service, which manages networking for Windows Server +// containers and Hyper-V containers. Previous to RS5, HCN was referred to as Host Networking Service (HNS). +package hcn + +import ( + "encoding/json" + "fmt" + "syscall" + + "github.com/Microsoft/hcsshim/internal/guid" +) + +//go:generate go run ../mksyscall_windows.go -output zsyscall_windows.go hcn.go + +/// HNS V1 API + +//sys SetCurrentThreadCompartmentId(compartmentId uint32) (hr error) = iphlpapi.SetCurrentThreadCompartmentId +//sys _hnsCall(method string, path string, object string, response **uint16) (hr error) = vmcompute.HNSCall? + +/// HCN V2 API + +// Network +//sys hcnEnumerateNetworks(query string, networks **uint16, result **uint16) (hr error) = computenetwork.HcnEnumerateNetworks? +//sys hcnCreateNetwork(id *_guid, settings string, network *hcnNetwork, result **uint16) (hr error) = computenetwork.HcnCreateNetwork? +//sys hcnOpenNetwork(id *_guid, network *hcnNetwork, result **uint16) (hr error) = computenetwork.HcnOpenNetwork? +//sys hcnModifyNetwork(network hcnNetwork, settings string, result **uint16) (hr error) = computenetwork.HcnModifyNetwork? +//sys hcnQueryNetworkProperties(network hcnNetwork, query string, properties **uint16, result **uint16) (hr error) = computenetwork.HcnQueryNetworkProperties? +//sys hcnDeleteNetwork(id *_guid, result **uint16) (hr error) = computenetwork.HcnDeleteNetwork? +//sys hcnCloseNetwork(network hcnNetwork) (hr error) = computenetwork.HcnCloseNetwork? + +// Endpoint +//sys hcnEnumerateEndpoints(query string, endpoints **uint16, result **uint16) (hr error) = computenetwork.HcnEnumerateEndpoints? +//sys hcnCreateEndpoint(network hcnNetwork, id *_guid, settings string, endpoint *hcnEndpoint, result **uint16) (hr error) = computenetwork.HcnCreateEndpoint? +//sys hcnOpenEndpoint(id *_guid, endpoint *hcnEndpoint, result **uint16) (hr error) = computenetwork.HcnOpenEndpoint? +//sys hcnModifyEndpoint(endpoint hcnEndpoint, settings string, result **uint16) (hr error) = computenetwork.HcnModifyEndpoint? +//sys hcnQueryEndpointProperties(endpoint hcnEndpoint, query string, properties **uint16, result **uint16) (hr error) = computenetwork.HcnQueryEndpointProperties? +//sys hcnDeleteEndpoint(id *_guid, result **uint16) (hr error) = computenetwork.HcnDeleteEndpoint? +//sys hcnCloseEndpoint(endpoint hcnEndpoint) (hr error) = computenetwork.HcnCloseEndpoint? + +// Namespace +//sys hcnEnumerateNamespaces(query string, namespaces **uint16, result **uint16) (hr error) = computenetwork.HcnEnumerateNamespaces? +//sys hcnCreateNamespace(id *_guid, settings string, namespace *hcnNamespace, result **uint16) (hr error) = computenetwork.HcnCreateNamespace? +//sys hcnOpenNamespace(id *_guid, namespace *hcnNamespace, result **uint16) (hr error) = computenetwork.HcnOpenNamespace? +//sys hcnModifyNamespace(namespace hcnNamespace, settings string, result **uint16) (hr error) = computenetwork.HcnModifyNamespace? +//sys hcnQueryNamespaceProperties(namespace hcnNamespace, query string, properties **uint16, result **uint16) (hr error) = computenetwork.HcnQueryNamespaceProperties? +//sys hcnDeleteNamespace(id *_guid, result **uint16) (hr error) = computenetwork.HcnDeleteNamespace? +//sys hcnCloseNamespace(namespace hcnNamespace) (hr error) = computenetwork.HcnCloseNamespace? + +// LoadBalancer +//sys hcnEnumerateLoadBalancers(query string, loadBalancers **uint16, result **uint16) (hr error) = computenetwork.HcnEnumerateLoadBalancers? +//sys hcnCreateLoadBalancer(id *_guid, settings string, loadBalancer *hcnLoadBalancer, result **uint16) (hr error) = computenetwork.HcnCreateLoadBalancer? +//sys hcnOpenLoadBalancer(id *_guid, loadBalancer *hcnLoadBalancer, result **uint16) (hr error) = computenetwork.HcnOpenLoadBalancer? +//sys hcnModifyLoadBalancer(loadBalancer hcnLoadBalancer, settings string, result **uint16) (hr error) = computenetwork.HcnModifyLoadBalancer? +//sys hcnQueryLoadBalancerProperties(loadBalancer hcnLoadBalancer, query string, properties **uint16, result **uint16) (hr error) = computenetwork.HcnQueryLoadBalancerProperties? +//sys hcnDeleteLoadBalancer(id *_guid, result **uint16) (hr error) = computenetwork.HcnDeleteLoadBalancer? +//sys hcnCloseLoadBalancer(loadBalancer hcnLoadBalancer) (hr error) = computenetwork.HcnCloseLoadBalancer? + +// Service +//sys hcnOpenService(service *hcnService, result **uint16) (hr error) = computenetwork.HcnOpenService? +//sys hcnRegisterServiceCallback(service hcnService, callback int32, context int32, callbackHandle *hcnCallbackHandle) (hr error) = computenetwork.HcnRegisterServiceCallback? +//sys hcnUnregisterServiceCallback(callbackHandle hcnCallbackHandle) (hr error) = computenetwork.HcnUnregisterServiceCallback? +//sys hcnCloseService(service hcnService) (hr error) = computenetwork.HcnCloseService? + +type _guid = guid.GUID + +type hcnNetwork syscall.Handle +type hcnEndpoint syscall.Handle +type hcnNamespace syscall.Handle +type hcnLoadBalancer syscall.Handle +type hcnService syscall.Handle +type hcnCallbackHandle syscall.Handle + +// SchemaVersion for HCN Objects/Queries. +type SchemaVersion = Version // hcnglobals.go + +// HostComputeQueryFlags are passed in to a HostComputeQuery to determine which +// properties of an object are returned. +type HostComputeQueryFlags uint32 + +var ( + // HostComputeQueryFlagsNone returns an object with the standard properties. + HostComputeQueryFlagsNone HostComputeQueryFlags + // HostComputeQueryFlagsDetailed returns an object with all properties. + HostComputeQueryFlagsDetailed HostComputeQueryFlags = 1 +) + +// HostComputeQuery is the format for HCN queries. +type HostComputeQuery struct { + SchemaVersion SchemaVersion `json:""` + Flags HostComputeQueryFlags `json:",omitempty"` + Filter string `json:",omitempty"` +} + +// defaultQuery generates HCN Query. +// Passed into get/enumerate calls to filter results. +func defaultQuery() HostComputeQuery { + query := HostComputeQuery{ + SchemaVersion: SchemaVersion{ + Major: 2, + Minor: 0, + }, + Flags: HostComputeQueryFlagsNone, + } + return query +} + +func defaultQueryJson() string { + query := defaultQuery() + queryJson, err := json.Marshal(query) + if err != nil { + return "" + } + return string(queryJson) +} + +// PlatformDoesNotSupportError happens when users are attempting to use a newer shim on an older OS +func platformDoesNotSupportError(featureName string) error { + return fmt.Errorf("Platform does not support feature %s", featureName) +} + +// V2ApiSupported returns an error if the HCN version does not support the V2 Apis. +func V2ApiSupported() error { + supported := GetSupportedFeatures() + if supported.Api.V2 { + return nil + } + return platformDoesNotSupportError("V2 Api/Schema") +} + +func V2SchemaVersion() SchemaVersion { + return SchemaVersion{ + Major: 2, + Minor: 0, + } +} + +// RemoteSubnetSupported returns an error if the HCN version does not support Remote Subnet policies. +func RemoteSubnetSupported() error { + supported := GetSupportedFeatures() + if supported.RemoteSubnet { + return nil + } + return platformDoesNotSupportError("Remote Subnet") +} + +// DSRSupported returns an error if the HCN version does not support Direct Server Return. +func DSRSupported() error { + supported := GetSupportedFeatures() + if supported.DSR { + return nil + } + return platformDoesNotSupportError("Direct Server Return (DSR)") +} + +// RequestType are the different operations performed to settings. +// Used to update the settings of Endpoint/Namespace objects. +type RequestType string + +var ( + // RequestTypeAdd adds the provided settings object. + RequestTypeAdd RequestType = "Add" + // RequestTypeRemove removes the provided settings object. + RequestTypeRemove RequestType = "Remove" + // RequestTypeUpdate replaces settings with the ones provided. + RequestTypeUpdate RequestType = "Update" + // RequestTypeRefresh refreshes the settings provided. + RequestTypeRefresh RequestType = "Refresh" +) diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnendpoint.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnendpoint.go new file mode 100644 index 00000000000..d58335e5c67 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnendpoint.go @@ -0,0 +1,366 @@ +package hcn + +import ( + "encoding/json" + + "github.com/Microsoft/hcsshim/internal/guid" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/sirupsen/logrus" +) + +// IpConfig is assoicated with an endpoint +type IpConfig struct { + IpAddress string `json:",omitempty"` + PrefixLength uint8 `json:",omitempty"` +} + +// EndpointFlags are special settings on an endpoint. +type EndpointFlags uint32 + +var ( + // EndpointFlagsNone is the default. + EndpointFlagsNone EndpointFlags + // EndpointFlagsRemoteEndpoint means that an endpoint is on another host. + EndpointFlagsRemoteEndpoint EndpointFlags = 1 +) + +// HostComputeEndpoint represents a network endpoint +type HostComputeEndpoint struct { + Id string `json:"ID,omitempty"` + Name string `json:",omitempty"` + HostComputeNetwork string `json:",omitempty"` // GUID + HostComputeNamespace string `json:",omitempty"` // GUID + Policies []EndpointPolicy `json:",omitempty"` + IpConfigurations []IpConfig `json:",omitempty"` + Dns Dns `json:",omitempty"` + Routes []Route `json:",omitempty"` + MacAddress string `json:",omitempty"` + Flags EndpointFlags `json:",omitempty"` + SchemaVersion SchemaVersion `json:",omitempty"` +} + +// EndpointResourceType are the two different Endpoint settings resources. +type EndpointResourceType string + +var ( + // EndpointResourceTypePolicy is for Endpoint Policies. Ex: ACL, NAT + EndpointResourceTypePolicy EndpointResourceType = "Policy" + // EndpointResourceTypePort is for Endpoint Port settings. + EndpointResourceTypePort EndpointResourceType = "Port" +) + +// ModifyEndpointSettingRequest is the structure used to send request to modify an endpoint. +// Used to update policy/port on an endpoint. +type ModifyEndpointSettingRequest struct { + ResourceType EndpointResourceType `json:",omitempty"` // Policy, Port + RequestType RequestType `json:",omitempty"` // Add, Remove, Update, Refresh + Settings json.RawMessage `json:",omitempty"` +} + +type PolicyEndpointRequest struct { + Policies []EndpointPolicy `json:",omitempty"` +} + +func getEndpoint(endpointGuid guid.GUID, query string) (*HostComputeEndpoint, error) { + // Open endpoint. + var ( + endpointHandle hcnEndpoint + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenEndpoint(&endpointGuid, &endpointHandle, &resultBuffer) + if err := checkForErrors("hcnOpenEndpoint", hr, resultBuffer); err != nil { + return nil, err + } + // Query endpoint. + hr = hcnQueryEndpointProperties(endpointHandle, query, &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryEndpointProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close endpoint. + hr = hcnCloseEndpoint(endpointHandle) + if err := checkForErrors("hcnCloseEndpoint", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeEndpoint + var outputEndpoint HostComputeEndpoint + if err := json.Unmarshal([]byte(properties), &outputEndpoint); err != nil { + return nil, err + } + return &outputEndpoint, nil +} + +func enumerateEndpoints(query string) ([]HostComputeEndpoint, error) { + // Enumerate all Endpoint Guids + var ( + resultBuffer *uint16 + endpointBuffer *uint16 + ) + hr := hcnEnumerateEndpoints(query, &endpointBuffer, &resultBuffer) + if err := checkForErrors("hcnEnumerateEndpoints", hr, resultBuffer); err != nil { + return nil, err + } + + endpoints := interop.ConvertAndFreeCoTaskMemString(endpointBuffer) + var endpointIds []guid.GUID + err := json.Unmarshal([]byte(endpoints), &endpointIds) + if err != nil { + return nil, err + } + + var outputEndpoints []HostComputeEndpoint + for _, endpointGuid := range endpointIds { + endpoint, err := getEndpoint(endpointGuid, query) + if err != nil { + return nil, err + } + outputEndpoints = append(outputEndpoints, *endpoint) + } + return outputEndpoints, nil +} + +func createEndpoint(networkId string, endpointSettings string) (*HostComputeEndpoint, error) { + networkGuid := guid.FromString(networkId) + // Open network. + var networkHandle hcnNetwork + var resultBuffer *uint16 + hr := hcnOpenNetwork(&networkGuid, &networkHandle, &resultBuffer) + if err := checkForErrors("hcnOpenNetwork", hr, resultBuffer); err != nil { + return nil, err + } + // Create endpoint. + endpointId := guid.GUID{} + var endpointHandle hcnEndpoint + hr = hcnCreateEndpoint(networkHandle, &endpointId, endpointSettings, &endpointHandle, &resultBuffer) + if err := checkForErrors("hcnCreateEndpoint", hr, resultBuffer); err != nil { + return nil, err + } + // Query endpoint. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + var propertiesBuffer *uint16 + hr = hcnQueryEndpointProperties(endpointHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryEndpointProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close endpoint. + hr = hcnCloseEndpoint(endpointHandle) + if err := checkForErrors("hcnCloseEndpoint", hr, nil); err != nil { + return nil, err + } + // Close network. + hr = hcnCloseNetwork(networkHandle) + if err := checkForErrors("hcnCloseNetwork", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeEndpoint + var outputEndpoint HostComputeEndpoint + if err := json.Unmarshal([]byte(properties), &outputEndpoint); err != nil { + return nil, err + } + return &outputEndpoint, nil +} + +func modifyEndpoint(endpointId string, settings string) (*HostComputeEndpoint, error) { + endpointGuid := guid.FromString(endpointId) + // Open endpoint + var ( + endpointHandle hcnEndpoint + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenEndpoint(&endpointGuid, &endpointHandle, &resultBuffer) + if err := checkForErrors("hcnOpenEndpoint", hr, resultBuffer); err != nil { + return nil, err + } + // Modify endpoint + hr = hcnModifyEndpoint(endpointHandle, settings, &resultBuffer) + if err := checkForErrors("hcnModifyEndpoint", hr, resultBuffer); err != nil { + return nil, err + } + // Query endpoint. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + hr = hcnQueryEndpointProperties(endpointHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryEndpointProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close endpoint. + hr = hcnCloseEndpoint(endpointHandle) + if err := checkForErrors("hcnCloseEndpoint", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeEndpoint + var outputEndpoint HostComputeEndpoint + if err := json.Unmarshal([]byte(properties), &outputEndpoint); err != nil { + return nil, err + } + return &outputEndpoint, nil +} + +func deleteEndpoint(endpointId string) error { + endpointGuid := guid.FromString(endpointId) + var resultBuffer *uint16 + hr := hcnDeleteEndpoint(&endpointGuid, &resultBuffer) + if err := checkForErrors("hcnDeleteEndpoint", hr, resultBuffer); err != nil { + return err + } + return nil +} + +// ListEndpoints makes a call to list all available endpoints. +func ListEndpoints() ([]HostComputeEndpoint, error) { + hcnQuery := defaultQuery() + endpoints, err := ListEndpointsQuery(hcnQuery) + if err != nil { + return nil, err + } + return endpoints, nil +} + +// ListEndpointsQuery makes a call to query the list of available endpoints. +func ListEndpointsQuery(query HostComputeQuery) ([]HostComputeEndpoint, error) { + queryJson, err := json.Marshal(query) + if err != nil { + return nil, err + } + + endpoints, err := enumerateEndpoints(string(queryJson)) + if err != nil { + return nil, err + } + return endpoints, nil +} + +// ListEndpointsOfNetwork queries the list of endpoints on a network. +func ListEndpointsOfNetwork(networkId string) ([]HostComputeEndpoint, error) { + hcnQuery := defaultQuery() + // TODO: Once query can convert schema, change to {HostComputeNetwork:networkId} + mapA := map[string]string{"VirtualNetwork": networkId} + filter, err := json.Marshal(mapA) + if err != nil { + return nil, err + } + hcnQuery.Filter = string(filter) + + return ListEndpointsQuery(hcnQuery) +} + +// GetEndpointByID returns an endpoint specified by Id +func GetEndpointByID(endpointId string) (*HostComputeEndpoint, error) { + hcnQuery := defaultQuery() + mapA := map[string]string{"ID": endpointId} + filter, err := json.Marshal(mapA) + if err != nil { + return nil, err + } + hcnQuery.Filter = string(filter) + + endpoints, err := ListEndpointsQuery(hcnQuery) + if err != nil { + return nil, err + } + if len(endpoints) == 0 { + return nil, EndpointNotFoundError{EndpointID: endpointId} + } + return &endpoints[0], err +} + +// GetEndpointByName returns an endpoint specified by Name +func GetEndpointByName(endpointName string) (*HostComputeEndpoint, error) { + hcnQuery := defaultQuery() + mapA := map[string]string{"Name": endpointName} + filter, err := json.Marshal(mapA) + if err != nil { + return nil, err + } + hcnQuery.Filter = string(filter) + + endpoints, err := ListEndpointsQuery(hcnQuery) + if err != nil { + return nil, err + } + if len(endpoints) == 0 { + return nil, EndpointNotFoundError{EndpointName: endpointName} + } + return &endpoints[0], err +} + +// Create Endpoint. +func (endpoint *HostComputeEndpoint) Create() (*HostComputeEndpoint, error) { + logrus.Debugf("hcn::HostComputeEndpoint::Create id=%s", endpoint.Id) + + jsonString, err := json.Marshal(endpoint) + if err != nil { + return nil, err + } + + logrus.Debugf("hcn::HostComputeEndpoint::Create JSON: %s", jsonString) + endpoint, hcnErr := createEndpoint(endpoint.HostComputeNetwork, string(jsonString)) + if hcnErr != nil { + return nil, hcnErr + } + return endpoint, nil +} + +// Delete Endpoint. +func (endpoint *HostComputeEndpoint) Delete() error { + logrus.Debugf("hcn::HostComputeEndpoint::Delete id=%s", endpoint.Id) + + if err := deleteEndpoint(endpoint.Id); err != nil { + return err + } + return nil +} + +// ModifyEndpointSettings updates the Port/Policy of an Endpoint. +func ModifyEndpointSettings(endpointId string, request *ModifyEndpointSettingRequest) error { + logrus.Debugf("hcn::HostComputeEndpoint::ModifyEndpointSettings id=%s", endpointId) + + endpointSettingsRequest, err := json.Marshal(request) + if err != nil { + return err + } + + _, err = modifyEndpoint(endpointId, string(endpointSettingsRequest)) + if err != nil { + return err + } + return nil +} + +// ApplyPolicy applies a Policy (ex: ACL) on the Endpoint. +func (endpoint *HostComputeEndpoint) ApplyPolicy(endpointPolicy PolicyEndpointRequest) error { + logrus.Debugf("hcn::HostComputeEndpoint::ApplyPolicy id=%s", endpoint.Id) + + settingsJson, err := json.Marshal(endpointPolicy) + if err != nil { + return err + } + requestMessage := &ModifyEndpointSettingRequest{ + ResourceType: EndpointResourceTypePolicy, + RequestType: RequestTypeUpdate, + Settings: settingsJson, + } + + return ModifyEndpointSettings(endpoint.Id, requestMessage) +} + +// NamespaceAttach modifies a Namespace to add an endpoint. +func (endpoint *HostComputeEndpoint) NamespaceAttach(namespaceId string) error { + return AddNamespaceEndpoint(namespaceId, endpoint.Id) +} + +// NamespaceDetach modifies a Namespace to remove an endpoint. +func (endpoint *HostComputeEndpoint) NamespaceDetach(namespaceId string) error { + return RemoveNamespaceEndpoint(namespaceId, endpoint.Id) +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go new file mode 100644 index 00000000000..6d46bf8bbcd --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go @@ -0,0 +1,95 @@ +// Package hcn is a shim for the Host Compute Networking (HCN) service, which manages networking for Windows Server +// containers and Hyper-V containers. Previous to RS5, HCN was referred to as Host Networking Service (HNS). +package hcn + +import ( + "fmt" + + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/sirupsen/logrus" +) + +func checkForErrors(methodName string, hr error, resultBuffer *uint16) error { + errorFound := false + + if hr != nil { + errorFound = true + } + + result := "" + if resultBuffer != nil { + result = interop.ConvertAndFreeCoTaskMemString(resultBuffer) + if result != "" { + errorFound = true + } + } + + if errorFound { + returnError := hcserror.New(hr, methodName, result) + logrus.Debugf(returnError.Error()) // HCN errors logged for debugging. + return returnError + } + + return nil +} + +// NetworkNotFoundError results from a failed seach for a network by Id or Name +type NetworkNotFoundError struct { + NetworkName string + NetworkID string +} + +func (e NetworkNotFoundError) Error() string { + if e.NetworkName == "" { + return fmt.Sprintf("Network Name %s not found", e.NetworkName) + } + return fmt.Sprintf("Network Id %s not found", e.NetworkID) +} + +// EndpointNotFoundError results from a failed seach for an endpoint by Id or Name +type EndpointNotFoundError struct { + EndpointName string + EndpointID string +} + +func (e EndpointNotFoundError) Error() string { + if e.EndpointName == "" { + return fmt.Sprintf("Endpoint Name %s not found", e.EndpointName) + } + return fmt.Sprintf("Endpoint Id %s not found", e.EndpointID) +} + +// NamespaceNotFoundError results from a failed seach for a namsepace by Id +type NamespaceNotFoundError struct { + NamespaceID string +} + +func (e NamespaceNotFoundError) Error() string { + return fmt.Sprintf("Namespace %s not found", e.NamespaceID) +} + +// LoadBalancerNotFoundError results from a failed seach for a loadbalancer by Id +type LoadBalancerNotFoundError struct { + LoadBalancerId string +} + +func (e LoadBalancerNotFoundError) Error() string { + return fmt.Sprintf("LoadBalancer %s not found", e.LoadBalancerId) +} + +// IsNotFoundError returns a boolean indicating whether the error was caused by +// a resource not being found. +func IsNotFoundError(err error) bool { + switch err.(type) { + case NetworkNotFoundError: + return true + case EndpointNotFoundError: + return true + case NamespaceNotFoundError: + return true + case LoadBalancerNotFoundError: + return true + } + return false +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnglobals.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnglobals.go new file mode 100644 index 00000000000..22a3b2c5b17 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnglobals.go @@ -0,0 +1,85 @@ +package hcn + +import ( + "encoding/json" + "fmt" + + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/sirupsen/logrus" +) + +// Globals are all global properties of the HCN Service. +type Globals struct { + Version Version `json:"Version"` +} + +// Version is the HCN Service version. +type Version struct { + Major int `json:"Major"` + Minor int `json:"Minor"` +} + +var ( + // HNSVersion1803 added ACL functionality. + HNSVersion1803 = Version{Major: 7, Minor: 2} + // V2ApiSupport allows the use of V2 Api calls and V2 Schema. + V2ApiSupport = Version{Major: 9, Minor: 1} + // Remote Subnet allows for Remote Subnet policies on Overlay networks + RemoteSubnetVersion = Version{Major: 9, Minor: 2} + // HNS 10.2 allows for Direct Server Return for loadbalancing + DSRVersion = Version{Major: 10, Minor: 2} +) + +// GetGlobals returns the global properties of the HCN Service. +func GetGlobals() (*Globals, error) { + var version Version + err := hnsCall("GET", "/globals/version", "", &version) + if err != nil { + return nil, err + } + + globals := &Globals{ + Version: version, + } + + return globals, nil +} + +type hnsResponse struct { + Success bool + Error string + Output json.RawMessage +} + +func hnsCall(method, path, request string, returnResponse interface{}) error { + var responseBuffer *uint16 + logrus.Debugf("[%s]=>[%s] Request : %s", method, path, request) + + err := _hnsCall(method, path, request, &responseBuffer) + if err != nil { + return hcserror.New(err, "hnsCall ", "") + } + response := interop.ConvertAndFreeCoTaskMemString(responseBuffer) + + hnsresponse := &hnsResponse{} + if err = json.Unmarshal([]byte(response), &hnsresponse); err != nil { + return err + } + + if !hnsresponse.Success { + return fmt.Errorf("HNS failed with error : %s", hnsresponse.Error) + } + + if len(hnsresponse.Output) == 0 { + return nil + } + + logrus.Debugf("Network Response : %s", hnsresponse.Output) + err = json.Unmarshal(hnsresponse.Output, returnResponse) + if err != nil { + return err + } + + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnloadbalancer.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnloadbalancer.go new file mode 100644 index 00000000000..9585e3f1841 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnloadbalancer.go @@ -0,0 +1,321 @@ +package hcn + +import ( + "encoding/json" + + "github.com/Microsoft/hcsshim/internal/guid" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/sirupsen/logrus" +) + +// LoadBalancerPortMapping is associated with HostComputeLoadBalancer +type LoadBalancerPortMapping struct { + Protocol uint32 `json:",omitempty"` // EX: TCP = 6, UDP = 17 + InternalPort uint16 `json:",omitempty"` + ExternalPort uint16 `json:",omitempty"` + Flags uint32 `json:",omitempty"` // 0: None, 1: EnableILB, 2: LocalRoutedVip +} + +// HostComputeLoadBalancer represents software load balancer. +type HostComputeLoadBalancer struct { + Id string `json:"ID,omitempty"` + HostComputeEndpoints []string `json:",omitempty"` + SourceVIP string `json:",omitempty"` + FrontendVIPs []string `json:",omitempty"` + PortMappings []LoadBalancerPortMapping `json:",omitempty"` + SchemaVersion SchemaVersion `json:",omitempty"` + Flags uint32 `json:",omitempty"` // 0: None, 1: EnableDirectServerReturn +} + +func getLoadBalancer(loadBalancerGuid guid.GUID, query string) (*HostComputeLoadBalancer, error) { + // Open loadBalancer. + var ( + loadBalancerHandle hcnLoadBalancer + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenLoadBalancer(&loadBalancerGuid, &loadBalancerHandle, &resultBuffer) + if err := checkForErrors("hcnOpenLoadBalancer", hr, resultBuffer); err != nil { + return nil, err + } + // Query loadBalancer. + hr = hcnQueryLoadBalancerProperties(loadBalancerHandle, query, &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryLoadBalancerProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close loadBalancer. + hr = hcnCloseLoadBalancer(loadBalancerHandle) + if err := checkForErrors("hcnCloseLoadBalancer", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeLoadBalancer + var outputLoadBalancer HostComputeLoadBalancer + if err := json.Unmarshal([]byte(properties), &outputLoadBalancer); err != nil { + return nil, err + } + return &outputLoadBalancer, nil +} + +func enumerateLoadBalancers(query string) ([]HostComputeLoadBalancer, error) { + // Enumerate all LoadBalancer Guids + var ( + resultBuffer *uint16 + loadBalancerBuffer *uint16 + ) + hr := hcnEnumerateLoadBalancers(query, &loadBalancerBuffer, &resultBuffer) + if err := checkForErrors("hcnEnumerateLoadBalancers", hr, resultBuffer); err != nil { + return nil, err + } + + loadBalancers := interop.ConvertAndFreeCoTaskMemString(loadBalancerBuffer) + var loadBalancerIds []guid.GUID + if err := json.Unmarshal([]byte(loadBalancers), &loadBalancerIds); err != nil { + return nil, err + } + + var outputLoadBalancers []HostComputeLoadBalancer + for _, loadBalancerGuid := range loadBalancerIds { + loadBalancer, err := getLoadBalancer(loadBalancerGuid, query) + if err != nil { + return nil, err + } + outputLoadBalancers = append(outputLoadBalancers, *loadBalancer) + } + return outputLoadBalancers, nil +} + +func createLoadBalancer(settings string) (*HostComputeLoadBalancer, error) { + // Create new loadBalancer. + var ( + loadBalancerHandle hcnLoadBalancer + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + loadBalancerGuid := guid.GUID{} + hr := hcnCreateLoadBalancer(&loadBalancerGuid, settings, &loadBalancerHandle, &resultBuffer) + if err := checkForErrors("hcnCreateLoadBalancer", hr, resultBuffer); err != nil { + return nil, err + } + // Query loadBalancer. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + hr = hcnQueryLoadBalancerProperties(loadBalancerHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryLoadBalancerProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close loadBalancer. + hr = hcnCloseLoadBalancer(loadBalancerHandle) + if err := checkForErrors("hcnCloseLoadBalancer", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeLoadBalancer + var outputLoadBalancer HostComputeLoadBalancer + if err := json.Unmarshal([]byte(properties), &outputLoadBalancer); err != nil { + return nil, err + } + return &outputLoadBalancer, nil +} + +func modifyLoadBalancer(loadBalancerId string, settings string) (*HostComputeLoadBalancer, error) { + loadBalancerGuid := guid.FromString(loadBalancerId) + // Open loadBalancer. + var ( + loadBalancerHandle hcnLoadBalancer + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenLoadBalancer(&loadBalancerGuid, &loadBalancerHandle, &resultBuffer) + if err := checkForErrors("hcnOpenLoadBalancer", hr, resultBuffer); err != nil { + return nil, err + } + // Modify loadBalancer. + hr = hcnModifyLoadBalancer(loadBalancerHandle, settings, &resultBuffer) + if err := checkForErrors("hcnModifyLoadBalancer", hr, resultBuffer); err != nil { + return nil, err + } + // Query loadBalancer. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + hr = hcnQueryLoadBalancerProperties(loadBalancerHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryLoadBalancerProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close loadBalancer. + hr = hcnCloseLoadBalancer(loadBalancerHandle) + if err := checkForErrors("hcnCloseLoadBalancer", hr, nil); err != nil { + return nil, err + } + // Convert output to LoadBalancer + var outputLoadBalancer HostComputeLoadBalancer + if err := json.Unmarshal([]byte(properties), &outputLoadBalancer); err != nil { + return nil, err + } + return &outputLoadBalancer, nil +} + +func deleteLoadBalancer(loadBalancerId string) error { + loadBalancerGuid := guid.FromString(loadBalancerId) + var resultBuffer *uint16 + hr := hcnDeleteLoadBalancer(&loadBalancerGuid, &resultBuffer) + if err := checkForErrors("hcnDeleteLoadBalancer", hr, resultBuffer); err != nil { + return err + } + return nil +} + +// ListLoadBalancers makes a call to list all available loadBalancers. +func ListLoadBalancers() ([]HostComputeLoadBalancer, error) { + hcnQuery := defaultQuery() + loadBalancers, err := ListLoadBalancersQuery(hcnQuery) + if err != nil { + return nil, err + } + return loadBalancers, nil +} + +// ListLoadBalancersQuery makes a call to query the list of available loadBalancers. +func ListLoadBalancersQuery(query HostComputeQuery) ([]HostComputeLoadBalancer, error) { + queryJson, err := json.Marshal(query) + if err != nil { + return nil, err + } + + loadBalancers, err := enumerateLoadBalancers(string(queryJson)) + if err != nil { + return nil, err + } + return loadBalancers, nil +} + +// GetLoadBalancerByID returns the LoadBalancer specified by Id. +func GetLoadBalancerByID(loadBalancerId string) (*HostComputeLoadBalancer, error) { + hcnQuery := defaultQuery() + mapA := map[string]string{"ID": loadBalancerId} + filter, err := json.Marshal(mapA) + if err != nil { + return nil, err + } + hcnQuery.Filter = string(filter) + + loadBalancers, err := ListLoadBalancersQuery(hcnQuery) + if err != nil { + return nil, err + } + if len(loadBalancers) == 0 { + return nil, LoadBalancerNotFoundError{LoadBalancerId: loadBalancerId} + } + return &loadBalancers[0], err +} + +// Create LoadBalancer. +func (loadBalancer *HostComputeLoadBalancer) Create() (*HostComputeLoadBalancer, error) { + logrus.Debugf("hcn::HostComputeLoadBalancer::Create id=%s", loadBalancer.Id) + + jsonString, err := json.Marshal(loadBalancer) + if err != nil { + return nil, err + } + + logrus.Debugf("hcn::HostComputeLoadBalancer::Create JSON: %s", jsonString) + loadBalancer, hcnErr := createLoadBalancer(string(jsonString)) + if hcnErr != nil { + return nil, hcnErr + } + return loadBalancer, nil +} + +// Delete LoadBalancer. +func (loadBalancer *HostComputeLoadBalancer) Delete() error { + logrus.Debugf("hcn::HostComputeLoadBalancer::Delete id=%s", loadBalancer.Id) + + if err := deleteLoadBalancer(loadBalancer.Id); err != nil { + return err + } + return nil +} + +// AddEndpoint add an endpoint to a LoadBalancer +func (loadBalancer *HostComputeLoadBalancer) AddEndpoint(endpoint *HostComputeEndpoint) (*HostComputeLoadBalancer, error) { + logrus.Debugf("hcn::HostComputeLoadBalancer::AddEndpoint loadBalancer=%s endpoint=%s", loadBalancer.Id, endpoint.Id) + + err := loadBalancer.Delete() + if err != nil { + return nil, err + } + + // Add Endpoint to the Existing List + loadBalancer.HostComputeEndpoints = append(loadBalancer.HostComputeEndpoints, endpoint.Id) + + return loadBalancer.Create() +} + +// RemoveEndpoint removes an endpoint from a LoadBalancer +func (loadBalancer *HostComputeLoadBalancer) RemoveEndpoint(endpoint *HostComputeEndpoint) (*HostComputeLoadBalancer, error) { + logrus.Debugf("hcn::HostComputeLoadBalancer::RemoveEndpoint loadBalancer=%s endpoint=%s", loadBalancer.Id, endpoint.Id) + + err := loadBalancer.Delete() + if err != nil { + return nil, err + } + + // Create a list of all the endpoints besides the one being removed + var endpoints []string + for _, endpointReference := range loadBalancer.HostComputeEndpoints { + if endpointReference == endpoint.Id { + continue + } + endpoints = append(endpoints, endpointReference) + } + loadBalancer.HostComputeEndpoints = endpoints + return loadBalancer.Create() +} + +// AddLoadBalancer for the specified endpoints +func AddLoadBalancer(endpoints []HostComputeEndpoint, isILB bool, isDSR bool, sourceVIP string, frontendVIPs []string, protocol uint16, internalPort uint16, externalPort uint16) (*HostComputeLoadBalancer, error) { + logrus.Debugf("hcn::HostComputeLoadBalancer::AddLoadBalancer endpointId=%v, isILB=%v, sourceVIP=%s, frontendVIPs=%v, protocol=%v, internalPort=%v, externalPort=%v", endpoints, isILB, sourceVIP, frontendVIPs, protocol, internalPort, externalPort) + + var portMappingFlags uint32 + portMappingFlags = 0 + if isILB { + portMappingFlags = 1 + } + + var lbFlags uint32 + lbFlags = 0 + if isDSR { + lbFlags = 1 // EnableDirectServerReturn + } + + loadBalancer := &HostComputeLoadBalancer{ + SourceVIP: sourceVIP, + PortMappings: []LoadBalancerPortMapping{ + { + Protocol: uint32(protocol), + InternalPort: internalPort, + ExternalPort: externalPort, + Flags: portMappingFlags, + }, + }, + FrontendVIPs: frontendVIPs, + SchemaVersion: SchemaVersion{ + Major: 2, + Minor: 0, + }, + Flags: lbFlags, + } + + for _, endpoint := range endpoints { + loadBalancer.HostComputeEndpoints = append(loadBalancer.HostComputeEndpoints, endpoint.Id) + } + + return loadBalancer.Create() +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go new file mode 100644 index 00000000000..6dbef4f2549 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go @@ -0,0 +1,424 @@ +package hcn + +import ( + "encoding/json" + "os" + "syscall" + + icni "github.com/Microsoft/hcsshim/internal/cni" + "github.com/Microsoft/hcsshim/internal/guid" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/Microsoft/hcsshim/internal/regstate" + "github.com/Microsoft/hcsshim/internal/runhcs" + "github.com/sirupsen/logrus" +) + +// NamespaceResourceEndpoint represents an Endpoint attached to a Namespace. +type NamespaceResourceEndpoint struct { + Id string `json:"ID,"` +} + +// NamespaceResourceContainer represents a Container attached to a Namespace. +type NamespaceResourceContainer struct { + Id string `json:"ID,"` +} + +// NamespaceResourceType determines whether the Namespace resource is a Container or Endpoint. +type NamespaceResourceType string + +var ( + // NamespaceResourceTypeContainer are contianers associated with a Namespace. + NamespaceResourceTypeContainer NamespaceResourceType = "Container" + // NamespaceResourceTypeEndpoint are endpoints associated with a Namespace. + NamespaceResourceTypeEndpoint NamespaceResourceType = "Endpoint" +) + +// NamespaceResource is associated with a namespace +type NamespaceResource struct { + Type NamespaceResourceType `json:","` // Container, Endpoint + Data json.RawMessage `json:","` +} + +// NamespaceType determines whether the Namespace is for a Host or Guest +type NamespaceType string + +var ( + // NamespaceTypeHost are host namespaces. + NamespaceTypeHost NamespaceType = "Host" + // NamespaceTypeHostDefault are host namespaces in the default compartment. + NamespaceTypeHostDefault NamespaceType = "HostDefault" + // NamespaceTypeGuest are guest namespaces. + NamespaceTypeGuest NamespaceType = "Guest" + // NamespaceTypeGuestDefault are guest namespaces in the default compartment. + NamespaceTypeGuestDefault NamespaceType = "GuestDefault" +) + +// HostComputeNamespace represents a namespace (AKA compartment) in +type HostComputeNamespace struct { + Id string `json:"ID,omitempty"` + NamespaceId uint32 `json:",omitempty"` + Type NamespaceType `json:",omitempty"` // Host, HostDefault, Guest, GuestDefault + Resources []NamespaceResource `json:",omitempty"` + SchemaVersion SchemaVersion `json:",omitempty"` +} + +// ModifyNamespaceSettingRequest is the structure used to send request to modify a namespace. +// Used to Add/Remove an endpoints and containers to/from a namespace. +type ModifyNamespaceSettingRequest struct { + ResourceType NamespaceResourceType `json:",omitempty"` // Container, Endpoint + RequestType RequestType `json:",omitempty"` // Add, Remove, Update, Refresh + Settings json.RawMessage `json:",omitempty"` +} + +func getNamespace(namespaceGuid guid.GUID, query string) (*HostComputeNamespace, error) { + // Open namespace. + var ( + namespaceHandle hcnNamespace + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenNamespace(&namespaceGuid, &namespaceHandle, &resultBuffer) + if err := checkForErrors("hcnOpenNamespace", hr, resultBuffer); err != nil { + return nil, err + } + // Query namespace. + hr = hcnQueryNamespaceProperties(namespaceHandle, query, &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryNamespaceProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close namespace. + hr = hcnCloseNamespace(namespaceHandle) + if err := checkForErrors("hcnCloseNamespace", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeNamespace + var outputNamespace HostComputeNamespace + if err := json.Unmarshal([]byte(properties), &outputNamespace); err != nil { + return nil, err + } + return &outputNamespace, nil +} + +func enumerateNamespaces(query string) ([]HostComputeNamespace, error) { + // Enumerate all Namespace Guids + var ( + resultBuffer *uint16 + namespaceBuffer *uint16 + ) + hr := hcnEnumerateNamespaces(query, &namespaceBuffer, &resultBuffer) + if err := checkForErrors("hcnEnumerateNamespaces", hr, resultBuffer); err != nil { + return nil, err + } + + namespaces := interop.ConvertAndFreeCoTaskMemString(namespaceBuffer) + var namespaceIds []guid.GUID + if err := json.Unmarshal([]byte(namespaces), &namespaceIds); err != nil { + return nil, err + } + + var outputNamespaces []HostComputeNamespace + for _, namespaceGuid := range namespaceIds { + namespace, err := getNamespace(namespaceGuid, query) + if err != nil { + return nil, err + } + outputNamespaces = append(outputNamespaces, *namespace) + } + return outputNamespaces, nil +} + +func createNamespace(settings string) (*HostComputeNamespace, error) { + // Create new namespace. + var ( + namespaceHandle hcnNamespace + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + namespaceGuid := guid.GUID{} + hr := hcnCreateNamespace(&namespaceGuid, settings, &namespaceHandle, &resultBuffer) + if err := checkForErrors("hcnCreateNamespace", hr, resultBuffer); err != nil { + return nil, err + } + // Query namespace. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + hr = hcnQueryNamespaceProperties(namespaceHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryNamespaceProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close namespace. + hr = hcnCloseNamespace(namespaceHandle) + if err := checkForErrors("hcnCloseNamespace", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeNamespace + var outputNamespace HostComputeNamespace + if err := json.Unmarshal([]byte(properties), &outputNamespace); err != nil { + return nil, err + } + return &outputNamespace, nil +} + +func modifyNamespace(namespaceId string, settings string) (*HostComputeNamespace, error) { + namespaceGuid := guid.FromString(namespaceId) + // Open namespace. + var ( + namespaceHandle hcnNamespace + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenNamespace(&namespaceGuid, &namespaceHandle, &resultBuffer) + if err := checkForErrors("hcnOpenNamespace", hr, resultBuffer); err != nil { + return nil, err + } + // Modify namespace. + hr = hcnModifyNamespace(namespaceHandle, settings, &resultBuffer) + if err := checkForErrors("hcnModifyNamespace", hr, resultBuffer); err != nil { + return nil, err + } + // Query namespace. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + hr = hcnQueryNamespaceProperties(namespaceHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryNamespaceProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close namespace. + hr = hcnCloseNamespace(namespaceHandle) + if err := checkForErrors("hcnCloseNamespace", hr, nil); err != nil { + return nil, err + } + // Convert output to Namespace + var outputNamespace HostComputeNamespace + if err := json.Unmarshal([]byte(properties), &outputNamespace); err != nil { + return nil, err + } + return &outputNamespace, nil +} + +func deleteNamespace(namespaceId string) error { + namespaceGuid := guid.FromString(namespaceId) + var resultBuffer *uint16 + hr := hcnDeleteNamespace(&namespaceGuid, &resultBuffer) + if err := checkForErrors("hcnDeleteNamespace", hr, resultBuffer); err != nil { + return err + } + return nil +} + +// ListNamespaces makes a call to list all available namespaces. +func ListNamespaces() ([]HostComputeNamespace, error) { + hcnQuery := defaultQuery() + namespaces, err := ListNamespacesQuery(hcnQuery) + if err != nil { + return nil, err + } + return namespaces, nil +} + +// ListNamespacesQuery makes a call to query the list of available namespaces. +func ListNamespacesQuery(query HostComputeQuery) ([]HostComputeNamespace, error) { + queryJson, err := json.Marshal(query) + if err != nil { + return nil, err + } + + namespaces, err := enumerateNamespaces(string(queryJson)) + if err != nil { + return nil, err + } + return namespaces, nil +} + +// GetNamespaceByID returns the Namespace specified by Id. +func GetNamespaceByID(namespaceId string) (*HostComputeNamespace, error) { + return getNamespace(guid.FromString(namespaceId), defaultQueryJson()) +} + +// GetNamespaceEndpointIds returns the endpoints of the Namespace specified by Id. +func GetNamespaceEndpointIds(namespaceId string) ([]string, error) { + namespace, err := GetNamespaceByID(namespaceId) + if err != nil { + return nil, err + } + var endpointsIds []string + for _, resource := range namespace.Resources { + if resource.Type == "Endpoint" { + var endpointResource NamespaceResourceEndpoint + if err := json.Unmarshal([]byte(resource.Data), &endpointResource); err != nil { + return nil, err + } + endpointsIds = append(endpointsIds, endpointResource.Id) + } + } + return endpointsIds, nil +} + +// GetNamespaceContainerIds returns the containers of the Namespace specified by Id. +func GetNamespaceContainerIds(namespaceId string) ([]string, error) { + namespace, err := GetNamespaceByID(namespaceId) + if err != nil { + return nil, err + } + var containerIds []string + for _, resource := range namespace.Resources { + if resource.Type == "Container" { + var contaienrResource NamespaceResourceContainer + if err := json.Unmarshal([]byte(resource.Data), &contaienrResource); err != nil { + return nil, err + } + containerIds = append(containerIds, contaienrResource.Id) + } + } + return containerIds, nil +} + +// NewNamespace creates a new Namespace object +func NewNamespace(nsType NamespaceType) *HostComputeNamespace { + return &HostComputeNamespace{ + Type: nsType, + SchemaVersion: V2SchemaVersion(), + } +} + +// Create Namespace. +func (namespace *HostComputeNamespace) Create() (*HostComputeNamespace, error) { + logrus.Debugf("hcn::HostComputeNamespace::Create id=%s", namespace.Id) + + jsonString, err := json.Marshal(namespace) + if err != nil { + return nil, err + } + + logrus.Debugf("hcn::HostComputeNamespace::Create JSON: %s", jsonString) + namespace, hcnErr := createNamespace(string(jsonString)) + if hcnErr != nil { + return nil, hcnErr + } + return namespace, nil +} + +// Delete Namespace. +func (namespace *HostComputeNamespace) Delete() error { + logrus.Debugf("hcn::HostComputeNamespace::Delete id=%s", namespace.Id) + + if err := deleteNamespace(namespace.Id); err != nil { + return err + } + return nil +} + +// Sync Namespace endpoints with the appropriate sandbox container holding the +// network namespace open. If no sandbox container is found for this namespace +// this method is determined to be a success and will not return an error in +// this case. If the sandbox container is found and a sync is initiated any +// failures will be returned via this method. +// +// This call initiates a sync between endpoints and the matching UtilityVM +// hosting those endpoints. It is safe to call for any `NamespaceType` but +// `NamespaceTypeGuest` is the only case when a sync will actually occur. For +// `NamespaceTypeHost` the process container will be automatically synchronized +// when the the endpoint is added via `AddNamespaceEndpoint`. +// +// Note: This method sync's both additions and removals of endpoints from a +// `NamespaceTypeGuest` namespace. +func (namespace *HostComputeNamespace) Sync() error { + logrus.WithField("id", namespace.Id).Debugf("hcs::HostComputeNamespace::Sync") + + // We only attempt a sync for namespace guest. + if namespace.Type != NamespaceTypeGuest { + return nil + } + + // Look in the registry for the key to map from namespace id to pod-id + cfg, err := icni.LoadPersistedNamespaceConfig(namespace.Id) + if err != nil { + if regstate.IsNotFoundError(err) { + return nil + } + return err + } + req := runhcs.VMRequest{ + ID: cfg.ContainerID, + Op: runhcs.OpSyncNamespace, + } + shimPath := runhcs.VMPipePath(cfg.HostUniqueID) + if err := runhcs.IssueVMRequest(shimPath, &req); err != nil { + // The shim is likey gone. Simply ignore the sync as if it didn't exist. + if perr, ok := err.(*os.PathError); ok && perr.Err == syscall.ERROR_FILE_NOT_FOUND { + // Remove the reg key there is no point to try again + cfg.Remove() + return nil + } + f := map[string]interface{}{ + "id": namespace.Id, + "container-id": cfg.ContainerID, + } + logrus.WithFields(f). + WithError(err). + Debugf("hcs::HostComputeNamespace::Sync failed to connect to shim pipe: '%s'", shimPath) + return err + } + return nil +} + +// ModifyNamespaceSettings updates the Endpoints/Containers of a Namespace. +func ModifyNamespaceSettings(namespaceId string, request *ModifyNamespaceSettingRequest) error { + logrus.Debugf("hcn::HostComputeNamespace::ModifyNamespaceSettings id=%s", namespaceId) + + namespaceSettings, err := json.Marshal(request) + if err != nil { + return err + } + + _, err = modifyNamespace(namespaceId, string(namespaceSettings)) + if err != nil { + return err + } + return nil +} + +// AddNamespaceEndpoint adds an endpoint to a Namespace. +func AddNamespaceEndpoint(namespaceId string, endpointId string) error { + logrus.Debugf("hcn::HostComputeEndpoint::AddNamespaceEndpoint id=%s", endpointId) + + mapA := map[string]string{"EndpointId": endpointId} + settingsJson, err := json.Marshal(mapA) + if err != nil { + return err + } + requestMessage := &ModifyNamespaceSettingRequest{ + ResourceType: NamespaceResourceTypeEndpoint, + RequestType: RequestTypeAdd, + Settings: settingsJson, + } + + return ModifyNamespaceSettings(namespaceId, requestMessage) +} + +// RemoveNamespaceEndpoint removes an endpoint from a Namespace. +func RemoveNamespaceEndpoint(namespaceId string, endpointId string) error { + logrus.Debugf("hcn::HostComputeNamespace::RemoveNamespaceEndpoint id=%s", endpointId) + + mapA := map[string]string{"EndpointId": endpointId} + settingsJson, err := json.Marshal(mapA) + if err != nil { + return err + } + requestMessage := &ModifyNamespaceSettingRequest{ + ResourceType: NamespaceResourceTypeEndpoint, + RequestType: RequestTypeRemove, + Settings: settingsJson, + } + + return ModifyNamespaceSettings(namespaceId, requestMessage) +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnnetwork.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnnetwork.go new file mode 100644 index 00000000000..6a39666704c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnnetwork.go @@ -0,0 +1,409 @@ +package hcn + +import ( + "encoding/json" + + "github.com/Microsoft/hcsshim/internal/guid" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/sirupsen/logrus" +) + +// Route is assoicated with a subnet. +type Route struct { + NextHop string `json:",omitempty"` + DestinationPrefix string `json:",omitempty"` + Metric uint16 `json:",omitempty"` +} + +// Subnet is assoicated with a Ipam. +type Subnet struct { + IpAddressPrefix string `json:",omitempty"` + Policies []json.RawMessage `json:",omitempty"` + Routes []Route `json:",omitempty"` +} + +// Ipam (Internet Protocol Addres Management) is assoicated with a network +// and represents the address space(s) of a network. +type Ipam struct { + Type string `json:",omitempty"` // Ex: Static, DHCP + Subnets []Subnet `json:",omitempty"` +} + +// MacRange is associated with MacPool and respresents the start and end addresses. +type MacRange struct { + StartMacAddress string `json:",omitempty"` + EndMacAddress string `json:",omitempty"` +} + +// MacPool is assoicated with a network and represents pool of MacRanges. +type MacPool struct { + Ranges []MacRange `json:",omitempty"` +} + +// Dns (Domain Name System is associated with a network. +type Dns struct { + Domain string `json:",omitempty"` + Search []string `json:",omitempty"` + ServerList []string `json:",omitempty"` + Options []string `json:",omitempty"` +} + +// NetworkType are various networks. +type NetworkType string + +// NetworkType const +const ( + NAT NetworkType = "NAT" + Transparent NetworkType = "Transparent" + L2Bridge NetworkType = "L2Bridge" + L2Tunnel NetworkType = "L2Tunnel" + ICS NetworkType = "ICS" + Private NetworkType = "Private" + Overlay NetworkType = "Overlay" +) + +// HostComputeNetwork represents a network +type HostComputeNetwork struct { + Id string `json:"ID,omitempty"` + Name string `json:",omitempty"` + Type NetworkType `json:",omitempty"` + Policies []NetworkPolicy `json:",omitempty"` + MacPool MacPool `json:",omitempty"` + Dns Dns `json:",omitempty"` + Ipams []Ipam `json:",omitempty"` + Flags uint32 `json:",omitempty"` // 0: None + SchemaVersion SchemaVersion `json:",omitempty"` +} + +// NetworkResourceType are the 3 different Network settings resources. +type NetworkResourceType string + +var ( + // NetworkResourceTypePolicy is for Network's policies. Ex: RemoteSubnet + NetworkResourceTypePolicy NetworkResourceType = "Policy" + // NetworkResourceTypeDNS is for Network's DNS settings. + NetworkResourceTypeDNS NetworkResourceType = "DNS" + // NetworkResourceTypeExtension is for Network's extension settings. + NetworkResourceTypeExtension NetworkResourceType = "Extension" +) + +// ModifyNetworkSettingRequest is the structure used to send request to modify an network. +// Used to update DNS/extension/policy on an network. +type ModifyNetworkSettingRequest struct { + ResourceType NetworkResourceType `json:",omitempty"` // Policy, DNS, Extension + RequestType RequestType `json:",omitempty"` // Add, Remove, Update, Refresh + Settings json.RawMessage `json:",omitempty"` +} + +type PolicyNetworkRequest struct { + Policies []NetworkPolicy `json:",omitempty"` +} + +func getNetwork(networkGuid guid.GUID, query string) (*HostComputeNetwork, error) { + // Open network. + var ( + networkHandle hcnNetwork + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenNetwork(&networkGuid, &networkHandle, &resultBuffer) + if err := checkForErrors("hcnOpenNetwork", hr, resultBuffer); err != nil { + return nil, err + } + // Query network. + hr = hcnQueryNetworkProperties(networkHandle, query, &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryNetworkProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close network. + hr = hcnCloseNetwork(networkHandle) + if err := checkForErrors("hcnCloseNetwork", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeNetwork + var outputNetwork HostComputeNetwork + if err := json.Unmarshal([]byte(properties), &outputNetwork); err != nil { + return nil, err + } + return &outputNetwork, nil +} + +func enumerateNetworks(query string) ([]HostComputeNetwork, error) { + // Enumerate all Network Guids + var ( + resultBuffer *uint16 + networkBuffer *uint16 + ) + hr := hcnEnumerateNetworks(query, &networkBuffer, &resultBuffer) + if err := checkForErrors("hcnEnumerateNetworks", hr, resultBuffer); err != nil { + return nil, err + } + + networks := interop.ConvertAndFreeCoTaskMemString(networkBuffer) + var networkIds []guid.GUID + if err := json.Unmarshal([]byte(networks), &networkIds); err != nil { + return nil, err + } + + var outputNetworks []HostComputeNetwork + for _, networkGuid := range networkIds { + network, err := getNetwork(networkGuid, query) + if err != nil { + return nil, err + } + outputNetworks = append(outputNetworks, *network) + } + return outputNetworks, nil +} + +func createNetwork(settings string) (*HostComputeNetwork, error) { + // Create new network. + var ( + networkHandle hcnNetwork + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + networkGuid := guid.GUID{} + hr := hcnCreateNetwork(&networkGuid, settings, &networkHandle, &resultBuffer) + if err := checkForErrors("hcnCreateNetwork", hr, resultBuffer); err != nil { + return nil, err + } + // Query network. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + hr = hcnQueryNetworkProperties(networkHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryNetworkProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close network. + hr = hcnCloseNetwork(networkHandle) + if err := checkForErrors("hcnCloseNetwork", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeNetwork + var outputNetwork HostComputeNetwork + if err := json.Unmarshal([]byte(properties), &outputNetwork); err != nil { + return nil, err + } + return &outputNetwork, nil +} + +func modifyNetwork(networkId string, settings string) (*HostComputeNetwork, error) { + networkGuid := guid.FromString(networkId) + // Open Network + var ( + networkHandle hcnNetwork + resultBuffer *uint16 + propertiesBuffer *uint16 + ) + hr := hcnOpenNetwork(&networkGuid, &networkHandle, &resultBuffer) + if err := checkForErrors("hcnOpenNetwork", hr, resultBuffer); err != nil { + return nil, err + } + // Modify Network + hr = hcnModifyNetwork(networkHandle, settings, &resultBuffer) + if err := checkForErrors("hcnModifyNetwork", hr, resultBuffer); err != nil { + return nil, err + } + // Query network. + hcnQuery := defaultQuery() + query, err := json.Marshal(hcnQuery) + if err != nil { + return nil, err + } + hr = hcnQueryNetworkProperties(networkHandle, string(query), &propertiesBuffer, &resultBuffer) + if err := checkForErrors("hcnQueryNetworkProperties", hr, resultBuffer); err != nil { + return nil, err + } + properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer) + // Close network. + hr = hcnCloseNetwork(networkHandle) + if err := checkForErrors("hcnCloseNetwork", hr, nil); err != nil { + return nil, err + } + // Convert output to HostComputeNetwork + var outputNetwork HostComputeNetwork + if err := json.Unmarshal([]byte(properties), &outputNetwork); err != nil { + return nil, err + } + return &outputNetwork, nil +} + +func deleteNetwork(networkId string) error { + networkGuid := guid.FromString(networkId) + var resultBuffer *uint16 + hr := hcnDeleteNetwork(&networkGuid, &resultBuffer) + if err := checkForErrors("hcnDeleteNetwork", hr, resultBuffer); err != nil { + return err + } + return nil +} + +// ListNetworks makes a call to list all available networks. +func ListNetworks() ([]HostComputeNetwork, error) { + hcnQuery := defaultQuery() + networks, err := ListNetworksQuery(hcnQuery) + if err != nil { + return nil, err + } + return networks, nil +} + +// ListNetworksQuery makes a call to query the list of available networks. +func ListNetworksQuery(query HostComputeQuery) ([]HostComputeNetwork, error) { + queryJson, err := json.Marshal(query) + if err != nil { + return nil, err + } + + networks, err := enumerateNetworks(string(queryJson)) + if err != nil { + return nil, err + } + return networks, nil +} + +// GetNetworkByID returns the network specified by Id. +func GetNetworkByID(networkID string) (*HostComputeNetwork, error) { + hcnQuery := defaultQuery() + mapA := map[string]string{"ID": networkID} + filter, err := json.Marshal(mapA) + if err != nil { + return nil, err + } + hcnQuery.Filter = string(filter) + + networks, err := ListNetworksQuery(hcnQuery) + if err != nil { + return nil, err + } + if len(networks) == 0 { + return nil, NetworkNotFoundError{NetworkID: networkID} + } + return &networks[0], err +} + +// GetNetworkByName returns the network specified by Name. +func GetNetworkByName(networkName string) (*HostComputeNetwork, error) { + hcnQuery := defaultQuery() + mapA := map[string]string{"Name": networkName} + filter, err := json.Marshal(mapA) + if err != nil { + return nil, err + } + hcnQuery.Filter = string(filter) + + networks, err := ListNetworksQuery(hcnQuery) + if err != nil { + return nil, err + } + if len(networks) == 0 { + return nil, NetworkNotFoundError{NetworkName: networkName} + } + return &networks[0], err +} + +// Create Network. +func (network *HostComputeNetwork) Create() (*HostComputeNetwork, error) { + logrus.Debugf("hcn::HostComputeNetwork::Create id=%s", network.Id) + + jsonString, err := json.Marshal(network) + if err != nil { + return nil, err + } + + logrus.Debugf("hcn::HostComputeNetwork::Create JSON: %s", jsonString) + network, hcnErr := createNetwork(string(jsonString)) + if hcnErr != nil { + return nil, hcnErr + } + return network, nil +} + +// Delete Network. +func (network *HostComputeNetwork) Delete() error { + logrus.Debugf("hcn::HostComputeNetwork::Delete id=%s", network.Id) + + if err := deleteNetwork(network.Id); err != nil { + return err + } + return nil +} + +// ModifyNetworkSettings updates the Policy for a network. +func (network *HostComputeNetwork) ModifyNetworkSettings(request *ModifyNetworkSettingRequest) error { + logrus.Debugf("hcn::HostComputeNetwork::ModifyNetworkSettings id=%s", network.Id) + + networkSettingsRequest, err := json.Marshal(request) + if err != nil { + return err + } + + _, err = modifyNetwork(network.Id, string(networkSettingsRequest)) + if err != nil { + return err + } + return nil +} + +// AddPolicy applies a Policy (ex: RemoteSubnet) on the Network. +func (network *HostComputeNetwork) AddPolicy(networkPolicy PolicyNetworkRequest) error { + logrus.Debugf("hcn::HostComputeNetwork::AddPolicy id=%s", network.Id) + + settingsJson, err := json.Marshal(networkPolicy) + if err != nil { + return err + } + requestMessage := &ModifyNetworkSettingRequest{ + ResourceType: NetworkResourceTypePolicy, + RequestType: RequestTypeAdd, + Settings: settingsJson, + } + + return network.ModifyNetworkSettings(requestMessage) +} + +// RemovePolicy removes a Policy (ex: RemoteSubnet) from the Network. +func (network *HostComputeNetwork) RemovePolicy(networkPolicy PolicyNetworkRequest) error { + logrus.Debugf("hcn::HostComputeNetwork::RemovePolicy id=%s", network.Id) + + settingsJson, err := json.Marshal(networkPolicy) + if err != nil { + return err + } + requestMessage := &ModifyNetworkSettingRequest{ + ResourceType: NetworkResourceTypePolicy, + RequestType: RequestTypeRemove, + Settings: settingsJson, + } + + return network.ModifyNetworkSettings(requestMessage) +} + +// CreateEndpoint creates an endpoint on the Network. +func (network *HostComputeNetwork) CreateEndpoint(endpoint *HostComputeEndpoint) (*HostComputeEndpoint, error) { + isRemote := endpoint.Flags&EndpointFlagsRemoteEndpoint != 0 + logrus.Debugf("hcn::HostComputeNetwork::CreatEndpoint, networkId=%s remote=%t", network.Id, isRemote) + + endpoint.HostComputeNetwork = network.Id + endpointSettings, err := json.Marshal(endpoint) + if err != nil { + return nil, err + } + newEndpoint, err := createEndpoint(network.Id, string(endpointSettings)) + if err != nil { + return nil, err + } + return newEndpoint, nil +} + +// CreateRemoteEndpoint creates a remote endpoint on the Network. +func (network *HostComputeNetwork) CreateRemoteEndpoint(endpoint *HostComputeEndpoint) (*HostComputeEndpoint, error) { + endpoint.Flags = EndpointFlagsRemoteEndpoint | endpoint.Flags + return network.CreateEndpoint(endpoint) +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnpolicy.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnpolicy.go new file mode 100644 index 00000000000..70442e191b2 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnpolicy.go @@ -0,0 +1,216 @@ +package hcn + +import "encoding/json" + +// EndpointPolicyType are the potential Policies that apply to Endpoints. +type EndpointPolicyType string + +// EndpointPolicyType const +const ( + PortMapping EndpointPolicyType = "PortMapping" + ACL EndpointPolicyType = "ACL" + QOS EndpointPolicyType = "QOS" + L2Driver EndpointPolicyType = "L2Driver" + OutBoundNAT EndpointPolicyType = "OutBoundNAT" + SDNRoute EndpointPolicyType = "SDNRoute" + L4Proxy EndpointPolicyType = "L4Proxy" + PortName EndpointPolicyType = "PortName" + EncapOverhead EndpointPolicyType = "EncapOverhead" + // Endpoint and Network have InterfaceConstraint and ProviderAddress + NetworkProviderAddress EndpointPolicyType = "ProviderAddress" + NetworkInterfaceConstraint EndpointPolicyType = "InterfaceConstraint" +) + +// EndpointPolicy is a collection of Policy settings for an Endpoint. +type EndpointPolicy struct { + Type EndpointPolicyType `json:""` + Settings json.RawMessage `json:",omitempty"` +} + +// NetworkPolicyType are the potential Policies that apply to Networks. +type NetworkPolicyType string + +// NetworkPolicyType const +const ( + SourceMacAddress NetworkPolicyType = "SourceMacAddress" + NetAdapterName NetworkPolicyType = "NetAdapterName" + VSwitchExtension NetworkPolicyType = "VSwitchExtension" + DrMacAddress NetworkPolicyType = "DrMacAddress" + AutomaticDNS NetworkPolicyType = "AutomaticDNS" + InterfaceConstraint NetworkPolicyType = "InterfaceConstraint" + ProviderAddress NetworkPolicyType = "ProviderAddress" + RemoteSubnetRoute NetworkPolicyType = "RemoteSubnetRoute" +) + +// NetworkPolicy is a collection of Policy settings for a Network. +type NetworkPolicy struct { + Type NetworkPolicyType `json:""` + Settings json.RawMessage `json:",omitempty"` +} + +// SubnetPolicyType are the potential Policies that apply to Subnets. +type SubnetPolicyType string + +// SubnetPolicyType const +const ( + VLAN SubnetPolicyType = "VLAN" + VSID SubnetPolicyType = "VSID" +) + +// SubnetPolicy is a collection of Policy settings for a Subnet. +type SubnetPolicy struct { + Type SubnetPolicyType `json:""` + Settings json.RawMessage `json:",omitempty"` +} + +/// Endpoint Policy objects + +// PortMappingPolicySetting defines Port Mapping (NAT) +type PortMappingPolicySetting struct { + Protocol uint32 `json:",omitempty"` // EX: TCP = 6, UDP = 17 + InternalPort uint16 `json:",omitempty"` + ExternalPort uint16 `json:",omitempty"` + VIP string `json:",omitempty"` +} + +// ActionType associated with ACLs. Value is either Allow or Block. +type ActionType string + +// DirectionType associated with ACLs. Value is either In or Out. +type DirectionType string + +// RuleType associated with ACLs. Value is either Host (WFP) or Switch (VFP). +type RuleType string + +const ( + // Allow traffic + ActionTypeAllow ActionType = "Allow" + // Block traffic + ActionTypeBlock ActionType = "Block" + + // In is traffic coming to the Endpoint + DirectionTypeIn DirectionType = "In" + // Out is traffic leaving the Endpoint + DirectionTypeOut DirectionType = "Out" + + // Host creates WFP (Windows Firewall) rules + RuleTypeHost RuleType = "Host" + // Switch creates VFP (Virtual Filter Platform) rules + RuleTypeSwitch RuleType = "Switch" +) + +// AclPolicySetting creates firewall rules on an endpoint +type AclPolicySetting struct { + Protocols string `json:",omitempty"` // EX: 6 (TCP), 17 (UDP), 1 (ICMPv4), 58 (ICMPv6), 2 (IGMP) + Action ActionType `json:","` + Direction DirectionType `json:","` + LocalAddresses string `json:",omitempty"` + RemoteAddresses string `json:",omitempty"` + LocalPorts string `json:",omitempty"` + RemotePorts string `json:",omitempty"` + RuleType RuleType `json:",omitempty"` + Priority uint16 `json:",omitempty"` +} + +// QosPolicySetting sets Quality of Service bandwidth caps on an Endpoint. +type QosPolicySetting struct { + MaximumOutgoingBandwidthInBytes uint64 +} + +// OutboundNatPolicySetting sets outbound Network Address Translation on an Endpoint. +type OutboundNatPolicySetting struct { + VirtualIP string `json:",omitempty"` + Exceptions []string `json:",omitempty"` +} + +// SDNRoutePolicySetting sets SDN Route on an Endpoint. +type SDNRoutePolicySetting struct { + DestinationPrefix string `json:",omitempty"` + NextHop string `json:",omitempty"` + NeedEncap bool `json:",omitempty"` +} + +// L4ProxyPolicySetting sets Layer-4 Proxy on an endpoint. +type L4ProxyPolicySetting struct { + IP string `json:",omitempty"` + Port string `json:",omitempty"` + Protocol uint32 `json:",omitempty"` // EX: TCP = 6, UDP = 17 + ExceptionList []string `json:",omitempty"` + Destination string `json:","` + OutboundNat bool `json:",omitempty"` +} + +// PortnameEndpointPolicySetting sets the port name for an endpoint. +type PortnameEndpointPolicySetting struct { + Name string `json:",omitempty"` +} + +// EncapOverheadEndpointPolicySetting sets the encap overhead for an endpoint. +type EncapOverheadEndpointPolicySetting struct { + Overhead uint16 `json:",omitempty"` +} + +/// Endpoint and Network Policy objects + +// ProviderAddressEndpointPolicySetting sets the PA for an endpoint. +type ProviderAddressEndpointPolicySetting struct { + ProviderAddress string `json:",omitempty"` +} + +// InterfaceConstraintPolicySetting limits an Endpoint or Network to a specific Nic. +type InterfaceConstraintPolicySetting struct { + InterfaceGuid string `json:",omitempty"` + InterfaceLuid uint64 `json:",omitempty"` + InterfaceIndex uint32 `json:",omitempty"` + InterfaceMediaType uint32 `json:",omitempty"` + InterfaceAlias string `json:",omitempty"` + InterfaceDescription string `json:",omitempty"` +} + +/// Network Policy objects + +// SourceMacAddressNetworkPolicySetting sets source MAC for a network. +type SourceMacAddressNetworkPolicySetting struct { + SourceMacAddress string `json:",omitempty"` +} + +// NetAdapterNameNetworkPolicySetting sets network adapter of a network. +type NetAdapterNameNetworkPolicySetting struct { + NetworkAdapterName string `json:",omitempty"` +} + +// VSwitchExtensionNetworkPolicySetting enables/disabled VSwitch extensions for a network. +type VSwitchExtensionNetworkPolicySetting struct { + ExtensionID string `json:",omitempty"` + Enable bool `json:",omitempty"` +} + +// DrMacAddressNetworkPolicySetting sets the DR MAC for a network. +type DrMacAddressNetworkPolicySetting struct { + Address string `json:",omitempty"` +} + +// AutomaticDNSNetworkPolicySetting enables/disables automatic DNS on a network. +type AutomaticDNSNetworkPolicySetting struct { + Enable bool `json:",omitempty"` +} + +/// Subnet Policy objects + +// VlanPolicySetting isolates a subnet with VLAN tagging. +type VlanPolicySetting struct { + IsolationId uint32 `json:","` +} + +// VsidPolicySetting isolates a subnet with VSID tagging. +type VsidPolicySetting struct { + IsolationId uint32 `json:","` +} + +// RemoteSubnetRoutePolicySetting creates remote subnet route rules on a network +type RemoteSubnetRoutePolicySetting struct { + DestinationPrefix string + IsolationId uint16 + ProviderAddress string + DistributedRouterMacAddress string +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnsupport.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnsupport.go new file mode 100644 index 00000000000..23acd716a8b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnsupport.go @@ -0,0 +1,69 @@ +package hcn + +import ( + "github.com/sirupsen/logrus" +) + +// SupportedFeatures are the features provided by the Service. +type SupportedFeatures struct { + Acl AclFeatures `json:"ACL"` + Api ApiSupport `json:"API"` + RemoteSubnet bool `json:"RemoteSubnet"` + DSR bool `json:"DSR"` +} + +// AclFeatures are the supported ACL possibilities. +type AclFeatures struct { + AclAddressLists bool `json:"AclAddressLists"` + AclNoHostRulePriority bool `json:"AclHostRulePriority"` + AclPortRanges bool `json:"AclPortRanges"` + AclRuleId bool `json:"AclRuleId"` +} + +// ApiSupport lists the supported API versions. +type ApiSupport struct { + V1 bool `json:"V1"` + V2 bool `json:"V2"` +} + +// GetSupportedFeatures returns the features supported by the Service. +func GetSupportedFeatures() SupportedFeatures { + var features SupportedFeatures + + globals, err := GetGlobals() + if err != nil { + // Expected on pre-1803 builds, all features will be false/unsupported + logrus.Debugf("Unable to obtain globals: %s", err) + return features + } + + features.Acl = AclFeatures{ + AclAddressLists: isFeatureSupported(globals.Version, HNSVersion1803), + AclNoHostRulePriority: isFeatureSupported(globals.Version, HNSVersion1803), + AclPortRanges: isFeatureSupported(globals.Version, HNSVersion1803), + AclRuleId: isFeatureSupported(globals.Version, HNSVersion1803), + } + + features.Api = ApiSupport{ + V2: isFeatureSupported(globals.Version, V2ApiSupport), + V1: true, // HNSCall is still available. + } + + features.RemoteSubnet = isFeatureSupported(globals.Version, RemoteSubnetVersion) + features.DSR = isFeatureSupported(globals.Version, DSRVersion) + + return features +} + +func isFeatureSupported(currentVersion Version, minVersionSupported Version) bool { + if currentVersion.Major < minVersionSupported.Major { + return false + } + if currentVersion.Major > minVersionSupported.Major { + return true + } + if currentVersion.Minor < minVersionSupported.Minor { + return false + } + return true +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/hcn/zsyscall_windows.go new file mode 100644 index 00000000000..856b2c1408c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hcn/zsyscall_windows.go @@ -0,0 +1,714 @@ +// Code generated mksyscall_windows.exe DO NOT EDIT + +package hcn + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modiphlpapi = windows.NewLazySystemDLL("iphlpapi.dll") + modvmcompute = windows.NewLazySystemDLL("vmcompute.dll") + modcomputenetwork = windows.NewLazySystemDLL("computenetwork.dll") + + procSetCurrentThreadCompartmentId = modiphlpapi.NewProc("SetCurrentThreadCompartmentId") + procHNSCall = modvmcompute.NewProc("HNSCall") + procHcnEnumerateNetworks = modcomputenetwork.NewProc("HcnEnumerateNetworks") + procHcnCreateNetwork = modcomputenetwork.NewProc("HcnCreateNetwork") + procHcnOpenNetwork = modcomputenetwork.NewProc("HcnOpenNetwork") + procHcnModifyNetwork = modcomputenetwork.NewProc("HcnModifyNetwork") + procHcnQueryNetworkProperties = modcomputenetwork.NewProc("HcnQueryNetworkProperties") + procHcnDeleteNetwork = modcomputenetwork.NewProc("HcnDeleteNetwork") + procHcnCloseNetwork = modcomputenetwork.NewProc("HcnCloseNetwork") + procHcnEnumerateEndpoints = modcomputenetwork.NewProc("HcnEnumerateEndpoints") + procHcnCreateEndpoint = modcomputenetwork.NewProc("HcnCreateEndpoint") + procHcnOpenEndpoint = modcomputenetwork.NewProc("HcnOpenEndpoint") + procHcnModifyEndpoint = modcomputenetwork.NewProc("HcnModifyEndpoint") + procHcnQueryEndpointProperties = modcomputenetwork.NewProc("HcnQueryEndpointProperties") + procHcnDeleteEndpoint = modcomputenetwork.NewProc("HcnDeleteEndpoint") + procHcnCloseEndpoint = modcomputenetwork.NewProc("HcnCloseEndpoint") + procHcnEnumerateNamespaces = modcomputenetwork.NewProc("HcnEnumerateNamespaces") + procHcnCreateNamespace = modcomputenetwork.NewProc("HcnCreateNamespace") + procHcnOpenNamespace = modcomputenetwork.NewProc("HcnOpenNamespace") + procHcnModifyNamespace = modcomputenetwork.NewProc("HcnModifyNamespace") + procHcnQueryNamespaceProperties = modcomputenetwork.NewProc("HcnQueryNamespaceProperties") + procHcnDeleteNamespace = modcomputenetwork.NewProc("HcnDeleteNamespace") + procHcnCloseNamespace = modcomputenetwork.NewProc("HcnCloseNamespace") + procHcnEnumerateLoadBalancers = modcomputenetwork.NewProc("HcnEnumerateLoadBalancers") + procHcnCreateLoadBalancer = modcomputenetwork.NewProc("HcnCreateLoadBalancer") + procHcnOpenLoadBalancer = modcomputenetwork.NewProc("HcnOpenLoadBalancer") + procHcnModifyLoadBalancer = modcomputenetwork.NewProc("HcnModifyLoadBalancer") + procHcnQueryLoadBalancerProperties = modcomputenetwork.NewProc("HcnQueryLoadBalancerProperties") + procHcnDeleteLoadBalancer = modcomputenetwork.NewProc("HcnDeleteLoadBalancer") + procHcnCloseLoadBalancer = modcomputenetwork.NewProc("HcnCloseLoadBalancer") + procHcnOpenService = modcomputenetwork.NewProc("HcnOpenService") + procHcnRegisterServiceCallback = modcomputenetwork.NewProc("HcnRegisterServiceCallback") + procHcnUnregisterServiceCallback = modcomputenetwork.NewProc("HcnUnregisterServiceCallback") + procHcnCloseService = modcomputenetwork.NewProc("HcnCloseService") +) + +func SetCurrentThreadCompartmentId(compartmentId uint32) (hr error) { + r0, _, _ := syscall.Syscall(procSetCurrentThreadCompartmentId.Addr(), 1, uintptr(compartmentId), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func _hnsCall(method string, path string, object string, response **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(method) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(path) + if hr != nil { + return + } + var _p2 *uint16 + _p2, hr = syscall.UTF16PtrFromString(object) + if hr != nil { + return + } + return __hnsCall(_p0, _p1, _p2, response) +} + +func __hnsCall(method *uint16, path *uint16, object *uint16, response **uint16) (hr error) { + if hr = procHNSCall.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHNSCall.Addr(), 4, uintptr(unsafe.Pointer(method)), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(object)), uintptr(unsafe.Pointer(response)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnEnumerateNetworks(query string, networks **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnEnumerateNetworks(_p0, networks, result) +} + +func _hcnEnumerateNetworks(query *uint16, networks **uint16, result **uint16) (hr error) { + if hr = procHcnEnumerateNetworks.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnEnumerateNetworks.Addr(), 3, uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(networks)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCreateNetwork(id *_guid, settings string, network *hcnNetwork, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnCreateNetwork(id, _p0, network, result) +} + +func _hcnCreateNetwork(id *_guid, settings *uint16, network *hcnNetwork, result **uint16) (hr error) { + if hr = procHcnCreateNetwork.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnCreateNetwork.Addr(), 4, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(network)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnOpenNetwork(id *_guid, network *hcnNetwork, result **uint16) (hr error) { + if hr = procHcnOpenNetwork.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnOpenNetwork.Addr(), 3, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(network)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnModifyNetwork(network hcnNetwork, settings string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnModifyNetwork(network, _p0, result) +} + +func _hcnModifyNetwork(network hcnNetwork, settings *uint16, result **uint16) (hr error) { + if hr = procHcnModifyNetwork.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnModifyNetwork.Addr(), 3, uintptr(network), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnQueryNetworkProperties(network hcnNetwork, query string, properties **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnQueryNetworkProperties(network, _p0, properties, result) +} + +func _hcnQueryNetworkProperties(network hcnNetwork, query *uint16, properties **uint16, result **uint16) (hr error) { + if hr = procHcnQueryNetworkProperties.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnQueryNetworkProperties.Addr(), 4, uintptr(network), uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnDeleteNetwork(id *_guid, result **uint16) (hr error) { + if hr = procHcnDeleteNetwork.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnDeleteNetwork.Addr(), 2, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCloseNetwork(network hcnNetwork) (hr error) { + if hr = procHcnCloseNetwork.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnCloseNetwork.Addr(), 1, uintptr(network), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnEnumerateEndpoints(query string, endpoints **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnEnumerateEndpoints(_p0, endpoints, result) +} + +func _hcnEnumerateEndpoints(query *uint16, endpoints **uint16, result **uint16) (hr error) { + if hr = procHcnEnumerateEndpoints.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnEnumerateEndpoints.Addr(), 3, uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(endpoints)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCreateEndpoint(network hcnNetwork, id *_guid, settings string, endpoint *hcnEndpoint, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnCreateEndpoint(network, id, _p0, endpoint, result) +} + +func _hcnCreateEndpoint(network hcnNetwork, id *_guid, settings *uint16, endpoint *hcnEndpoint, result **uint16) (hr error) { + if hr = procHcnCreateEndpoint.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnCreateEndpoint.Addr(), 5, uintptr(network), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(endpoint)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnOpenEndpoint(id *_guid, endpoint *hcnEndpoint, result **uint16) (hr error) { + if hr = procHcnOpenEndpoint.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnOpenEndpoint.Addr(), 3, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(endpoint)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnModifyEndpoint(endpoint hcnEndpoint, settings string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnModifyEndpoint(endpoint, _p0, result) +} + +func _hcnModifyEndpoint(endpoint hcnEndpoint, settings *uint16, result **uint16) (hr error) { + if hr = procHcnModifyEndpoint.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnModifyEndpoint.Addr(), 3, uintptr(endpoint), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnQueryEndpointProperties(endpoint hcnEndpoint, query string, properties **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnQueryEndpointProperties(endpoint, _p0, properties, result) +} + +func _hcnQueryEndpointProperties(endpoint hcnEndpoint, query *uint16, properties **uint16, result **uint16) (hr error) { + if hr = procHcnQueryEndpointProperties.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnQueryEndpointProperties.Addr(), 4, uintptr(endpoint), uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnDeleteEndpoint(id *_guid, result **uint16) (hr error) { + if hr = procHcnDeleteEndpoint.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnDeleteEndpoint.Addr(), 2, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCloseEndpoint(endpoint hcnEndpoint) (hr error) { + if hr = procHcnCloseEndpoint.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnCloseEndpoint.Addr(), 1, uintptr(endpoint), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnEnumerateNamespaces(query string, namespaces **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnEnumerateNamespaces(_p0, namespaces, result) +} + +func _hcnEnumerateNamespaces(query *uint16, namespaces **uint16, result **uint16) (hr error) { + if hr = procHcnEnumerateNamespaces.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnEnumerateNamespaces.Addr(), 3, uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(namespaces)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCreateNamespace(id *_guid, settings string, namespace *hcnNamespace, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnCreateNamespace(id, _p0, namespace, result) +} + +func _hcnCreateNamespace(id *_guid, settings *uint16, namespace *hcnNamespace, result **uint16) (hr error) { + if hr = procHcnCreateNamespace.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnCreateNamespace.Addr(), 4, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(namespace)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnOpenNamespace(id *_guid, namespace *hcnNamespace, result **uint16) (hr error) { + if hr = procHcnOpenNamespace.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnOpenNamespace.Addr(), 3, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(namespace)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnModifyNamespace(namespace hcnNamespace, settings string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnModifyNamespace(namespace, _p0, result) +} + +func _hcnModifyNamespace(namespace hcnNamespace, settings *uint16, result **uint16) (hr error) { + if hr = procHcnModifyNamespace.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnModifyNamespace.Addr(), 3, uintptr(namespace), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnQueryNamespaceProperties(namespace hcnNamespace, query string, properties **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnQueryNamespaceProperties(namespace, _p0, properties, result) +} + +func _hcnQueryNamespaceProperties(namespace hcnNamespace, query *uint16, properties **uint16, result **uint16) (hr error) { + if hr = procHcnQueryNamespaceProperties.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnQueryNamespaceProperties.Addr(), 4, uintptr(namespace), uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnDeleteNamespace(id *_guid, result **uint16) (hr error) { + if hr = procHcnDeleteNamespace.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnDeleteNamespace.Addr(), 2, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCloseNamespace(namespace hcnNamespace) (hr error) { + if hr = procHcnCloseNamespace.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnCloseNamespace.Addr(), 1, uintptr(namespace), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnEnumerateLoadBalancers(query string, loadBalancers **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnEnumerateLoadBalancers(_p0, loadBalancers, result) +} + +func _hcnEnumerateLoadBalancers(query *uint16, loadBalancers **uint16, result **uint16) (hr error) { + if hr = procHcnEnumerateLoadBalancers.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnEnumerateLoadBalancers.Addr(), 3, uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(loadBalancers)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCreateLoadBalancer(id *_guid, settings string, loadBalancer *hcnLoadBalancer, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnCreateLoadBalancer(id, _p0, loadBalancer, result) +} + +func _hcnCreateLoadBalancer(id *_guid, settings *uint16, loadBalancer *hcnLoadBalancer, result **uint16) (hr error) { + if hr = procHcnCreateLoadBalancer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnCreateLoadBalancer.Addr(), 4, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(loadBalancer)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnOpenLoadBalancer(id *_guid, loadBalancer *hcnLoadBalancer, result **uint16) (hr error) { + if hr = procHcnOpenLoadBalancer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnOpenLoadBalancer.Addr(), 3, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(loadBalancer)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnModifyLoadBalancer(loadBalancer hcnLoadBalancer, settings string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcnModifyLoadBalancer(loadBalancer, _p0, result) +} + +func _hcnModifyLoadBalancer(loadBalancer hcnLoadBalancer, settings *uint16, result **uint16) (hr error) { + if hr = procHcnModifyLoadBalancer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnModifyLoadBalancer.Addr(), 3, uintptr(loadBalancer), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnQueryLoadBalancerProperties(loadBalancer hcnLoadBalancer, query string, properties **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcnQueryLoadBalancerProperties(loadBalancer, _p0, properties, result) +} + +func _hcnQueryLoadBalancerProperties(loadBalancer hcnLoadBalancer, query *uint16, properties **uint16, result **uint16) (hr error) { + if hr = procHcnQueryLoadBalancerProperties.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnQueryLoadBalancerProperties.Addr(), 4, uintptr(loadBalancer), uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnDeleteLoadBalancer(id *_guid, result **uint16) (hr error) { + if hr = procHcnDeleteLoadBalancer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnDeleteLoadBalancer.Addr(), 2, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCloseLoadBalancer(loadBalancer hcnLoadBalancer) (hr error) { + if hr = procHcnCloseLoadBalancer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnCloseLoadBalancer.Addr(), 1, uintptr(loadBalancer), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnOpenService(service *hcnService, result **uint16) (hr error) { + if hr = procHcnOpenService.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnOpenService.Addr(), 2, uintptr(unsafe.Pointer(service)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnRegisterServiceCallback(service hcnService, callback int32, context int32, callbackHandle *hcnCallbackHandle) (hr error) { + if hr = procHcnRegisterServiceCallback.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcnRegisterServiceCallback.Addr(), 4, uintptr(service), uintptr(callback), uintptr(context), uintptr(unsafe.Pointer(callbackHandle)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnUnregisterServiceCallback(callbackHandle hcnCallbackHandle) (hr error) { + if hr = procHcnUnregisterServiceCallback.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnUnregisterServiceCallback.Addr(), 1, uintptr(callbackHandle), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcnCloseService(service hcnService) (hr error) { + if hr = procHcnCloseService.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcnCloseService.Addr(), 1, uintptr(service), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/hcsshim.go b/vendor/github.com/Microsoft/hcsshim/hcsshim.go index b65953191c0..ceb3ac85ee4 100644 --- a/vendor/github.com/Microsoft/hcsshim/hcsshim.go +++ b/vendor/github.com/Microsoft/hcsshim/hcsshim.go @@ -4,80 +4,20 @@ package hcsshim import ( - "fmt" "syscall" - "unsafe" - "github.com/sirupsen/logrus" + "github.com/Microsoft/hcsshim/internal/hcserror" ) -//go:generate go run mksyscall_windows.go -output zhcsshim.go hcsshim.go safeopen.go +//go:generate go run mksyscall_windows.go -output zsyscall_windows.go hcsshim.go -//sys coTaskMemFree(buffer unsafe.Pointer) = ole32.CoTaskMemFree //sys SetCurrentThreadCompartmentId(compartmentId uint32) (hr error) = iphlpapi.SetCurrentThreadCompartmentId -//sys activateLayer(info *driverInfo, id string) (hr error) = vmcompute.ActivateLayer? -//sys copyLayer(info *driverInfo, srcId string, dstId string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.CopyLayer? -//sys createLayer(info *driverInfo, id string, parent string) (hr error) = vmcompute.CreateLayer? -//sys createSandboxLayer(info *driverInfo, id string, parent string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.CreateSandboxLayer? -//sys expandSandboxSize(info *driverInfo, id string, size uint64) (hr error) = vmcompute.ExpandSandboxSize? -//sys deactivateLayer(info *driverInfo, id string) (hr error) = vmcompute.DeactivateLayer? -//sys destroyLayer(info *driverInfo, id string) (hr error) = vmcompute.DestroyLayer? -//sys exportLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.ExportLayer? -//sys getLayerMountPath(info *driverInfo, id string, length *uintptr, buffer *uint16) (hr error) = vmcompute.GetLayerMountPath? -//sys getBaseImages(buffer **uint16) (hr error) = vmcompute.GetBaseImages? -//sys importLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.ImportLayer? -//sys layerExists(info *driverInfo, id string, exists *uint32) (hr error) = vmcompute.LayerExists? -//sys nameToGuid(name string, guid *GUID) (hr error) = vmcompute.NameToGuid? -//sys prepareLayer(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.PrepareLayer? -//sys unprepareLayer(info *driverInfo, id string) (hr error) = vmcompute.UnprepareLayer? -//sys processBaseImage(path string) (hr error) = vmcompute.ProcessBaseImage? -//sys processUtilityImage(path string) (hr error) = vmcompute.ProcessUtilityImage? - -//sys importLayerBegin(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR, context *uintptr) (hr error) = vmcompute.ImportLayerBegin? -//sys importLayerNext(context uintptr, fileName string, fileInfo *winio.FileBasicInfo) (hr error) = vmcompute.ImportLayerNext? -//sys importLayerWrite(context uintptr, buffer []byte) (hr error) = vmcompute.ImportLayerWrite? -//sys importLayerEnd(context uintptr) (hr error) = vmcompute.ImportLayerEnd? - -//sys exportLayerBegin(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR, context *uintptr) (hr error) = vmcompute.ExportLayerBegin? -//sys exportLayerNext(context uintptr, fileName **uint16, fileInfo *winio.FileBasicInfo, fileSize *int64, deleted *uint32) (hr error) = vmcompute.ExportLayerNext? -//sys exportLayerRead(context uintptr, buffer []byte, bytesRead *uint32) (hr error) = vmcompute.ExportLayerRead? -//sys exportLayerEnd(context uintptr) (hr error) = vmcompute.ExportLayerEnd? - -//sys hcsEnumerateComputeSystems(query string, computeSystems **uint16, result **uint16) (hr error) = vmcompute.HcsEnumerateComputeSystems? -//sys hcsCreateComputeSystem(id string, configuration string, identity syscall.Handle, computeSystem *hcsSystem, result **uint16) (hr error) = vmcompute.HcsCreateComputeSystem? -//sys hcsOpenComputeSystem(id string, computeSystem *hcsSystem, result **uint16) (hr error) = vmcompute.HcsOpenComputeSystem? -//sys hcsCloseComputeSystem(computeSystem hcsSystem) (hr error) = vmcompute.HcsCloseComputeSystem? -//sys hcsStartComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsStartComputeSystem? -//sys hcsShutdownComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsShutdownComputeSystem? -//sys hcsTerminateComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsTerminateComputeSystem? -//sys hcsPauseComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsPauseComputeSystem? -//sys hcsResumeComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsResumeComputeSystem? -//sys hcsGetComputeSystemProperties(computeSystem hcsSystem, propertyQuery string, properties **uint16, result **uint16) (hr error) = vmcompute.HcsGetComputeSystemProperties? -//sys hcsModifyComputeSystem(computeSystem hcsSystem, configuration string, result **uint16) (hr error) = vmcompute.HcsModifyComputeSystem? -//sys hcsRegisterComputeSystemCallback(computeSystem hcsSystem, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) = vmcompute.HcsRegisterComputeSystemCallback? -//sys hcsUnregisterComputeSystemCallback(callbackHandle hcsCallback) (hr error) = vmcompute.HcsUnregisterComputeSystemCallback? - -//sys hcsCreateProcess(computeSystem hcsSystem, processParameters string, processInformation *hcsProcessInformation, process *hcsProcess, result **uint16) (hr error) = vmcompute.HcsCreateProcess? -//sys hcsOpenProcess(computeSystem hcsSystem, pid uint32, process *hcsProcess, result **uint16) (hr error) = vmcompute.HcsOpenProcess? -//sys hcsCloseProcess(process hcsProcess) (hr error) = vmcompute.HcsCloseProcess? -//sys hcsTerminateProcess(process hcsProcess, result **uint16) (hr error) = vmcompute.HcsTerminateProcess? -//sys hcsGetProcessInfo(process hcsProcess, processInformation *hcsProcessInformation, result **uint16) (hr error) = vmcompute.HcsGetProcessInfo? -//sys hcsGetProcessProperties(process hcsProcess, processProperties **uint16, result **uint16) (hr error) = vmcompute.HcsGetProcessProperties? -//sys hcsModifyProcess(process hcsProcess, settings string, result **uint16) (hr error) = vmcompute.HcsModifyProcess? -//sys hcsGetServiceProperties(propertyQuery string, properties **uint16, result **uint16) (hr error) = vmcompute.HcsGetServiceProperties? -//sys hcsRegisterProcessCallback(process hcsProcess, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) = vmcompute.HcsRegisterProcessCallback? -//sys hcsUnregisterProcessCallback(callbackHandle hcsCallback) (hr error) = vmcompute.HcsUnregisterProcessCallback? - -//sys hcsModifyServiceSettings(settings string, result **uint16) (hr error) = vmcompute.HcsModifyServiceSettings? - -//sys _hnsCall(method string, path string, object string, response **uint16) (hr error) = vmcompute.HNSCall? - const ( // Specific user-visible exit codes WaitErrExecFailed = 32767 - ERROR_GEN_FAILURE = syscall.Errno(31) + ERROR_GEN_FAILURE = hcserror.ERROR_GEN_FAILURE ERROR_SHUTDOWN_IN_PROGRESS = syscall.Errno(1115) WSAEINVAL = syscall.Errno(10022) @@ -85,82 +25,4 @@ const ( TimeoutInfinite = 0xFFFFFFFF ) -type HcsError struct { - title string - rest string - Err error -} - -type hcsSystem syscall.Handle -type hcsProcess syscall.Handle -type hcsCallback syscall.Handle - -type hcsProcessInformation struct { - ProcessId uint32 - Reserved uint32 - StdInput syscall.Handle - StdOutput syscall.Handle - StdError syscall.Handle -} - -func makeError(err error, title, rest string) error { - // Pass through DLL errors directly since they do not originate from HCS. - if _, ok := err.(*syscall.DLLError); ok { - return err - } - return &HcsError{title, rest, err} -} - -func makeErrorf(err error, title, format string, a ...interface{}) error { - return makeError(err, title, fmt.Sprintf(format, a...)) -} - -func win32FromError(err error) uint32 { - if herr, ok := err.(*HcsError); ok { - return win32FromError(herr.Err) - } - if code, ok := err.(syscall.Errno); ok { - return uint32(code) - } - return uint32(ERROR_GEN_FAILURE) -} - -func win32FromHresult(hr uintptr) uintptr { - if hr&0x1fff0000 == 0x00070000 { - return hr & 0xffff - } - return hr -} - -func (e *HcsError) Error() string { - s := e.title - if len(s) > 0 && s[len(s)-1] != ' ' { - s += " " - } - s += fmt.Sprintf("failed in Win32: %s (0x%x)", e.Err, win32FromError(e.Err)) - if e.rest != "" { - if e.rest[0] != ' ' { - s += " " - } - s += e.rest - } - return s -} - -func convertAndFreeCoTaskMemString(buffer *uint16) string { - str := syscall.UTF16ToString((*[1 << 30]uint16)(unsafe.Pointer(buffer))[:]) - coTaskMemFree(unsafe.Pointer(buffer)) - return str -} - -func convertAndFreeCoTaskMemBytes(buffer *uint16) []byte { - return []byte(convertAndFreeCoTaskMemString(buffer)) -} - -func processHcsResult(err error, resultp *uint16) error { - if resultp != nil { - result := convertAndFreeCoTaskMemString(resultp) - logrus.Debugf("Result: %s", result) - } - return err -} +type HcsError = hcserror.HcsError diff --git a/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go b/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go index 90689cb1ee0..eb013d2c42e 100644 --- a/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go +++ b/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go @@ -1,29 +1,14 @@ package hcsshim import ( - "encoding/json" - "net" - - "github.com/sirupsen/logrus" + "github.com/Microsoft/hcsshim/internal/hns" ) // HNSEndpoint represents a network endpoint in HNS -type HNSEndpoint struct { - Id string `json:"ID,omitempty"` - Name string `json:",omitempty"` - VirtualNetwork string `json:",omitempty"` - VirtualNetworkName string `json:",omitempty"` - Policies []json.RawMessage `json:",omitempty"` - MacAddress string `json:",omitempty"` - IPAddress net.IP `json:",omitempty"` - DNSSuffix string `json:",omitempty"` - DNSServerList string `json:",omitempty"` - GatewayAddress string `json:",omitempty"` - EnableInternalDNS bool `json:",omitempty"` - DisableICC bool `json:",omitempty"` - PrefixLength uint8 `json:",omitempty"` - IsRemoteEndpoint bool `json:",omitempty"` -} +type HNSEndpoint = hns.HNSEndpoint + +// Namespace represents a Compartment. +type Namespace = hns.Namespace //SystemType represents the type of the system on which actions are done type SystemType string @@ -37,39 +22,19 @@ const ( // EndpointAttachDetachRequest is the structure used to send request to the container to modify the system // Supported resource types are Network and Request Types are Add/Remove -type EndpointAttachDetachRequest struct { - ContainerID string `json:"ContainerId,omitempty"` - SystemType SystemType `json:"SystemType"` - CompartmentID uint16 `json:"CompartmentId,omitempty"` - VirtualNICName string `json:"VirtualNicName,omitempty"` -} +type EndpointAttachDetachRequest = hns.EndpointAttachDetachRequest // EndpointResquestResponse is object to get the endpoint request response -type EndpointResquestResponse struct { - Success bool - Error string -} +type EndpointResquestResponse = hns.EndpointResquestResponse // HNSEndpointRequest makes a HNS call to modify/query a network endpoint func HNSEndpointRequest(method, path, request string) (*HNSEndpoint, error) { - endpoint := &HNSEndpoint{} - err := hnsCall(method, "/endpoints/"+path, request, &endpoint) - if err != nil { - return nil, err - } - - return endpoint, nil + return hns.HNSEndpointRequest(method, path, request) } // HNSListEndpointRequest makes a HNS call to query the list of available endpoints func HNSListEndpointRequest() ([]HNSEndpoint, error) { - var endpoint []HNSEndpoint - err := hnsCall("GET", "/endpoints/", "", &endpoint) - if err != nil { - return nil, err - } - - return endpoint, nil + return hns.HNSListEndpointRequest() } // HotAttachEndpoint makes a HCS Call to attach the endpoint to the container @@ -120,204 +85,10 @@ func modifyNetworkEndpoint(containerID string, endpointID string, request Reques // GetHNSEndpointByID get the Endpoint by ID func GetHNSEndpointByID(endpointID string) (*HNSEndpoint, error) { - return HNSEndpointRequest("GET", endpointID, "") + return hns.GetHNSEndpointByID(endpointID) } // GetHNSEndpointByName gets the endpoint filtered by Name func GetHNSEndpointByName(endpointName string) (*HNSEndpoint, error) { - hnsResponse, err := HNSListEndpointRequest() - if err != nil { - return nil, err - } - for _, hnsEndpoint := range hnsResponse { - if hnsEndpoint.Name == endpointName { - return &hnsEndpoint, nil - } - } - return nil, EndpointNotFoundError{EndpointName: endpointName} -} - -// Create Endpoint by sending EndpointRequest to HNS. TODO: Create a separate HNS interface to place all these methods -func (endpoint *HNSEndpoint) Create() (*HNSEndpoint, error) { - operation := "Create" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - - jsonString, err := json.Marshal(endpoint) - if err != nil { - return nil, err - } - return HNSEndpointRequest("POST", "", string(jsonString)) -} - -// Delete Endpoint by sending EndpointRequest to HNS -func (endpoint *HNSEndpoint) Delete() (*HNSEndpoint, error) { - operation := "Delete" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - - return HNSEndpointRequest("DELETE", endpoint.Id, "") -} - -// Update Endpoint -func (endpoint *HNSEndpoint) Update() (*HNSEndpoint, error) { - operation := "Update" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - jsonString, err := json.Marshal(endpoint) - if err != nil { - return nil, err - } - err = hnsCall("POST", "/endpoints/"+endpoint.Id, string(jsonString), &endpoint) - - return endpoint, err -} - -// ContainerHotAttach attaches an endpoint to a running container -func (endpoint *HNSEndpoint) ContainerHotAttach(containerID string) error { - operation := "ContainerHotAttach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s, containerId=%s", endpoint.Id, containerID) - - return modifyNetworkEndpoint(containerID, endpoint.Id, Add) -} - -// ContainerHotDetach detaches an endpoint from a running container -func (endpoint *HNSEndpoint) ContainerHotDetach(containerID string) error { - operation := "ContainerHotDetach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s, containerId=%s", endpoint.Id, containerID) - - return modifyNetworkEndpoint(containerID, endpoint.Id, Remove) -} - -// ApplyACLPolicy applies a set of ACL Policies on the Endpoint -func (endpoint *HNSEndpoint) ApplyACLPolicy(policies ...*ACLPolicy) error { - operation := "ApplyACLPolicy" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - - for _, policy := range policies { - if policy == nil { - continue - } - jsonString, err := json.Marshal(policy) - if err != nil { - return err - } - endpoint.Policies = append(endpoint.Policies, jsonString) - } - - _, err := endpoint.Update() - return err -} - -// ContainerAttach attaches an endpoint to container -func (endpoint *HNSEndpoint) ContainerAttach(containerID string, compartmentID uint16) error { - operation := "ContainerAttach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - - requestMessage := &EndpointAttachDetachRequest{ - ContainerID: containerID, - CompartmentID: compartmentID, - SystemType: ContainerType, - } - response := &EndpointResquestResponse{} - jsonString, err := json.Marshal(requestMessage) - if err != nil { - return err - } - return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response) -} - -// ContainerDetach detaches an endpoint from container -func (endpoint *HNSEndpoint) ContainerDetach(containerID string) error { - operation := "ContainerDetach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - - requestMessage := &EndpointAttachDetachRequest{ - ContainerID: containerID, - SystemType: ContainerType, - } - response := &EndpointResquestResponse{} - - jsonString, err := json.Marshal(requestMessage) - if err != nil { - return err - } - return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response) -} - -// HostAttach attaches a nic on the host -func (endpoint *HNSEndpoint) HostAttach(compartmentID uint16) error { - operation := "HostAttach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - requestMessage := &EndpointAttachDetachRequest{ - CompartmentID: compartmentID, - SystemType: HostType, - } - response := &EndpointResquestResponse{} - - jsonString, err := json.Marshal(requestMessage) - if err != nil { - return err - } - return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response) - -} - -// HostDetach detaches a nic on the host -func (endpoint *HNSEndpoint) HostDetach() error { - operation := "HostDetach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - requestMessage := &EndpointAttachDetachRequest{ - SystemType: HostType, - } - response := &EndpointResquestResponse{} - - jsonString, err := json.Marshal(requestMessage) - if err != nil { - return err - } - return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response) -} - -// VirtualMachineNICAttach attaches a endpoint to a virtual machine -func (endpoint *HNSEndpoint) VirtualMachineNICAttach(virtualMachineNICName string) error { - operation := "VirtualMachineNicAttach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - requestMessage := &EndpointAttachDetachRequest{ - VirtualNICName: virtualMachineNICName, - SystemType: VirtualMachineType, - } - response := &EndpointResquestResponse{} - - jsonString, err := json.Marshal(requestMessage) - if err != nil { - return err - } - return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response) -} - -// VirtualMachineNICDetach detaches a endpoint from a virtual machine -func (endpoint *HNSEndpoint) VirtualMachineNICDetach() error { - operation := "VirtualMachineNicDetach" - title := "HCSShim::HNSEndpoint::" + operation - logrus.Debugf(title+" id=%s", endpoint.Id) - - requestMessage := &EndpointAttachDetachRequest{ - SystemType: VirtualMachineType, - } - response := &EndpointResquestResponse{} - - jsonString, err := json.Marshal(requestMessage) - if err != nil { - return err - } - return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response) + return hns.GetHNSEndpointByName(endpointName) } diff --git a/vendor/github.com/Microsoft/hcsshim/hnsglobals.go b/vendor/github.com/Microsoft/hcsshim/hnsglobals.go new file mode 100644 index 00000000000..2b538190476 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hnsglobals.go @@ -0,0 +1,16 @@ +package hcsshim + +import ( + "github.com/Microsoft/hcsshim/internal/hns" +) + +type HNSGlobals = hns.HNSGlobals +type HNSVersion = hns.HNSVersion + +var ( + HNSVersion1803 = hns.HNSVersion1803 +) + +func GetHNSGlobals() (*HNSGlobals, error) { + return hns.GetHNSGlobals() +} diff --git a/vendor/github.com/Microsoft/hcsshim/hnsnetwork.go b/vendor/github.com/Microsoft/hcsshim/hnsnetwork.go index 398583a4e4e..f775fa1d07c 100644 --- a/vendor/github.com/Microsoft/hcsshim/hnsnetwork.go +++ b/vendor/github.com/Microsoft/hcsshim/hnsnetwork.go @@ -1,141 +1,36 @@ package hcsshim import ( - "encoding/json" - "net" - - "github.com/sirupsen/logrus" + "github.com/Microsoft/hcsshim/internal/hns" ) // Subnet is assoicated with a network and represents a list // of subnets available to the network -type Subnet struct { - AddressPrefix string `json:",omitempty"` - GatewayAddress string `json:",omitempty"` - Policies []json.RawMessage `json:",omitempty"` -} +type Subnet = hns.Subnet // MacPool is assoicated with a network and represents a list // of macaddresses available to the network -type MacPool struct { - StartMacAddress string `json:",omitempty"` - EndMacAddress string `json:",omitempty"` -} +type MacPool = hns.MacPool // HNSNetwork represents a network in HNS -type HNSNetwork struct { - Id string `json:"ID,omitempty"` - Name string `json:",omitempty"` - Type string `json:",omitempty"` - NetworkAdapterName string `json:",omitempty"` - SourceMac string `json:",omitempty"` - Policies []json.RawMessage `json:",omitempty"` - MacPools []MacPool `json:",omitempty"` - Subnets []Subnet `json:",omitempty"` - DNSSuffix string `json:",omitempty"` - DNSServerList string `json:",omitempty"` - DNSServerCompartment uint32 `json:",omitempty"` - ManagementIP string `json:",omitempty"` - AutomaticDNS bool `json:",omitempty"` -} - -type hnsNetworkResponse struct { - Success bool - Error string - Output HNSNetwork -} - -type hnsResponse struct { - Success bool - Error string - Output json.RawMessage -} +type HNSNetwork = hns.HNSNetwork // HNSNetworkRequest makes a call into HNS to update/query a single network func HNSNetworkRequest(method, path, request string) (*HNSNetwork, error) { - var network HNSNetwork - err := hnsCall(method, "/networks/"+path, request, &network) - if err != nil { - return nil, err - } - - return &network, nil + return hns.HNSNetworkRequest(method, path, request) } // HNSListNetworkRequest makes a HNS call to query the list of available networks func HNSListNetworkRequest(method, path, request string) ([]HNSNetwork, error) { - var network []HNSNetwork - err := hnsCall(method, "/networks/"+path, request, &network) - if err != nil { - return nil, err - } - - return network, nil + return hns.HNSListNetworkRequest(method, path, request) } // GetHNSNetworkByID func GetHNSNetworkByID(networkID string) (*HNSNetwork, error) { - return HNSNetworkRequest("GET", networkID, "") + return hns.GetHNSNetworkByID(networkID) } // GetHNSNetworkName filtered by Name func GetHNSNetworkByName(networkName string) (*HNSNetwork, error) { - hsnnetworks, err := HNSListNetworkRequest("GET", "", "") - if err != nil { - return nil, err - } - for _, hnsnetwork := range hsnnetworks { - if hnsnetwork.Name == networkName { - return &hnsnetwork, nil - } - } - return nil, NetworkNotFoundError{NetworkName: networkName} -} - -// Create Network by sending NetworkRequest to HNS. -func (network *HNSNetwork) Create() (*HNSNetwork, error) { - operation := "Create" - title := "HCSShim::HNSNetwork::" + operation - logrus.Debugf(title+" id=%s", network.Id) - - jsonString, err := json.Marshal(network) - if err != nil { - return nil, err - } - return HNSNetworkRequest("POST", "", string(jsonString)) -} - -// Delete Network by sending NetworkRequest to HNS -func (network *HNSNetwork) Delete() (*HNSNetwork, error) { - operation := "Delete" - title := "HCSShim::HNSNetwork::" + operation - logrus.Debugf(title+" id=%s", network.Id) - - return HNSNetworkRequest("DELETE", network.Id, "") -} - -// Creates an endpoint on the Network. -func (network *HNSNetwork) NewEndpoint(ipAddress net.IP, macAddress net.HardwareAddr) *HNSEndpoint { - return &HNSEndpoint{ - VirtualNetwork: network.Id, - IPAddress: ipAddress, - MacAddress: string(macAddress), - } -} - -func (network *HNSNetwork) CreateEndpoint(endpoint *HNSEndpoint) (*HNSEndpoint, error) { - operation := "CreateEndpoint" - title := "HCSShim::HNSNetwork::" + operation - logrus.Debugf(title+" id=%s, endpointId=%s", network.Id, endpoint.Id) - - endpoint.VirtualNetwork = network.Id - return endpoint.Create() -} - -func (network *HNSNetwork) CreateRemoteEndpoint(endpoint *HNSEndpoint) (*HNSEndpoint, error) { - operation := "CreateRemoteEndpoint" - title := "HCSShim::HNSNetwork::" + operation - logrus.Debugf(title+" id=%s", network.Id) - endpoint.IsRemoteEndpoint = true - return network.CreateEndpoint(endpoint) + return hns.GetHNSNetworkByName(networkName) } diff --git a/vendor/github.com/Microsoft/hcsshim/hnspolicy.go b/vendor/github.com/Microsoft/hcsshim/hnspolicy.go index bf860e9387f..a3e03ff8fcf 100644 --- a/vendor/github.com/Microsoft/hcsshim/hnspolicy.go +++ b/vendor/github.com/Microsoft/hcsshim/hnspolicy.go @@ -1,94 +1,57 @@ package hcsshim +import ( + "github.com/Microsoft/hcsshim/internal/hns" +) + // Type of Request Support in ModifySystem -type PolicyType string +type PolicyType = hns.PolicyType // RequestType const const ( - Nat PolicyType = "NAT" - ACL PolicyType = "ACL" - PA PolicyType = "PA" - VLAN PolicyType = "VLAN" - VSID PolicyType = "VSID" - VNet PolicyType = "VNET" - L2Driver PolicyType = "L2Driver" - Isolation PolicyType = "Isolation" - QOS PolicyType = "QOS" - OutboundNat PolicyType = "OutBoundNAT" - ExternalLoadBalancer PolicyType = "ELB" - Route PolicyType = "ROUTE" + Nat = hns.Nat + ACL = hns.ACL + PA = hns.PA + VLAN = hns.VLAN + VSID = hns.VSID + VNet = hns.VNet + L2Driver = hns.L2Driver + Isolation = hns.Isolation + QOS = hns.QOS + OutboundNat = hns.OutboundNat + ExternalLoadBalancer = hns.ExternalLoadBalancer + Route = hns.Route ) -type NatPolicy struct { - Type PolicyType `json:"Type"` - Protocol string - InternalPort uint16 - ExternalPort uint16 -} +type NatPolicy = hns.NatPolicy -type QosPolicy struct { - Type PolicyType `json:"Type"` - MaximumOutgoingBandwidthInBytes uint64 -} +type QosPolicy = hns.QosPolicy -type IsolationPolicy struct { - Type PolicyType `json:"Type"` - VLAN uint - VSID uint - InDefaultIsolation bool -} +type IsolationPolicy = hns.IsolationPolicy -type VlanPolicy struct { - Type PolicyType `json:"Type"` - VLAN uint -} +type VlanPolicy = hns.VlanPolicy -type VsidPolicy struct { - Type PolicyType `json:"Type"` - VSID uint -} +type VsidPolicy = hns.VsidPolicy -type PaPolicy struct { - Type PolicyType `json:"Type"` - PA string `json:"PA"` -} +type PaPolicy = hns.PaPolicy -type OutboundNatPolicy struct { - Policy - VIP string `json:"VIP,omitempty"` - Exceptions []string `json:"ExceptionList,omitempty"` -} +type OutboundNatPolicy = hns.OutboundNatPolicy -type ActionType string -type DirectionType string -type RuleType string +type ActionType = hns.ActionType +type DirectionType = hns.DirectionType +type RuleType = hns.RuleType const ( - Allow ActionType = "Allow" - Block ActionType = "Block" + Allow = hns.Allow + Block = hns.Block - In DirectionType = "In" - Out DirectionType = "Out" + In = hns.In + Out = hns.Out - Host RuleType = "Host" - Switch RuleType = "Switch" + Host = hns.Host + Switch = hns.Switch ) -type ACLPolicy struct { - Type PolicyType `json:"Type"` - Protocol uint16 - InternalPort uint16 - Action ActionType - Direction DirectionType - LocalAddresses string - RemoteAddresses string - LocalPort uint16 - RemotePort uint16 - RuleType RuleType `json:"RuleType,omitempty"` - Priority uint16 - ServiceName string -} +type ACLPolicy = hns.ACLPolicy -type Policy struct { - Type PolicyType `json:"Type"` -} +type Policy = hns.Policy diff --git a/vendor/github.com/Microsoft/hcsshim/hnspolicylist.go b/vendor/github.com/Microsoft/hcsshim/hnspolicylist.go index ef1ccab16e6..55aaa4a50ef 100644 --- a/vendor/github.com/Microsoft/hcsshim/hnspolicylist.go +++ b/vendor/github.com/Microsoft/hcsshim/hnspolicylist.go @@ -1,200 +1,47 @@ package hcsshim import ( - "encoding/json" - - "github.com/sirupsen/logrus" + "github.com/Microsoft/hcsshim/internal/hns" ) // RoutePolicy is a structure defining schema for Route based Policy -type RoutePolicy struct { - Policy - DestinationPrefix string `json:"DestinationPrefix,omitempty"` - NextHop string `json:"NextHop,omitempty"` - EncapEnabled bool `json:"NeedEncap,omitempty"` -} +type RoutePolicy = hns.RoutePolicy // ELBPolicy is a structure defining schema for ELB LoadBalancing based Policy -type ELBPolicy struct { - LBPolicy - SourceVIP string `json:"SourceVIP,omitempty"` - VIPs []string `json:"VIPs,omitempty"` - ILB bool `json:"ILB,omitempty"` -} +type ELBPolicy = hns.ELBPolicy // LBPolicy is a structure defining schema for LoadBalancing based Policy -type LBPolicy struct { - Policy - Protocol uint16 `json:"Protocol,omitempty"` - InternalPort uint16 - ExternalPort uint16 -} +type LBPolicy = hns.LBPolicy // PolicyList is a structure defining schema for Policy list request -type PolicyList struct { - ID string `json:"ID,omitempty"` - EndpointReferences []string `json:"References,omitempty"` - Policies []json.RawMessage `json:"Policies,omitempty"` -} +type PolicyList = hns.PolicyList // HNSPolicyListRequest makes a call into HNS to update/query a single network func HNSPolicyListRequest(method, path, request string) (*PolicyList, error) { - var policy PolicyList - err := hnsCall(method, "/policylists/"+path, request, &policy) - if err != nil { - return nil, err - } - - return &policy, nil + return hns.HNSPolicyListRequest(method, path, request) } // HNSListPolicyListRequest gets all the policy list func HNSListPolicyListRequest() ([]PolicyList, error) { - var plist []PolicyList - err := hnsCall("GET", "/policylists/", "", &plist) - if err != nil { - return nil, err - } - - return plist, nil + return hns.HNSListPolicyListRequest() } // PolicyListRequest makes a HNS call to modify/query a network policy list func PolicyListRequest(method, path, request string) (*PolicyList, error) { - policylist := &PolicyList{} - err := hnsCall(method, "/policylists/"+path, request, &policylist) - if err != nil { - return nil, err - } - - return policylist, nil + return hns.PolicyListRequest(method, path, request) } // GetPolicyListByID get the policy list by ID func GetPolicyListByID(policyListID string) (*PolicyList, error) { - return PolicyListRequest("GET", policyListID, "") -} - -// Create PolicyList by sending PolicyListRequest to HNS. -func (policylist *PolicyList) Create() (*PolicyList, error) { - operation := "Create" - title := "HCSShim::PolicyList::" + operation - logrus.Debugf(title+" id=%s", policylist.ID) - jsonString, err := json.Marshal(policylist) - if err != nil { - return nil, err - } - return PolicyListRequest("POST", "", string(jsonString)) -} - -// Delete deletes PolicyList -func (policylist *PolicyList) Delete() (*PolicyList, error) { - operation := "Delete" - title := "HCSShim::PolicyList::" + operation - logrus.Debugf(title+" id=%s", policylist.ID) - - return PolicyListRequest("DELETE", policylist.ID, "") -} - -// AddEndpoint add an endpoint to a Policy List -func (policylist *PolicyList) AddEndpoint(endpoint *HNSEndpoint) (*PolicyList, error) { - operation := "AddEndpoint" - title := "HCSShim::PolicyList::" + operation - logrus.Debugf(title+" id=%s, endpointId:%s", policylist.ID, endpoint.Id) - - _, err := policylist.Delete() - if err != nil { - return nil, err - } - - // Add Endpoint to the Existing List - policylist.EndpointReferences = append(policylist.EndpointReferences, "/endpoints/"+endpoint.Id) - - return policylist.Create() -} - -// RemoveEndpoint removes an endpoint from the Policy List -func (policylist *PolicyList) RemoveEndpoint(endpoint *HNSEndpoint) (*PolicyList, error) { - operation := "RemoveEndpoint" - title := "HCSShim::PolicyList::" + operation - logrus.Debugf(title+" id=%s, endpointId:%s", policylist.ID, endpoint.Id) - - _, err := policylist.Delete() - if err != nil { - return nil, err - } - - elementToRemove := "/endpoints/" + endpoint.Id - - var references []string - - for _, endpointReference := range policylist.EndpointReferences { - if endpointReference == elementToRemove { - continue - } - references = append(references, endpointReference) - } - policylist.EndpointReferences = references - return policylist.Create() + return hns.GetPolicyListByID(policyListID) } // AddLoadBalancer policy list for the specified endpoints func AddLoadBalancer(endpoints []HNSEndpoint, isILB bool, sourceVIP, vip string, protocol uint16, internalPort uint16, externalPort uint16) (*PolicyList, error) { - operation := "AddLoadBalancer" - title := "HCSShim::PolicyList::" + operation - logrus.Debugf(title+" endpointId=%v, isILB=%v, sourceVIP=%s, vip=%s, protocol=%v, internalPort=%v, externalPort=%v", endpoints, isILB, sourceVIP, vip, protocol, internalPort, externalPort) - - policylist := &PolicyList{} - - elbPolicy := &ELBPolicy{ - SourceVIP: sourceVIP, - ILB: isILB, - } - - if len(vip) > 0 { - elbPolicy.VIPs = []string{vip} - } - elbPolicy.Type = ExternalLoadBalancer - elbPolicy.Protocol = protocol - elbPolicy.InternalPort = internalPort - elbPolicy.ExternalPort = externalPort - - for _, endpoint := range endpoints { - policylist.EndpointReferences = append(policylist.EndpointReferences, "/endpoints/"+endpoint.Id) - } - - jsonString, err := json.Marshal(elbPolicy) - if err != nil { - return nil, err - } - policylist.Policies = append(policylist.Policies, jsonString) - return policylist.Create() + return hns.AddLoadBalancer(endpoints, isILB, sourceVIP, vip, protocol, internalPort, externalPort) } // AddRoute adds route policy list for the specified endpoints func AddRoute(endpoints []HNSEndpoint, destinationPrefix string, nextHop string, encapEnabled bool) (*PolicyList, error) { - operation := "AddRoute" - title := "HCSShim::PolicyList::" + operation - logrus.Debugf(title+" destinationPrefix:%s", destinationPrefix) - - policylist := &PolicyList{} - - rPolicy := &RoutePolicy{ - DestinationPrefix: destinationPrefix, - NextHop: nextHop, - EncapEnabled: encapEnabled, - } - rPolicy.Type = Route - - for _, endpoint := range endpoints { - policylist.EndpointReferences = append(policylist.EndpointReferences, "/endpoints/"+endpoint.Id) - } - - jsonString, err := json.Marshal(rPolicy) - if err != nil { - return nil, err - } - - policylist.Policies = append(policylist.Policies, jsonString) - return policylist.Create() + return hns.AddRoute(endpoints, destinationPrefix, nextHop, encapEnabled) } diff --git a/vendor/github.com/Microsoft/hcsshim/hnssupport.go b/vendor/github.com/Microsoft/hcsshim/hnssupport.go new file mode 100644 index 00000000000..69405244b67 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/hnssupport.go @@ -0,0 +1,13 @@ +package hcsshim + +import ( + "github.com/Microsoft/hcsshim/internal/hns" +) + +type HNSSupportedFeatures = hns.HNSSupportedFeatures + +type HNSAclFeatures = hns.HNSAclFeatures + +func GetHNSSupportedFeatures() HNSSupportedFeatures { + return hns.GetHNSSupportedFeatures() +} diff --git a/vendor/github.com/Microsoft/hcsshim/importlayer.go b/vendor/github.com/Microsoft/hcsshim/importlayer.go deleted file mode 100644 index 2742b9f7500..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/importlayer.go +++ /dev/null @@ -1,222 +0,0 @@ -package hcsshim - -import ( - "errors" - "io/ioutil" - "os" - "path/filepath" - - "github.com/Microsoft/go-winio" - "github.com/sirupsen/logrus" -) - -// ImportLayer will take the contents of the folder at importFolderPath and import -// that into a layer with the id layerId. Note that in order to correctly populate -// the layer and interperet the transport format, all parent layers must already -// be present on the system at the paths provided in parentLayerPaths. -func ImportLayer(info DriverInfo, layerID string, importFolderPath string, parentLayerPaths []string) error { - title := "hcsshim::ImportLayer " - logrus.Debugf(title+"flavour %d layerId %s folder %s", info.Flavour, layerID, importFolderPath) - - // Generate layer descriptors - layers, err := layerPathsToDescriptors(parentLayerPaths) - if err != nil { - return err - } - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = importLayer(&infop, layerID, importFolderPath, layers) - if err != nil { - err = makeErrorf(err, title, "layerId=%s flavour=%d folder=%s", layerID, info.Flavour, importFolderPath) - logrus.Error(err) - return err - } - - logrus.Debugf(title+"succeeded flavour=%d layerId=%s folder=%s", info.Flavour, layerID, importFolderPath) - return nil -} - -// LayerWriter is an interface that supports writing a new container image layer. -type LayerWriter interface { - // Add adds a file to the layer with given metadata. - Add(name string, fileInfo *winio.FileBasicInfo) error - // AddLink adds a hard link to the layer. The target must already have been added. - AddLink(name string, target string) error - // Remove removes a file that was present in a parent layer from the layer. - Remove(name string) error - // Write writes data to the current file. The data must be in the format of a Win32 - // backup stream. - Write(b []byte) (int, error) - // Close finishes the layer writing process and releases any resources. - Close() error -} - -// FilterLayerWriter provides an interface to write the contents of a layer to the file system. -type FilterLayerWriter struct { - context uintptr -} - -// Add adds a file or directory to the layer. The file's parent directory must have already been added. -// -// name contains the file's relative path. fileInfo contains file times and file attributes; the rest -// of the file metadata and the file data must be written as a Win32 backup stream to the Write() method. -// winio.BackupStreamWriter can be used to facilitate this. -func (w *FilterLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) error { - if name[0] != '\\' { - name = `\` + name - } - err := importLayerNext(w.context, name, fileInfo) - if err != nil { - return makeError(err, "ImportLayerNext", "") - } - return nil -} - -// AddLink adds a hard link to the layer. The target of the link must have already been added. -func (w *FilterLayerWriter) AddLink(name string, target string) error { - return errors.New("hard links not yet supported") -} - -// Remove removes a file from the layer. The file must have been present in the parent layer. -// -// name contains the file's relative path. -func (w *FilterLayerWriter) Remove(name string) error { - if name[0] != '\\' { - name = `\` + name - } - err := importLayerNext(w.context, name, nil) - if err != nil { - return makeError(err, "ImportLayerNext", "") - } - return nil -} - -// Write writes more backup stream data to the current file. -func (w *FilterLayerWriter) Write(b []byte) (int, error) { - err := importLayerWrite(w.context, b) - if err != nil { - err = makeError(err, "ImportLayerWrite", "") - return 0, err - } - return len(b), err -} - -// Close completes the layer write operation. The error must be checked to ensure that the -// operation was successful. -func (w *FilterLayerWriter) Close() (err error) { - if w.context != 0 { - err = importLayerEnd(w.context) - if err != nil { - err = makeError(err, "ImportLayerEnd", "") - } - w.context = 0 - } - return -} - -type legacyLayerWriterWrapper struct { - *legacyLayerWriter - info DriverInfo - layerID string - path string - parentLayerPaths []string -} - -func (r *legacyLayerWriterWrapper) Close() error { - defer os.RemoveAll(r.root.Name()) - defer r.legacyLayerWriter.CloseRoots() - err := r.legacyLayerWriter.Close() - if err != nil { - return err - } - - info := r.info - info.HomeDir = "" - if err = ImportLayer(info, r.destRoot.Name(), r.path, r.parentLayerPaths); err != nil { - return err - } - for _, name := range r.Tombstones { - if err = removeRelative(name, r.destRoot); err != nil && !os.IsNotExist(err) { - return err - } - } - // Add any hard links that were collected. - for _, lnk := range r.PendingLinks { - if err = removeRelative(lnk.Path, r.destRoot); err != nil && !os.IsNotExist(err) { - return err - } - if err = linkRelative(lnk.Target, lnk.TargetRoot, lnk.Path, r.destRoot); err != nil { - return err - } - } - // Prepare the utility VM for use if one is present in the layer. - if r.HasUtilityVM { - err := ensureNotReparsePointRelative("UtilityVM", r.destRoot) - if err != nil { - return err - } - err = ProcessUtilityVMImage(filepath.Join(r.destRoot.Name(), "UtilityVM")) - if err != nil { - return err - } - } - return nil -} - -// NewLayerWriter returns a new layer writer for creating a layer on disk. -// The caller must have taken the SeBackupPrivilege and SeRestorePrivilege privileges -// to call this and any methods on the resulting LayerWriter. -func NewLayerWriter(info DriverInfo, layerID string, parentLayerPaths []string) (LayerWriter, error) { - if len(parentLayerPaths) == 0 { - // This is a base layer. It gets imported differently. - f, err := openRoot(filepath.Join(info.HomeDir, layerID)) - if err != nil { - return nil, err - } - return &baseLayerWriter{ - root: f, - }, nil - } - - if procImportLayerBegin.Find() != nil { - // The new layer reader is not available on this Windows build. Fall back to the - // legacy export code path. - path, err := ioutil.TempDir("", "hcs") - if err != nil { - return nil, err - } - w, err := newLegacyLayerWriter(path, parentLayerPaths, filepath.Join(info.HomeDir, layerID)) - if err != nil { - return nil, err - } - return &legacyLayerWriterWrapper{ - legacyLayerWriter: w, - info: info, - layerID: layerID, - path: path, - parentLayerPaths: parentLayerPaths, - }, nil - } - layers, err := layerPathsToDescriptors(parentLayerPaths) - if err != nil { - return nil, err - } - - infop, err := convertDriverInfo(info) - if err != nil { - return nil, err - } - - w := &FilterLayerWriter{} - err = importLayerBegin(&infop, layerID, layers, &w.context) - if err != nil { - return nil, makeError(err, "ImportLayerStart", "") - } - return w, nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/interface.go b/vendor/github.com/Microsoft/hcsshim/interface.go index e21f30025ae..5b91e0cc55c 100644 --- a/vendor/github.com/Microsoft/hcsshim/interface.go +++ b/vendor/github.com/Microsoft/hcsshim/interface.go @@ -1,106 +1,32 @@ package hcsshim import ( - "encoding/json" "io" "time" + + "github.com/Microsoft/hcsshim/internal/schema1" ) // ProcessConfig is used as both the input of Container.CreateProcess // and to convert the parameters to JSON for passing onto the HCS -type ProcessConfig struct { - ApplicationName string `json:",omitempty"` - CommandLine string `json:",omitempty"` - CommandArgs []string `json:",omitempty"` // Used by Linux Containers on Windows - User string `json:",omitempty"` - WorkingDirectory string `json:",omitempty"` - Environment map[string]string `json:",omitempty"` - EmulateConsole bool `json:",omitempty"` - CreateStdInPipe bool `json:",omitempty"` - CreateStdOutPipe bool `json:",omitempty"` - CreateStdErrPipe bool `json:",omitempty"` - ConsoleSize [2]uint `json:",omitempty"` - CreateInUtilityVm bool `json:",omitempty"` // Used by Linux Containers on Windows - OCISpecification *json.RawMessage `json:",omitempty"` // Used by Linux Containers on Windows -} +type ProcessConfig = schema1.ProcessConfig -type Layer struct { - ID string - Path string -} +type Layer = schema1.Layer +type MappedDir = schema1.MappedDir +type MappedPipe = schema1.MappedPipe +type HvRuntime = schema1.HvRuntime +type MappedVirtualDisk = schema1.MappedVirtualDisk -type MappedDir struct { - HostPath string - ContainerPath string - ReadOnly bool - BandwidthMaximum uint64 - IOPSMaximum uint64 - CreateInUtilityVM bool -} - -type MappedPipe struct { - HostPath string - ContainerPipeName string -} - -type HvRuntime struct { - ImagePath string `json:",omitempty"` - SkipTemplate bool `json:",omitempty"` - LinuxInitrdFile string `json:",omitempty"` // File under ImagePath on host containing an initrd image for starting a Linux utility VM - LinuxKernelFile string `json:",omitempty"` // File under ImagePath on host containing a kernel for starting a Linux utility VM - LinuxBootParameters string `json:",omitempty"` // Additional boot parameters for starting a Linux Utility VM in initrd mode - BootSource string `json:",omitempty"` // "Vhd" for Linux Utility VM booting from VHD - WritableBootSource bool `json:",omitempty"` // Linux Utility VM booting from VHD -} - -type MappedVirtualDisk struct { - HostPath string `json:",omitempty"` // Path to VHD on the host - ContainerPath string // Platform-specific mount point path in the container - CreateInUtilityVM bool `json:",omitempty"` - ReadOnly bool `json:",omitempty"` - Cache string `json:",omitempty"` // "" (Unspecified); "Disabled"; "Enabled"; "Private"; "PrivateAllowSharing" - AttachOnly bool `json:",omitempty:` -} +// AssignedDevice represents a device that has been directly assigned to a container +// +// NOTE: Support added in RS5 +type AssignedDevice = schema1.AssignedDevice // ContainerConfig is used as both the input of CreateContainer // and to convert the parameters to JSON for passing onto the HCS -type ContainerConfig struct { - SystemType string // HCS requires this to be hard-coded to "Container" - Name string // Name of the container. We use the docker ID. - Owner string `json:",omitempty"` // The management platform that created this container - VolumePath string `json:",omitempty"` // Windows volume path for scratch space. Used by Windows Server Containers only. Format \\?\\Volume{GUID} - IgnoreFlushesDuringBoot bool `json:",omitempty"` // Optimization hint for container startup in Windows - LayerFolderPath string `json:",omitempty"` // Where the layer folders are located. Used by Windows Server Containers only. Format %root%\windowsfilter\containerID - Layers []Layer // List of storage layers. Required for Windows Server and Hyper-V Containers. Format ID=GUID;Path=%root%\windowsfilter\layerID - Credentials string `json:",omitempty"` // Credentials information - ProcessorCount uint32 `json:",omitempty"` // Number of processors to assign to the container. - ProcessorWeight uint64 `json:",omitempty"` // CPU shares (relative weight to other containers with cpu shares). Range is from 1 to 10000. A value of 0 results in default shares. - ProcessorMaximum int64 `json:",omitempty"` // Specifies the portion of processor cycles that this container can use as a percentage times 100. Range is from 1 to 10000. A value of 0 results in no limit. - StorageIOPSMaximum uint64 `json:",omitempty"` // Maximum Storage IOPS - StorageBandwidthMaximum uint64 `json:",omitempty"` // Maximum Storage Bandwidth in bytes per second - StorageSandboxSize uint64 `json:",omitempty"` // Size in bytes that the container system drive should be expanded to if smaller - MemoryMaximumInMB int64 `json:",omitempty"` // Maximum memory available to the container in Megabytes - HostName string `json:",omitempty"` // Hostname - MappedDirectories []MappedDir `json:",omitempty"` // List of mapped directories (volumes/mounts) - MappedPipes []MappedPipe `json:",omitempty"` // List of mapped Windows named pipes - HvPartition bool // True if it a Hyper-V Container - NetworkSharedContainerName string `json:",omitempty"` // Name (ID) of the container that we will share the network stack with. - EndpointList []string `json:",omitempty"` // List of networking endpoints to be attached to container - HvRuntime *HvRuntime `json:",omitempty"` // Hyper-V container settings. Used by Hyper-V containers only. Format ImagePath=%root%\BaseLayerID\UtilityVM - Servicing bool `json:",omitempty"` // True if this container is for servicing - AllowUnqualifiedDNSQuery bool `json:",omitempty"` // True to allow unqualified DNS name resolution - DNSSearchList string `json:",omitempty"` // Comma seperated list of DNS suffixes to use for name resolution - ContainerType string `json:",omitempty"` // "Linux" for Linux containers on Windows. Omitted otherwise. - TerminateOnLastHandleClosed bool `json:",omitempty"` // Should HCS terminate the container once all handles have been closed - MappedVirtualDisks []MappedVirtualDisk `json:",omitempty"` // Array of virtual disks to mount at start -} +type ContainerConfig = schema1.ContainerConfig -type ComputeSystemQuery struct { - IDs []string `json:"Ids,omitempty"` - Types []string `json:",omitempty"` - Names []string `json:",omitempty"` - Owners []string `json:",omitempty"` -} +type ComputeSystemQuery = schema1.ComputeSystemQuery // Container represents a created (but not necessarily running) container. type Container interface { diff --git a/vendor/github.com/Microsoft/hcsshim/internal/cni/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/cni/BUILD new file mode 100644 index 00000000000..aeaaca8f5f1 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/cni/BUILD @@ -0,0 +1,27 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["registry.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/cni", + importpath = "github.com/Microsoft/hcsshim/internal/cni", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = [ + "//vendor/github.com/Microsoft/hcsshim/internal/guid:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/regstate:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/cni/registry.go b/vendor/github.com/Microsoft/hcsshim/internal/cni/registry.go new file mode 100644 index 00000000000..842ee1f7af7 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/cni/registry.go @@ -0,0 +1,110 @@ +package cni + +import ( + "errors" + + "github.com/Microsoft/hcsshim/internal/guid" + "github.com/Microsoft/hcsshim/internal/regstate" +) + +const ( + cniRoot = "cni" + cniKey = "cfg" +) + +// PersistedNamespaceConfig is the registry version of the `NamespaceID` to UVM +// map. +type PersistedNamespaceConfig struct { + namespaceID string + stored bool + + ContainerID string + HostUniqueID guid.GUID +} + +// NewPersistedNamespaceConfig creates an in-memory namespace config that can be +// persisted to the registry. +func NewPersistedNamespaceConfig(namespaceID, containerID string, containerHostUniqueID guid.GUID) *PersistedNamespaceConfig { + return &PersistedNamespaceConfig{ + namespaceID: namespaceID, + ContainerID: containerID, + HostUniqueID: containerHostUniqueID, + } +} + +// LoadPersistedNamespaceConfig loads a persisted config from the registry that matches +// `namespaceID`. If not found returns `regstate.NotFoundError` +func LoadPersistedNamespaceConfig(namespaceID string) (*PersistedNamespaceConfig, error) { + sk, err := regstate.Open(cniRoot, false) + if err != nil { + return nil, err + } + defer sk.Close() + + pnc := PersistedNamespaceConfig{ + namespaceID: namespaceID, + stored: true, + } + if err := sk.Get(namespaceID, cniKey, &pnc); err != nil { + return nil, err + } + return &pnc, nil +} + +// Store stores or updates the in-memory config to its registry state. If the +// store failes returns the store error. +func (pnc *PersistedNamespaceConfig) Store() error { + if pnc.namespaceID == "" { + return errors.New("invalid namespaceID ''") + } + if pnc.ContainerID == "" { + return errors.New("invalid containerID ''") + } + empty := guid.GUID{} + if pnc.HostUniqueID == empty { + return errors.New("invalid containerHostUniqueID 'empy'") + } + sk, err := regstate.Open(cniRoot, false) + if err != nil { + return err + } + defer sk.Close() + + if pnc.stored { + if err := sk.Set(pnc.namespaceID, cniKey, pnc); err != nil { + return err + } + } else { + if err := sk.Create(pnc.namespaceID, cniKey, pnc); err != nil { + return err + } + } + pnc.stored = true + return nil +} + +// Remove removes any persisted state associated with this config. If the config +// is not found in the registery `Remove` returns no error. +func (pnc *PersistedNamespaceConfig) Remove() error { + if pnc.stored { + sk, err := regstate.Open(cniRoot, false) + if err != nil { + if regstate.IsNotFoundError(err) { + pnc.stored = false + return nil + } + return err + } + defer sk.Close() + + if err := sk.Remove(pnc.namespaceID); err != nil { + if regstate.IsNotFoundError(err) { + pnc.stored = false + return nil + } + return err + } + } + pnc.stored = false + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/BUILD new file mode 100644 index 00000000000..6c9d31569ad --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["types.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/guestrequest", + importpath = "github.com/Microsoft/hcsshim/internal/guestrequest", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = ["//vendor/github.com/Microsoft/hcsshim/internal/schema2:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/types.go b/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/types.go new file mode 100644 index 00000000000..5d3d0dfef13 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/guestrequest/types.go @@ -0,0 +1,100 @@ +package guestrequest + +import ( + "github.com/Microsoft/hcsshim/internal/schema2" +) + +// Arguably, many of these (at least CombinedLayers) should have been generated +// by swagger. +// +// This will also change package name due to an inbound breaking change. + +// This class is used by a modify request to add or remove a combined layers +// structure in the guest. For windows, the GCS applies a filter in ContainerRootPath +// using the specified layers as the parent content. Ignores property ScratchPath +// since the container path is already the scratch path. For linux, the GCS unions +// the specified layers and ScratchPath together, placing the resulting union +// filesystem at ContainerRootPath. +type CombinedLayers struct { + ContainerRootPath string `json:"ContainerRootPath,omitempty"` + Layers []hcsschema.Layer `json:"Layers,omitempty"` + ScratchPath string `json:"ScratchPath,omitempty"` +} + +// Defines the schema for hosted settings passed to GCS and/or OpenGCS + +// SCSI. Scratch space for remote file-system commands, or R/W layer for containers +type LCOWMappedVirtualDisk struct { + MountPath string `json:"MountPath,omitempty"` // /tmp/scratch for an LCOW utility VM being used as a service VM + Lun uint8 `json:"Lun,omitempty"` + Controller uint8 `json:"Controller,omitempty"` + ReadOnly bool `json:"ReadOnly,omitempty"` +} + +type WCOWMappedVirtualDisk struct { + ContainerPath string `json:"ContainerPath,omitempty"` + Lun int32 `json:"Lun,omitempty"` +} + +type LCOWMappedDirectory struct { + MountPath string `json:"MountPath,omitempty"` + Port int32 `json:"Port,omitempty"` + ShareName string `json:"ShareName,omitempty"` // If empty not using ANames (not currently supported) + ReadOnly bool `json:"ReadOnly,omitempty"` +} + +// Read-only layers over VPMem +type LCOWMappedVPMemDevice struct { + DeviceNumber uint32 `json:"DeviceNumber,omitempty"` + MountPath string `json:"MountPath,omitempty"` // /tmp/pN +} + +type LCOWNetworkAdapter struct { + NamespaceID string `json:",omitempty"` + ID string `json:",omitempty"` + MacAddress string `json:",omitempty"` + IPAddress string `json:",omitempty"` + PrefixLength uint8 `json:",omitempty"` + GatewayAddress string `json:",omitempty"` + DNSSuffix string `json:",omitempty"` + DNSServerList string `json:",omitempty"` + EnableLowMetric bool `json:",omitempty"` + EncapOverhead uint16 `json:",omitempty"` +} + +type ResourceType string + +const ( + // These are constants for v2 schema modify guest requests. + ResourceTypeMappedDirectory ResourceType = "MappedDirectory" + ResourceTypeMappedVirtualDisk ResourceType = "MappedVirtualDisk" + ResourceTypeNetwork ResourceType = "Network" + ResourceTypeNetworkNamespace ResourceType = "NetworkNamespace" + ResourceTypeCombinedLayers ResourceType = "CombinedLayers" + ResourceTypeVPMemDevice ResourceType = "VPMemDevice" +) + +// GuestRequest is for modify commands passed to the guest. +type GuestRequest struct { + RequestType string `json:"RequestType,omitempty"` + ResourceType ResourceType `json:"ResourceType,omitempty"` + Settings interface{} `json:"Settings,omitempty"` +} + +type NetworkModifyRequest struct { + AdapterId string `json:"AdapterId,omitempty"` + RequestType string `json:"RequestType,omitempty"` + Settings interface{} `json:"Settings,omitempty"` +} + +type RS4NetworkModifyRequest struct { + AdapterInstanceId string `json:"AdapterInstanceId,omitempty"` + RequestType string `json:"RequestType,omitempty"` + Settings interface{} `json:"Settings,omitempty"` +} + +// SignalProcessOptions is the options passed to either WCOW or LCOW +// to signal a given process. +type SignalProcessOptions struct { + Signal int `json:,omitempty` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/guid/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/guid/BUILD new file mode 100644 index 00000000000..c7738537d12 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/guid/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["guid.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/guid", + importpath = "github.com/Microsoft/hcsshim/internal/guid", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/guid/guid.go b/vendor/github.com/Microsoft/hcsshim/internal/guid/guid.go new file mode 100644 index 00000000000..e9e45c0306d --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/guid/guid.go @@ -0,0 +1,69 @@ +package guid + +import ( + "crypto/rand" + "encoding/json" + "fmt" + "io" + "strconv" + "strings" +) + +var _ = (json.Marshaler)(&GUID{}) +var _ = (json.Unmarshaler)(&GUID{}) + +type GUID [16]byte + +func New() GUID { + g := GUID{} + _, err := io.ReadFull(rand.Reader, g[:]) + if err != nil { + panic(err) + } + return g +} + +func (g GUID) String() string { + return fmt.Sprintf("%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x-%02x", g[3], g[2], g[1], g[0], g[5], g[4], g[7], g[6], g[8:10], g[10:]) +} + +func FromString(s string) GUID { + if len(s) != 36 { + panic(fmt.Sprintf("invalid GUID length: %d", len(s))) + } + if s[8] != '-' || s[13] != '-' || s[18] != '-' || s[23] != '-' { + panic("invalid GUID format") + } + indexOrder := [16]int{ + 0, 2, 4, 6, + 9, 11, + 14, 16, + 19, 21, + 24, 26, 28, 30, 32, 34, + } + byteOrder := [16]int{ + 3, 2, 1, 0, + 5, 4, + 7, 6, + 8, 9, + 10, 11, 12, 13, 14, 15, + } + var g GUID + for i, x := range indexOrder { + b, err := strconv.ParseInt(s[x:x+2], 16, 16) + if err != nil { + panic(err) + } + g[byteOrder[i]] = byte(b) + } + return g +} + +func (g GUID) MarshalJSON() ([]byte, error) { + return json.Marshal(g.String()) +} + +func (g *GUID) UnmarshalJSON(data []byte) error { + *g = FromString(strings.Trim(string(data), "\"")) + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/hcs/BUILD new file mode 100644 index 00000000000..80502b89ca0 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/BUILD @@ -0,0 +1,50 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "callback.go", + "cgo.go", + "errors.go", + "hcs.go", + "log.go", + "process.go", + "system.go", + "utils.go", + "waithelper.go", + "watcher.go", + "zsyscall_windows.go", + ], + cgo = True, + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/hcs", + importpath = "github.com/Microsoft/hcsshim/internal/hcs", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = [ + "//vendor/github.com/Microsoft/go-winio:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/guestrequest:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/interop:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/logfields:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/schema1:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/timeout:go_default_library", + "//vendor/github.com/sirupsen/logrus:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/callback.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/callback.go new file mode 100644 index 00000000000..f9a922a4bb9 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/callback.go @@ -0,0 +1,104 @@ +package hcs + +import ( + "sync" + "syscall" + + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/sirupsen/logrus" +) + +var ( + nextCallback uintptr + callbackMap = map[uintptr]*notifcationWatcherContext{} + callbackMapLock = sync.RWMutex{} + + notificationWatcherCallback = syscall.NewCallback(notificationWatcher) + + // Notifications for HCS_SYSTEM handles + hcsNotificationSystemExited hcsNotification = 0x00000001 + hcsNotificationSystemCreateCompleted hcsNotification = 0x00000002 + hcsNotificationSystemStartCompleted hcsNotification = 0x00000003 + hcsNotificationSystemPauseCompleted hcsNotification = 0x00000004 + hcsNotificationSystemResumeCompleted hcsNotification = 0x00000005 + hcsNotificationSystemCrashReport hcsNotification = 0x00000006 + hcsNotificationSystemSiloJobCreated hcsNotification = 0x00000007 + hcsNotificationSystemSaveCompleted hcsNotification = 0x00000008 + hcsNotificationSystemRdpEnhancedModeStateChanged hcsNotification = 0x00000009 + hcsNotificationSystemShutdownFailed hcsNotification = 0x0000000A + hcsNotificationSystemGetPropertiesCompleted hcsNotification = 0x0000000B + hcsNotificationSystemModifyCompleted hcsNotification = 0x0000000C + hcsNotificationSystemCrashInitiated hcsNotification = 0x0000000D + hcsNotificationSystemGuestConnectionClosed hcsNotification = 0x0000000E + + // Notifications for HCS_PROCESS handles + hcsNotificationProcessExited hcsNotification = 0x00010000 + + // Common notifications + hcsNotificationInvalid hcsNotification = 0x00000000 + hcsNotificationServiceDisconnect hcsNotification = 0x01000000 +) + +type hcsNotification uint32 +type notificationChannel chan error + +type notifcationWatcherContext struct { + channels notificationChannels + handle hcsCallback +} + +type notificationChannels map[hcsNotification]notificationChannel + +func newChannels() notificationChannels { + channels := make(notificationChannels) + + channels[hcsNotificationSystemExited] = make(notificationChannel, 1) + channels[hcsNotificationSystemCreateCompleted] = make(notificationChannel, 1) + channels[hcsNotificationSystemStartCompleted] = make(notificationChannel, 1) + channels[hcsNotificationSystemPauseCompleted] = make(notificationChannel, 1) + channels[hcsNotificationSystemResumeCompleted] = make(notificationChannel, 1) + channels[hcsNotificationProcessExited] = make(notificationChannel, 1) + channels[hcsNotificationServiceDisconnect] = make(notificationChannel, 1) + channels[hcsNotificationSystemCrashReport] = make(notificationChannel, 1) + channels[hcsNotificationSystemSiloJobCreated] = make(notificationChannel, 1) + channels[hcsNotificationSystemSaveCompleted] = make(notificationChannel, 1) + channels[hcsNotificationSystemRdpEnhancedModeStateChanged] = make(notificationChannel, 1) + channels[hcsNotificationSystemShutdownFailed] = make(notificationChannel, 1) + channels[hcsNotificationSystemGetPropertiesCompleted] = make(notificationChannel, 1) + channels[hcsNotificationSystemModifyCompleted] = make(notificationChannel, 1) + channels[hcsNotificationSystemCrashInitiated] = make(notificationChannel, 1) + channels[hcsNotificationSystemGuestConnectionClosed] = make(notificationChannel, 1) + + return channels +} + +func closeChannels(channels notificationChannels) { + for _, c := range channels { + close(c) + } +} + +func notificationWatcher(notificationType hcsNotification, callbackNumber uintptr, notificationStatus uintptr, notificationData *uint16) uintptr { + var result error + if int32(notificationStatus) < 0 { + result = interop.Win32FromHresult(notificationStatus) + } + + callbackMapLock.RLock() + context := callbackMap[callbackNumber] + callbackMapLock.RUnlock() + + if context == nil { + return 0 + } + + if channel, ok := context.channels[notificationType]; ok { + channel <- result + } else { + logrus.WithFields(logrus.Fields{ + "notification-type": notificationType, + }).Warn("Received a callback of an unsupported type") + } + + return 0 +} diff --git a/vendor/github.com/Microsoft/hcsshim/cgo.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/cgo.go similarity index 94% rename from vendor/github.com/Microsoft/hcsshim/cgo.go rename to vendor/github.com/Microsoft/hcsshim/internal/hcs/cgo.go index 2003332330a..3669c34aa2c 100644 --- a/vendor/github.com/Microsoft/hcsshim/cgo.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/cgo.go @@ -1,4 +1,4 @@ -package hcsshim +package hcs import "C" diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go new file mode 100644 index 00000000000..079b565353f --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go @@ -0,0 +1,287 @@ +package hcs + +import ( + "encoding/json" + "errors" + "fmt" + "syscall" + + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/Microsoft/hcsshim/internal/logfields" + "github.com/sirupsen/logrus" +) + +var ( + // ErrComputeSystemDoesNotExist is an error encountered when the container being operated on no longer exists + ErrComputeSystemDoesNotExist = syscall.Errno(0xc037010e) + + // ErrElementNotFound is an error encountered when the object being referenced does not exist + ErrElementNotFound = syscall.Errno(0x490) + + // ErrElementNotFound is an error encountered when the object being referenced does not exist + ErrNotSupported = syscall.Errno(0x32) + + // ErrInvalidData is an error encountered when the request being sent to hcs is invalid/unsupported + // decimal -2147024883 / hex 0x8007000d + ErrInvalidData = syscall.Errno(0xd) + + // ErrHandleClose is an error encountered when the handle generating the notification being waited on has been closed + ErrHandleClose = errors.New("hcsshim: the handle generating this notification has been closed") + + // ErrAlreadyClosed is an error encountered when using a handle that has been closed by the Close method + ErrAlreadyClosed = errors.New("hcsshim: the handle has already been closed") + + // ErrInvalidNotificationType is an error encountered when an invalid notification type is used + ErrInvalidNotificationType = errors.New("hcsshim: invalid notification type") + + // ErrInvalidProcessState is an error encountered when the process is not in a valid state for the requested operation + ErrInvalidProcessState = errors.New("the process is in an invalid state for the attempted operation") + + // ErrTimeout is an error encountered when waiting on a notification times out + ErrTimeout = errors.New("hcsshim: timeout waiting for notification") + + // ErrUnexpectedContainerExit is the error encountered when a container exits while waiting for + // a different expected notification + ErrUnexpectedContainerExit = errors.New("unexpected container exit") + + // ErrUnexpectedProcessAbort is the error encountered when communication with the compute service + // is lost while waiting for a notification + ErrUnexpectedProcessAbort = errors.New("lost communication with compute service") + + // ErrUnexpectedValue is an error encountered when hcs returns an invalid value + ErrUnexpectedValue = errors.New("unexpected value returned from hcs") + + // ErrVmcomputeAlreadyStopped is an error encountered when a shutdown or terminate request is made on a stopped container + ErrVmcomputeAlreadyStopped = syscall.Errno(0xc0370110) + + // ErrVmcomputeOperationPending is an error encountered when the operation is being completed asynchronously + ErrVmcomputeOperationPending = syscall.Errno(0xC0370103) + + // ErrVmcomputeOperationInvalidState is an error encountered when the compute system is not in a valid state for the requested operation + ErrVmcomputeOperationInvalidState = syscall.Errno(0xc0370105) + + // ErrProcNotFound is an error encountered when the the process cannot be found + ErrProcNotFound = syscall.Errno(0x7f) + + // ErrVmcomputeOperationAccessIsDenied is an error which can be encountered when enumerating compute systems in RS1/RS2 + // builds when the underlying silo might be in the process of terminating. HCS was fixed in RS3. + ErrVmcomputeOperationAccessIsDenied = syscall.Errno(0x5) + + // ErrVmcomputeInvalidJSON is an error encountered when the compute system does not support/understand the messages sent by management + ErrVmcomputeInvalidJSON = syscall.Errno(0xc037010d) + + // ErrVmcomputeUnknownMessage is an error encountered guest compute system doesn't support the message + ErrVmcomputeUnknownMessage = syscall.Errno(0xc037010b) + + // ErrVmcomputeUnexpectedExit is an error encountered when the compute system terminates unexpectedly + ErrVmcomputeUnexpectedExit = syscall.Errno(0xC0370106) + + // ErrNotSupported is an error encountered when hcs doesn't support the request + ErrPlatformNotSupported = errors.New("unsupported platform request") +) + +type ErrorEvent struct { + Message string `json:"Message,omitempty"` // Fully formated error message + StackTrace string `json:"StackTrace,omitempty"` // Stack trace in string form + Provider string `json:"Provider,omitempty"` + EventID uint16 `json:"EventId,omitempty"` + Flags uint32 `json:"Flags,omitempty"` + Source string `json:"Source,omitempty"` + //Data []EventData `json:"Data,omitempty"` // Omit this as HCS doesn't encode this well. It's more confusing to include. It is however logged in debug mode (see processHcsResult function) +} + +type hcsResult struct { + Error int32 + ErrorMessage string + ErrorEvents []ErrorEvent `json:"ErrorEvents,omitempty"` +} + +func (ev *ErrorEvent) String() string { + evs := "[Event Detail: " + ev.Message + if ev.StackTrace != "" { + evs += " Stack Trace: " + ev.StackTrace + } + if ev.Provider != "" { + evs += " Provider: " + ev.Provider + } + if ev.EventID != 0 { + evs = fmt.Sprintf("%s EventID: %d", evs, ev.EventID) + } + if ev.Flags != 0 { + evs = fmt.Sprintf("%s flags: %d", evs, ev.Flags) + } + if ev.Source != "" { + evs += " Source: " + ev.Source + } + evs += "]" + return evs +} + +func processHcsResult(resultp *uint16) []ErrorEvent { + if resultp != nil { + resultj := interop.ConvertAndFreeCoTaskMemString(resultp) + logrus.WithField(logfields.JSON, resultj). + Debug("HCS Result") + result := &hcsResult{} + if err := json.Unmarshal([]byte(resultj), result); err != nil { + logrus.WithFields(logrus.Fields{ + logfields.JSON: resultj, + logrus.ErrorKey: err, + }).Warning("Could not unmarshal HCS result") + return nil + } + return result.ErrorEvents + } + return nil +} + +type HcsError struct { + Op string + Err error + Events []ErrorEvent +} + +func (e *HcsError) Error() string { + s := e.Op + ": " + e.Err.Error() + for _, ev := range e.Events { + s += "\n" + ev.String() + } + return s +} + +// ProcessError is an error encountered in HCS during an operation on a Process object +type ProcessError struct { + SystemID string + Pid int + Op string + Err error + Events []ErrorEvent +} + +// SystemError is an error encountered in HCS during an operation on a Container object +type SystemError struct { + ID string + Op string + Err error + Extra string + Events []ErrorEvent +} + +func (e *SystemError) Error() string { + s := e.Op + " " + e.ID + ": " + e.Err.Error() + for _, ev := range e.Events { + s += "\n" + ev.String() + } + if e.Extra != "" { + s += "\n(extra info: " + e.Extra + ")" + } + return s +} + +func makeSystemError(system *System, op string, extra string, err error, events []ErrorEvent) error { + // Don't double wrap errors + if _, ok := err.(*SystemError); ok { + return err + } + return &SystemError{ + ID: system.ID(), + Op: op, + Extra: extra, + Err: err, + Events: events, + } +} + +func (e *ProcessError) Error() string { + s := fmt.Sprintf("%s %s:%d: %s", e.Op, e.SystemID, e.Pid, e.Err.Error()) + for _, ev := range e.Events { + s += "\n" + ev.String() + } + return s +} + +func makeProcessError(process *Process, op string, err error, events []ErrorEvent) error { + // Don't double wrap errors + if _, ok := err.(*ProcessError); ok { + return err + } + return &ProcessError{ + Pid: process.Pid(), + SystemID: process.SystemID(), + Op: op, + Err: err, + Events: events, + } +} + +// IsNotExist checks if an error is caused by the Container or Process not existing. +// Note: Currently, ErrElementNotFound can mean that a Process has either +// already exited, or does not exist. Both IsAlreadyStopped and IsNotExist +// will currently return true when the error is ErrElementNotFound or ErrProcNotFound. +func IsNotExist(err error) bool { + err = getInnerError(err) + return err == ErrComputeSystemDoesNotExist || + err == ErrElementNotFound || + err == ErrProcNotFound +} + +// IsAlreadyClosed checks if an error is caused by the Container or Process having been +// already closed by a call to the Close() method. +func IsAlreadyClosed(err error) bool { + err = getInnerError(err) + return err == ErrAlreadyClosed +} + +// IsPending returns a boolean indicating whether the error is that +// the requested operation is being completed in the background. +func IsPending(err error) bool { + err = getInnerError(err) + return err == ErrVmcomputeOperationPending +} + +// IsTimeout returns a boolean indicating whether the error is caused by +// a timeout waiting for the operation to complete. +func IsTimeout(err error) bool { + err = getInnerError(err) + return err == ErrTimeout +} + +// IsAlreadyStopped returns a boolean indicating whether the error is caused by +// a Container or Process being already stopped. +// Note: Currently, ErrElementNotFound can mean that a Process has either +// already exited, or does not exist. Both IsAlreadyStopped and IsNotExist +// will currently return true when the error is ErrElementNotFound or ErrProcNotFound. +func IsAlreadyStopped(err error) bool { + err = getInnerError(err) + return err == ErrVmcomputeAlreadyStopped || + err == ErrElementNotFound || + err == ErrProcNotFound +} + +// IsNotSupported returns a boolean indicating whether the error is caused by +// unsupported platform requests +// Note: Currently Unsupported platform requests can be mean either +// ErrVmcomputeInvalidJSON, ErrInvalidData, ErrNotSupported or ErrVmcomputeUnknownMessage +// is thrown from the Platform +func IsNotSupported(err error) bool { + err = getInnerError(err) + // If Platform doesn't recognize or support the request sent, below errors are seen + return err == ErrVmcomputeInvalidJSON || + err == ErrInvalidData || + err == ErrNotSupported || + err == ErrVmcomputeUnknownMessage +} + +func getInnerError(err error) error { + switch pe := err.(type) { + case nil: + return nil + case *HcsError: + err = pe.Err + case *SystemError: + err = pe.Err + case *ProcessError: + err = pe.Err + } + return err +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/hcs.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/hcs.go new file mode 100644 index 00000000000..b0d49cbcf15 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/hcs.go @@ -0,0 +1,48 @@ +// Shim for the Host Compute Service (HCS) to manage Windows Server +// containers and Hyper-V containers. + +package hcs + +import ( + "syscall" +) + +//go:generate go run ../../mksyscall_windows.go -output zsyscall_windows.go hcs.go + +//sys hcsEnumerateComputeSystems(query string, computeSystems **uint16, result **uint16) (hr error) = vmcompute.HcsEnumerateComputeSystems? +//sys hcsCreateComputeSystem(id string, configuration string, identity syscall.Handle, computeSystem *hcsSystem, result **uint16) (hr error) = vmcompute.HcsCreateComputeSystem? +//sys hcsOpenComputeSystem(id string, computeSystem *hcsSystem, result **uint16) (hr error) = vmcompute.HcsOpenComputeSystem? +//sys hcsCloseComputeSystem(computeSystem hcsSystem) (hr error) = vmcompute.HcsCloseComputeSystem? +//sys hcsStartComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsStartComputeSystem? +//sys hcsShutdownComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsShutdownComputeSystem? +//sys hcsTerminateComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsTerminateComputeSystem? +//sys hcsPauseComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsPauseComputeSystem? +//sys hcsResumeComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) = vmcompute.HcsResumeComputeSystem? +//sys hcsGetComputeSystemProperties(computeSystem hcsSystem, propertyQuery string, properties **uint16, result **uint16) (hr error) = vmcompute.HcsGetComputeSystemProperties? +//sys hcsModifyComputeSystem(computeSystem hcsSystem, configuration string, result **uint16) (hr error) = vmcompute.HcsModifyComputeSystem? +//sys hcsRegisterComputeSystemCallback(computeSystem hcsSystem, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) = vmcompute.HcsRegisterComputeSystemCallback? +//sys hcsUnregisterComputeSystemCallback(callbackHandle hcsCallback) (hr error) = vmcompute.HcsUnregisterComputeSystemCallback? + +//sys hcsCreateProcess(computeSystem hcsSystem, processParameters string, processInformation *hcsProcessInformation, process *hcsProcess, result **uint16) (hr error) = vmcompute.HcsCreateProcess? +//sys hcsOpenProcess(computeSystem hcsSystem, pid uint32, process *hcsProcess, result **uint16) (hr error) = vmcompute.HcsOpenProcess? +//sys hcsCloseProcess(process hcsProcess) (hr error) = vmcompute.HcsCloseProcess? +//sys hcsTerminateProcess(process hcsProcess, result **uint16) (hr error) = vmcompute.HcsTerminateProcess? +//sys hcsSignalProcess(process hcsProcess, options string, result **uint16) (hr error) = vmcompute.HcsTerminateProcess? +//sys hcsGetProcessInfo(process hcsProcess, processInformation *hcsProcessInformation, result **uint16) (hr error) = vmcompute.HcsGetProcessInfo? +//sys hcsGetProcessProperties(process hcsProcess, processProperties **uint16, result **uint16) (hr error) = vmcompute.HcsGetProcessProperties? +//sys hcsModifyProcess(process hcsProcess, settings string, result **uint16) (hr error) = vmcompute.HcsModifyProcess? +//sys hcsGetServiceProperties(propertyQuery string, properties **uint16, result **uint16) (hr error) = vmcompute.HcsGetServiceProperties? +//sys hcsRegisterProcessCallback(process hcsProcess, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) = vmcompute.HcsRegisterProcessCallback? +//sys hcsUnregisterProcessCallback(callbackHandle hcsCallback) (hr error) = vmcompute.HcsUnregisterProcessCallback? + +type hcsSystem syscall.Handle +type hcsProcess syscall.Handle +type hcsCallback syscall.Handle + +type hcsProcessInformation struct { + ProcessId uint32 + Reserved uint32 + StdInput syscall.Handle + StdOutput syscall.Handle + StdError syscall.Handle +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/log.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/log.go new file mode 100644 index 00000000000..90d164e35e1 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/log.go @@ -0,0 +1,15 @@ +package hcs + +import "github.com/sirupsen/logrus" + +func logOperationBegin(ctx logrus.Fields, msg string) { + logrus.WithFields(ctx).Debug(msg) +} + +func logOperationEnd(ctx logrus.Fields, msg string, err error) { + if err == nil { + logrus.WithFields(ctx).Debug(msg) + } else { + logrus.WithFields(ctx).WithError(err).Error(msg) + } +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go new file mode 100644 index 00000000000..4c35c732cc3 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go @@ -0,0 +1,462 @@ +package hcs + +import ( + "encoding/json" + "io" + "sync" + "syscall" + "time" + + "github.com/Microsoft/hcsshim/internal/guestrequest" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/Microsoft/hcsshim/internal/logfields" + "github.com/sirupsen/logrus" +) + +// ContainerError is an error encountered in HCS +type Process struct { + handleLock sync.RWMutex + handle hcsProcess + processID int + system *System + cachedPipes *cachedPipes + callbackNumber uintptr + + logctx logrus.Fields +} + +func newProcess(process hcsProcess, processID int, computeSystem *System) *Process { + return &Process{ + handle: process, + processID: processID, + system: computeSystem, + logctx: logrus.Fields{ + logfields.HCSOperation: "", + logfields.ContainerID: computeSystem.ID(), + logfields.ProcessID: processID, + }, + } +} + +type cachedPipes struct { + stdIn syscall.Handle + stdOut syscall.Handle + stdErr syscall.Handle +} + +type processModifyRequest struct { + Operation string + ConsoleSize *consoleSize `json:",omitempty"` + CloseHandle *closeHandle `json:",omitempty"` +} + +type consoleSize struct { + Height uint16 + Width uint16 +} + +type closeHandle struct { + Handle string +} + +type ProcessStatus struct { + ProcessID uint32 + Exited bool + ExitCode uint32 + LastWaitResult int32 +} + +const ( + stdIn string = "StdIn" + stdOut string = "StdOut" + stdErr string = "StdErr" +) + +const ( + modifyConsoleSize string = "ConsoleSize" + modifyCloseHandle string = "CloseHandle" +) + +// Pid returns the process ID of the process within the container. +func (process *Process) Pid() int { + return process.processID +} + +// SystemID returns the ID of the process's compute system. +func (process *Process) SystemID() string { + return process.system.ID() +} + +func (process *Process) logOperationBegin(operation string) { + process.logctx[logfields.HCSOperation] = operation + logOperationBegin( + process.logctx, + "hcsshim::Process - Begin Operation") +} + +func (process *Process) logOperationEnd(err error) { + var result string + if err == nil { + result = "Success" + } else { + result = "Error" + } + + logOperationEnd( + process.logctx, + "hcsshim::Process - End Operation - "+result, + err) + process.logctx[logfields.HCSOperation] = "" +} + +// Signal signals the process with `options`. +func (process *Process) Signal(options guestrequest.SignalProcessOptions) (err error) { + process.handleLock.RLock() + defer process.handleLock.RUnlock() + + operation := "hcsshim::Process::Signal" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + if process.handle == 0 { + return makeProcessError(process, operation, ErrAlreadyClosed, nil) + } + + optionsb, err := json.Marshal(options) + if err != nil { + return err + } + + optionsStr := string(optionsb) + + var resultp *uint16 + syscallWatcher(process.logctx, func() { + err = hcsSignalProcess(process.handle, optionsStr, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return makeProcessError(process, operation, err, events) + } + + return nil +} + +// Kill signals the process to terminate but does not wait for it to finish terminating. +func (process *Process) Kill() (err error) { + process.handleLock.RLock() + defer process.handleLock.RUnlock() + + operation := "hcsshim::Process::Kill" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + if process.handle == 0 { + return makeProcessError(process, operation, ErrAlreadyClosed, nil) + } + + var resultp *uint16 + syscallWatcher(process.logctx, func() { + err = hcsTerminateProcess(process.handle, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return makeProcessError(process, operation, err, events) + } + + return nil +} + +// Wait waits for the process to exit. +func (process *Process) Wait() (err error) { + operation := "hcsshim::Process::Wait" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + err = waitForNotification(process.callbackNumber, hcsNotificationProcessExited, nil) + if err != nil { + return makeProcessError(process, operation, err, nil) + } + + return nil +} + +// WaitTimeout waits for the process to exit or the duration to elapse. It returns +// false if timeout occurs. +func (process *Process) WaitTimeout(timeout time.Duration) (err error) { + operation := "hcssshim::Process::WaitTimeout" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + err = waitForNotification(process.callbackNumber, hcsNotificationProcessExited, &timeout) + if err != nil { + return makeProcessError(process, operation, err, nil) + } + + return nil +} + +// ResizeConsole resizes the console of the process. +func (process *Process) ResizeConsole(width, height uint16) (err error) { + process.handleLock.RLock() + defer process.handleLock.RUnlock() + + operation := "hcsshim::Process::ResizeConsole" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + if process.handle == 0 { + return makeProcessError(process, operation, ErrAlreadyClosed, nil) + } + + modifyRequest := processModifyRequest{ + Operation: modifyConsoleSize, + ConsoleSize: &consoleSize{ + Height: height, + Width: width, + }, + } + + modifyRequestb, err := json.Marshal(modifyRequest) + if err != nil { + return err + } + + modifyRequestStr := string(modifyRequestb) + + var resultp *uint16 + err = hcsModifyProcess(process.handle, modifyRequestStr, &resultp) + events := processHcsResult(resultp) + if err != nil { + return makeProcessError(process, operation, err, events) + } + + return nil +} + +func (process *Process) Properties() (_ *ProcessStatus, err error) { + process.handleLock.RLock() + defer process.handleLock.RUnlock() + + operation := "hcsshim::Process::Properties" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + if process.handle == 0 { + return nil, makeProcessError(process, operation, ErrAlreadyClosed, nil) + } + + var ( + resultp *uint16 + propertiesp *uint16 + ) + syscallWatcher(process.logctx, func() { + err = hcsGetProcessProperties(process.handle, &propertiesp, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return nil, makeProcessError(process, operation, err, events) + } + + if propertiesp == nil { + return nil, ErrUnexpectedValue + } + propertiesRaw := interop.ConvertAndFreeCoTaskMemBytes(propertiesp) + + properties := &ProcessStatus{} + if err := json.Unmarshal(propertiesRaw, properties); err != nil { + return nil, makeProcessError(process, operation, err, nil) + } + + return properties, nil +} + +// ExitCode returns the exit code of the process. The process must have +// already terminated. +func (process *Process) ExitCode() (_ int, err error) { + operation := "hcsshim::Process::ExitCode" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + properties, err := process.Properties() + if err != nil { + return 0, makeProcessError(process, operation, err, nil) + } + + if properties.Exited == false { + return 0, makeProcessError(process, operation, ErrInvalidProcessState, nil) + } + + if properties.LastWaitResult != 0 { + return 0, makeProcessError(process, operation, syscall.Errno(properties.LastWaitResult), nil) + } + + return int(properties.ExitCode), nil +} + +// Stdio returns the stdin, stdout, and stderr pipes, respectively. Closing +// these pipes does not close the underlying pipes; it should be possible to +// call this multiple times to get multiple interfaces. +func (process *Process) Stdio() (_ io.WriteCloser, _ io.ReadCloser, _ io.ReadCloser, err error) { + process.handleLock.RLock() + defer process.handleLock.RUnlock() + + operation := "hcsshim::Process::Stdio" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + if process.handle == 0 { + return nil, nil, nil, makeProcessError(process, operation, ErrAlreadyClosed, nil) + } + + var stdIn, stdOut, stdErr syscall.Handle + + if process.cachedPipes == nil { + var ( + processInfo hcsProcessInformation + resultp *uint16 + ) + err = hcsGetProcessInfo(process.handle, &processInfo, &resultp) + events := processHcsResult(resultp) + if err != nil { + return nil, nil, nil, makeProcessError(process, operation, err, events) + } + + stdIn, stdOut, stdErr = processInfo.StdInput, processInfo.StdOutput, processInfo.StdError + } else { + // Use cached pipes + stdIn, stdOut, stdErr = process.cachedPipes.stdIn, process.cachedPipes.stdOut, process.cachedPipes.stdErr + + // Invalidate the cache + process.cachedPipes = nil + } + + pipes, err := makeOpenFiles([]syscall.Handle{stdIn, stdOut, stdErr}) + if err != nil { + return nil, nil, nil, makeProcessError(process, operation, err, nil) + } + + return pipes[0], pipes[1], pipes[2], nil +} + +// CloseStdin closes the write side of the stdin pipe so that the process is +// notified on the read side that there is no more data in stdin. +func (process *Process) CloseStdin() (err error) { + process.handleLock.RLock() + defer process.handleLock.RUnlock() + + operation := "hcsshim::Process::CloseStdin" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + if process.handle == 0 { + return makeProcessError(process, operation, ErrAlreadyClosed, nil) + } + + modifyRequest := processModifyRequest{ + Operation: modifyCloseHandle, + CloseHandle: &closeHandle{ + Handle: stdIn, + }, + } + + modifyRequestb, err := json.Marshal(modifyRequest) + if err != nil { + return err + } + + modifyRequestStr := string(modifyRequestb) + + var resultp *uint16 + err = hcsModifyProcess(process.handle, modifyRequestStr, &resultp) + events := processHcsResult(resultp) + if err != nil { + return makeProcessError(process, operation, err, events) + } + + return nil +} + +// Close cleans up any state associated with the process but does not kill +// or wait on it. +func (process *Process) Close() (err error) { + process.handleLock.Lock() + defer process.handleLock.Unlock() + + operation := "hcsshim::Process::Close" + process.logOperationBegin(operation) + defer func() { process.logOperationEnd(err) }() + + // Don't double free this + if process.handle == 0 { + return nil + } + + if err = process.unregisterCallback(); err != nil { + return makeProcessError(process, operation, err, nil) + } + + if err = hcsCloseProcess(process.handle); err != nil { + return makeProcessError(process, operation, err, nil) + } + + process.handle = 0 + + return nil +} + +func (process *Process) registerCallback() error { + context := ¬ifcationWatcherContext{ + channels: newChannels(), + } + + callbackMapLock.Lock() + callbackNumber := nextCallback + nextCallback++ + callbackMap[callbackNumber] = context + callbackMapLock.Unlock() + + var callbackHandle hcsCallback + err := hcsRegisterProcessCallback(process.handle, notificationWatcherCallback, callbackNumber, &callbackHandle) + if err != nil { + return err + } + context.handle = callbackHandle + process.callbackNumber = callbackNumber + + return nil +} + +func (process *Process) unregisterCallback() error { + callbackNumber := process.callbackNumber + + callbackMapLock.RLock() + context := callbackMap[callbackNumber] + callbackMapLock.RUnlock() + + if context == nil { + return nil + } + + handle := context.handle + + if handle == 0 { + return nil + } + + // hcsUnregisterProcessCallback has its own syncronization + // to wait for all callbacks to complete. We must NOT hold the callbackMapLock. + err := hcsUnregisterProcessCallback(handle) + if err != nil { + return err + } + + closeChannels(context.channels) + + callbackMapLock.Lock() + callbackMap[callbackNumber] = nil + callbackMapLock.Unlock() + + handle = 0 + + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go new file mode 100644 index 00000000000..e0cf0fe98d7 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go @@ -0,0 +1,672 @@ +package hcs + +import ( + "encoding/json" + "os" + "strconv" + "sync" + "syscall" + "time" + + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/Microsoft/hcsshim/internal/logfields" + "github.com/Microsoft/hcsshim/internal/schema1" + "github.com/Microsoft/hcsshim/internal/timeout" + "github.com/sirupsen/logrus" +) + +// currentContainerStarts is used to limit the number of concurrent container +// starts. +var currentContainerStarts containerStarts + +type containerStarts struct { + maxParallel int + inProgress int + sync.Mutex +} + +func init() { + mpsS := os.Getenv("HCSSHIM_MAX_PARALLEL_START") + if len(mpsS) > 0 { + mpsI, err := strconv.Atoi(mpsS) + if err != nil || mpsI < 0 { + return + } + currentContainerStarts.maxParallel = mpsI + } +} + +type System struct { + handleLock sync.RWMutex + handle hcsSystem + id string + callbackNumber uintptr + + logctx logrus.Fields +} + +func newSystem(id string) *System { + return &System{ + id: id, + logctx: logrus.Fields{ + logfields.HCSOperation: "", + logfields.ContainerID: id, + }, + } +} + +func (computeSystem *System) logOperationBegin(operation string) { + computeSystem.logctx[logfields.HCSOperation] = operation + logOperationBegin( + computeSystem.logctx, + "hcsshim::ComputeSystem - Begin Operation") +} + +func (computeSystem *System) logOperationEnd(err error) { + var result string + if err == nil { + result = "Success" + } else { + result = "Error" + } + + logOperationEnd( + computeSystem.logctx, + "hcsshim::ComputeSystem - End Operation - "+result, + err) + computeSystem.logctx[logfields.HCSOperation] = "" +} + +// CreateComputeSystem creates a new compute system with the given configuration but does not start it. +func CreateComputeSystem(id string, hcsDocumentInterface interface{}) (_ *System, err error) { + operation := "hcsshim::CreateComputeSystem" + + computeSystem := newSystem(id) + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + hcsDocumentB, err := json.Marshal(hcsDocumentInterface) + if err != nil { + return nil, err + } + + hcsDocument := string(hcsDocumentB) + + logrus.WithFields(computeSystem.logctx). + WithField(logfields.JSON, hcsDocument). + Debug("HCS ComputeSystem Document") + + var ( + resultp *uint16 + identity syscall.Handle + createError error + ) + syscallWatcher(computeSystem.logctx, func() { + createError = hcsCreateComputeSystem(id, hcsDocument, identity, &computeSystem.handle, &resultp) + }) + + if createError == nil || IsPending(createError) { + if err = computeSystem.registerCallback(); err != nil { + // Terminate the compute system if it still exists. We're okay to + // ignore a failure here. + computeSystem.Terminate() + return nil, makeSystemError(computeSystem, operation, "", err, nil) + } + } + + events, err := processAsyncHcsResult(createError, resultp, computeSystem.callbackNumber, hcsNotificationSystemCreateCompleted, &timeout.SystemCreate) + if err != nil { + if err == ErrTimeout { + // Terminate the compute system if it still exists. We're okay to + // ignore a failure here. + computeSystem.Terminate() + } + return nil, makeSystemError(computeSystem, operation, hcsDocument, err, events) + } + + return computeSystem, nil +} + +// OpenComputeSystem opens an existing compute system by ID. +func OpenComputeSystem(id string) (_ *System, err error) { + operation := "hcsshim::OpenComputeSystem" + + computeSystem := newSystem(id) + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + var ( + handle hcsSystem + resultp *uint16 + ) + err = hcsOpenComputeSystem(id, &handle, &resultp) + events := processHcsResult(resultp) + if err != nil { + return nil, makeSystemError(computeSystem, operation, "", err, events) + } + + computeSystem.handle = handle + + if err = computeSystem.registerCallback(); err != nil { + return nil, makeSystemError(computeSystem, operation, "", err, nil) + } + + return computeSystem, nil +} + +// GetComputeSystems gets a list of the compute systems on the system that match the query +func GetComputeSystems(q schema1.ComputeSystemQuery) (_ []schema1.ContainerProperties, err error) { + operation := "hcsshim::GetComputeSystems" + fields := logrus.Fields{ + logfields.HCSOperation: operation, + } + logOperationBegin( + fields, + "hcsshim::ComputeSystem - Begin Operation") + + defer func() { + var result string + if err == nil { + result = "Success" + } else { + result = "Error" + } + + logOperationEnd( + fields, + "hcsshim::ComputeSystem - End Operation - "+result, + err) + }() + + queryb, err := json.Marshal(q) + if err != nil { + return nil, err + } + + query := string(queryb) + + logrus.WithFields(fields). + WithField(logfields.JSON, query). + Debug("HCS ComputeSystem Query") + + var ( + resultp *uint16 + computeSystemsp *uint16 + ) + + syscallWatcher(fields, func() { + err = hcsEnumerateComputeSystems(query, &computeSystemsp, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return nil, &HcsError{Op: operation, Err: err, Events: events} + } + + if computeSystemsp == nil { + return nil, ErrUnexpectedValue + } + computeSystemsRaw := interop.ConvertAndFreeCoTaskMemBytes(computeSystemsp) + computeSystems := []schema1.ContainerProperties{} + if err = json.Unmarshal(computeSystemsRaw, &computeSystems); err != nil { + return nil, err + } + + return computeSystems, nil +} + +// Start synchronously starts the computeSystem. +func (computeSystem *System) Start() (err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::Start" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + if computeSystem.handle == 0 { + return makeSystemError(computeSystem, "Start", "", ErrAlreadyClosed, nil) + } + + // This is a very simple backoff-retry loop to limit the number + // of parallel container starts if environment variable + // HCSSHIM_MAX_PARALLEL_START is set to a positive integer. + // It should generally only be used as a workaround to various + // platform issues that exist between RS1 and RS4 as of Aug 2018 + if currentContainerStarts.maxParallel > 0 { + for { + currentContainerStarts.Lock() + if currentContainerStarts.inProgress < currentContainerStarts.maxParallel { + currentContainerStarts.inProgress++ + currentContainerStarts.Unlock() + break + } + if currentContainerStarts.inProgress == currentContainerStarts.maxParallel { + currentContainerStarts.Unlock() + time.Sleep(100 * time.Millisecond) + } + } + // Make sure we decrement the count when we are done. + defer func() { + currentContainerStarts.Lock() + currentContainerStarts.inProgress-- + currentContainerStarts.Unlock() + }() + } + + var resultp *uint16 + syscallWatcher(computeSystem.logctx, func() { + err = hcsStartComputeSystem(computeSystem.handle, "", &resultp) + }) + events, err := processAsyncHcsResult(err, resultp, computeSystem.callbackNumber, hcsNotificationSystemStartCompleted, &timeout.SystemStart) + if err != nil { + return makeSystemError(computeSystem, "Start", "", err, events) + } + + return nil +} + +// ID returns the compute system's identifier. +func (computeSystem *System) ID() string { + return computeSystem.id +} + +// Shutdown requests a compute system shutdown, if IsPending() on the error returned is true, +// it may not actually be shut down until Wait() succeeds. +func (computeSystem *System) Shutdown() (err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::Shutdown" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + if computeSystem.handle == 0 { + return makeSystemError(computeSystem, "Shutdown", "", ErrAlreadyClosed, nil) + } + + var resultp *uint16 + syscallWatcher(computeSystem.logctx, func() { + err = hcsShutdownComputeSystem(computeSystem.handle, "", &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return makeSystemError(computeSystem, "Shutdown", "", err, events) + } + + return nil +} + +// Terminate requests a compute system terminate, if IsPending() on the error returned is true, +// it may not actually be shut down until Wait() succeeds. +func (computeSystem *System) Terminate() (err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::Terminate" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + if computeSystem.handle == 0 { + return makeSystemError(computeSystem, "Terminate", "", ErrAlreadyClosed, nil) + } + + var resultp *uint16 + syscallWatcher(computeSystem.logctx, func() { + err = hcsTerminateComputeSystem(computeSystem.handle, "", &resultp) + }) + events := processHcsResult(resultp) + if err != nil && err != ErrVmcomputeAlreadyStopped { + return makeSystemError(computeSystem, "Terminate", "", err, events) + } + + return nil +} + +// Wait synchronously waits for the compute system to shutdown or terminate. +func (computeSystem *System) Wait() (err error) { + operation := "hcsshim::ComputeSystem::Wait" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + err = waitForNotification(computeSystem.callbackNumber, hcsNotificationSystemExited, nil) + if err != nil { + return makeSystemError(computeSystem, "Wait", "", err, nil) + } + + return nil +} + +// WaitExpectedError synchronously waits for the compute system to shutdown or +// terminate, and ignores the passed error if it occurs. +func (computeSystem *System) WaitExpectedError(expected error) (err error) { + operation := "hcsshim::ComputeSystem::WaitExpectedError" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + err = waitForNotification(computeSystem.callbackNumber, hcsNotificationSystemExited, nil) + if err != nil && err != expected { + return makeSystemError(computeSystem, "WaitExpectedError", "", err, nil) + } + + return nil +} + +// WaitTimeout synchronously waits for the compute system to terminate or the duration to elapse. +// If the timeout expires, IsTimeout(err) == true +func (computeSystem *System) WaitTimeout(timeout time.Duration) (err error) { + operation := "hcsshim::ComputeSystem::WaitTimeout" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + err = waitForNotification(computeSystem.callbackNumber, hcsNotificationSystemExited, &timeout) + if err != nil { + return makeSystemError(computeSystem, "WaitTimeout", "", err, nil) + } + + return nil +} + +func (computeSystem *System) Properties(types ...schema1.PropertyType) (_ *schema1.ContainerProperties, err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::Properties" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + queryj, err := json.Marshal(schema1.PropertyQuery{types}) + if err != nil { + return nil, makeSystemError(computeSystem, "Properties", "", err, nil) + } + + logrus.WithFields(computeSystem.logctx). + WithField(logfields.JSON, queryj). + Debug("HCS ComputeSystem Properties Query") + + var resultp, propertiesp *uint16 + syscallWatcher(computeSystem.logctx, func() { + err = hcsGetComputeSystemProperties(computeSystem.handle, string(queryj), &propertiesp, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return nil, makeSystemError(computeSystem, "Properties", "", err, events) + } + + if propertiesp == nil { + return nil, ErrUnexpectedValue + } + propertiesRaw := interop.ConvertAndFreeCoTaskMemBytes(propertiesp) + properties := &schema1.ContainerProperties{} + if err := json.Unmarshal(propertiesRaw, properties); err != nil { + return nil, makeSystemError(computeSystem, "Properties", "", err, nil) + } + + return properties, nil +} + +// Pause pauses the execution of the computeSystem. This feature is not enabled in TP5. +func (computeSystem *System) Pause() (err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::Pause" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + if computeSystem.handle == 0 { + return makeSystemError(computeSystem, "Pause", "", ErrAlreadyClosed, nil) + } + + var resultp *uint16 + syscallWatcher(computeSystem.logctx, func() { + err = hcsPauseComputeSystem(computeSystem.handle, "", &resultp) + }) + events, err := processAsyncHcsResult(err, resultp, computeSystem.callbackNumber, hcsNotificationSystemPauseCompleted, &timeout.SystemPause) + if err != nil { + return makeSystemError(computeSystem, "Pause", "", err, events) + } + + return nil +} + +// Resume resumes the execution of the computeSystem. This feature is not enabled in TP5. +func (computeSystem *System) Resume() (err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::Resume" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + if computeSystem.handle == 0 { + return makeSystemError(computeSystem, "Resume", "", ErrAlreadyClosed, nil) + } + + var resultp *uint16 + syscallWatcher(computeSystem.logctx, func() { + err = hcsResumeComputeSystem(computeSystem.handle, "", &resultp) + }) + events, err := processAsyncHcsResult(err, resultp, computeSystem.callbackNumber, hcsNotificationSystemResumeCompleted, &timeout.SystemResume) + if err != nil { + return makeSystemError(computeSystem, "Resume", "", err, events) + } + + return nil +} + +// CreateProcess launches a new process within the computeSystem. +func (computeSystem *System) CreateProcess(c interface{}) (_ *Process, err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::CreateProcess" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + var ( + processInfo hcsProcessInformation + processHandle hcsProcess + resultp *uint16 + ) + + if computeSystem.handle == 0 { + return nil, makeSystemError(computeSystem, "CreateProcess", "", ErrAlreadyClosed, nil) + } + + configurationb, err := json.Marshal(c) + if err != nil { + return nil, makeSystemError(computeSystem, "CreateProcess", "", err, nil) + } + + configuration := string(configurationb) + + logrus.WithFields(computeSystem.logctx). + WithField(logfields.JSON, configuration). + Debug("HCS ComputeSystem Process Document") + + syscallWatcher(computeSystem.logctx, func() { + err = hcsCreateProcess(computeSystem.handle, configuration, &processInfo, &processHandle, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return nil, makeSystemError(computeSystem, "CreateProcess", configuration, err, events) + } + + logrus.WithFields(computeSystem.logctx). + WithField(logfields.ProcessID, processInfo.ProcessId). + Debug("HCS ComputeSystem CreateProcess PID") + + process := newProcess(processHandle, int(processInfo.ProcessId), computeSystem) + process.cachedPipes = &cachedPipes{ + stdIn: processInfo.StdInput, + stdOut: processInfo.StdOutput, + stdErr: processInfo.StdError, + } + + if err = process.registerCallback(); err != nil { + return nil, makeSystemError(computeSystem, "CreateProcess", "", err, nil) + } + + return process, nil +} + +// OpenProcess gets an interface to an existing process within the computeSystem. +func (computeSystem *System) OpenProcess(pid int) (_ *Process, err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + // Add PID for the context of this operation + computeSystem.logctx[logfields.ProcessID] = pid + defer delete(computeSystem.logctx, logfields.ProcessID) + + operation := "hcsshim::ComputeSystem::OpenProcess" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + var ( + processHandle hcsProcess + resultp *uint16 + ) + + if computeSystem.handle == 0 { + return nil, makeSystemError(computeSystem, "OpenProcess", "", ErrAlreadyClosed, nil) + } + + syscallWatcher(computeSystem.logctx, func() { + err = hcsOpenProcess(computeSystem.handle, uint32(pid), &processHandle, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return nil, makeSystemError(computeSystem, "OpenProcess", "", err, events) + } + + process := newProcess(processHandle, pid, computeSystem) + if err = process.registerCallback(); err != nil { + return nil, makeSystemError(computeSystem, "OpenProcess", "", err, nil) + } + + return process, nil +} + +// Close cleans up any state associated with the compute system but does not terminate or wait for it. +func (computeSystem *System) Close() (err error) { + computeSystem.handleLock.Lock() + defer computeSystem.handleLock.Unlock() + + operation := "hcsshim::ComputeSystem::Close" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + // Don't double free this + if computeSystem.handle == 0 { + return nil + } + + if err = computeSystem.unregisterCallback(); err != nil { + return makeSystemError(computeSystem, "Close", "", err, nil) + } + + syscallWatcher(computeSystem.logctx, func() { + err = hcsCloseComputeSystem(computeSystem.handle) + }) + if err != nil { + return makeSystemError(computeSystem, "Close", "", err, nil) + } + + computeSystem.handle = 0 + + return nil +} + +func (computeSystem *System) registerCallback() error { + context := ¬ifcationWatcherContext{ + channels: newChannels(), + } + + callbackMapLock.Lock() + callbackNumber := nextCallback + nextCallback++ + callbackMap[callbackNumber] = context + callbackMapLock.Unlock() + + var callbackHandle hcsCallback + err := hcsRegisterComputeSystemCallback(computeSystem.handle, notificationWatcherCallback, callbackNumber, &callbackHandle) + if err != nil { + return err + } + context.handle = callbackHandle + computeSystem.callbackNumber = callbackNumber + + return nil +} + +func (computeSystem *System) unregisterCallback() error { + callbackNumber := computeSystem.callbackNumber + + callbackMapLock.RLock() + context := callbackMap[callbackNumber] + callbackMapLock.RUnlock() + + if context == nil { + return nil + } + + handle := context.handle + + if handle == 0 { + return nil + } + + // hcsUnregisterComputeSystemCallback has its own syncronization + // to wait for all callbacks to complete. We must NOT hold the callbackMapLock. + err := hcsUnregisterComputeSystemCallback(handle) + if err != nil { + return err + } + + closeChannels(context.channels) + + callbackMapLock.Lock() + callbackMap[callbackNumber] = nil + callbackMapLock.Unlock() + + handle = 0 + + return nil +} + +// Modify the System by sending a request to HCS +func (computeSystem *System) Modify(config interface{}) (err error) { + computeSystem.handleLock.RLock() + defer computeSystem.handleLock.RUnlock() + + operation := "hcsshim::ComputeSystem::Modify" + computeSystem.logOperationBegin(operation) + defer func() { computeSystem.logOperationEnd(err) }() + + if computeSystem.handle == 0 { + return makeSystemError(computeSystem, "Modify", "", ErrAlreadyClosed, nil) + } + + requestJSON, err := json.Marshal(config) + if err != nil { + return err + } + + requestString := string(requestJSON) + + logrus.WithFields(computeSystem.logctx). + WithField(logfields.JSON, requestString). + Debug("HCS ComputeSystem Modify Document") + + var resultp *uint16 + syscallWatcher(computeSystem.logctx, func() { + err = hcsModifyComputeSystem(computeSystem.handle, requestString, &resultp) + }) + events := processHcsResult(resultp) + if err != nil { + return makeSystemError(computeSystem, "Modify", requestString, err, events) + } + + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/utils.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/utils.go similarity index 97% rename from vendor/github.com/Microsoft/hcsshim/utils.go rename to vendor/github.com/Microsoft/hcsshim/internal/hcs/utils.go index bd6e2d94abb..a638677ed5a 100644 --- a/vendor/github.com/Microsoft/hcsshim/utils.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/utils.go @@ -1,4 +1,4 @@ -package hcsshim +package hcs import ( "io" diff --git a/vendor/github.com/Microsoft/hcsshim/waithelper.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/waithelper.go similarity index 89% rename from vendor/github.com/Microsoft/hcsshim/waithelper.go rename to vendor/github.com/Microsoft/hcsshim/internal/hcs/waithelper.go index b7be20ea0cd..91e212c5748 100644 --- a/vendor/github.com/Microsoft/hcsshim/waithelper.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/waithelper.go @@ -1,4 +1,4 @@ -package hcsshim +package hcs import ( "time" @@ -6,13 +6,13 @@ import ( "github.com/sirupsen/logrus" ) -func processAsyncHcsResult(err error, resultp *uint16, callbackNumber uintptr, expectedNotification hcsNotification, timeout *time.Duration) error { - err = processHcsResult(err, resultp) +func processAsyncHcsResult(err error, resultp *uint16, callbackNumber uintptr, expectedNotification hcsNotification, timeout *time.Duration) ([]ErrorEvent, error) { + events := processHcsResult(resultp) if IsPending(err) { - return waitForNotification(callbackNumber, expectedNotification, timeout) + return nil, waitForNotification(callbackNumber, expectedNotification, timeout) } - return err + return events, err } func waitForNotification(callbackNumber uintptr, expectedNotification hcsNotification, timeout *time.Duration) error { diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/watcher.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/watcher.go new file mode 100644 index 00000000000..f85ed31874c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/watcher.go @@ -0,0 +1,41 @@ +package hcs + +import ( + "context" + + "github.com/Microsoft/hcsshim/internal/logfields" + "github.com/Microsoft/hcsshim/internal/timeout" + "github.com/sirupsen/logrus" +) + +// syscallWatcher is used as a very simple goroutine around calls into +// the platform. In some cases, we have seen HCS APIs not returning due to +// various bugs, and the goroutine making the syscall ends up not returning, +// prior to its async callback. By spinning up a syscallWatcher, it allows +// us to at least log a warning if a syscall doesn't complete in a reasonable +// amount of time. +// +// Usage is: +// +// syscallWatcher(logContext, func() { +// err = (args...) +// }) +// + +func syscallWatcher(logContext logrus.Fields, syscallLambda func()) { + ctx, cancel := context.WithTimeout(context.Background(), timeout.SyscallWatcher) + defer cancel() + go watchFunc(ctx, logContext) + syscallLambda() +} + +func watchFunc(ctx context.Context, logContext logrus.Fields) { + select { + case <-ctx.Done(): + if ctx.Err() != context.Canceled { + logrus.WithFields(logContext). + WithField(logfields.Timeout, timeout.SyscallWatcher). + Warning("Syscall did not complete within operation timeout. This may indicate a platform issue. If it appears to be making no forward progress, obtain the stacks and see if there is a syscall stuck in the platform API for a significant length of time.") + } + } +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/zsyscall_windows.go new file mode 100644 index 00000000000..fcd5cdc87f6 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/zsyscall_windows.go @@ -0,0 +1,533 @@ +// Code generated mksyscall_windows.exe DO NOT EDIT + +package hcs + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modvmcompute = windows.NewLazySystemDLL("vmcompute.dll") + + procHcsEnumerateComputeSystems = modvmcompute.NewProc("HcsEnumerateComputeSystems") + procHcsCreateComputeSystem = modvmcompute.NewProc("HcsCreateComputeSystem") + procHcsOpenComputeSystem = modvmcompute.NewProc("HcsOpenComputeSystem") + procHcsCloseComputeSystem = modvmcompute.NewProc("HcsCloseComputeSystem") + procHcsStartComputeSystem = modvmcompute.NewProc("HcsStartComputeSystem") + procHcsShutdownComputeSystem = modvmcompute.NewProc("HcsShutdownComputeSystem") + procHcsTerminateComputeSystem = modvmcompute.NewProc("HcsTerminateComputeSystem") + procHcsPauseComputeSystem = modvmcompute.NewProc("HcsPauseComputeSystem") + procHcsResumeComputeSystem = modvmcompute.NewProc("HcsResumeComputeSystem") + procHcsGetComputeSystemProperties = modvmcompute.NewProc("HcsGetComputeSystemProperties") + procHcsModifyComputeSystem = modvmcompute.NewProc("HcsModifyComputeSystem") + procHcsRegisterComputeSystemCallback = modvmcompute.NewProc("HcsRegisterComputeSystemCallback") + procHcsUnregisterComputeSystemCallback = modvmcompute.NewProc("HcsUnregisterComputeSystemCallback") + procHcsCreateProcess = modvmcompute.NewProc("HcsCreateProcess") + procHcsOpenProcess = modvmcompute.NewProc("HcsOpenProcess") + procHcsCloseProcess = modvmcompute.NewProc("HcsCloseProcess") + procHcsTerminateProcess = modvmcompute.NewProc("HcsTerminateProcess") + + procHcsGetProcessInfo = modvmcompute.NewProc("HcsGetProcessInfo") + procHcsGetProcessProperties = modvmcompute.NewProc("HcsGetProcessProperties") + procHcsModifyProcess = modvmcompute.NewProc("HcsModifyProcess") + procHcsGetServiceProperties = modvmcompute.NewProc("HcsGetServiceProperties") + procHcsRegisterProcessCallback = modvmcompute.NewProc("HcsRegisterProcessCallback") + procHcsUnregisterProcessCallback = modvmcompute.NewProc("HcsUnregisterProcessCallback") +) + +func hcsEnumerateComputeSystems(query string, computeSystems **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(query) + if hr != nil { + return + } + return _hcsEnumerateComputeSystems(_p0, computeSystems, result) +} + +func _hcsEnumerateComputeSystems(query *uint16, computeSystems **uint16, result **uint16) (hr error) { + if hr = procHcsEnumerateComputeSystems.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsEnumerateComputeSystems.Addr(), 3, uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(computeSystems)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsCreateComputeSystem(id string, configuration string, identity syscall.Handle, computeSystem *hcsSystem, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(configuration) + if hr != nil { + return + } + return _hcsCreateComputeSystem(_p0, _p1, identity, computeSystem, result) +} + +func _hcsCreateComputeSystem(id *uint16, configuration *uint16, identity syscall.Handle, computeSystem *hcsSystem, result **uint16) (hr error) { + if hr = procHcsCreateComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcsCreateComputeSystem.Addr(), 5, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(configuration)), uintptr(identity), uintptr(unsafe.Pointer(computeSystem)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsOpenComputeSystem(id string, computeSystem *hcsSystem, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _hcsOpenComputeSystem(_p0, computeSystem, result) +} + +func _hcsOpenComputeSystem(id *uint16, computeSystem *hcsSystem, result **uint16) (hr error) { + if hr = procHcsOpenComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsOpenComputeSystem.Addr(), 3, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(computeSystem)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsCloseComputeSystem(computeSystem hcsSystem) (hr error) { + if hr = procHcsCloseComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsCloseComputeSystem.Addr(), 1, uintptr(computeSystem), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsStartComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(options) + if hr != nil { + return + } + return _hcsStartComputeSystem(computeSystem, _p0, result) +} + +func _hcsStartComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { + if hr = procHcsStartComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsStartComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsShutdownComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(options) + if hr != nil { + return + } + return _hcsShutdownComputeSystem(computeSystem, _p0, result) +} + +func _hcsShutdownComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { + if hr = procHcsShutdownComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsShutdownComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsTerminateComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(options) + if hr != nil { + return + } + return _hcsTerminateComputeSystem(computeSystem, _p0, result) +} + +func _hcsTerminateComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { + if hr = procHcsTerminateComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsTerminateComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsPauseComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(options) + if hr != nil { + return + } + return _hcsPauseComputeSystem(computeSystem, _p0, result) +} + +func _hcsPauseComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { + if hr = procHcsPauseComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsPauseComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsResumeComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(options) + if hr != nil { + return + } + return _hcsResumeComputeSystem(computeSystem, _p0, result) +} + +func _hcsResumeComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { + if hr = procHcsResumeComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsResumeComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsGetComputeSystemProperties(computeSystem hcsSystem, propertyQuery string, properties **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(propertyQuery) + if hr != nil { + return + } + return _hcsGetComputeSystemProperties(computeSystem, _p0, properties, result) +} + +func _hcsGetComputeSystemProperties(computeSystem hcsSystem, propertyQuery *uint16, properties **uint16, result **uint16) (hr error) { + if hr = procHcsGetComputeSystemProperties.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcsGetComputeSystemProperties.Addr(), 4, uintptr(computeSystem), uintptr(unsafe.Pointer(propertyQuery)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsModifyComputeSystem(computeSystem hcsSystem, configuration string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(configuration) + if hr != nil { + return + } + return _hcsModifyComputeSystem(computeSystem, _p0, result) +} + +func _hcsModifyComputeSystem(computeSystem hcsSystem, configuration *uint16, result **uint16) (hr error) { + if hr = procHcsModifyComputeSystem.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsModifyComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(configuration)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsRegisterComputeSystemCallback(computeSystem hcsSystem, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) { + if hr = procHcsRegisterComputeSystemCallback.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcsRegisterComputeSystemCallback.Addr(), 4, uintptr(computeSystem), uintptr(callback), uintptr(context), uintptr(unsafe.Pointer(callbackHandle)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsUnregisterComputeSystemCallback(callbackHandle hcsCallback) (hr error) { + if hr = procHcsUnregisterComputeSystemCallback.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsUnregisterComputeSystemCallback.Addr(), 1, uintptr(callbackHandle), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsCreateProcess(computeSystem hcsSystem, processParameters string, processInformation *hcsProcessInformation, process *hcsProcess, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(processParameters) + if hr != nil { + return + } + return _hcsCreateProcess(computeSystem, _p0, processInformation, process, result) +} + +func _hcsCreateProcess(computeSystem hcsSystem, processParameters *uint16, processInformation *hcsProcessInformation, process *hcsProcess, result **uint16) (hr error) { + if hr = procHcsCreateProcess.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcsCreateProcess.Addr(), 5, uintptr(computeSystem), uintptr(unsafe.Pointer(processParameters)), uintptr(unsafe.Pointer(processInformation)), uintptr(unsafe.Pointer(process)), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsOpenProcess(computeSystem hcsSystem, pid uint32, process *hcsProcess, result **uint16) (hr error) { + if hr = procHcsOpenProcess.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcsOpenProcess.Addr(), 4, uintptr(computeSystem), uintptr(pid), uintptr(unsafe.Pointer(process)), uintptr(unsafe.Pointer(result)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsCloseProcess(process hcsProcess) (hr error) { + if hr = procHcsCloseProcess.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsCloseProcess.Addr(), 1, uintptr(process), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsTerminateProcess(process hcsProcess, result **uint16) (hr error) { + if hr = procHcsTerminateProcess.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsTerminateProcess.Addr(), 2, uintptr(process), uintptr(unsafe.Pointer(result)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsSignalProcess(process hcsProcess, options string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(options) + if hr != nil { + return + } + return _hcsSignalProcess(process, _p0, result) +} + +func _hcsSignalProcess(process hcsProcess, options *uint16, result **uint16) (hr error) { + if hr = procHcsTerminateProcess.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsTerminateProcess.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsGetProcessInfo(process hcsProcess, processInformation *hcsProcessInformation, result **uint16) (hr error) { + if hr = procHcsGetProcessInfo.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsGetProcessInfo.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(processInformation)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsGetProcessProperties(process hcsProcess, processProperties **uint16, result **uint16) (hr error) { + if hr = procHcsGetProcessProperties.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsGetProcessProperties.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(processProperties)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsModifyProcess(process hcsProcess, settings string, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(settings) + if hr != nil { + return + } + return _hcsModifyProcess(process, _p0, result) +} + +func _hcsModifyProcess(process hcsProcess, settings *uint16, result **uint16) (hr error) { + if hr = procHcsModifyProcess.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsModifyProcess.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsGetServiceProperties(propertyQuery string, properties **uint16, result **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(propertyQuery) + if hr != nil { + return + } + return _hcsGetServiceProperties(_p0, properties, result) +} + +func _hcsGetServiceProperties(propertyQuery *uint16, properties **uint16, result **uint16) (hr error) { + if hr = procHcsGetServiceProperties.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsGetServiceProperties.Addr(), 3, uintptr(unsafe.Pointer(propertyQuery)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsRegisterProcessCallback(process hcsProcess, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) { + if hr = procHcsRegisterProcessCallback.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHcsRegisterProcessCallback.Addr(), 4, uintptr(process), uintptr(callback), uintptr(context), uintptr(unsafe.Pointer(callbackHandle)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func hcsUnregisterProcessCallback(callbackHandle hcsCallback) (hr error) { + if hr = procHcsUnregisterProcessCallback.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsUnregisterProcessCallback.Addr(), 1, uintptr(callbackHandle), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcserror/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/hcserror/BUILD new file mode 100644 index 00000000000..5a622b05f77 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcserror/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["hcserror.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/hcserror", + importpath = "github.com/Microsoft/hcsshim/internal/hcserror", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcserror/hcserror.go b/vendor/github.com/Microsoft/hcsshim/internal/hcserror/hcserror.go new file mode 100644 index 00000000000..921c2c8556c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcserror/hcserror.go @@ -0,0 +1,47 @@ +package hcserror + +import ( + "fmt" + "syscall" +) + +const ERROR_GEN_FAILURE = syscall.Errno(31) + +type HcsError struct { + title string + rest string + Err error +} + +func (e *HcsError) Error() string { + s := e.title + if len(s) > 0 && s[len(s)-1] != ' ' { + s += " " + } + s += fmt.Sprintf("failed in Win32: %s (0x%x)", e.Err, Win32FromError(e.Err)) + if e.rest != "" { + if e.rest[0] != ' ' { + s += " " + } + s += e.rest + } + return s +} + +func New(err error, title, rest string) error { + // Pass through DLL errors directly since they do not originate from HCS. + if _, ok := err.(*syscall.DLLError); ok { + return err + } + return &HcsError{title, rest, err} +} + +func Win32FromError(err error) uint32 { + if herr, ok := err.(*HcsError); ok { + return Win32FromError(herr.Err) + } + if code, ok := err.(syscall.Errno); ok { + return uint32(code) + } + return uint32(ERROR_GEN_FAILURE) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/hns/BUILD new file mode 100644 index 00000000000..370561674c4 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/BUILD @@ -0,0 +1,44 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "hns.go", + "hnsendpoint.go", + "hnsfuncs.go", + "hnsglobals.go", + "hnsnetwork.go", + "hnspolicy.go", + "hnspolicylist.go", + "hnssupport.go", + "namespace.go", + "zsyscall_windows.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/hns", + importpath = "github.com/Microsoft/hcsshim/internal/hns", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = [ + "//vendor/github.com/Microsoft/hcsshim/internal/hcserror:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/interop:go_default_library", + "//vendor/github.com/sirupsen/logrus:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hns.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hns.go new file mode 100644 index 00000000000..b2e475f53c6 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hns.go @@ -0,0 +1,23 @@ +package hns + +import "fmt" + +//go:generate go run ../../mksyscall_windows.go -output zsyscall_windows.go hns.go + +//sys _hnsCall(method string, path string, object string, response **uint16) (hr error) = vmcompute.HNSCall? + +type EndpointNotFoundError struct { + EndpointName string +} + +func (e EndpointNotFoundError) Error() string { + return fmt.Sprintf("Endpoint %s not found", e.EndpointName) +} + +type NetworkNotFoundError struct { + NetworkName string +} + +func (e NetworkNotFoundError) Error() string { + return fmt.Sprintf("Network %s not found", e.NetworkName) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go new file mode 100644 index 00000000000..59ec7004c3d --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go @@ -0,0 +1,262 @@ +package hns + +import ( + "encoding/json" + "net" + + "github.com/sirupsen/logrus" +) + +// HNSEndpoint represents a network endpoint in HNS +type HNSEndpoint struct { + Id string `json:"ID,omitempty"` + Name string `json:",omitempty"` + VirtualNetwork string `json:",omitempty"` + VirtualNetworkName string `json:",omitempty"` + Policies []json.RawMessage `json:",omitempty"` + MacAddress string `json:",omitempty"` + IPAddress net.IP `json:",omitempty"` + DNSSuffix string `json:",omitempty"` + DNSServerList string `json:",omitempty"` + GatewayAddress string `json:",omitempty"` + EnableInternalDNS bool `json:",omitempty"` + DisableICC bool `json:",omitempty"` + PrefixLength uint8 `json:",omitempty"` + IsRemoteEndpoint bool `json:",omitempty"` + EnableLowMetric bool `json:",omitempty"` + Namespace *Namespace `json:",omitempty"` + EncapOverhead uint16 `json:",omitempty"` +} + +//SystemType represents the type of the system on which actions are done +type SystemType string + +// SystemType const +const ( + ContainerType SystemType = "Container" + VirtualMachineType SystemType = "VirtualMachine" + HostType SystemType = "Host" +) + +// EndpointAttachDetachRequest is the structure used to send request to the container to modify the system +// Supported resource types are Network and Request Types are Add/Remove +type EndpointAttachDetachRequest struct { + ContainerID string `json:"ContainerId,omitempty"` + SystemType SystemType `json:"SystemType"` + CompartmentID uint16 `json:"CompartmentId,omitempty"` + VirtualNICName string `json:"VirtualNicName,omitempty"` +} + +// EndpointResquestResponse is object to get the endpoint request response +type EndpointResquestResponse struct { + Success bool + Error string +} + +// HNSEndpointRequest makes a HNS call to modify/query a network endpoint +func HNSEndpointRequest(method, path, request string) (*HNSEndpoint, error) { + endpoint := &HNSEndpoint{} + err := hnsCall(method, "/endpoints/"+path, request, &endpoint) + if err != nil { + return nil, err + } + + return endpoint, nil +} + +// HNSListEndpointRequest makes a HNS call to query the list of available endpoints +func HNSListEndpointRequest() ([]HNSEndpoint, error) { + var endpoint []HNSEndpoint + err := hnsCall("GET", "/endpoints/", "", &endpoint) + if err != nil { + return nil, err + } + + return endpoint, nil +} + +// GetHNSEndpointByID get the Endpoint by ID +func GetHNSEndpointByID(endpointID string) (*HNSEndpoint, error) { + return HNSEndpointRequest("GET", endpointID, "") +} + +// GetHNSEndpointByName gets the endpoint filtered by Name +func GetHNSEndpointByName(endpointName string) (*HNSEndpoint, error) { + hnsResponse, err := HNSListEndpointRequest() + if err != nil { + return nil, err + } + for _, hnsEndpoint := range hnsResponse { + if hnsEndpoint.Name == endpointName { + return &hnsEndpoint, nil + } + } + return nil, EndpointNotFoundError{EndpointName: endpointName} +} + +// Create Endpoint by sending EndpointRequest to HNS. TODO: Create a separate HNS interface to place all these methods +func (endpoint *HNSEndpoint) Create() (*HNSEndpoint, error) { + operation := "Create" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + + jsonString, err := json.Marshal(endpoint) + if err != nil { + return nil, err + } + return HNSEndpointRequest("POST", "", string(jsonString)) +} + +// Delete Endpoint by sending EndpointRequest to HNS +func (endpoint *HNSEndpoint) Delete() (*HNSEndpoint, error) { + operation := "Delete" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + + return HNSEndpointRequest("DELETE", endpoint.Id, "") +} + +// Update Endpoint +func (endpoint *HNSEndpoint) Update() (*HNSEndpoint, error) { + operation := "Update" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + jsonString, err := json.Marshal(endpoint) + if err != nil { + return nil, err + } + err = hnsCall("POST", "/endpoints/"+endpoint.Id, string(jsonString), &endpoint) + + return endpoint, err +} + +// ApplyACLPolicy applies a set of ACL Policies on the Endpoint +func (endpoint *HNSEndpoint) ApplyACLPolicy(policies ...*ACLPolicy) error { + operation := "ApplyACLPolicy" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + + for _, policy := range policies { + if policy == nil { + continue + } + jsonString, err := json.Marshal(policy) + if err != nil { + return err + } + endpoint.Policies = append(endpoint.Policies, jsonString) + } + + _, err := endpoint.Update() + return err +} + +// ContainerAttach attaches an endpoint to container +func (endpoint *HNSEndpoint) ContainerAttach(containerID string, compartmentID uint16) error { + operation := "ContainerAttach" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + + requestMessage := &EndpointAttachDetachRequest{ + ContainerID: containerID, + CompartmentID: compartmentID, + SystemType: ContainerType, + } + response := &EndpointResquestResponse{} + jsonString, err := json.Marshal(requestMessage) + if err != nil { + return err + } + return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response) +} + +// ContainerDetach detaches an endpoint from container +func (endpoint *HNSEndpoint) ContainerDetach(containerID string) error { + operation := "ContainerDetach" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + + requestMessage := &EndpointAttachDetachRequest{ + ContainerID: containerID, + SystemType: ContainerType, + } + response := &EndpointResquestResponse{} + + jsonString, err := json.Marshal(requestMessage) + if err != nil { + return err + } + return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response) +} + +// HostAttach attaches a nic on the host +func (endpoint *HNSEndpoint) HostAttach(compartmentID uint16) error { + operation := "HostAttach" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + requestMessage := &EndpointAttachDetachRequest{ + CompartmentID: compartmentID, + SystemType: HostType, + } + response := &EndpointResquestResponse{} + + jsonString, err := json.Marshal(requestMessage) + if err != nil { + return err + } + return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response) + +} + +// HostDetach detaches a nic on the host +func (endpoint *HNSEndpoint) HostDetach() error { + operation := "HostDetach" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + requestMessage := &EndpointAttachDetachRequest{ + SystemType: HostType, + } + response := &EndpointResquestResponse{} + + jsonString, err := json.Marshal(requestMessage) + if err != nil { + return err + } + return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response) +} + +// VirtualMachineNICAttach attaches a endpoint to a virtual machine +func (endpoint *HNSEndpoint) VirtualMachineNICAttach(virtualMachineNICName string) error { + operation := "VirtualMachineNicAttach" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + requestMessage := &EndpointAttachDetachRequest{ + VirtualNICName: virtualMachineNICName, + SystemType: VirtualMachineType, + } + response := &EndpointResquestResponse{} + + jsonString, err := json.Marshal(requestMessage) + if err != nil { + return err + } + return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response) +} + +// VirtualMachineNICDetach detaches a endpoint from a virtual machine +func (endpoint *HNSEndpoint) VirtualMachineNICDetach() error { + operation := "VirtualMachineNicDetach" + title := "hcsshim::HNSEndpoint::" + operation + logrus.Debugf(title+" id=%s", endpoint.Id) + + requestMessage := &EndpointAttachDetachRequest{ + SystemType: VirtualMachineType, + } + response := &EndpointResquestResponse{} + + jsonString, err := json.Marshal(requestMessage) + if err != nil { + return err + } + return hnsCall("POST", "/endpoints/"+endpoint.Id+"/detach", string(jsonString), &response) +} diff --git a/vendor/github.com/Microsoft/hcsshim/hnsfuncs.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go similarity index 77% rename from vendor/github.com/Microsoft/hcsshim/hnsfuncs.go rename to vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go index 2c1b979ae84..969d1b263bc 100644 --- a/vendor/github.com/Microsoft/hcsshim/hnsfuncs.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go @@ -1,9 +1,11 @@ -package hcsshim +package hns import ( "encoding/json" "fmt" + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/Microsoft/hcsshim/internal/interop" "github.com/sirupsen/logrus" ) @@ -13,9 +15,9 @@ func hnsCall(method, path, request string, returnResponse interface{}) error { err := _hnsCall(method, path, request, &responseBuffer) if err != nil { - return makeError(err, "hnsCall ", "") + return hcserror.New(err, "hnsCall ", "") } - response := convertAndFreeCoTaskMemString(responseBuffer) + response := interop.ConvertAndFreeCoTaskMemString(responseBuffer) hnsresponse := &hnsResponse{} if err = json.Unmarshal([]byte(response), &hnsresponse); err != nil { diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsglobals.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsglobals.go new file mode 100644 index 00000000000..a8d8cc56aea --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsglobals.go @@ -0,0 +1,28 @@ +package hns + +type HNSGlobals struct { + Version HNSVersion `json:"Version"` +} + +type HNSVersion struct { + Major int `json:"Major"` + Minor int `json:"Minor"` +} + +var ( + HNSVersion1803 = HNSVersion{Major: 7, Minor: 2} +) + +func GetHNSGlobals() (*HNSGlobals, error) { + var version HNSVersion + err := hnsCall("GET", "/globals/version", "", &version) + if err != nil { + return nil, err + } + + globals := &HNSGlobals{ + Version: version, + } + + return globals, nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsnetwork.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsnetwork.go new file mode 100644 index 00000000000..7e859de9124 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsnetwork.go @@ -0,0 +1,141 @@ +package hns + +import ( + "encoding/json" + "net" + + "github.com/sirupsen/logrus" +) + +// Subnet is assoicated with a network and represents a list +// of subnets available to the network +type Subnet struct { + AddressPrefix string `json:",omitempty"` + GatewayAddress string `json:",omitempty"` + Policies []json.RawMessage `json:",omitempty"` +} + +// MacPool is assoicated with a network and represents a list +// of macaddresses available to the network +type MacPool struct { + StartMacAddress string `json:",omitempty"` + EndMacAddress string `json:",omitempty"` +} + +// HNSNetwork represents a network in HNS +type HNSNetwork struct { + Id string `json:"ID,omitempty"` + Name string `json:",omitempty"` + Type string `json:",omitempty"` + NetworkAdapterName string `json:",omitempty"` + SourceMac string `json:",omitempty"` + Policies []json.RawMessage `json:",omitempty"` + MacPools []MacPool `json:",omitempty"` + Subnets []Subnet `json:",omitempty"` + DNSSuffix string `json:",omitempty"` + DNSServerList string `json:",omitempty"` + DNSServerCompartment uint32 `json:",omitempty"` + ManagementIP string `json:",omitempty"` + AutomaticDNS bool `json:",omitempty"` +} + +type hnsNetworkResponse struct { + Success bool + Error string + Output HNSNetwork +} + +type hnsResponse struct { + Success bool + Error string + Output json.RawMessage +} + +// HNSNetworkRequest makes a call into HNS to update/query a single network +func HNSNetworkRequest(method, path, request string) (*HNSNetwork, error) { + var network HNSNetwork + err := hnsCall(method, "/networks/"+path, request, &network) + if err != nil { + return nil, err + } + + return &network, nil +} + +// HNSListNetworkRequest makes a HNS call to query the list of available networks +func HNSListNetworkRequest(method, path, request string) ([]HNSNetwork, error) { + var network []HNSNetwork + err := hnsCall(method, "/networks/"+path, request, &network) + if err != nil { + return nil, err + } + + return network, nil +} + +// GetHNSNetworkByID +func GetHNSNetworkByID(networkID string) (*HNSNetwork, error) { + return HNSNetworkRequest("GET", networkID, "") +} + +// GetHNSNetworkName filtered by Name +func GetHNSNetworkByName(networkName string) (*HNSNetwork, error) { + hsnnetworks, err := HNSListNetworkRequest("GET", "", "") + if err != nil { + return nil, err + } + for _, hnsnetwork := range hsnnetworks { + if hnsnetwork.Name == networkName { + return &hnsnetwork, nil + } + } + return nil, NetworkNotFoundError{NetworkName: networkName} +} + +// Create Network by sending NetworkRequest to HNS. +func (network *HNSNetwork) Create() (*HNSNetwork, error) { + operation := "Create" + title := "hcsshim::HNSNetwork::" + operation + logrus.Debugf(title+" id=%s", network.Id) + + jsonString, err := json.Marshal(network) + if err != nil { + return nil, err + } + return HNSNetworkRequest("POST", "", string(jsonString)) +} + +// Delete Network by sending NetworkRequest to HNS +func (network *HNSNetwork) Delete() (*HNSNetwork, error) { + operation := "Delete" + title := "hcsshim::HNSNetwork::" + operation + logrus.Debugf(title+" id=%s", network.Id) + + return HNSNetworkRequest("DELETE", network.Id, "") +} + +// Creates an endpoint on the Network. +func (network *HNSNetwork) NewEndpoint(ipAddress net.IP, macAddress net.HardwareAddr) *HNSEndpoint { + return &HNSEndpoint{ + VirtualNetwork: network.Id, + IPAddress: ipAddress, + MacAddress: string(macAddress), + } +} + +func (network *HNSNetwork) CreateEndpoint(endpoint *HNSEndpoint) (*HNSEndpoint, error) { + operation := "CreateEndpoint" + title := "hcsshim::HNSNetwork::" + operation + logrus.Debugf(title+" id=%s, endpointId=%s", network.Id, endpoint.Id) + + endpoint.VirtualNetwork = network.Id + return endpoint.Create() +} + +func (network *HNSNetwork) CreateRemoteEndpoint(endpoint *HNSEndpoint) (*HNSEndpoint, error) { + operation := "CreateRemoteEndpoint" + title := "hcsshim::HNSNetwork::" + operation + logrus.Debugf(title+" id=%s", network.Id) + endpoint.IsRemoteEndpoint = true + return network.CreateEndpoint(endpoint) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go new file mode 100644 index 00000000000..2318a4fce2b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go @@ -0,0 +1,98 @@ +package hns + +// Type of Request Support in ModifySystem +type PolicyType string + +// RequestType const +const ( + Nat PolicyType = "NAT" + ACL PolicyType = "ACL" + PA PolicyType = "PA" + VLAN PolicyType = "VLAN" + VSID PolicyType = "VSID" + VNet PolicyType = "VNET" + L2Driver PolicyType = "L2Driver" + Isolation PolicyType = "Isolation" + QOS PolicyType = "QOS" + OutboundNat PolicyType = "OutBoundNAT" + ExternalLoadBalancer PolicyType = "ELB" + Route PolicyType = "ROUTE" +) + +type NatPolicy struct { + Type PolicyType `json:"Type"` + Protocol string + InternalPort uint16 + ExternalPort uint16 +} + +type QosPolicy struct { + Type PolicyType `json:"Type"` + MaximumOutgoingBandwidthInBytes uint64 +} + +type IsolationPolicy struct { + Type PolicyType `json:"Type"` + VLAN uint + VSID uint + InDefaultIsolation bool +} + +type VlanPolicy struct { + Type PolicyType `json:"Type"` + VLAN uint +} + +type VsidPolicy struct { + Type PolicyType `json:"Type"` + VSID uint +} + +type PaPolicy struct { + Type PolicyType `json:"Type"` + PA string `json:"PA"` +} + +type OutboundNatPolicy struct { + Policy + VIP string `json:"VIP,omitempty"` + Exceptions []string `json:"ExceptionList,omitempty"` +} + +type ActionType string +type DirectionType string +type RuleType string + +const ( + Allow ActionType = "Allow" + Block ActionType = "Block" + + In DirectionType = "In" + Out DirectionType = "Out" + + Host RuleType = "Host" + Switch RuleType = "Switch" +) + +type ACLPolicy struct { + Type PolicyType `json:"Type"` + Id string `json:"Id,omitempty"` + Protocol uint16 + Protocols string `json:"Protocols,omitempty"` + InternalPort uint16 + Action ActionType + Direction DirectionType + LocalAddresses string + RemoteAddresses string + LocalPorts string `json:"LocalPorts,omitempty"` + LocalPort uint16 + RemotePorts string `json:"RemotePorts,omitempty"` + RemotePort uint16 + RuleType RuleType `json:"RuleType,omitempty"` + Priority uint16 + ServiceName string +} + +type Policy struct { + Type PolicyType `json:"Type"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicylist.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicylist.go new file mode 100644 index 00000000000..31322a68167 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicylist.go @@ -0,0 +1,201 @@ +package hns + +import ( + "encoding/json" + + "github.com/sirupsen/logrus" +) + +// RoutePolicy is a structure defining schema for Route based Policy +type RoutePolicy struct { + Policy + DestinationPrefix string `json:"DestinationPrefix,omitempty"` + NextHop string `json:"NextHop,omitempty"` + EncapEnabled bool `json:"NeedEncap,omitempty"` +} + +// ELBPolicy is a structure defining schema for ELB LoadBalancing based Policy +type ELBPolicy struct { + LBPolicy + SourceVIP string `json:"SourceVIP,omitempty"` + VIPs []string `json:"VIPs,omitempty"` + ILB bool `json:"ILB,omitempty"` + DSR bool `json:"IsDSR,omitempty"` +} + +// LBPolicy is a structure defining schema for LoadBalancing based Policy +type LBPolicy struct { + Policy + Protocol uint16 `json:"Protocol,omitempty"` + InternalPort uint16 + ExternalPort uint16 +} + +// PolicyList is a structure defining schema for Policy list request +type PolicyList struct { + ID string `json:"ID,omitempty"` + EndpointReferences []string `json:"References,omitempty"` + Policies []json.RawMessage `json:"Policies,omitempty"` +} + +// HNSPolicyListRequest makes a call into HNS to update/query a single network +func HNSPolicyListRequest(method, path, request string) (*PolicyList, error) { + var policy PolicyList + err := hnsCall(method, "/policylists/"+path, request, &policy) + if err != nil { + return nil, err + } + + return &policy, nil +} + +// HNSListPolicyListRequest gets all the policy list +func HNSListPolicyListRequest() ([]PolicyList, error) { + var plist []PolicyList + err := hnsCall("GET", "/policylists/", "", &plist) + if err != nil { + return nil, err + } + + return plist, nil +} + +// PolicyListRequest makes a HNS call to modify/query a network policy list +func PolicyListRequest(method, path, request string) (*PolicyList, error) { + policylist := &PolicyList{} + err := hnsCall(method, "/policylists/"+path, request, &policylist) + if err != nil { + return nil, err + } + + return policylist, nil +} + +// GetPolicyListByID get the policy list by ID +func GetPolicyListByID(policyListID string) (*PolicyList, error) { + return PolicyListRequest("GET", policyListID, "") +} + +// Create PolicyList by sending PolicyListRequest to HNS. +func (policylist *PolicyList) Create() (*PolicyList, error) { + operation := "Create" + title := "hcsshim::PolicyList::" + operation + logrus.Debugf(title+" id=%s", policylist.ID) + jsonString, err := json.Marshal(policylist) + if err != nil { + return nil, err + } + return PolicyListRequest("POST", "", string(jsonString)) +} + +// Delete deletes PolicyList +func (policylist *PolicyList) Delete() (*PolicyList, error) { + operation := "Delete" + title := "hcsshim::PolicyList::" + operation + logrus.Debugf(title+" id=%s", policylist.ID) + + return PolicyListRequest("DELETE", policylist.ID, "") +} + +// AddEndpoint add an endpoint to a Policy List +func (policylist *PolicyList) AddEndpoint(endpoint *HNSEndpoint) (*PolicyList, error) { + operation := "AddEndpoint" + title := "hcsshim::PolicyList::" + operation + logrus.Debugf(title+" id=%s, endpointId:%s", policylist.ID, endpoint.Id) + + _, err := policylist.Delete() + if err != nil { + return nil, err + } + + // Add Endpoint to the Existing List + policylist.EndpointReferences = append(policylist.EndpointReferences, "/endpoints/"+endpoint.Id) + + return policylist.Create() +} + +// RemoveEndpoint removes an endpoint from the Policy List +func (policylist *PolicyList) RemoveEndpoint(endpoint *HNSEndpoint) (*PolicyList, error) { + operation := "RemoveEndpoint" + title := "hcsshim::PolicyList::" + operation + logrus.Debugf(title+" id=%s, endpointId:%s", policylist.ID, endpoint.Id) + + _, err := policylist.Delete() + if err != nil { + return nil, err + } + + elementToRemove := "/endpoints/" + endpoint.Id + + var references []string + + for _, endpointReference := range policylist.EndpointReferences { + if endpointReference == elementToRemove { + continue + } + references = append(references, endpointReference) + } + policylist.EndpointReferences = references + return policylist.Create() +} + +// AddLoadBalancer policy list for the specified endpoints +func AddLoadBalancer(endpoints []HNSEndpoint, isILB bool, sourceVIP, vip string, protocol uint16, internalPort uint16, externalPort uint16) (*PolicyList, error) { + operation := "AddLoadBalancer" + title := "hcsshim::PolicyList::" + operation + logrus.Debugf(title+" endpointId=%v, isILB=%v, sourceVIP=%s, vip=%s, protocol=%v, internalPort=%v, externalPort=%v", endpoints, isILB, sourceVIP, vip, protocol, internalPort, externalPort) + + policylist := &PolicyList{} + + elbPolicy := &ELBPolicy{ + SourceVIP: sourceVIP, + ILB: isILB, + } + + if len(vip) > 0 { + elbPolicy.VIPs = []string{vip} + } + elbPolicy.Type = ExternalLoadBalancer + elbPolicy.Protocol = protocol + elbPolicy.InternalPort = internalPort + elbPolicy.ExternalPort = externalPort + + for _, endpoint := range endpoints { + policylist.EndpointReferences = append(policylist.EndpointReferences, "/endpoints/"+endpoint.Id) + } + + jsonString, err := json.Marshal(elbPolicy) + if err != nil { + return nil, err + } + policylist.Policies = append(policylist.Policies, jsonString) + return policylist.Create() +} + +// AddRoute adds route policy list for the specified endpoints +func AddRoute(endpoints []HNSEndpoint, destinationPrefix string, nextHop string, encapEnabled bool) (*PolicyList, error) { + operation := "AddRoute" + title := "hcsshim::PolicyList::" + operation + logrus.Debugf(title+" destinationPrefix:%s", destinationPrefix) + + policylist := &PolicyList{} + + rPolicy := &RoutePolicy{ + DestinationPrefix: destinationPrefix, + NextHop: nextHop, + EncapEnabled: encapEnabled, + } + rPolicy.Type = Route + + for _, endpoint := range endpoints { + policylist.EndpointReferences = append(policylist.EndpointReferences, "/endpoints/"+endpoint.Id) + } + + jsonString, err := json.Marshal(rPolicy) + if err != nil { + return nil, err + } + + policylist.Policies = append(policylist.Policies, jsonString) + return policylist.Create() +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnssupport.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnssupport.go new file mode 100644 index 00000000000..d5efba7f284 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnssupport.go @@ -0,0 +1,49 @@ +package hns + +import ( + "github.com/sirupsen/logrus" +) + +type HNSSupportedFeatures struct { + Acl HNSAclFeatures `json:"ACL"` +} + +type HNSAclFeatures struct { + AclAddressLists bool `json:"AclAddressLists"` + AclNoHostRulePriority bool `json:"AclHostRulePriority"` + AclPortRanges bool `json:"AclPortRanges"` + AclRuleId bool `json:"AclRuleId"` +} + +func GetHNSSupportedFeatures() HNSSupportedFeatures { + var hnsFeatures HNSSupportedFeatures + + globals, err := GetHNSGlobals() + if err != nil { + // Expected on pre-1803 builds, all features will be false/unsupported + logrus.Debugf("Unable to obtain HNS globals: %s", err) + return hnsFeatures + } + + hnsFeatures.Acl = HNSAclFeatures{ + AclAddressLists: isHNSFeatureSupported(globals.Version, HNSVersion1803), + AclNoHostRulePriority: isHNSFeatureSupported(globals.Version, HNSVersion1803), + AclPortRanges: isHNSFeatureSupported(globals.Version, HNSVersion1803), + AclRuleId: isHNSFeatureSupported(globals.Version, HNSVersion1803), + } + + return hnsFeatures +} + +func isHNSFeatureSupported(currentVersion HNSVersion, minVersionSupported HNSVersion) bool { + if currentVersion.Major < minVersionSupported.Major { + return false + } + if currentVersion.Major > minVersionSupported.Major { + return true + } + if currentVersion.Minor < minVersionSupported.Minor { + return false + } + return true +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go new file mode 100644 index 00000000000..45e2281b078 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go @@ -0,0 +1,110 @@ +package hns + +import ( + "encoding/json" + "fmt" + "os" + "path" + "strings" +) + +type namespaceRequest struct { + IsDefault bool `json:",omitempty"` +} + +type namespaceEndpointRequest struct { + ID string `json:"Id"` +} + +type NamespaceResource struct { + Type string + Data json.RawMessage +} + +type namespaceResourceRequest struct { + Type string + Data interface{} +} + +type Namespace struct { + ID string + IsDefault bool `json:",omitempty"` + ResourceList []NamespaceResource `json:",omitempty"` +} + +func issueNamespaceRequest(id *string, method, subpath string, request interface{}) (*Namespace, error) { + var err error + hnspath := "/namespaces/" + if id != nil { + hnspath = path.Join(hnspath, *id) + } + if subpath != "" { + hnspath = path.Join(hnspath, subpath) + } + var reqJSON []byte + if request != nil { + if reqJSON, err = json.Marshal(request); err != nil { + return nil, err + } + } + var ns Namespace + err = hnsCall(method, hnspath, string(reqJSON), &ns) + if err != nil { + if strings.Contains(err.Error(), "Element not found.") { + return nil, os.ErrNotExist + } + return nil, fmt.Errorf("%s %s: %s", method, hnspath, err) + } + return &ns, err +} + +func CreateNamespace() (string, error) { + req := namespaceRequest{} + ns, err := issueNamespaceRequest(nil, "POST", "", &req) + if err != nil { + return "", err + } + return ns.ID, nil +} + +func RemoveNamespace(id string) error { + _, err := issueNamespaceRequest(&id, "DELETE", "", nil) + return err +} + +func GetNamespaceEndpoints(id string) ([]string, error) { + ns, err := issueNamespaceRequest(&id, "GET", "", nil) + if err != nil { + return nil, err + } + var endpoints []string + for _, rsrc := range ns.ResourceList { + if rsrc.Type == "Endpoint" { + var endpoint namespaceEndpointRequest + err = json.Unmarshal(rsrc.Data, &endpoint) + if err != nil { + return nil, fmt.Errorf("unmarshal endpoint: %s", err) + } + endpoints = append(endpoints, endpoint.ID) + } + } + return endpoints, nil +} + +func AddNamespaceEndpoint(id string, endpointID string) error { + resource := namespaceResourceRequest{ + Type: "Endpoint", + Data: namespaceEndpointRequest{endpointID}, + } + _, err := issueNamespaceRequest(&id, "POST", "addresource", &resource) + return err +} + +func RemoveNamespaceEndpoint(id string, endpointID string) error { + resource := namespaceResourceRequest{ + Type: "Endpoint", + Data: namespaceEndpointRequest{endpointID}, + } + _, err := issueNamespaceRequest(&id, "POST", "removeresource", &resource) + return err +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/zsyscall_windows.go new file mode 100644 index 00000000000..204633a4887 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/zsyscall_windows.go @@ -0,0 +1,76 @@ +// Code generated mksyscall_windows.exe DO NOT EDIT + +package hns + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modvmcompute = windows.NewLazySystemDLL("vmcompute.dll") + + procHNSCall = modvmcompute.NewProc("HNSCall") +) + +func _hnsCall(method string, path string, object string, response **uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(method) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(path) + if hr != nil { + return + } + var _p2 *uint16 + _p2, hr = syscall.UTF16PtrFromString(object) + if hr != nil { + return + } + return __hnsCall(_p0, _p1, _p2, response) +} + +func __hnsCall(method *uint16, path *uint16, object *uint16, response **uint16) (hr error) { + if hr = procHNSCall.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procHNSCall.Addr(), 4, uintptr(unsafe.Pointer(method)), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(object)), uintptr(unsafe.Pointer(response)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/interop/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/interop/BUILD new file mode 100644 index 00000000000..e591140d2c8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/interop/BUILD @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "interop.go", + "zsyscall_windows.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/interop", + importpath = "github.com/Microsoft/hcsshim/internal/interop", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/interop/interop.go b/vendor/github.com/Microsoft/hcsshim/internal/interop/interop.go new file mode 100644 index 00000000000..2f6ec029ecf --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/interop/interop.go @@ -0,0 +1,27 @@ +package interop + +import ( + "syscall" + "unsafe" +) + +//go:generate go run ../../mksyscall_windows.go -output zsyscall_windows.go interop.go + +//sys coTaskMemFree(buffer unsafe.Pointer) = api_ms_win_core_com_l1_1_0.CoTaskMemFree + +func ConvertAndFreeCoTaskMemString(buffer *uint16) string { + str := syscall.UTF16ToString((*[1 << 29]uint16)(unsafe.Pointer(buffer))[:]) + coTaskMemFree(unsafe.Pointer(buffer)) + return str +} + +func ConvertAndFreeCoTaskMemBytes(buffer *uint16) []byte { + return []byte(ConvertAndFreeCoTaskMemString(buffer)) +} + +func Win32FromHresult(hr uintptr) syscall.Errno { + if hr&0x1fff0000 == 0x00070000 { + return syscall.Errno(hr & 0xffff) + } + return syscall.Errno(hr) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/interop/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/internal/interop/zsyscall_windows.go new file mode 100644 index 00000000000..12b0c71c5ae --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/interop/zsyscall_windows.go @@ -0,0 +1,48 @@ +// Code generated mksyscall_windows.exe DO NOT EDIT + +package interop + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modapi_ms_win_core_com_l1_1_0 = windows.NewLazySystemDLL("api-ms-win-core-com-l1-1-0.dll") + + procCoTaskMemFree = modapi_ms_win_core_com_l1_1_0.NewProc("CoTaskMemFree") +) + +func coTaskMemFree(buffer unsafe.Pointer) { + syscall.Syscall(procCoTaskMemFree.Addr(), 1, uintptr(buffer), 0, 0) + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/logfields/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/logfields/BUILD new file mode 100644 index 00000000000..f00a7a9f3fa --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/logfields/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["fields.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/logfields", + importpath = "github.com/Microsoft/hcsshim/internal/logfields", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go b/vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go new file mode 100644 index 00000000000..a1527d70601 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go @@ -0,0 +1,37 @@ +package logfields + +const ( + // Identifiers + + ContainerID = "cid" + UVMID = "uvm-id" + ProcessID = "pid" + + // Common Misc + + // Timeout represents an operation timeout. + Timeout = "timeout" + JSON = "json" + + // Keys/values + + Field = "field" + OCIAnnotation = "oci-annotation" + Value = "value" + + // Golang type's + + ExpectedType = "expected-type" + Bool = "bool" + Uint32 = "uint32" + Uint64 = "uint64" + + // HCS + + HCSOperation = "hcs-op" + HCSOperationResult = "hcs-op-result" + + // runhcs + + VMShimOperation = "vmshim-op" +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/longpath/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/longpath/BUILD new file mode 100644 index 00000000000..912f0defb00 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/longpath/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["longpath.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/longpath", + importpath = "github.com/Microsoft/hcsshim/internal/longpath", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/longpath/longpath.go b/vendor/github.com/Microsoft/hcsshim/internal/longpath/longpath.go new file mode 100644 index 00000000000..e5b8b85e09a --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/longpath/longpath.go @@ -0,0 +1,24 @@ +package longpath + +import ( + "path/filepath" + "strings" +) + +// LongAbs makes a path absolute and returns it in NT long path form. +func LongAbs(path string) (string, error) { + if strings.HasPrefix(path, `\\?\`) || strings.HasPrefix(path, `\\.\`) { + return path, nil + } + if !filepath.IsAbs(path) { + absPath, err := filepath.Abs(path) + if err != nil { + return "", err + } + path = absPath + } + if strings.HasPrefix(path, `\\`) { + return `\\?\UNC\` + path[2:], nil + } + return `\\?\` + path, nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/mergemaps/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/mergemaps/BUILD new file mode 100644 index 00000000000..61c512d219e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/mergemaps/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["merge.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/mergemaps", + importpath = "github.com/Microsoft/hcsshim/internal/mergemaps", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/mergemaps/merge.go b/vendor/github.com/Microsoft/hcsshim/internal/mergemaps/merge.go new file mode 100644 index 00000000000..7e95efb30d7 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/mergemaps/merge.go @@ -0,0 +1,52 @@ +package mergemaps + +import "encoding/json" + +// Merge recursively merges map `fromMap` into map `ToMap`. Any pre-existing values +// in ToMap are overwritten. Values in fromMap are added to ToMap. +// From http://stackoverflow.com/questions/40491438/merging-two-json-strings-in-golang +func Merge(fromMap, ToMap interface{}) interface{} { + switch fromMap := fromMap.(type) { + case map[string]interface{}: + ToMap, ok := ToMap.(map[string]interface{}) + if !ok { + return fromMap + } + for keyToMap, valueToMap := range ToMap { + if valueFromMap, ok := fromMap[keyToMap]; ok { + fromMap[keyToMap] = Merge(valueFromMap, valueToMap) + } else { + fromMap[keyToMap] = valueToMap + } + } + case nil: + // merge(nil, map[string]interface{...}) -> map[string]interface{...} + ToMap, ok := ToMap.(map[string]interface{}) + if ok { + return ToMap + } + } + return fromMap +} + +// MergeJSON merges the contents of a JSON string into an object representation, +// returning a new object suitable for translating to JSON. +func MergeJSON(object interface{}, additionalJSON []byte) (interface{}, error) { + if len(additionalJSON) == 0 { + return object, nil + } + objectJSON, err := json.Marshal(object) + if err != nil { + return nil, err + } + var objectMap, newMap map[string]interface{} + err = json.Unmarshal(objectJSON, &objectMap) + if err != nil { + return nil, err + } + err = json.Unmarshal(additionalJSON, &newMap) + if err != nil { + return nil, err + } + return Merge(newMap, objectMap), nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/regstate/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/regstate/BUILD new file mode 100644 index 00000000000..26a04e50eeb --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/regstate/BUILD @@ -0,0 +1,34 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "regstate.go", + "zsyscall_windows.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/regstate", + importpath = "github.com/Microsoft/hcsshim/internal/regstate", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = [ + "//vendor/golang.org/x/sys/windows/registry:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go b/vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go new file mode 100644 index 00000000000..6c4a6415612 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go @@ -0,0 +1,287 @@ +package regstate + +import ( + "encoding/json" + "fmt" + "net/url" + "os" + "path/filepath" + "reflect" + "syscall" + + "golang.org/x/sys/windows/registry" +) + +//go:generate go run $GOROOT/src/syscall/mksyscall_windows.go -output zsyscall_windows.go regstate.go + +//sys regCreateKeyEx(key syscall.Handle, subkey *uint16, reserved uint32, class *uint16, options uint32, desired uint32, sa *syscall.SecurityAttributes, result *syscall.Handle, disposition *uint32) (regerrno error) = advapi32.RegCreateKeyExW + +const ( + _REG_OPTION_VOLATILE = 1 + + _REG_CREATED_NEW_KEY = 1 + _REG_OPENED_EXISTING_KEY = 2 +) + +type Key struct { + registry.Key + Name string +} + +var localMachine = &Key{registry.LOCAL_MACHINE, "HKEY_LOCAL_MACHINE"} +var localUser = &Key{registry.CURRENT_USER, "HKEY_CURRENT_USER"} + +var rootPath = `SOFTWARE\Microsoft\runhcs` + +type NotFoundError struct { + Id string +} + +func (err *NotFoundError) Error() string { + return fmt.Sprintf("ID '%s' was not found", err.Id) +} + +func IsNotFoundError(err error) bool { + _, ok := err.(*NotFoundError) + return ok +} + +type NoStateError struct { + ID string + Key string +} + +func (err *NoStateError) Error() string { + return fmt.Sprintf("state '%s' is not present for ID '%s'", err.Key, err.ID) +} + +func createVolatileKey(k *Key, path string, access uint32) (newk *Key, openedExisting bool, err error) { + var ( + h syscall.Handle + d uint32 + ) + fullpath := filepath.Join(k.Name, path) + err = regCreateKeyEx(syscall.Handle(k.Key), syscall.StringToUTF16Ptr(path), 0, nil, _REG_OPTION_VOLATILE, access, nil, &h, &d) + if err != nil { + return nil, false, &os.PathError{Op: "RegCreateKeyEx", Path: fullpath, Err: err} + } + return &Key{registry.Key(h), fullpath}, d == _REG_OPENED_EXISTING_KEY, nil +} + +func hive(perUser bool) *Key { + r := localMachine + if perUser { + r = localUser + } + return r +} + +func Open(root string, perUser bool) (*Key, error) { + k, _, err := createVolatileKey(hive(perUser), rootPath, registry.ALL_ACCESS) + if err != nil { + return nil, err + } + defer k.Close() + + k2, _, err := createVolatileKey(k, url.PathEscape(root), registry.ALL_ACCESS) + if err != nil { + return nil, err + } + return k2, nil +} + +func RemoveAll(root string, perUser bool) error { + k, err := hive(perUser).open(rootPath) + if err != nil { + return err + } + defer k.Close() + r, err := k.open(url.PathEscape(root)) + if err != nil { + return err + } + defer r.Close() + ids, err := r.Enumerate() + if err != nil { + return err + } + for _, id := range ids { + err = r.Remove(id) + if err != nil { + return err + } + } + r.Close() + return k.Remove(root) +} + +func (k *Key) Close() error { + err := k.Key.Close() + k.Key = 0 + return err +} + +func (k *Key) Enumerate() ([]string, error) { + escapedIDs, err := k.ReadSubKeyNames(0) + if err != nil { + return nil, err + } + var ids []string + for _, e := range escapedIDs { + id, err := url.PathUnescape(e) + if err == nil { + ids = append(ids, id) + } + } + return ids, nil +} + +func (k *Key) open(name string) (*Key, error) { + fullpath := filepath.Join(k.Name, name) + nk, err := registry.OpenKey(k.Key, name, registry.ALL_ACCESS) + if err != nil { + return nil, &os.PathError{Op: "RegOpenKey", Path: fullpath, Err: err} + } + return &Key{nk, fullpath}, nil +} + +func (k *Key) openid(id string) (*Key, error) { + escaped := url.PathEscape(id) + fullpath := filepath.Join(k.Name, escaped) + nk, err := k.open(escaped) + if perr, ok := err.(*os.PathError); ok && perr.Err == syscall.ERROR_FILE_NOT_FOUND { + return nil, &NotFoundError{id} + } + if err != nil { + return nil, &os.PathError{Op: "RegOpenKey", Path: fullpath, Err: err} + } + return nk, nil +} + +func (k *Key) Remove(id string) error { + escaped := url.PathEscape(id) + err := registry.DeleteKey(k.Key, escaped) + if err != nil { + if err == syscall.ERROR_FILE_NOT_FOUND { + return &NotFoundError{id} + } + return &os.PathError{Op: "RegDeleteKey", Path: filepath.Join(k.Name, escaped), Err: err} + } + return nil +} + +func (k *Key) set(id string, create bool, key string, state interface{}) error { + var sk *Key + var err error + if create { + var existing bool + eid := url.PathEscape(id) + sk, existing, err = createVolatileKey(k, eid, registry.ALL_ACCESS) + if err != nil { + return err + } + defer sk.Close() + if existing { + sk.Close() + return fmt.Errorf("container %s already exists", id) + } + } else { + sk, err = k.openid(id) + if err != nil { + return err + } + defer sk.Close() + } + switch reflect.TypeOf(state).Kind() { + case reflect.Bool: + v := uint32(0) + if state.(bool) { + v = 1 + } + err = sk.SetDWordValue(key, v) + case reflect.Int: + err = sk.SetQWordValue(key, uint64(state.(int))) + case reflect.String: + err = sk.SetStringValue(key, state.(string)) + default: + var js []byte + js, err = json.Marshal(state) + if err != nil { + return err + } + err = sk.SetBinaryValue(key, js) + } + if err != nil { + if err == syscall.ERROR_FILE_NOT_FOUND { + return &NoStateError{id, key} + } + return &os.PathError{Op: "RegSetValueEx", Path: sk.Name + ":" + key, Err: err} + } + return nil +} + +func (k *Key) Create(id, key string, state interface{}) error { + return k.set(id, true, key, state) +} + +func (k *Key) Set(id, key string, state interface{}) error { + return k.set(id, false, key, state) +} + +func (k *Key) Clear(id, key string) error { + sk, err := k.openid(id) + if err != nil { + return err + } + defer sk.Close() + err = sk.DeleteValue(key) + if err != nil { + if err == syscall.ERROR_FILE_NOT_FOUND { + return &NoStateError{id, key} + } + return &os.PathError{Op: "RegDeleteValue", Path: sk.Name + ":" + key, Err: err} + } + return nil +} + +func (k *Key) Get(id, key string, state interface{}) error { + sk, err := k.openid(id) + if err != nil { + return err + } + defer sk.Close() + + var js []byte + switch reflect.TypeOf(state).Elem().Kind() { + case reflect.Bool: + var v uint64 + v, _, err = sk.GetIntegerValue(key) + if err == nil { + *state.(*bool) = v != 0 + } + case reflect.Int: + var v uint64 + v, _, err = sk.GetIntegerValue(key) + if err == nil { + *state.(*int) = int(v) + } + case reflect.String: + var v string + v, _, err = sk.GetStringValue(key) + if err == nil { + *state.(*string) = string(v) + } + default: + js, _, err = sk.GetBinaryValue(key) + } + if err != nil { + if err == syscall.ERROR_FILE_NOT_FOUND { + return &NoStateError{id, key} + } + return &os.PathError{Op: "RegQueryValueEx", Path: sk.Name + ":" + key, Err: err} + } + if js != nil { + err = json.Unmarshal(js, state) + } + return err +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/regstate/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/internal/regstate/zsyscall_windows.go new file mode 100644 index 00000000000..4e349ad4984 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/regstate/zsyscall_windows.go @@ -0,0 +1,51 @@ +// Code generated by 'go generate'; DO NOT EDIT. + +package regstate + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modadvapi32 = windows.NewLazySystemDLL("advapi32.dll") + + procRegCreateKeyExW = modadvapi32.NewProc("RegCreateKeyExW") +) + +func regCreateKeyEx(key syscall.Handle, subkey *uint16, reserved uint32, class *uint16, options uint32, desired uint32, sa *syscall.SecurityAttributes, result *syscall.Handle, disposition *uint32) (regerrno error) { + r0, _, _ := syscall.Syscall9(procRegCreateKeyExW.Addr(), 9, uintptr(key), uintptr(unsafe.Pointer(subkey)), uintptr(reserved), uintptr(unsafe.Pointer(class)), uintptr(options), uintptr(desired), uintptr(unsafe.Pointer(sa)), uintptr(unsafe.Pointer(result)), uintptr(unsafe.Pointer(disposition))) + if r0 != 0 { + regerrno = syscall.Errno(r0) + } + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/runhcs/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/BUILD new file mode 100644 index 00000000000..106cfdceae9 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/BUILD @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "container.go", + "util.go", + "vm.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/runhcs", + importpath = "github.com/Microsoft/hcsshim/internal/runhcs", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = [ + "//vendor/github.com/Microsoft/go-winio:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/guid:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/runhcs/container.go b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/container.go new file mode 100644 index 00000000000..3015c3640e1 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/container.go @@ -0,0 +1,71 @@ +package runhcs + +import ( + "bytes" + "errors" + "fmt" + "io" + "io/ioutil" + "os" + "syscall" + "time" + + "github.com/Microsoft/hcsshim/internal/guid" +) + +// ContainerState represents the platform agnostic pieces relating to a +// running container's status and state +type ContainerState struct { + // Version is the OCI version for the container + Version string `json:"ociVersion"` + // ID is the container ID + ID string `json:"id"` + // InitProcessPid is the init process id in the parent namespace + InitProcessPid int `json:"pid"` + // Status is the current status of the container, running, paused, ... + Status string `json:"status"` + // Bundle is the path on the filesystem to the bundle + Bundle string `json:"bundle"` + // Rootfs is a path to a directory containing the container's root filesystem. + Rootfs string `json:"rootfs"` + // Created is the unix timestamp for the creation time of the container in UTC + Created time.Time `json:"created"` + // Annotations is the user defined annotations added to the config. + Annotations map[string]string `json:"annotations,omitempty"` + // The owner of the state directory (the owner of the container). + Owner string `json:"owner"` +} + +// GetErrorFromPipe returns reads from `pipe` and verifies if the operation +// returned success or error. If error converts that to an error and returns. If +// `p` is not nill will issue a `Kill` and `Wait` for exit. +func GetErrorFromPipe(pipe io.Reader, p *os.Process) error { + serr, err := ioutil.ReadAll(pipe) + if err != nil { + return err + } + + if bytes.Equal(serr, ShimSuccess) { + return nil + } + + extra := "" + if p != nil { + p.Kill() + state, err := p.Wait() + if err != nil { + panic(err) + } + extra = fmt.Sprintf(", exit code %d", state.Sys().(syscall.WaitStatus).ExitCode) + } + if len(serr) == 0 { + return fmt.Errorf("unknown shim failure%s", extra) + } + + return errors.New(string(serr)) +} + +// VMPipePath returns the named pipe path for the vm shim. +func VMPipePath(hostUniqueID guid.GUID) string { + return SafePipePath("runhcs-vm-" + hostUniqueID.String()) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/runhcs/util.go b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/util.go new file mode 100644 index 00000000000..dcbb1903b8f --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/util.go @@ -0,0 +1,16 @@ +package runhcs + +import "net/url" + +const ( + SafePipePrefix = `\\.\pipe\ProtectedPrefix\Administrators\` +) + +// ShimSuccess is the byte stream returned on a successful operation. +var ShimSuccess = []byte{0, 'O', 'K', 0} + +func SafePipePath(name string) string { + // Use a pipe in the Administrators protected prefixed to prevent malicious + // squatting. + return SafePipePrefix + url.PathEscape(name) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/runhcs/vm.go b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/vm.go new file mode 100644 index 00000000000..2c8957b88df --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/runhcs/vm.go @@ -0,0 +1,43 @@ +package runhcs + +import ( + "encoding/json" + + "github.com/Microsoft/go-winio" +) + +// VMRequestOp is an operation that can be issued to a VM shim. +type VMRequestOp string + +const ( + // OpCreateContainer is a create container request. + OpCreateContainer VMRequestOp = "create" + // OpSyncNamespace is a `cni.NamespaceTypeGuest` sync request with the UVM. + OpSyncNamespace VMRequestOp = "sync" + // OpUnmountContainer is a container unmount request. + OpUnmountContainer VMRequestOp = "unmount" + // OpUnmountContainerDiskOnly is a container unmount disk request. + OpUnmountContainerDiskOnly VMRequestOp = "unmount-disk" +) + +// VMRequest is an operation request that is issued to a VM shim. +type VMRequest struct { + ID string + Op VMRequestOp +} + +// IssueVMRequest issues a request to a shim at the given pipe. +func IssueVMRequest(pipepath string, req *VMRequest) error { + pipe, err := winio.DialPipe(pipepath, nil) + if err != nil { + return err + } + defer pipe.Close() + if err := json.NewEncoder(pipe).Encode(req); err != nil { + return err + } + if err := GetErrorFromPipe(pipe, nil); err != nil { + return err + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/safefile/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/safefile/BUILD new file mode 100644 index 00000000000..b88e3a04330 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/safefile/BUILD @@ -0,0 +1,35 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "safeopen.go", + "zsyscall_windows.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/safefile", + importpath = "github.com/Microsoft/hcsshim/internal/safefile", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = [ + "//vendor/github.com/Microsoft/go-winio:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/longpath:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/safeopen.go b/vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go similarity index 81% rename from vendor/github.com/Microsoft/hcsshim/safeopen.go rename to vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go index 5356456b908..0c0b1159f28 100644 --- a/vendor/github.com/Microsoft/hcsshim/safeopen.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go @@ -1,4 +1,4 @@ -package hcsshim +package safefile import ( "errors" @@ -10,9 +10,13 @@ import ( "unicode/utf16" "unsafe" + "github.com/Microsoft/hcsshim/internal/longpath" + winio "github.com/Microsoft/go-winio" ) +//go:generate go run $GOROOT\src\syscall\mksyscall_windows.go -output zsyscall_windows.go safeopen.go + //sys ntCreateFile(handle *uintptr, accessMask uint32, oa *objectAttributes, iosb *ioStatusBlock, allocationSize *uint64, fileAttributes uint32, shareAccess uint32, createDisposition uint32, createOptions uint32, eaBuffer *byte, eaLength uint32) (status uint32) = ntdll.NtCreateFile //sys ntSetInformationFile(handle uintptr, iosb *ioStatusBlock, information uintptr, length uint32, class uint32) (status uint32) = ntdll.NtSetInformationFile //sys rtlNtStatusToDosError(status uint32) (winerr error) = ntdll.RtlNtStatusToDosErrorNoTeb @@ -53,28 +57,28 @@ const ( _FileLinkInformation = 11 _FileDispositionInformationEx = 64 - _FILE_READ_ATTRIBUTES = 0x0080 - _FILE_WRITE_ATTRIBUTES = 0x0100 - _DELETE = 0x10000 + FILE_READ_ATTRIBUTES = 0x0080 + FILE_WRITE_ATTRIBUTES = 0x0100 + DELETE = 0x10000 - _FILE_OPEN = 1 - _FILE_CREATE = 2 + FILE_OPEN = 1 + FILE_CREATE = 2 - _FILE_DIRECTORY_FILE = 0x00000001 - _FILE_SYNCHRONOUS_IO_NONALERT = 0x00000020 - _FILE_DELETE_ON_CLOSE = 0x00001000 - _FILE_OPEN_FOR_BACKUP_INTENT = 0x00004000 - _FILE_OPEN_REPARSE_POINT = 0x00200000 + FILE_DIRECTORY_FILE = 0x00000001 + FILE_SYNCHRONOUS_IO_NONALERT = 0x00000020 + FILE_DELETE_ON_CLOSE = 0x00001000 + FILE_OPEN_FOR_BACKUP_INTENT = 0x00004000 + FILE_OPEN_REPARSE_POINT = 0x00200000 - _FILE_DISPOSITION_DELETE = 0x00000001 + FILE_DISPOSITION_DELETE = 0x00000001 _OBJ_DONT_REPARSE = 0x1000 _STATUS_REPARSE_POINT_ENCOUNTERED = 0xC000050B ) -func openRoot(path string) (*os.File, error) { - longpath, err := makeLongAbsPath(path) +func OpenRoot(path string) (*os.File, error) { + longpath, err := longpath.LongAbs(path) if err != nil { return nil, err } @@ -141,7 +145,7 @@ func openRelativeInternal(path string, root *os.File, accessMask uint32, shareFl 0, shareFlags, createDisposition, - _FILE_OPEN_FOR_BACKUP_INTENT|_FILE_SYNCHRONOUS_IO_NONALERT|flags, + FILE_OPEN_FOR_BACKUP_INTENT|FILE_SYNCHRONOUS_IO_NONALERT|flags, nil, 0, ) @@ -149,7 +153,7 @@ func openRelativeInternal(path string, root *os.File, accessMask uint32, shareFl return nil, rtlNtStatusToDosError(status) } - fullPath, err := makeLongAbsPath(filepath.Join(root.Name(), path)) + fullPath, err := longpath.LongAbs(filepath.Join(root.Name(), path)) if err != nil { syscall.Close(syscall.Handle(h)) return nil, err @@ -158,9 +162,9 @@ func openRelativeInternal(path string, root *os.File, accessMask uint32, shareFl return os.NewFile(h, fullPath), nil } -// openRelative opens a relative path from the given root, failing if +// OpenRelative opens a relative path from the given root, failing if // any of the intermediate path components are reparse points. -func openRelative(path string, root *os.File, accessMask uint32, shareFlags uint32, createDisposition uint32, flags uint32) (*os.File, error) { +func OpenRelative(path string, root *os.File, accessMask uint32, shareFlags uint32, createDisposition uint32, flags uint32) (*os.File, error) { f, err := openRelativeInternal(path, root, accessMask, shareFlags, createDisposition, flags) if err != nil { err = &os.PathError{Op: "open", Path: filepath.Join(root.Name(), path), Err: err} @@ -168,17 +172,17 @@ func openRelative(path string, root *os.File, accessMask uint32, shareFlags uint return f, err } -// linkRelative creates a hard link from oldname to newname (relative to oldroot +// LinkRelative creates a hard link from oldname to newname (relative to oldroot // and newroot), failing if any of the intermediate path components are reparse // points. -func linkRelative(oldname string, oldroot *os.File, newname string, newroot *os.File) error { +func LinkRelative(oldname string, oldroot *os.File, newname string, newroot *os.File) error { // Open the old file. oldf, err := openRelativeInternal( oldname, oldroot, syscall.FILE_WRITE_ATTRIBUTES, syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE|syscall.FILE_SHARE_DELETE, - _FILE_OPEN, + FILE_OPEN, 0, ) if err != nil { @@ -195,8 +199,8 @@ func linkRelative(oldname string, oldroot *os.File, newname string, newroot *os. newroot, syscall.GENERIC_READ, syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE|syscall.FILE_SHARE_DELETE, - _FILE_OPEN, - _FILE_DIRECTORY_FILE) + FILE_OPEN, + FILE_DIRECTORY_FILE) if err != nil { return &os.LinkError{Op: "link", Old: oldf.Name(), New: filepath.Join(newroot.Name(), newname), Err: err} } @@ -248,7 +252,7 @@ func linkRelative(oldname string, oldroot *os.File, newname string, newroot *os. // deleteOnClose marks a file to be deleted when the handle is closed. func deleteOnClose(f *os.File) error { - disposition := fileDispositionInformationEx{Flags: _FILE_DISPOSITION_DELETE} + disposition := fileDispositionInformationEx{Flags: FILE_DISPOSITION_DELETE} var iosb ioStatusBlock status := ntSetInformationFile( f.Fd(), @@ -281,16 +285,16 @@ func clearReadOnly(f *os.File) error { return winio.SetFileBasicInfo(f, &sbi) } -// removeRelative removes a file or directory relative to a root, failing if any +// RemoveRelative removes a file or directory relative to a root, failing if any // intermediate path components are reparse points. -func removeRelative(path string, root *os.File) error { +func RemoveRelative(path string, root *os.File) error { f, err := openRelativeInternal( path, root, - _FILE_READ_ATTRIBUTES|_FILE_WRITE_ATTRIBUTES|_DELETE, + FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES|DELETE, syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE|syscall.FILE_SHARE_DELETE, - _FILE_OPEN, - _FILE_OPEN_REPARSE_POINT) + FILE_OPEN, + FILE_OPEN_REPARSE_POINT) if err == nil { defer f.Close() err = deleteOnClose(f) @@ -306,10 +310,10 @@ func removeRelative(path string, root *os.File) error { return nil } -// removeAllRelative removes a directory tree relative to a root, failing if any +// RemoveAllRelative removes a directory tree relative to a root, failing if any // intermediate path components are reparse points. -func removeAllRelative(path string, root *os.File) error { - fi, err := lstatRelative(path, root) +func RemoveAllRelative(path string, root *os.File) error { + fi, err := LstatRelative(path, root) if err != nil { if os.IsNotExist(err) { return nil @@ -319,7 +323,7 @@ func removeAllRelative(path string, root *os.File) error { fileAttributes := fi.Sys().(*syscall.Win32FileAttributeData).FileAttributes if fileAttributes&syscall.FILE_ATTRIBUTE_DIRECTORY == 0 || fileAttributes&syscall.FILE_ATTRIBUTE_REPARSE_POINT != 0 { // If this is a reparse point, it can't have children. Simple remove will do. - err := removeRelative(path, root) + err := RemoveRelative(path, root) if err == nil || os.IsNotExist(err) { return nil } @@ -327,7 +331,7 @@ func removeAllRelative(path string, root *os.File) error { } // It is necessary to use os.Open as Readdirnames does not work with - // openRelative. This is safe because the above lstatrelative fails + // OpenRelative. This is safe because the above lstatrelative fails // if the target is outside the root, and we know this is not a // symlink from the above FILE_ATTRIBUTE_REPARSE_POINT check. fd, err := os.Open(filepath.Join(root.Name(), path)) @@ -344,7 +348,7 @@ func removeAllRelative(path string, root *os.File) error { for { names, err1 := fd.Readdirnames(100) for _, name := range names { - err1 := removeAllRelative(path+string(os.PathSeparator)+name, root) + err1 := RemoveAllRelative(path+string(os.PathSeparator)+name, root) if err == nil { err = err1 } @@ -363,7 +367,7 @@ func removeAllRelative(path string, root *os.File) error { fd.Close() // Remove directory. - err1 := removeRelative(path, root) + err1 := RemoveRelative(path, root) if err1 == nil || os.IsNotExist(err1) { return nil } @@ -373,16 +377,16 @@ func removeAllRelative(path string, root *os.File) error { return err } -// mkdirRelative creates a directory relative to a root, failing if any +// MkdirRelative creates a directory relative to a root, failing if any // intermediate path components are reparse points. -func mkdirRelative(path string, root *os.File) error { +func MkdirRelative(path string, root *os.File) error { f, err := openRelativeInternal( path, root, 0, syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE|syscall.FILE_SHARE_DELETE, - _FILE_CREATE, - _FILE_DIRECTORY_FILE) + FILE_CREATE, + FILE_DIRECTORY_FILE) if err == nil { f.Close() } else { @@ -391,16 +395,16 @@ func mkdirRelative(path string, root *os.File) error { return err } -// lstatRelative performs a stat operation on a file relative to a root, failing +// LstatRelative performs a stat operation on a file relative to a root, failing // if any intermediate path components are reparse points. -func lstatRelative(path string, root *os.File) (os.FileInfo, error) { +func LstatRelative(path string, root *os.File) (os.FileInfo, error) { f, err := openRelativeInternal( path, root, - _FILE_READ_ATTRIBUTES, + FILE_READ_ATTRIBUTES, syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE|syscall.FILE_SHARE_DELETE, - _FILE_OPEN, - _FILE_OPEN_REPARSE_POINT) + FILE_OPEN, + FILE_OPEN_REPARSE_POINT) if err != nil { return nil, &os.PathError{Op: "stat", Path: filepath.Join(root.Name(), path), Err: err} } @@ -408,16 +412,16 @@ func lstatRelative(path string, root *os.File) (os.FileInfo, error) { return f.Stat() } -// ensureNotReparsePointRelative validates that a given file (relative to a +// EnsureNotReparsePointRelative validates that a given file (relative to a // root) and all intermediate path components are not a reparse points. -func ensureNotReparsePointRelative(path string, root *os.File) error { +func EnsureNotReparsePointRelative(path string, root *os.File) error { // Perform an open with OBJ_DONT_REPARSE but without specifying FILE_OPEN_REPARSE_POINT. - f, err := openRelative( + f, err := OpenRelative( path, root, 0, syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE|syscall.FILE_SHARE_DELETE, - _FILE_OPEN, + FILE_OPEN, 0) if err != nil { return err diff --git a/vendor/github.com/Microsoft/hcsshim/internal/safefile/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/internal/safefile/zsyscall_windows.go new file mode 100644 index 00000000000..709b9d3475d --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/safefile/zsyscall_windows.go @@ -0,0 +1,79 @@ +// Code generated by 'go generate'; DO NOT EDIT. + +package safefile + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modntdll = windows.NewLazySystemDLL("ntdll.dll") + modkernel32 = windows.NewLazySystemDLL("kernel32.dll") + + procNtCreateFile = modntdll.NewProc("NtCreateFile") + procNtSetInformationFile = modntdll.NewProc("NtSetInformationFile") + procRtlNtStatusToDosErrorNoTeb = modntdll.NewProc("RtlNtStatusToDosErrorNoTeb") + procLocalAlloc = modkernel32.NewProc("LocalAlloc") + procLocalFree = modkernel32.NewProc("LocalFree") +) + +func ntCreateFile(handle *uintptr, accessMask uint32, oa *objectAttributes, iosb *ioStatusBlock, allocationSize *uint64, fileAttributes uint32, shareAccess uint32, createDisposition uint32, createOptions uint32, eaBuffer *byte, eaLength uint32) (status uint32) { + r0, _, _ := syscall.Syscall12(procNtCreateFile.Addr(), 11, uintptr(unsafe.Pointer(handle)), uintptr(accessMask), uintptr(unsafe.Pointer(oa)), uintptr(unsafe.Pointer(iosb)), uintptr(unsafe.Pointer(allocationSize)), uintptr(fileAttributes), uintptr(shareAccess), uintptr(createDisposition), uintptr(createOptions), uintptr(unsafe.Pointer(eaBuffer)), uintptr(eaLength), 0) + status = uint32(r0) + return +} + +func ntSetInformationFile(handle uintptr, iosb *ioStatusBlock, information uintptr, length uint32, class uint32) (status uint32) { + r0, _, _ := syscall.Syscall6(procNtSetInformationFile.Addr(), 5, uintptr(handle), uintptr(unsafe.Pointer(iosb)), uintptr(information), uintptr(length), uintptr(class), 0) + status = uint32(r0) + return +} + +func rtlNtStatusToDosError(status uint32) (winerr error) { + r0, _, _ := syscall.Syscall(procRtlNtStatusToDosErrorNoTeb.Addr(), 1, uintptr(status), 0, 0) + if r0 != 0 { + winerr = syscall.Errno(r0) + } + return +} + +func localAlloc(flags uint32, size int) (ptr uintptr) { + r0, _, _ := syscall.Syscall(procLocalAlloc.Addr(), 2, uintptr(flags), uintptr(size), 0) + ptr = uintptr(r0) + return +} + +func localFree(ptr uintptr) { + syscall.Syscall(procLocalFree.Addr(), 1, uintptr(ptr), 0, 0) + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema1/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/schema1/BUILD new file mode 100644 index 00000000000..219d0898fbd --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema1/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["schema1.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/schema1", + importpath = "github.com/Microsoft/hcsshim/internal/schema1", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = ["//vendor/github.com/Microsoft/hcsshim/internal/schema2:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema1/schema1.go b/vendor/github.com/Microsoft/hcsshim/internal/schema1/schema1.go new file mode 100644 index 00000000000..995433ace6f --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema1/schema1.go @@ -0,0 +1,245 @@ +package schema1 + +import ( + "encoding/json" + "time" + + "github.com/Microsoft/hcsshim/internal/schema2" +) + +// ProcessConfig is used as both the input of Container.CreateProcess +// and to convert the parameters to JSON for passing onto the HCS +type ProcessConfig struct { + ApplicationName string `json:",omitempty"` + CommandLine string `json:",omitempty"` + CommandArgs []string `json:",omitempty"` // Used by Linux Containers on Windows + User string `json:",omitempty"` + WorkingDirectory string `json:",omitempty"` + Environment map[string]string `json:",omitempty"` + EmulateConsole bool `json:",omitempty"` + CreateStdInPipe bool `json:",omitempty"` + CreateStdOutPipe bool `json:",omitempty"` + CreateStdErrPipe bool `json:",omitempty"` + ConsoleSize [2]uint `json:",omitempty"` + CreateInUtilityVm bool `json:",omitempty"` // Used by Linux Containers on Windows + OCISpecification *json.RawMessage `json:",omitempty"` // Used by Linux Containers on Windows +} + +type Layer struct { + ID string + Path string +} + +type MappedDir struct { + HostPath string + ContainerPath string + ReadOnly bool + BandwidthMaximum uint64 + IOPSMaximum uint64 + CreateInUtilityVM bool + // LinuxMetadata - Support added in 1803/RS4+. + LinuxMetadata bool `json:",omitempty"` +} + +type MappedPipe struct { + HostPath string + ContainerPipeName string +} + +type HvRuntime struct { + ImagePath string `json:",omitempty"` + SkipTemplate bool `json:",omitempty"` + LinuxInitrdFile string `json:",omitempty"` // File under ImagePath on host containing an initrd image for starting a Linux utility VM + LinuxKernelFile string `json:",omitempty"` // File under ImagePath on host containing a kernel for starting a Linux utility VM + LinuxBootParameters string `json:",omitempty"` // Additional boot parameters for starting a Linux Utility VM in initrd mode + BootSource string `json:",omitempty"` // "Vhd" for Linux Utility VM booting from VHD + WritableBootSource bool `json:",omitempty"` // Linux Utility VM booting from VHD +} + +type MappedVirtualDisk struct { + HostPath string `json:",omitempty"` // Path to VHD on the host + ContainerPath string // Platform-specific mount point path in the container + CreateInUtilityVM bool `json:",omitempty"` + ReadOnly bool `json:",omitempty"` + Cache string `json:",omitempty"` // "" (Unspecified); "Disabled"; "Enabled"; "Private"; "PrivateAllowSharing" + AttachOnly bool `json:",omitempty:` +} + +// AssignedDevice represents a device that has been directly assigned to a container +// +// NOTE: Support added in RS5 +type AssignedDevice struct { + // InterfaceClassGUID of the device to assign to container. + InterfaceClassGUID string `json:"InterfaceClassGuid,omitempty"` +} + +// ContainerConfig is used as both the input of CreateContainer +// and to convert the parameters to JSON for passing onto the HCS +type ContainerConfig struct { + SystemType string // HCS requires this to be hard-coded to "Container" + Name string // Name of the container. We use the docker ID. + Owner string `json:",omitempty"` // The management platform that created this container + VolumePath string `json:",omitempty"` // Windows volume path for scratch space. Used by Windows Server Containers only. Format \\?\\Volume{GUID} + IgnoreFlushesDuringBoot bool `json:",omitempty"` // Optimization hint for container startup in Windows + LayerFolderPath string `json:",omitempty"` // Where the layer folders are located. Used by Windows Server Containers only. Format %root%\windowsfilter\containerID + Layers []Layer // List of storage layers. Required for Windows Server and Hyper-V Containers. Format ID=GUID;Path=%root%\windowsfilter\layerID + Credentials string `json:",omitempty"` // Credentials information + ProcessorCount uint32 `json:",omitempty"` // Number of processors to assign to the container. + ProcessorWeight uint64 `json:",omitempty"` // CPU shares (relative weight to other containers with cpu shares). Range is from 1 to 10000. A value of 0 results in default shares. + ProcessorMaximum int64 `json:",omitempty"` // Specifies the portion of processor cycles that this container can use as a percentage times 100. Range is from 1 to 10000. A value of 0 results in no limit. + StorageIOPSMaximum uint64 `json:",omitempty"` // Maximum Storage IOPS + StorageBandwidthMaximum uint64 `json:",omitempty"` // Maximum Storage Bandwidth in bytes per second + StorageSandboxSize uint64 `json:",omitempty"` // Size in bytes that the container system drive should be expanded to if smaller + MemoryMaximumInMB int64 `json:",omitempty"` // Maximum memory available to the container in Megabytes + HostName string `json:",omitempty"` // Hostname + MappedDirectories []MappedDir `json:",omitempty"` // List of mapped directories (volumes/mounts) + MappedPipes []MappedPipe `json:",omitempty"` // List of mapped Windows named pipes + HvPartition bool // True if it a Hyper-V Container + NetworkSharedContainerName string `json:",omitempty"` // Name (ID) of the container that we will share the network stack with. + EndpointList []string `json:",omitempty"` // List of networking endpoints to be attached to container + HvRuntime *HvRuntime `json:",omitempty"` // Hyper-V container settings. Used by Hyper-V containers only. Format ImagePath=%root%\BaseLayerID\UtilityVM + Servicing bool `json:",omitempty"` // True if this container is for servicing + AllowUnqualifiedDNSQuery bool `json:",omitempty"` // True to allow unqualified DNS name resolution + DNSSearchList string `json:",omitempty"` // Comma seperated list of DNS suffixes to use for name resolution + ContainerType string `json:",omitempty"` // "Linux" for Linux containers on Windows. Omitted otherwise. + TerminateOnLastHandleClosed bool `json:",omitempty"` // Should HCS terminate the container once all handles have been closed + MappedVirtualDisks []MappedVirtualDisk `json:",omitempty"` // Array of virtual disks to mount at start + AssignedDevices []AssignedDevice `json:",omitempty"` // Array of devices to assign. NOTE: Support added in RS5 +} + +type ComputeSystemQuery struct { + IDs []string `json:"Ids,omitempty"` + Types []string `json:",omitempty"` + Names []string `json:",omitempty"` + Owners []string `json:",omitempty"` +} + +type PropertyType string + +const ( + PropertyTypeStatistics PropertyType = "Statistics" // V1 and V2 + PropertyTypeProcessList = "ProcessList" // V1 and V2 + PropertyTypeMappedVirtualDisk = "MappedVirtualDisk" // Not supported in V2 schema call + PropertyTypeGuestConnection = "GuestConnection" // V1 and V2. Nil return from HCS before RS5 +) + +type PropertyQuery struct { + PropertyTypes []PropertyType `json:",omitempty"` +} + +// ContainerProperties holds the properties for a container and the processes running in that container +type ContainerProperties struct { + ID string `json:"Id"` + State string + Name string + SystemType string + Owner string + SiloGUID string `json:"SiloGuid,omitempty"` + RuntimeID string `json:"RuntimeId,omitempty"` + IsRuntimeTemplate bool `json:",omitempty"` + RuntimeImagePath string `json:",omitempty"` + Stopped bool `json:",omitempty"` + ExitType string `json:",omitempty"` + AreUpdatesPending bool `json:",omitempty"` + ObRoot string `json:",omitempty"` + Statistics Statistics `json:",omitempty"` + ProcessList []ProcessListItem `json:",omitempty"` + MappedVirtualDiskControllers map[int]MappedVirtualDiskController `json:",omitempty"` + GuestConnectionInfo GuestConnectionInfo `json:",omitempty"` +} + +// MemoryStats holds the memory statistics for a container +type MemoryStats struct { + UsageCommitBytes uint64 `json:"MemoryUsageCommitBytes,omitempty"` + UsageCommitPeakBytes uint64 `json:"MemoryUsageCommitPeakBytes,omitempty"` + UsagePrivateWorkingSetBytes uint64 `json:"MemoryUsagePrivateWorkingSetBytes,omitempty"` +} + +// ProcessorStats holds the processor statistics for a container +type ProcessorStats struct { + TotalRuntime100ns uint64 `json:",omitempty"` + RuntimeUser100ns uint64 `json:",omitempty"` + RuntimeKernel100ns uint64 `json:",omitempty"` +} + +// StorageStats holds the storage statistics for a container +type StorageStats struct { + ReadCountNormalized uint64 `json:",omitempty"` + ReadSizeBytes uint64 `json:",omitempty"` + WriteCountNormalized uint64 `json:",omitempty"` + WriteSizeBytes uint64 `json:",omitempty"` +} + +// NetworkStats holds the network statistics for a container +type NetworkStats struct { + BytesReceived uint64 `json:",omitempty"` + BytesSent uint64 `json:",omitempty"` + PacketsReceived uint64 `json:",omitempty"` + PacketsSent uint64 `json:",omitempty"` + DroppedPacketsIncoming uint64 `json:",omitempty"` + DroppedPacketsOutgoing uint64 `json:",omitempty"` + EndpointId string `json:",omitempty"` + InstanceId string `json:",omitempty"` +} + +// Statistics is the structure returned by a statistics call on a container +type Statistics struct { + Timestamp time.Time `json:",omitempty"` + ContainerStartTime time.Time `json:",omitempty"` + Uptime100ns uint64 `json:",omitempty"` + Memory MemoryStats `json:",omitempty"` + Processor ProcessorStats `json:",omitempty"` + Storage StorageStats `json:",omitempty"` + Network []NetworkStats `json:",omitempty"` +} + +// ProcessList is the structure of an item returned by a ProcessList call on a container +type ProcessListItem struct { + CreateTimestamp time.Time `json:",omitempty"` + ImageName string `json:",omitempty"` + KernelTime100ns uint64 `json:",omitempty"` + MemoryCommitBytes uint64 `json:",omitempty"` + MemoryWorkingSetPrivateBytes uint64 `json:",omitempty"` + MemoryWorkingSetSharedBytes uint64 `json:",omitempty"` + ProcessId uint32 `json:",omitempty"` + UserTime100ns uint64 `json:",omitempty"` +} + +// MappedVirtualDiskController is the structure of an item returned by a MappedVirtualDiskList call on a container +type MappedVirtualDiskController struct { + MappedVirtualDisks map[int]MappedVirtualDisk `json:",omitempty"` +} + +// GuestDefinedCapabilities is part of the GuestConnectionInfo returned by a GuestConnection call on a utility VM +type GuestDefinedCapabilities struct { + NamespaceAddRequestSupported bool `json:",omitempty"` + SignalProcessSupported bool `json:",omitempty"` +} + +// GuestConnectionInfo is the structure of an iterm return by a GuestConnection call on a utility VM +type GuestConnectionInfo struct { + SupportedSchemaVersions []hcsschema.Version `json:",omitempty"` + ProtocolVersion uint32 `json:",omitempty"` + GuestDefinedCapabilities GuestDefinedCapabilities `json:",omitempty"` +} + +// Type of Request Support in ModifySystem +type RequestType string + +// Type of Resource Support in ModifySystem +type ResourceType string + +// RequestType const +const ( + Add RequestType = "Add" + Remove RequestType = "Remove" + Network ResourceType = "Network" +) + +// ResourceModificationRequestResponse is the structure used to send request to the container to modify the system +// Supported resource types are Network and Request Types are Add/Remove +type ResourceModificationRequestResponse struct { + Resource ResourceType `json:"ResourceType"` + Data interface{} `json:"Settings"` + Request RequestType `json:"RequestType,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/schema2/BUILD new file mode 100644 index 00000000000..b0c563a38d5 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/BUILD @@ -0,0 +1,105 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "attachment.go", + "battery.go", + "cache_query_stats_response.go", + "chipset.go", + "close_handle.go", + "com_port.go", + "compute_system.go", + "configuration.go", + "console_size.go", + "container.go", + "container_credential_guard_state.go", + "container_memory_information.go", + "device.go", + "devices.go", + "enhanced_mode_video.go", + "flexible_io_device.go", + "guest_connection.go", + "guest_connection_info.go", + "guest_crash_reporting.go", + "guest_os.go", + "guest_state.go", + "hosted_system.go", + "hv_socket.go", + "hv_socket_2.go", + "hv_socket_service_config.go", + "hv_socket_system_config.go", + "keyboard.go", + "layer.go", + "linux_kernel_direct.go", + "mapped_directory.go", + "mapped_pipe.go", + "memory.go", + "memory_2.go", + "memory_information_for_vm.go", + "memory_stats.go", + "modify_setting_request.go", + "mouse.go", + "network_adapter.go", + "networking.go", + "pause_notification.go", + "pause_options.go", + "plan9.go", + "plan9_share.go", + "process_details.go", + "process_modify_request.go", + "process_parameters.go", + "process_status.go", + "processor.go", + "processor_2.go", + "processor_stats.go", + "properties.go", + "property_query.go", + "rdp_connection_options.go", + "registry_changes.go", + "registry_key.go", + "registry_value.go", + "restore_state.go", + "save_options.go", + "scsi.go", + "shared_memory_configuration.go", + "shared_memory_region.go", + "shared_memory_region_info.go", + "silo_properties.go", + "statistics.go", + "storage.go", + "storage_qo_s.go", + "storage_stats.go", + "topology.go", + "uefi.go", + "uefi_boot_entry.go", + "version.go", + "video_monitor.go", + "virtual_machine.go", + "virtual_node_info.go", + "virtual_p_mem_controller.go", + "virtual_p_mem_device.go", + "virtual_smb.go", + "virtual_smb_share.go", + "virtual_smb_share_options.go", + "vm_memory.go", + "windows_crash_reporting.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/schema2", + importpath = "github.com/Microsoft/hcsshim/internal/schema2", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/attachment.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/attachment.go new file mode 100644 index 00000000000..09456cbc219 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/attachment.go @@ -0,0 +1,31 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Attachment struct { + + Type_ string `json:"Type,omitempty"` + + Path string `json:"Path,omitempty"` + + IgnoreFlushes bool `json:"IgnoreFlushes,omitempty"` + + CachingMode string `json:"CachingMode,omitempty"` + + NoWriteHardening bool `json:"NoWriteHardening,omitempty"` + + DisableExpansionOptimization bool `json:"DisableExpansionOptimization,omitempty"` + + IgnoreRelativeLocator bool `json:"IgnoreRelativeLocator,omitempty"` + + CaptureIoAttributionContext bool `json:"CaptureIoAttributionContext,omitempty"` + + ReadOnly bool `json:"ReadOnly,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/battery.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/battery.go new file mode 100644 index 00000000000..ecbbed4c233 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/battery.go @@ -0,0 +1,13 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Battery struct { +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/cache_query_stats_response.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/cache_query_stats_response.go new file mode 100644 index 00000000000..243779eab67 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/cache_query_stats_response.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type CacheQueryStatsResponse struct { + + L3OccupancyBytes int32 `json:"L3OccupancyBytes,omitempty"` + + L3TotalBwBytes int32 `json:"L3TotalBwBytes,omitempty"` + + L3LocalBwBytes int32 `json:"L3LocalBwBytes,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/chipset.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/chipset.go new file mode 100644 index 00000000000..ca75277a3f2 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/chipset.go @@ -0,0 +1,27 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Chipset struct { + Uefi *Uefi `json:"Uefi,omitempty"` + + IsNumLockDisabled bool `json:"IsNumLockDisabled,omitempty"` + + BaseBoardSerialNumber string `json:"BaseBoardSerialNumber,omitempty"` + + ChassisSerialNumber string `json:"ChassisSerialNumber,omitempty"` + + ChassisAssetTag string `json:"ChassisAssetTag,omitempty"` + + UseUtc bool `json:"UseUtc,omitempty"` + + // LinuxKernelDirect - Added in v2.2 Builds >=181117 + LinuxKernelDirect *LinuxKernelDirect `json:"LinuxKernelDirect,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/close_handle.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/close_handle.go new file mode 100644 index 00000000000..88f01707a73 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/close_handle.go @@ -0,0 +1,15 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type CloseHandle struct { + + Handle string `json:"Handle,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/com_port.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/com_port.go new file mode 100644 index 00000000000..c665be3d5a3 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/com_port.go @@ -0,0 +1,18 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// ComPort specifies the named pipe that will be used for the port, with empty string indicating a disconnected port. +type ComPort struct { + + NamedPipe string `json:"NamedPipe,omitempty"` + + OptimizeForDebugger bool `json:"OptimizeForDebugger,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/compute_system.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/compute_system.go new file mode 100644 index 00000000000..85785d28585 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/compute_system.go @@ -0,0 +1,27 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type ComputeSystem struct { + + Owner string `json:"Owner,omitempty"` + + SchemaVersion *Version `json:"SchemaVersion,omitempty"` + + HostingSystemId string `json:"HostingSystemId,omitempty"` + + HostedSystem *HostedSystem `json:"HostedSystem,omitempty"` + + Container *Container `json:"Container,omitempty"` + + VirtualMachine *VirtualMachine `json:"VirtualMachine,omitempty"` + + ShouldTerminateOnLastHandleClosed bool `json:"ShouldTerminateOnLastHandleClosed,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/configuration.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/configuration.go new file mode 100644 index 00000000000..2c72ab1498d --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/configuration.go @@ -0,0 +1,72 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +import ( + "net/http" +) + +// contextKeys are used to identify the type of value in the context. +// Since these are string, it is possible to get a short description of the +// context key for logging and debugging using key.String(). + +type contextKey string + +func (c contextKey) String() string { + return "auth " + string(c) +} + +var ( + // ContextOAuth2 takes a oauth2.TokenSource as authentication for the request. + ContextOAuth2 = contextKey("token") + + // ContextBasicAuth takes BasicAuth as authentication for the request. + ContextBasicAuth = contextKey("basic") + + // ContextAccessToken takes a string oauth2 access token as authentication for the request. + ContextAccessToken = contextKey("accesstoken") + + // ContextAPIKey takes an APIKey as authentication for the request + ContextAPIKey = contextKey("apikey") +) + +// BasicAuth provides basic http authentication to a request passed via context using ContextBasicAuth +type BasicAuth struct { + UserName string `json:"userName,omitempty"` + Password string `json:"password,omitempty"` +} + +// APIKey provides API key based authentication to a request passed via context using ContextAPIKey +type APIKey struct { + Key string + Prefix string +} + +type Configuration struct { + BasePath string `json:"basePath,omitempty"` + Host string `json:"host,omitempty"` + Scheme string `json:"scheme,omitempty"` + DefaultHeader map[string]string `json:"defaultHeader,omitempty"` + UserAgent string `json:"userAgent,omitempty"` + HTTPClient *http.Client +} + +func NewConfiguration() *Configuration { + cfg := &Configuration{ + BasePath: "https://localhost", + DefaultHeader: make(map[string]string), + UserAgent: "Swagger-Codegen/2.1.0/go", + } + return cfg +} + +func (c *Configuration) AddDefaultHeader(key string, value string) { + c.DefaultHeader[key] = value +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/console_size.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/console_size.go new file mode 100644 index 00000000000..adbe07fe559 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/console_size.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type ConsoleSize struct { + + Height int32 `json:"Height,omitempty"` + + Width int32 `json:"Width,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/container.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/container.go new file mode 100644 index 00000000000..17dce28bc72 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/container.go @@ -0,0 +1,35 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Container struct { + + GuestOs *GuestOs `json:"GuestOs,omitempty"` + + Storage *Storage `json:"Storage,omitempty"` + + MappedDirectories []MappedDirectory `json:"MappedDirectories,omitempty"` + + MappedPipes []MappedPipe `json:"MappedPipes,omitempty"` + + Memory *Memory `json:"Memory,omitempty"` + + Processor *Processor `json:"Processor,omitempty"` + + Networking *Networking `json:"Networking,omitempty"` + + HvSocket *HvSocket `json:"HvSocket,omitempty"` + + ContainerCredentialGuard *ContainerCredentialGuardState `json:"ContainerCredentialGuard,omitempty"` + + RegistryChanges *RegistryChanges `json:"RegistryChanges,omitempty"` + + AssignedDevices []Device `json:"AssignedDevices,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/container_credential_guard_state.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/container_credential_guard_state.go new file mode 100644 index 00000000000..0f8f644379c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/container_credential_guard_state.go @@ -0,0 +1,25 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type ContainerCredentialGuardState struct { + + // Authentication cookie for calls to a Container Credential Guard instance. + Cookie string `json:"Cookie,omitempty"` + + // Name of the RPC endpoint of the Container Credential Guard instance. + RpcEndpoint string `json:"RpcEndpoint,omitempty"` + + // Transport used for the configured Container Credential Guard instance. + Transport string `json:"Transport,omitempty"` + + // Credential spec used for the configured Container Credential Guard instance. + CredentialSpec string `json:"CredentialSpec,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/container_memory_information.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/container_memory_information.go new file mode 100644 index 00000000000..754797e213f --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/container_memory_information.go @@ -0,0 +1,26 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// memory usage as viewed from within the container +type ContainerMemoryInformation struct { + + TotalPhysicalBytes int32 `json:"TotalPhysicalBytes,omitempty"` + + TotalUsage int32 `json:"TotalUsage,omitempty"` + + CommittedBytes int32 `json:"CommittedBytes,omitempty"` + + SharedCommittedBytes int32 `json:"SharedCommittedBytes,omitempty"` + + CommitLimitBytes int32 `json:"CommitLimitBytes,omitempty"` + + PeakCommitmentBytes int32 `json:"PeakCommitmentBytes,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/device.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/device.go new file mode 100644 index 00000000000..ca319bbbcea --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/device.go @@ -0,0 +1,16 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Device struct { + + // The interface class guid of the device to assign to container. + InterfaceClassGuid string `json:"InterfaceClassGuid,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/devices.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/devices.go new file mode 100644 index 00000000000..b2191c571db --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/devices.go @@ -0,0 +1,43 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Devices struct { + + ComPorts map[string]ComPort `json:"ComPorts,omitempty"` + + Scsi map[string]Scsi `json:"Scsi,omitempty"` + + VirtualPMem *VirtualPMemController `json:"VirtualPMem,omitempty"` + + NetworkAdapters map[string]NetworkAdapter `json:"NetworkAdapters,omitempty"` + + VideoMonitor *VideoMonitor `json:"VideoMonitor,omitempty"` + + Keyboard *Keyboard `json:"Keyboard,omitempty"` + + Mouse *Mouse `json:"Mouse,omitempty"` + + HvSocket *HvSocket2 `json:"HvSocket,omitempty"` + + EnhancedModeVideo *EnhancedModeVideo `json:"EnhancedModeVideo,omitempty"` + + GuestCrashReporting *GuestCrashReporting `json:"GuestCrashReporting,omitempty"` + + VirtualSmb *VirtualSmb `json:"VirtualSmb,omitempty"` + + Plan9 *Plan9 `json:"Plan9,omitempty"` + + Battery *Battery `json:"Battery,omitempty"` + + FlexibleIov map[string]FlexibleIoDevice `json:"FlexibleIov,omitempty"` + + SharedMemory *SharedMemoryConfiguration `json:"SharedMemory,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/enhanced_mode_video.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/enhanced_mode_video.go new file mode 100644 index 00000000000..4fe592f7117 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/enhanced_mode_video.go @@ -0,0 +1,15 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type EnhancedModeVideo struct { + + ConnectionOptions *RdpConnectionOptions `json:"ConnectionOptions,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/flexible_io_device.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/flexible_io_device.go new file mode 100644 index 00000000000..51011afe407 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/flexible_io_device.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type FlexibleIoDevice struct { + + EmulatorId string `json:"EmulatorId,omitempty"` + + HostingModel string `json:"HostingModel,omitempty"` + + Configuration []string `json:"Configuration,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_connection.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_connection.go new file mode 100644 index 00000000000..7db29495b3e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_connection.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type GuestConnection struct { + + // Use Vsock rather than Hyper-V sockets to communicate with the guest service. + UseVsock bool `json:"UseVsock,omitempty"` + + // Don't disconnect the guest connection when pausing the virtual machine. + UseConnectedSuspend bool `json:"UseConnectedSuspend,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_connection_info.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_connection_info.go new file mode 100644 index 00000000000..8a369bab71c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_connection_info.go @@ -0,0 +1,21 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Information about the guest. +type GuestConnectionInfo struct { + + // Each schema version x.y stands for the range of versions a.b where a==x and b<=y. This list comes from the SupportedSchemaVersions field in GcsCapabilities. + SupportedSchemaVersions []Version `json:"SupportedSchemaVersions,omitempty"` + + ProtocolVersion int32 `json:"ProtocolVersion,omitempty"` + + GuestDefinedCapabilities *interface{} `json:"GuestDefinedCapabilities,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_crash_reporting.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_crash_reporting.go new file mode 100644 index 00000000000..c5fa767352e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_crash_reporting.go @@ -0,0 +1,15 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type GuestCrashReporting struct { + + WindowsCrashSettings *WindowsCrashReporting `json:"WindowsCrashSettings,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_os.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_os.go new file mode 100644 index 00000000000..c708fc7c3f9 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_os.go @@ -0,0 +1,15 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type GuestOs struct { + + HostName string `json:"HostName,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_state.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_state.go new file mode 100644 index 00000000000..ef1eec88656 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/guest_state.go @@ -0,0 +1,22 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type GuestState struct { + + // The path to an existing file uses for persistent guest state storage. An empty string indicates the system should initialize new transient, in-memory guest state. + GuestStateFilePath string `json:"GuestStateFilePath,omitempty"` + + // The path to an existing file for persistent runtime state storage. An empty string indicates the system should initialize new transient, in-memory runtime state. + RuntimeStateFilePath string `json:"RuntimeStateFilePath,omitempty"` + + // If true, the guest state and runtime state files will be used as templates to populate transient, in-memory state instead of using the files as persistent backing store. + ForceTransientState bool `json:"ForceTransientState,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/hosted_system.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hosted_system.go new file mode 100644 index 00000000000..0797584c51d --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hosted_system.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type HostedSystem struct { + + SchemaVersion *Version `json:"SchemaVersion,omitempty"` + + Container *Container `json:"Container,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket.go new file mode 100644 index 00000000000..ef9ffb8dd93 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type HvSocket struct { + + Config *HvSocketSystemConfig `json:"Config,omitempty"` + + EnablePowerShellDirect bool `json:"EnablePowerShellDirect,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_2.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_2.go new file mode 100644 index 00000000000..a19ba15c15b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_2.go @@ -0,0 +1,16 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// HvSocket configuration for a VM +type HvSocket2 struct { + + HvSocketConfig *HvSocketSystemConfig `json:"HvSocketConfig,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_service_config.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_service_config.go new file mode 100644 index 00000000000..a848e91e69b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_service_config.go @@ -0,0 +1,22 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type HvSocketServiceConfig struct { + + // SDDL string that HvSocket will check before allowing a host process to bind to this specific service. If not specified, defaults to the system DefaultBindSecurityDescriptor, defined in HvSocketSystemWpConfig in V1. + BindSecurityDescriptor string `json:"BindSecurityDescriptor,omitempty"` + + // SDDL string that HvSocket will check before allowing a host process to connect to this specific service. If not specified, defaults to the system DefaultConnectSecurityDescriptor, defined in HvSocketSystemWpConfig in V1. + ConnectSecurityDescriptor string `json:"ConnectSecurityDescriptor,omitempty"` + + // If true, HvSocket will process wildcard binds for this service/system combination. Wildcard binds are secured in the registry at SOFTWARE/Microsoft/Windows NT/CurrentVersion/Virtualization/HvSocket/WildcardDescriptors + AllowWildcardBinds bool `json:"AllowWildcardBinds,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_system_config.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_system_config.go new file mode 100644 index 00000000000..69f4f9d39b9 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/hv_socket_system_config.go @@ -0,0 +1,22 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// This is the HCS Schema version of the HvSocket configuration. The VMWP version is located in Config.Devices.IC in V1. +type HvSocketSystemConfig struct { + + // SDDL string that HvSocket will check before allowing a host process to bind to an unlisted service for this specific container/VM (not wildcard binds). + DefaultBindSecurityDescriptor string `json:"DefaultBindSecurityDescriptor,omitempty"` + + // SDDL string that HvSocket will check before allowing a host process to connect to an unlisted service in the VM/container. + DefaultConnectSecurityDescriptor string `json:"DefaultConnectSecurityDescriptor,omitempty"` + + ServiceTable map[string]HvSocketServiceConfig `json:"ServiceTable,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/keyboard.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/keyboard.go new file mode 100644 index 00000000000..3d3fa3b1c73 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/keyboard.go @@ -0,0 +1,13 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Keyboard struct { +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/layer.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/layer.go new file mode 100644 index 00000000000..b63b8ef12c8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/layer.go @@ -0,0 +1,22 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Layer struct { + + Id string `json:"Id,omitempty"` + + Path string `json:"Path,omitempty"` + + PathType string `json:"PathType,omitempty"` + + // Unspecified defaults to Enabled + Cache string `json:"Cache,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/linux_kernel_direct.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/linux_kernel_direct.go new file mode 100644 index 00000000000..0ab6c280fc8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/linux_kernel_direct.go @@ -0,0 +1,18 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.2 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type LinuxKernelDirect struct { + KernelFilePath string `json:"KernelFilePath,omitempty"` + + InitRdPath string `json:"InitRdPath,omitempty"` + + KernelCmdLine string `json:"KernelCmdLine,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/mapped_directory.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/mapped_directory.go new file mode 100644 index 00000000000..a823a6d3b89 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/mapped_directory.go @@ -0,0 +1,21 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type MappedDirectory struct { + + HostPath string `json:"HostPath,omitempty"` + + HostPathType string `json:"HostPathType,omitempty"` + + ContainerPath string `json:"ContainerPath,omitempty"` + + ReadOnly bool `json:"ReadOnly,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/mapped_pipe.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/mapped_pipe.go new file mode 100644 index 00000000000..2d1d2604a9b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/mapped_pipe.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type MappedPipe struct { + + ContainerPipeName string `json:"ContainerPipeName,omitempty"` + + HostPath string `json:"HostPath,omitempty"` + + HostPathType string `json:"HostPathType,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory.go new file mode 100644 index 00000000000..e1d135a3a4b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory.go @@ -0,0 +1,15 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Memory struct { + + SizeInMB int32 `json:"SizeInMB,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_2.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_2.go new file mode 100644 index 00000000000..27d0b8c4838 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_2.go @@ -0,0 +1,25 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Memory2 struct { + SizeInMB int32 `json:"SizeInMB,omitempty"` + + AllowOvercommit bool `json:"AllowOvercommit,omitempty"` + + EnableHotHint bool `json:"EnableHotHint,omitempty"` + + EnableColdHint bool `json:"EnableColdHint,omitempty"` + + EnableEpf bool `json:"EnableEpf,omitempty"` + + // EnableDeferredCommit is private in the schema. If regenerated need to add back. + EnableDeferredCommit bool `json:"EnableDeferredCommit,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_information_for_vm.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_information_for_vm.go new file mode 100644 index 00000000000..bdd87dffd85 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_information_for_vm.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type MemoryInformationForVm struct { + + VirtualNodeCount int32 `json:"VirtualNodeCount,omitempty"` + + VirtualMachineMemory *VmMemory `json:"VirtualMachineMemory,omitempty"` + + VirtualNodes []VirtualNodeInfo `json:"VirtualNodes,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_stats.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_stats.go new file mode 100644 index 00000000000..6214970f697 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_stats.go @@ -0,0 +1,20 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Memory runtime statistics +type MemoryStats struct { + + MemoryUsageCommitBytes int32 `json:"MemoryUsageCommitBytes,omitempty"` + + MemoryUsageCommitPeakBytes int32 `json:"MemoryUsageCommitPeakBytes,omitempty"` + + MemoryUsagePrivateWorkingSetBytes int32 `json:"MemoryUsagePrivateWorkingSetBytes,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/modify_setting_request.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/modify_setting_request.go new file mode 100644 index 00000000000..d29455a3e43 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/modify_setting_request.go @@ -0,0 +1,20 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type ModifySettingRequest struct { + ResourcePath string `json:"ResourcePath,omitempty"` + + RequestType string `json:"RequestType,omitempty"` + + Settings interface{} `json:"Settings,omitempty"` // NOTE: Swagger generated as *interface{}. Locally updated + + GuestRequest interface{} `json:"GuestRequest,omitempty"` // NOTE: Swagger generated as *interface{}. Locally updated +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/mouse.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/mouse.go new file mode 100644 index 00000000000..ccf8b938f3a --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/mouse.go @@ -0,0 +1,13 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Mouse struct { +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/network_adapter.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/network_adapter.go new file mode 100644 index 00000000000..c586f66c251 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/network_adapter.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type NetworkAdapter struct { + + EndpointId string `json:"EndpointId,omitempty"` + + MacAddress string `json:"MacAddress,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/networking.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/networking.go new file mode 100644 index 00000000000..12c47827c5d --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/networking.go @@ -0,0 +1,24 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Networking struct { + + AllowUnqualifiedDnsQuery bool `json:"AllowUnqualifiedDnsQuery,omitempty"` + + DnsSearchList string `json:"DnsSearchList,omitempty"` + + NetworkSharedContainerName string `json:"NetworkSharedContainerName,omitempty"` + + // Guid in windows; string in linux + Namespace string `json:"Namespace,omitempty"` + + NetworkAdapters []string `json:"NetworkAdapters,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/pause_notification.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/pause_notification.go new file mode 100644 index 00000000000..1cd70d17902 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/pause_notification.go @@ -0,0 +1,16 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Notification data that is indicated to components running in the Virtual Machine. +type PauseNotification struct { + + Reason string `json:"Reason,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/pause_options.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/pause_options.go new file mode 100644 index 00000000000..780a5cae2c1 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/pause_options.go @@ -0,0 +1,18 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Options for HcsPauseComputeSystem +type PauseOptions struct { + + SuspensionLevel string `json:"SuspensionLevel,omitempty"` + + HostedNotification *PauseNotification `json:"HostedNotification,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9.go new file mode 100644 index 00000000000..705c677e1f8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9.go @@ -0,0 +1,15 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Plan9 struct { + + Shares []Plan9Share `json:"Shares,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9_share.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9_share.go new file mode 100644 index 00000000000..b2bc58b83c2 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/plan9_share.go @@ -0,0 +1,26 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Plan9Share struct { + + Name string `json:"Name,omitempty"` + + // The name by which the guest operation system can access this share, via the aname parameter in the Plan9 protocol. + AccessName string `json:"AccessName,omitempty"` + + Path string `json:"Path,omitempty"` + + Port int32 `json:"Port,omitempty"` + + ReadOnly bool `json:"ReadOnly,omitempty"` + + UseShareRootIdentity bool `json:"UseShareRootIdentity,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_details.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_details.go new file mode 100644 index 00000000000..63e0b7f8fe5 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_details.go @@ -0,0 +1,34 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +import ( + "time" +) + +// Information about a process running in a container +type ProcessDetails struct { + + ProcessId int32 `json:"ProcessId,omitempty"` + + ImageName string `json:"ImageName,omitempty"` + + CreateTimestamp time.Time `json:"CreateTimestamp,omitempty"` + + UserTime100ns int32 `json:"UserTime100ns,omitempty"` + + KernelTime100ns int32 `json:"KernelTime100ns,omitempty"` + + MemoryCommitBytes int32 `json:"MemoryCommitBytes,omitempty"` + + MemoryWorkingSetPrivateBytes int32 `json:"MemoryWorkingSetPrivateBytes,omitempty"` + + MemoryWorkingSetSharedBytes int32 `json:"MemoryWorkingSetSharedBytes,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_modify_request.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_modify_request.go new file mode 100644 index 00000000000..29bc2e3d00b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_modify_request.go @@ -0,0 +1,20 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Passed to HcsRpc_ModifyProcess +type ProcessModifyRequest struct { + + Operation string `json:"Operation,omitempty"` + + ConsoleSize *ConsoleSize `json:"ConsoleSize,omitempty"` + + CloseHandle *CloseHandle `json:"CloseHandle,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_parameters.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_parameters.go new file mode 100644 index 00000000000..470c55734ed --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_parameters.go @@ -0,0 +1,47 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type ProcessParameters struct { + + ApplicationName string `json:"ApplicationName,omitempty"` + + CommandLine string `json:"CommandLine,omitempty"` + + // optional alternative to CommandLine, currently only supported by Linux GCS + CommandArgs []string `json:"CommandArgs,omitempty"` + + User string `json:"User,omitempty"` + + WorkingDirectory string `json:"WorkingDirectory,omitempty"` + + Environment map[string]string `json:"Environment,omitempty"` + + // if set, will run as low-privilege process + RestrictedToken bool `json:"RestrictedToken,omitempty"` + + // if set, ignore StdErrPipe + EmulateConsole bool `json:"EmulateConsole,omitempty"` + + CreateStdInPipe bool `json:"CreateStdInPipe,omitempty"` + + CreateStdOutPipe bool `json:"CreateStdOutPipe,omitempty"` + + CreateStdErrPipe bool `json:"CreateStdErrPipe,omitempty"` + + // height then width + ConsoleSize []int32 `json:"ConsoleSize,omitempty"` + + // if set, find an existing session for the user and create the process in it + UseExistingLogin bool `json:"UseExistingLogin,omitempty"` + + // if set, use the legacy console instead of conhost + UseLegacyConsole bool `json:"UseLegacyConsole,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_status.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_status.go new file mode 100644 index 00000000000..20793d1503b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/process_status.go @@ -0,0 +1,22 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Status of a process running in a container +type ProcessStatus struct { + + ProcessId int32 `json:"ProcessId,omitempty"` + + Exited bool `json:"Exited,omitempty"` + + ExitCode int32 `json:"ExitCode,omitempty"` + + LastWaitResult int32 `json:"LastWaitResult,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor.go new file mode 100644 index 00000000000..7a60b0245aa --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Processor struct { + + Count int32 `json:"Count,omitempty"` + + Maximum int32 `json:"Maximum,omitempty"` + + Weight int32 `json:"Weight,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor_2.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor_2.go new file mode 100644 index 00000000000..40d3e7356d5 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor_2.go @@ -0,0 +1,21 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Processor2 struct { + + Count int32 `json:"Count,omitempty"` + + Limit int32 `json:"Limit,omitempty"` + + Weight int32 `json:"Weight,omitempty"` + + ExposeVirtualizationExtensions bool `json:"ExposeVirtualizationExtensions,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor_stats.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor_stats.go new file mode 100644 index 00000000000..9d3b77e5728 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/processor_stats.go @@ -0,0 +1,20 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// CPU runtime statistics +type ProcessorStats struct { + + TotalRuntime100ns int32 `json:"TotalRuntime100ns,omitempty"` + + RuntimeUser100ns int32 `json:"RuntimeUser100ns,omitempty"` + + RuntimeKernel100ns int32 `json:"RuntimeKernel100ns,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/properties.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/properties.go new file mode 100644 index 00000000000..6db2a48f66c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/properties.go @@ -0,0 +1,47 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Properties struct { + + Id string `json:"Id,omitempty"` + + SystemType string `json:"SystemType,omitempty"` + + RuntimeOsType string `json:"RuntimeOsType,omitempty"` + + Name string `json:"Name,omitempty"` + + Owner string `json:"Owner,omitempty"` + + RuntimeId string `json:"RuntimeId,omitempty"` + + RuntimeTemplateId string `json:"RuntimeTemplateId,omitempty"` + + State string `json:"State,omitempty"` + + Stopped bool `json:"Stopped,omitempty"` + + ExitType string `json:"ExitType,omitempty"` + + Memory *MemoryInformationForVm `json:"Memory,omitempty"` + + Statistics *Statistics `json:"Statistics,omitempty"` + + ProcessList []ProcessDetails `json:"ProcessList,omitempty"` + + TerminateOnLastHandleClosed bool `json:"TerminateOnLastHandleClosed,omitempty"` + + HostingSystemId string `json:"HostingSystemId,omitempty"` + + SharedMemoryRegionInfo []SharedMemoryRegionInfo `json:"SharedMemoryRegionInfo,omitempty"` + + GuestConnectionInfo *GuestConnectionInfo `json:"GuestConnectionInfo,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/property_query.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/property_query.go new file mode 100644 index 00000000000..22b92ffdfd4 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/property_query.go @@ -0,0 +1,16 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// By default the basic properties will be returned. This query provides a way to request specific properties. +type PropertyQuery struct { + + PropertyTypes []string `json:"PropertyTypes,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/rdp_connection_options.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/rdp_connection_options.go new file mode 100644 index 00000000000..97e45312834 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/rdp_connection_options.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type RdpConnectionOptions struct { + + AccessSids []string `json:"AccessSids,omitempty"` + + NamedPipe string `json:"NamedPipe,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_changes.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_changes.go new file mode 100644 index 00000000000..fa574ccc801 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_changes.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type RegistryChanges struct { + + AddValues []RegistryValue `json:"AddValues,omitempty"` + + DeleteKeys []RegistryKey `json:"DeleteKeys,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_key.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_key.go new file mode 100644 index 00000000000..fab03bc60be --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_key.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type RegistryKey struct { + + Hive string `json:"Hive,omitempty"` + + Name string `json:"Name,omitempty"` + + Volatile bool `json:"Volatile,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_value.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_value.go new file mode 100644 index 00000000000..1589f484134 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/registry_value.go @@ -0,0 +1,31 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type RegistryValue struct { + + Key *RegistryKey `json:"Key,omitempty"` + + Name string `json:"Name,omitempty"` + + Type_ string `json:"Type,omitempty"` + + // One and only one value type must be set. + StringValue string `json:"StringValue,omitempty"` + + BinaryValue string `json:"BinaryValue,omitempty"` + + DWordValue int32 `json:"DWordValue,omitempty"` + + QWordValue int32 `json:"QWordValue,omitempty"` + + // Only used if RegistryValueType is CustomType The data is in BinaryValue + CustomType int32 `json:"CustomType,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/restore_state.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/restore_state.go new file mode 100644 index 00000000000..778ff58735a --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/restore_state.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type RestoreState struct { + + // The path to the save state file to restore the system from. + SaveStateFilePath string `json:"SaveStateFilePath,omitempty"` + + // The ID of the template system to clone this new system off of. An empty string indicates the system should not be cloned from a template. + TemplateSystemId string `json:"TemplateSystemId,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/save_options.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/save_options.go new file mode 100644 index 00000000000..e55fa1d98a5 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/save_options.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type SaveOptions struct { + + // The type of save operation to be performed. + SaveType string `json:"SaveType,omitempty"` + + // The path to the file that will container the saved state. + SaveStateFilePath string `json:"SaveStateFilePath,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/scsi.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/scsi.go new file mode 100644 index 00000000000..bf253a470b6 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/scsi.go @@ -0,0 +1,16 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Scsi struct { + + // Map of attachments, where the key is the integer LUN number on the controller. + Attachments map[string]Attachment `json:"Attachments,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_configuration.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_configuration.go new file mode 100644 index 00000000000..bd573f6cd4e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_configuration.go @@ -0,0 +1,15 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type SharedMemoryConfiguration struct { + + Regions []SharedMemoryRegion `json:"Regions,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_region.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_region.go new file mode 100644 index 00000000000..a57b2cba73b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_region.go @@ -0,0 +1,23 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type SharedMemoryRegion struct { + + SectionName string `json:"SectionName,omitempty"` + + StartOffset int32 `json:"StartOffset,omitempty"` + + Length int32 `json:"Length,omitempty"` + + AllowGuestWrite bool `json:"AllowGuestWrite,omitempty"` + + HiddenFromGuest bool `json:"HiddenFromGuest,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_region_info.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_region_info.go new file mode 100644 index 00000000000..d9a50cc7da8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/shared_memory_region_info.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type SharedMemoryRegionInfo struct { + + SectionName string `json:"SectionName,omitempty"` + + GuestPhysicalAddress int32 `json:"GuestPhysicalAddress,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/silo_properties.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/silo_properties.go new file mode 100644 index 00000000000..599c06e8aa1 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/silo_properties.go @@ -0,0 +1,18 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Silo job information +type SiloProperties struct { + + Enabled bool `json:"Enabled,omitempty"` + + JobName string `json:"JobName,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/statistics.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/statistics.go new file mode 100644 index 00000000000..5cb3ed93b59 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/statistics.go @@ -0,0 +1,30 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +import ( + "time" +) + +// Runtime statistics for a container +type Statistics struct { + + Timestamp time.Time `json:"Timestamp,omitempty"` + + ContainerStartTime time.Time `json:"ContainerStartTime,omitempty"` + + Uptime100ns int32 `json:"Uptime100ns,omitempty"` + + Processor *ProcessorStats `json:"Processor,omitempty"` + + Memory *MemoryStats `json:"Memory,omitempty"` + + Storage *StorageStats `json:"Storage,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage.go new file mode 100644 index 00000000000..2627af91323 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage.go @@ -0,0 +1,21 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Storage struct { + + // List of layers that describe the parent hierarchy for a container's storage. These layers combined together, presented as a disposable and/or committable working storage, are used by the container to record all changes done to the parent layers. + Layers []Layer `json:"Layers,omitempty"` + + // Path that points to the scratch space of a container, where parent layers are combined together to present a new disposable and/or committable layer with the changes done during its runtime. + Path string `json:"Path,omitempty"` + + QoS *StorageQoS `json:"QoS,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage_qo_s.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage_qo_s.go new file mode 100644 index 00000000000..8c5255df1e3 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage_qo_s.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type StorageQoS struct { + + IopsMaximum int32 `json:"IopsMaximum,omitempty"` + + BandwidthMaximum int32 `json:"BandwidthMaximum,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage_stats.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage_stats.go new file mode 100644 index 00000000000..198ea57d750 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/storage_stats.go @@ -0,0 +1,22 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +// Storage runtime statistics +type StorageStats struct { + + ReadCountNormalized int32 `json:"ReadCountNormalized,omitempty"` + + ReadSizeBytes int32 `json:"ReadSizeBytes,omitempty"` + + WriteCountNormalized int32 `json:"WriteCountNormalized,omitempty"` + + WriteSizeBytes int32 `json:"WriteSizeBytes,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/topology.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/topology.go new file mode 100644 index 00000000000..af2e3c82346 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/topology.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Topology struct { + + Memory *Memory2 `json:"Memory,omitempty"` + + Processor *Processor2 `json:"Processor,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/uefi.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/uefi.go new file mode 100644 index 00000000000..ba91178f96c --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/uefi.go @@ -0,0 +1,21 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Uefi struct { + + EnableDebugger bool `json:"EnableDebugger,omitempty"` + + SecureBootTemplateId string `json:"SecureBootTemplateId,omitempty"` + + BootThis *UefiBootEntry `json:"BootThis,omitempty"` + + Console string `json:"Console,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/uefi_boot_entry.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/uefi_boot_entry.go new file mode 100644 index 00000000000..6620fb2bcf8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/uefi_boot_entry.go @@ -0,0 +1,23 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type UefiBootEntry struct { + + DeviceType string `json:"DeviceType,omitempty"` + + DevicePath string `json:"DevicePath,omitempty"` + + DiskNumber int32 `json:"DiskNumber,omitempty"` + + OptionalData string `json:"OptionalData,omitempty"` + + VmbFsRootPath string `json:"VmbFsRootPath,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/version.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/version.go new file mode 100644 index 00000000000..62c0e4d12ab --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/version.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type Version struct { + + Major int32 `json:"Major,omitempty"` + + Minor int32 `json:"Minor,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/video_monitor.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/video_monitor.go new file mode 100644 index 00000000000..0958e560625 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/video_monitor.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VideoMonitor struct { + + HorizontalResolution int32 `json:"HorizontalResolution,omitempty"` + + VerticalResolution int32 `json:"VerticalResolution,omitempty"` + + ConnectionOptions *RdpConnectionOptions `json:"ConnectionOptions,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_machine.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_machine.go new file mode 100644 index 00000000000..2d22b1bcb08 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_machine.go @@ -0,0 +1,32 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VirtualMachine struct { + + // StopOnReset is private in the schema. If regenerated need to put back. + StopOnReset bool `json:"StopOnReset,omitempty"` + + Chipset *Chipset `json:"Chipset,omitempty"` + + ComputeTopology *Topology `json:"ComputeTopology,omitempty"` + + Devices *Devices `json:"Devices,omitempty"` + + GuestState *GuestState `json:"GuestState,omitempty"` + + RestoreState *RestoreState `json:"RestoreState,omitempty"` + + RegistryChanges *RegistryChanges `json:"RegistryChanges,omitempty"` + + StorageQoS *StorageQoS `json:"StorageQoS,omitempty"` + + GuestConnection *GuestConnection `json:"GuestConnection,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_node_info.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_node_info.go new file mode 100644 index 00000000000..48402d8ecb1 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_node_info.go @@ -0,0 +1,21 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VirtualNodeInfo struct { + + VirtualNodeIndex int32 `json:"VirtualNodeIndex,omitempty"` + + PhysicalNodeNumber int32 `json:"PhysicalNodeNumber,omitempty"` + + VirtualProcessorCount int32 `json:"VirtualProcessorCount,omitempty"` + + MemoryUsageInPages int32 `json:"MemoryUsageInPages,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_p_mem_controller.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_p_mem_controller.go new file mode 100644 index 00000000000..f5b7f3e38c0 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_p_mem_controller.go @@ -0,0 +1,20 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VirtualPMemController struct { + Devices map[string]VirtualPMemDevice `json:"Devices,omitempty"` + + MaximumCount uint32 `json:"MaximumCount,omitempty"` + + MaximumSizeBytes uint64 `json:"MaximumSizeBytes,omitempty"` + + Backing string `json:"Backing,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_p_mem_device.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_p_mem_device.go new file mode 100644 index 00000000000..47714444aa0 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_p_mem_device.go @@ -0,0 +1,19 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VirtualPMemDevice struct { + + HostPath string `json:"HostPath,omitempty"` + + ReadOnly bool `json:"ReadOnly,omitempty"` + + ImageFormat string `json:"ImageFormat,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb.go new file mode 100644 index 00000000000..76131b3a71a --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VirtualSmb struct { + + Shares []VirtualSmbShare `json:"Shares,omitempty"` + + DirectFileMappingInMB int64 `json:"DirectFileMappingInMB,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb_share.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb_share.go new file mode 100644 index 00000000000..b50098a4232 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb_share.go @@ -0,0 +1,21 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VirtualSmbShare struct { + + Name string `json:"Name,omitempty"` + + Path string `json:"Path,omitempty"` + + AllowedFiles []string `json:"AllowedFiles,omitempty"` + + Options *VirtualSmbShareOptions `json:"Options,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb_share_options.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb_share_options.go new file mode 100644 index 00000000000..c1894279dc8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/virtual_smb_share_options.go @@ -0,0 +1,63 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VirtualSmbShareOptions struct { + + ReadOnly bool `json:"ReadOnly,omitempty"` + + // convert exclusive access to shared read access + ShareRead bool `json:"ShareRead,omitempty"` + + // all opens will use cached I/O + CacheIo bool `json:"CacheIo,omitempty"` + + // disable oplock support + NoOplocks bool `json:"NoOplocks,omitempty"` + + // Acquire the backup privilege when attempting to open + TakeBackupPrivilege bool `json:"TakeBackupPrivilege,omitempty"` + + // Use the identity of the share root when opening + UseShareRootIdentity bool `json:"UseShareRootIdentity,omitempty"` + + // disable Direct Mapping + NoDirectmap bool `json:"NoDirectmap,omitempty"` + + // disable Byterange locks + NoLocks bool `json:"NoLocks,omitempty"` + + // disable Directory CHange Notifications + NoDirnotify bool `json:"NoDirnotify,omitempty"` + + // share is use for VM shared memory + VmSharedMemory bool `json:"VmSharedMemory,omitempty"` + + // allow access only to the files specified in AllowedFiles + RestrictFileAccess bool `json:"RestrictFileAccess,omitempty"` + + // disable all oplocks except Level II + ForceLevelIIOplocks bool `json:"ForceLevelIIOplocks,omitempty"` + + // Allow the host to reparse this base layer + ReparseBaseLayer bool `json:"ReparseBaseLayer,omitempty"` + + // Enable pseudo-oplocks + PseudoOplocks bool `json:"PseudoOplocks,omitempty"` + + // All opens will use non-cached IO + NonCacheIo bool `json:"NonCacheIo,omitempty"` + + // Enable pseudo directory change notifications + PseudoDirnotify bool `json:"PseudoDirnotify,omitempty"` + + // Block directory enumeration, renames, and deletes. + SingleFileMapping bool `json:"SingleFileMapping,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/vm_memory.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/vm_memory.go new file mode 100644 index 00000000000..39f628667cd --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/vm_memory.go @@ -0,0 +1,27 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type VmMemory struct { + + AvailableMemory int32 `json:"AvailableMemory,omitempty"` + + AvailableMemoryBuffer int32 `json:"AvailableMemoryBuffer,omitempty"` + + ReservedMemory int32 `json:"ReservedMemory,omitempty"` + + AssignedMemory int32 `json:"AssignedMemory,omitempty"` + + SlpActive bool `json:"SlpActive,omitempty"` + + BalancingEnabled bool `json:"BalancingEnabled,omitempty"` + + DmOperationInProgress bool `json:"DmOperationInProgress,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/schema2/windows_crash_reporting.go b/vendor/github.com/Microsoft/hcsshim/internal/schema2/windows_crash_reporting.go new file mode 100644 index 00000000000..cf632bbc834 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/schema2/windows_crash_reporting.go @@ -0,0 +1,17 @@ +/* + * HCS API + * + * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen) + * + * API version: 2.1 + * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git) + */ + +package hcsschema + +type WindowsCrashReporting struct { + + DumpFileName string `json:"DumpFileName,omitempty"` + + MaxDumpSize int64 `json:"MaxDumpSize,omitempty"` +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/timeout/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/timeout/BUILD new file mode 100644 index 00000000000..f8b745544ee --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/timeout/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["timeout.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/timeout", + importpath = "github.com/Microsoft/hcsshim/internal/timeout", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/timeout/timeout.go b/vendor/github.com/Microsoft/hcsshim/internal/timeout/timeout.go new file mode 100644 index 00000000000..ff3b6572e65 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/timeout/timeout.go @@ -0,0 +1,70 @@ +package timeout + +import ( + "os" + "strconv" + "time" +) + +var ( + // defaultTimeout is the timeout for most operations that is not overridden. + defaultTimeout = 4 * time.Minute + + // defaultTimeoutTestdRetry is the retry loop timeout for testd to respond + // for a disk to come online in LCOW. + defaultTimeoutTestdRetry = 5 * time.Second +) + +// External variables for HCSShim consumers to use. +var ( + // SystemCreate is the timeout for creating a compute system + SystemCreate time.Duration = defaultTimeout + + // SystemStart is the timeout for starting a compute system + SystemStart time.Duration = defaultTimeout + + // SystemPause is the timeout for pausing a compute system + SystemPause time.Duration = defaultTimeout + + // SystemResume is the timeout for resuming a compute system + SystemResume time.Duration = defaultTimeout + + // SyscallWatcher is the timeout before warning of a potential stuck platform syscall. + SyscallWatcher time.Duration = defaultTimeout + + // Tar2VHD is the timeout for the tar2vhd operation to complete + Tar2VHD time.Duration = defaultTimeout + + // ExternalCommandToStart is the timeout for external commands to start + ExternalCommandToStart = defaultTimeout + + // ExternalCommandToComplete is the timeout for external commands to complete. + // Generally this means copying data from their stdio pipes. + ExternalCommandToComplete = defaultTimeout + + // TestDRetryLoop is the timeout for testd retry loop when onlining a SCSI disk in LCOW + TestDRetryLoop = defaultTimeoutTestdRetry +) + +func init() { + SystemCreate = durationFromEnvironment("HCSSHIM_TIMEOUT_SYSTEMCREATE", SystemCreate) + SystemStart = durationFromEnvironment("HCSSHIM_TIMEOUT_SYSTEMSTART", SystemStart) + SystemPause = durationFromEnvironment("HCSSHIM_TIMEOUT_SYSTEMPAUSE", SystemPause) + SystemResume = durationFromEnvironment("HCSSHIM_TIMEOUT_SYSTEMRESUME", SystemResume) + SyscallWatcher = durationFromEnvironment("HCSSHIM_TIMEOUT_SYSCALLWATCHER", SyscallWatcher) + Tar2VHD = durationFromEnvironment("HCSSHIM_TIMEOUT_TAR2VHD", Tar2VHD) + ExternalCommandToStart = durationFromEnvironment("HCSSHIM_TIMEOUT_EXTERNALCOMMANDSTART", ExternalCommandToStart) + ExternalCommandToComplete = durationFromEnvironment("HCSSHIM_TIMEOUT_EXTERNALCOMMANDCOMPLETE", ExternalCommandToComplete) + TestDRetryLoop = durationFromEnvironment("HCSSHIM_TIMEOUT_TESTDRETRYLOOP", TestDRetryLoop) +} + +func durationFromEnvironment(env string, defaultValue time.Duration) time.Duration { + envTimeout := os.Getenv(env) + if len(envTimeout) > 0 { + e, err := strconv.Atoi(envTimeout) + if err == nil && e > 0 { + return time.Second * time.Duration(e) + } + } + return defaultValue +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/BUILD b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/BUILD new file mode 100644 index 00000000000..b384f9152dd --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/BUILD @@ -0,0 +1,60 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "activatelayer.go", + "baselayer.go", + "createlayer.go", + "createscratchlayer.go", + "deactivatelayer.go", + "destroylayer.go", + "expandscratchsize.go", + "exportlayer.go", + "getlayermountpath.go", + "getsharedbaseimages.go", + "grantvmaccess.go", + "importlayer.go", + "layerexists.go", + "layerid.go", + "layerutils.go", + "legacy.go", + "nametoguid.go", + "preparelayer.go", + "processimage.go", + "unpreparelayer.go", + "wclayer.go", + "zsyscall_windows.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/Microsoft/hcsshim/internal/wclayer", + importpath = "github.com/Microsoft/hcsshim/internal/wclayer", + visibility = ["//vendor/github.com/Microsoft/hcsshim:__subpackages__"], + deps = [ + "//vendor/github.com/Microsoft/go-winio:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/guid:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/hcserror:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/interop:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/longpath:go_default_library", + "//vendor/github.com/Microsoft/hcsshim/internal/safefile:go_default_library", + "//vendor/github.com/sirupsen/logrus:go_default_library", + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//vendor/golang.org/x/sys/windows:go_default_library", + ], + "//conditions:default": [], + }), +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/activatelayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/activatelayer.go new file mode 100644 index 00000000000..dcb9192685a --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/activatelayer.go @@ -0,0 +1,32 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// ActivateLayer will find the layer with the given id and mount it's filesystem. +// For a read/write layer, the mounted filesystem will appear as a volume on the +// host, while a read-only layer is generally expected to be a no-op. +// An activated layer must later be deactivated via DeactivateLayer. +func ActivateLayer(path string) (err error) { + title := "hcsshim::ActivateLayer" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = activateLayer(&stdDriverInfo, path) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/baselayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayer.go similarity index 81% rename from vendor/github.com/Microsoft/hcsshim/baselayer.go rename to vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayer.go index 860185c3572..5784241dfa0 100644 --- a/vendor/github.com/Microsoft/hcsshim/baselayer.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayer.go @@ -1,4 +1,4 @@ -package hcsshim +package wclayer import ( "errors" @@ -7,6 +7,8 @@ import ( "syscall" "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/Microsoft/hcsshim/internal/safefile" ) type baseLayerWriter struct { @@ -29,7 +31,7 @@ type dirInfo struct { func reapplyDirectoryTimes(root *os.File, dis []dirInfo) error { for i := range dis { di := &dis[len(dis)-i-1] // reverse order: process child directories first - f, err := openRelative(di.path, root, syscall.GENERIC_READ|syscall.GENERIC_WRITE, syscall.FILE_SHARE_READ, _FILE_OPEN, _FILE_DIRECTORY_FILE) + f, err := safefile.OpenRelative(di.path, root, syscall.GENERIC_READ|syscall.GENERIC_WRITE, syscall.FILE_SHARE_READ, safefile.FILE_OPEN, safefile.FILE_DIRECTORY_FILE) if err != nil { return err } @@ -84,21 +86,21 @@ func (w *baseLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) (err e extraFlags := uint32(0) if fileInfo.FileAttributes&syscall.FILE_ATTRIBUTE_DIRECTORY != 0 { - extraFlags |= _FILE_DIRECTORY_FILE + extraFlags |= safefile.FILE_DIRECTORY_FILE if fileInfo.FileAttributes&syscall.FILE_ATTRIBUTE_REPARSE_POINT == 0 { w.dirInfo = append(w.dirInfo, dirInfo{name, *fileInfo}) } } mode := uint32(syscall.GENERIC_READ | syscall.GENERIC_WRITE | winio.WRITE_DAC | winio.WRITE_OWNER | winio.ACCESS_SYSTEM_SECURITY) - f, err = openRelative(name, w.root, mode, syscall.FILE_SHARE_READ, _FILE_CREATE, extraFlags) + f, err = safefile.OpenRelative(name, w.root, mode, syscall.FILE_SHARE_READ, safefile.FILE_CREATE, extraFlags) if err != nil { - return makeError(err, "Failed to openRelative", name) + return hcserror.New(err, "Failed to safefile.OpenRelative", name) } err = winio.SetFileBasicInfo(f, fileInfo) if err != nil { - return makeError(err, "Failed to SetFileBasicInfo", name) + return hcserror.New(err, "Failed to SetFileBasicInfo", name) } w.f = f @@ -119,7 +121,7 @@ func (w *baseLayerWriter) AddLink(name string, target string) (err error) { return err } - return linkRelative(target, w.root, name, w.root) + return safefile.LinkRelative(target, w.root, name, w.root) } func (w *baseLayerWriter) Remove(name string) error { @@ -157,7 +159,7 @@ func (w *baseLayerWriter) Close() error { } if w.hasUtilityVM { - err := ensureNotReparsePointRelative("UtilityVM", w.root) + err := safefile.EnsureNotReparsePointRelative("UtilityVM", w.root) if err != nil { return err } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/createlayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/createlayer.go new file mode 100644 index 00000000000..be2bc3fd650 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/createlayer.go @@ -0,0 +1,31 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// CreateLayer creates a new, empty, read-only layer on the filesystem based on +// the parent layer provided. +func CreateLayer(path, parent string) (err error) { + title := "hcsshim::CreateLayer" + fields := logrus.Fields{ + "parent": parent, + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = createLayer(&stdDriverInfo, path, parent) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/createscratchlayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/createscratchlayer.go new file mode 100644 index 00000000000..7e3351289e6 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/createscratchlayer.go @@ -0,0 +1,38 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// CreateScratchLayer creates and populates new read-write layer for use by a container. +// This requires both the id of the direct parent layer, as well as the full list +// of paths to all parent layers up to the base (and including the direct parent +// whose id was provided). +func CreateScratchLayer(path string, parentLayerPaths []string) (err error) { + title := "hcsshim::CreateScratchLayer" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + // Generate layer descriptors + layers, err := layerPathsToDescriptors(parentLayerPaths) + if err != nil { + return err + } + + err = createSandboxLayer(&stdDriverInfo, path, 0, layers) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/deactivatelayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/deactivatelayer.go new file mode 100644 index 00000000000..2dd5d571592 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/deactivatelayer.go @@ -0,0 +1,29 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// DeactivateLayer will dismount a layer that was mounted via ActivateLayer. +func DeactivateLayer(path string) (err error) { + title := "hcsshim::DeactivateLayer" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = deactivateLayer(&stdDriverInfo, path) + if err != nil { + return hcserror.New(err, title+"- failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/destroylayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/destroylayer.go new file mode 100644 index 00000000000..4da690c2030 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/destroylayer.go @@ -0,0 +1,30 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// DestroyLayer will remove the on-disk files representing the layer with the given +// path, including that layer's containing folder, if any. +func DestroyLayer(path string) (err error) { + title := "hcsshim::DestroyLayer" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = destroyLayer(&stdDriverInfo, path) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go new file mode 100644 index 00000000000..651676fb25e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go @@ -0,0 +1,30 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// ExpandScratchSize expands the size of a layer to at least size bytes. +func ExpandScratchSize(path string, size uint64) (err error) { + title := "hcsshim::ExpandScratchSize" + fields := logrus.Fields{ + "path": path, + "size": size, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = expandSandboxSize(&stdDriverInfo, path, size) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/exportlayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/exportlayer.go new file mode 100644 index 00000000000..0425b339554 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/exportlayer.go @@ -0,0 +1,76 @@ +package wclayer + +import ( + "io/ioutil" + "os" + + "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// ExportLayer will create a folder at exportFolderPath and fill that folder with +// the transport format version of the layer identified by layerId. This transport +// format includes any metadata required for later importing the layer (using +// ImportLayer), and requires the full list of parent layer paths in order to +// perform the export. +func ExportLayer(path string, exportFolderPath string, parentLayerPaths []string) (err error) { + title := "hcsshim::ExportLayer" + fields := logrus.Fields{ + "path": path, + "exportFolderPath": exportFolderPath, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + // Generate layer descriptors + layers, err := layerPathsToDescriptors(parentLayerPaths) + if err != nil { + return err + } + + err = exportLayer(&stdDriverInfo, path, exportFolderPath, layers) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} + +type LayerReader interface { + Next() (string, int64, *winio.FileBasicInfo, error) + Read(b []byte) (int, error) + Close() error +} + +// NewLayerReader returns a new layer reader for reading the contents of an on-disk layer. +// The caller must have taken the SeBackupPrivilege privilege +// to call this and any methods on the resulting LayerReader. +func NewLayerReader(path string, parentLayerPaths []string) (LayerReader, error) { + exportPath, err := ioutil.TempDir("", "hcs") + if err != nil { + return nil, err + } + err = ExportLayer(path, exportPath, parentLayerPaths) + if err != nil { + os.RemoveAll(exportPath) + return nil, err + } + return &legacyLayerReaderWrapper{newLegacyLayerReader(exportPath)}, nil +} + +type legacyLayerReaderWrapper struct { + *legacyLayerReader +} + +func (r *legacyLayerReaderWrapper) Close() error { + err := r.legacyLayerReader.Close() + os.RemoveAll(r.root) + return err +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/getlayermountpath.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/getlayermountpath.go new file mode 100644 index 00000000000..d60b6ed5315 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/getlayermountpath.go @@ -0,0 +1,56 @@ +package wclayer + +import ( + "syscall" + + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// GetLayerMountPath will look for a mounted layer with the given path and return +// the path at which that layer can be accessed. This path may be a volume path +// if the layer is a mounted read-write layer, otherwise it is expected to be the +// folder path at which the layer is stored. +func GetLayerMountPath(path string) (_ string, err error) { + title := "hcsshim::GetLayerMountPath" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + var mountPathLength uintptr + mountPathLength = 0 + + // Call the procedure itself. + logrus.WithFields(fields).Debug("Calling proc (1)") + err = getLayerMountPath(&stdDriverInfo, path, &mountPathLength, nil) + if err != nil { + return "", hcserror.New(err, title+" - failed", "(first call)") + } + + // Allocate a mount path of the returned length. + if mountPathLength == 0 { + return "", nil + } + mountPathp := make([]uint16, mountPathLength) + mountPathp[0] = 0 + + // Call the procedure again + logrus.WithFields(fields).Debug("Calling proc (2)") + err = getLayerMountPath(&stdDriverInfo, path, &mountPathLength, &mountPathp[0]) + if err != nil { + return "", hcserror.New(err, title+" - failed", "(second call)") + } + + mountPath := syscall.UTF16ToString(mountPathp[0:]) + fields["mountPath"] = mountPath + return mountPath, nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/getsharedbaseimages.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/getsharedbaseimages.go new file mode 100644 index 00000000000..dbd83ef2bcc --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/getsharedbaseimages.go @@ -0,0 +1,29 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/Microsoft/hcsshim/internal/interop" + "github.com/sirupsen/logrus" +) + +// GetSharedBaseImages will enumerate the images stored in the common central +// image store and return descriptive info about those images for the purpose +// of registering them with the graphdriver, graph, and tagstore. +func GetSharedBaseImages() (imageData string, err error) { + title := "hcsshim::GetSharedBaseImages" + logrus.Debug(title) + defer func() { + if err != nil { + logrus.WithError(err).Error(err) + } else { + logrus.WithField("imageData", imageData).Debug(title + " - succeeded") + } + }() + + var buffer *uint16 + err = getBaseImages(&buffer) + if err != nil { + return "", hcserror.New(err, title+" - failed", "") + } + return interop.ConvertAndFreeCoTaskMemString(buffer), nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/grantvmaccess.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/grantvmaccess.go new file mode 100644 index 00000000000..05735df6cdc --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/grantvmaccess.go @@ -0,0 +1,30 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// GrantVmAccess adds access to a file for a given VM +func GrantVmAccess(vmid string, filepath string) (err error) { + title := "hcsshim::GrantVmAccess" + fields := logrus.Fields{ + "vm-id": vmid, + "path": filepath, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = grantVmAccess(vmid, filepath) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/importlayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/importlayer.go new file mode 100644 index 00000000000..76a804f2af2 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/importlayer.go @@ -0,0 +1,135 @@ +package wclayer + +import ( + "io/ioutil" + "os" + "path/filepath" + + "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/Microsoft/hcsshim/internal/safefile" + "github.com/sirupsen/logrus" +) + +// ImportLayer will take the contents of the folder at importFolderPath and import +// that into a layer with the id layerId. Note that in order to correctly populate +// the layer and interperet the transport format, all parent layers must already +// be present on the system at the paths provided in parentLayerPaths. +func ImportLayer(path string, importFolderPath string, parentLayerPaths []string) (err error) { + title := "hcsshim::ImportLayer" + fields := logrus.Fields{ + "path": path, + "importFolderPath": importFolderPath, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + // Generate layer descriptors + layers, err := layerPathsToDescriptors(parentLayerPaths) + if err != nil { + return err + } + + err = importLayer(&stdDriverInfo, path, importFolderPath, layers) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} + +// LayerWriter is an interface that supports writing a new container image layer. +type LayerWriter interface { + // Add adds a file to the layer with given metadata. + Add(name string, fileInfo *winio.FileBasicInfo) error + // AddLink adds a hard link to the layer. The target must already have been added. + AddLink(name string, target string) error + // Remove removes a file that was present in a parent layer from the layer. + Remove(name string) error + // Write writes data to the current file. The data must be in the format of a Win32 + // backup stream. + Write(b []byte) (int, error) + // Close finishes the layer writing process and releases any resources. + Close() error +} + +type legacyLayerWriterWrapper struct { + *legacyLayerWriter + path string + parentLayerPaths []string +} + +func (r *legacyLayerWriterWrapper) Close() error { + defer os.RemoveAll(r.root.Name()) + defer r.legacyLayerWriter.CloseRoots() + err := r.legacyLayerWriter.Close() + if err != nil { + return err + } + + if err = ImportLayer(r.destRoot.Name(), r.path, r.parentLayerPaths); err != nil { + return err + } + for _, name := range r.Tombstones { + if err = safefile.RemoveRelative(name, r.destRoot); err != nil && !os.IsNotExist(err) { + return err + } + } + // Add any hard links that were collected. + for _, lnk := range r.PendingLinks { + if err = safefile.RemoveRelative(lnk.Path, r.destRoot); err != nil && !os.IsNotExist(err) { + return err + } + if err = safefile.LinkRelative(lnk.Target, lnk.TargetRoot, lnk.Path, r.destRoot); err != nil { + return err + } + } + // Prepare the utility VM for use if one is present in the layer. + if r.HasUtilityVM { + err := safefile.EnsureNotReparsePointRelative("UtilityVM", r.destRoot) + if err != nil { + return err + } + err = ProcessUtilityVMImage(filepath.Join(r.destRoot.Name(), "UtilityVM")) + if err != nil { + return err + } + } + return nil +} + +// NewLayerWriter returns a new layer writer for creating a layer on disk. +// The caller must have taken the SeBackupPrivilege and SeRestorePrivilege privileges +// to call this and any methods on the resulting LayerWriter. +func NewLayerWriter(path string, parentLayerPaths []string) (LayerWriter, error) { + if len(parentLayerPaths) == 0 { + // This is a base layer. It gets imported differently. + f, err := safefile.OpenRoot(path) + if err != nil { + return nil, err + } + return &baseLayerWriter{ + root: f, + }, nil + } + + importPath, err := ioutil.TempDir("", "hcs") + if err != nil { + return nil, err + } + w, err := newLegacyLayerWriter(importPath, parentLayerPaths, path) + if err != nil { + return nil, err + } + return &legacyLayerWriterWrapper{ + legacyLayerWriter: w, + path: importPath, + parentLayerPaths: parentLayerPaths, + }, nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerexists.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerexists.go new file mode 100644 index 00000000000..258167a5793 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerexists.go @@ -0,0 +1,33 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// LayerExists will return true if a layer with the given id exists and is known +// to the system. +func LayerExists(path string) (_ bool, err error) { + title := "hcsshim::LayerExists" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + // Call the procedure itself. + var exists uint32 + err = layerExists(&stdDriverInfo, path, &exists) + if err != nil { + return false, hcserror.New(err, title+" - failed", "") + } + fields["layer-exists"] = exists != 0 + return exists != 0, nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerid.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerid.go new file mode 100644 index 00000000000..90df3bedceb --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerid.go @@ -0,0 +1,13 @@ +package wclayer + +import ( + "path/filepath" + + "github.com/Microsoft/hcsshim/internal/guid" +) + +// LayerID returns the layer ID of a layer on disk. +func LayerID(path string) (guid.GUID, error) { + _, file := filepath.Split(path) + return NameToGuid(file) +} diff --git a/vendor/github.com/Microsoft/hcsshim/layerutils.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go similarity index 66% rename from vendor/github.com/Microsoft/hcsshim/layerutils.go rename to vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go index c0e55037731..6d0ae8a074e 100644 --- a/vendor/github.com/Microsoft/hcsshim/layerutils.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go @@ -1,12 +1,12 @@ -package hcsshim +package wclayer // This file contains utility functions to support storage (graph) related // functionality. import ( - "path/filepath" "syscall" + "github.com/Microsoft/hcsshim/internal/guid" "github.com/sirupsen/logrus" ) @@ -22,28 +22,16 @@ struct DriverInfo { LPCWSTR HomeDir; }; */ -type DriverInfo struct { - Flavour int - HomeDir string -} type driverInfo struct { Flavour int HomeDirp *uint16 } -func convertDriverInfo(info DriverInfo) (driverInfo, error) { - homedirp, err := syscall.UTF16PtrFromString(info.HomeDir) - if err != nil { - logrus.Debugf("Failed conversion of home to pointer for driver info: %s", err.Error()) - return driverInfo{}, err - } - - return driverInfo{ - Flavour: info.Flavour, - HomeDirp: homedirp, - }, nil -} +var ( + utf16EmptyString uint16 + stdDriverInfo = driverInfo{1, &utf16EmptyString} +) /* To pass into syscall, we need a struct matching the following: typedef struct _WC_LAYER_DESCRIPTOR { @@ -75,7 +63,7 @@ typedef struct _WC_LAYER_DESCRIPTOR { } WC_LAYER_DESCRIPTOR, *PWC_LAYER_DESCRIPTOR; */ type WC_LAYER_DESCRIPTOR struct { - LayerId GUID + LayerId guid.GUID Flags uint32 Pathp *uint16 } @@ -85,18 +73,15 @@ func layerPathsToDescriptors(parentLayerPaths []string) ([]WC_LAYER_DESCRIPTOR, var layers []WC_LAYER_DESCRIPTOR for i := 0; i < len(parentLayerPaths); i++ { - // Create a layer descriptor, using the folder name - // as the source for a GUID LayerId - _, folderName := filepath.Split(parentLayerPaths[i]) - g, err := NameToGuid(folderName) + g, err := LayerID(parentLayerPaths[i]) if err != nil { - logrus.Debugf("Failed to convert name to guid %s", err) + logrus.WithError(err).Debug("Failed to convert name to guid") return nil, err } p, err := syscall.UTF16PtrFromString(parentLayerPaths[i]) if err != nil { - logrus.Debugf("Failed conversion of parentLayerPath to pointer %s", err) + logrus.WithError(err).Debug("Failed conversion of parentLayerPath to pointer") return nil, err } diff --git a/vendor/github.com/Microsoft/hcsshim/legacy.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go similarity index 88% rename from vendor/github.com/Microsoft/hcsshim/legacy.go rename to vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go index 0b23b6c4d00..b8ea5d2632e 100644 --- a/vendor/github.com/Microsoft/hcsshim/legacy.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go @@ -1,4 +1,4 @@ -package hcsshim +package wclayer import ( "bufio" @@ -6,12 +6,15 @@ import ( "errors" "fmt" "io" + "io/ioutil" "os" "path/filepath" "strings" "syscall" "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/internal/longpath" + "github.com/Microsoft/hcsshim/internal/safefile" ) var errorIterationCanceled = errors.New("") @@ -34,23 +37,6 @@ func openFileOrDir(path string, mode uint32, createDisposition uint32) (file *os return winio.OpenForBackup(path, mode, syscall.FILE_SHARE_READ, createDisposition) } -func makeLongAbsPath(path string) (string, error) { - if strings.HasPrefix(path, `\\?\`) || strings.HasPrefix(path, `\\.\`) { - return path, nil - } - if !filepath.IsAbs(path) { - absPath, err := filepath.Abs(path) - if err != nil { - return "", err - } - path = absPath - } - if strings.HasPrefix(path, `\\`) { - return `\\?\UNC\` + path[2:], nil - } - return `\\?\` + path, nil -} - func hasPathPrefix(p, prefix string) bool { return strings.HasPrefix(p, prefix) && len(p) > len(prefix) && p[len(prefix)] == '\\' } @@ -106,7 +92,7 @@ func readTombstones(path string) (map[string]([]string), error) { } func (r *legacyLayerReader) walkUntilCancelled() error { - root, err := makeLongAbsPath(r.root) + root, err := longpath.LongAbs(r.root) if err != nil { return err } @@ -283,7 +269,7 @@ func (r *legacyLayerReader) Next() (path string, size int64, fileInfo *winio.Fil if err != nil { return } - fileInfo.FileAttributes = uintptr(attr) + fileInfo.FileAttributes = attr beginning := int64(4) // Find the accurate file size. @@ -349,6 +335,7 @@ type legacyLayerWriter struct { destRoot *os.File parentRoots []*os.File currentFile *os.File + bufWriter *bufio.Writer currentFileName string currentFileRoot *os.File backupWriter *winio.BackupFileWriter @@ -373,21 +360,22 @@ func newLegacyLayerWriter(root string, parentRoots []string, destRoot string) (w w = nil } }() - w.root, err = openRoot(root) + w.root, err = safefile.OpenRoot(root) if err != nil { return } - w.destRoot, err = openRoot(destRoot) + w.destRoot, err = safefile.OpenRoot(destRoot) if err != nil { return } for _, r := range parentRoots { - f, err := openRoot(r) + f, err := safefile.OpenRoot(r) if err != nil { return w, err } w.parentRoots = append(w.parentRoots, f) } + w.bufWriter = bufio.NewWriterSize(ioutil.Discard, 65536) return } @@ -408,7 +396,7 @@ func (w *legacyLayerWriter) CloseRoots() { func (w *legacyLayerWriter) initUtilityVM() error { if !w.HasUtilityVM { - err := mkdirRelative(utilityVMPath, w.destRoot) + err := safefile.MkdirRelative(utilityVMPath, w.destRoot) if err != nil { return err } @@ -426,6 +414,11 @@ func (w *legacyLayerWriter) initUtilityVM() error { } func (w *legacyLayerWriter) reset() error { + err := w.bufWriter.Flush() + if err != nil { + return err + } + w.bufWriter.Reset(ioutil.Discard) if w.currentIsDir { r := w.currentFile br := winio.NewBackupStreamReader(r) @@ -449,7 +442,7 @@ func (w *legacyLayerWriter) reset() error { // describes a directory reparse point. Delete the placeholder // directory to prevent future files being added into the // destination of the reparse point during the ImportLayer call - if err := removeRelative(w.currentFileName, w.currentFileRoot); err != nil { + if err := safefile.RemoveRelative(w.currentFileName, w.currentFileRoot); err != nil { return err } w.pendingDirs = append(w.pendingDirs, pendingDir{Path: w.currentFileName, Root: w.currentFileRoot}) @@ -474,13 +467,13 @@ func (w *legacyLayerWriter) reset() error { // copyFileWithMetadata copies a file using the backup/restore APIs in order to preserve metadata func copyFileWithMetadata(srcRoot, destRoot *os.File, subPath string, isDir bool) (fileInfo *winio.FileBasicInfo, err error) { - src, err := openRelative( + src, err := safefile.OpenRelative( subPath, srcRoot, syscall.GENERIC_READ|winio.ACCESS_SYSTEM_SECURITY, syscall.FILE_SHARE_READ, - _FILE_OPEN, - _FILE_OPEN_REPARSE_POINT) + safefile.FILE_OPEN, + safefile.FILE_OPEN_REPARSE_POINT) if err != nil { return nil, err } @@ -495,14 +488,14 @@ func copyFileWithMetadata(srcRoot, destRoot *os.File, subPath string, isDir bool extraFlags := uint32(0) if isDir { - extraFlags |= _FILE_DIRECTORY_FILE + extraFlags |= safefile.FILE_DIRECTORY_FILE } - dest, err := openRelative( + dest, err := safefile.OpenRelative( subPath, destRoot, syscall.GENERIC_READ|syscall.GENERIC_WRITE|winio.WRITE_DAC|winio.WRITE_OWNER|winio.ACCESS_SYSTEM_SECURITY, syscall.FILE_SHARE_READ, - _FILE_CREATE, + safefile.FILE_CREATE, extraFlags) if err != nil { return nil, err @@ -534,7 +527,7 @@ func copyFileWithMetadata(srcRoot, destRoot *os.File, subPath string, isDir bool // the file names in the provided map and just copies those files. func cloneTree(srcRoot *os.File, destRoot *os.File, subPath string, mutatedFiles map[string]bool) error { var di []dirInfo - err := ensureNotReparsePointRelative(subPath, srcRoot) + err := safefile.EnsureNotReparsePointRelative(subPath, srcRoot) if err != nil { return err } @@ -566,18 +559,12 @@ func cloneTree(srcRoot *os.File, destRoot *os.File, subPath string, mutatedFiles di = append(di, dirInfo{path: relPath, fileInfo: *fi}) } } else { - err = linkRelative(relPath, srcRoot, relPath, destRoot) + err = safefile.LinkRelative(relPath, srcRoot, relPath, destRoot) if err != nil { return err } } - // Don't recurse on reparse points in go1.8 and older. Filepath.Walk - // handles this in go1.9 and newer. - if isDir && isReparsePoint && shouldSkipDirectoryReparse { - return filepath.SkipDir - } - return nil }) if err != nil { @@ -604,9 +591,9 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro if !hasPathPrefix(name, utilityVMFilesPath) && name != utilityVMFilesPath { return errors.New("invalid UtilityVM layer") } - createDisposition := uint32(_FILE_OPEN) + createDisposition := uint32(safefile.FILE_OPEN) if (fileInfo.FileAttributes & syscall.FILE_ATTRIBUTE_DIRECTORY) != 0 { - st, err := lstatRelative(name, w.destRoot) + st, err := safefile.LstatRelative(name, w.destRoot) if err != nil && !os.IsNotExist(err) { return err } @@ -614,14 +601,14 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro // Delete the existing file/directory if it is not the same type as this directory. existingAttr := st.Sys().(*syscall.Win32FileAttributeData).FileAttributes if (uint32(fileInfo.FileAttributes)^existingAttr)&(syscall.FILE_ATTRIBUTE_DIRECTORY|syscall.FILE_ATTRIBUTE_REPARSE_POINT) != 0 { - if err = removeAllRelative(name, w.destRoot); err != nil { + if err = safefile.RemoveAllRelative(name, w.destRoot); err != nil { return err } st = nil } } if st == nil { - if err = mkdirRelative(name, w.destRoot); err != nil { + if err = safefile.MkdirRelative(name, w.destRoot); err != nil { return err } } @@ -630,20 +617,20 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro } } else { // Overwrite any existing hard link. - err := removeRelative(name, w.destRoot) + err := safefile.RemoveRelative(name, w.destRoot) if err != nil && !os.IsNotExist(err) { return err } - createDisposition = _FILE_CREATE + createDisposition = safefile.FILE_CREATE } - f, err := openRelative( + f, err := safefile.OpenRelative( name, w.destRoot, syscall.GENERIC_READ|syscall.GENERIC_WRITE|winio.WRITE_DAC|winio.WRITE_OWNER|winio.ACCESS_SYSTEM_SECURITY, syscall.FILE_SHARE_READ, createDisposition, - _FILE_OPEN_REPARSE_POINT, + safefile.FILE_OPEN_REPARSE_POINT, ) if err != nil { return err @@ -651,7 +638,7 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro defer func() { if f != nil { f.Close() - removeRelative(name, w.destRoot) + safefile.RemoveRelative(name, w.destRoot) } }() @@ -661,6 +648,7 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro } w.backupWriter = winio.NewBackupFileWriter(f, true) + w.bufWriter.Reset(w.backupWriter) w.currentFile = f w.currentFileName = name w.currentFileRoot = w.destRoot @@ -671,7 +659,7 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro fname := name if (fileInfo.FileAttributes & syscall.FILE_ATTRIBUTE_DIRECTORY) != 0 { - err := mkdirRelative(name, w.root) + err := safefile.MkdirRelative(name, w.root) if err != nil { return err } @@ -679,14 +667,14 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro w.currentIsDir = true } - f, err := openRelative(fname, w.root, syscall.GENERIC_READ|syscall.GENERIC_WRITE, syscall.FILE_SHARE_READ, _FILE_CREATE, 0) + f, err := safefile.OpenRelative(fname, w.root, syscall.GENERIC_READ|syscall.GENERIC_WRITE, syscall.FILE_SHARE_READ, safefile.FILE_CREATE, 0) if err != nil { return err } defer func() { if f != nil { f.Close() - removeRelative(fname, w.root) + safefile.RemoveRelative(fname, w.root) } }() @@ -699,10 +687,13 @@ func (w *legacyLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo) erro if hasPathPrefix(name, hivesPath) { w.backupWriter = winio.NewBackupFileWriter(f, false) + w.bufWriter.Reset(w.backupWriter) } else { + w.bufWriter.Reset(f) // The file attributes are written before the stream. - err = binary.Write(f, binary.LittleEndian, uint32(fileInfo.FileAttributes)) + err = binary.Write(w.bufWriter, binary.LittleEndian, uint32(fileInfo.FileAttributes)) if err != nil { + w.bufWriter.Reset(ioutil.Discard) return err } } @@ -744,7 +735,7 @@ func (w *legacyLayerWriter) AddLink(name string, target string) error { selectedRoot = w.destRoot } else { for _, r := range roots { - if _, err := lstatRelative(target, r); err != nil { + if _, err := safefile.LstatRelative(target, r); err != nil { if !os.IsNotExist(err) { return err } @@ -780,10 +771,10 @@ func (w *legacyLayerWriter) Remove(name string) error { // Make sure the path exists; os.RemoveAll will not fail if the file is // already gone, and this needs to be a fatal error for diagnostics // purposes. - if _, err := lstatRelative(name, w.destRoot); err != nil { + if _, err := safefile.LstatRelative(name, w.destRoot); err != nil { return err } - err = removeAllRelative(name, w.destRoot) + err = safefile.RemoveAllRelative(name, w.destRoot) if err != nil { return err } @@ -795,24 +786,21 @@ func (w *legacyLayerWriter) Remove(name string) error { } func (w *legacyLayerWriter) Write(b []byte) (int, error) { - if w.backupWriter == nil { - if w.currentFile == nil { - return 0, errors.New("closed") - } - return w.currentFile.Write(b) + if w.backupWriter == nil && w.currentFile == nil { + return 0, errors.New("closed") } - return w.backupWriter.Write(b) + return w.bufWriter.Write(b) } func (w *legacyLayerWriter) Close() error { if err := w.reset(); err != nil { return err } - if err := removeRelative("tombstones.txt", w.root); err != nil && !os.IsNotExist(err) { + if err := safefile.RemoveRelative("tombstones.txt", w.root); err != nil && !os.IsNotExist(err) { return err } for _, pd := range w.pendingDirs { - err := mkdirRelative(pd.Path, pd.Root) + err := safefile.MkdirRelative(pd.Path, pd.Root) if err != nil { return err } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/nametoguid.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/nametoguid.go new file mode 100644 index 00000000000..45a63cf65f2 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/nametoguid.go @@ -0,0 +1,34 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/guid" + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// NameToGuid converts the given string into a GUID using the algorithm in the +// Host Compute Service, ensuring GUIDs generated with the same string are common +// across all clients. +func NameToGuid(name string) (id guid.GUID, err error) { + title := "hcsshim::NameToGuid" + fields := logrus.Fields{ + "name": name, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = nameToGuid(name, &id) + if err != nil { + err = hcserror.New(err, title+" - failed", "") + return + } + fields["guid"] = id.String() + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/preparelayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/preparelayer.go similarity index 53% rename from vendor/github.com/Microsoft/hcsshim/preparelayer.go rename to vendor/github.com/Microsoft/hcsshim/internal/wclayer/preparelayer.go index 5c5b618411c..2b65b018623 100644 --- a/vendor/github.com/Microsoft/hcsshim/preparelayer.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/preparelayer.go @@ -1,21 +1,33 @@ -package hcsshim +package wclayer import ( "sync" + "github.com/Microsoft/hcsshim/internal/hcserror" "github.com/sirupsen/logrus" ) var prepareLayerLock sync.Mutex -// PrepareLayer finds a mounted read-write layer matching layerId and enables the +// PrepareLayer finds a mounted read-write layer matching path and enables the // the filesystem filter for use on that layer. This requires the paths to all // parent layers, and is necessary in order to view or interact with the layer // as an actual filesystem (reading and writing files, creating directories, etc). // Disabling the filter must be done via UnprepareLayer. -func PrepareLayer(info DriverInfo, layerId string, parentLayerPaths []string) error { - title := "hcsshim::PrepareLayer " - logrus.Debugf(title+"flavour %d layerId %s", info.Flavour, layerId) +func PrepareLayer(path string, parentLayerPaths []string) (err error) { + title := "hcsshim::PrepareLayer" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() // Generate layer descriptors layers, err := layerPathsToDescriptors(parentLayerPaths) @@ -23,24 +35,13 @@ func PrepareLayer(info DriverInfo, layerId string, parentLayerPaths []string) er return err } - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - // This lock is a temporary workaround for a Windows bug. Only allowing one // call to prepareLayer at a time vastly reduces the chance of a timeout. prepareLayerLock.Lock() defer prepareLayerLock.Unlock() - err = prepareLayer(&infop, layerId, layers) + err = prepareLayer(&stdDriverInfo, path, layers) if err != nil { - err = makeErrorf(err, title, "layerId=%s flavour=%d", layerId, info.Flavour) - logrus.Error(err) - return err + return hcserror.New(err, title+" - failed", "") } - - logrus.Debugf(title+"succeeded flavour=%d layerId=%s", info.Flavour, layerId) return nil } diff --git a/vendor/github.com/Microsoft/hcsshim/processimage.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/processimage.go similarity index 97% rename from vendor/github.com/Microsoft/hcsshim/processimage.go rename to vendor/github.com/Microsoft/hcsshim/internal/wclayer/processimage.go index fadb1b92c5c..884207c3edb 100644 --- a/vendor/github.com/Microsoft/hcsshim/processimage.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/processimage.go @@ -1,4 +1,4 @@ -package hcsshim +package wclayer import "os" diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/unpreparelayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/unpreparelayer.go new file mode 100644 index 00000000000..bccd4596914 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/unpreparelayer.go @@ -0,0 +1,30 @@ +package wclayer + +import ( + "github.com/Microsoft/hcsshim/internal/hcserror" + "github.com/sirupsen/logrus" +) + +// UnprepareLayer disables the filesystem filter for the read-write layer with +// the given id. +func UnprepareLayer(path string) (err error) { + title := "hcsshim::UnprepareLayer" + fields := logrus.Fields{ + "path": path, + } + logrus.WithFields(fields).Debug(title) + defer func() { + if err != nil { + fields[logrus.ErrorKey] = err + logrus.WithFields(fields).Error(err) + } else { + logrus.WithFields(fields).Debug(title + " - succeeded") + } + }() + + err = unprepareLayer(&stdDriverInfo, path) + if err != nil { + return hcserror.New(err, title+" - failed", "") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/wclayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/wclayer.go new file mode 100644 index 00000000000..78f2aacd8c6 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/wclayer.go @@ -0,0 +1,27 @@ +package wclayer + +import "github.com/Microsoft/hcsshim/internal/guid" + +//go:generate go run ../../mksyscall_windows.go -output zsyscall_windows.go wclayer.go + +//sys activateLayer(info *driverInfo, id string) (hr error) = vmcompute.ActivateLayer? +//sys copyLayer(info *driverInfo, srcId string, dstId string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.CopyLayer? +//sys createLayer(info *driverInfo, id string, parent string) (hr error) = vmcompute.CreateLayer? +//sys createSandboxLayer(info *driverInfo, id string, parent uintptr, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.CreateSandboxLayer? +//sys expandSandboxSize(info *driverInfo, id string, size uint64) (hr error) = vmcompute.ExpandSandboxSize? +//sys deactivateLayer(info *driverInfo, id string) (hr error) = vmcompute.DeactivateLayer? +//sys destroyLayer(info *driverInfo, id string) (hr error) = vmcompute.DestroyLayer? +//sys exportLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.ExportLayer? +//sys getLayerMountPath(info *driverInfo, id string, length *uintptr, buffer *uint16) (hr error) = vmcompute.GetLayerMountPath? +//sys getBaseImages(buffer **uint16) (hr error) = vmcompute.GetBaseImages? +//sys importLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.ImportLayer? +//sys layerExists(info *driverInfo, id string, exists *uint32) (hr error) = vmcompute.LayerExists? +//sys nameToGuid(name string, guid *_guid) (hr error) = vmcompute.NameToGuid? +//sys prepareLayer(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) = vmcompute.PrepareLayer? +//sys unprepareLayer(info *driverInfo, id string) (hr error) = vmcompute.UnprepareLayer? +//sys processBaseImage(path string) (hr error) = vmcompute.ProcessBaseImage? +//sys processUtilityImage(path string) (hr error) = vmcompute.ProcessUtilityImage? + +//sys grantVmAccess(vmid string, filepath string) (hr error) = vmcompute.GrantVmAccess? + +type _guid = guid.GUID diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/zsyscall_windows.go new file mode 100644 index 00000000000..d853ab25951 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/zsyscall_windows.go @@ -0,0 +1,510 @@ +// Code generated mksyscall_windows.exe DO NOT EDIT + +package wclayer + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modvmcompute = windows.NewLazySystemDLL("vmcompute.dll") + + procActivateLayer = modvmcompute.NewProc("ActivateLayer") + procCopyLayer = modvmcompute.NewProc("CopyLayer") + procCreateLayer = modvmcompute.NewProc("CreateLayer") + procCreateSandboxLayer = modvmcompute.NewProc("CreateSandboxLayer") + procExpandSandboxSize = modvmcompute.NewProc("ExpandSandboxSize") + procDeactivateLayer = modvmcompute.NewProc("DeactivateLayer") + procDestroyLayer = modvmcompute.NewProc("DestroyLayer") + procExportLayer = modvmcompute.NewProc("ExportLayer") + procGetLayerMountPath = modvmcompute.NewProc("GetLayerMountPath") + procGetBaseImages = modvmcompute.NewProc("GetBaseImages") + procImportLayer = modvmcompute.NewProc("ImportLayer") + procLayerExists = modvmcompute.NewProc("LayerExists") + procNameToGuid = modvmcompute.NewProc("NameToGuid") + procPrepareLayer = modvmcompute.NewProc("PrepareLayer") + procUnprepareLayer = modvmcompute.NewProc("UnprepareLayer") + procProcessBaseImage = modvmcompute.NewProc("ProcessBaseImage") + procProcessUtilityImage = modvmcompute.NewProc("ProcessUtilityImage") + procGrantVmAccess = modvmcompute.NewProc("GrantVmAccess") +) + +func activateLayer(info *driverInfo, id string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _activateLayer(info, _p0) +} + +func _activateLayer(info *driverInfo, id *uint16) (hr error) { + if hr = procActivateLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procActivateLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func copyLayer(info *driverInfo, srcId string, dstId string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(srcId) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(dstId) + if hr != nil { + return + } + return _copyLayer(info, _p0, _p1, descriptors) +} + +func _copyLayer(info *driverInfo, srcId *uint16, dstId *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p2 *WC_LAYER_DESCRIPTOR + if len(descriptors) > 0 { + _p2 = &descriptors[0] + } + if hr = procCopyLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procCopyLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(srcId)), uintptr(unsafe.Pointer(dstId)), uintptr(unsafe.Pointer(_p2)), uintptr(len(descriptors)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func createLayer(info *driverInfo, id string, parent string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(parent) + if hr != nil { + return + } + return _createLayer(info, _p0, _p1) +} + +func _createLayer(info *driverInfo, id *uint16, parent *uint16) (hr error) { + if hr = procCreateLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procCreateLayer.Addr(), 3, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(parent))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func createSandboxLayer(info *driverInfo, id string, parent uintptr, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _createSandboxLayer(info, _p0, parent, descriptors) +} + +func _createSandboxLayer(info *driverInfo, id *uint16, parent uintptr, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p1 *WC_LAYER_DESCRIPTOR + if len(descriptors) > 0 { + _p1 = &descriptors[0] + } + if hr = procCreateSandboxLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procCreateSandboxLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(parent), uintptr(unsafe.Pointer(_p1)), uintptr(len(descriptors)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func expandSandboxSize(info *driverInfo, id string, size uint64) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _expandSandboxSize(info, _p0, size) +} + +func _expandSandboxSize(info *driverInfo, id *uint16, size uint64) (hr error) { + if hr = procExpandSandboxSize.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procExpandSandboxSize.Addr(), 3, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(size)) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func deactivateLayer(info *driverInfo, id string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _deactivateLayer(info, _p0) +} + +func _deactivateLayer(info *driverInfo, id *uint16) (hr error) { + if hr = procDeactivateLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procDeactivateLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func destroyLayer(info *driverInfo, id string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _destroyLayer(info, _p0) +} + +func _destroyLayer(info *driverInfo, id *uint16) (hr error) { + if hr = procDestroyLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procDestroyLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func exportLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(path) + if hr != nil { + return + } + return _exportLayer(info, _p0, _p1, descriptors) +} + +func _exportLayer(info *driverInfo, id *uint16, path *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p2 *WC_LAYER_DESCRIPTOR + if len(descriptors) > 0 { + _p2 = &descriptors[0] + } + if hr = procExportLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procExportLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(_p2)), uintptr(len(descriptors)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func getLayerMountPath(info *driverInfo, id string, length *uintptr, buffer *uint16) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _getLayerMountPath(info, _p0, length, buffer) +} + +func _getLayerMountPath(info *driverInfo, id *uint16, length *uintptr, buffer *uint16) (hr error) { + if hr = procGetLayerMountPath.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procGetLayerMountPath.Addr(), 4, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(length)), uintptr(unsafe.Pointer(buffer)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func getBaseImages(buffer **uint16) (hr error) { + if hr = procGetBaseImages.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procGetBaseImages.Addr(), 1, uintptr(unsafe.Pointer(buffer)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func importLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(path) + if hr != nil { + return + } + return _importLayer(info, _p0, _p1, descriptors) +} + +func _importLayer(info *driverInfo, id *uint16, path *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p2 *WC_LAYER_DESCRIPTOR + if len(descriptors) > 0 { + _p2 = &descriptors[0] + } + if hr = procImportLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procImportLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(_p2)), uintptr(len(descriptors)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func layerExists(info *driverInfo, id string, exists *uint32) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _layerExists(info, _p0, exists) +} + +func _layerExists(info *driverInfo, id *uint16, exists *uint32) (hr error) { + if hr = procLayerExists.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procLayerExists.Addr(), 3, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(exists))) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func nameToGuid(name string, guid *_guid) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(name) + if hr != nil { + return + } + return _nameToGuid(_p0, guid) +} + +func _nameToGuid(name *uint16, guid *_guid) (hr error) { + if hr = procNameToGuid.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procNameToGuid.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(guid)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func prepareLayer(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _prepareLayer(info, _p0, descriptors) +} + +func _prepareLayer(info *driverInfo, id *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { + var _p1 *WC_LAYER_DESCRIPTOR + if len(descriptors) > 0 { + _p1 = &descriptors[0] + } + if hr = procPrepareLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall6(procPrepareLayer.Addr(), 4, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(_p1)), uintptr(len(descriptors)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func unprepareLayer(info *driverInfo, id string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(id) + if hr != nil { + return + } + return _unprepareLayer(info, _p0) +} + +func _unprepareLayer(info *driverInfo, id *uint16) (hr error) { + if hr = procUnprepareLayer.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procUnprepareLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func processBaseImage(path string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(path) + if hr != nil { + return + } + return _processBaseImage(_p0) +} + +func _processBaseImage(path *uint16) (hr error) { + if hr = procProcessBaseImage.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procProcessBaseImage.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func processUtilityImage(path string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(path) + if hr != nil { + return + } + return _processUtilityImage(_p0) +} + +func _processUtilityImage(path *uint16) (hr error) { + if hr = procProcessUtilityImage.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procProcessUtilityImage.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + +func grantVmAccess(vmid string, filepath string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(vmid) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(filepath) + if hr != nil { + return + } + return _grantVmAccess(_p0, _p1) +} + +func _grantVmAccess(vmid *uint16, filepath *uint16) (hr error) { + if hr = procGrantVmAccess.Find(); hr != nil { + return + } + r0, _, _ := syscall.Syscall(procGrantVmAccess.Addr(), 2, uintptr(unsafe.Pointer(vmid)), uintptr(unsafe.Pointer(filepath)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} diff --git a/vendor/github.com/Microsoft/hcsshim/layer.go b/vendor/github.com/Microsoft/hcsshim/layer.go new file mode 100644 index 00000000000..df0e63bbde5 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/layer.go @@ -0,0 +1,106 @@ +package hcsshim + +import ( + "crypto/sha1" + "path/filepath" + + "github.com/Microsoft/hcsshim/internal/guid" + "github.com/Microsoft/hcsshim/internal/wclayer" +) + +func layerPath(info *DriverInfo, id string) string { + return filepath.Join(info.HomeDir, id) +} + +func ActivateLayer(info DriverInfo, id string) error { + return wclayer.ActivateLayer(layerPath(&info, id)) +} +func CreateLayer(info DriverInfo, id, parent string) error { + return wclayer.CreateLayer(layerPath(&info, id), parent) +} + +// New clients should use CreateScratchLayer instead. Kept in to preserve API compatibility. +func CreateSandboxLayer(info DriverInfo, layerId, parentId string, parentLayerPaths []string) error { + return wclayer.CreateScratchLayer(layerPath(&info, layerId), parentLayerPaths) +} +func CreateScratchLayer(info DriverInfo, layerId, parentId string, parentLayerPaths []string) error { + return wclayer.CreateScratchLayer(layerPath(&info, layerId), parentLayerPaths) +} +func DeactivateLayer(info DriverInfo, id string) error { + return wclayer.DeactivateLayer(layerPath(&info, id)) +} +func DestroyLayer(info DriverInfo, id string) error { + return wclayer.DestroyLayer(layerPath(&info, id)) +} + +// New clients should use ExpandScratchSize instead. Kept in to preserve API compatibility. +func ExpandSandboxSize(info DriverInfo, layerId string, size uint64) error { + return wclayer.ExpandScratchSize(layerPath(&info, layerId), size) +} +func ExpandScratchSize(info DriverInfo, layerId string, size uint64) error { + return wclayer.ExpandScratchSize(layerPath(&info, layerId), size) +} +func ExportLayer(info DriverInfo, layerId string, exportFolderPath string, parentLayerPaths []string) error { + return wclayer.ExportLayer(layerPath(&info, layerId), exportFolderPath, parentLayerPaths) +} +func GetLayerMountPath(info DriverInfo, id string) (string, error) { + return wclayer.GetLayerMountPath(layerPath(&info, id)) +} +func GetSharedBaseImages() (imageData string, err error) { + return wclayer.GetSharedBaseImages() +} +func ImportLayer(info DriverInfo, layerID string, importFolderPath string, parentLayerPaths []string) error { + return wclayer.ImportLayer(layerPath(&info, layerID), importFolderPath, parentLayerPaths) +} +func LayerExists(info DriverInfo, id string) (bool, error) { + return wclayer.LayerExists(layerPath(&info, id)) +} +func PrepareLayer(info DriverInfo, layerId string, parentLayerPaths []string) error { + return wclayer.PrepareLayer(layerPath(&info, layerId), parentLayerPaths) +} +func ProcessBaseLayer(path string) error { + return wclayer.ProcessBaseLayer(path) +} +func ProcessUtilityVMImage(path string) error { + return wclayer.ProcessUtilityVMImage(path) +} +func UnprepareLayer(info DriverInfo, layerId string) error { + return wclayer.UnprepareLayer(layerPath(&info, layerId)) +} + +type DriverInfo struct { + Flavour int + HomeDir string +} + +type GUID [16]byte + +func NameToGuid(name string) (id GUID, err error) { + g, err := wclayer.NameToGuid(name) + return GUID(g), err +} + +func NewGUID(source string) *GUID { + h := sha1.Sum([]byte(source)) + var g GUID + copy(g[0:], h[0:16]) + return &g +} + +func (g *GUID) ToString() string { + return (guid.GUID)(*g).String() +} + +type LayerReader = wclayer.LayerReader + +func NewLayerReader(info DriverInfo, layerID string, parentLayerPaths []string) (LayerReader, error) { + return wclayer.NewLayerReader(layerPath(&info, layerID), parentLayerPaths) +} + +type LayerWriter = wclayer.LayerWriter + +func NewLayerWriter(info DriverInfo, layerID string, parentLayerPaths []string) (LayerWriter, error) { + return wclayer.NewLayerWriter(layerPath(&info, layerID), parentLayerPaths) +} + +type WC_LAYER_DESCRIPTOR = wclayer.WC_LAYER_DESCRIPTOR diff --git a/vendor/github.com/Microsoft/hcsshim/layerexists.go b/vendor/github.com/Microsoft/hcsshim/layerexists.go deleted file mode 100644 index fe46f404c38..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/layerexists.go +++ /dev/null @@ -1,30 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// LayerExists will return true if a layer with the given id exists and is known -// to the system. -func LayerExists(info DriverInfo, id string) (bool, error) { - title := "hcsshim::LayerExists " - logrus.Debugf(title+"Flavour %d ID %s", info.Flavour, id) - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return false, err - } - - // Call the procedure itself. - var exists uint32 - - err = layerExists(&infop, id, &exists) - if err != nil { - err = makeErrorf(err, title, "id=%s flavour=%d", id, info.Flavour) - logrus.Error(err) - return false, err - } - - logrus.Debugf(title+"succeeded flavour=%d id=%s exists=%d", info.Flavour, id, exists) - return exists != 0, nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/legacy18.go b/vendor/github.com/Microsoft/hcsshim/legacy18.go deleted file mode 100644 index 0f593e8aba8..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/legacy18.go +++ /dev/null @@ -1,7 +0,0 @@ -// +build !go1.9 - -package hcsshim - -// Due to a bug in go1.8 and before, directory reparse points need to be skipped -// during filepath.Walk. This is fixed in go1.9 -var shouldSkipDirectoryReparse = true diff --git a/vendor/github.com/Microsoft/hcsshim/legacy19.go b/vendor/github.com/Microsoft/hcsshim/legacy19.go deleted file mode 100644 index fb0b7644fb6..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/legacy19.go +++ /dev/null @@ -1,7 +0,0 @@ -// +build go1.9 - -package hcsshim - -// Due to a bug in go1.8 and before, directory reparse points need to be skipped -// during filepath.Walk. This is fixed in go1.9 -var shouldSkipDirectoryReparse = false diff --git a/vendor/github.com/Microsoft/hcsshim/mksyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/mksyscall_windows.go index 82393ca3670..7647734de98 100644 --- a/vendor/github.com/Microsoft/hcsshim/mksyscall_windows.go +++ b/vendor/github.com/Microsoft/hcsshim/mksyscall_windows.go @@ -69,6 +69,7 @@ var ( filename = flag.String("output", "", "output file name (standard output if omitted)") printTraceFlag = flag.Bool("trace", false, "generate print statement after every syscall") systemDLL = flag.Bool("systemdll", true, "whether all DLLs should be loaded from the Windows system directory") + winio = flag.Bool("winio", false, "import go-winio") ) func trim(s string) string { @@ -299,7 +300,10 @@ func (r *Rets) SetErrorCode() string { %s = %sErrno(r0) }` const hrCode = `if int32(r0) < 0 { - %s = %sErrno(win32FromHresult(r0)) + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + %s = %sErrno(r0) }` if r.Name == "" && !r.ReturnsError { return "" @@ -772,7 +776,9 @@ func (src *Source) Generate(w io.Writer) error { src.ExternalImport("golang.org/x/sys/windows") } } - src.ExternalImport("github.com/Microsoft/go-winio") + if *winio { + src.ExternalImport("github.com/Microsoft/go-winio") + } if packageName != "syscall" { src.Import("syscall") } @@ -784,6 +790,9 @@ func (src *Source) Generate(w io.Writer) error { if !*systemDLL { return syscalldot() + "NewLazyDLL(" + arg + ")" } + if strings.HasPrefix(dll, "api_") || strings.HasPrefix(dll, "ext_") { + arg = strings.Replace(arg, "_", "-", -1) + } switch pkgtype { case pkgStd: return syscalldot() + "NewLazyDLL(sysdll.Add(" + arg + "))" @@ -843,7 +852,7 @@ func main() { // TODO: use println instead to print in the following template const srcTemplate = ` -{{define "main"}}// MACHINE GENERATED BY 'go generate' COMMAND; DO NOT EDIT +{{define "main"}}// Code generated mksyscall_windows.exe DO NOT EDIT package {{packagename}} diff --git a/vendor/github.com/Microsoft/hcsshim/nametoguid.go b/vendor/github.com/Microsoft/hcsshim/nametoguid.go deleted file mode 100644 index b7c6d020c68..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/nametoguid.go +++ /dev/null @@ -1,20 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// NameToGuid converts the given string into a GUID using the algorithm in the -// Host Compute Service, ensuring GUIDs generated with the same string are common -// across all clients. -func NameToGuid(name string) (id GUID, err error) { - title := "hcsshim::NameToGuid " - logrus.Debugf(title+"Name %s", name) - - err = nameToGuid(name, &id) - if err != nil { - err = makeErrorf(err, title, "name=%s", name) - logrus.Error(err) - return - } - - return -} diff --git a/vendor/github.com/Microsoft/hcsshim/process.go b/vendor/github.com/Microsoft/hcsshim/process.go index faee2cfeeb5..ca8acbb7c25 100644 --- a/vendor/github.com/Microsoft/hcsshim/process.go +++ b/vendor/github.com/Microsoft/hcsshim/process.go @@ -1,384 +1,72 @@ package hcsshim import ( - "encoding/json" "io" - "sync" - "syscall" "time" - "github.com/sirupsen/logrus" + "github.com/Microsoft/hcsshim/internal/hcs" ) // ContainerError is an error encountered in HCS type process struct { - handleLock sync.RWMutex - handle hcsProcess - processID int - container *container - cachedPipes *cachedPipes - callbackNumber uintptr + p *hcs.Process } -type cachedPipes struct { - stdIn syscall.Handle - stdOut syscall.Handle - stdErr syscall.Handle -} - -type processModifyRequest struct { - Operation string - ConsoleSize *consoleSize `json:",omitempty"` - CloseHandle *closeHandle `json:",omitempty"` -} - -type consoleSize struct { - Height uint16 - Width uint16 -} - -type closeHandle struct { - Handle string -} - -type processStatus struct { - ProcessID uint32 - Exited bool - ExitCode uint32 - LastWaitResult int32 -} - -const ( - stdIn string = "StdIn" - stdOut string = "StdOut" - stdErr string = "StdErr" -) - -const ( - modifyConsoleSize string = "ConsoleSize" - modifyCloseHandle string = "CloseHandle" -) - // Pid returns the process ID of the process within the container. func (process *process) Pid() int { - return process.processID + return process.p.Pid() } // Kill signals the process to terminate but does not wait for it to finish terminating. func (process *process) Kill() error { - process.handleLock.RLock() - defer process.handleLock.RUnlock() - operation := "Kill" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - if process.handle == 0 { - return makeProcessError(process, operation, "", ErrAlreadyClosed) - } - - var resultp *uint16 - err := hcsTerminateProcess(process.handle, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return makeProcessError(process, operation, "", err) - } - - logrus.Debugf(title+" succeeded processid=%d", process.processID) - return nil + return convertProcessError(process.p.Kill(), process) } // Wait waits for the process to exit. func (process *process) Wait() error { - operation := "Wait" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - err := waitForNotification(process.callbackNumber, hcsNotificationProcessExited, nil) - if err != nil { - return makeProcessError(process, operation, "", err) - } - - logrus.Debugf(title+" succeeded processid=%d", process.processID) - return nil + return convertProcessError(process.p.Wait(), process) } // WaitTimeout waits for the process to exit or the duration to elapse. It returns // false if timeout occurs. func (process *process) WaitTimeout(timeout time.Duration) error { - operation := "WaitTimeout" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - err := waitForNotification(process.callbackNumber, hcsNotificationProcessExited, &timeout) - if err != nil { - return makeProcessError(process, operation, "", err) - } - - logrus.Debugf(title+" succeeded processid=%d", process.processID) - return nil + return convertProcessError(process.p.WaitTimeout(timeout), process) } // ExitCode returns the exit code of the process. The process must have // already terminated. func (process *process) ExitCode() (int, error) { - process.handleLock.RLock() - defer process.handleLock.RUnlock() - operation := "ExitCode" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - if process.handle == 0 { - return 0, makeProcessError(process, operation, "", ErrAlreadyClosed) - } - - properties, err := process.properties() + code, err := process.p.ExitCode() if err != nil { - return 0, makeProcessError(process, operation, "", err) + err = convertProcessError(err, process) } - - if properties.Exited == false { - return 0, makeProcessError(process, operation, "", ErrInvalidProcessState) - } - - if properties.LastWaitResult != 0 { - return 0, makeProcessError(process, operation, "", syscall.Errno(properties.LastWaitResult)) - } - - logrus.Debugf(title+" succeeded processid=%d exitCode=%d", process.processID, properties.ExitCode) - return int(properties.ExitCode), nil + return code, err } // ResizeConsole resizes the console of the process. func (process *process) ResizeConsole(width, height uint16) error { - process.handleLock.RLock() - defer process.handleLock.RUnlock() - operation := "ResizeConsole" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - if process.handle == 0 { - return makeProcessError(process, operation, "", ErrAlreadyClosed) - } - - modifyRequest := processModifyRequest{ - Operation: modifyConsoleSize, - ConsoleSize: &consoleSize{ - Height: height, - Width: width, - }, - } - - modifyRequestb, err := json.Marshal(modifyRequest) - if err != nil { - return err - } - - modifyRequestStr := string(modifyRequestb) - - var resultp *uint16 - err = hcsModifyProcess(process.handle, modifyRequestStr, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return makeProcessError(process, operation, "", err) - } - - logrus.Debugf(title+" succeeded processid=%d", process.processID) - return nil -} - -func (process *process) properties() (*processStatus, error) { - operation := "properties" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - var ( - resultp *uint16 - propertiesp *uint16 - ) - err := hcsGetProcessProperties(process.handle, &propertiesp, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return nil, err - } - - if propertiesp == nil { - return nil, ErrUnexpectedValue - } - propertiesRaw := convertAndFreeCoTaskMemBytes(propertiesp) - - properties := &processStatus{} - if err := json.Unmarshal(propertiesRaw, properties); err != nil { - return nil, err - } - - logrus.Debugf(title+" succeeded processid=%d, properties=%s", process.processID, propertiesRaw) - return properties, nil + return convertProcessError(process.p.ResizeConsole(width, height), process) } // Stdio returns the stdin, stdout, and stderr pipes, respectively. Closing // these pipes does not close the underlying pipes; it should be possible to // call this multiple times to get multiple interfaces. func (process *process) Stdio() (io.WriteCloser, io.ReadCloser, io.ReadCloser, error) { - process.handleLock.RLock() - defer process.handleLock.RUnlock() - operation := "Stdio" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - if process.handle == 0 { - return nil, nil, nil, makeProcessError(process, operation, "", ErrAlreadyClosed) - } - - var stdIn, stdOut, stdErr syscall.Handle - - if process.cachedPipes == nil { - var ( - processInfo hcsProcessInformation - resultp *uint16 - ) - err := hcsGetProcessInfo(process.handle, &processInfo, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return nil, nil, nil, makeProcessError(process, operation, "", err) - } - - stdIn, stdOut, stdErr = processInfo.StdInput, processInfo.StdOutput, processInfo.StdError - } else { - // Use cached pipes - stdIn, stdOut, stdErr = process.cachedPipes.stdIn, process.cachedPipes.stdOut, process.cachedPipes.stdErr - - // Invalidate the cache - process.cachedPipes = nil - } - - pipes, err := makeOpenFiles([]syscall.Handle{stdIn, stdOut, stdErr}) + stdin, stdout, stderr, err := process.p.Stdio() if err != nil { - return nil, nil, nil, makeProcessError(process, operation, "", err) + err = convertProcessError(err, process) } - - logrus.Debugf(title+" succeeded processid=%d", process.processID) - return pipes[0], pipes[1], pipes[2], nil + return stdin, stdout, stderr, err } // CloseStdin closes the write side of the stdin pipe so that the process is // notified on the read side that there is no more data in stdin. func (process *process) CloseStdin() error { - process.handleLock.RLock() - defer process.handleLock.RUnlock() - operation := "CloseStdin" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - if process.handle == 0 { - return makeProcessError(process, operation, "", ErrAlreadyClosed) - } - - modifyRequest := processModifyRequest{ - Operation: modifyCloseHandle, - CloseHandle: &closeHandle{ - Handle: stdIn, - }, - } - - modifyRequestb, err := json.Marshal(modifyRequest) - if err != nil { - return err - } - - modifyRequestStr := string(modifyRequestb) - - var resultp *uint16 - err = hcsModifyProcess(process.handle, modifyRequestStr, &resultp) - err = processHcsResult(err, resultp) - if err != nil { - return makeProcessError(process, operation, "", err) - } - - logrus.Debugf(title+" succeeded processid=%d", process.processID) - return nil + return convertProcessError(process.p.CloseStdin(), process) } // Close cleans up any state associated with the process but does not kill // or wait on it. func (process *process) Close() error { - process.handleLock.Lock() - defer process.handleLock.Unlock() - operation := "Close" - title := "HCSShim::Process::" + operation - logrus.Debugf(title+" processid=%d", process.processID) - - // Don't double free this - if process.handle == 0 { - return nil - } - - if err := process.unregisterCallback(); err != nil { - return makeProcessError(process, operation, "", err) - } - - if err := hcsCloseProcess(process.handle); err != nil { - return makeProcessError(process, operation, "", err) - } - - process.handle = 0 - - logrus.Debugf(title+" succeeded processid=%d", process.processID) - return nil -} - -func (process *process) registerCallback() error { - context := ¬ifcationWatcherContext{ - channels: newChannels(), - } - - callbackMapLock.Lock() - callbackNumber := nextCallback - nextCallback++ - callbackMap[callbackNumber] = context - callbackMapLock.Unlock() - - var callbackHandle hcsCallback - err := hcsRegisterProcessCallback(process.handle, notificationWatcherCallback, callbackNumber, &callbackHandle) - if err != nil { - return err - } - context.handle = callbackHandle - process.callbackNumber = callbackNumber - - return nil -} - -func (process *process) unregisterCallback() error { - callbackNumber := process.callbackNumber - - callbackMapLock.RLock() - context := callbackMap[callbackNumber] - callbackMapLock.RUnlock() - - if context == nil { - return nil - } - - handle := context.handle - - if handle == 0 { - return nil - } - - // hcsUnregisterProcessCallback has its own syncronization - // to wait for all callbacks to complete. We must NOT hold the callbackMapLock. - err := hcsUnregisterProcessCallback(handle) - if err != nil { - return err - } - - closeChannels(context.channels) - - callbackMapLock.Lock() - callbackMap[callbackNumber] = nil - callbackMapLock.Unlock() - - handle = 0 - - return nil + return convertProcessError(process.p.Close(), process) } diff --git a/vendor/github.com/Microsoft/hcsshim/unpreparelayer.go b/vendor/github.com/Microsoft/hcsshim/unpreparelayer.go deleted file mode 100644 index e8a3b507bf5..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/unpreparelayer.go +++ /dev/null @@ -1,27 +0,0 @@ -package hcsshim - -import "github.com/sirupsen/logrus" - -// UnprepareLayer disables the filesystem filter for the read-write layer with -// the given id. -func UnprepareLayer(info DriverInfo, layerId string) error { - title := "hcsshim::UnprepareLayer " - logrus.Debugf(title+"flavour %d layerId %s", info.Flavour, layerId) - - // Convert info to API calling convention - infop, err := convertDriverInfo(info) - if err != nil { - logrus.Error(err) - return err - } - - err = unprepareLayer(&infop, layerId) - if err != nil { - err = makeErrorf(err, title, "layerId=%s flavour=%d", layerId, info.Flavour) - logrus.Error(err) - return err - } - - logrus.Debugf(title+"succeeded flavour %d layerId=%s", info.Flavour, layerId) - return nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/version.go b/vendor/github.com/Microsoft/hcsshim/version.go deleted file mode 100644 index ae10c23d42b..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/version.go +++ /dev/null @@ -1,7 +0,0 @@ -package hcsshim - -// IsTP4 returns whether the currently running Windows build is at least TP4. -func IsTP4() bool { - // HNSCall was not present in TP4 - return procHNSCall.Find() != nil -} diff --git a/vendor/github.com/Microsoft/hcsshim/zhcsshim.go b/vendor/github.com/Microsoft/hcsshim/zhcsshim.go deleted file mode 100644 index 5123e8d8e81..00000000000 --- a/vendor/github.com/Microsoft/hcsshim/zhcsshim.go +++ /dev/null @@ -1,1080 +0,0 @@ -// MACHINE GENERATED BY 'go generate' COMMAND; DO NOT EDIT - -package hcsshim - -import ( - "syscall" - "unsafe" - - "github.com/Microsoft/go-winio" - "golang.org/x/sys/windows" -) - -var _ unsafe.Pointer - -// Do the interface allocations only once for common -// Errno values. -const ( - errnoERROR_IO_PENDING = 997 -) - -var ( - errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) -) - -// errnoErr returns common boxed Errno values, to prevent -// allocations at runtime. -func errnoErr(e syscall.Errno) error { - switch e { - case 0: - return nil - case errnoERROR_IO_PENDING: - return errERROR_IO_PENDING - } - // TODO: add more here, after collecting data on the common - // error values see on Windows. (perhaps when running - // all.bat?) - return e -} - -var ( - modole32 = windows.NewLazySystemDLL("ole32.dll") - modiphlpapi = windows.NewLazySystemDLL("iphlpapi.dll") - modvmcompute = windows.NewLazySystemDLL("vmcompute.dll") - modntdll = windows.NewLazySystemDLL("ntdll.dll") - modkernel32 = windows.NewLazySystemDLL("kernel32.dll") - - procCoTaskMemFree = modole32.NewProc("CoTaskMemFree") - procSetCurrentThreadCompartmentId = modiphlpapi.NewProc("SetCurrentThreadCompartmentId") - procActivateLayer = modvmcompute.NewProc("ActivateLayer") - procCopyLayer = modvmcompute.NewProc("CopyLayer") - procCreateLayer = modvmcompute.NewProc("CreateLayer") - procCreateSandboxLayer = modvmcompute.NewProc("CreateSandboxLayer") - procExpandSandboxSize = modvmcompute.NewProc("ExpandSandboxSize") - procDeactivateLayer = modvmcompute.NewProc("DeactivateLayer") - procDestroyLayer = modvmcompute.NewProc("DestroyLayer") - procExportLayer = modvmcompute.NewProc("ExportLayer") - procGetLayerMountPath = modvmcompute.NewProc("GetLayerMountPath") - procGetBaseImages = modvmcompute.NewProc("GetBaseImages") - procImportLayer = modvmcompute.NewProc("ImportLayer") - procLayerExists = modvmcompute.NewProc("LayerExists") - procNameToGuid = modvmcompute.NewProc("NameToGuid") - procPrepareLayer = modvmcompute.NewProc("PrepareLayer") - procUnprepareLayer = modvmcompute.NewProc("UnprepareLayer") - procProcessBaseImage = modvmcompute.NewProc("ProcessBaseImage") - procProcessUtilityImage = modvmcompute.NewProc("ProcessUtilityImage") - procImportLayerBegin = modvmcompute.NewProc("ImportLayerBegin") - procImportLayerNext = modvmcompute.NewProc("ImportLayerNext") - procImportLayerWrite = modvmcompute.NewProc("ImportLayerWrite") - procImportLayerEnd = modvmcompute.NewProc("ImportLayerEnd") - procExportLayerBegin = modvmcompute.NewProc("ExportLayerBegin") - procExportLayerNext = modvmcompute.NewProc("ExportLayerNext") - procExportLayerRead = modvmcompute.NewProc("ExportLayerRead") - procExportLayerEnd = modvmcompute.NewProc("ExportLayerEnd") - procHcsEnumerateComputeSystems = modvmcompute.NewProc("HcsEnumerateComputeSystems") - procHcsCreateComputeSystem = modvmcompute.NewProc("HcsCreateComputeSystem") - procHcsOpenComputeSystem = modvmcompute.NewProc("HcsOpenComputeSystem") - procHcsCloseComputeSystem = modvmcompute.NewProc("HcsCloseComputeSystem") - procHcsStartComputeSystem = modvmcompute.NewProc("HcsStartComputeSystem") - procHcsShutdownComputeSystem = modvmcompute.NewProc("HcsShutdownComputeSystem") - procHcsTerminateComputeSystem = modvmcompute.NewProc("HcsTerminateComputeSystem") - procHcsPauseComputeSystem = modvmcompute.NewProc("HcsPauseComputeSystem") - procHcsResumeComputeSystem = modvmcompute.NewProc("HcsResumeComputeSystem") - procHcsGetComputeSystemProperties = modvmcompute.NewProc("HcsGetComputeSystemProperties") - procHcsModifyComputeSystem = modvmcompute.NewProc("HcsModifyComputeSystem") - procHcsRegisterComputeSystemCallback = modvmcompute.NewProc("HcsRegisterComputeSystemCallback") - procHcsUnregisterComputeSystemCallback = modvmcompute.NewProc("HcsUnregisterComputeSystemCallback") - procHcsCreateProcess = modvmcompute.NewProc("HcsCreateProcess") - procHcsOpenProcess = modvmcompute.NewProc("HcsOpenProcess") - procHcsCloseProcess = modvmcompute.NewProc("HcsCloseProcess") - procHcsTerminateProcess = modvmcompute.NewProc("HcsTerminateProcess") - procHcsGetProcessInfo = modvmcompute.NewProc("HcsGetProcessInfo") - procHcsGetProcessProperties = modvmcompute.NewProc("HcsGetProcessProperties") - procHcsModifyProcess = modvmcompute.NewProc("HcsModifyProcess") - procHcsGetServiceProperties = modvmcompute.NewProc("HcsGetServiceProperties") - procHcsRegisterProcessCallback = modvmcompute.NewProc("HcsRegisterProcessCallback") - procHcsUnregisterProcessCallback = modvmcompute.NewProc("HcsUnregisterProcessCallback") - procHcsModifyServiceSettings = modvmcompute.NewProc("HcsModifyServiceSettings") - procHNSCall = modvmcompute.NewProc("HNSCall") - procNtCreateFile = modntdll.NewProc("NtCreateFile") - procNtSetInformationFile = modntdll.NewProc("NtSetInformationFile") - procRtlNtStatusToDosErrorNoTeb = modntdll.NewProc("RtlNtStatusToDosErrorNoTeb") - procLocalAlloc = modkernel32.NewProc("LocalAlloc") - procLocalFree = modkernel32.NewProc("LocalFree") -) - -func coTaskMemFree(buffer unsafe.Pointer) { - syscall.Syscall(procCoTaskMemFree.Addr(), 1, uintptr(buffer), 0, 0) - return -} - -func SetCurrentThreadCompartmentId(compartmentId uint32) (hr error) { - r0, _, _ := syscall.Syscall(procSetCurrentThreadCompartmentId.Addr(), 1, uintptr(compartmentId), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func activateLayer(info *driverInfo, id string) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _activateLayer(info, _p0) -} - -func _activateLayer(info *driverInfo, id *uint16) (hr error) { - if hr = procActivateLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procActivateLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func copyLayer(info *driverInfo, srcId string, dstId string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(srcId) - if hr != nil { - return - } - var _p1 *uint16 - _p1, hr = syscall.UTF16PtrFromString(dstId) - if hr != nil { - return - } - return _copyLayer(info, _p0, _p1, descriptors) -} - -func _copyLayer(info *driverInfo, srcId *uint16, dstId *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p2 *WC_LAYER_DESCRIPTOR - if len(descriptors) > 0 { - _p2 = &descriptors[0] - } - if hr = procCopyLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procCopyLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(srcId)), uintptr(unsafe.Pointer(dstId)), uintptr(unsafe.Pointer(_p2)), uintptr(len(descriptors)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func createLayer(info *driverInfo, id string, parent string) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - var _p1 *uint16 - _p1, hr = syscall.UTF16PtrFromString(parent) - if hr != nil { - return - } - return _createLayer(info, _p0, _p1) -} - -func _createLayer(info *driverInfo, id *uint16, parent *uint16) (hr error) { - if hr = procCreateLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procCreateLayer.Addr(), 3, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(parent))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func createSandboxLayer(info *driverInfo, id string, parent string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - var _p1 *uint16 - _p1, hr = syscall.UTF16PtrFromString(parent) - if hr != nil { - return - } - return _createSandboxLayer(info, _p0, _p1, descriptors) -} - -func _createSandboxLayer(info *driverInfo, id *uint16, parent *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p2 *WC_LAYER_DESCRIPTOR - if len(descriptors) > 0 { - _p2 = &descriptors[0] - } - if hr = procCreateSandboxLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procCreateSandboxLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(parent)), uintptr(unsafe.Pointer(_p2)), uintptr(len(descriptors)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func expandSandboxSize(info *driverInfo, id string, size uint64) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _expandSandboxSize(info, _p0, size) -} - -func _expandSandboxSize(info *driverInfo, id *uint16, size uint64) (hr error) { - if hr = procExpandSandboxSize.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procExpandSandboxSize.Addr(), 3, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(size)) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func deactivateLayer(info *driverInfo, id string) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _deactivateLayer(info, _p0) -} - -func _deactivateLayer(info *driverInfo, id *uint16) (hr error) { - if hr = procDeactivateLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procDeactivateLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func destroyLayer(info *driverInfo, id string) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _destroyLayer(info, _p0) -} - -func _destroyLayer(info *driverInfo, id *uint16) (hr error) { - if hr = procDestroyLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procDestroyLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func exportLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - var _p1 *uint16 - _p1, hr = syscall.UTF16PtrFromString(path) - if hr != nil { - return - } - return _exportLayer(info, _p0, _p1, descriptors) -} - -func _exportLayer(info *driverInfo, id *uint16, path *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p2 *WC_LAYER_DESCRIPTOR - if len(descriptors) > 0 { - _p2 = &descriptors[0] - } - if hr = procExportLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procExportLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(_p2)), uintptr(len(descriptors)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func getLayerMountPath(info *driverInfo, id string, length *uintptr, buffer *uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _getLayerMountPath(info, _p0, length, buffer) -} - -func _getLayerMountPath(info *driverInfo, id *uint16, length *uintptr, buffer *uint16) (hr error) { - if hr = procGetLayerMountPath.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procGetLayerMountPath.Addr(), 4, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(length)), uintptr(unsafe.Pointer(buffer)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func getBaseImages(buffer **uint16) (hr error) { - if hr = procGetBaseImages.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procGetBaseImages.Addr(), 1, uintptr(unsafe.Pointer(buffer)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func importLayer(info *driverInfo, id string, path string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - var _p1 *uint16 - _p1, hr = syscall.UTF16PtrFromString(path) - if hr != nil { - return - } - return _importLayer(info, _p0, _p1, descriptors) -} - -func _importLayer(info *driverInfo, id *uint16, path *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p2 *WC_LAYER_DESCRIPTOR - if len(descriptors) > 0 { - _p2 = &descriptors[0] - } - if hr = procImportLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procImportLayer.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(_p2)), uintptr(len(descriptors)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func layerExists(info *driverInfo, id string, exists *uint32) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _layerExists(info, _p0, exists) -} - -func _layerExists(info *driverInfo, id *uint16, exists *uint32) (hr error) { - if hr = procLayerExists.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procLayerExists.Addr(), 3, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(exists))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func nameToGuid(name string, guid *GUID) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(name) - if hr != nil { - return - } - return _nameToGuid(_p0, guid) -} - -func _nameToGuid(name *uint16, guid *GUID) (hr error) { - if hr = procNameToGuid.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procNameToGuid.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(guid)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func prepareLayer(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _prepareLayer(info, _p0, descriptors) -} - -func _prepareLayer(info *driverInfo, id *uint16, descriptors []WC_LAYER_DESCRIPTOR) (hr error) { - var _p1 *WC_LAYER_DESCRIPTOR - if len(descriptors) > 0 { - _p1 = &descriptors[0] - } - if hr = procPrepareLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procPrepareLayer.Addr(), 4, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(_p1)), uintptr(len(descriptors)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func unprepareLayer(info *driverInfo, id string) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _unprepareLayer(info, _p0) -} - -func _unprepareLayer(info *driverInfo, id *uint16) (hr error) { - if hr = procUnprepareLayer.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procUnprepareLayer.Addr(), 2, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func processBaseImage(path string) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(path) - if hr != nil { - return - } - return _processBaseImage(_p0) -} - -func _processBaseImage(path *uint16) (hr error) { - if hr = procProcessBaseImage.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procProcessBaseImage.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func processUtilityImage(path string) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(path) - if hr != nil { - return - } - return _processUtilityImage(_p0) -} - -func _processUtilityImage(path *uint16) (hr error) { - if hr = procProcessUtilityImage.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procProcessUtilityImage.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func importLayerBegin(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR, context *uintptr) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _importLayerBegin(info, _p0, descriptors, context) -} - -func _importLayerBegin(info *driverInfo, id *uint16, descriptors []WC_LAYER_DESCRIPTOR, context *uintptr) (hr error) { - var _p1 *WC_LAYER_DESCRIPTOR - if len(descriptors) > 0 { - _p1 = &descriptors[0] - } - if hr = procImportLayerBegin.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procImportLayerBegin.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(_p1)), uintptr(len(descriptors)), uintptr(unsafe.Pointer(context)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func importLayerNext(context uintptr, fileName string, fileInfo *winio.FileBasicInfo) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(fileName) - if hr != nil { - return - } - return _importLayerNext(context, _p0, fileInfo) -} - -func _importLayerNext(context uintptr, fileName *uint16, fileInfo *winio.FileBasicInfo) (hr error) { - if hr = procImportLayerNext.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procImportLayerNext.Addr(), 3, uintptr(context), uintptr(unsafe.Pointer(fileName)), uintptr(unsafe.Pointer(fileInfo))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func importLayerWrite(context uintptr, buffer []byte) (hr error) { - var _p0 *byte - if len(buffer) > 0 { - _p0 = &buffer[0] - } - if hr = procImportLayerWrite.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procImportLayerWrite.Addr(), 3, uintptr(context), uintptr(unsafe.Pointer(_p0)), uintptr(len(buffer))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func importLayerEnd(context uintptr) (hr error) { - if hr = procImportLayerEnd.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procImportLayerEnd.Addr(), 1, uintptr(context), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func exportLayerBegin(info *driverInfo, id string, descriptors []WC_LAYER_DESCRIPTOR, context *uintptr) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _exportLayerBegin(info, _p0, descriptors, context) -} - -func _exportLayerBegin(info *driverInfo, id *uint16, descriptors []WC_LAYER_DESCRIPTOR, context *uintptr) (hr error) { - var _p1 *WC_LAYER_DESCRIPTOR - if len(descriptors) > 0 { - _p1 = &descriptors[0] - } - if hr = procExportLayerBegin.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procExportLayerBegin.Addr(), 5, uintptr(unsafe.Pointer(info)), uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(_p1)), uintptr(len(descriptors)), uintptr(unsafe.Pointer(context)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func exportLayerNext(context uintptr, fileName **uint16, fileInfo *winio.FileBasicInfo, fileSize *int64, deleted *uint32) (hr error) { - if hr = procExportLayerNext.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procExportLayerNext.Addr(), 5, uintptr(context), uintptr(unsafe.Pointer(fileName)), uintptr(unsafe.Pointer(fileInfo)), uintptr(unsafe.Pointer(fileSize)), uintptr(unsafe.Pointer(deleted)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func exportLayerRead(context uintptr, buffer []byte, bytesRead *uint32) (hr error) { - var _p0 *byte - if len(buffer) > 0 { - _p0 = &buffer[0] - } - if hr = procExportLayerRead.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procExportLayerRead.Addr(), 4, uintptr(context), uintptr(unsafe.Pointer(_p0)), uintptr(len(buffer)), uintptr(unsafe.Pointer(bytesRead)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func exportLayerEnd(context uintptr) (hr error) { - if hr = procExportLayerEnd.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procExportLayerEnd.Addr(), 1, uintptr(context), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsEnumerateComputeSystems(query string, computeSystems **uint16, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(query) - if hr != nil { - return - } - return _hcsEnumerateComputeSystems(_p0, computeSystems, result) -} - -func _hcsEnumerateComputeSystems(query *uint16, computeSystems **uint16, result **uint16) (hr error) { - if hr = procHcsEnumerateComputeSystems.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsEnumerateComputeSystems.Addr(), 3, uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(computeSystems)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsCreateComputeSystem(id string, configuration string, identity syscall.Handle, computeSystem *hcsSystem, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - var _p1 *uint16 - _p1, hr = syscall.UTF16PtrFromString(configuration) - if hr != nil { - return - } - return _hcsCreateComputeSystem(_p0, _p1, identity, computeSystem, result) -} - -func _hcsCreateComputeSystem(id *uint16, configuration *uint16, identity syscall.Handle, computeSystem *hcsSystem, result **uint16) (hr error) { - if hr = procHcsCreateComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procHcsCreateComputeSystem.Addr(), 5, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(configuration)), uintptr(identity), uintptr(unsafe.Pointer(computeSystem)), uintptr(unsafe.Pointer(result)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsOpenComputeSystem(id string, computeSystem *hcsSystem, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(id) - if hr != nil { - return - } - return _hcsOpenComputeSystem(_p0, computeSystem, result) -} - -func _hcsOpenComputeSystem(id *uint16, computeSystem *hcsSystem, result **uint16) (hr error) { - if hr = procHcsOpenComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsOpenComputeSystem.Addr(), 3, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(computeSystem)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsCloseComputeSystem(computeSystem hcsSystem) (hr error) { - if hr = procHcsCloseComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsCloseComputeSystem.Addr(), 1, uintptr(computeSystem), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsStartComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(options) - if hr != nil { - return - } - return _hcsStartComputeSystem(computeSystem, _p0, result) -} - -func _hcsStartComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { - if hr = procHcsStartComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsStartComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsShutdownComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(options) - if hr != nil { - return - } - return _hcsShutdownComputeSystem(computeSystem, _p0, result) -} - -func _hcsShutdownComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { - if hr = procHcsShutdownComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsShutdownComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsTerminateComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(options) - if hr != nil { - return - } - return _hcsTerminateComputeSystem(computeSystem, _p0, result) -} - -func _hcsTerminateComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { - if hr = procHcsTerminateComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsTerminateComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsPauseComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(options) - if hr != nil { - return - } - return _hcsPauseComputeSystem(computeSystem, _p0, result) -} - -func _hcsPauseComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { - if hr = procHcsPauseComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsPauseComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsResumeComputeSystem(computeSystem hcsSystem, options string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(options) - if hr != nil { - return - } - return _hcsResumeComputeSystem(computeSystem, _p0, result) -} - -func _hcsResumeComputeSystem(computeSystem hcsSystem, options *uint16, result **uint16) (hr error) { - if hr = procHcsResumeComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsResumeComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(options)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsGetComputeSystemProperties(computeSystem hcsSystem, propertyQuery string, properties **uint16, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(propertyQuery) - if hr != nil { - return - } - return _hcsGetComputeSystemProperties(computeSystem, _p0, properties, result) -} - -func _hcsGetComputeSystemProperties(computeSystem hcsSystem, propertyQuery *uint16, properties **uint16, result **uint16) (hr error) { - if hr = procHcsGetComputeSystemProperties.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procHcsGetComputeSystemProperties.Addr(), 4, uintptr(computeSystem), uintptr(unsafe.Pointer(propertyQuery)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsModifyComputeSystem(computeSystem hcsSystem, configuration string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(configuration) - if hr != nil { - return - } - return _hcsModifyComputeSystem(computeSystem, _p0, result) -} - -func _hcsModifyComputeSystem(computeSystem hcsSystem, configuration *uint16, result **uint16) (hr error) { - if hr = procHcsModifyComputeSystem.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsModifyComputeSystem.Addr(), 3, uintptr(computeSystem), uintptr(unsafe.Pointer(configuration)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsRegisterComputeSystemCallback(computeSystem hcsSystem, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) { - if hr = procHcsRegisterComputeSystemCallback.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procHcsRegisterComputeSystemCallback.Addr(), 4, uintptr(computeSystem), uintptr(callback), uintptr(context), uintptr(unsafe.Pointer(callbackHandle)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsUnregisterComputeSystemCallback(callbackHandle hcsCallback) (hr error) { - if hr = procHcsUnregisterComputeSystemCallback.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsUnregisterComputeSystemCallback.Addr(), 1, uintptr(callbackHandle), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsCreateProcess(computeSystem hcsSystem, processParameters string, processInformation *hcsProcessInformation, process *hcsProcess, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(processParameters) - if hr != nil { - return - } - return _hcsCreateProcess(computeSystem, _p0, processInformation, process, result) -} - -func _hcsCreateProcess(computeSystem hcsSystem, processParameters *uint16, processInformation *hcsProcessInformation, process *hcsProcess, result **uint16) (hr error) { - if hr = procHcsCreateProcess.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procHcsCreateProcess.Addr(), 5, uintptr(computeSystem), uintptr(unsafe.Pointer(processParameters)), uintptr(unsafe.Pointer(processInformation)), uintptr(unsafe.Pointer(process)), uintptr(unsafe.Pointer(result)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsOpenProcess(computeSystem hcsSystem, pid uint32, process *hcsProcess, result **uint16) (hr error) { - if hr = procHcsOpenProcess.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procHcsOpenProcess.Addr(), 4, uintptr(computeSystem), uintptr(pid), uintptr(unsafe.Pointer(process)), uintptr(unsafe.Pointer(result)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsCloseProcess(process hcsProcess) (hr error) { - if hr = procHcsCloseProcess.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsCloseProcess.Addr(), 1, uintptr(process), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsTerminateProcess(process hcsProcess, result **uint16) (hr error) { - if hr = procHcsTerminateProcess.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsTerminateProcess.Addr(), 2, uintptr(process), uintptr(unsafe.Pointer(result)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsGetProcessInfo(process hcsProcess, processInformation *hcsProcessInformation, result **uint16) (hr error) { - if hr = procHcsGetProcessInfo.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsGetProcessInfo.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(processInformation)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsGetProcessProperties(process hcsProcess, processProperties **uint16, result **uint16) (hr error) { - if hr = procHcsGetProcessProperties.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsGetProcessProperties.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(processProperties)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsModifyProcess(process hcsProcess, settings string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(settings) - if hr != nil { - return - } - return _hcsModifyProcess(process, _p0, result) -} - -func _hcsModifyProcess(process hcsProcess, settings *uint16, result **uint16) (hr error) { - if hr = procHcsModifyProcess.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsModifyProcess.Addr(), 3, uintptr(process), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsGetServiceProperties(propertyQuery string, properties **uint16, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(propertyQuery) - if hr != nil { - return - } - return _hcsGetServiceProperties(_p0, properties, result) -} - -func _hcsGetServiceProperties(propertyQuery *uint16, properties **uint16, result **uint16) (hr error) { - if hr = procHcsGetServiceProperties.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsGetServiceProperties.Addr(), 3, uintptr(unsafe.Pointer(propertyQuery)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result))) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsRegisterProcessCallback(process hcsProcess, callback uintptr, context uintptr, callbackHandle *hcsCallback) (hr error) { - if hr = procHcsRegisterProcessCallback.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procHcsRegisterProcessCallback.Addr(), 4, uintptr(process), uintptr(callback), uintptr(context), uintptr(unsafe.Pointer(callbackHandle)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsUnregisterProcessCallback(callbackHandle hcsCallback) (hr error) { - if hr = procHcsUnregisterProcessCallback.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsUnregisterProcessCallback.Addr(), 1, uintptr(callbackHandle), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func hcsModifyServiceSettings(settings string, result **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(settings) - if hr != nil { - return - } - return _hcsModifyServiceSettings(_p0, result) -} - -func _hcsModifyServiceSettings(settings *uint16, result **uint16) (hr error) { - if hr = procHcsModifyServiceSettings.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall(procHcsModifyServiceSettings.Addr(), 2, uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result)), 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func _hnsCall(method string, path string, object string, response **uint16) (hr error) { - var _p0 *uint16 - _p0, hr = syscall.UTF16PtrFromString(method) - if hr != nil { - return - } - var _p1 *uint16 - _p1, hr = syscall.UTF16PtrFromString(path) - if hr != nil { - return - } - var _p2 *uint16 - _p2, hr = syscall.UTF16PtrFromString(object) - if hr != nil { - return - } - return __hnsCall(_p0, _p1, _p2, response) -} - -func __hnsCall(method *uint16, path *uint16, object *uint16, response **uint16) (hr error) { - if hr = procHNSCall.Find(); hr != nil { - return - } - r0, _, _ := syscall.Syscall6(procHNSCall.Addr(), 4, uintptr(unsafe.Pointer(method)), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(object)), uintptr(unsafe.Pointer(response)), 0, 0) - if int32(r0) < 0 { - hr = syscall.Errno(win32FromHresult(r0)) - } - return -} - -func ntCreateFile(handle *uintptr, accessMask uint32, oa *objectAttributes, iosb *ioStatusBlock, allocationSize *uint64, fileAttributes uint32, shareAccess uint32, createDisposition uint32, createOptions uint32, eaBuffer *byte, eaLength uint32) (status uint32) { - r0, _, _ := syscall.Syscall12(procNtCreateFile.Addr(), 11, uintptr(unsafe.Pointer(handle)), uintptr(accessMask), uintptr(unsafe.Pointer(oa)), uintptr(unsafe.Pointer(iosb)), uintptr(unsafe.Pointer(allocationSize)), uintptr(fileAttributes), uintptr(shareAccess), uintptr(createDisposition), uintptr(createOptions), uintptr(unsafe.Pointer(eaBuffer)), uintptr(eaLength), 0) - status = uint32(r0) - return -} - -func ntSetInformationFile(handle uintptr, iosb *ioStatusBlock, information uintptr, length uint32, class uint32) (status uint32) { - r0, _, _ := syscall.Syscall6(procNtSetInformationFile.Addr(), 5, uintptr(handle), uintptr(unsafe.Pointer(iosb)), uintptr(information), uintptr(length), uintptr(class), 0) - status = uint32(r0) - return -} - -func rtlNtStatusToDosError(status uint32) (winerr error) { - r0, _, _ := syscall.Syscall(procRtlNtStatusToDosErrorNoTeb.Addr(), 1, uintptr(status), 0, 0) - if r0 != 0 { - winerr = syscall.Errno(r0) - } - return -} - -func localAlloc(flags uint32, size int) (ptr uintptr) { - r0, _, _ := syscall.Syscall(procLocalAlloc.Addr(), 2, uintptr(flags), uintptr(size), 0) - ptr = uintptr(r0) - return -} - -func localFree(ptr uintptr) { - syscall.Syscall(procLocalFree.Addr(), 1, uintptr(ptr), 0, 0) - return -} diff --git a/vendor/github.com/Microsoft/hcsshim/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/zsyscall_windows.go new file mode 100644 index 00000000000..8bed8485738 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/zsyscall_windows.go @@ -0,0 +1,54 @@ +// Code generated mksyscall_windows.exe DO NOT EDIT + +package hcsshim + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modiphlpapi = windows.NewLazySystemDLL("iphlpapi.dll") + + procSetCurrentThreadCompartmentId = modiphlpapi.NewProc("SetCurrentThreadCompartmentId") +) + +func SetCurrentThreadCompartmentId(compartmentId uint32) (hr error) { + r0, _, _ := syscall.Syscall(procSetCurrentThreadCompartmentId.Addr(), 1, uintptr(compartmentId), 0, 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} diff --git a/vendor/github.com/bazelbuild/bazel-gazelle/cmd/gazelle/BUILD b/vendor/github.com/bazelbuild/bazel-gazelle/cmd/gazelle/BUILD index 5ae277b7643..28779390bfc 100644 --- a/vendor/github.com/bazelbuild/bazel-gazelle/cmd/gazelle/BUILD +++ b/vendor/github.com/bazelbuild/bazel-gazelle/cmd/gazelle/BUILD @@ -35,6 +35,7 @@ go_library( go_binary( name = "gazelle", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/bazelbuild/buildtools/api_proto/BUILD b/vendor/github.com/bazelbuild/buildtools/api_proto/BUILD new file mode 100644 index 00000000000..18005665fa7 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/api_proto/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["api.gen.pb.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/api_proto", + importpath = "github.com/bazelbuild/buildtools/api_proto", + visibility = ["//visibility:public"], + deps = ["//vendor/github.com/golang/protobuf/proto:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/bazelbuild/buildtools/api_proto/api.gen.pb.go b/vendor/github.com/bazelbuild/buildtools/api_proto/api.gen.pb.go new file mode 100755 index 00000000000..d060daca5a7 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/api_proto/api.gen.pb.go @@ -0,0 +1,315 @@ +// Code generated by protoc-gen-go. +// source: api_proto/api.proto +// DO NOT EDIT! + +/* +Package devtools_buildozer is a generated protocol buffer package. + +It is generated from these files: + api_proto/api.proto + +It has these top-level messages: + Output + RepeatedString +*/ +package devtools_buildozer + +import proto "github.com/golang/protobuf/proto" +import fmt "fmt" +import math "math" + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package + +type Output_Record_Field_ERROR int32 + +const ( + Output_Record_Field_UNKNOWN Output_Record_Field_ERROR = 0 + Output_Record_Field_MISSING Output_Record_Field_ERROR = 1 +) + +var Output_Record_Field_ERROR_name = map[int32]string{ + 0: "UNKNOWN", + 1: "MISSING", +} +var Output_Record_Field_ERROR_value = map[string]int32{ + "UNKNOWN": 0, + "MISSING": 1, +} + +func (x Output_Record_Field_ERROR) String() string { + return proto.EnumName(Output_Record_Field_ERROR_name, int32(x)) +} +func (Output_Record_Field_ERROR) EnumDescriptor() ([]byte, []int) { + return fileDescriptor0, []int{0, 0, 0, 0} +} + +type Output struct { + Records []*Output_Record `protobuf:"bytes,1,rep,name=records" json:"records,omitempty"` +} + +func (m *Output) Reset() { *m = Output{} } +func (m *Output) String() string { return proto.CompactTextString(m) } +func (*Output) ProtoMessage() {} +func (*Output) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} } + +func (m *Output) GetRecords() []*Output_Record { + if m != nil { + return m.Records + } + return nil +} + +type Output_Record struct { + Fields []*Output_Record_Field `protobuf:"bytes,1,rep,name=fields" json:"fields,omitempty"` +} + +func (m *Output_Record) Reset() { *m = Output_Record{} } +func (m *Output_Record) String() string { return proto.CompactTextString(m) } +func (*Output_Record) ProtoMessage() {} +func (*Output_Record) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0, 0} } + +func (m *Output_Record) GetFields() []*Output_Record_Field { + if m != nil { + return m.Fields + } + return nil +} + +type Output_Record_Field struct { + // Types that are valid to be assigned to Value: + // *Output_Record_Field_Text + // *Output_Record_Field_Number + // *Output_Record_Field_Error + // *Output_Record_Field_List + Value isOutput_Record_Field_Value `protobuf_oneof:"value"` + // Used internally by Buildozer to decide whether a field should be quoted + // when printing. This does not affect the contents of 'value'. + QuoteWhenPrinting bool `protobuf:"varint,7,opt,name=quote_when_printing,json=quoteWhenPrinting" json:"quote_when_printing,omitempty"` +} + +func (m *Output_Record_Field) Reset() { *m = Output_Record_Field{} } +func (m *Output_Record_Field) String() string { return proto.CompactTextString(m) } +func (*Output_Record_Field) ProtoMessage() {} +func (*Output_Record_Field) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0, 0, 0} } + +type isOutput_Record_Field_Value interface { + isOutput_Record_Field_Value() +} + +type Output_Record_Field_Text struct { + Text string `protobuf:"bytes,1,opt,name=text,oneof"` +} +type Output_Record_Field_Number struct { + Number int32 `protobuf:"varint,2,opt,name=number,oneof"` +} +type Output_Record_Field_Error struct { + Error Output_Record_Field_ERROR `protobuf:"varint,3,opt,name=error,enum=devtools.buildozer.Output_Record_Field_ERROR,oneof"` +} +type Output_Record_Field_List struct { + List *RepeatedString `protobuf:"bytes,5,opt,name=list,oneof"` +} + +func (*Output_Record_Field_Text) isOutput_Record_Field_Value() {} +func (*Output_Record_Field_Number) isOutput_Record_Field_Value() {} +func (*Output_Record_Field_Error) isOutput_Record_Field_Value() {} +func (*Output_Record_Field_List) isOutput_Record_Field_Value() {} + +func (m *Output_Record_Field) GetValue() isOutput_Record_Field_Value { + if m != nil { + return m.Value + } + return nil +} + +func (m *Output_Record_Field) GetText() string { + if x, ok := m.GetValue().(*Output_Record_Field_Text); ok { + return x.Text + } + return "" +} + +func (m *Output_Record_Field) GetNumber() int32 { + if x, ok := m.GetValue().(*Output_Record_Field_Number); ok { + return x.Number + } + return 0 +} + +func (m *Output_Record_Field) GetError() Output_Record_Field_ERROR { + if x, ok := m.GetValue().(*Output_Record_Field_Error); ok { + return x.Error + } + return Output_Record_Field_UNKNOWN +} + +func (m *Output_Record_Field) GetList() *RepeatedString { + if x, ok := m.GetValue().(*Output_Record_Field_List); ok { + return x.List + } + return nil +} + +func (m *Output_Record_Field) GetQuoteWhenPrinting() bool { + if m != nil { + return m.QuoteWhenPrinting + } + return false +} + +// XXX_OneofFuncs is for the internal use of the proto package. +func (*Output_Record_Field) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{}) { + return _Output_Record_Field_OneofMarshaler, _Output_Record_Field_OneofUnmarshaler, _Output_Record_Field_OneofSizer, []interface{}{ + (*Output_Record_Field_Text)(nil), + (*Output_Record_Field_Number)(nil), + (*Output_Record_Field_Error)(nil), + (*Output_Record_Field_List)(nil), + } +} + +func _Output_Record_Field_OneofMarshaler(msg proto.Message, b *proto.Buffer) error { + m := msg.(*Output_Record_Field) + // value + switch x := m.Value.(type) { + case *Output_Record_Field_Text: + b.EncodeVarint(1<<3 | proto.WireBytes) + b.EncodeStringBytes(x.Text) + case *Output_Record_Field_Number: + b.EncodeVarint(2<<3 | proto.WireVarint) + b.EncodeVarint(uint64(x.Number)) + case *Output_Record_Field_Error: + b.EncodeVarint(3<<3 | proto.WireVarint) + b.EncodeVarint(uint64(x.Error)) + case *Output_Record_Field_List: + b.EncodeVarint(5<<3 | proto.WireBytes) + if err := b.EncodeMessage(x.List); err != nil { + return err + } + case nil: + default: + return fmt.Errorf("Output_Record_Field.Value has unexpected type %T", x) + } + return nil +} + +func _Output_Record_Field_OneofUnmarshaler(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error) { + m := msg.(*Output_Record_Field) + switch tag { + case 1: // value.text + if wire != proto.WireBytes { + return true, proto.ErrInternalBadWireType + } + x, err := b.DecodeStringBytes() + m.Value = &Output_Record_Field_Text{x} + return true, err + case 2: // value.number + if wire != proto.WireVarint { + return true, proto.ErrInternalBadWireType + } + x, err := b.DecodeVarint() + m.Value = &Output_Record_Field_Number{int32(x)} + return true, err + case 3: // value.error + if wire != proto.WireVarint { + return true, proto.ErrInternalBadWireType + } + x, err := b.DecodeVarint() + m.Value = &Output_Record_Field_Error{Output_Record_Field_ERROR(x)} + return true, err + case 5: // value.list + if wire != proto.WireBytes { + return true, proto.ErrInternalBadWireType + } + msg := new(RepeatedString) + err := b.DecodeMessage(msg) + m.Value = &Output_Record_Field_List{msg} + return true, err + default: + return false, nil + } +} + +func _Output_Record_Field_OneofSizer(msg proto.Message) (n int) { + m := msg.(*Output_Record_Field) + // value + switch x := m.Value.(type) { + case *Output_Record_Field_Text: + n += proto.SizeVarint(1<<3 | proto.WireBytes) + n += proto.SizeVarint(uint64(len(x.Text))) + n += len(x.Text) + case *Output_Record_Field_Number: + n += proto.SizeVarint(2<<3 | proto.WireVarint) + n += proto.SizeVarint(uint64(x.Number)) + case *Output_Record_Field_Error: + n += proto.SizeVarint(3<<3 | proto.WireVarint) + n += proto.SizeVarint(uint64(x.Error)) + case *Output_Record_Field_List: + s := proto.Size(x.List) + n += proto.SizeVarint(5<<3 | proto.WireBytes) + n += proto.SizeVarint(uint64(s)) + n += s + case nil: + default: + panic(fmt.Sprintf("proto: unexpected type %T in oneof", x)) + } + return n +} + +type RepeatedString struct { + Strings []string `protobuf:"bytes,1,rep,name=strings" json:"strings,omitempty"` +} + +func (m *RepeatedString) Reset() { *m = RepeatedString{} } +func (m *RepeatedString) String() string { return proto.CompactTextString(m) } +func (*RepeatedString) ProtoMessage() {} +func (*RepeatedString) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} } + +func (m *RepeatedString) GetStrings() []string { + if m != nil { + return m.Strings + } + return nil +} + +func init() { + proto.RegisterType((*Output)(nil), "devtools.buildozer.Output") + proto.RegisterType((*Output_Record)(nil), "devtools.buildozer.Output.Record") + proto.RegisterType((*Output_Record_Field)(nil), "devtools.buildozer.Output.Record.Field") + proto.RegisterType((*RepeatedString)(nil), "devtools.buildozer.RepeatedString") + proto.RegisterEnum("devtools.buildozer.Output_Record_Field_ERROR", Output_Record_Field_ERROR_name, Output_Record_Field_ERROR_value) +} + +func init() { proto.RegisterFile("api_proto/api.proto", fileDescriptor0) } + +var fileDescriptor0 = []byte{ + // 336 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x91, 0xc1, 0x4a, 0xf3, 0x40, + 0x14, 0x85, 0x33, 0x6d, 0x93, 0xfc, 0xbd, 0x85, 0xd2, 0x7f, 0xea, 0x62, 0xe8, 0x2a, 0xcd, 0xc6, + 0x20, 0x38, 0x42, 0xdd, 0x08, 0x2e, 0x04, 0xa1, 0xda, 0x22, 0xa6, 0x32, 0x45, 0xba, 0x2c, 0xa9, + 0x19, 0xdb, 0x81, 0x98, 0x89, 0x93, 0x49, 0x15, 0x9f, 0xc3, 0x87, 0xf0, 0xb1, 0x7c, 0x14, 0xc9, + 0x24, 0x15, 0x44, 0x41, 0x77, 0xf7, 0xdc, 0x7b, 0xbe, 0x73, 0x42, 0x06, 0xfa, 0x51, 0x26, 0x96, + 0x99, 0x92, 0x5a, 0x1e, 0x45, 0x99, 0xa0, 0x66, 0xc2, 0x38, 0xe6, 0x5b, 0x2d, 0x65, 0x92, 0xd3, + 0x55, 0x21, 0x92, 0x58, 0xbe, 0x70, 0xe5, 0xbf, 0x35, 0xc1, 0x99, 0x15, 0x3a, 0x2b, 0x34, 0x3e, + 0x05, 0x57, 0xf1, 0x3b, 0xa9, 0xe2, 0x9c, 0x20, 0xaf, 0x19, 0x74, 0x46, 0x43, 0xfa, 0x1d, 0xa0, + 0x95, 0x99, 0x32, 0xe3, 0x64, 0x3b, 0x62, 0xf0, 0xde, 0x00, 0xa7, 0xda, 0xe1, 0x33, 0x70, 0xee, + 0x05, 0x4f, 0x3e, 0x63, 0xf6, 0x7f, 0x8d, 0xa1, 0x17, 0xa5, 0x9f, 0xd5, 0xd8, 0xe0, 0xb5, 0x01, + 0xb6, 0xd9, 0xe0, 0x3d, 0x68, 0x69, 0xfe, 0xac, 0x09, 0xf2, 0x50, 0xd0, 0x9e, 0x58, 0xcc, 0x28, + 0x4c, 0xc0, 0x49, 0x8b, 0x87, 0x15, 0x57, 0xa4, 0xe1, 0xa1, 0xc0, 0x9e, 0x58, 0xac, 0xd6, 0x78, + 0x0c, 0x36, 0x57, 0x4a, 0x2a, 0xd2, 0xf4, 0x50, 0xd0, 0x1d, 0x1d, 0xfe, 0xb1, 0x99, 0x8e, 0x19, + 0x9b, 0xb1, 0x89, 0xc5, 0x2a, 0x1a, 0x9f, 0x40, 0x2b, 0x11, 0xb9, 0x26, 0xb6, 0x87, 0x82, 0xce, + 0xc8, 0xff, 0x29, 0x85, 0xf1, 0x8c, 0x47, 0x9a, 0xc7, 0x73, 0xad, 0x44, 0xba, 0x2e, 0x3f, 0xad, + 0x24, 0x30, 0x85, 0xfe, 0x63, 0x21, 0x35, 0x5f, 0x3e, 0x6d, 0x78, 0xba, 0xcc, 0x94, 0x48, 0xb5, + 0x48, 0xd7, 0xc4, 0xf5, 0x50, 0xf0, 0x8f, 0xfd, 0x37, 0xa7, 0xc5, 0x86, 0xa7, 0x37, 0xf5, 0xc1, + 0x1f, 0x82, 0x6d, 0xba, 0x71, 0x07, 0xdc, 0xdb, 0xf0, 0x2a, 0x9c, 0x2d, 0xc2, 0x9e, 0x55, 0x8a, + 0xeb, 0xe9, 0x7c, 0x3e, 0x0d, 0x2f, 0x7b, 0xe8, 0xdc, 0x05, 0x7b, 0x1b, 0x25, 0x05, 0xf7, 0x0f, + 0xa0, 0xfb, 0xb5, 0x15, 0x13, 0x70, 0x73, 0x33, 0x55, 0xbf, 0xba, 0xcd, 0x76, 0x72, 0xe5, 0x98, + 0x17, 0x3f, 0xfe, 0x08, 0x00, 0x00, 0xff, 0xff, 0x8d, 0x62, 0x58, 0xc4, 0x08, 0x02, 0x00, 0x00, +} diff --git a/vendor/github.com/bazelbuild/buildtools/api_proto/api.proto b/vendor/github.com/bazelbuild/buildtools/api_proto/api.proto new file mode 100644 index 00000000000..a991dccbdcd --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/api_proto/api.proto @@ -0,0 +1,42 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +syntax = "proto3"; + +package devtools.buildozer; + +message Output { + repeated Record records = 1; + message Record { + repeated Field fields = 1; + message Field { + oneof value { + string text = 1; + int32 number = 2; + ERROR error = 3; + RepeatedString list = 5; + } + // Used internally by Buildozer to decide whether a field should be quoted + // when printing. This does not affect the contents of 'value'. + bool quote_when_printing = 7; + + enum ERROR { + UNKNOWN = 0; + MISSING = 1; + } + } + } +} + +message RepeatedString { + repeated string strings = 1; +} diff --git a/vendor/github.com/bazelbuild/buildtools/build_proto/BUILD b/vendor/github.com/bazelbuild/buildtools/build_proto/BUILD new file mode 100644 index 00000000000..a7ad3a12fa6 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/build_proto/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["build.gen.pb.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/build_proto", + importpath = "github.com/bazelbuild/buildtools/build_proto", + visibility = ["//visibility:public"], + deps = ["//vendor/github.com/golang/protobuf/proto:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/bazelbuild/buildtools/build_proto/build.gen.pb.go b/vendor/github.com/bazelbuild/buildtools/build_proto/build.gen.pb.go new file mode 100755 index 00000000000..3e974de16c6 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/build_proto/build.gen.pb.go @@ -0,0 +1,2092 @@ +// Code generated by protoc-gen-go. +// source: build_proto/build.proto +// DO NOT EDIT! + +/* +Package blaze_query is a generated protocol buffer package. + +It is generated from these files: + build_proto/build.proto + +It has these top-level messages: + License + StringDictEntry + LabelDictUnaryEntry + LabelListDictEntry + LabelKeyedStringDictEntry + StringListDictEntry + FilesetEntry + Attribute + Rule + AttributeAspect + SkylarkAspect + RuleSummary + PackageGroup + EnvironmentGroup + SourceFile + GeneratedFile + Target + QueryResult + AllowedRuleClassInfo + AttributeDefinition + RuleDefinition + BuildLanguage + Location + MakeVarBinding + MakeVar + GlobCriteria + Event +*/ +package blaze_query + +import proto "github.com/golang/protobuf/proto" +import fmt "fmt" +import math "math" + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package + +// Indicates what to do when a source file is actually a symlink. +type FilesetEntry_SymlinkBehavior int32 + +const ( + FilesetEntry_COPY FilesetEntry_SymlinkBehavior = 1 + FilesetEntry_DEREFERENCE FilesetEntry_SymlinkBehavior = 2 +) + +var FilesetEntry_SymlinkBehavior_name = map[int32]string{ + 1: "COPY", + 2: "DEREFERENCE", +} +var FilesetEntry_SymlinkBehavior_value = map[string]int32{ + "COPY": 1, + "DEREFERENCE": 2, +} + +func (x FilesetEntry_SymlinkBehavior) Enum() *FilesetEntry_SymlinkBehavior { + p := new(FilesetEntry_SymlinkBehavior) + *p = x + return p +} +func (x FilesetEntry_SymlinkBehavior) String() string { + return proto.EnumName(FilesetEntry_SymlinkBehavior_name, int32(x)) +} +func (x *FilesetEntry_SymlinkBehavior) UnmarshalJSON(data []byte) error { + value, err := proto.UnmarshalJSONEnum(FilesetEntry_SymlinkBehavior_value, data, "FilesetEntry_SymlinkBehavior") + if err != nil { + return err + } + *x = FilesetEntry_SymlinkBehavior(value) + return nil +} +func (FilesetEntry_SymlinkBehavior) EnumDescriptor() ([]byte, []int) { + return fileDescriptor0, []int{6, 0} +} + +// Indicates the type of attribute. +type Attribute_Discriminator int32 + +const ( + Attribute_INTEGER Attribute_Discriminator = 1 + Attribute_STRING Attribute_Discriminator = 2 + Attribute_LABEL Attribute_Discriminator = 3 + Attribute_OUTPUT Attribute_Discriminator = 4 + Attribute_STRING_LIST Attribute_Discriminator = 5 + Attribute_LABEL_LIST Attribute_Discriminator = 6 + Attribute_OUTPUT_LIST Attribute_Discriminator = 7 + Attribute_DISTRIBUTION_SET Attribute_Discriminator = 8 + Attribute_LICENSE Attribute_Discriminator = 9 + Attribute_STRING_DICT Attribute_Discriminator = 10 + Attribute_FILESET_ENTRY_LIST Attribute_Discriminator = 11 + Attribute_LABEL_LIST_DICT Attribute_Discriminator = 12 + Attribute_STRING_LIST_DICT Attribute_Discriminator = 13 + Attribute_BOOLEAN Attribute_Discriminator = 14 + Attribute_TRISTATE Attribute_Discriminator = 15 + Attribute_INTEGER_LIST Attribute_Discriminator = 16 + Attribute_UNKNOWN Attribute_Discriminator = 18 + Attribute_LABEL_DICT_UNARY Attribute_Discriminator = 19 + Attribute_SELECTOR_LIST Attribute_Discriminator = 20 + Attribute_LABEL_KEYED_STRING_DICT Attribute_Discriminator = 21 + Attribute_DEPRECATED_STRING_DICT_UNARY Attribute_Discriminator = 17 +) + +var Attribute_Discriminator_name = map[int32]string{ + 1: "INTEGER", + 2: "STRING", + 3: "LABEL", + 4: "OUTPUT", + 5: "STRING_LIST", + 6: "LABEL_LIST", + 7: "OUTPUT_LIST", + 8: "DISTRIBUTION_SET", + 9: "LICENSE", + 10: "STRING_DICT", + 11: "FILESET_ENTRY_LIST", + 12: "LABEL_LIST_DICT", + 13: "STRING_LIST_DICT", + 14: "BOOLEAN", + 15: "TRISTATE", + 16: "INTEGER_LIST", + 18: "UNKNOWN", + 19: "LABEL_DICT_UNARY", + 20: "SELECTOR_LIST", + 21: "LABEL_KEYED_STRING_DICT", + 17: "DEPRECATED_STRING_DICT_UNARY", +} +var Attribute_Discriminator_value = map[string]int32{ + "INTEGER": 1, + "STRING": 2, + "LABEL": 3, + "OUTPUT": 4, + "STRING_LIST": 5, + "LABEL_LIST": 6, + "OUTPUT_LIST": 7, + "DISTRIBUTION_SET": 8, + "LICENSE": 9, + "STRING_DICT": 10, + "FILESET_ENTRY_LIST": 11, + "LABEL_LIST_DICT": 12, + "STRING_LIST_DICT": 13, + "BOOLEAN": 14, + "TRISTATE": 15, + "INTEGER_LIST": 16, + "UNKNOWN": 18, + "LABEL_DICT_UNARY": 19, + "SELECTOR_LIST": 20, + "LABEL_KEYED_STRING_DICT": 21, + "DEPRECATED_STRING_DICT_UNARY": 17, +} + +func (x Attribute_Discriminator) Enum() *Attribute_Discriminator { + p := new(Attribute_Discriminator) + *p = x + return p +} +func (x Attribute_Discriminator) String() string { + return proto.EnumName(Attribute_Discriminator_name, int32(x)) +} +func (x *Attribute_Discriminator) UnmarshalJSON(data []byte) error { + value, err := proto.UnmarshalJSONEnum(Attribute_Discriminator_value, data, "Attribute_Discriminator") + if err != nil { + return err + } + *x = Attribute_Discriminator(value) + return nil +} +func (Attribute_Discriminator) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 0} } + +// Values for the TriState field type. +type Attribute_Tristate int32 + +const ( + Attribute_NO Attribute_Tristate = 0 + Attribute_YES Attribute_Tristate = 1 + Attribute_AUTO Attribute_Tristate = 2 +) + +var Attribute_Tristate_name = map[int32]string{ + 0: "NO", + 1: "YES", + 2: "AUTO", +} +var Attribute_Tristate_value = map[string]int32{ + "NO": 0, + "YES": 1, + "AUTO": 2, +} + +func (x Attribute_Tristate) Enum() *Attribute_Tristate { + p := new(Attribute_Tristate) + *p = x + return p +} +func (x Attribute_Tristate) String() string { + return proto.EnumName(Attribute_Tristate_name, int32(x)) +} +func (x *Attribute_Tristate) UnmarshalJSON(data []byte) error { + value, err := proto.UnmarshalJSONEnum(Attribute_Tristate_value, data, "Attribute_Tristate") + if err != nil { + return err + } + *x = Attribute_Tristate(value) + return nil +} +func (Attribute_Tristate) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 1} } + +type Target_Discriminator int32 + +const ( + Target_RULE Target_Discriminator = 1 + Target_SOURCE_FILE Target_Discriminator = 2 + Target_GENERATED_FILE Target_Discriminator = 3 + Target_PACKAGE_GROUP Target_Discriminator = 4 + Target_ENVIRONMENT_GROUP Target_Discriminator = 5 +) + +var Target_Discriminator_name = map[int32]string{ + 1: "RULE", + 2: "SOURCE_FILE", + 3: "GENERATED_FILE", + 4: "PACKAGE_GROUP", + 5: "ENVIRONMENT_GROUP", +} +var Target_Discriminator_value = map[string]int32{ + "RULE": 1, + "SOURCE_FILE": 2, + "GENERATED_FILE": 3, + "PACKAGE_GROUP": 4, + "ENVIRONMENT_GROUP": 5, +} + +func (x Target_Discriminator) Enum() *Target_Discriminator { + p := new(Target_Discriminator) + *p = x + return p +} +func (x Target_Discriminator) String() string { + return proto.EnumName(Target_Discriminator_name, int32(x)) +} +func (x *Target_Discriminator) UnmarshalJSON(data []byte) error { + value, err := proto.UnmarshalJSONEnum(Target_Discriminator_value, data, "Target_Discriminator") + if err != nil { + return err + } + *x = Target_Discriminator(value) + return nil +} +func (Target_Discriminator) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{16, 0} } + +type AllowedRuleClassInfo_AllowedRuleClasses int32 + +const ( + AllowedRuleClassInfo_ANY AllowedRuleClassInfo_AllowedRuleClasses = 1 + AllowedRuleClassInfo_SPECIFIED AllowedRuleClassInfo_AllowedRuleClasses = 2 +) + +var AllowedRuleClassInfo_AllowedRuleClasses_name = map[int32]string{ + 1: "ANY", + 2: "SPECIFIED", +} +var AllowedRuleClassInfo_AllowedRuleClasses_value = map[string]int32{ + "ANY": 1, + "SPECIFIED": 2, +} + +func (x AllowedRuleClassInfo_AllowedRuleClasses) Enum() *AllowedRuleClassInfo_AllowedRuleClasses { + p := new(AllowedRuleClassInfo_AllowedRuleClasses) + *p = x + return p +} +func (x AllowedRuleClassInfo_AllowedRuleClasses) String() string { + return proto.EnumName(AllowedRuleClassInfo_AllowedRuleClasses_name, int32(x)) +} +func (x *AllowedRuleClassInfo_AllowedRuleClasses) UnmarshalJSON(data []byte) error { + value, err := proto.UnmarshalJSONEnum(AllowedRuleClassInfo_AllowedRuleClasses_value, data, "AllowedRuleClassInfo_AllowedRuleClasses") + if err != nil { + return err + } + *x = AllowedRuleClassInfo_AllowedRuleClasses(value) + return nil +} +func (AllowedRuleClassInfo_AllowedRuleClasses) EnumDescriptor() ([]byte, []int) { + return fileDescriptor0, []int{18, 0} +} + +type Event_EventKind int32 + +const ( + Event_ERROR Event_EventKind = 1 + Event_WARNING Event_EventKind = 2 + Event_INFO Event_EventKind = 3 + Event_PROGRESS Event_EventKind = 4 +) + +var Event_EventKind_name = map[int32]string{ + 1: "ERROR", + 2: "WARNING", + 3: "INFO", + 4: "PROGRESS", +} +var Event_EventKind_value = map[string]int32{ + "ERROR": 1, + "WARNING": 2, + "INFO": 3, + "PROGRESS": 4, +} + +func (x Event_EventKind) Enum() *Event_EventKind { + p := new(Event_EventKind) + *p = x + return p +} +func (x Event_EventKind) String() string { + return proto.EnumName(Event_EventKind_name, int32(x)) +} +func (x *Event_EventKind) UnmarshalJSON(data []byte) error { + value, err := proto.UnmarshalJSONEnum(Event_EventKind_value, data, "Event_EventKind") + if err != nil { + return err + } + *x = Event_EventKind(value) + return nil +} +func (Event_EventKind) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{26, 0} } + +type License struct { + LicenseType []string `protobuf:"bytes,1,rep,name=license_type,json=licenseType" json:"license_type,omitempty"` + Exception []string `protobuf:"bytes,2,rep,name=exception" json:"exception,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *License) Reset() { *m = License{} } +func (m *License) String() string { return proto.CompactTextString(m) } +func (*License) ProtoMessage() {} +func (*License) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} } + +func (m *License) GetLicenseType() []string { + if m != nil { + return m.LicenseType + } + return nil +} + +func (m *License) GetException() []string { + if m != nil { + return m.Exception + } + return nil +} + +type StringDictEntry struct { + Key *string `protobuf:"bytes,1,req,name=key" json:"key,omitempty"` + Value *string `protobuf:"bytes,2,req,name=value" json:"value,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *StringDictEntry) Reset() { *m = StringDictEntry{} } +func (m *StringDictEntry) String() string { return proto.CompactTextString(m) } +func (*StringDictEntry) ProtoMessage() {} +func (*StringDictEntry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} } + +func (m *StringDictEntry) GetKey() string { + if m != nil && m.Key != nil { + return *m.Key + } + return "" +} + +func (m *StringDictEntry) GetValue() string { + if m != nil && m.Value != nil { + return *m.Value + } + return "" +} + +type LabelDictUnaryEntry struct { + Key *string `protobuf:"bytes,1,req,name=key" json:"key,omitempty"` + Value *string `protobuf:"bytes,2,req,name=value" json:"value,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *LabelDictUnaryEntry) Reset() { *m = LabelDictUnaryEntry{} } +func (m *LabelDictUnaryEntry) String() string { return proto.CompactTextString(m) } +func (*LabelDictUnaryEntry) ProtoMessage() {} +func (*LabelDictUnaryEntry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} } + +func (m *LabelDictUnaryEntry) GetKey() string { + if m != nil && m.Key != nil { + return *m.Key + } + return "" +} + +func (m *LabelDictUnaryEntry) GetValue() string { + if m != nil && m.Value != nil { + return *m.Value + } + return "" +} + +type LabelListDictEntry struct { + Key *string `protobuf:"bytes,1,req,name=key" json:"key,omitempty"` + Value []string `protobuf:"bytes,2,rep,name=value" json:"value,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *LabelListDictEntry) Reset() { *m = LabelListDictEntry{} } +func (m *LabelListDictEntry) String() string { return proto.CompactTextString(m) } +func (*LabelListDictEntry) ProtoMessage() {} +func (*LabelListDictEntry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} } + +func (m *LabelListDictEntry) GetKey() string { + if m != nil && m.Key != nil { + return *m.Key + } + return "" +} + +func (m *LabelListDictEntry) GetValue() []string { + if m != nil { + return m.Value + } + return nil +} + +type LabelKeyedStringDictEntry struct { + Key *string `protobuf:"bytes,1,req,name=key" json:"key,omitempty"` + Value *string `protobuf:"bytes,2,req,name=value" json:"value,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *LabelKeyedStringDictEntry) Reset() { *m = LabelKeyedStringDictEntry{} } +func (m *LabelKeyedStringDictEntry) String() string { return proto.CompactTextString(m) } +func (*LabelKeyedStringDictEntry) ProtoMessage() {} +func (*LabelKeyedStringDictEntry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} } + +func (m *LabelKeyedStringDictEntry) GetKey() string { + if m != nil && m.Key != nil { + return *m.Key + } + return "" +} + +func (m *LabelKeyedStringDictEntry) GetValue() string { + if m != nil && m.Value != nil { + return *m.Value + } + return "" +} + +type StringListDictEntry struct { + Key *string `protobuf:"bytes,1,req,name=key" json:"key,omitempty"` + Value []string `protobuf:"bytes,2,rep,name=value" json:"value,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *StringListDictEntry) Reset() { *m = StringListDictEntry{} } +func (m *StringListDictEntry) String() string { return proto.CompactTextString(m) } +func (*StringListDictEntry) ProtoMessage() {} +func (*StringListDictEntry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} } + +func (m *StringListDictEntry) GetKey() string { + if m != nil && m.Key != nil { + return *m.Key + } + return "" +} + +func (m *StringListDictEntry) GetValue() []string { + if m != nil { + return m.Value + } + return nil +} + +// Represents an entry attribute of a Fileset rule in a build file. +type FilesetEntry struct { + // The label pointing to the source target where files are copied from. + Source *string `protobuf:"bytes,1,req,name=source" json:"source,omitempty"` + // The relative path within the fileset rule where files will be mapped. + DestinationDirectory *string `protobuf:"bytes,2,req,name=destination_directory,json=destinationDirectory" json:"destination_directory,omitempty"` + // Whether the files= attribute was specified. This is necessary because + // no files= attribute and files=[] mean different things. + FilesPresent *bool `protobuf:"varint,7,opt,name=files_present,json=filesPresent" json:"files_present,omitempty"` + // A list of file labels to include from the source directory. + File []string `protobuf:"bytes,3,rep,name=file" json:"file,omitempty"` + // If this is a fileset entry representing files within the rule + // package, this lists relative paths to files that should be excluded from + // the set. This cannot contain values if 'file' also has values. + Exclude []string `protobuf:"bytes,4,rep,name=exclude" json:"exclude,omitempty"` + // This field is optional because there will be some time when the new + // PB is used by tools depending on blaze query, but the new blaze version + // is not yet released. + // TODO(bazel-team): Make this field required once a version of Blaze is + // released that outputs this field. + SymlinkBehavior *FilesetEntry_SymlinkBehavior `protobuf:"varint,5,opt,name=symlink_behavior,json=symlinkBehavior,enum=blaze_query.FilesetEntry_SymlinkBehavior,def=1" json:"symlink_behavior,omitempty"` + // The prefix to strip from the path of the files in this FilesetEntry. Note + // that no value and the empty string as the value mean different things here. + StripPrefix *string `protobuf:"bytes,6,opt,name=strip_prefix,json=stripPrefix" json:"strip_prefix,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *FilesetEntry) Reset() { *m = FilesetEntry{} } +func (m *FilesetEntry) String() string { return proto.CompactTextString(m) } +func (*FilesetEntry) ProtoMessage() {} +func (*FilesetEntry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} } + +const Default_FilesetEntry_SymlinkBehavior FilesetEntry_SymlinkBehavior = FilesetEntry_COPY + +func (m *FilesetEntry) GetSource() string { + if m != nil && m.Source != nil { + return *m.Source + } + return "" +} + +func (m *FilesetEntry) GetDestinationDirectory() string { + if m != nil && m.DestinationDirectory != nil { + return *m.DestinationDirectory + } + return "" +} + +func (m *FilesetEntry) GetFilesPresent() bool { + if m != nil && m.FilesPresent != nil { + return *m.FilesPresent + } + return false +} + +func (m *FilesetEntry) GetFile() []string { + if m != nil { + return m.File + } + return nil +} + +func (m *FilesetEntry) GetExclude() []string { + if m != nil { + return m.Exclude + } + return nil +} + +func (m *FilesetEntry) GetSymlinkBehavior() FilesetEntry_SymlinkBehavior { + if m != nil && m.SymlinkBehavior != nil { + return *m.SymlinkBehavior + } + return Default_FilesetEntry_SymlinkBehavior +} + +func (m *FilesetEntry) GetStripPrefix() string { + if m != nil && m.StripPrefix != nil { + return *m.StripPrefix + } + return "" +} + +// A rule attribute. Each attribute must have a type and one of the various +// value fields populated - for the most part. +// +// Attributes of BOOLEAN and TRISTATE type may set all of the int, bool, and +// string values for backwards compatibility with clients that expect them to +// be set. +// +// Attributes of INTEGER, STRING, LABEL, LICENSE, BOOLEAN, and TRISTATE type +// may set *none* of the values. This can happen if the Attribute message is +// prepared for a client that doesn't support SELECTOR_LIST, but the rule has +// a selector list value for the attribute. (Selector lists for attributes of +// other types--the collection types--are handled differently when prepared +// for such a client. The possible collection values are gathered together +// and flattened.) +// +// By checking the type, the appropriate value can be extracted - see the +// comments on each type for the associated value. The order of lists comes +// from the blaze parsing. If an attribute is of a list type, the associated +// list should never be empty. +type Attribute struct { + // The name of the attribute + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + // The location of the target in the BUILD file in a machine-parseable form. + DEPRECATEDParseableLocation *Location `protobuf:"bytes,12,opt,name=DEPRECATED_parseable_location,json=DEPRECATEDParseableLocation" json:"DEPRECATED_parseable_location,omitempty"` + // Whether the attribute was explicitly specified + ExplicitlySpecified *bool `protobuf:"varint,13,opt,name=explicitly_specified,json=explicitlySpecified" json:"explicitly_specified,omitempty"` + // If this attribute has a string value or a string list value, then this + // may be set to indicate that the value may be treated as a label that + // isn't a dependency of this attribute's rule. + Nodep *bool `protobuf:"varint,20,opt,name=nodep" json:"nodep,omitempty"` + // The type of attribute. This message is used for all of the different + // attribute types so the discriminator helps for figuring out what is + // stored in the message. + Type *Attribute_Discriminator `protobuf:"varint,2,req,name=type,enum=blaze_query.Attribute_Discriminator" json:"type,omitempty"` + // If this attribute has an integer value this will be populated. + // Boolean and TriState also use this field as [0,1] and [-1,0,1] + // for [false, true] and [auto, no, yes] respectively. + IntValue *int32 `protobuf:"varint,3,opt,name=int_value,json=intValue" json:"int_value,omitempty"` + // If the attribute has a string value this will be populated. Label and + // path attributes use this field as the value even though the type may + // be LABEL or something else other than STRING. + StringValue *string `protobuf:"bytes,5,opt,name=string_value,json=stringValue" json:"string_value,omitempty"` + // If the attribute has a boolean value this will be populated. + BooleanValue *bool `protobuf:"varint,14,opt,name=boolean_value,json=booleanValue" json:"boolean_value,omitempty"` + // If the attribute is a Tristate value, this will be populated. + TristateValue *Attribute_Tristate `protobuf:"varint,15,opt,name=tristate_value,json=tristateValue,enum=blaze_query.Attribute_Tristate" json:"tristate_value,omitempty"` + // The value of the attribute has a list of string values (label and path + // note from STRING applies here as well). + StringListValue []string `protobuf:"bytes,6,rep,name=string_list_value,json=stringListValue" json:"string_list_value,omitempty"` + // If this is a license attribute, the license information is stored here. + License *License `protobuf:"bytes,7,opt,name=license" json:"license,omitempty"` + // If this is a string dict, each entry will be stored here. + StringDictValue []*StringDictEntry `protobuf:"bytes,8,rep,name=string_dict_value,json=stringDictValue" json:"string_dict_value,omitempty"` + // If the attribute is part of a Fileset, the fileset entries are stored in + // this field. + FilesetListValue []*FilesetEntry `protobuf:"bytes,9,rep,name=fileset_list_value,json=filesetListValue" json:"fileset_list_value,omitempty"` + // If this is a label list dict, each entry will be stored here. + LabelListDictValue []*LabelListDictEntry `protobuf:"bytes,10,rep,name=label_list_dict_value,json=labelListDictValue" json:"label_list_dict_value,omitempty"` + // If this is a string list dict, each entry will be stored here. + StringListDictValue []*StringListDictEntry `protobuf:"bytes,11,rep,name=string_list_dict_value,json=stringListDictValue" json:"string_list_dict_value,omitempty"` + // The glob criteria. This is non-empty if: + // 1. This attribute is a list of strings or labels, and, + // 2. It contained a glob() expression + GlobCriteria []*GlobCriteria `protobuf:"bytes,16,rep,name=glob_criteria,json=globCriteria" json:"glob_criteria,omitempty"` + // The value of the attribute has a list of int32 values + IntListValue []int32 `protobuf:"varint,17,rep,name=int_list_value,json=intListValue" json:"int_list_value,omitempty"` + // If this is a label dict unary, each entry will be stored here. + LabelDictUnaryValue []*LabelDictUnaryEntry `protobuf:"bytes,19,rep,name=label_dict_unary_value,json=labelDictUnaryValue" json:"label_dict_unary_value,omitempty"` + // If this is a label-keyed string dict, each entry will be stored here. + LabelKeyedStringDictValue []*LabelKeyedStringDictEntry `protobuf:"bytes,22,rep,name=label_keyed_string_dict_value,json=labelKeyedStringDictValue" json:"label_keyed_string_dict_value,omitempty"` + // If this attribute's value is an expression containing one or more select + // expressions, then its type is SELECTOR_LIST and a SelectorList will be + // stored here. + SelectorList *Attribute_SelectorList `protobuf:"bytes,21,opt,name=selector_list,json=selectorList" json:"selector_list,omitempty"` + DEPRECATEDStringDictUnaryValue [][]byte `protobuf:"bytes,18,rep,name=DEPRECATED_string_dict_unary_value,json=DEPRECATEDStringDictUnaryValue" json:"DEPRECATED_string_dict_unary_value,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Attribute) Reset() { *m = Attribute{} } +func (m *Attribute) String() string { return proto.CompactTextString(m) } +func (*Attribute) ProtoMessage() {} +func (*Attribute) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7} } + +func (m *Attribute) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *Attribute) GetDEPRECATEDParseableLocation() *Location { + if m != nil { + return m.DEPRECATEDParseableLocation + } + return nil +} + +func (m *Attribute) GetExplicitlySpecified() bool { + if m != nil && m.ExplicitlySpecified != nil { + return *m.ExplicitlySpecified + } + return false +} + +func (m *Attribute) GetNodep() bool { + if m != nil && m.Nodep != nil { + return *m.Nodep + } + return false +} + +func (m *Attribute) GetType() Attribute_Discriminator { + if m != nil && m.Type != nil { + return *m.Type + } + return Attribute_INTEGER +} + +func (m *Attribute) GetIntValue() int32 { + if m != nil && m.IntValue != nil { + return *m.IntValue + } + return 0 +} + +func (m *Attribute) GetStringValue() string { + if m != nil && m.StringValue != nil { + return *m.StringValue + } + return "" +} + +func (m *Attribute) GetBooleanValue() bool { + if m != nil && m.BooleanValue != nil { + return *m.BooleanValue + } + return false +} + +func (m *Attribute) GetTristateValue() Attribute_Tristate { + if m != nil && m.TristateValue != nil { + return *m.TristateValue + } + return Attribute_NO +} + +func (m *Attribute) GetStringListValue() []string { + if m != nil { + return m.StringListValue + } + return nil +} + +func (m *Attribute) GetLicense() *License { + if m != nil { + return m.License + } + return nil +} + +func (m *Attribute) GetStringDictValue() []*StringDictEntry { + if m != nil { + return m.StringDictValue + } + return nil +} + +func (m *Attribute) GetFilesetListValue() []*FilesetEntry { + if m != nil { + return m.FilesetListValue + } + return nil +} + +func (m *Attribute) GetLabelListDictValue() []*LabelListDictEntry { + if m != nil { + return m.LabelListDictValue + } + return nil +} + +func (m *Attribute) GetStringListDictValue() []*StringListDictEntry { + if m != nil { + return m.StringListDictValue + } + return nil +} + +func (m *Attribute) GetGlobCriteria() []*GlobCriteria { + if m != nil { + return m.GlobCriteria + } + return nil +} + +func (m *Attribute) GetIntListValue() []int32 { + if m != nil { + return m.IntListValue + } + return nil +} + +func (m *Attribute) GetLabelDictUnaryValue() []*LabelDictUnaryEntry { + if m != nil { + return m.LabelDictUnaryValue + } + return nil +} + +func (m *Attribute) GetLabelKeyedStringDictValue() []*LabelKeyedStringDictEntry { + if m != nil { + return m.LabelKeyedStringDictValue + } + return nil +} + +func (m *Attribute) GetSelectorList() *Attribute_SelectorList { + if m != nil { + return m.SelectorList + } + return nil +} + +func (m *Attribute) GetDEPRECATEDStringDictUnaryValue() [][]byte { + if m != nil { + return m.DEPRECATEDStringDictUnaryValue + } + return nil +} + +type Attribute_SelectorEntry struct { + // The key of the selector entry. At this time, this is the label of a + // config_setting rule, or the pseudo-label "//conditions:default". + Label *string `protobuf:"bytes,1,opt,name=label" json:"label,omitempty"` + // True if the entry's value is the default value for the type as a + // result of the condition value being specified as None (ie: + // {"//condition": None}). + IsDefaultValue *bool `protobuf:"varint,16,opt,name=is_default_value,json=isDefaultValue" json:"is_default_value,omitempty"` + // Exactly one of the following fields (except for glob_criteria) must be + // populated - note that the BOOLEAN and TRISTATE caveat in Attribute's + // comment does not apply here. The type field in the SelectorList + // containing this entry indicates which of these fields is populated, + // in accordance with the comments on Discriminator enum values above. + // (To be explicit: BOOLEAN populates the boolean_value field and TRISTATE + // populates the tristate_value field.) + IntValue *int32 `protobuf:"varint,2,opt,name=int_value,json=intValue" json:"int_value,omitempty"` + StringValue *string `protobuf:"bytes,3,opt,name=string_value,json=stringValue" json:"string_value,omitempty"` + BooleanValue *bool `protobuf:"varint,4,opt,name=boolean_value,json=booleanValue" json:"boolean_value,omitempty"` + TristateValue *Attribute_Tristate `protobuf:"varint,5,opt,name=tristate_value,json=tristateValue,enum=blaze_query.Attribute_Tristate" json:"tristate_value,omitempty"` + StringListValue []string `protobuf:"bytes,6,rep,name=string_list_value,json=stringListValue" json:"string_list_value,omitempty"` + License *License `protobuf:"bytes,7,opt,name=license" json:"license,omitempty"` + StringDictValue []*StringDictEntry `protobuf:"bytes,8,rep,name=string_dict_value,json=stringDictValue" json:"string_dict_value,omitempty"` + FilesetListValue []*FilesetEntry `protobuf:"bytes,9,rep,name=fileset_list_value,json=filesetListValue" json:"fileset_list_value,omitempty"` + LabelListDictValue []*LabelListDictEntry `protobuf:"bytes,10,rep,name=label_list_dict_value,json=labelListDictValue" json:"label_list_dict_value,omitempty"` + StringListDictValue []*StringListDictEntry `protobuf:"bytes,11,rep,name=string_list_dict_value,json=stringListDictValue" json:"string_list_dict_value,omitempty"` + GlobCriteria []*GlobCriteria `protobuf:"bytes,12,rep,name=glob_criteria,json=globCriteria" json:"glob_criteria,omitempty"` + IntListValue []int32 `protobuf:"varint,13,rep,name=int_list_value,json=intListValue" json:"int_list_value,omitempty"` + LabelDictUnaryValue []*LabelDictUnaryEntry `protobuf:"bytes,15,rep,name=label_dict_unary_value,json=labelDictUnaryValue" json:"label_dict_unary_value,omitempty"` + LabelKeyedStringDictValue []*LabelKeyedStringDictEntry `protobuf:"bytes,17,rep,name=label_keyed_string_dict_value,json=labelKeyedStringDictValue" json:"label_keyed_string_dict_value,omitempty"` + DEPRECATEDStringDictUnaryValue [][]byte `protobuf:"bytes,14,rep,name=DEPRECATED_string_dict_unary_value,json=DEPRECATEDStringDictUnaryValue" json:"DEPRECATED_string_dict_unary_value,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Attribute_SelectorEntry) Reset() { *m = Attribute_SelectorEntry{} } +func (m *Attribute_SelectorEntry) String() string { return proto.CompactTextString(m) } +func (*Attribute_SelectorEntry) ProtoMessage() {} +func (*Attribute_SelectorEntry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 0} } + +func (m *Attribute_SelectorEntry) GetLabel() string { + if m != nil && m.Label != nil { + return *m.Label + } + return "" +} + +func (m *Attribute_SelectorEntry) GetIsDefaultValue() bool { + if m != nil && m.IsDefaultValue != nil { + return *m.IsDefaultValue + } + return false +} + +func (m *Attribute_SelectorEntry) GetIntValue() int32 { + if m != nil && m.IntValue != nil { + return *m.IntValue + } + return 0 +} + +func (m *Attribute_SelectorEntry) GetStringValue() string { + if m != nil && m.StringValue != nil { + return *m.StringValue + } + return "" +} + +func (m *Attribute_SelectorEntry) GetBooleanValue() bool { + if m != nil && m.BooleanValue != nil { + return *m.BooleanValue + } + return false +} + +func (m *Attribute_SelectorEntry) GetTristateValue() Attribute_Tristate { + if m != nil && m.TristateValue != nil { + return *m.TristateValue + } + return Attribute_NO +} + +func (m *Attribute_SelectorEntry) GetStringListValue() []string { + if m != nil { + return m.StringListValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetLicense() *License { + if m != nil { + return m.License + } + return nil +} + +func (m *Attribute_SelectorEntry) GetStringDictValue() []*StringDictEntry { + if m != nil { + return m.StringDictValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetFilesetListValue() []*FilesetEntry { + if m != nil { + return m.FilesetListValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetLabelListDictValue() []*LabelListDictEntry { + if m != nil { + return m.LabelListDictValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetStringListDictValue() []*StringListDictEntry { + if m != nil { + return m.StringListDictValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetGlobCriteria() []*GlobCriteria { + if m != nil { + return m.GlobCriteria + } + return nil +} + +func (m *Attribute_SelectorEntry) GetIntListValue() []int32 { + if m != nil { + return m.IntListValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetLabelDictUnaryValue() []*LabelDictUnaryEntry { + if m != nil { + return m.LabelDictUnaryValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetLabelKeyedStringDictValue() []*LabelKeyedStringDictEntry { + if m != nil { + return m.LabelKeyedStringDictValue + } + return nil +} + +func (m *Attribute_SelectorEntry) GetDEPRECATEDStringDictUnaryValue() [][]byte { + if m != nil { + return m.DEPRECATEDStringDictUnaryValue + } + return nil +} + +type Attribute_Selector struct { + // The list of (label, value) pairs in the map that defines the selector. + // At this time, this cannot be empty, i.e. a selector has at least one + // entry. + Entries []*Attribute_SelectorEntry `protobuf:"bytes,1,rep,name=entries" json:"entries,omitempty"` + // Whether or not this has any default values. + HasDefaultValue *bool `protobuf:"varint,2,opt,name=has_default_value,json=hasDefaultValue" json:"has_default_value,omitempty"` + // The error message when no condition matches. + NoMatchError *string `protobuf:"bytes,3,opt,name=no_match_error,json=noMatchError" json:"no_match_error,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Attribute_Selector) Reset() { *m = Attribute_Selector{} } +func (m *Attribute_Selector) String() string { return proto.CompactTextString(m) } +func (*Attribute_Selector) ProtoMessage() {} +func (*Attribute_Selector) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 1} } + +func (m *Attribute_Selector) GetEntries() []*Attribute_SelectorEntry { + if m != nil { + return m.Entries + } + return nil +} + +func (m *Attribute_Selector) GetHasDefaultValue() bool { + if m != nil && m.HasDefaultValue != nil { + return *m.HasDefaultValue + } + return false +} + +func (m *Attribute_Selector) GetNoMatchError() string { + if m != nil && m.NoMatchError != nil { + return *m.NoMatchError + } + return "" +} + +type Attribute_SelectorList struct { + // The type that this selector list evaluates to, and the type that each + // selector in the list evaluates to. At this time, this cannot be + // SELECTOR_LIST, i.e. selector lists do not nest. + Type *Attribute_Discriminator `protobuf:"varint,1,opt,name=type,enum=blaze_query.Attribute_Discriminator" json:"type,omitempty"` + // The list of selector elements in this selector list. At this time, this + // cannot be empty, i.e. a selector list is never empty. + Elements []*Attribute_Selector `protobuf:"bytes,2,rep,name=elements" json:"elements,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Attribute_SelectorList) Reset() { *m = Attribute_SelectorList{} } +func (m *Attribute_SelectorList) String() string { return proto.CompactTextString(m) } +func (*Attribute_SelectorList) ProtoMessage() {} +func (*Attribute_SelectorList) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 2} } + +func (m *Attribute_SelectorList) GetType() Attribute_Discriminator { + if m != nil && m.Type != nil { + return *m.Type + } + return Attribute_INTEGER +} + +func (m *Attribute_SelectorList) GetElements() []*Attribute_Selector { + if m != nil { + return m.Elements + } + return nil +} + +// A rule from a BUILD file (e.g., cc_library, java_binary). The rule class +// is the actual name of the rule (e.g., cc_library) and the name is the full +// label of the rule (e.g., //foo/bar:baz). +type Rule struct { + // The name of the rule + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + // The rule class (e.g., java_library) + RuleClass *string `protobuf:"bytes,2,req,name=rule_class,json=ruleClass" json:"rule_class,omitempty"` + // The BUILD file and line number of the rule. + Location *string `protobuf:"bytes,3,opt,name=location" json:"location,omitempty"` + // All of the attributes that describe the rule. + Attribute []*Attribute `protobuf:"bytes,4,rep,name=attribute" json:"attribute,omitempty"` + // All of the inputs to the rule. These are predecessors in the dependency + // graph. A rule_input for a rule should always be described as a + // source_file in some package (either the rule's package or some other one). + RuleInput []string `protobuf:"bytes,5,rep,name=rule_input,json=ruleInput" json:"rule_input,omitempty"` + // All of the outputs of the rule. These are the successors in the + // dependency graph. + RuleOutput []string `protobuf:"bytes,6,rep,name=rule_output,json=ruleOutput" json:"rule_output,omitempty"` + // The set of all default settings affecting this rule. The name of a default + // setting is "_". There currently defined setting + // types are: + // + // - 'blaze': settings implemented in Blaze itself + DefaultSetting []string `protobuf:"bytes,7,rep,name=default_setting,json=defaultSetting" json:"default_setting,omitempty"` + // The location of the target in the BUILD file in a machine-parseable form. + DEPRECATEDParseableLocation *Location `protobuf:"bytes,8,opt,name=DEPRECATED_parseable_location,json=DEPRECATEDParseableLocation" json:"DEPRECATED_parseable_location,omitempty"` + // The rule's class's public by default value. + PublicByDefault *bool `protobuf:"varint,9,opt,name=public_by_default,json=publicByDefault" json:"public_by_default,omitempty"` + // If this rule is of a skylark-defined RuleClass. + IsSkylark *bool `protobuf:"varint,10,opt,name=is_skylark,json=isSkylark" json:"is_skylark,omitempty"` + // List of Skylark aspects that this rule applies. + SkylarkAttributeAspects []*AttributeAspect `protobuf:"bytes,11,rep,name=skylark_attribute_aspects,json=skylarkAttributeAspects" json:"skylark_attribute_aspects,omitempty"` + // Hash encapsulating the behavior of this Skylark rule. Any change to this + // rule's definition that could change its behavior will be reflected here. + SkylarkEnvironmentHashCode *string `protobuf:"bytes,12,opt,name=skylark_environment_hash_code,json=skylarkEnvironmentHashCode" json:"skylark_environment_hash_code,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Rule) Reset() { *m = Rule{} } +func (m *Rule) String() string { return proto.CompactTextString(m) } +func (*Rule) ProtoMessage() {} +func (*Rule) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{8} } + +func (m *Rule) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *Rule) GetRuleClass() string { + if m != nil && m.RuleClass != nil { + return *m.RuleClass + } + return "" +} + +func (m *Rule) GetLocation() string { + if m != nil && m.Location != nil { + return *m.Location + } + return "" +} + +func (m *Rule) GetAttribute() []*Attribute { + if m != nil { + return m.Attribute + } + return nil +} + +func (m *Rule) GetRuleInput() []string { + if m != nil { + return m.RuleInput + } + return nil +} + +func (m *Rule) GetRuleOutput() []string { + if m != nil { + return m.RuleOutput + } + return nil +} + +func (m *Rule) GetDefaultSetting() []string { + if m != nil { + return m.DefaultSetting + } + return nil +} + +func (m *Rule) GetDEPRECATEDParseableLocation() *Location { + if m != nil { + return m.DEPRECATEDParseableLocation + } + return nil +} + +func (m *Rule) GetPublicByDefault() bool { + if m != nil && m.PublicByDefault != nil { + return *m.PublicByDefault + } + return false +} + +func (m *Rule) GetIsSkylark() bool { + if m != nil && m.IsSkylark != nil { + return *m.IsSkylark + } + return false +} + +func (m *Rule) GetSkylarkAttributeAspects() []*AttributeAspect { + if m != nil { + return m.SkylarkAttributeAspects + } + return nil +} + +func (m *Rule) GetSkylarkEnvironmentHashCode() string { + if m != nil && m.SkylarkEnvironmentHashCode != nil { + return *m.SkylarkEnvironmentHashCode + } + return "" +} + +// A pairing of attribute name and a Skylark aspect that is applied to that attribute. +type AttributeAspect struct { + AttributeName *string `protobuf:"bytes,1,req,name=attribute_name,json=attributeName" json:"attribute_name,omitempty"` + Aspect *SkylarkAspect `protobuf:"bytes,2,req,name=aspect" json:"aspect,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *AttributeAspect) Reset() { *m = AttributeAspect{} } +func (m *AttributeAspect) String() string { return proto.CompactTextString(m) } +func (*AttributeAspect) ProtoMessage() {} +func (*AttributeAspect) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9} } + +func (m *AttributeAspect) GetAttributeName() string { + if m != nil && m.AttributeName != nil { + return *m.AttributeName + } + return "" +} + +func (m *AttributeAspect) GetAspect() *SkylarkAspect { + if m != nil { + return m.Aspect + } + return nil +} + +// Aspect defined in Skylark. +type SkylarkAspect struct { + ExtensionFileLabel *string `protobuf:"bytes,1,req,name=extension_file_label,json=extensionFileLabel" json:"extension_file_label,omitempty"` + ExportedName *string `protobuf:"bytes,2,req,name=exported_name,json=exportedName" json:"exported_name,omitempty"` + Attribute []*Attribute `protobuf:"bytes,3,rep,name=attribute" json:"attribute,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *SkylarkAspect) Reset() { *m = SkylarkAspect{} } +func (m *SkylarkAspect) String() string { return proto.CompactTextString(m) } +func (*SkylarkAspect) ProtoMessage() {} +func (*SkylarkAspect) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{10} } + +func (m *SkylarkAspect) GetExtensionFileLabel() string { + if m != nil && m.ExtensionFileLabel != nil { + return *m.ExtensionFileLabel + } + return "" +} + +func (m *SkylarkAspect) GetExportedName() string { + if m != nil && m.ExportedName != nil { + return *m.ExportedName + } + return "" +} + +func (m *SkylarkAspect) GetAttribute() []*Attribute { + if m != nil { + return m.Attribute + } + return nil +} + +// Summary of all transitive dependencies of 'rule,' where each dependent +// rule is included only once in the 'dependency' field. Gives complete +// information to analyze the single build target labeled rule.name, +// including optional location of target in BUILD file. +type RuleSummary struct { + Rule *Rule `protobuf:"bytes,1,req,name=rule" json:"rule,omitempty"` + Dependency []*Rule `protobuf:"bytes,2,rep,name=dependency" json:"dependency,omitempty"` + Location *string `protobuf:"bytes,3,opt,name=location" json:"location,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *RuleSummary) Reset() { *m = RuleSummary{} } +func (m *RuleSummary) String() string { return proto.CompactTextString(m) } +func (*RuleSummary) ProtoMessage() {} +func (*RuleSummary) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{11} } + +func (m *RuleSummary) GetRule() *Rule { + if m != nil { + return m.Rule + } + return nil +} + +func (m *RuleSummary) GetDependency() []*Rule { + if m != nil { + return m.Dependency + } + return nil +} + +func (m *RuleSummary) GetLocation() string { + if m != nil && m.Location != nil { + return *m.Location + } + return "" +} + +// A package group. Aside from the name, it contains the list of packages +// present in the group (as specified in the BUILD file). +type PackageGroup struct { + // The name of the package group + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + // The list of packages as specified in the BUILD file. Currently this is + // only a list of packages, but some time in the future, there might be + // some type of wildcard mechanism. + ContainedPackage []string `protobuf:"bytes,2,rep,name=contained_package,json=containedPackage" json:"contained_package,omitempty"` + // The list of sub package groups included in this one. + IncludedPackageGroup []string `protobuf:"bytes,3,rep,name=included_package_group,json=includedPackageGroup" json:"included_package_group,omitempty"` + // The location of the target in the BUILD file in a machine-parseable form. + DEPRECATEDParseableLocation *Location `protobuf:"bytes,4,opt,name=DEPRECATED_parseable_location,json=DEPRECATEDParseableLocation" json:"DEPRECATED_parseable_location,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *PackageGroup) Reset() { *m = PackageGroup{} } +func (m *PackageGroup) String() string { return proto.CompactTextString(m) } +func (*PackageGroup) ProtoMessage() {} +func (*PackageGroup) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{12} } + +func (m *PackageGroup) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *PackageGroup) GetContainedPackage() []string { + if m != nil { + return m.ContainedPackage + } + return nil +} + +func (m *PackageGroup) GetIncludedPackageGroup() []string { + if m != nil { + return m.IncludedPackageGroup + } + return nil +} + +func (m *PackageGroup) GetDEPRECATEDParseableLocation() *Location { + if m != nil { + return m.DEPRECATEDParseableLocation + } + return nil +} + +// An environment group. +type EnvironmentGroup struct { + // The name of the environment group. + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + // The environments that belong to this group (as labels). + Environment []string `protobuf:"bytes,2,rep,name=environment" json:"environment,omitempty"` + // The member environments that rules implicitly support if not otherwise + // specified. + Default []string `protobuf:"bytes,3,rep,name=default" json:"default,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *EnvironmentGroup) Reset() { *m = EnvironmentGroup{} } +func (m *EnvironmentGroup) String() string { return proto.CompactTextString(m) } +func (*EnvironmentGroup) ProtoMessage() {} +func (*EnvironmentGroup) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{13} } + +func (m *EnvironmentGroup) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *EnvironmentGroup) GetEnvironment() []string { + if m != nil { + return m.Environment + } + return nil +} + +func (m *EnvironmentGroup) GetDefault() []string { + if m != nil { + return m.Default + } + return nil +} + +// A file that is an input into the build system. +// Next-Id: 10 +type SourceFile struct { + // The name of the source file (a label). + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + // The location of the source file. This is a path with line numbers, not + // a label in the build system. + Location *string `protobuf:"bytes,2,opt,name=location" json:"location,omitempty"` + // The location of the corresponding label in the BUILD file in a + // machine-parseable form. + DEPRECATEDParseableLocation *Location `protobuf:"bytes,7,opt,name=DEPRECATED_parseable_location,json=DEPRECATEDParseableLocation" json:"DEPRECATED_parseable_location,omitempty"` + // Labels of files that are transitively subincluded in this BUILD file. This + // is present only when the SourceFile represents a BUILD file that + // subincludes other files. The subincluded file can be either a Python + // preprocessed build extension or a Skylark file. + Subinclude []string `protobuf:"bytes,3,rep,name=subinclude" json:"subinclude,omitempty"` + // Labels of package groups that are mentioned in the visibility declaration + // for this source file. + PackageGroup []string `protobuf:"bytes,4,rep,name=package_group,json=packageGroup" json:"package_group,omitempty"` + // Labels mentioned in the visibility declaration (including :__pkg__ and + // //visibility: ones) + VisibilityLabel []string `protobuf:"bytes,5,rep,name=visibility_label,json=visibilityLabel" json:"visibility_label,omitempty"` + // The package-level features enabled for this package. Only present if the + // SourceFile represents a BUILD file. + Feature []string `protobuf:"bytes,6,rep,name=feature" json:"feature,omitempty"` + // License attribute for the file. + License *License `protobuf:"bytes,8,opt,name=license" json:"license,omitempty"` + // True if the package contains an error. Only present if the SourceFile + // represents a BUILD file. + PackageContainsErrors *bool `protobuf:"varint,9,opt,name=package_contains_errors,json=packageContainsErrors" json:"package_contains_errors,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *SourceFile) Reset() { *m = SourceFile{} } +func (m *SourceFile) String() string { return proto.CompactTextString(m) } +func (*SourceFile) ProtoMessage() {} +func (*SourceFile) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{14} } + +func (m *SourceFile) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *SourceFile) GetLocation() string { + if m != nil && m.Location != nil { + return *m.Location + } + return "" +} + +func (m *SourceFile) GetDEPRECATEDParseableLocation() *Location { + if m != nil { + return m.DEPRECATEDParseableLocation + } + return nil +} + +func (m *SourceFile) GetSubinclude() []string { + if m != nil { + return m.Subinclude + } + return nil +} + +func (m *SourceFile) GetPackageGroup() []string { + if m != nil { + return m.PackageGroup + } + return nil +} + +func (m *SourceFile) GetVisibilityLabel() []string { + if m != nil { + return m.VisibilityLabel + } + return nil +} + +func (m *SourceFile) GetFeature() []string { + if m != nil { + return m.Feature + } + return nil +} + +func (m *SourceFile) GetLicense() *License { + if m != nil { + return m.License + } + return nil +} + +func (m *SourceFile) GetPackageContainsErrors() bool { + if m != nil && m.PackageContainsErrors != nil { + return *m.PackageContainsErrors + } + return false +} + +// A file that is the output of a build rule. +type GeneratedFile struct { + // The name of the generated file (a label). + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + // The label of the target that generates the file. + GeneratingRule *string `protobuf:"bytes,2,req,name=generating_rule,json=generatingRule" json:"generating_rule,omitempty"` + // The path of the output file (not a label). + Location *string `protobuf:"bytes,3,opt,name=location" json:"location,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *GeneratedFile) Reset() { *m = GeneratedFile{} } +func (m *GeneratedFile) String() string { return proto.CompactTextString(m) } +func (*GeneratedFile) ProtoMessage() {} +func (*GeneratedFile) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{15} } + +func (m *GeneratedFile) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *GeneratedFile) GetGeneratingRule() string { + if m != nil && m.GeneratingRule != nil { + return *m.GeneratingRule + } + return "" +} + +func (m *GeneratedFile) GetLocation() string { + if m != nil && m.Location != nil { + return *m.Location + } + return "" +} + +// A target from a blaze query execution. Similar to the Attribute message, +// the Discriminator is used to determine which field contains information. +// For any given type, only one of these can be populated in a single Target. +type Target struct { + // The type of target contained in the message. + Type *Target_Discriminator `protobuf:"varint,1,req,name=type,enum=blaze_query.Target_Discriminator" json:"type,omitempty"` + // If this target represents a rule, the rule is stored here. + Rule *Rule `protobuf:"bytes,2,opt,name=rule" json:"rule,omitempty"` + // A file that is not generated by the build system (version controlled + // or created by the test harness). + SourceFile *SourceFile `protobuf:"bytes,3,opt,name=source_file,json=sourceFile" json:"source_file,omitempty"` + // A generated file that is the output of a rule. + GeneratedFile *GeneratedFile `protobuf:"bytes,4,opt,name=generated_file,json=generatedFile" json:"generated_file,omitempty"` + // A package group. + PackageGroup *PackageGroup `protobuf:"bytes,5,opt,name=package_group,json=packageGroup" json:"package_group,omitempty"` + // An environment group. + EnvironmentGroup *EnvironmentGroup `protobuf:"bytes,6,opt,name=environment_group,json=environmentGroup" json:"environment_group,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Target) Reset() { *m = Target{} } +func (m *Target) String() string { return proto.CompactTextString(m) } +func (*Target) ProtoMessage() {} +func (*Target) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{16} } + +func (m *Target) GetType() Target_Discriminator { + if m != nil && m.Type != nil { + return *m.Type + } + return Target_RULE +} + +func (m *Target) GetRule() *Rule { + if m != nil { + return m.Rule + } + return nil +} + +func (m *Target) GetSourceFile() *SourceFile { + if m != nil { + return m.SourceFile + } + return nil +} + +func (m *Target) GetGeneratedFile() *GeneratedFile { + if m != nil { + return m.GeneratedFile + } + return nil +} + +func (m *Target) GetPackageGroup() *PackageGroup { + if m != nil { + return m.PackageGroup + } + return nil +} + +func (m *Target) GetEnvironmentGroup() *EnvironmentGroup { + if m != nil { + return m.EnvironmentGroup + } + return nil +} + +// Container for all of the blaze query results. +type QueryResult struct { + // All of the targets returned by the blaze query. + Target []*Target `protobuf:"bytes,1,rep,name=target" json:"target,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *QueryResult) Reset() { *m = QueryResult{} } +func (m *QueryResult) String() string { return proto.CompactTextString(m) } +func (*QueryResult) ProtoMessage() {} +func (*QueryResult) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{17} } + +func (m *QueryResult) GetTarget() []*Target { + if m != nil { + return m.Target + } + return nil +} + +// Information about allowed rule classes for a specific attribute of a rule. +type AllowedRuleClassInfo struct { + Policy *AllowedRuleClassInfo_AllowedRuleClasses `protobuf:"varint,1,req,name=policy,enum=blaze_query.AllowedRuleClassInfo_AllowedRuleClasses" json:"policy,omitempty"` + // Rule class names of rules allowed in this attribute, e.g "cc_library", + // "py_binary". Only present if the allowed_rule_classes field is set to + // SPECIFIED. + AllowedRuleClass []string `protobuf:"bytes,2,rep,name=allowed_rule_class,json=allowedRuleClass" json:"allowed_rule_class,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *AllowedRuleClassInfo) Reset() { *m = AllowedRuleClassInfo{} } +func (m *AllowedRuleClassInfo) String() string { return proto.CompactTextString(m) } +func (*AllowedRuleClassInfo) ProtoMessage() {} +func (*AllowedRuleClassInfo) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{18} } + +func (m *AllowedRuleClassInfo) GetPolicy() AllowedRuleClassInfo_AllowedRuleClasses { + if m != nil && m.Policy != nil { + return *m.Policy + } + return AllowedRuleClassInfo_ANY +} + +func (m *AllowedRuleClassInfo) GetAllowedRuleClass() []string { + if m != nil { + return m.AllowedRuleClass + } + return nil +} + +// This message represents a single attribute of a single rule. +type AttributeDefinition struct { + // Attribute name, i.e. "name", "srcs", "deps" + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + Type *Attribute_Discriminator `protobuf:"varint,2,req,name=type,enum=blaze_query.Attribute_Discriminator" json:"type,omitempty"` + Mandatory *bool `protobuf:"varint,3,req,name=mandatory" json:"mandatory,omitempty"` + // Only present for attributes of type LABEL and LABEL_LIST. + AllowedRuleClasses *AllowedRuleClassInfo `protobuf:"bytes,4,opt,name=allowed_rule_classes,json=allowedRuleClasses" json:"allowed_rule_classes,omitempty"` + Documentation *string `protobuf:"bytes,5,opt,name=documentation" json:"documentation,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *AttributeDefinition) Reset() { *m = AttributeDefinition{} } +func (m *AttributeDefinition) String() string { return proto.CompactTextString(m) } +func (*AttributeDefinition) ProtoMessage() {} +func (*AttributeDefinition) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{19} } + +func (m *AttributeDefinition) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *AttributeDefinition) GetType() Attribute_Discriminator { + if m != nil && m.Type != nil { + return *m.Type + } + return Attribute_INTEGER +} + +func (m *AttributeDefinition) GetMandatory() bool { + if m != nil && m.Mandatory != nil { + return *m.Mandatory + } + return false +} + +func (m *AttributeDefinition) GetAllowedRuleClasses() *AllowedRuleClassInfo { + if m != nil { + return m.AllowedRuleClasses + } + return nil +} + +func (m *AttributeDefinition) GetDocumentation() string { + if m != nil && m.Documentation != nil { + return *m.Documentation + } + return "" +} + +type RuleDefinition struct { + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + // Only contains documented attributes + Attribute []*AttributeDefinition `protobuf:"bytes,2,rep,name=attribute" json:"attribute,omitempty"` + Documentation *string `protobuf:"bytes,3,opt,name=documentation" json:"documentation,omitempty"` + // Only for build extensions: label to file that defines the extension + Label *string `protobuf:"bytes,4,opt,name=label" json:"label,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *RuleDefinition) Reset() { *m = RuleDefinition{} } +func (m *RuleDefinition) String() string { return proto.CompactTextString(m) } +func (*RuleDefinition) ProtoMessage() {} +func (*RuleDefinition) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{20} } + +func (m *RuleDefinition) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *RuleDefinition) GetAttribute() []*AttributeDefinition { + if m != nil { + return m.Attribute + } + return nil +} + +func (m *RuleDefinition) GetDocumentation() string { + if m != nil && m.Documentation != nil { + return *m.Documentation + } + return "" +} + +func (m *RuleDefinition) GetLabel() string { + if m != nil && m.Label != nil { + return *m.Label + } + return "" +} + +type BuildLanguage struct { + // Only contains documented rule definitions + Rule []*RuleDefinition `protobuf:"bytes,1,rep,name=rule" json:"rule,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *BuildLanguage) Reset() { *m = BuildLanguage{} } +func (m *BuildLanguage) String() string { return proto.CompactTextString(m) } +func (*BuildLanguage) ProtoMessage() {} +func (*BuildLanguage) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{21} } + +func (m *BuildLanguage) GetRule() []*RuleDefinition { + if m != nil { + return m.Rule + } + return nil +} + +type Location struct { + StartOffset *int32 `protobuf:"varint,1,opt,name=start_offset,json=startOffset" json:"start_offset,omitempty"` + StartLine *int32 `protobuf:"varint,2,opt,name=start_line,json=startLine" json:"start_line,omitempty"` + StartColumn *int32 `protobuf:"varint,3,opt,name=start_column,json=startColumn" json:"start_column,omitempty"` + EndOffset *int32 `protobuf:"varint,4,opt,name=end_offset,json=endOffset" json:"end_offset,omitempty"` + EndLine *int32 `protobuf:"varint,5,opt,name=end_line,json=endLine" json:"end_line,omitempty"` + EndColumn *int32 `protobuf:"varint,6,opt,name=end_column,json=endColumn" json:"end_column,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Location) Reset() { *m = Location{} } +func (m *Location) String() string { return proto.CompactTextString(m) } +func (*Location) ProtoMessage() {} +func (*Location) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{22} } + +func (m *Location) GetStartOffset() int32 { + if m != nil && m.StartOffset != nil { + return *m.StartOffset + } + return 0 +} + +func (m *Location) GetStartLine() int32 { + if m != nil && m.StartLine != nil { + return *m.StartLine + } + return 0 +} + +func (m *Location) GetStartColumn() int32 { + if m != nil && m.StartColumn != nil { + return *m.StartColumn + } + return 0 +} + +func (m *Location) GetEndOffset() int32 { + if m != nil && m.EndOffset != nil { + return *m.EndOffset + } + return 0 +} + +func (m *Location) GetEndLine() int32 { + if m != nil && m.EndLine != nil { + return *m.EndLine + } + return 0 +} + +func (m *Location) GetEndColumn() int32 { + if m != nil && m.EndColumn != nil { + return *m.EndColumn + } + return 0 +} + +type MakeVarBinding struct { + Value *string `protobuf:"bytes,1,req,name=value" json:"value,omitempty"` + PlatformSetRegexp *string `protobuf:"bytes,2,req,name=platform_set_regexp,json=platformSetRegexp" json:"platform_set_regexp,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *MakeVarBinding) Reset() { *m = MakeVarBinding{} } +func (m *MakeVarBinding) String() string { return proto.CompactTextString(m) } +func (*MakeVarBinding) ProtoMessage() {} +func (*MakeVarBinding) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{23} } + +func (m *MakeVarBinding) GetValue() string { + if m != nil && m.Value != nil { + return *m.Value + } + return "" +} + +func (m *MakeVarBinding) GetPlatformSetRegexp() string { + if m != nil && m.PlatformSetRegexp != nil { + return *m.PlatformSetRegexp + } + return "" +} + +type MakeVar struct { + Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` + Binding []*MakeVarBinding `protobuf:"bytes,2,rep,name=binding" json:"binding,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *MakeVar) Reset() { *m = MakeVar{} } +func (m *MakeVar) String() string { return proto.CompactTextString(m) } +func (*MakeVar) ProtoMessage() {} +func (*MakeVar) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{24} } + +func (m *MakeVar) GetName() string { + if m != nil && m.Name != nil { + return *m.Name + } + return "" +} + +func (m *MakeVar) GetBinding() []*MakeVarBinding { + if m != nil { + return m.Binding + } + return nil +} + +type GlobCriteria struct { + // List of includes (or items if this criteria did not come from a glob) + Include []string `protobuf:"bytes,1,rep,name=include" json:"include,omitempty"` + // List of exclude expressions + Exclude []string `protobuf:"bytes,2,rep,name=exclude" json:"exclude,omitempty"` + // Whether this message came from a glob + Glob *bool `protobuf:"varint,3,opt,name=glob" json:"glob,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *GlobCriteria) Reset() { *m = GlobCriteria{} } +func (m *GlobCriteria) String() string { return proto.CompactTextString(m) } +func (*GlobCriteria) ProtoMessage() {} +func (*GlobCriteria) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{25} } + +func (m *GlobCriteria) GetInclude() []string { + if m != nil { + return m.Include + } + return nil +} + +func (m *GlobCriteria) GetExclude() []string { + if m != nil { + return m.Exclude + } + return nil +} + +func (m *GlobCriteria) GetGlob() bool { + if m != nil && m.Glob != nil { + return *m.Glob + } + return false +} + +type Event struct { + Kind *Event_EventKind `protobuf:"varint,1,req,name=kind,enum=blaze_query.Event_EventKind" json:"kind,omitempty"` + DEPRECATEDLocation *Location `protobuf:"bytes,2,opt,name=DEPRECATED_location,json=DEPRECATEDLocation" json:"DEPRECATED_location,omitempty"` + Message *string `protobuf:"bytes,3,opt,name=message" json:"message,omitempty"` + XXX_unrecognized []byte `json:"-"` +} + +func (m *Event) Reset() { *m = Event{} } +func (m *Event) String() string { return proto.CompactTextString(m) } +func (*Event) ProtoMessage() {} +func (*Event) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{26} } + +func (m *Event) GetKind() Event_EventKind { + if m != nil && m.Kind != nil { + return *m.Kind + } + return Event_ERROR +} + +func (m *Event) GetDEPRECATEDLocation() *Location { + if m != nil { + return m.DEPRECATEDLocation + } + return nil +} + +func (m *Event) GetMessage() string { + if m != nil && m.Message != nil { + return *m.Message + } + return "" +} + +func init() { + proto.RegisterType((*License)(nil), "blaze_query.License") + proto.RegisterType((*StringDictEntry)(nil), "blaze_query.StringDictEntry") + proto.RegisterType((*LabelDictUnaryEntry)(nil), "blaze_query.LabelDictUnaryEntry") + proto.RegisterType((*LabelListDictEntry)(nil), "blaze_query.LabelListDictEntry") + proto.RegisterType((*LabelKeyedStringDictEntry)(nil), "blaze_query.LabelKeyedStringDictEntry") + proto.RegisterType((*StringListDictEntry)(nil), "blaze_query.StringListDictEntry") + proto.RegisterType((*FilesetEntry)(nil), "blaze_query.FilesetEntry") + proto.RegisterType((*Attribute)(nil), "blaze_query.Attribute") + proto.RegisterType((*Attribute_SelectorEntry)(nil), "blaze_query.Attribute.SelectorEntry") + proto.RegisterType((*Attribute_Selector)(nil), "blaze_query.Attribute.Selector") + proto.RegisterType((*Attribute_SelectorList)(nil), "blaze_query.Attribute.SelectorList") + proto.RegisterType((*Rule)(nil), "blaze_query.Rule") + proto.RegisterType((*AttributeAspect)(nil), "blaze_query.AttributeAspect") + proto.RegisterType((*SkylarkAspect)(nil), "blaze_query.SkylarkAspect") + proto.RegisterType((*RuleSummary)(nil), "blaze_query.RuleSummary") + proto.RegisterType((*PackageGroup)(nil), "blaze_query.PackageGroup") + proto.RegisterType((*EnvironmentGroup)(nil), "blaze_query.EnvironmentGroup") + proto.RegisterType((*SourceFile)(nil), "blaze_query.SourceFile") + proto.RegisterType((*GeneratedFile)(nil), "blaze_query.GeneratedFile") + proto.RegisterType((*Target)(nil), "blaze_query.Target") + proto.RegisterType((*QueryResult)(nil), "blaze_query.QueryResult") + proto.RegisterType((*AllowedRuleClassInfo)(nil), "blaze_query.AllowedRuleClassInfo") + proto.RegisterType((*AttributeDefinition)(nil), "blaze_query.AttributeDefinition") + proto.RegisterType((*RuleDefinition)(nil), "blaze_query.RuleDefinition") + proto.RegisterType((*BuildLanguage)(nil), "blaze_query.BuildLanguage") + proto.RegisterType((*Location)(nil), "blaze_query.Location") + proto.RegisterType((*MakeVarBinding)(nil), "blaze_query.MakeVarBinding") + proto.RegisterType((*MakeVar)(nil), "blaze_query.MakeVar") + proto.RegisterType((*GlobCriteria)(nil), "blaze_query.GlobCriteria") + proto.RegisterType((*Event)(nil), "blaze_query.Event") + proto.RegisterEnum("blaze_query.FilesetEntry_SymlinkBehavior", FilesetEntry_SymlinkBehavior_name, FilesetEntry_SymlinkBehavior_value) + proto.RegisterEnum("blaze_query.Attribute_Discriminator", Attribute_Discriminator_name, Attribute_Discriminator_value) + proto.RegisterEnum("blaze_query.Attribute_Tristate", Attribute_Tristate_name, Attribute_Tristate_value) + proto.RegisterEnum("blaze_query.Target_Discriminator", Target_Discriminator_name, Target_Discriminator_value) + proto.RegisterEnum("blaze_query.AllowedRuleClassInfo_AllowedRuleClasses", AllowedRuleClassInfo_AllowedRuleClasses_name, AllowedRuleClassInfo_AllowedRuleClasses_value) + proto.RegisterEnum("blaze_query.Event_EventKind", Event_EventKind_name, Event_EventKind_value) +} + +func init() { proto.RegisterFile("build_proto/build.proto", fileDescriptor0) } + +var fileDescriptor0 = []byte{ + // 2621 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0x49, 0x73, 0xeb, 0xc6, + 0xf1, 0xff, 0x83, 0x3b, 0x9b, 0x1b, 0x34, 0xda, 0xf8, 0x36, 0x9b, 0x86, 0x9f, 0xff, 0xa6, 0x97, + 0x92, 0x6d, 0xe6, 0xd9, 0xe5, 0xd8, 0xc9, 0xab, 0x50, 0x24, 0x24, 0xd3, 0x8f, 0x26, 0x95, 0x21, + 0xf9, 0x1c, 0xe5, 0x82, 0x02, 0x89, 0x11, 0x35, 0x25, 0x10, 0x60, 0x00, 0x50, 0x11, 0x73, 0x4d, + 0xe5, 0xe0, 0x7c, 0x06, 0x1f, 0xf2, 0x2d, 0x72, 0xcd, 0x31, 0x1f, 0x21, 0xa9, 0x5c, 0x72, 0xcc, + 0x87, 0xc8, 0x21, 0x35, 0x0b, 0x48, 0x40, 0xa2, 0x2c, 0xf9, 0x39, 0xb9, 0xa4, 0x72, 0x61, 0x71, + 0x7a, 0xf9, 0x4d, 0xf7, 0x4c, 0x77, 0x4f, 0xcf, 0x00, 0xf6, 0xc7, 0x0b, 0x6a, 0x5b, 0xc6, 0xdc, + 0x73, 0x03, 0xf7, 0x03, 0xfe, 0xff, 0x80, 0xff, 0x47, 0x85, 0xb1, 0x6d, 0xfe, 0x86, 0x18, 0xbf, + 0x5a, 0x10, 0x6f, 0xa9, 0x7d, 0x09, 0xd9, 0x2e, 0x9d, 0x10, 0xc7, 0x27, 0xe8, 0x0d, 0x28, 0xda, + 0xe2, 0xaf, 0x11, 0x2c, 0xe7, 0xa4, 0xaa, 0xd4, 0x92, 0xf5, 0x3c, 0x2e, 0x48, 0xda, 0x70, 0x39, + 0x27, 0xe8, 0x31, 0xe4, 0xc9, 0xd5, 0x84, 0xcc, 0x03, 0xea, 0x3a, 0xd5, 0x04, 0xe7, 0xaf, 0x09, + 0xda, 0x8f, 0xa1, 0x32, 0x08, 0x3c, 0xea, 0x4c, 0xdb, 0x74, 0x12, 0xe8, 0x4e, 0xe0, 0x2d, 0x91, + 0x0a, 0xc9, 0x0b, 0xb2, 0xac, 0x2a, 0xb5, 0x44, 0x3d, 0x8f, 0xd9, 0x5f, 0xb4, 0x03, 0xe9, 0x4b, + 0xd3, 0x5e, 0x90, 0x6a, 0x82, 0xd3, 0xc4, 0x40, 0xfb, 0x29, 0x6c, 0x77, 0xcd, 0x31, 0xb1, 0x99, + 0xe6, 0xc8, 0x31, 0xbd, 0xe5, 0xf7, 0x53, 0xff, 0x09, 0x20, 0xae, 0xde, 0xa5, 0x7e, 0x70, 0xcf, + 0xc9, 0x93, 0x6b, 0xed, 0x16, 0x3c, 0xe0, 0xda, 0x2f, 0xc8, 0x92, 0x58, 0x3f, 0xc0, 0x03, 0xa1, + 0xfa, 0x6a, 0x36, 0xfc, 0x2d, 0x01, 0xc5, 0x23, 0x6a, 0x13, 0x9f, 0x48, 0xc5, 0x3d, 0xc8, 0xf8, + 0xee, 0xc2, 0x9b, 0x10, 0xa9, 0x2b, 0x47, 0xe8, 0x47, 0xb0, 0x6b, 0x11, 0x3f, 0xa0, 0x8e, 0xc9, + 0xd6, 0xdc, 0xb0, 0xa8, 0x47, 0x26, 0x81, 0xeb, 0x2d, 0xa5, 0x35, 0x3b, 0x11, 0x66, 0x3b, 0xe4, + 0xa1, 0x37, 0xa1, 0x74, 0xc6, 0xc0, 0x8d, 0xb9, 0x47, 0x7c, 0xe2, 0x04, 0xd5, 0x6c, 0x4d, 0xa9, + 0xe7, 0x70, 0x91, 0x13, 0x4f, 0x04, 0x0d, 0x21, 0x48, 0xb1, 0x71, 0x35, 0xc9, 0xed, 0xe2, 0xff, + 0x51, 0x15, 0xb2, 0xe4, 0x6a, 0x62, 0x2f, 0x2c, 0x52, 0x4d, 0x71, 0x72, 0x38, 0x44, 0xbf, 0x04, + 0xd5, 0x5f, 0xce, 0x6c, 0xea, 0x5c, 0x18, 0x63, 0x72, 0x6e, 0x5e, 0x52, 0xd7, 0xab, 0xa6, 0x6b, + 0x4a, 0xbd, 0xdc, 0x78, 0xe7, 0x20, 0x12, 0x60, 0x07, 0x51, 0xa7, 0x0e, 0x06, 0x42, 0xe3, 0x50, + 0x2a, 0x7c, 0x96, 0x6a, 0xf5, 0x4f, 0x4e, 0x71, 0xc5, 0x8f, 0x93, 0x59, 0x24, 0xfa, 0x81, 0x47, + 0xe7, 0xcc, 0xdc, 0x33, 0x7a, 0x55, 0xcd, 0xd4, 0x14, 0x16, 0x89, 0x9c, 0x76, 0xc2, 0x49, 0xda, + 0xfb, 0x50, 0xb9, 0x06, 0x86, 0x72, 0xc0, 0xe1, 0x54, 0x05, 0x55, 0xa0, 0xd0, 0xd6, 0xb1, 0x7e, + 0xa4, 0x63, 0xbd, 0xd7, 0xd2, 0xd5, 0x84, 0xf6, 0x8f, 0x7d, 0xc8, 0x37, 0x83, 0xc0, 0xa3, 0xe3, + 0x45, 0x40, 0x98, 0xa3, 0x8e, 0x39, 0x0b, 0x17, 0x96, 0xff, 0x47, 0xa7, 0xf0, 0xa4, 0xad, 0x9f, + 0x60, 0xbd, 0xd5, 0x1c, 0xea, 0x6d, 0x63, 0x6e, 0x7a, 0x3e, 0x31, 0xc7, 0x36, 0x31, 0x6c, 0x77, + 0xc2, 0xd7, 0xb2, 0x5a, 0xac, 0x29, 0xf5, 0x42, 0x63, 0x37, 0xe6, 0x5b, 0x57, 0x32, 0xf1, 0xa3, + 0xb5, 0xee, 0x49, 0xa8, 0x1a, 0x32, 0xd1, 0x47, 0xb0, 0x43, 0xae, 0xe6, 0x36, 0x9d, 0xd0, 0xc0, + 0x5e, 0x1a, 0xfe, 0x9c, 0x4c, 0xe8, 0x19, 0x25, 0x56, 0xb5, 0xc4, 0xf7, 0x60, 0x7b, 0xcd, 0x1b, + 0x84, 0x2c, 0x16, 0x23, 0x8e, 0x6b, 0x91, 0x79, 0x75, 0x87, 0xcb, 0x88, 0x01, 0xfa, 0x14, 0x52, + 0x3c, 0x31, 0xd9, 0x4e, 0x97, 0x1b, 0x4f, 0x63, 0xa6, 0xac, 0xbc, 0x3b, 0x68, 0x53, 0x7f, 0xe2, + 0xd1, 0x19, 0x8b, 0x01, 0xd7, 0xc3, 0x5c, 0x03, 0x3d, 0x82, 0x3c, 0x75, 0x02, 0x43, 0xc4, 0x5d, + 0xb2, 0xa6, 0xd4, 0xd3, 0x38, 0x47, 0x9d, 0xe0, 0x25, 0x1b, 0x87, 0xab, 0xed, 0x4c, 0x25, 0x3f, + 0xbd, 0x5e, 0x6d, 0x67, 0x2a, 0x44, 0xde, 0x84, 0xd2, 0xd8, 0x75, 0x6d, 0x62, 0x3a, 0x52, 0xa6, + 0x2c, 0xe2, 0x47, 0x12, 0x85, 0xd0, 0x11, 0x94, 0x03, 0x8f, 0xfa, 0x81, 0x19, 0x10, 0x29, 0x55, + 0xe1, 0xf1, 0xf0, 0xfa, 0x2d, 0x86, 0x0e, 0xa5, 0x30, 0x2e, 0x85, 0x6a, 0x02, 0xe7, 0x5d, 0xd8, + 0x92, 0xf6, 0xd8, 0xd4, 0x0f, 0x8d, 0xce, 0xf0, 0xe8, 0xab, 0xf8, 0xab, 0x14, 0x13, 0xb2, 0x07, + 0x90, 0x95, 0xf5, 0x89, 0x87, 0x74, 0xa1, 0xb1, 0x13, 0xdf, 0x20, 0xc1, 0xc3, 0xa1, 0x10, 0xfa, + 0x62, 0x85, 0x6d, 0xd1, 0x49, 0x88, 0x9d, 0xab, 0x25, 0xeb, 0x85, 0xc6, 0xe3, 0x98, 0xe6, 0xb5, + 0x32, 0x10, 0xce, 0xcc, 0x08, 0x62, 0xe6, 0x63, 0x40, 0x67, 0x22, 0xb4, 0xa3, 0x66, 0xe6, 0x39, + 0xd4, 0x83, 0x5b, 0x33, 0x00, 0xab, 0x52, 0x69, 0xed, 0x02, 0x86, 0x5d, 0x9b, 0x55, 0x1f, 0x01, + 0x13, 0x31, 0x0b, 0x38, 0x56, 0x7c, 0xf5, 0x6e, 0x56, 0x39, 0x8c, 0xec, 0x28, 0x4d, 0x60, 0x8e, + 0x60, 0x2f, 0xba, 0x84, 0x11, 0xd0, 0x02, 0x07, 0xad, 0x6d, 0xf0, 0x35, 0x8e, 0xba, 0xed, 0xc7, + 0x88, 0x02, 0xf6, 0x39, 0x94, 0xa6, 0xb6, 0x3b, 0x36, 0x26, 0x1e, 0x0d, 0x88, 0x47, 0xcd, 0xaa, + 0xba, 0xc1, 0xdd, 0x63, 0xdb, 0x1d, 0xb7, 0xa4, 0x00, 0x2e, 0x4e, 0x23, 0x23, 0xf4, 0x14, 0xca, + 0x2c, 0x0c, 0x23, 0xeb, 0xb5, 0x55, 0x4b, 0xd6, 0xd3, 0xb8, 0x48, 0x9d, 0xc8, 0x82, 0x8c, 0x60, + 0x4f, 0x2c, 0x08, 0x37, 0x7b, 0xc1, 0x4e, 0x03, 0x29, 0xbd, 0xbd, 0xc1, 0xf8, 0x0d, 0xc7, 0x06, + 0xde, 0xb6, 0x63, 0x44, 0x01, 0x7b, 0x0e, 0x4f, 0x04, 0xec, 0x05, 0x2b, 0xf3, 0xc6, 0xcd, 0x30, + 0xd8, 0xe3, 0xe8, 0xff, 0x7f, 0x13, 0x7d, 0xd3, 0xb9, 0x80, 0x1f, 0xd8, 0x1b, 0x58, 0x62, 0xa6, + 0x2f, 0xa0, 0xe4, 0x13, 0x9b, 0x97, 0x5e, 0xee, 0x6b, 0x75, 0x97, 0x87, 0xe6, 0x9b, 0xb7, 0xe4, + 0xc1, 0x40, 0xca, 0xb2, 0x15, 0xc0, 0x45, 0x3f, 0x32, 0x42, 0x5f, 0x82, 0x16, 0xa9, 0x4a, 0x51, + 0x93, 0xa3, 0xcb, 0x82, 0x6a, 0xc9, 0x7a, 0x11, 0xbf, 0xb6, 0x96, 0x5c, 0x1b, 0xb4, 0xf6, 0xff, + 0xe1, 0x37, 0x39, 0x28, 0x85, 0x53, 0x89, 0x23, 0x66, 0x07, 0xd2, 0xdc, 0x89, 0xaa, 0xc2, 0x33, + 0x5e, 0x0c, 0x50, 0x1d, 0x54, 0xea, 0x1b, 0x16, 0x39, 0x33, 0x17, 0x76, 0xb8, 0x34, 0x2a, 0x4f, + 0xf7, 0x32, 0xf5, 0xdb, 0x82, 0x2c, 0xfc, 0x8c, 0x55, 0x95, 0xc4, 0x1d, 0x55, 0x25, 0x79, 0x8f, + 0xaa, 0x92, 0xba, 0x57, 0x55, 0x49, 0xff, 0xaf, 0xaa, 0xfc, 0x77, 0x57, 0x95, 0xe2, 0x0f, 0xad, + 0x2a, 0xa5, 0xef, 0x55, 0x55, 0x2a, 0xff, 0xd1, 0xaa, 0xb2, 0xf5, 0xef, 0xaa, 0x2a, 0xf7, 0xab, + 0x05, 0xe5, 0x7b, 0xd5, 0x82, 0x6f, 0x15, 0xc8, 0x85, 0xb5, 0x00, 0x3d, 0x87, 0x2c, 0x71, 0x02, + 0x8f, 0x12, 0x9f, 0xb7, 0xfc, 0x85, 0x5b, 0x3b, 0x8b, 0x58, 0xf5, 0xc0, 0xa1, 0x12, 0xcb, 0xac, + 0x73, 0xf3, 0x7a, 0xc5, 0x48, 0xf0, 0x54, 0xae, 0x9c, 0x9b, 0xf1, 0x92, 0xf1, 0x14, 0xca, 0x8e, + 0x6b, 0xcc, 0xcc, 0x60, 0x72, 0x6e, 0x10, 0xcf, 0x73, 0x3d, 0x59, 0x17, 0x8a, 0x8e, 0xfb, 0x15, + 0x23, 0xea, 0x8c, 0xf6, 0xf0, 0x77, 0x0a, 0x14, 0xa3, 0x55, 0x71, 0xd5, 0xf9, 0x28, 0x3c, 0xf5, + 0xbf, 0x4f, 0xe7, 0xf3, 0x39, 0xe4, 0x88, 0x4d, 0x66, 0xc4, 0x09, 0x7c, 0xde, 0x70, 0x17, 0x6e, + 0x2d, 0x1c, 0xe1, 0x84, 0x78, 0xa5, 0xa0, 0xfd, 0x3e, 0x09, 0xa5, 0x18, 0x28, 0x2a, 0x40, 0xb6, + 0xd3, 0x1b, 0xea, 0xc7, 0x3a, 0x56, 0x15, 0x04, 0x90, 0x19, 0x0c, 0x71, 0xa7, 0x77, 0xac, 0x26, + 0x50, 0x1e, 0xd2, 0xdd, 0xe6, 0xa1, 0xde, 0x55, 0x93, 0x8c, 0xdc, 0x1f, 0x0d, 0x4f, 0x46, 0x43, + 0x35, 0xc5, 0x3a, 0x51, 0x21, 0x62, 0x74, 0x3b, 0x83, 0xa1, 0x9a, 0x46, 0x65, 0x00, 0x2e, 0x27, + 0xc6, 0x19, 0x26, 0x20, 0x84, 0x05, 0x21, 0x8b, 0x76, 0x40, 0x6d, 0x77, 0x98, 0xce, 0xe1, 0x68, + 0xd8, 0xe9, 0xf7, 0x8c, 0x81, 0x3e, 0x54, 0x73, 0x6c, 0xde, 0x6e, 0xa7, 0xa5, 0xf7, 0x06, 0xba, + 0x9a, 0x8f, 0x80, 0xb6, 0x3b, 0xad, 0xa1, 0x0a, 0x68, 0x0f, 0xd0, 0x51, 0xa7, 0xab, 0x0f, 0xf4, + 0xa1, 0xa1, 0xf7, 0x86, 0xf8, 0x54, 0x60, 0x15, 0xd0, 0x36, 0x54, 0xd6, 0x93, 0x09, 0xe1, 0x22, + 0x9b, 0x20, 0x62, 0x92, 0xa0, 0x96, 0xd8, 0x04, 0x87, 0xfd, 0x7e, 0x57, 0x6f, 0xf6, 0xd4, 0x32, + 0x2a, 0x42, 0x6e, 0x88, 0x3b, 0x83, 0x61, 0x73, 0xa8, 0xab, 0x15, 0xa4, 0x42, 0x51, 0xfa, 0x2c, + 0x70, 0x55, 0x26, 0x3c, 0xea, 0xbd, 0xe8, 0xf5, 0xbf, 0xee, 0xa9, 0x88, 0xe1, 0x89, 0x49, 0x18, + 0x92, 0x31, 0xea, 0x35, 0xf1, 0xa9, 0xba, 0x8d, 0xb6, 0xa0, 0x34, 0xd0, 0xbb, 0x7a, 0x6b, 0xd8, + 0x97, 0x5a, 0x3b, 0xe8, 0x11, 0xec, 0x0b, 0xc1, 0x17, 0xfa, 0xa9, 0xde, 0x36, 0xa2, 0x2e, 0xec, + 0xa2, 0x1a, 0x3c, 0x8e, 0x44, 0x77, 0x84, 0x27, 0x11, 0xb7, 0xb4, 0xb7, 0x20, 0x17, 0xd6, 0x76, + 0x94, 0x81, 0x44, 0xaf, 0xaf, 0xfe, 0x1f, 0xca, 0x42, 0xf2, 0x54, 0x1f, 0xa8, 0x0a, 0xeb, 0xfd, + 0x9b, 0xa3, 0x61, 0x5f, 0x4d, 0x68, 0x7f, 0x4c, 0x41, 0x0a, 0x2f, 0xec, 0xcd, 0x5d, 0xfe, 0x13, + 0x00, 0x6f, 0x61, 0x13, 0x63, 0x62, 0x9b, 0xbe, 0x2f, 0x6f, 0x4c, 0x79, 0x46, 0x69, 0x31, 0x02, + 0x7a, 0x08, 0xb9, 0x55, 0xbf, 0x2f, 0xe2, 0x72, 0x35, 0x46, 0xcf, 0x20, 0x6f, 0x86, 0xb1, 0xc2, + 0xef, 0x42, 0x85, 0xc6, 0xde, 0xe6, 0x48, 0xc2, 0x6b, 0xc1, 0xd5, 0x84, 0xd4, 0x99, 0x2f, 0x82, + 0x6a, 0x5a, 0xdc, 0x98, 0x19, 0xa5, 0xc3, 0x08, 0xe8, 0x75, 0x28, 0x70, 0xb6, 0xbb, 0x08, 0x18, + 0x5f, 0x1c, 0x47, 0x5c, 0xa3, 0xcf, 0x29, 0xe8, 0x6d, 0xa8, 0x84, 0x79, 0xe5, 0x93, 0x20, 0xa0, + 0xce, 0xb4, 0x9a, 0xe5, 0x42, 0x65, 0x49, 0x1e, 0x08, 0xea, 0xdd, 0xf7, 0x97, 0xdc, 0x2b, 0xdf, + 0x5f, 0xde, 0x85, 0xad, 0xf9, 0x62, 0x6c, 0xd3, 0x89, 0x31, 0x5e, 0x86, 0x59, 0x5e, 0xcd, 0x8b, + 0xfc, 0x16, 0x8c, 0xc3, 0xa5, 0x4c, 0x72, 0xe6, 0x2f, 0xf5, 0x0d, 0xff, 0x62, 0x69, 0x9b, 0xde, + 0x45, 0x15, 0xb8, 0x50, 0x9e, 0xfa, 0x03, 0x41, 0x40, 0xbf, 0x80, 0x07, 0x92, 0x67, 0xac, 0xd6, + 0xc8, 0x30, 0xd9, 0x95, 0x28, 0xf0, 0xe5, 0x21, 0xf2, 0x78, 0xf3, 0xa2, 0x36, 0xb9, 0x10, 0xde, + 0x97, 0xea, 0xd7, 0xe8, 0x3e, 0x6a, 0xc2, 0x93, 0x10, 0x99, 0x38, 0x97, 0xd4, 0x73, 0x1d, 0x96, + 0xc2, 0xc6, 0xb9, 0xe9, 0x9f, 0x1b, 0x13, 0xd7, 0x22, 0xfc, 0xfe, 0x96, 0xc7, 0x0f, 0xa5, 0x90, + 0xbe, 0x96, 0xf9, 0xc2, 0xf4, 0xcf, 0x5b, 0xae, 0x45, 0x34, 0x1b, 0x2a, 0xd7, 0x60, 0xd1, 0x5b, + 0x50, 0x5e, 0xdb, 0x19, 0x89, 0xa6, 0xd2, 0x8a, 0xda, 0x63, 0x61, 0xd5, 0x80, 0x8c, 0x70, 0x82, + 0x87, 0x54, 0xa1, 0xf1, 0x30, 0x7e, 0x10, 0x4a, 0x93, 0x85, 0x07, 0x52, 0x52, 0xfb, 0x56, 0x81, + 0x52, 0x8c, 0x83, 0x3e, 0x64, 0xf7, 0xc4, 0x80, 0x38, 0x3e, 0xbb, 0xd7, 0xb3, 0x03, 0xdd, 0x08, + 0xbb, 0x33, 0x36, 0x25, 0x5a, 0xf1, 0xd8, 0xc9, 0xcf, 0x4f, 0x10, 0xd6, 0x40, 0x91, 0xab, 0xb9, + 0xeb, 0x05, 0xc4, 0x12, 0xd6, 0x89, 0x88, 0x2e, 0x86, 0x44, 0x6e, 0x5c, 0x2c, 0x70, 0x93, 0xf7, + 0x0c, 0x5c, 0xed, 0xb7, 0x0a, 0x14, 0x58, 0x1a, 0x0d, 0x16, 0xb3, 0x99, 0xe9, 0x2d, 0xd1, 0x5b, + 0x90, 0x62, 0x61, 0xc9, 0x8d, 0x29, 0x34, 0xb6, 0x62, 0x00, 0x4c, 0x0e, 0x73, 0x36, 0xfa, 0x08, + 0xc0, 0x22, 0x73, 0xe2, 0x58, 0xc4, 0x99, 0x2c, 0x65, 0xc1, 0xdd, 0x20, 0x1c, 0x11, 0xfa, 0xae, + 0xa4, 0xd3, 0xfe, 0xae, 0x40, 0xf1, 0xc4, 0x9c, 0x5c, 0x98, 0x53, 0x72, 0xec, 0xb9, 0x8b, 0xf9, + 0xc6, 0xa4, 0x7e, 0x0f, 0xb6, 0x26, 0xae, 0x13, 0x98, 0xd4, 0x21, 0x96, 0x31, 0x17, 0xd2, 0xf2, + 0x71, 0x45, 0x5d, 0x31, 0x24, 0x0a, 0x7a, 0x06, 0x7b, 0xd4, 0xe1, 0x2f, 0x18, 0x2b, 0x59, 0x63, + 0xca, 0xa0, 0xe5, 0xb3, 0xc7, 0x4e, 0xc8, 0x8d, 0x4d, 0x7b, 0x67, 0x76, 0xa5, 0x5e, 0x35, 0xbb, + 0xb4, 0x31, 0xa8, 0x91, 0x60, 0xbc, 0xdd, 0xcb, 0x1a, 0x14, 0x22, 0x81, 0x2d, 0xfd, 0x8b, 0x92, + 0x50, 0x15, 0xb2, 0x61, 0x76, 0x0a, 0x5f, 0xc2, 0xa1, 0xf6, 0x4d, 0x12, 0x60, 0xc0, 0x9f, 0x8f, + 0x58, 0xec, 0x6c, 0x84, 0x8f, 0xee, 0x42, 0xe2, 0x5a, 0xe9, 0xbb, 0xd3, 0xfb, 0xec, 0x2b, 0xd7, + 0x96, 0xd7, 0x00, 0xfc, 0xc5, 0x58, 0xae, 0xb9, 0x34, 0x3b, 0x42, 0x61, 0x11, 0x1e, 0xdf, 0x25, + 0xf1, 0x0a, 0x55, 0x9c, 0x47, 0x77, 0xe7, 0x1d, 0x50, 0x2f, 0xa9, 0x4f, 0xc7, 0xd4, 0xa6, 0xc1, + 0x52, 0x26, 0x8d, 0x28, 0xb5, 0x95, 0x35, 0x5d, 0x64, 0x4c, 0x15, 0xb2, 0x67, 0xc4, 0x0c, 0x16, + 0x5e, 0xd8, 0xfb, 0x87, 0xc3, 0x68, 0xcf, 0x9f, 0xbb, 0x4f, 0xcf, 0xff, 0x09, 0xec, 0x87, 0x96, + 0xc9, 0x20, 0xf3, 0x45, 0x47, 0xe3, 0xcb, 0xda, 0xb8, 0x2b, 0xd9, 0x2d, 0xc9, 0xe5, 0xad, 0x8d, + 0xaf, 0x9d, 0x43, 0xe9, 0x98, 0x38, 0xc4, 0x33, 0x03, 0x62, 0xdd, 0xba, 0x1b, 0x6f, 0x43, 0x65, + 0x2a, 0x84, 0x58, 0x93, 0xc7, 0x13, 0x4f, 0xa4, 0x76, 0x79, 0x4d, 0xe6, 0x87, 0xdc, 0x77, 0x25, + 0xcf, 0x5f, 0x93, 0x90, 0x19, 0x9a, 0xde, 0x94, 0x04, 0xe8, 0xe3, 0x55, 0xff, 0x94, 0xa8, 0x97, + 0x1b, 0x6f, 0xc4, 0x3c, 0x13, 0x22, 0x1b, 0x9b, 0xa7, 0x30, 0xe9, 0x13, 0x7c, 0x41, 0x6e, 0x4d, + 0xfa, 0x4f, 0xa1, 0x20, 0x1e, 0x27, 0x0d, 0xf9, 0x7e, 0xc8, 0xa4, 0xf7, 0xe3, 0x35, 0x70, 0x15, + 0x7d, 0x18, 0xfc, 0x75, 0x24, 0x36, 0x21, 0x74, 0x88, 0x58, 0x42, 0x59, 0x24, 0x52, 0xbc, 0x80, + 0xc6, 0xd6, 0x0b, 0x97, 0xa6, 0xb1, 0xe5, 0x7b, 0x7e, 0x3d, 0x42, 0xd2, 0x1c, 0x21, 0x7e, 0x7b, + 0x88, 0x26, 0xf3, 0xb5, 0xe0, 0xf9, 0x12, 0xb6, 0xa2, 0x07, 0x86, 0xc0, 0xc8, 0x70, 0x8c, 0x27, + 0x31, 0x8c, 0xeb, 0x59, 0x8a, 0x55, 0x72, 0x8d, 0xc2, 0xf6, 0x36, 0xde, 0x2e, 0xe6, 0x20, 0x85, + 0x47, 0x5d, 0x5d, 0x3c, 0x49, 0x0e, 0xfa, 0x23, 0xdc, 0xd2, 0x0d, 0xd6, 0xa9, 0xa9, 0x09, 0x84, + 0xa0, 0x7c, 0xac, 0xf7, 0x74, 0xcc, 0x73, 0x8a, 0xd3, 0x92, 0xac, 0x69, 0x3a, 0x69, 0xb6, 0x5e, + 0x34, 0x8f, 0x75, 0xe3, 0x18, 0xf7, 0x47, 0x27, 0x6a, 0x0a, 0xed, 0xc2, 0x96, 0xde, 0x7b, 0xd9, + 0xc1, 0xfd, 0xde, 0x57, 0x7a, 0x6f, 0x28, 0xc9, 0x69, 0xed, 0x33, 0x28, 0xfc, 0x9c, 0x59, 0x85, + 0x89, 0xcf, 0x8e, 0xdd, 0xf7, 0x20, 0x13, 0xf0, 0x6d, 0x94, 0x1d, 0xfc, 0xf6, 0x86, 0x1d, 0xc6, + 0x52, 0x44, 0xfb, 0x93, 0x02, 0x3b, 0x4d, 0xdb, 0x76, 0x7f, 0x4d, 0x2c, 0x1c, 0xb6, 0x3e, 0x1d, + 0xe7, 0xcc, 0x45, 0x5d, 0xc8, 0xcc, 0x5d, 0x9b, 0x4e, 0x96, 0x32, 0x4e, 0x9e, 0xc5, 0x8f, 0x89, + 0x0d, 0x2a, 0x37, 0x88, 0xc4, 0xc7, 0x12, 0x03, 0xbd, 0x0f, 0xc8, 0x14, 0x5c, 0x23, 0xd6, 0x73, + 0xf1, 0xba, 0x6c, 0x5e, 0xd3, 0xd3, 0xde, 0x07, 0x74, 0x13, 0x8b, 0xf5, 0x77, 0xcd, 0xde, 0xa9, + 0xaa, 0xa0, 0x12, 0xe4, 0x07, 0x27, 0x7a, 0xab, 0x73, 0xd4, 0xd1, 0xdb, 0x6a, 0x42, 0xfb, 0xa7, + 0x02, 0xdb, 0xab, 0x63, 0xab, 0x4d, 0xce, 0xa8, 0x43, 0x79, 0x39, 0xd9, 0x94, 0x4b, 0xaf, 0xfe, + 0x6a, 0xfa, 0x18, 0xf2, 0x33, 0xd3, 0xb1, 0x4c, 0xfe, 0xbc, 0x9e, 0xac, 0x25, 0x58, 0x2f, 0xb3, + 0x22, 0xa0, 0x01, 0xec, 0xdc, 0xf4, 0x8f, 0xf8, 0x32, 0x82, 0xdf, 0xb8, 0x73, 0xed, 0x30, 0x32, + 0x6f, 0x3a, 0xfc, 0x14, 0x4a, 0x96, 0x3b, 0x59, 0xb0, 0x90, 0x12, 0x49, 0x2d, 0x1e, 0x63, 0xe3, + 0x44, 0xed, 0x0f, 0x0a, 0x94, 0x99, 0xd6, 0x1d, 0x9e, 0x3f, 0x8f, 0x9e, 0xfc, 0x89, 0x0d, 0xb7, + 0xdc, 0x0d, 0x4b, 0x18, 0x6d, 0x5e, 0x6f, 0x18, 0x93, 0xdc, 0x60, 0xcc, 0xfa, 0x15, 0x29, 0x15, + 0x79, 0x45, 0xd2, 0x7e, 0x06, 0xa5, 0xc3, 0x05, 0xb5, 0xad, 0xae, 0xe9, 0x4c, 0x17, 0xec, 0xe0, + 0xfd, 0x60, 0xd5, 0x40, 0x30, 0x3b, 0x1e, 0xdd, 0xa8, 0x25, 0x11, 0x13, 0xb8, 0xa0, 0xf6, 0x67, + 0x05, 0x72, 0xab, 0x73, 0x82, 0xbf, 0x26, 0x99, 0x5e, 0x60, 0xb8, 0x67, 0x67, 0x3e, 0x0f, 0x73, + 0xa5, 0x9e, 0xc6, 0x05, 0x4e, 0xeb, 0x73, 0x12, 0x6b, 0x3d, 0x85, 0x88, 0x4d, 0x9d, 0xf0, 0x39, + 0x2a, 0xcf, 0x29, 0x5d, 0xea, 0x90, 0x35, 0xc2, 0xc4, 0xb5, 0x17, 0x33, 0x47, 0xbe, 0x82, 0x0b, + 0x84, 0x16, 0x27, 0x31, 0x04, 0xe2, 0x58, 0xe1, 0x14, 0x29, 0x81, 0x40, 0x1c, 0x4b, 0x4e, 0xf0, + 0x00, 0x72, 0x8c, 0xcd, 0xe1, 0xd3, 0x9c, 0x99, 0x25, 0x8e, 0xc5, 0xc1, 0xa5, 0xa6, 0x84, 0xce, + 0xac, 0x34, 0x05, 0xb0, 0xf6, 0x12, 0xca, 0x5f, 0x99, 0x17, 0xe4, 0xa5, 0xe9, 0x1d, 0x52, 0xc7, + 0x62, 0xed, 0xfa, 0xea, 0x23, 0x90, 0x12, 0xf9, 0x86, 0x84, 0x0e, 0x60, 0x7b, 0x6e, 0x9b, 0xc1, + 0x99, 0xeb, 0xcd, 0x58, 0xbb, 0x6f, 0x78, 0x64, 0x4a, 0xae, 0xe6, 0xb2, 0xf4, 0x6f, 0x85, 0xac, + 0x01, 0x09, 0x30, 0x67, 0x68, 0x43, 0xc8, 0x4a, 0xdc, 0x8d, 0xfb, 0xff, 0x31, 0x64, 0xc7, 0x62, + 0x3e, 0xb9, 0xfb, 0xf1, 0x55, 0x8f, 0x9b, 0x84, 0x43, 0x59, 0xed, 0x25, 0x14, 0xa3, 0xaf, 0x2d, + 0xec, 0xcc, 0x0c, 0x0f, 0x68, 0xf1, 0x49, 0x30, 0x1c, 0x46, 0xbf, 0x0e, 0x25, 0xe2, 0x5f, 0x87, + 0x10, 0xa4, 0xa6, 0xb6, 0x3b, 0xe6, 0xab, 0x9c, 0xc3, 0xfc, 0xbf, 0xf6, 0x17, 0x05, 0xd2, 0xfa, + 0x25, 0xeb, 0x54, 0x3e, 0x84, 0xd4, 0x05, 0x75, 0x2c, 0x59, 0x66, 0xe2, 0x1d, 0x3f, 0x97, 0x10, + 0xbf, 0x2f, 0xa8, 0x63, 0x61, 0x2e, 0x89, 0x8e, 0x60, 0x3b, 0xd2, 0x82, 0xc4, 0x3a, 0x95, 0x5b, + 0x1b, 0x0f, 0xb4, 0xd6, 0x58, 0xc5, 0x51, 0x15, 0xb2, 0x33, 0xe2, 0xfb, 0xac, 0x43, 0x14, 0xc1, + 0x1c, 0x0e, 0xb5, 0xcf, 0x21, 0xbf, 0x9a, 0x94, 0xdd, 0xe6, 0x75, 0x8c, 0xfb, 0xec, 0x92, 0x5f, + 0x80, 0xec, 0xd7, 0x4d, 0xdc, 0x13, 0xb7, 0xfc, 0x1c, 0xa4, 0x3a, 0xbd, 0xa3, 0xbe, 0x9a, 0x64, + 0x57, 0xe4, 0x13, 0xdc, 0x3f, 0xc6, 0xfa, 0x60, 0xa0, 0xa6, 0x0e, 0x3f, 0x81, 0x67, 0x13, 0x77, + 0x76, 0x30, 0x75, 0xdd, 0xa9, 0x4d, 0x0e, 0x2c, 0x72, 0x19, 0xb8, 0xae, 0xed, 0x1f, 0x88, 0xaf, + 0xae, 0x36, 0x1d, 0x1f, 0x70, 0xd3, 0x1a, 0xe2, 0x03, 0xac, 0xf8, 0x6d, 0x98, 0x73, 0xfa, 0xaf, + 0x00, 0x00, 0x00, 0xff, 0xff, 0x1e, 0xc0, 0x9c, 0xa4, 0xa4, 0x1d, 0x00, 0x00, +} diff --git a/vendor/github.com/bazelbuild/buildtools/buildozer/BUILD b/vendor/github.com/bazelbuild/buildtools/buildozer/BUILD new file mode 100644 index 00000000000..1a68b760328 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/buildozer/BUILD @@ -0,0 +1,34 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") + +go_library( + name = "go_default_library", + srcs = ["main.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/buildozer", + importpath = "github.com/bazelbuild/buildtools/buildozer", + visibility = ["//visibility:private"], + deps = [ + "//vendor/github.com/bazelbuild/buildtools/edit:go_default_library", + "//vendor/github.com/bazelbuild/buildtools/tables:go_default_library", + ], +) + +go_binary( + name = "buildozer", + embed = [":go_default_library"], + tags = ["manual"], + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/bazelbuild/buildtools/buildozer/README.md b/vendor/github.com/bazelbuild/buildtools/buildozer/README.md new file mode 100644 index 00000000000..f83eb9c829d --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/buildozer/README.md @@ -0,0 +1,266 @@ +# Buildozer + +Buildozer is a command line tool to rewrite multiple +[Bazel](https://github.com/bazelbuild/bazel) BUILD files using +standard commands. + +## Dependencies + +1. Protobuf go runtime: to download +`go get -u github.com/golang/protobuf/{proto,protoc-gen-go}` + + +## Installation + +1. Change directory to the buildifier/buildozer + +```bash +gopath=$(go env GOPATH) +cd $gopath/src/github.com/bazelbuild/buildtools/buildozer +``` + +2. Install + +```bash +go install +``` + +## Usage + +```shell +buildozer [OPTIONS] ['command args' | -f FILE ] label-list +``` + +Here, `label-list` is a comma-separated list of Bazel labels, for example +`//path/to/pkg1:rule1, //path/to/pkg2:rule2`. Buildozer reads commands from +`FILE` (`-` for stdin (format: `|`-separated command line arguments to buildozer, +excluding flags)) + +You should specify at least one command and one target. Buildozer will execute +all commands on all targets. Commands are executed in order, files are processed +in parallel. + +### Targets + +Targets look like Bazel labels, but there can be some differences in presence of +macros. + + * Use the label notation to refer to a rule: `//buildtools/buildozer:edit` + * Use the `__pkg__` suffix to refer to the package declaration: + `//buildtools/buildozer:__pkg__` + * Use an asterisk to refer to all rules in a file: `//pkg:*` + * Use `...` to refer to all descendant BUILD files in a directory: `//pkg/...:*` + * Use percent to refer to all rules of a certain kind: `//pkg:%java_library` + * Use percent-and-number to refer to a rule that begins at a certain line: + `//pkg:%123`. + * Use `-` for the package name if you want to process standard input stream + instead of a file: `-:all_tests`. + +### Options + +OPTIONS include the following options: + + * `-stdout` : write changed BUILD file to stdout + * `-buildifier` : format output using a specific buildifier binary. If empty, use built-in formatter. + * `-k` : apply all commands, even if there are failures + * `-quiet` : suppress informational messages + * `-shorten_labels` : convert added labels to short form, e.g. //foo:bar => :bar + * `-types`: Filter the targets, keeping only those of the given types, e.g. + `buildozer -types go_library,go_binary 'print rule' '//buildtools/buildozer:*'` + * `-eol-comments=false`: When adding new comments, put them on a separate line. + +See `buildozer -help` for the full list. + +### Edit commands + +Buildozer supports the following commands(`'command args'`): + + * `add `: Adds value(s) to a list attribute of a rule. If a + value is already present in the list, it is not added. + * `new_load `: Add a load statement for the given path, + importing the symbols. Before using this, make sure to run + `buildozer 'fix movePackageToTop'`. Afterwards, consider running + `buildozer 'fix unusedLoads'`. + * `comment ? ? `: Add a comment to a rule, an attribute, + or a specific value in a list. Spaces in the comment should be escaped with + backslashes. + * `print_comment ? ?` + * `delete`: Delete a rule. + * `fix ?`: Apply a fix. + * `move `: Moves `value(s)` from the list `old_attr` + to the list `new_attr`. The wildcard `*` matches all values. + * `new [(before|after) ]`: Add a + new rule at the end of the BUILD file (before/after ``). + * `print ` + * `remove `: Removes `value(s)` from the list `attr`. The + wildcard `*` matches all attributes. Lists containing none of the `value(s)` are + not modified. + * `rename `: Rename the `old_attr` to `new_attr` which must + not yet exist. + * `replace `: Replaces `old_value` with `new_value` + in the list `attr`. Wildcard `*` matches all attributes. Lists not containing + `old_value` are not modified. + * `set `: Sets the value of an attribute. If the attribute + was already present, its old value is replaced. + * `set_if_absent `: Sets the value of an attribute. If the + attribute was already present, no action is taken. + * `set kind `: Set the target type to value. + * `copy `: Copies the value of `attr` between rules. If it + exists in the `to_rule`, it will be overwritten. + * `copy_no_overwrite `: Copies the value of `attr` between + rules. If it exists in the `to_rule`, no action is taken. + +Here, `` represents an attribute (being `add`ed/`rename`d/`delete`d etc.), +e.g.: `srcs`, `` represents values of the attribute and so on. +A '?' indicates that the preceding argument is optional. + +The fix command without a fix specified applied to all eligible fixes. +Use `//path/to/pkg:__pkg__` as label for file level changes like `new_load` and +`new_rule`. +A transformation can be applied to all rules of a particular kind by using +`%rule_kind` at the end of the label(see examples below). + +#### Examples + +```bash +# Edit //pkg:rule and //pkg:rule2, and add a dependency on //base +buildozer 'add deps //base' //pkg:rule //pkg:rule2 + +# A load for a skylark file in //pkg +buildozer 'new_load /tools/build_rules/build_test build_test' //pkg:__pkg__ + +# Change the default_visibility to public for the package //pkg +buildozer 'set default_visibility //visibility:public' //pkg:__pkg__ + +# Change all gwt_module targets to java_library in the package //pkg +buildozer 'set kind java_library' //pkg:%gwt_module + +# Replace the dependency on pkg_v1 with a dependency on pkg_v2 +buildozer 'replace deps //pkg_v1 //pkg_v2' //pkg:rule + +# Delete the dependency on foo in every cc_library in the package +buildozer 'remove deps foo' //pkg:%cc_library + +# Delete the testonly attribute in every rule in the package +buildozer 'remove testonly' '//pkg:*' + +# Add a comment to the timeout attribute of //pkg:rule_test +buildozer 'comment timeout Delete\ this\ after\ 2015-12-31.' //pkg:rule_test + +# Add a new rule at the end of the file +buildozer 'new java_library foo' //pkg:__pkg__ + +# Add a cc_binary rule named new_bin before the rule named tests +buildozer 'new cc_binary new_bin before tests' //:__pkg__ + +# Copy an attribute from `protolib` to `py_protolib`. +buildozer 'copy testonly protolib' //pkg:py_protolib + +# Set two attributes in the same rule +buildozer 'set compile 1' 'set srcmap 1' //pkg:rule + +# Make a default explicit in all soy_js rules in a package +buildozer 'set_if_absent allowv1syntax 1' //pkg:%soy_js + +# Add an attribute new_attr with value "def_val" to all cc_binary rules +# Note that special characters will automatically be escaped in the string +buildozer 'add new_attr def_val' //:%cc_binary +``` + +### Print commands + +They work just like the edit commands. Expect a return code of 3 as they are not +modifying any file. + + * `print `: For each target, prints the value of the attributes + (see below). + * `print_comment ? ?`: Prints a comment associated with a rule, + an attribute or a specific value in a list. + +The print command prints the value of the attributes. If a target doesn't have +the attribute, a warning is printed on stderr. + +There are some special attributes in the `print` command: + + * `kind`: displays the name of the function + * `label`: the fully qualified label + * `rule`: the entire rule definition + * `startline`: the line number on which the rule begins in the BUILD file + * `endline`: the line number on which the rule ends in the BUILD file + +#### Examples + +```shell +# Print the kind of a target +buildozer 'print kind' base # output: cc_library + +# Print the name of all cc_library in //base +buildozer 'print name' base:%cc_library + +# Get the default visibility of the //base package +buildozer 'print default_visibility' base:%package + +# Print labels of cc_library targets in //base that have a deps attribute +buildozer 'print label deps' base:%cc_library 2>/dev/null | cut -d' ' -f1 + +# Print the list of labels in //base that explicitly set the testonly attribute: +buildozer 'print label testonly' 'base:*' 2>/dev/null + +# Print the entire definition (including comments) of the //base:heapcheck rule: +buildozer 'print rule' //base:heapcheck +``` + +## Converting labels + +Buildozer works at the syntax-level. It doesn't evaluate the BUILD files. If you +need to query the information Bazel has, please use `bazel query`. If you have a +list of Bazel labels, chances are that some of them are generated by BUILD +extensions. Labels in Buildozer are slightly different from labels in Bazel. +Bazel cares about the generated code, while Buildozer looks at the BUILD file +before macro expansion. + +To see the expanded BUILD files, try: + +```shell +bazel query --output=build //path/to/BUILD +``` + +## Do multiple changes at once + +Use `buildozer -f ` to load a list of commands from a file. The usage is +just like arguments on the command-line, except that arguments are separated by +`|`. + +```shell +$ cat /tmp/cmds +new cc_library foo|//buildtools/buildozer/BUILD +add deps //base //strings|add srcs foo.cc|//buildtools/buildozer:foo +add deps :foo|//buildtools/buildozer + +$ buildozer -f /tmp/cmds +fixed //buildtools/buildozer/BUILD +``` + +The list of commands will typically be generated and can be large. This is +efficient: Commands are grouped so that each file is modified once. Files are +processed in parallel. + +## Error code + +The return code is: + + * `0` on success, if changes were made + * `1` when there is a usage error + * `2` when at least one command has failed + * `3` on success, when no changes were made + +## Source Structure + + * `buildozer/main.go` : Entry point for the buildozer binary + * `edit/buildozer.go` : Implementation of functions for the buildozer commands + * `edit/edit.go`: Library functions to perform various operations on ASTs. These + * functions are called by the impl functions in buildozer.go + * `edit/fix.go`: Functions for various fixes for the `buildozer 'fix '` + command, like cleaning unused loads, changing labels to canonical notation, etc. + * `edit/types.go`: Type information for attributes + diff --git a/vendor/github.com/bazelbuild/buildtools/buildozer/main.go b/vendor/github.com/bazelbuild/buildtools/buildozer/main.go new file mode 100644 index 00000000000..e3baf2e36bf --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/buildozer/main.go @@ -0,0 +1,87 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +// Entry-point for Buildozer binary. + +package main + +import ( + "flag" + "fmt" + "os" + "strings" + + "github.com/bazelbuild/buildtools/edit" + "github.com/bazelbuild/buildtools/tables" +) + +var ( + stdout = flag.Bool("stdout", false, "write changed BUILD file to stdout") + buildifier = flag.String("buildifier", "", "format output using a specific buildifier binary. If empty, use built-in formatter") + parallelism = flag.Int("P", 0, "number of cores to use for concurrent actions") + numio = flag.Int("numio", 200, "number of concurrent actions") + commandsFile = flag.String("f", "", "file name to read commands from, use '-' for stdin (format:|-separated command line arguments to buildozer, excluding flags)") + keepGoing = flag.Bool("k", false, "apply all commands, even if there are failures") + filterRuleTypes = stringList("types", "comma-separated list of rule types to change, the default empty list means all rules") + preferEOLComments = flag.Bool("eol-comments", true, "when adding a new comment, put it on the same line if possible") + rootDir = flag.String("root_dir", "", "If present, use this folder rather than $PWD to find the root directory.") + quiet = flag.Bool("quiet", false, "suppress informational messages") + editVariables = flag.Bool("edit-variables", false, "For attributes that simply assign a variable (e.g. hdrs = LIB_HDRS), edit the build variable instead of appending to the attribute.") + isPrintingProto = flag.Bool("output_proto", false, "output serialized devtools.buildozer.Output protos instead of human-readable strings.") + tablesPath = flag.String("tables", "", "path to JSON file with custom table definitions which will replace the built-in tables") + + shortenLabelsFlag = flag.Bool("shorten_labels", true, "convert added labels to short form, e.g. //foo:bar => :bar") + deleteWithComments = flag.Bool("delete_with_comments", true, "If a list attribute should be deleted even if there is a comment attached to it") +) + +func stringList(name, help string) func() []string { + f := flag.String(name, "", help) + return func() []string { + if *f == "" { + return nil + } + res := strings.Split(*f, ",") + for i := range res { + res[i] = strings.TrimSpace(res[i]) + } + return res + } +} + +func main() { + flag.Parse() + + if *tablesPath != "" { + if err := tables.ParseAndUpdateJSONDefinitions(*tablesPath, false); err != nil { + fmt.Fprintf(os.Stderr, "buildifier: failed to parse %s for -tables: %s\n", *tablesPath, err) + os.Exit(2) + } + } + + edit.ShortenLabelsFlag = *shortenLabelsFlag + edit.DeleteWithComments = *deleteWithComments + edit.Opts = edit.Options{ + Stdout: *stdout, + Buildifier: *buildifier, + Parallelism: *parallelism, + NumIO: *numio, + CommandsFile: *commandsFile, + KeepGoing: *keepGoing, + FilterRuleTypes: filterRuleTypes(), + PreferEOLComments: *preferEOLComments, + RootDir: *rootDir, + Quiet: *quiet, + EditVariables: *editVariables, + IsPrintingProto: *isPrintingProto, + } + os.Exit(edit.Buildozer(flag.Args())) +} diff --git a/vendor/github.com/bazelbuild/buildtools/edit/BUILD b/vendor/github.com/bazelbuild/buildtools/edit/BUILD new file mode 100644 index 00000000000..045a980651d --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/edit/BUILD @@ -0,0 +1,37 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "buildozer.go", + "edit.go", + "fix.go", + "types.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/edit", + importpath = "github.com/bazelbuild/buildtools/edit", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/bazelbuild/buildtools/api_proto:go_default_library", + "//vendor/github.com/bazelbuild/buildtools/build:go_default_library", + "//vendor/github.com/bazelbuild/buildtools/build_proto:go_default_library", + "//vendor/github.com/bazelbuild/buildtools/file:go_default_library", + "//vendor/github.com/bazelbuild/buildtools/lang:go_default_library", + "//vendor/github.com/bazelbuild/buildtools/wspace:go_default_library", + "//vendor/github.com/golang/protobuf/proto:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/bazelbuild/buildtools/edit/buildozer.go b/vendor/github.com/bazelbuild/buildtools/edit/buildozer.go new file mode 100644 index 00000000000..5bd618ebbbc --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/edit/buildozer.go @@ -0,0 +1,976 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +// Buildozer is a tool for programatically editing BUILD files. + +package edit + +import ( + "bufio" + "bytes" + "errors" + "fmt" + "io" + "io/ioutil" + "log" + "os" + "os/exec" + "path" + "path/filepath" + "regexp" + "runtime" + "strconv" + "strings" + + apipb "github.com/bazelbuild/buildtools/api_proto" + "github.com/bazelbuild/buildtools/build" + "github.com/bazelbuild/buildtools/file" + "github.com/golang/protobuf/proto" +) + +// Options represents choices about how buildozer should behave. +type Options struct { + Stdout bool // write changed BUILD file to stdout + Buildifier string // path to buildifier binary + Parallelism int // number of cores to use for concurrent actions + NumIO int // number of concurrent actions + CommandsFile string // file name to read commands from, use '-' for stdin (format:|-separated command line arguments to buildozer, excluding flags + KeepGoing bool // apply all commands, even if there are failures + FilterRuleTypes []string // list of rule types to change, empty means all + PreferEOLComments bool // when adding a new comment, put it on the same line if possible + RootDir string // If present, use this folder rather than $PWD to find the root dir + Quiet bool // suppress informational messages. + EditVariables bool // for attributes that simply assign a variable (e.g. hdrs = LIB_HDRS), edit the build variable instead of appending to the attribute. + IsPrintingProto bool // output serialized devtools.buildozer.Output protos instead of human-readable strings +} + +// Opts represents the options to be used by buildozer, and can be overriden before calling Buildozer. +var Opts = Options{NumIO: 200, PreferEOLComments: true} + +// Usage is a user-overriden func to print the program usage. +var Usage = func() {} + +var fileModified = false // set to true when a file has been fixed + +const stdinPackageName = "-" // the special package name to represent stdin + +// CmdEnvironment stores the information the commands below have access to. +type CmdEnvironment struct { + File *build.File // the AST + Rule *build.Rule // the rule to modify + Vars map[string]*build.BinaryExpr // global variables set in the build file + Pkg string // the full package name + Args []string // the command-line arguments + output *apipb.Output_Record // output proto, stores whatever a command wants to print +} + +// The cmdXXX functions implement the various commands. + +func cmdAdd(env CmdEnvironment) (*build.File, error) { + attr := env.Args[0] + for _, val := range env.Args[1:] { + if IsIntList(attr) { + AddValueToListAttribute(env.Rule, attr, env.Pkg, &build.LiteralExpr{Token: val}, &env.Vars) + continue + } + strVal := &build.StringExpr{Value: ShortenLabel(val, env.Pkg)} + AddValueToListAttribute(env.Rule, attr, env.Pkg, strVal, &env.Vars) + } + return env.File, nil +} + +func cmdComment(env CmdEnvironment) (*build.File, error) { + // The comment string is always the last argument in the list. + str := env.Args[len(env.Args)-1] + str = strings.Replace(str, "\\n", "\n", -1) + // Multiline comments should go on a separate line. + fullLine := !Opts.PreferEOLComments || strings.Contains(str, "\n") + str = strings.Replace("# "+str, "\n", "\n# ", -1) + comment := []build.Comment{build.Comment{Token: str}} + + // The comment might be attached to a rule, an attribute, or a value in a list, + // depending on how many arguments are passed. + switch len(env.Args) { + case 1: // Attach to a rule + env.Rule.Call.Comments.Before = comment + case 2: // Attach to an attribute + if attr := env.Rule.AttrDefn(env.Args[0]); attr != nil { + if fullLine { + attr.X.Comment().Before = comment + } else { + attr.Y.Comment().Suffix = comment + } + } + case 3: // Attach to a specific value in a list + if attr := env.Rule.Attr(env.Args[0]); attr != nil { + if expr := ListFind(attr, env.Args[1], env.Pkg); expr != nil { + if fullLine { + expr.Comments.Before = comment + } else { + expr.Comments.Suffix = comment + } + } + } + default: + panic("cmdComment") + } + return env.File, nil +} + +// commentsText concatenates comments into a single line. +func commentsText(comments []build.Comment) string { + var segments []string + for _, comment := range comments { + token := comment.Token + if strings.HasPrefix(token, "#") { + token = token[1:] + } + segments = append(segments, strings.TrimSpace(token)) + } + return strings.Replace(strings.Join(segments, " "), "\n", " ", -1) +} + +func cmdPrintComment(env CmdEnvironment) (*build.File, error) { + attrError := func() error { + return fmt.Errorf("rule \"//%s:%s\" has no attribute \"%s\"", env.Pkg, env.Rule.Name(), env.Args[0]) + } + + switch len(env.Args) { + case 0: // Print rule comment. + env.output.Fields = []*apipb.Output_Record_Field{ + &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Text{commentsText(env.Rule.Call.Comments.Before)}}, + } + case 1: // Print attribute comment. + attr := env.Rule.AttrDefn(env.Args[0]) + if attr == nil { + return nil, attrError() + } + comments := append(attr.Before, attr.Suffix...) + env.output.Fields = []*apipb.Output_Record_Field{ + &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Text{commentsText(comments)}}, + } + case 2: // Print comment of a specific value in a list. + attr := env.Rule.Attr(env.Args[0]) + if attr == nil { + return nil, attrError() + } + value := env.Args[1] + expr := ListFind(attr, value, env.Pkg) + if expr == nil { + return nil, fmt.Errorf("attribute \"%s\" has no value \"%s\"", env.Args[0], value) + } + comments := append(expr.Comments.Before, expr.Comments.Suffix...) + env.output.Fields = []*apipb.Output_Record_Field{ + &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Text{commentsText(comments)}}, + } + default: + panic("cmdPrintComment") + } + return nil, nil +} + +func cmdDelete(env CmdEnvironment) (*build.File, error) { + return DeleteRule(env.File, env.Rule), nil +} + +func cmdMove(env CmdEnvironment) (*build.File, error) { + oldAttr := env.Args[0] + newAttr := env.Args[1] + if len(env.Args) == 3 && env.Args[2] == "*" { + if err := MoveAllListAttributeValues(env.Rule, oldAttr, newAttr, env.Pkg, &env.Vars); err != nil { + return nil, err + } + return env.File, nil + } + fixed := false + for _, val := range env.Args[2:] { + if deleted := ListAttributeDelete(env.Rule, oldAttr, val, env.Pkg); deleted != nil { + AddValueToListAttribute(env.Rule, newAttr, env.Pkg, deleted, &env.Vars) + fixed = true + } + } + if fixed { + return env.File, nil + } + return nil, nil +} + +func cmdNew(env CmdEnvironment) (*build.File, error) { + kind := env.Args[0] + name := env.Args[1] + addAtEOF, insertionIndex, err := findInsertionIndex(env) + if err != nil { + return nil, err + } + + if FindRuleByName(env.File, name) != nil { + return nil, fmt.Errorf("rule '%s' already exists", name) + } + + call := &build.CallExpr{X: &build.LiteralExpr{Token: kind}} + rule := &build.Rule{Call: call} + rule.SetAttr("name", &build.StringExpr{Value: name}) + + if addAtEOF { + env.File.Stmt = InsertAfterLastOfSameKind(env.File.Stmt, rule.Call) + } else { + env.File.Stmt = InsertAfter(insertionIndex, env.File.Stmt, call) + } + return env.File, nil +} + +// findInsertionIndex is used by cmdNew to find the place at which to insert the new rule. +func findInsertionIndex(env CmdEnvironment) (bool, int, error) { + if len(env.Args) < 4 { + return true, 0, nil + } + + relativeToRuleName := env.Args[3] + ruleIdx := IndexOfRuleByName(env.File, relativeToRuleName) + if ruleIdx == -1 { + return true, 0, nil + } + + switch env.Args[2] { + case "before": + return false, ruleIdx - 1, nil + case "after": + return false, ruleIdx, nil + default: + return true, 0, fmt.Errorf("Unknown relative operator '%s'; allowed: 'before', 'after'", env.Args[1]) + } +} + +func cmdNewLoad(env CmdEnvironment) (*build.File, error) { + env.File.Stmt = InsertLoad(env.File.Stmt, env.Args) + return env.File, nil +} + +func cmdPrint(env CmdEnvironment) (*build.File, error) { + format := env.Args + if len(format) == 0 { + format = []string{"name", "kind"} + } + fields := make([]*apipb.Output_Record_Field, len(format)) + + for i, str := range format { + value := env.Rule.Attr(str) + if str == "kind" { + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Text{env.Rule.Kind()}} + } else if str == "label" { + if env.Rule.Attr("name") != nil { + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Text{fmt.Sprintf("//%s:%s", env.Pkg, env.Rule.Name())}} + } else { + return nil, nil + } + } else if str == "rule" { + fields[i] = &apipb.Output_Record_Field{ + Value: &apipb.Output_Record_Field_Text{build.FormatString(env.Rule.Call)}, + } + } else if str == "startline" { + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Number{int32(env.Rule.Call.ListStart.Line)}} + } else if str == "endline" { + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Number{int32(env.Rule.Call.End.Pos.Line)}} + } else if value == nil { + fmt.Fprintf(os.Stderr, "rule \"//%s:%s\" has no attribute \"%s\"\n", + env.Pkg, env.Rule.Name(), str) + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Error{Error: apipb.Output_Record_Field_MISSING}} + } else if lit, ok := value.(*build.LiteralExpr); ok { + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Text{lit.Token}} + } else if string, ok := value.(*build.StringExpr); ok { + fields[i] = &apipb.Output_Record_Field{ + Value: &apipb.Output_Record_Field_Text{string.Value}, + QuoteWhenPrinting: true, + } + } else if strList := env.Rule.AttrStrings(str); strList != nil { + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_List{List: &apipb.RepeatedString{Strings: strList}}} + } else { + // Some other Expr we haven't listed above. Just print it. + fields[i] = &apipb.Output_Record_Field{Value: &apipb.Output_Record_Field_Text{build.FormatString(value)}} + } + } + + env.output.Fields = fields + return nil, nil +} + +func attrKeysForPattern(rule *build.Rule, pattern string) []string { + if pattern == "*" { + return rule.AttrKeys() + } + return []string{pattern} +} + +func cmdRemove(env CmdEnvironment) (*build.File, error) { + if len(env.Args) == 1 { // Remove the attribute + if env.Rule.DelAttr(env.Args[0]) != nil { + return env.File, nil + } + } else { // Remove values in the attribute. + fixed := false + for _, key := range attrKeysForPattern(env.Rule, env.Args[0]) { + for _, val := range env.Args[1:] { + ListAttributeDelete(env.Rule, key, val, env.Pkg) + fixed = true + } + } + if fixed { + return env.File, nil + } + } + return nil, nil +} + +func cmdRename(env CmdEnvironment) (*build.File, error) { + oldAttr := env.Args[0] + newAttr := env.Args[1] + if err := RenameAttribute(env.Rule, oldAttr, newAttr); err != nil { + return nil, err + } + return env.File, nil +} + +func cmdReplace(env CmdEnvironment) (*build.File, error) { + oldV := env.Args[1] + newV := env.Args[2] + for _, key := range attrKeysForPattern(env.Rule, env.Args[0]) { + attr := env.Rule.Attr(key) + if e, ok := attr.(*build.StringExpr); ok { + if LabelsEqual(e.Value, oldV, env.Pkg) { + env.Rule.SetAttr(key, getAttrValueExpr(key, []string{newV})) + } + } else { + ListReplace(attr, oldV, newV, env.Pkg) + } + } + return env.File, nil +} + +func cmdSet(env CmdEnvironment) (*build.File, error) { + attr := env.Args[0] + args := env.Args[1:] + if attr == "kind" { + env.Rule.SetKind(args[0]) + } else { + env.Rule.SetAttr(attr, getAttrValueExpr(attr, args)) + } + return env.File, nil +} + +func cmdSetIfAbsent(env CmdEnvironment) (*build.File, error) { + attr := env.Args[0] + args := env.Args[1:] + if attr == "kind" { + return nil, fmt.Errorf("setting 'kind' is not allowed for set_if_absent. Got %s", env.Args) + } + if env.Rule.Attr(attr) == nil { + env.Rule.SetAttr(attr, getAttrValueExpr(attr, args)) + } + return env.File, nil +} + +func getAttrValueExpr(attr string, args []string) build.Expr { + switch { + case attr == "kind": + return nil + case IsIntList(attr): + var list []build.Expr + for _, i := range args { + list = append(list, &build.LiteralExpr{Token: i}) + } + return &build.ListExpr{List: list} + case IsList(attr) && !(len(args) == 1 && strings.HasPrefix(args[0], "glob(")): + var list []build.Expr + for _, i := range args { + list = append(list, &build.StringExpr{Value: i}) + } + return &build.ListExpr{List: list} + case IsString(attr): + return &build.StringExpr{Value: args[0]} + default: + return &build.LiteralExpr{Token: args[0]} + } +} + +func cmdCopy(env CmdEnvironment) (*build.File, error) { + attrName := env.Args[0] + from := env.Args[1] + + return copyAttributeBetweenRules(env, attrName, from) +} + +func cmdCopyNoOverwrite(env CmdEnvironment) (*build.File, error) { + attrName := env.Args[0] + from := env.Args[1] + + if env.Rule.Attr(attrName) != nil { + return env.File, nil + } + + return copyAttributeBetweenRules(env, attrName, from) +} + +func copyAttributeBetweenRules(env CmdEnvironment, attrName string, from string) (*build.File, error) { + fromRule := FindRuleByName(env.File, from) + if fromRule == nil { + return nil, fmt.Errorf("could not find rule '%s'", from) + } + attr := fromRule.Attr(attrName) + if attr == nil { + return nil, fmt.Errorf("rule '%s' does not have attribute '%s'", from, attrName) + } + + ast, err := build.Parse("" /* filename */, []byte(build.FormatString(attr))) + if err != nil { + return nil, fmt.Errorf("could not parse attribute value %v", build.FormatString(attr)) + } + + env.Rule.SetAttr(attrName, ast.Stmt[0]) + return env.File, nil +} + +func cmdFix(env CmdEnvironment) (*build.File, error) { + // Fix the whole file + if env.Rule.Kind() == "package" { + return FixFile(env.File, env.Pkg, env.Args), nil + } + // Fix a specific rule + return FixRule(env.File, env.Pkg, env.Rule, env.Args), nil +} + +// CommandInfo provides a command function and info on incoming arguments. +type CommandInfo struct { + Fn func(CmdEnvironment) (*build.File, error) + MinArg int + MaxArg int + Template string +} + +// AllCommands associates the command names with their function and number +// of arguments. +var AllCommands = map[string]CommandInfo{ + "add": {cmdAdd, 2, -1, " "}, + "new_load": {cmdNewLoad, 1, -1, " "}, + "comment": {cmdComment, 1, 3, "? ? "}, + "print_comment": {cmdPrintComment, 0, 2, "? ?"}, + "delete": {cmdDelete, 0, 0, ""}, + "fix": {cmdFix, 0, -1, "?"}, + "move": {cmdMove, 3, -1, " "}, + "new": {cmdNew, 2, 4, " [(before|after) ]"}, + "print": {cmdPrint, 0, -1, ""}, + "remove": {cmdRemove, 1, -1, " "}, + "rename": {cmdRename, 2, 2, " "}, + "replace": {cmdReplace, 3, 3, " "}, + "set": {cmdSet, 2, -1, " "}, + "set_if_absent": {cmdSetIfAbsent, 2, -1, " "}, + "copy": {cmdCopy, 2, 2, " "}, + "copy_no_overwrite": {cmdCopyNoOverwrite, 2, 2, " "}, +} + +func expandTargets(f *build.File, rule string) ([]*build.Rule, error) { + if r := FindRuleByName(f, rule); r != nil { + return []*build.Rule{r}, nil + } else if r := FindExportedFile(f, rule); r != nil { + return []*build.Rule{r}, nil + } else if rule == "all" || rule == "*" { + // "all" is a valid name, it is a wildcard only if no such rule is found. + return f.Rules(""), nil + } else if strings.HasPrefix(rule, "%") { + // "%java_library" will match all java_library functions in the package + // "%" will match the rule which begins at LINENUM. + // This is for convenience, "%" is not a valid character in bazel targets. + kind := rule[1:] + if linenum, err := strconv.Atoi(kind); err == nil { + if r := f.RuleAt(linenum); r != nil { + return []*build.Rule{r}, nil + } + } else { + return f.Rules(kind), nil + } + } + return nil, fmt.Errorf("rule '%s' not found", rule) +} + +func filterRules(rules []*build.Rule) (result []*build.Rule) { + if len(Opts.FilterRuleTypes) == 0 { + return rules + } + for _, rule := range rules { + acceptableType := false + for _, filterType := range Opts.FilterRuleTypes { + if rule.Kind() == filterType { + acceptableType = true + break + } + } + if acceptableType || rule.Kind() == "package" { + result = append(result, rule) + } + } + return +} + +// command contains a list of tokens that describe a buildozer command. +type command struct { + tokens []string +} + +// checkCommandUsage checks the number of argument of a command. +// It prints an error and usage when it is not valid. +func checkCommandUsage(name string, cmd CommandInfo, count int) { + if count >= cmd.MinArg && (cmd.MaxArg == -1 || count <= cmd.MaxArg) { + return + } + + if count < cmd.MinArg { + fmt.Fprintf(os.Stderr, "Too few arguments for command '%s', expected at least %d.\n", + name, cmd.MinArg) + } else { + fmt.Fprintf(os.Stderr, "Too many arguments for command '%s', expected at most %d.\n", + name, cmd.MaxArg) + } + Usage() +} + +// Match text that only contains spaces if they're escaped with '\'. +var spaceRegex = regexp.MustCompile(`(\\ |[^ ])+`) + +// SplitOnSpaces behaves like strings.Fields, except that spaces can be escaped. +// " some dummy\\ string" -> ["some", "dummy string"] +func SplitOnSpaces(input string) []string { + result := spaceRegex.FindAllString(input, -1) + for i, s := range result { + result[i] = strings.Replace(s, `\ `, " ", -1) + } + return result +} + +// parseCommands parses commands and targets they should be applied on from +// a list of arguments. +// Each argument can be either: +// - a command (as defined by AllCommands) and its parameters, separated by +// whitespace +// - a target all commands that are parsed during one call to parseCommands +// should be applied on +func parseCommands(args []string) (commands []command, targets []string) { + for _, arg := range args { + commandTokens := SplitOnSpaces(arg) + cmd, found := AllCommands[commandTokens[0]] + if found { + checkCommandUsage(commandTokens[0], cmd, len(commandTokens)-1) + commands = append(commands, command{commandTokens}) + } else { + targets = append(targets, arg) + } + } + return +} + +// commandsForTarget contains commands to be executed on the given target. +type commandsForTarget struct { + target string + commands []command +} + +// commandsForFile contains the file name and all commands that should be +// applied on that file, indexed by their target. +type commandsForFile struct { + file string + commands []commandsForTarget +} + +// commandError returns an error that formats 'err' in the context of the +// commands to be executed on the given target. +func commandError(commands []command, target string, err error) error { + return fmt.Errorf("error while executing commands %s on target %s: %s", commands, target, err) +} + +// rewriteResult contains the outcome of applying fixes to a single file. +type rewriteResult struct { + file string + errs []error + modified bool + records []*apipb.Output_Record +} + +// getGlobalVariables returns the global variable assignments in the provided list of expressions. +// That is, for each variable assignment of the form +// a = v +// vars["a"] will contain the BinaryExpr whose Y value is the assignment "a = v". +func getGlobalVariables(exprs []build.Expr) (vars map[string]*build.BinaryExpr) { + vars = make(map[string]*build.BinaryExpr) + for _, expr := range exprs { + if binExpr, ok := expr.(*build.BinaryExpr); ok { + if binExpr.Op != "=" { + continue + } + if lhs, ok := binExpr.X.(*build.LiteralExpr); ok { + vars[lhs.Token] = binExpr + } + } + } + return vars +} + +// When checking the filesystem, we need to look for any of the +// possible buildFileNames. For historical reasons, the +// parts of the tool that generate paths that we may want to examine +// continue to assume that build files are all named "BUILD". +var buildFileNames = [...]string{"BUILD.bazel", "BUILD", "BUCK"} +var buildFileNamesSet = map[string]bool{ + "BUILD.bazel": true, + "BUILD": true, + "BUCK": true, +} + +// rewrite parses the BUILD file for the given file, transforms the AST, +// and write the changes back in the file (or on stdout). +func rewrite(commandsForFile commandsForFile) *rewriteResult { + name := commandsForFile.file + var data []byte + var err error + var fi os.FileInfo + records := []*apipb.Output_Record{} + if name == stdinPackageName { // read on stdin + data, err = ioutil.ReadAll(os.Stdin) + if err != nil { + return &rewriteResult{file: name, errs: []error{err}} + } + } else { + origName := name + for _, suffix := range buildFileNames { + if strings.HasSuffix(name, "/"+suffix) { + name = strings.TrimSuffix(name, suffix) + break + } + } + for _, suffix := range buildFileNames { + name = name + suffix + data, fi, err = file.ReadFile(name) + if err == nil { + break + } + name = strings.TrimSuffix(name, suffix) + } + if err != nil { + data, fi, err = file.ReadFile(name) + } + if err != nil { + err = errors.New("file not found or not readable") + return &rewriteResult{file: origName, errs: []error{err}} + } + } + + f, err := build.Parse(name, data) + if err != nil { + return &rewriteResult{file: name, errs: []error{err}} + } + + vars := map[string]*build.BinaryExpr{} + if Opts.EditVariables { + vars = getGlobalVariables(f.Stmt) + } + var errs []error + changed := false + for _, commands := range commandsForFile.commands { + target := commands.target + commands := commands.commands + _, absPkg, rule := InterpretLabelForWorkspaceLocation(Opts.RootDir, target) + _, pkg, _ := ParseLabel(target) + if pkg == stdinPackageName { // Special-case: This is already absolute + absPkg = stdinPackageName + } + + targets, err := expandTargets(f, rule) + if err != nil { + cerr := commandError(commands, target, err) + errs = append(errs, cerr) + if !Opts.KeepGoing { + return &rewriteResult{file: name, errs: errs, records: records} + + } + } + targets = filterRules(targets) + for _, cmd := range commands { + for _, r := range targets { + cmdInfo := AllCommands[cmd.tokens[0]] + record := &apipb.Output_Record{} + newf, err := cmdInfo.Fn(CmdEnvironment{f, r, vars, absPkg, cmd.tokens[1:], record}) + if len(record.Fields) != 0 { + records = append(records, record) + } + if err != nil { + cerr := commandError([]command{cmd}, target, err) + if Opts.KeepGoing { + errs = append(errs, cerr) + } else { + return &rewriteResult{file: name, errs: []error{cerr}, records: records} + } + } + if newf != nil { + changed = true + f = newf + } + } + } + } + if !changed { + return &rewriteResult{file: name, errs: errs, records: records} + } + f = RemoveEmptyPackage(f) + ndata, err := runBuildifier(f) + if err != nil { + return &rewriteResult{file: name, errs: []error{fmt.Errorf("running buildifier: %v", err)}, records: records} + } + + if Opts.Stdout || name == stdinPackageName { + os.Stdout.Write(ndata) + return &rewriteResult{file: name, errs: errs, records: records} + } + + if bytes.Equal(data, ndata) { + return &rewriteResult{file: name, errs: errs, records: records} + } + + if err := EditFile(fi, name); err != nil { + return &rewriteResult{file: name, errs: []error{err}, records: records} + } + + if err := file.WriteFile(name, ndata); err != nil { + return &rewriteResult{file: name, errs: []error{err}, records: records} + } + + fileModified = true + return &rewriteResult{file: name, errs: errs, modified: true, records: records} +} + +// EditFile is a function that does any prework needed before editing a file. +// e.g. "checking out for write" from a locking source control repo. +var EditFile = func(fi os.FileInfo, name string) error { + return nil +} + +// runBuildifier formats the build file f. +// Runs Opts.Buildifier if it's non-empty, otherwise uses built-in formatter. +// Opts.Buildifier is useful to force consistency with other tools that call Buildifier. +func runBuildifier(f *build.File) ([]byte, error) { + if Opts.Buildifier == "" { + build.Rewrite(f, nil) + return build.Format(f), nil + } + + cmd := exec.Command(Opts.Buildifier) + data := build.Format(f) + cmd.Stdin = bytes.NewBuffer(data) + stdout := bytes.NewBuffer(nil) + stderr := bytes.NewBuffer(nil) + cmd.Stdout = stdout + cmd.Stderr = stderr + err := cmd.Run() + if stderr.Len() > 0 { + return nil, fmt.Errorf("%s", stderr.Bytes()) + } + if err != nil { + return nil, err + } + return stdout.Bytes(), nil +} + +// Given a target, whose package may contain a trailing "/...", returns all +// extisting BUILD file paths which match the package. +func targetExpressionToBuildFiles(target string) []string { + file, _, _ := InterpretLabelForWorkspaceLocation(Opts.RootDir, target) + if Opts.RootDir == "" { + var err error + if file, err = filepath.Abs(file); err != nil { + fmt.Printf("Cannot make path absolute: %s\n", err.Error()) + os.Exit(1) + } + } + + if !strings.HasSuffix(file, "/.../BUILD") { + return []string{file} + } + + var buildFiles []string + searchDirs := []string{strings.TrimSuffix(file, "/.../BUILD")} + for len(searchDirs) != 0 { + lastIndex := len(searchDirs) - 1 + dir := searchDirs[lastIndex] + searchDirs = searchDirs[:lastIndex] + + dirFiles, err := ioutil.ReadDir(dir) + if err != nil { + continue + } + + for _, dirFile := range dirFiles { + if dirFile.IsDir() { + searchDirs = append(searchDirs, path.Join(dir, dirFile.Name())) + } else if _, ok := buildFileNamesSet[dirFile.Name()]; ok { + buildFiles = append(buildFiles, path.Join(dir, dirFile.Name())) + } + } + } + + return buildFiles +} + +// appendCommands adds the given commands to be applied to each of the given targets +// via the commandMap. +func appendCommands(commandMap map[string][]commandsForTarget, args []string) { + commands, targets := parseCommands(args) + for _, target := range targets { + if strings.HasSuffix(target, "/BUILD") { + target = strings.TrimSuffix(target, "/BUILD") + ":__pkg__" + } + var buildFiles []string + _, pkg, _ := ParseLabel(target) + if pkg == stdinPackageName { + buildFiles = []string{stdinPackageName} + } else { + buildFiles = targetExpressionToBuildFiles(target) + } + + for _, file := range buildFiles { + commandMap[file] = append(commandMap[file], commandsForTarget{target, commands}) + } + } +} + +func appendCommandsFromFile(commandsByFile map[string][]commandsForTarget, fileName string) { + var reader io.Reader + if Opts.CommandsFile == stdinPackageName { + reader = os.Stdin + } else { + rc := file.OpenReadFile(Opts.CommandsFile) + reader = rc + defer rc.Close() + } + scanner := bufio.NewScanner(reader) + for scanner.Scan() { + line := scanner.Text() + if line == "" { + continue + } + args := strings.Split(line, "|") + appendCommands(commandsByFile, args) + } + if err := scanner.Err(); err != nil { + fmt.Fprintf(os.Stderr, "Error while reading commands file: %v", scanner.Err()) + } +} + +func printRecord(writer io.Writer, record *apipb.Output_Record) { + fields := record.Fields + line := make([]string, len(fields)) + for i, field := range fields { + switch value := field.Value.(type) { + case *apipb.Output_Record_Field_Text: + if field.QuoteWhenPrinting && strings.ContainsRune(value.Text, ' ') { + line[i] = fmt.Sprintf("%q", value.Text) + } else { + line[i] = value.Text + } + break + case *apipb.Output_Record_Field_Number: + line[i] = strconv.Itoa(int(value.Number)) + break + case *apipb.Output_Record_Field_Error: + switch value.Error { + case apipb.Output_Record_Field_UNKNOWN: + line[i] = "(unknown)" + break + case apipb.Output_Record_Field_MISSING: + line[i] = "(missing)" + break + } + break + case *apipb.Output_Record_Field_List: + line[i] = fmt.Sprintf("[%s]", strings.Join(value.List.Strings, " ")) + break + } + } + + fmt.Fprint(writer, strings.Join(line, " ")+"\n") +} + +// Buildozer loops over all arguments on the command line fixing BUILD files. +func Buildozer(args []string) int { + commandsByFile := make(map[string][]commandsForTarget) + if Opts.CommandsFile != "" { + appendCommandsFromFile(commandsByFile, Opts.CommandsFile) + } else { + if len(args) == 0 { + Usage() + } + appendCommands(commandsByFile, args) + } + + numFiles := len(commandsByFile) + if Opts.Parallelism > 0 { + runtime.GOMAXPROCS(Opts.Parallelism) + } + results := make(chan *rewriteResult, numFiles) + data := make(chan commandsForFile) + + for i := 0; i < Opts.NumIO; i++ { + go func(results chan *rewriteResult, data chan commandsForFile) { + for commandsForFile := range data { + results <- rewrite(commandsForFile) + } + }(results, data) + } + + for file, commands := range commandsByFile { + data <- commandsForFile{file, commands} + } + close(data) + records := []*apipb.Output_Record{} + hasErrors := false + for i := 0; i < numFiles; i++ { + fileResults := <-results + if fileResults == nil { + continue + } + hasErrors = hasErrors || len(fileResults.errs) > 0 + for _, err := range fileResults.errs { + fmt.Fprintf(os.Stderr, "%s: %s\n", fileResults.file, err) + } + if fileResults.modified && !Opts.Quiet { + fmt.Fprintf(os.Stderr, "fixed %s\n", fileResults.file) + } + if fileResults.records != nil { + records = append(records, fileResults.records...) + } + } + + if Opts.IsPrintingProto { + data, err := proto.Marshal(&apipb.Output{Records: records}) + if err != nil { + log.Fatal("marshaling error: ", err) + } + fmt.Fprintf(os.Stdout, "%s", data) + } else { + for _, record := range records { + printRecord(os.Stdout, record) + } + } + + if hasErrors { + return 2 + } + if !fileModified && !Opts.Stdout { + return 3 + } + return 0 +} diff --git a/vendor/github.com/bazelbuild/buildtools/edit/edit.go b/vendor/github.com/bazelbuild/buildtools/edit/edit.go new file mode 100644 index 00000000000..c9b541fb595 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/edit/edit.go @@ -0,0 +1,823 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +// Package edit provides high-level auxiliary functions for AST manipulation +// on BUILD files. +package edit + +import ( + "fmt" + "os" + "path" + "path/filepath" + "sort" + "strconv" + "strings" + + "github.com/bazelbuild/buildtools/build" + "github.com/bazelbuild/buildtools/wspace" +) + +var ( + // ShortenLabelsFlag if true converts added labels to short form , e.g. //foo:bar => :bar + ShortenLabelsFlag = true + // DeleteWithComments if true a list attribute will be be deleted in ListDelete, even if there is a comment attached to it + DeleteWithComments = true +) + +// ParseLabel parses a Blaze label (eg. //devtools/buildozer:rule), and returns +// the repo name ("" for the main repo), package (with leading slashes trimmed) +// and rule name (e.g. ["", "devtools/buildozer", "rule"]). +func ParseLabel(target string) (string, string, string) { + repo := "" + if strings.HasPrefix(target, "@") { + target = strings.TrimLeft(target, "@") + parts := strings.SplitN(target, "/", 2) + if len(parts) == 1 { + // "@foo" -> "foo", "", "foo" (ie @foo//:foo) + return target, "", target + } + repo = parts[0] + target = "/" + parts[1] + } + // TODO(bazel-team): check if the next line can now be deleted + target = strings.TrimRight(target, ":") // labels can end with ':' + parts := strings.SplitN(target, ":", 2) + parts[0] = strings.TrimPrefix(parts[0], "//") + if len(parts) == 1 { + if strings.HasPrefix(target, "//") { + // "//absolute/pkg" -> "absolute/pkg", "pkg" + return repo, parts[0], path.Base(parts[0]) + } + // "relative/label" -> "", "relative/label" + return repo, "", parts[0] + } + return repo, parts[0], parts[1] +} + +// ShortenLabel rewrites labels to use the canonical form (the form +// recommended by build-style). This behavior can be disabled using the +// --noshorten_labels flag for projects that consistently use long-form labels. +// "//foo/bar:bar" => "//foo/bar", or ":bar" when possible. +func ShortenLabel(label string, pkg string) string { + if !ShortenLabelsFlag { + return label + } + if !strings.HasPrefix(label, "//") { + // It doesn't look like a long label, so we preserve it. + return label + } + repo, labelPkg, rule := ParseLabel(label) + if repo == "" && labelPkg == pkg { // local label + return ":" + rule + } + slash := strings.LastIndex(labelPkg, "/") + if (slash >= 0 && labelPkg[slash+1:] == rule) || labelPkg == rule { + return "//" + labelPkg + } + return label +} + +// LabelsEqual returns true if label1 and label2 are equal. The function +// takes care of the optional ":" prefix and differences between long-form +// labels and local labels. +func LabelsEqual(label1, label2, pkg string) bool { + str1 := strings.TrimPrefix(ShortenLabel(label1, pkg), ":") + str2 := strings.TrimPrefix(ShortenLabel(label2, pkg), ":") + return str1 == str2 +} + +// isFile returns true if the path refers to a regular file after following +// symlinks. +func isFile(path string) bool { + path, err := filepath.EvalSymlinks(path) + if err != nil { + return false + } + info, err := os.Stat(path) + if err != nil { + return false + } + return info.Mode().IsRegular() +} + +// InterpretLabelForWorkspaceLocation returns the name of the BUILD file to +// edit, the full package name, and the rule. It takes a workspace-rooted +// directory to use. +func InterpretLabelForWorkspaceLocation(root string, target string) (buildFile string, pkg string, rule string) { + repo, pkg, rule := ParseLabel(target) + rootDir, relativePath := wspace.FindWorkspaceRoot(root) + if repo != "" { + files, err := wspace.FindRepoBuildFiles(rootDir) + if err == nil { + if buildFile, ok := files[repo]; ok { + return buildFile, pkg, rule + } + } + // TODO(rodrigoq): report error for other repos + } + + if strings.HasPrefix(target, "//") { + buildFile = path.Join(rootDir, pkg, "BUILD") + return + } + if isFile(pkg) { + // allow operation on other files like WORKSPACE + buildFile = pkg + pkg = path.Join(relativePath, filepath.Dir(pkg)) + return + } + if pkg != "" { + buildFile = pkg + "/BUILD" + } else { + buildFile = "BUILD" + } + pkg = path.Join(relativePath, pkg) + return +} + +// InterpretLabel returns the name of the BUILD file to edit, the full +// package name, and the rule. It uses the pwd for resolving workspace file paths. +func InterpretLabel(target string) (buildFile string, pkg string, rule string) { + return InterpretLabelForWorkspaceLocation("", target) +} + +// ExprToRule returns a Rule from an Expr. +// The boolean is false iff the Expr is not a function call, or does not have +// the expected kind. +func ExprToRule(expr build.Expr, kind string) (*build.Rule, bool) { + call, ok := expr.(*build.CallExpr) + if !ok { + return nil, false + } + k, ok := call.X.(*build.LiteralExpr) + if !ok || k.Token != kind { + return nil, false + } + return &build.Rule{Call: call}, true +} + +// ExistingPackageDeclaration returns the package declaration, or nil if there is none. +func ExistingPackageDeclaration(f *build.File) *build.Rule { + for _, stmt := range f.Stmt { + if rule, ok := ExprToRule(stmt, "package"); ok { + return rule + } + } + return nil +} + +// PackageDeclaration returns the package declaration. If it doesn't +// exist, it is created at the top of the BUILD file, after leading +// comments. +func PackageDeclaration(f *build.File) *build.Rule { + if pkg := ExistingPackageDeclaration(f); pkg != nil { + return pkg + } + all := []build.Expr{} + added := false + call := &build.CallExpr{X: &build.LiteralExpr{Token: "package"}} + // Skip CommentBlocks and find a place to insert the package declaration. + for _, stmt := range f.Stmt { + _, ok := stmt.(*build.CommentBlock) + if !ok && !added { + all = append(all, call) + added = true + } + all = append(all, stmt) + } + if !added { // In case the file is empty. + all = append(all, call) + } + f.Stmt = all + return &build.Rule{Call: call} +} + +// RemoveEmptyPackage removes empty package declarations from the file, i.e.: +// package() +// This might appear because of a buildozer transformation (e.g. when removing a package +// attribute). Removing it is required for the file to be valid. +func RemoveEmptyPackage(f *build.File) *build.File { + var all []build.Expr + for _, stmt := range f.Stmt { + if call, ok := stmt.(*build.CallExpr); ok { + functionName, ok := call.X.(*build.LiteralExpr) + if ok && functionName.Token == "package" && len(call.List) == 0 { + continue + } + } + all = append(all, stmt) + } + return &build.File{Path: f.Path, Comments: f.Comments, Stmt: all} +} + +// InsertAfter inserts an expression after index i. +func InsertAfter(i int, stmt []build.Expr, expr build.Expr) []build.Expr { + i = i + 1 // index after the element at i + result := make([]build.Expr, len(stmt)+1) + copy(result[0:i], stmt[0:i]) + result[i] = expr + copy(result[i+1:], stmt[i:]) + return result +} + +// IndexOfLast finds the index of the last expression of a specific kind. +func IndexOfLast(stmt []build.Expr, Kind string) int { + lastIndex := -1 + for i, s := range stmt { + sAsCallExpr, ok := s.(*build.CallExpr) + if !ok { + continue + } + literal, ok := sAsCallExpr.X.(*build.LiteralExpr) + if ok && literal.Token == Kind { + lastIndex = i + } + } + return lastIndex +} + +// InsertAfterLastOfSameKind inserts an expression after the last expression of the same kind. +func InsertAfterLastOfSameKind(stmt []build.Expr, expr *build.CallExpr) []build.Expr { + index := IndexOfLast(stmt, expr.X.(*build.LiteralExpr).Token) + if index == -1 { + return InsertAtEnd(stmt, expr) + } + return InsertAfter(index, stmt, expr) +} + +// InsertAtEnd inserts an expression at the end of a list, before trailing comments. +func InsertAtEnd(stmt []build.Expr, expr build.Expr) []build.Expr { + var i int + for i = len(stmt) - 1; i >= 0; i-- { + _, ok := stmt[i].(*build.CommentBlock) + if !ok { + break + } + } + return InsertAfter(i, stmt, expr) +} + +// FindRuleByName returns the rule in the file that has the given name. +// If the name is "__pkg__", it returns the global package declaration. +func FindRuleByName(f *build.File, name string) *build.Rule { + if name == "__pkg__" { + return PackageDeclaration(f) + } + i := IndexOfRuleByName(f, name) + if i != -1 { + return &build.Rule{Call: f.Stmt[i].(*build.CallExpr)} + } + return nil +} + +// UseImplicitName returns the rule in the file if it meets these conditions: +// - It is the only unnamed rule in the file. +// - The file path's ending directory name and the passed rule name match. +// In the Pants Build System, by pantsbuild, the use of an implicit name makes +// creating targets easier. This function implements such names. +func UseImplicitName(f *build.File, rule string) *build.Rule { + // We disallow empty names + if f.Path == "BUILD" { + return nil + } + ruleCount := 0 + var temp, found *build.Rule + pkg := filepath.Base(filepath.Dir(f.Path)) + + for _, stmt := range f.Stmt { + call, ok := stmt.(*build.CallExpr) + if !ok { + continue + } + temp = &build.Rule{Call: call} + if temp.Kind() != "" && temp.Name() == "" { + ruleCount++ + found = temp + } + } + + if ruleCount == 1 { + if rule == pkg { + return found + } + } + return nil +} + +// IndexOfRuleByName returns the index (in f.Stmt) of the CallExpr which defines a rule named `name`, or -1 if it doesn't exist. +func IndexOfRuleByName(f *build.File, name string) int { + linenum := -1 + if strings.HasPrefix(name, "%") { + // "%" will match the rule which begins at LINENUM. + // This is for convenience, "%" is not a valid character in bazel targets. + if result, err := strconv.Atoi(name[1:]); err == nil { + linenum = result + } + } + + for i, stmt := range f.Stmt { + call, ok := stmt.(*build.CallExpr) + if !ok { + continue + } + r := &build.Rule{Call: call} + start, _ := call.X.Span() + if r.Name() == name || start.Line == linenum { + return i + } + } + return -1 +} + +// FindExportedFile returns the first exports_files call which contains the +// file 'name', or nil if not found +func FindExportedFile(f *build.File, name string) *build.Rule { + for _, r := range f.Rules("exports_files") { + if len(r.Call.List) == 0 { + continue + } + pkg := "" // Files are not affected by the package name + if ListFind(r.Call.List[0], name, pkg) != nil { + return r + } + } + return nil +} + +// DeleteRule returns the AST without the specified rule +func DeleteRule(f *build.File, rule *build.Rule) *build.File { + var all []build.Expr + for _, stmt := range f.Stmt { + if stmt == rule.Call { + continue + } + all = append(all, stmt) + } + return &build.File{Path: f.Path, Comments: f.Comments, Stmt: all} +} + +// DeleteRuleByName returns the AST without the rules that have the +// given name. +func DeleteRuleByName(f *build.File, name string) *build.File { + var all []build.Expr + for _, stmt := range f.Stmt { + call, ok := stmt.(*build.CallExpr) + if !ok { + all = append(all, stmt) + continue + } + r := &build.Rule{Call: call} + if r.Name() != name { + all = append(all, stmt) + } + } + return &build.File{Path: f.Path, Comments: f.Comments, Stmt: all} +} + +// DeleteRuleByKind removes the rules of the specified kind from the AST. +// Returns an updated copy of f. +func DeleteRuleByKind(f *build.File, kind string) *build.File { + var all []build.Expr + for _, stmt := range f.Stmt { + call, ok := stmt.(*build.CallExpr) + if !ok { + all = append(all, stmt) + continue + } + k, ok := call.X.(*build.LiteralExpr) + if !ok || k.Token != kind { + all = append(all, stmt) + } + } + return &build.File{Path: f.Path, Comments: f.Comments, Stmt: all} +} + +// AllLists returns all the lists concatenated in an expression. +// For example, in: glob(["*.go"]) + [":rule"] +// the function will return [[":rule"]]. +func AllLists(e build.Expr) []*build.ListExpr { + switch e := e.(type) { + case *build.ListExpr: + return []*build.ListExpr{e} + case *build.BinaryExpr: + if e.Op == "+" { + return append(AllLists(e.X), AllLists(e.Y)...) + } + } + return nil +} + +// FirstList works in the same way as AllLists, except that it +// returns only one list, or nil. +func FirstList(e build.Expr) *build.ListExpr { + switch e := e.(type) { + case *build.ListExpr: + return e + case *build.BinaryExpr: + if e.Op == "+" { + li := FirstList(e.X) + if li == nil { + return FirstList(e.Y) + } + return li + } + } + return nil +} + +// AllStrings returns all the string literals concatenated in an expression. +// For example, in: "foo" + x + "bar" +// the function will return ["foo", "bar"]. +func AllStrings(e build.Expr) []*build.StringExpr { + switch e := e.(type) { + case *build.StringExpr: + return []*build.StringExpr{e} + case *build.BinaryExpr: + if e.Op == "+" { + return append(AllStrings(e.X), AllStrings(e.Y)...) + } + } + return nil +} + +// ListFind looks for a string in the list expression (which may be a +// concatenation of lists). It returns the element if it is found. nil +// otherwise. +func ListFind(e build.Expr, item string, pkg string) *build.StringExpr { + item = ShortenLabel(item, pkg) + for _, li := range AllLists(e) { + for _, elem := range li.List { + str, ok := elem.(*build.StringExpr) + if ok && LabelsEqual(str.Value, item, pkg) { + return str + } + } + } + return nil +} + +// hasComments returns whether the StringExpr literal has a comment attached to it. +func hasComments(literal *build.StringExpr) bool { + return len(literal.Before) > 0 || len(literal.Suffix) > 0 +} + +// ContainsComments returns whether the expr has a comment that includes str. +func ContainsComments(expr build.Expr, str string) bool { + str = strings.ToLower(str) + com := expr.Comment() + comments := append(com.Before, com.Suffix...) + comments = append(comments, com.After...) + for _, c := range comments { + if strings.Contains(strings.ToLower(c.Token), str) { + return true + } + } + return false +} + +// ListDelete deletes the item from a list expression in e and returns +// the StringExpr deleted, or nil otherwise. +func ListDelete(e build.Expr, item, pkg string) (deleted *build.StringExpr) { + deleted = nil + item = ShortenLabel(item, pkg) + for _, li := range AllLists(e) { + var all []build.Expr + for _, elem := range li.List { + if str, ok := elem.(*build.StringExpr); ok { + if LabelsEqual(str.Value, item, pkg) && (DeleteWithComments || !hasComments(str)) { + deleted = str + continue + } + } + all = append(all, elem) + } + li.List = all + } + return deleted +} + +// ListAttributeDelete deletes string item from list attribute attr, deletes attr if empty, +// and returns the StringExpr deleted, or nil otherwise. +func ListAttributeDelete(rule *build.Rule, attr, item, pkg string) *build.StringExpr { + deleted := ListDelete(rule.Attr(attr), item, pkg) + if deleted != nil { + if listExpr, ok := rule.Attr(attr).(*build.ListExpr); ok && len(listExpr.List) == 0 { + rule.DelAttr(attr) + } + } + return deleted +} + +// ListReplace replaces old with value in all lists in e and returns a Boolean +// to indicate whether the replacement was successful. +func ListReplace(e build.Expr, old, value, pkg string) bool { + replaced := false + old = ShortenLabel(old, pkg) + for _, li := range AllLists(e) { + for k, elem := range li.List { + str, ok := elem.(*build.StringExpr) + if !ok || !LabelsEqual(str.Value, old, pkg) { + continue + } + li.List[k] = &build.StringExpr{Value: ShortenLabel(value, pkg), Comments: *elem.Comment()} + replaced = true + } + } + return replaced +} + +// isExprLessThan compares two Expr statements. Currently, only labels are supported. +func isExprLessThan(x1, x2 build.Expr) bool { + str1, ok1 := x1.(*build.StringExpr) + str2, ok2 := x2.(*build.StringExpr) + if ok1 != ok2 { + return ok2 + } + if ok1 && ok2 { + // Labels starting with // are put at the end. + pre1 := strings.HasPrefix(str1.Value, "//") + pre2 := strings.HasPrefix(str2.Value, "//") + if pre1 != pre2 { + return pre2 + } + return str1.Value < str2.Value + } + return false +} + +func sortedInsert(list []build.Expr, item build.Expr) []build.Expr { + i := 0 + for ; i < len(list); i++ { + if isExprLessThan(item, list[i]) { + break + } + } + res := make([]build.Expr, 0, len(list)+1) + res = append(res, list[:i]...) + res = append(res, item) + res = append(res, list[i:]...) + return res +} + +// attributeMustNotBeSorted returns true if the list in the attribute cannot be +// sorted. For some attributes, it makes sense to try to do a sorted insert +// (e.g. deps), even when buildifier will not sort it for conservative reasons. +// For a few attributes, sorting will never make sense. +func attributeMustNotBeSorted(rule, attr string) bool { + // TODO(bazel-team): Come up with a more complete list. + return attr == "args" +} + +// getVariable returns the binary expression that assignes a variable to expr, if expr is +// an identifier of a variable that vars contains a mapping for. +func getVariable(expr build.Expr, vars *map[string]*build.BinaryExpr) (varAssignment *build.BinaryExpr) { + if vars == nil { + return nil + } + + if literal, ok := expr.(*build.LiteralExpr); ok { + if varAssignment = (*vars)[literal.Token]; varAssignment != nil { + return varAssignment + } + } + return nil +} + +// AddValueToList adds a value to a list. If the expression is +// not a list, a list with a single element is appended to the original +// expression. +func AddValueToList(oldList build.Expr, pkg string, item build.Expr, sorted bool) build.Expr { + if oldList == nil { + return &build.ListExpr{List: []build.Expr{item}} + } + + str, ok := item.(*build.StringExpr) + if ok && ListFind(oldList, str.Value, pkg) != nil { + // The value is already in the list. + return oldList + } + li := FirstList(oldList) + if li != nil { + if sorted { + li.List = sortedInsert(li.List, item) + } else { + li.List = append(li.List, item) + } + return oldList + } + list := &build.ListExpr{List: []build.Expr{item}} + concat := &build.BinaryExpr{Op: "+", X: oldList, Y: list} + return concat +} + +// AddValueToListAttribute adds the given item to the list attribute identified by name and pkg. +func AddValueToListAttribute(r *build.Rule, name string, pkg string, item build.Expr, vars *map[string]*build.BinaryExpr) { + old := r.Attr(name) + sorted := !attributeMustNotBeSorted(r.Kind(), name) + if varAssignment := getVariable(old, vars); varAssignment != nil { + varAssignment.Y = AddValueToList(varAssignment.Y, pkg, item, sorted) + } else { + r.SetAttr(name, AddValueToList(old, pkg, item, sorted)) + } +} + +// MoveAllListAttributeValues moves all values from list attribute oldAttr to newAttr, +// and deletes oldAttr. +func MoveAllListAttributeValues(rule *build.Rule, oldAttr, newAttr, pkg string, vars *map[string]*build.BinaryExpr) error { + if rule.Attr(oldAttr) == nil { + return fmt.Errorf("no attribute %s found in %s", oldAttr, rule.Name()) + } + if rule.Attr(newAttr) == nil { + RenameAttribute(rule, oldAttr, newAttr) + return nil + } + if listExpr, ok := rule.Attr(oldAttr).(*build.ListExpr); ok { + for _, val := range listExpr.List { + AddValueToListAttribute(rule, newAttr, pkg, val, vars) + } + rule.DelAttr(oldAttr) + return nil + } + return fmt.Errorf("%s already exists and %s is not a simple list", newAttr, oldAttr) +} + +// DictionarySet looks for the key in the dictionary expression. If value is not nil, +// it replaces the current value with it. In all cases, it returns the current value. +func DictionarySet(dict *build.DictExpr, key string, value build.Expr) build.Expr { + for _, e := range dict.List { + kv, _ := e.(*build.KeyValueExpr) + if k, ok := kv.Key.(*build.StringExpr); ok && k.Value == key { + if value != nil { + kv.Value = value + } + return kv.Value + } + } + if value != nil { + kv := &build.KeyValueExpr{Key: &build.StringExpr{Value: key}, Value: value} + dict.List = append(dict.List, kv) + } + return nil +} + +// RenameAttribute renames an attribute in a rule. +func RenameAttribute(r *build.Rule, oldName, newName string) error { + if r.Attr(newName) != nil { + return fmt.Errorf("attribute %s already exists in rule %s", newName, r.Name()) + } + for _, kv := range r.Call.List { + as, ok := kv.(*build.BinaryExpr) + if !ok || as.Op != "=" { + continue + } + k, ok := as.X.(*build.LiteralExpr) + if !ok || k.Token != oldName { + continue + } + k.Token = newName + return nil + } + return fmt.Errorf("no attribute %s found in rule %s", oldName, r.Name()) +} + +// EditFunction is a wrapper around build.Edit. The callback is called only on +// functions 'name'. +func EditFunction(v build.Expr, name string, f func(x *build.CallExpr, stk []build.Expr) build.Expr) build.Expr { + return build.Edit(v, func(expr build.Expr, stk []build.Expr) build.Expr { + call, ok := expr.(*build.CallExpr) + if !ok { + return nil + } + fct, ok := call.X.(*build.LiteralExpr) + if !ok || fct.Token != name { + return nil + } + return f(call, stk) + }) +} + +// UsedSymbols returns the set of symbols used in the BUILD file (variables, function names). +func UsedSymbols(f *build.File) map[string]bool { + symbols := make(map[string]bool) + build.Walk(f, func(expr build.Expr, stack []build.Expr) { + literal, ok := expr.(*build.LiteralExpr) + if !ok { + return + } + // Check if we are on the left-side of an assignment + for _, e := range stack { + if as, ok := e.(*build.BinaryExpr); ok { + if as.Op == "=" && as.X == expr { + return + } + } + } + symbols[literal.Token] = true + }) + return symbols +} + +func newLoad(args []string) *build.CallExpr { + load := &build.CallExpr{ + X: &build.LiteralExpr{ + Token: "load", + }, + List: []build.Expr{}, + ForceCompact: true, + } + for _, a := range args { + load.List = append(load.List, &build.StringExpr{Value: a}) + } + return load +} + +// appendLoad tries to find an existing load location and append symbols to it. +func appendLoad(stmts []build.Expr, args []string) bool { + if len(args) == 0 { + return false + } + location := args[0] + symbolsToLoad := make(map[string]bool) + for _, s := range args[1:] { + symbolsToLoad[s] = true + } + var lastLoad *build.CallExpr + for _, s := range stmts { + call, ok := s.(*build.CallExpr) + if !ok { + continue + } + if l, ok := call.X.(*build.LiteralExpr); !ok || l.Token != "load" { + continue + } + if len(call.List) < 2 { + continue + } + if s, ok := call.List[0].(*build.StringExpr); !ok || s.Value != location { + continue // Loads a different file. + } + for _, arg := range call.List[1:] { + if s, ok := arg.(*build.StringExpr); ok { + delete(symbolsToLoad, s.Value) // Already loaded. + } + } + // Remember the last insert location, but potentially remove more symbols + // that are already loaded in other subsequent calls. + lastLoad = call + } + + if lastLoad == nil { + return false + } + + // Append the remaining loads to the last load location. + sortedSymbols := []string{} + for s := range symbolsToLoad { + sortedSymbols = append(sortedSymbols, s) + } + sort.Strings(sortedSymbols) + for _, s := range sortedSymbols { + lastLoad.List = append(lastLoad.List, &build.StringExpr{Value: s}) + } + return true +} + +// InsertLoad inserts a load statement at the top of the list of statements. +// The load statement is constructed using args. Symbols that are already loaded +// from the given filepath are ignored. If stmts already contains a load for the +// location in arguments, appends the symbols to load to it. +func InsertLoad(stmts []build.Expr, args []string) []build.Expr { + if appendLoad(stmts, args) { + return stmts + } + + load := newLoad(args) + + var all []build.Expr + added := false + for _, stmt := range stmts { + _, isComment := stmt.(*build.CommentBlock) + if isComment || added { + all = append(all, stmt) + continue + } + all = append(all, load) + all = append(all, stmt) + added = true + } + if !added { // Empty file or just comments. + all = append(all, load) + } + return all +} diff --git a/vendor/github.com/bazelbuild/buildtools/edit/fix.go b/vendor/github.com/bazelbuild/buildtools/edit/fix.go new file mode 100644 index 00000000000..e47183fe5d6 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/edit/fix.go @@ -0,0 +1,569 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +// Functions to clean and fix BUILD files + +package edit + +import ( + "regexp" + "sort" + "strings" + + "github.com/bazelbuild/buildtools/build" +) + +// splitOptionsWithSpaces is a cleanup function. +// It splits options strings that contain a space. This change +// should be safe as Blaze is splitting those strings, but we will +// eventually get rid of this misfeature. +// eg. it converts from: +// copts = ["-Dfoo -Dbar"] +// to: +// copts = ["-Dfoo", "-Dbar"] +func splitOptionsWithSpaces(_ *build.File, r *build.Rule, _ string) bool { + var attrToRewrite = []string{ + "copts", + "linkopts", + } + fixed := false + for _, attrName := range attrToRewrite { + attr := r.Attr(attrName) + if attr != nil { + for _, li := range AllLists(attr) { + fixed = splitStrings(li) || fixed + } + } + } + return fixed +} + +func splitStrings(list *build.ListExpr) bool { + var all []build.Expr + fixed := false + for _, e := range list.List { + str, ok := e.(*build.StringExpr) + if !ok { + all = append(all, e) + continue + } + if strings.Contains(str.Value, " ") && !strings.Contains(str.Value, "'\"") { + fixed = true + for i, substr := range strings.Fields(str.Value) { + item := &build.StringExpr{Value: substr} + if i == 0 { + item.Comments = str.Comments + } + all = append(all, item) + } + } else { + all = append(all, str) + } + } + list.List = all + return fixed +} + +// shortenLabels rewrites the labels in the rule using the short notation. +func shortenLabels(_ *build.File, r *build.Rule, pkg string) bool { + fixed := false + for _, attr := range r.AttrKeys() { + e := r.Attr(attr) + if !ContainsLabels(attr) { + continue + } + for _, li := range AllLists(e) { + for _, elem := range li.List { + str, ok := elem.(*build.StringExpr) + if ok && str.Value != ShortenLabel(str.Value, pkg) { + str.Value = ShortenLabel(str.Value, pkg) + fixed = true + } + } + } + } + return fixed +} + +// removeVisibility removes useless visibility attributes. +func removeVisibility(f *build.File, r *build.Rule, pkg string) bool { + pkgDecl := PackageDeclaration(f) + defaultVisibility := pkgDecl.AttrStrings("default_visibility") + + // If no default_visibility is given, it is implicitly private. + if len(defaultVisibility) == 0 { + defaultVisibility = []string{"//visibility:private"} + } + + visibility := r.AttrStrings("visibility") + if len(visibility) == 0 || len(visibility) != len(defaultVisibility) { + return false + } + sort.Strings(defaultVisibility) + sort.Strings(visibility) + for i, vis := range visibility { + if vis != defaultVisibility[i] { + return false + } + } + r.DelAttr("visibility") + return true +} + +// removeTestOnly removes the useless testonly attributes. +func removeTestOnly(f *build.File, r *build.Rule, pkg string) bool { + pkgDecl := PackageDeclaration(f) + + def := strings.HasSuffix(r.Kind(), "_test") || r.Kind() == "test_suite" + if !def { + if pkgDecl.Attr("default_testonly") == nil { + def = strings.HasPrefix(pkg, "javatests/") + } else if pkgDecl.AttrLiteral("default_testonly") == "1" { + def = true + } else if pkgDecl.AttrLiteral("default_testonly") != "0" { + // Non-literal value: it's not safe to do a change. + return false + } + } + + testonly := r.AttrLiteral("testonly") + if def && testonly == "1" { + r.DelAttr("testonly") + return true + } + if !def && testonly == "0" { + r.DelAttr("testonly") + return true + } + return false +} + +func genruleRenameDepsTools(_ *build.File, r *build.Rule, _ string) bool { + return r.Kind() == "genrule" && RenameAttribute(r, "deps", "tools") == nil +} + +// explicitHeuristicLabels adds $(location ...) for each label in the string s. +func explicitHeuristicLabels(s string, labels map[string]bool) string { + // Regexp comes from LABEL_CHAR_MATCHER in + // java/com/google/devtools/build/lib/analysis/LabelExpander.java + re := regexp.MustCompile("[a-zA-Z0-9:/_.+-]+|[^a-zA-Z0-9:/_.+-]+") + parts := re.FindAllString(s, -1) + changed := false + canChange := true + for i, part := range parts { + // We don't want to add $(location when it's already present. + // So we skip the next label when we see location(s). + if part == "location" || part == "locations" { + canChange = false + } + if !labels[part] { + if labels[":"+part] { // leading colon is often missing + part = ":" + part + } else { + continue + } + } + + if !canChange { + canChange = true + continue + } + parts[i] = "$(location " + part + ")" + changed = true + } + if changed { + return strings.Join(parts, "") + } + return s +} + +func addLabels(r *build.Rule, attr string, labels map[string]bool) { + a := r.Attr(attr) + if a == nil { + return + } + for _, li := range AllLists(a) { + for _, item := range li.List { + if str, ok := item.(*build.StringExpr); ok { + labels[str.Value] = true + } + } + } +} + +// genruleFixHeuristicLabels modifies the cmd attribute of genrules, so +// that they don't rely on heuristic label expansion anymore. +// Label expansion is made explicit with the $(location ...) command. +func genruleFixHeuristicLabels(_ *build.File, r *build.Rule, _ string) bool { + if r.Kind() != "genrule" { + return false + } + + cmd := r.Attr("cmd") + if cmd == nil { + return false + } + labels := make(map[string]bool) + addLabels(r, "tools", labels) + addLabels(r, "srcs", labels) + + fixed := false + for _, str := range AllStrings(cmd) { + newVal := explicitHeuristicLabels(str.Value, labels) + if newVal != str.Value { + fixed = true + str.Value = newVal + } + } + return fixed +} + +// sortExportsFiles sorts the first argument of exports_files if it is a list. +func sortExportsFiles(_ *build.File, r *build.Rule, _ string) bool { + if r.Kind() != "exports_files" || len(r.Call.List) == 0 { + return false + } + build.SortStringList(r.Call.List[0]) + return true +} + +// removeVarref replaces all varref('x') with '$(x)'. +// The goal is to eventually remove varref from the build language. +func removeVarref(_ *build.File, r *build.Rule, _ string) bool { + fixed := false + EditFunction(r.Call, "varref", func(call *build.CallExpr, stk []build.Expr) build.Expr { + if len(call.List) != 1 { + return nil + } + str, ok := (call.List[0]).(*build.StringExpr) + if !ok { + return nil + } + fixed = true + str.Value = "$(" + str.Value + ")" + // Preserve suffix comments from the function call + str.Comment().Suffix = append(str.Comment().Suffix, call.Comment().Suffix...) + return str + }) + return fixed +} + +// sortGlob sorts the list argument to glob. +func sortGlob(_ *build.File, r *build.Rule, _ string) bool { + fixed := false + EditFunction(r.Call, "glob", func(call *build.CallExpr, stk []build.Expr) build.Expr { + if len(call.List) == 0 { + return nil + } + build.SortStringList(call.List[0]) + fixed = true + return call + }) + return fixed +} + +func evaluateListConcatenation(expr build.Expr) build.Expr { + if _, ok := expr.(*build.ListExpr); ok { + return expr + } + bin, ok := expr.(*build.BinaryExpr) + if !ok || bin.Op != "+" { + return expr + } + li1, ok1 := evaluateListConcatenation(bin.X).(*build.ListExpr) + li2, ok2 := evaluateListConcatenation(bin.Y).(*build.ListExpr) + if !ok1 || !ok2 { + return expr + } + res := *li1 + res.List = append(li1.List, li2.List...) + return &res +} + +// mergeLiteralLists evaluates the concatenation of two literal lists. +// e.g. [1, 2] + [3, 4] -> [1, 2, 3, 4] +func mergeLiteralLists(_ *build.File, r *build.Rule, _ string) bool { + fixed := false + build.Edit(r.Call, func(expr build.Expr, stk []build.Expr) build.Expr { + newexpr := evaluateListConcatenation(expr) + fixed = fixed || (newexpr != expr) + return newexpr + }) + return fixed +} + +// usePlusEqual replaces uses of extend and append with the += operator. +// e.g. foo.extend(bar) => foo += bar +// foo.append(bar) => foo += [bar] +func usePlusEqual(f *build.File) bool { + fixed := false + for i, stmt := range f.Stmt { + call, ok := stmt.(*build.CallExpr) + if !ok { + continue + } + dot, ok := call.X.(*build.DotExpr) + if !ok || len(call.List) != 1 { + continue + } + obj, ok := dot.X.(*build.LiteralExpr) + if !ok { + continue + } + + var fix *build.BinaryExpr + if dot.Name == "extend" { + fix = &build.BinaryExpr{X: obj, Op: "+=", Y: call.List[0]} + } else if dot.Name == "append" { + list := &build.ListExpr{List: []build.Expr{call.List[0]}} + fix = &build.BinaryExpr{X: obj, Op: "+=", Y: list} + } else { + continue + } + fix.Comments = call.Comments // Keep original comments + f.Stmt[i] = fix + fixed = true + } + return fixed +} + +func isNonemptyComment(comment *build.Comments) bool { + return len(comment.Before)+len(comment.Suffix)+len(comment.After) > 0 +} + +// Checks whether a call or any of its arguments have a comment +func hasComment(call *build.CallExpr) bool { + if isNonemptyComment(call.Comment()) { + return true + } + for _, arg := range call.List { + if isNonemptyComment(arg.Comment()) { + return true + } + } + return false +} + +// cleanUnusedLoads removes symbols from load statements that are not used in the file. +// It also cleans symbols loaded multiple times, sorts symbol list, and removes load +// statements when the list is empty. +func cleanUnusedLoads(f *build.File) bool { + // If the file needs preprocessing, leave it alone. + for _, stmt := range f.Stmt { + if _, ok := stmt.(*build.PythonBlock); ok { + return false + } + } + symbols := UsedSymbols(f) + fixed := false + + var all []build.Expr + for _, stmt := range f.Stmt { + rule, ok := ExprToRule(stmt, "load") + if !ok || len(rule.Call.List) == 0 || hasComment(rule.Call) { + all = append(all, stmt) + continue + } + var args []build.Expr + for _, arg := range rule.Call.List[1:] { // first argument is the path, we keep it + symbol, ok := loadedSymbol(arg) + if !ok || symbols[symbol] { + args = append(args, arg) + if ok { + // If the same symbol is loaded twice, we'll remove it. + delete(symbols, symbol) + } + } else { + fixed = true + } + } + if len(args) > 0 { // Keep the load statement if it loads at least one symbol. + li := &build.ListExpr{List: args} + build.SortStringList(li) + rule.Call.List = append(rule.Call.List[:1], li.List...) + all = append(all, rule.Call) + } else { + fixed = true + } + } + f.Stmt = all + return fixed +} + +// loadedSymbol parses the symbol token from a load statement argument, +// supporting aliases. +func loadedSymbol(arg build.Expr) (string, bool) { + symbol, ok := arg.(*build.StringExpr) + if ok { + return symbol.Value, ok + } + // try an aliased symbol + if binExpr, ok := arg.(*build.BinaryExpr); ok && binExpr.Op == "=" { + if keyExpr, ok := binExpr.X.(*build.LiteralExpr); ok { + return keyExpr.Token, ok + } + } + return "", false +} + +// movePackageDeclarationToTheTop ensures that the call to package() is done +// before everything else (except comments). +func movePackageDeclarationToTheTop(f *build.File) bool { + pkg := ExistingPackageDeclaration(f) + if pkg == nil { + return false + } + all := []build.Expr{} + inserted := false // true when the package declaration has been inserted + for _, stmt := range f.Stmt { + _, isComment := stmt.(*build.CommentBlock) + _, isBinaryExpr := stmt.(*build.BinaryExpr) // e.g. variable declaration + _, isLoad := ExprToRule(stmt, "load") + if isComment || isBinaryExpr || isLoad { + all = append(all, stmt) + continue + } + if stmt == pkg.Call { + if inserted { + // remove the old package + continue + } + return false // the file was ok + } + if !inserted { + all = append(all, pkg.Call) + inserted = true + } + all = append(all, stmt) + } + f.Stmt = all + return true +} + +// moveToPackage is an auxilliary function used by moveLicensesAndDistribs. +// The function shouldn't appear more than once in the file (depot cleanup has +// been done). +func moveToPackage(f *build.File, attrname string) bool { + var all []build.Expr + fixed := false + for _, stmt := range f.Stmt { + rule, ok := ExprToRule(stmt, attrname) + if !ok || len(rule.Call.List) != 1 { + all = append(all, stmt) + continue + } + pkgDecl := PackageDeclaration(f) + pkgDecl.SetAttr(attrname, rule.Call.List[0]) + pkgDecl.AttrDefn(attrname).Comments = *stmt.Comment() + fixed = true + } + f.Stmt = all + return fixed +} + +// moveLicensesAndDistribs replaces the 'licenses' and 'distribs' functions +// with an attribute in package. +// Before: licenses(["notice"]) +// After: package(licenses = ["notice"]) +func moveLicensesAndDistribs(f *build.File) bool { + fixed1 := moveToPackage(f, "licenses") + fixed2 := moveToPackage(f, "distribs") + return fixed1 || fixed2 +} + +// AllRuleFixes is a list of all Buildozer fixes that can be applied on a rule. +var AllRuleFixes = []struct { + Name string + Fn func(file *build.File, rule *build.Rule, pkg string) bool + Message string +}{ + {"sortGlob", sortGlob, + "Sort the list in a call to glob"}, + {"splitOptions", splitOptionsWithSpaces, + "Each option should be given separately in the list"}, + {"shortenLabels", shortenLabels, + "Style: Use the canonical label notation"}, + {"removeVisibility", removeVisibility, + "This visibility attribute is useless (it corresponds to the default value)"}, + {"removeTestOnly", removeTestOnly, + "This testonly attribute is useless (it corresponds to the default value)"}, + {"genruleRenameDepsTools", genruleRenameDepsTools, + "'deps' attribute in genrule has been renamed 'tools'"}, + {"genruleFixHeuristicLabels", genruleFixHeuristicLabels, + "$(location) should be called explicitely"}, + {"sortExportsFiles", sortExportsFiles, + "Files in exports_files should be sorted"}, + {"varref", removeVarref, + "All varref('foo') should be replaced with '$foo'"}, + {"mergeLiteralLists", mergeLiteralLists, + "Remove useless list concatenation"}, +} + +// FileLevelFixes is a list of all Buildozer fixes that apply on the whole file. +var FileLevelFixes = []struct { + Name string + Fn func(file *build.File) bool + Message string +}{ + {"movePackageToTop", movePackageDeclarationToTheTop, + "The package declaration should be the first rule in a file"}, + {"usePlusEqual", usePlusEqual, + "Prefer '+=' over 'extend' or 'append'"}, + {"unusedLoads", cleanUnusedLoads, + "Remove unused symbols from load statements"}, + {"moveLicensesAndDistribs", moveLicensesAndDistribs, + "Move licenses and distribs to the package function"}, +} + +// FixRule aims to fix errors in BUILD files, remove deprecated features, and +// simplify the code. +func FixRule(f *build.File, pkg string, rule *build.Rule, fixes []string) *build.File { + fixesAsMap := make(map[string]bool) + for _, fix := range fixes { + fixesAsMap[fix] = true + } + fixed := false + for _, fix := range AllRuleFixes { + if len(fixes) == 0 || fixesAsMap[fix.Name] { + fixed = fix.Fn(f, rule, pkg) || fixed + } + } + if !fixed { + return nil + } + return f +} + +// FixFile fixes everything it can in the BUILD file. +func FixFile(f *build.File, pkg string, fixes []string) *build.File { + fixesAsMap := make(map[string]bool) + for _, fix := range fixes { + fixesAsMap[fix] = true + } + fixed := false + for _, rule := range f.Rules("") { + res := FixRule(f, pkg, rule, fixes) + if res != nil { + fixed = true + f = res + } + } + for _, fix := range FileLevelFixes { + if len(fixes) == 0 || fixesAsMap[fix.Name] { + fixed = fix.Fn(f) || fixed + } + } + if !fixed { + return nil + } + return f +} diff --git a/vendor/github.com/bazelbuild/buildtools/edit/types.go b/vendor/github.com/bazelbuild/buildtools/edit/types.go new file mode 100644 index 00000000000..2b55328ac71 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/edit/types.go @@ -0,0 +1,59 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ +// Type information for attributes. + +package edit + +import ( + buildpb "github.com/bazelbuild/buildtools/build_proto" + "github.com/bazelbuild/buildtools/lang" +) + +var typeOf = lang.TypeOf + +// IsList returns true for all attributes whose type is a list. +func IsList(attr string) bool { + ty := typeOf[attr] + return ty == buildpb.Attribute_STRING_LIST || + ty == buildpb.Attribute_LABEL_LIST || + ty == buildpb.Attribute_OUTPUT_LIST || + ty == buildpb.Attribute_FILESET_ENTRY_LIST || + ty == buildpb.Attribute_INTEGER_LIST || + ty == buildpb.Attribute_LICENSE || + ty == buildpb.Attribute_DISTRIBUTION_SET +} + +// IsIntList returns true for all attributes whose type is an int list. +func IsIntList(attr string) bool { + return typeOf[attr] == buildpb.Attribute_INTEGER_LIST +} + +// IsString returns true for all attributes whose type is a string or a label. +func IsString(attr string) bool { + ty := typeOf[attr] + return ty == buildpb.Attribute_LABEL || + ty == buildpb.Attribute_STRING || + ty == buildpb.Attribute_OUTPUT +} + +// IsStringDict returns true for all attributes whose type is a string dictionary. +func IsStringDict(attr string) bool { + return typeOf[attr] == buildpb.Attribute_STRING_DICT +} + +// ContainsLabels returns true for all attributes whose type is a label or a label list. +func ContainsLabels(attr string) bool { + ty := typeOf[attr] + return ty == buildpb.Attribute_LABEL_LIST || + ty == buildpb.Attribute_LABEL +} diff --git a/vendor/github.com/bazelbuild/buildtools/file/BUILD b/vendor/github.com/bazelbuild/buildtools/file/BUILD new file mode 100644 index 00000000000..574f1f56e2f --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/file/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["file.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/file", + importpath = "github.com/bazelbuild/buildtools/file", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/bazelbuild/buildtools/file/file.go b/vendor/github.com/bazelbuild/buildtools/file/file.go new file mode 100644 index 00000000000..a311099b184 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/file/file.go @@ -0,0 +1,48 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +// Package file provides utility file operations. +package file + +import ( + "fmt" + "io" + "io/ioutil" + "os" +) + +// ReadFile is like ioutil.ReadFile. +func ReadFile(name string) ([]byte, os.FileInfo, error) { + fi, err := os.Stat(name) + if err != nil { + return nil, nil, err + } + + data, err := ioutil.ReadFile(name) + return data, fi, err +} + +// WriteFile is like ioutil.WriteFile +func WriteFile(name string, data []byte) error { + return ioutil.WriteFile(name, data, 0644) +} + +// OpenReadFile is like os.Open. +func OpenReadFile(name string) io.ReadCloser { + f, err := os.Open(name) + if err != nil { + fmt.Fprintf(os.Stderr, "Could not open %s\n", name) + os.Exit(1) + } + return f +} diff --git a/vendor/github.com/bazelbuild/buildtools/lang/BUILD b/vendor/github.com/bazelbuild/buildtools/lang/BUILD new file mode 100644 index 00000000000..684538930e6 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/lang/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["tables.gen.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/lang", + importpath = "github.com/bazelbuild/buildtools/lang", + visibility = ["//visibility:public"], + deps = ["//vendor/github.com/bazelbuild/buildtools/build_proto:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/bazelbuild/buildtools/lang/build-language.pb b/vendor/github.com/bazelbuild/buildtools/lang/build-language.pb new file mode 100644 index 00000000000..d046e8187c6 Binary files /dev/null and b/vendor/github.com/bazelbuild/buildtools/lang/build-language.pb differ diff --git a/vendor/github.com/bazelbuild/buildtools/lang/tables.gen.go b/vendor/github.com/bazelbuild/buildtools/lang/tables.gen.go new file mode 100755 index 00000000000..f91ef181cd3 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/lang/tables.gen.go @@ -0,0 +1,245 @@ +// Generated file, do not edit. +package lang + +import buildpb "github.com/bazelbuild/buildtools/build_proto" + +var TypeOf = map[string]buildpb.Attribute_Discriminator{ + "aar": buildpb.Attribute_LABEL, + "actual": buildpb.Attribute_LABEL, + "aliases": buildpb.Attribute_STRING_LIST, + "all_files": buildpb.Attribute_LABEL, + "alwayslink": buildpb.Attribute_BOOLEAN, + "app_asset_catalogs": buildpb.Attribute_LABEL_LIST, + "app_bundle_id": buildpb.Attribute_STRING, + "app_deps": buildpb.Attribute_LABEL_LIST, + "app_entitlements": buildpb.Attribute_LABEL, + "app_icon": buildpb.Attribute_STRING, + "app_infoplists": buildpb.Attribute_LABEL_LIST, + "app_name": buildpb.Attribute_STRING, + "app_provisioning_profile": buildpb.Attribute_LABEL, + "app_resources": buildpb.Attribute_LABEL_LIST, + "app_storyboards": buildpb.Attribute_LABEL_LIST, + "app_strings": buildpb.Attribute_LABEL_LIST, + "app_structured_resources": buildpb.Attribute_LABEL_LIST, + "archives": buildpb.Attribute_LABEL_LIST, + "args": buildpb.Attribute_STRING_LIST, + "artifact": buildpb.Attribute_STRING, + "asset_catalogs": buildpb.Attribute_LABEL_LIST, + "assets": buildpb.Attribute_LABEL_LIST, + "assets_dir": buildpb.Attribute_STRING, + "avoid_deps": buildpb.Attribute_LABEL_LIST, + "binary": buildpb.Attribute_LABEL, + "binary_type": buildpb.Attribute_STRING, + "blacklisted_protos": buildpb.Attribute_LABEL_LIST, + "bootclasspath": buildpb.Attribute_LABEL_LIST, + "build_file": buildpb.Attribute_STRING, + "build_file_content": buildpb.Attribute_STRING, + "bundle_id": buildpb.Attribute_STRING, + "bundle_imports": buildpb.Attribute_LABEL_LIST, + "bundle_loader": buildpb.Attribute_LABEL, + "bundles": buildpb.Attribute_LABEL_LIST, + "classpath_resources": buildpb.Attribute_LABEL_LIST, + "cmd": buildpb.Attribute_STRING, + "command_line": buildpb.Attribute_STRING, + "commit": buildpb.Attribute_STRING, + "compatible_with": buildpb.Attribute_LABEL_LIST, + "compiler_files": buildpb.Attribute_LABEL, + "constraints": buildpb.Attribute_STRING_LIST, + "copts": buildpb.Attribute_STRING_LIST, + "cpu": buildpb.Attribute_STRING, + "create_executable": buildpb.Attribute_BOOLEAN, + "crunch_png": buildpb.Attribute_BOOLEAN, + "custom_package": buildpb.Attribute_STRING, + "data": buildpb.Attribute_LABEL_LIST, + "datamodels": buildpb.Attribute_LABEL_LIST, + "default": buildpb.Attribute_LABEL, + "default_copts": buildpb.Attribute_STRING_LIST, + "default_deprecation": buildpb.Attribute_STRING, + "default_hdrs_check": buildpb.Attribute_STRING, + "default_ios_sdk_version": buildpb.Attribute_STRING, + "default_macosx_sdk_version": buildpb.Attribute_STRING, + "default_python_version": buildpb.Attribute_STRING, + "default_testonly": buildpb.Attribute_BOOLEAN, + "default_tvos_sdk_version": buildpb.Attribute_STRING, + "default_visibility": buildpb.Attribute_STRING_LIST, + "default_watchos_sdk_version": buildpb.Attribute_STRING, + "defines": buildpb.Attribute_STRING_LIST, + "densities": buildpb.Attribute_STRING_LIST, + "deploy_manifest_lines": buildpb.Attribute_STRING_LIST, + "deprecation": buildpb.Attribute_STRING, + "deps": buildpb.Attribute_LABEL_LIST, + "dex_shards": buildpb.Attribute_INTEGER, + "dexopts": buildpb.Attribute_STRING_LIST, + "distribs": buildpb.Attribute_DISTRIBUTION_SET, + "dwp_files": buildpb.Attribute_LABEL, + "dylibs": buildpb.Attribute_LABEL_LIST, + "dynamic_runtime_libs": buildpb.Attribute_LABEL_LIST, + "enable_modules": buildpb.Attribute_BOOLEAN, + "encoding": buildpb.Attribute_STRING, + "entitlements": buildpb.Attribute_LABEL, + "entry_classes": buildpb.Attribute_STRING_LIST, + "executable": buildpb.Attribute_BOOLEAN, + "exported_plugins": buildpb.Attribute_LABEL_LIST, + "exports": buildpb.Attribute_LABEL_LIST, + "exports_manifest": buildpb.Attribute_BOOLEAN, + "expression": buildpb.Attribute_STRING, + "ext_bundle_id": buildpb.Attribute_STRING, + "ext_entitlements": buildpb.Attribute_LABEL, + "ext_families": buildpb.Attribute_STRING_LIST, + "ext_infoplists": buildpb.Attribute_LABEL_LIST, + "ext_provisioning_profile": buildpb.Attribute_LABEL, + "ext_resources": buildpb.Attribute_LABEL_LIST, + "ext_strings": buildpb.Attribute_LABEL_LIST, + "ext_structured_resources": buildpb.Attribute_LABEL_LIST, + "extclasspath": buildpb.Attribute_LABEL_LIST, + "extensions": buildpb.Attribute_LABEL_LIST, + "extra_actions": buildpb.Attribute_LABEL_LIST, + "extra_srcs": buildpb.Attribute_LABEL_LIST, + "families": buildpb.Attribute_STRING_LIST, + "features": buildpb.Attribute_STRING_LIST, + "flaky": buildpb.Attribute_BOOLEAN, + "framework_imports": buildpb.Attribute_LABEL_LIST, + "genclass": buildpb.Attribute_LABEL_LIST, + "generates_api": buildpb.Attribute_BOOLEAN, + "hdrs": buildpb.Attribute_LABEL_LIST, + "header_compiler": buildpb.Attribute_LABEL_LIST, + "heuristic_label_expansion": buildpb.Attribute_BOOLEAN, + "idl_import_root": buildpb.Attribute_STRING, + "idl_parcelables": buildpb.Attribute_LABEL_LIST, + "idl_srcs": buildpb.Attribute_LABEL_LIST, + "ijar": buildpb.Attribute_LABEL_LIST, + "imports": buildpb.Attribute_STRING_LIST, + "includes": buildpb.Attribute_STRING_LIST, + "incremental_dexing": buildpb.Attribute_TRISTATE, + "infoplist": buildpb.Attribute_LABEL, + "infoplists": buildpb.Attribute_LABEL_LIST, + "init_submodules": buildpb.Attribute_BOOLEAN, + "ios_device_arg": buildpb.Attribute_STRING_LIST, + "ios_test_target_device": buildpb.Attribute_LABEL, + "ios_version": buildpb.Attribute_STRING, + "ipa_post_processor": buildpb.Attribute_LABEL, + "is_dynamic": buildpb.Attribute_BOOLEAN, + "jars": buildpb.Attribute_LABEL_LIST, + "javabuilder": buildpb.Attribute_LABEL_LIST, + "javac": buildpb.Attribute_LABEL_LIST, + "javac_supports_workers": buildpb.Attribute_BOOLEAN, + "javacopts": buildpb.Attribute_STRING_LIST, + "jre_deps": buildpb.Attribute_LABEL_LIST, + "jvm_flags": buildpb.Attribute_STRING_LIST, + "jvm_opts": buildpb.Attribute_STRING_LIST, + "launch_image": buildpb.Attribute_STRING, + "launch_storyboard": buildpb.Attribute_LABEL, + "launcher": buildpb.Attribute_LABEL, + "licenses": buildpb.Attribute_LICENSE, + "linker_files": buildpb.Attribute_LABEL, + "linkopts": buildpb.Attribute_STRING_LIST, + "linkshared": buildpb.Attribute_BOOLEAN, + "linkstamp": buildpb.Attribute_LABEL, + "linkstatic": buildpb.Attribute_BOOLEAN, + "local": buildpb.Attribute_BOOLEAN, + "main": buildpb.Attribute_LABEL, + "main_class": buildpb.Attribute_STRING, + "main_dex_list": buildpb.Attribute_LABEL, + "main_dex_list_opts": buildpb.Attribute_STRING_LIST, + "main_dex_proguard_specs": buildpb.Attribute_LABEL_LIST, + "malloc": buildpb.Attribute_LABEL, + "manifest": buildpb.Attribute_LABEL, + "manifest_merger": buildpb.Attribute_STRING, + "manifest_values": buildpb.Attribute_STRING_DICT, + "message": buildpb.Attribute_STRING, + "misc": buildpb.Attribute_STRING_LIST, + "mnemonics": buildpb.Attribute_STRING_LIST, + "module_map": buildpb.Attribute_LABEL, + "multidex": buildpb.Attribute_STRING, + "name": buildpb.Attribute_STRING, + "neverlink": buildpb.Attribute_BOOLEAN, + "nocompress_extensions": buildpb.Attribute_STRING_LIST, + "nocopts": buildpb.Attribute_STRING, + "non_arc_srcs": buildpb.Attribute_LABEL_LIST, + "non_propagated_deps": buildpb.Attribute_LABEL_LIST, + "objcopy_files": buildpb.Attribute_LABEL, + "options_file": buildpb.Attribute_LABEL, + "opts": buildpb.Attribute_STRING_LIST, + "out": buildpb.Attribute_STRING, + "out_templates": buildpb.Attribute_STRING_LIST, + "output_group": buildpb.Attribute_STRING, + "output_licenses": buildpb.Attribute_LICENSE, + "output_to_bindir": buildpb.Attribute_BOOLEAN, + "outs": buildpb.Attribute_STRING_LIST, + "path": buildpb.Attribute_STRING, + "pch": buildpb.Attribute_LABEL, + "per_proto_includes": buildpb.Attribute_BOOLEAN, + "platform_type": buildpb.Attribute_STRING, + "plugin": buildpb.Attribute_LABEL, + "plugins": buildpb.Attribute_LABEL_LIST, + "portable_proto_filters": buildpb.Attribute_LABEL_LIST, + "prefix": buildpb.Attribute_STRING, + "processor_class": buildpb.Attribute_STRING, + "proguard_apply_mapping": buildpb.Attribute_LABEL, + "proguard_generate_mapping": buildpb.Attribute_BOOLEAN, + "proguard_specs": buildpb.Attribute_LABEL_LIST, + "provisioning_profile": buildpb.Attribute_LABEL, + "pytype_deps": buildpb.Attribute_LABEL_LIST, + "remote": buildpb.Attribute_STRING, + "repository": buildpb.Attribute_STRING, + "require_defined_version": buildpb.Attribute_BOOLEAN, + "requires_action_output": buildpb.Attribute_BOOLEAN, + "resource_configuration_filters": buildpb.Attribute_STRING_LIST, + "resource_files": buildpb.Attribute_LABEL_LIST, + "resource_strip_prefix": buildpb.Attribute_STRING, + "resources": buildpb.Attribute_LABEL_LIST, + "restricted_to": buildpb.Attribute_LABEL_LIST, + "runtime": buildpb.Attribute_LABEL, + "runtime_deps": buildpb.Attribute_LABEL_LIST, + "scope": buildpb.Attribute_LABEL_LIST, + "sdk_dylibs": buildpb.Attribute_STRING_LIST, + "sdk_frameworks": buildpb.Attribute_STRING_LIST, + "sdk_includes": buildpb.Attribute_STRING_LIST, + "server": buildpb.Attribute_STRING, + "settings_file": buildpb.Attribute_STRING, + "sha1": buildpb.Attribute_STRING, + "sha256": buildpb.Attribute_STRING, + "shard_count": buildpb.Attribute_INTEGER, + "singlejar": buildpb.Attribute_LABEL_LIST, + "size": buildpb.Attribute_STRING, + "source_version": buildpb.Attribute_STRING, + "srcjar": buildpb.Attribute_LABEL, + "srcs": buildpb.Attribute_LABEL_LIST, + "srcs_version": buildpb.Attribute_STRING, + "stamp": buildpb.Attribute_TRISTATE, + "static_runtime_libs": buildpb.Attribute_LABEL_LIST, + "storyboards": buildpb.Attribute_LABEL_LIST, + "strict": buildpb.Attribute_BOOLEAN, + "strings": buildpb.Attribute_LABEL_LIST, + "strip": buildpb.Attribute_BOOLEAN, + "strip_files": buildpb.Attribute_LABEL, + "strip_prefix": buildpb.Attribute_STRING, + "structured_resources": buildpb.Attribute_LABEL_LIST, + "supports_header_parsing": buildpb.Attribute_BOOLEAN, + "supports_param_files": buildpb.Attribute_BOOLEAN, + "tag": buildpb.Attribute_STRING, + "tags": buildpb.Attribute_STRING_LIST, + "target_device": buildpb.Attribute_LABEL, + "target_version": buildpb.Attribute_STRING, + "test_class": buildpb.Attribute_STRING, + "testonly": buildpb.Attribute_BOOLEAN, + "tests": buildpb.Attribute_LABEL_LIST, + "textual_hdrs": buildpb.Attribute_LABEL_LIST, + "timeout": buildpb.Attribute_STRING, + "toolchains": buildpb.Attribute_LABEL_LIST, + "tools": buildpb.Attribute_LABEL_LIST, + "type": buildpb.Attribute_STRING, + "url": buildpb.Attribute_STRING, + "use_objc_header_names": buildpb.Attribute_BOOLEAN, + "use_testrunner": buildpb.Attribute_BOOLEAN, + "values": buildpb.Attribute_STRING_DICT, + "version": buildpb.Attribute_STRING, + "versions": buildpb.Attribute_LABEL_LIST, + "visibility": buildpb.Attribute_STRING_LIST, + "weak_sdk_frameworks": buildpb.Attribute_STRING_LIST, + "xcode": buildpb.Attribute_LABEL, + "xctest": buildpb.Attribute_BOOLEAN, + "xctest_app": buildpb.Attribute_LABEL, + "xibs": buildpb.Attribute_LABEL_LIST, + "xlint": buildpb.Attribute_STRING_LIST, +} diff --git a/vendor/github.com/bazelbuild/buildtools/wspace/BUILD b/vendor/github.com/bazelbuild/buildtools/wspace/BUILD new file mode 100644 index 00000000000..8deb2e44fe3 --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/wspace/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["workspace.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/bazelbuild/buildtools/wspace", + importpath = "github.com/bazelbuild/buildtools/wspace", + visibility = ["//visibility:public"], + deps = ["//vendor/github.com/bazelbuild/buildtools/build:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/bazelbuild/buildtools/wspace/workspace.go b/vendor/github.com/bazelbuild/buildtools/wspace/workspace.go new file mode 100644 index 00000000000..5680d5874fa --- /dev/null +++ b/vendor/github.com/bazelbuild/buildtools/wspace/workspace.go @@ -0,0 +1,114 @@ +/* +Copyright 2016 Google Inc. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +// Package wspace provides a method to find the root of the bazel tree. +package wspace + +import ( + "io/ioutil" + "os" + "path/filepath" + "strings" + + "github.com/bazelbuild/buildtools/build" +) + +const workspaceFile = "WORKSPACE" + +func alwaysTrue(fi os.FileInfo) bool { + return true +} + +var repoRootFiles = map[string]func(os.FileInfo) bool{ + workspaceFile: alwaysTrue, + ".buckconfig": alwaysTrue, + "pants": func(fi os.FileInfo) bool { + return fi.Mode()&os.ModeType == 0 && fi.Mode()&0100 == 0100 + }, +} + +// findContextPath finds the context path inside of a WORKSPACE-rooted source tree. +func findContextPath(rootDir string) (string, error) { + if rootDir == "" { + return os.Getwd() + } + return rootDir, nil +} + +// FindWorkspaceRoot splits the current code context (the rootDir if present, +// the working directory if not.) It returns the path of the directory +// containing the WORKSPACE file, and the rest. +func FindWorkspaceRoot(rootDir string) (root string, rest string) { + wd, err := findContextPath(rootDir) + if err != nil { + return "", "" + } + if root, err = Find(wd); err != nil { + return "", "" + } + if len(wd) == len(root) { + return root, "" + } + return root, wd[len(root)+1:] +} + +// Find searches from the given dir and up for the WORKSPACE file +// returning the directory containing it, or an error if none found in the tree. +func Find(dir string) (string, error) { + if dir == "" || dir == "/" || dir == "." { + return "", os.ErrNotExist + } + for repoRootFile, fiFunc := range repoRootFiles { + if fi, err := os.Stat(filepath.Join(dir, repoRootFile)); err == nil && fiFunc(fi) { + return dir, nil + } else if !os.IsNotExist(err) { + return "", err + } + } + return Find(filepath.Dir(dir)) +} + +// FindRepoBuildFiles parses the WORKSPACE to find BUILD files for non-Bazel +// external repositories, specifically those defined by one of these rules: +// new_local_repository(), new_git_repository(), new_http_archive() +func FindRepoBuildFiles(root string) (map[string]string, error) { + ws := filepath.Join(root, workspaceFile) + kinds := []string{ + "new_local_repository", + "new_git_repository", + "new_http_archive", + } + data, err := ioutil.ReadFile(ws) + if err != nil { + return nil, err + } + ast, err := build.Parse(ws, data) + if err != nil { + return nil, err + } + files := make(map[string]string) + for _, kind := range kinds { + for _, r := range ast.Rules(kind) { + buildFile := r.AttrString("build_file") + if buildFile == "" { + continue + } + buildFile = strings.Replace(buildFile, ":", "/", -1) + files[r.Name()] = filepath.Join(root, buildFile) + } + } + return files, nil +} diff --git a/vendor/github.com/cespare/prettybench/BUILD b/vendor/github.com/cespare/prettybench/BUILD index 399021cae77..2dd6a282298 100644 --- a/vendor/github.com/cespare/prettybench/BUILD +++ b/vendor/github.com/cespare/prettybench/BUILD @@ -12,6 +12,7 @@ go_library( go_binary( name = "prettybench", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/client9/misspell/cmd/misspell/BUILD b/vendor/github.com/client9/misspell/cmd/misspell/BUILD index cabd8d0614a..dc5bc396918 100644 --- a/vendor/github.com/client9/misspell/cmd/misspell/BUILD +++ b/vendor/github.com/client9/misspell/cmd/misspell/BUILD @@ -12,6 +12,7 @@ go_library( go_binary( name = "misspell", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/cloudflare/cfssl/cmd/cfssl/BUILD b/vendor/github.com/cloudflare/cfssl/cmd/cfssl/BUILD index 0318b1e72aa..91b703f302f 100644 --- a/vendor/github.com/cloudflare/cfssl/cmd/cfssl/BUILD +++ b/vendor/github.com/cloudflare/cfssl/cmd/cfssl/BUILD @@ -36,6 +36,7 @@ go_library( go_binary( name = "cfssl", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/cloudflare/cfssl/cmd/cfssljson/BUILD b/vendor/github.com/cloudflare/cfssl/cmd/cfssljson/BUILD index e0804f2400e..b5f19dd5f83 100644 --- a/vendor/github.com/cloudflare/cfssl/cmd/cfssljson/BUILD +++ b/vendor/github.com/cloudflare/cfssl/cmd/cfssljson/BUILD @@ -12,6 +12,7 @@ go_library( go_binary( name = "cfssljson", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/evanphx/json-patch/BUILD b/vendor/github.com/evanphx/json-patch/BUILD index 4fba85b4597..5373f7f42e8 100644 --- a/vendor/github.com/evanphx/json-patch/BUILD +++ b/vendor/github.com/evanphx/json-patch/BUILD @@ -3,6 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = [ + "errors.go", "merge.go", "patch.go", ], diff --git a/vendor/github.com/evanphx/json-patch/README.md b/vendor/github.com/evanphx/json-patch/README.md index ad011b2fac6..9c7f87f7cea 100644 --- a/vendor/github.com/evanphx/json-patch/README.md +++ b/vendor/github.com/evanphx/json-patch/README.md @@ -34,13 +34,9 @@ go get -u github.com/evanphx/json-patch functionality can be disabled by setting `jsonpatch.SupportNegativeIndices = false`. -* There is a global configuration variable `jsonpatch.ArraySizeLimit`, which - limits the length of any array the patched object can have. It defaults to 0, - which means there is no limit. - -* There is a global configuration variable `jsonpatch.ArraySizeAdditionLimit`, - which limits the increase of array length caused by each operation. It - defaults to 0, which means there is no limit. +* There is a global configuration variable `jsonpatch.AccumulatedCopySizeLimit`, + which limits the total size increase in bytes caused by "copy" operations in a + patch. It defaults to 0, which means there is no limit. ## Create and apply a merge patch Given both an original JSON document and a modified JSON document, you can create diff --git a/vendor/github.com/evanphx/json-patch/errors.go b/vendor/github.com/evanphx/json-patch/errors.go new file mode 100644 index 00000000000..75304b4437c --- /dev/null +++ b/vendor/github.com/evanphx/json-patch/errors.go @@ -0,0 +1,38 @@ +package jsonpatch + +import "fmt" + +// AccumulatedCopySizeError is an error type returned when the accumulated size +// increase caused by copy operations in a patch operation has exceeded the +// limit. +type AccumulatedCopySizeError struct { + limit int64 + accumulated int64 +} + +// NewAccumulatedCopySizeError returns an AccumulatedCopySizeError. +func NewAccumulatedCopySizeError(l, a int64) *AccumulatedCopySizeError { + return &AccumulatedCopySizeError{limit: l, accumulated: a} +} + +// Error implements the error interface. +func (a *AccumulatedCopySizeError) Error() string { + return fmt.Sprintf("Unable to complete the copy, the accumulated size increase of copy is %d, exceeding the limit %d", a.accumulated, a.limit) +} + +// ArraySizeError is an error type returned when the array size has exceeded +// the limit. +type ArraySizeError struct { + limit int + size int +} + +// NewArraySizeError returns an ArraySizeError. +func NewArraySizeError(l, s int) *ArraySizeError { + return &ArraySizeError{limit: l, size: s} +} + +// Error implements the error interface. +func (a *ArraySizeError) Error() string { + return fmt.Sprintf("Unable to create array of size %d, limit is %d", a.size, a.limit) +} diff --git a/vendor/github.com/evanphx/json-patch/patch.go b/vendor/github.com/evanphx/json-patch/patch.go index b1ec06ae173..c9cf590216c 100644 --- a/vendor/github.com/evanphx/json-patch/patch.go +++ b/vendor/github.com/evanphx/json-patch/patch.go @@ -14,9 +14,15 @@ const ( eAry ) -var SupportNegativeIndices bool = true -var ArraySizeLimit int = 0 -var ArraySizeAdditionLimit int = 0 +var ( + // SupportNegativeIndices decides whether to support non-standard practice of + // allowing negative indices to mean indices starting at the end of an array. + // Default to true. + SupportNegativeIndices bool = true + // AccumulatedCopySizeLimit limits the total size increase in bytes caused by + // "copy" operations in a patch. + AccumulatedCopySizeLimit int64 = 0 +) type lazyNode struct { raw *json.RawMessage @@ -65,17 +71,18 @@ func (n *lazyNode) UnmarshalJSON(data []byte) error { return nil } -func deepCopy(src *lazyNode) (*lazyNode, error) { +func deepCopy(src *lazyNode) (*lazyNode, int, error) { if src == nil { - return nil, nil + return nil, 0, nil } a, err := src.MarshalJSON() if err != nil { - return nil, err + return nil, 0, err } - ra := make(json.RawMessage, len(a)) + sz := len(a) + ra := make(json.RawMessage, sz) copy(ra, a) - return newLazyNode(&ra), nil + return newLazyNode(&ra), sz, nil } func (n *lazyNode) intoDoc() (*partialDoc, error) { @@ -359,44 +366,14 @@ func (d *partialDoc) remove(key string) error { return nil } +// set should only be used to implement the "replace" operation, so "key" must +// be an already existing index in "d". func (d *partialArray) set(key string, val *lazyNode) error { - if key == "-" { - *d = append(*d, val) - return nil - } - idx, err := strconv.Atoi(key) if err != nil { return err } - - sz := len(*d) - - if diff := idx + 1 - sz; ArraySizeAdditionLimit > 0 && diff > ArraySizeAdditionLimit { - return fmt.Errorf("Unable to increase the array size by %d, the limit is %d", diff, ArraySizeAdditionLimit) - } - - if idx+1 > sz { - sz = idx + 1 - } - - if ArraySizeLimit > 0 && sz > ArraySizeLimit { - return fmt.Errorf("Unable to create array of size %d, limit is %d", sz, ArraySizeLimit) - } - - ary := make([]*lazyNode, sz) - - cur := *d - - copy(ary, cur) - - if idx >= len(ary) { - return fmt.Errorf("Unable to access invalid index: %d", idx) - } - - ary[idx] = val - - *d = ary + (*d)[idx] = val return nil } @@ -412,9 +389,6 @@ func (d *partialArray) add(key string, val *lazyNode) error { } sz := len(*d) + 1 - if ArraySizeLimit > 0 && sz > ArraySizeLimit { - return fmt.Errorf("Unable to create array of size %d, limit is %d", sz, ArraySizeLimit) - } ary := make([]*lazyNode, sz) @@ -556,7 +530,7 @@ func (p Patch) move(doc *container, op operation) error { return fmt.Errorf("jsonpatch move operation does not apply: doc is missing destination path: %s", path) } - return con.set(key, val) + return con.add(key, val) } func (p Patch) test(doc *container, op operation) error { @@ -590,7 +564,7 @@ func (p Patch) test(doc *container, op operation) error { return fmt.Errorf("Testing value %s failed", path) } -func (p Patch) copy(doc *container, op operation) error { +func (p Patch) copy(doc *container, op operation, accumulatedCopySize *int64) error { from := op.from() con, key := findObject(doc, from) @@ -612,10 +586,14 @@ func (p Patch) copy(doc *container, op operation) error { return fmt.Errorf("jsonpatch copy operation does not apply: doc is missing destination path: %s", path) } - valCopy, err := deepCopy(val) + valCopy, sz, err := deepCopy(val) if err != nil { return err } + (*accumulatedCopySize) += int64(sz) + if AccumulatedCopySizeLimit > 0 && *accumulatedCopySize > AccumulatedCopySizeLimit { + return NewAccumulatedCopySizeError(AccumulatedCopySizeLimit, *accumulatedCopySize) + } return con.add(key, valCopy) } @@ -670,6 +648,8 @@ func (p Patch) ApplyIndent(doc []byte, indent string) ([]byte, error) { err = nil + var accumulatedCopySize int64 + for _, op := range p { switch op.kind() { case "add": @@ -683,7 +663,7 @@ func (p Patch) ApplyIndent(doc []byte, indent string) ([]byte, error) { case "test": err = p.test(&pd, op) case "copy": - err = p.copy(&pd, op) + err = p.copy(&pd, op, &accumulatedCopySize) default: err = fmt.Errorf("Unexpected kind: %s", op.kind()) } diff --git a/vendor/github.com/hashicorp/golang-lru/2q.go b/vendor/github.com/hashicorp/golang-lru/2q.go index 337d963296c..e474cd07581 100644 --- a/vendor/github.com/hashicorp/golang-lru/2q.go +++ b/vendor/github.com/hashicorp/golang-lru/2q.go @@ -30,9 +30,9 @@ type TwoQueueCache struct { size int recentSize int - recent *simplelru.LRU - frequent *simplelru.LRU - recentEvict *simplelru.LRU + recent simplelru.LRUCache + frequent simplelru.LRUCache + recentEvict simplelru.LRUCache lock sync.RWMutex } @@ -84,7 +84,8 @@ func New2QParams(size int, recentRatio float64, ghostRatio float64) (*TwoQueueCa return c, nil } -func (c *TwoQueueCache) Get(key interface{}) (interface{}, bool) { +// Get looks up a key's value from the cache. +func (c *TwoQueueCache) Get(key interface{}) (value interface{}, ok bool) { c.lock.Lock() defer c.lock.Unlock() @@ -105,6 +106,7 @@ func (c *TwoQueueCache) Get(key interface{}) (interface{}, bool) { return nil, false } +// Add adds a value to the cache. func (c *TwoQueueCache) Add(key, value interface{}) { c.lock.Lock() defer c.lock.Unlock() @@ -160,12 +162,15 @@ func (c *TwoQueueCache) ensureSpace(recentEvict bool) { c.frequent.RemoveOldest() } +// Len returns the number of items in the cache. func (c *TwoQueueCache) Len() int { c.lock.RLock() defer c.lock.RUnlock() return c.recent.Len() + c.frequent.Len() } +// Keys returns a slice of the keys in the cache. +// The frequently used keys are first in the returned slice. func (c *TwoQueueCache) Keys() []interface{} { c.lock.RLock() defer c.lock.RUnlock() @@ -174,6 +179,7 @@ func (c *TwoQueueCache) Keys() []interface{} { return append(k1, k2...) } +// Remove removes the provided key from the cache. func (c *TwoQueueCache) Remove(key interface{}) { c.lock.Lock() defer c.lock.Unlock() @@ -188,6 +194,7 @@ func (c *TwoQueueCache) Remove(key interface{}) { } } +// Purge is used to completely clear the cache. func (c *TwoQueueCache) Purge() { c.lock.Lock() defer c.lock.Unlock() @@ -196,13 +203,17 @@ func (c *TwoQueueCache) Purge() { c.recentEvict.Purge() } +// Contains is used to check if the cache contains a key +// without updating recency or frequency. func (c *TwoQueueCache) Contains(key interface{}) bool { c.lock.RLock() defer c.lock.RUnlock() return c.frequent.Contains(key) || c.recent.Contains(key) } -func (c *TwoQueueCache) Peek(key interface{}) (interface{}, bool) { +// Peek is used to inspect the cache value of a key +// without updating recency or frequency. +func (c *TwoQueueCache) Peek(key interface{}) (value interface{}, ok bool) { c.lock.RLock() defer c.lock.RUnlock() if val, ok := c.frequent.Peek(key); ok { diff --git a/vendor/github.com/hashicorp/golang-lru/BUILD b/vendor/github.com/hashicorp/golang-lru/BUILD index 4e3314eb9f4..49f66d173d3 100644 --- a/vendor/github.com/hashicorp/golang-lru/BUILD +++ b/vendor/github.com/hashicorp/golang-lru/BUILD @@ -5,6 +5,7 @@ go_library( srcs = [ "2q.go", "arc.go", + "doc.go", "lru.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/hashicorp/golang-lru", diff --git a/vendor/github.com/hashicorp/golang-lru/arc.go b/vendor/github.com/hashicorp/golang-lru/arc.go index a2a25281733..555225a218c 100644 --- a/vendor/github.com/hashicorp/golang-lru/arc.go +++ b/vendor/github.com/hashicorp/golang-lru/arc.go @@ -18,11 +18,11 @@ type ARCCache struct { size int // Size is the total capacity of the cache p int // P is the dynamic preference towards T1 or T2 - t1 *simplelru.LRU // T1 is the LRU for recently accessed items - b1 *simplelru.LRU // B1 is the LRU for evictions from t1 + t1 simplelru.LRUCache // T1 is the LRU for recently accessed items + b1 simplelru.LRUCache // B1 is the LRU for evictions from t1 - t2 *simplelru.LRU // T2 is the LRU for frequently accessed items - b2 *simplelru.LRU // B2 is the LRU for evictions from t2 + t2 simplelru.LRUCache // T2 is the LRU for frequently accessed items + b2 simplelru.LRUCache // B2 is the LRU for evictions from t2 lock sync.RWMutex } @@ -60,11 +60,11 @@ func NewARC(size int) (*ARCCache, error) { } // Get looks up a key's value from the cache. -func (c *ARCCache) Get(key interface{}) (interface{}, bool) { +func (c *ARCCache) Get(key interface{}) (value interface{}, ok bool) { c.lock.Lock() defer c.lock.Unlock() - // Ff the value is contained in T1 (recent), then + // If the value is contained in T1 (recent), then // promote it to T2 (frequent) if val, ok := c.t1.Peek(key); ok { c.t1.Remove(key) @@ -153,7 +153,7 @@ func (c *ARCCache) Add(key, value interface{}) { // Remove from B2 c.b2.Remove(key) - // Add the key to the frequntly used list + // Add the key to the frequently used list c.t2.Add(key, value) return } @@ -247,7 +247,7 @@ func (c *ARCCache) Contains(key interface{}) bool { // Peek is used to inspect the cache value of a key // without updating recency or frequency. -func (c *ARCCache) Peek(key interface{}) (interface{}, bool) { +func (c *ARCCache) Peek(key interface{}) (value interface{}, ok bool) { c.lock.RLock() defer c.lock.RUnlock() if val, ok := c.t1.Peek(key); ok { diff --git a/vendor/github.com/hashicorp/golang-lru/doc.go b/vendor/github.com/hashicorp/golang-lru/doc.go new file mode 100644 index 00000000000..2547df979d0 --- /dev/null +++ b/vendor/github.com/hashicorp/golang-lru/doc.go @@ -0,0 +1,21 @@ +// Package lru provides three different LRU caches of varying sophistication. +// +// Cache is a simple LRU cache. It is based on the +// LRU implementation in groupcache: +// https://github.com/golang/groupcache/tree/master/lru +// +// TwoQueueCache tracks frequently used and recently used entries separately. +// This avoids a burst of accesses from taking out frequently used entries, +// at the cost of about 2x computational overhead and some extra bookkeeping. +// +// ARCCache is an adaptive replacement cache. It tracks recent evictions as +// well as recent usage in both the frequent and recent caches. Its +// computational overhead is comparable to TwoQueueCache, but the memory +// overhead is linear with the size of the cache. +// +// ARC has been patented by IBM, so do not use it if that is problematic for +// your program. +// +// All caches in this package take locks while operating, and are therefore +// thread-safe for consumers. +package lru diff --git a/vendor/github.com/hashicorp/golang-lru/go.mod b/vendor/github.com/hashicorp/golang-lru/go.mod new file mode 100644 index 00000000000..824cb97e834 --- /dev/null +++ b/vendor/github.com/hashicorp/golang-lru/go.mod @@ -0,0 +1 @@ +module github.com/hashicorp/golang-lru diff --git a/vendor/github.com/hashicorp/golang-lru/lru.go b/vendor/github.com/hashicorp/golang-lru/lru.go index a6285f989e0..c8d9b0a230f 100644 --- a/vendor/github.com/hashicorp/golang-lru/lru.go +++ b/vendor/github.com/hashicorp/golang-lru/lru.go @@ -1,6 +1,3 @@ -// This package provides a simple LRU cache. It is based on the -// LRU implementation in groupcache: -// https://github.com/golang/groupcache/tree/master/lru package lru import ( @@ -11,11 +8,11 @@ import ( // Cache is a thread-safe fixed size LRU cache. type Cache struct { - lru *simplelru.LRU + lru simplelru.LRUCache lock sync.RWMutex } -// New creates an LRU of the given size +// New creates an LRU of the given size. func New(size int) (*Cache, error) { return NewWithEvict(size, nil) } @@ -33,7 +30,7 @@ func NewWithEvict(size int, onEvicted func(key interface{}, value interface{})) return c, nil } -// Purge is used to completely clear the cache +// Purge is used to completely clear the cache. func (c *Cache) Purge() { c.lock.Lock() c.lru.Purge() @@ -41,30 +38,30 @@ func (c *Cache) Purge() { } // Add adds a value to the cache. Returns true if an eviction occurred. -func (c *Cache) Add(key, value interface{}) bool { +func (c *Cache) Add(key, value interface{}) (evicted bool) { c.lock.Lock() defer c.lock.Unlock() return c.lru.Add(key, value) } // Get looks up a key's value from the cache. -func (c *Cache) Get(key interface{}) (interface{}, bool) { +func (c *Cache) Get(key interface{}) (value interface{}, ok bool) { c.lock.Lock() defer c.lock.Unlock() return c.lru.Get(key) } -// Check if a key is in the cache, without updating the recent-ness -// or deleting it for being stale. +// Contains checks if a key is in the cache, without updating the +// recent-ness or deleting it for being stale. func (c *Cache) Contains(key interface{}) bool { c.lock.RLock() defer c.lock.RUnlock() return c.lru.Contains(key) } -// Returns the key value (or undefined if not found) without updating +// Peek returns the key value (or undefined if not found) without updating // the "recently used"-ness of the key. -func (c *Cache) Peek(key interface{}) (interface{}, bool) { +func (c *Cache) Peek(key interface{}) (value interface{}, ok bool) { c.lock.RLock() defer c.lock.RUnlock() return c.lru.Peek(key) @@ -73,16 +70,15 @@ func (c *Cache) Peek(key interface{}) (interface{}, bool) { // ContainsOrAdd checks if a key is in the cache without updating the // recent-ness or deleting it for being stale, and if not, adds the value. // Returns whether found and whether an eviction occurred. -func (c *Cache) ContainsOrAdd(key, value interface{}) (ok, evict bool) { +func (c *Cache) ContainsOrAdd(key, value interface{}) (ok, evicted bool) { c.lock.Lock() defer c.lock.Unlock() if c.lru.Contains(key) { return true, false - } else { - evict := c.lru.Add(key, value) - return false, evict } + evicted = c.lru.Add(key, value) + return false, evicted } // Remove removes the provided key from the cache. diff --git a/vendor/github.com/hashicorp/golang-lru/simplelru/BUILD b/vendor/github.com/hashicorp/golang-lru/simplelru/BUILD index fbb9a77d5a3..da03dcec7bf 100644 --- a/vendor/github.com/hashicorp/golang-lru/simplelru/BUILD +++ b/vendor/github.com/hashicorp/golang-lru/simplelru/BUILD @@ -2,7 +2,10 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["lru.go"], + srcs = [ + "lru.go", + "lru_interface.go", + ], importmap = "k8s.io/kubernetes/vendor/github.com/hashicorp/golang-lru/simplelru", importpath = "github.com/hashicorp/golang-lru/simplelru", visibility = ["//visibility:public"], diff --git a/vendor/github.com/hashicorp/golang-lru/simplelru/lru.go b/vendor/github.com/hashicorp/golang-lru/simplelru/lru.go index 68d097a1c06..5673773b22b 100644 --- a/vendor/github.com/hashicorp/golang-lru/simplelru/lru.go +++ b/vendor/github.com/hashicorp/golang-lru/simplelru/lru.go @@ -36,7 +36,7 @@ func NewLRU(size int, onEvict EvictCallback) (*LRU, error) { return c, nil } -// Purge is used to completely clear the cache +// Purge is used to completely clear the cache. func (c *LRU) Purge() { for k, v := range c.items { if c.onEvict != nil { @@ -47,8 +47,8 @@ func (c *LRU) Purge() { c.evictList.Init() } -// Add adds a value to the cache. Returns true if an eviction occured. -func (c *LRU) Add(key, value interface{}) bool { +// Add adds a value to the cache. Returns true if an eviction occurred. +func (c *LRU) Add(key, value interface{}) (evicted bool) { // Check for existing item if ent, ok := c.items[key]; ok { c.evictList.MoveToFront(ent) @@ -78,17 +78,18 @@ func (c *LRU) Get(key interface{}) (value interface{}, ok bool) { return } -// Check if a key is in the cache, without updating the recent-ness +// Contains checks if a key is in the cache, without updating the recent-ness // or deleting it for being stale. func (c *LRU) Contains(key interface{}) (ok bool) { _, ok = c.items[key] return ok } -// Returns the key value (or undefined if not found) without updating +// Peek returns the key value (or undefined if not found) without updating // the "recently used"-ness of the key. func (c *LRU) Peek(key interface{}) (value interface{}, ok bool) { - if ent, ok := c.items[key]; ok { + var ent *list.Element + if ent, ok = c.items[key]; ok { return ent.Value.(*entry).value, true } return nil, ok @@ -96,7 +97,7 @@ func (c *LRU) Peek(key interface{}) (value interface{}, ok bool) { // Remove removes the provided key from the cache, returning if the // key was contained. -func (c *LRU) Remove(key interface{}) bool { +func (c *LRU) Remove(key interface{}) (present bool) { if ent, ok := c.items[key]; ok { c.removeElement(ent) return true @@ -105,7 +106,7 @@ func (c *LRU) Remove(key interface{}) bool { } // RemoveOldest removes the oldest item from the cache. -func (c *LRU) RemoveOldest() (interface{}, interface{}, bool) { +func (c *LRU) RemoveOldest() (key interface{}, value interface{}, ok bool) { ent := c.evictList.Back() if ent != nil { c.removeElement(ent) @@ -116,7 +117,7 @@ func (c *LRU) RemoveOldest() (interface{}, interface{}, bool) { } // GetOldest returns the oldest entry -func (c *LRU) GetOldest() (interface{}, interface{}, bool) { +func (c *LRU) GetOldest() (key interface{}, value interface{}, ok bool) { ent := c.evictList.Back() if ent != nil { kv := ent.Value.(*entry) diff --git a/vendor/github.com/hashicorp/golang-lru/simplelru/lru_interface.go b/vendor/github.com/hashicorp/golang-lru/simplelru/lru_interface.go new file mode 100644 index 00000000000..74c7077440c --- /dev/null +++ b/vendor/github.com/hashicorp/golang-lru/simplelru/lru_interface.go @@ -0,0 +1,36 @@ +package simplelru + +// LRUCache is the interface for simple LRU cache. +type LRUCache interface { + // Adds a value to the cache, returns true if an eviction occurred and + // updates the "recently used"-ness of the key. + Add(key, value interface{}) bool + + // Returns key's value from the cache and + // updates the "recently used"-ness of the key. #value, isFound + Get(key interface{}) (value interface{}, ok bool) + + // Check if a key exsists in cache without updating the recent-ness. + Contains(key interface{}) (ok bool) + + // Returns key's value without updating the "recently used"-ness of the key. + Peek(key interface{}) (value interface{}, ok bool) + + // Removes a key from the cache. + Remove(key interface{}) bool + + // Removes the oldest entry from cache. + RemoveOldest() (interface{}, interface{}, bool) + + // Returns the oldest entry from the cache. #key, value, isFound + GetOldest() (interface{}, interface{}, bool) + + // Returns a slice of the keys in the cache, from oldest to newest. + Keys() []interface{} + + // Returns the number of items in the cache. + Len() int + + // Clear all cache entries + Purge() +} diff --git a/vendor/github.com/jstemmer/go-junit-report/BUILD b/vendor/github.com/jstemmer/go-junit-report/BUILD index 72b9407c871..6e0bce9e535 100644 --- a/vendor/github.com/jstemmer/go-junit-report/BUILD +++ b/vendor/github.com/jstemmer/go-junit-report/BUILD @@ -15,6 +15,7 @@ go_library( go_binary( name = "go-junit-report", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/jteeuwen/go-bindata/go-bindata/BUILD b/vendor/github.com/jteeuwen/go-bindata/go-bindata/BUILD index ddf9138a253..b6260250451 100644 --- a/vendor/github.com/jteeuwen/go-bindata/go-bindata/BUILD +++ b/vendor/github.com/jteeuwen/go-bindata/go-bindata/BUILD @@ -16,6 +16,7 @@ go_library( go_binary( name = "go-bindata", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/onsi/ginkgo/ginkgo/BUILD b/vendor/github.com/onsi/ginkgo/ginkgo/BUILD index 1c76cef8697..6d5c4eeee04 100644 --- a/vendor/github.com/onsi/ginkgo/ginkgo/BUILD +++ b/vendor/github.com/onsi/ginkgo/ginkgo/BUILD @@ -37,6 +37,7 @@ go_library( go_binary( name = "ginkgo", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/pmezard/go-difflib/difflib/difflib.go b/vendor/github.com/pmezard/go-difflib/difflib/difflib.go index 64cc40fe1da..003e99fadb4 100644 --- a/vendor/github.com/pmezard/go-difflib/difflib/difflib.go +++ b/vendor/github.com/pmezard/go-difflib/difflib/difflib.go @@ -559,10 +559,14 @@ type UnifiedDiff struct { func WriteUnifiedDiff(writer io.Writer, diff UnifiedDiff) error { buf := bufio.NewWriter(writer) defer buf.Flush() - w := func(format string, args ...interface{}) error { + wf := func(format string, args ...interface{}) error { _, err := buf.WriteString(fmt.Sprintf(format, args...)) return err } + ws := func(s string) error { + _, err := buf.WriteString(s) + return err + } if len(diff.Eol) == 0 { diff.Eol = "\n" @@ -581,26 +585,28 @@ func WriteUnifiedDiff(writer io.Writer, diff UnifiedDiff) error { if len(diff.ToDate) > 0 { toDate = "\t" + diff.ToDate } - err := w("--- %s%s%s", diff.FromFile, fromDate, diff.Eol) - if err != nil { - return err - } - err = w("+++ %s%s%s", diff.ToFile, toDate, diff.Eol) - if err != nil { - return err + if diff.FromFile != "" || diff.ToFile != "" { + err := wf("--- %s%s%s", diff.FromFile, fromDate, diff.Eol) + if err != nil { + return err + } + err = wf("+++ %s%s%s", diff.ToFile, toDate, diff.Eol) + if err != nil { + return err + } } } first, last := g[0], g[len(g)-1] range1 := formatRangeUnified(first.I1, last.I2) range2 := formatRangeUnified(first.J1, last.J2) - if err := w("@@ -%s +%s @@%s", range1, range2, diff.Eol); err != nil { + if err := wf("@@ -%s +%s @@%s", range1, range2, diff.Eol); err != nil { return err } for _, c := range g { i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2 if c.Tag == 'e' { for _, line := range diff.A[i1:i2] { - if err := w(" " + line); err != nil { + if err := ws(" " + line); err != nil { return err } } @@ -608,14 +614,14 @@ func WriteUnifiedDiff(writer io.Writer, diff UnifiedDiff) error { } if c.Tag == 'r' || c.Tag == 'd' { for _, line := range diff.A[i1:i2] { - if err := w("-" + line); err != nil { + if err := ws("-" + line); err != nil { return err } } } if c.Tag == 'r' || c.Tag == 'i' { for _, line := range diff.B[j1:j2] { - if err := w("+" + line); err != nil { + if err := ws("+" + line); err != nil { return err } } @@ -669,12 +675,18 @@ func WriteContextDiff(writer io.Writer, diff ContextDiff) error { buf := bufio.NewWriter(writer) defer buf.Flush() var diffErr error - w := func(format string, args ...interface{}) { + wf := func(format string, args ...interface{}) { _, err := buf.WriteString(fmt.Sprintf(format, args...)) if diffErr == nil && err != nil { diffErr = err } } + ws := func(s string) { + _, err := buf.WriteString(s) + if diffErr == nil && err != nil { + diffErr = err + } + } if len(diff.Eol) == 0 { diff.Eol = "\n" @@ -700,15 +712,17 @@ func WriteContextDiff(writer io.Writer, diff ContextDiff) error { if len(diff.ToDate) > 0 { toDate = "\t" + diff.ToDate } - w("*** %s%s%s", diff.FromFile, fromDate, diff.Eol) - w("--- %s%s%s", diff.ToFile, toDate, diff.Eol) + if diff.FromFile != "" || diff.ToFile != "" { + wf("*** %s%s%s", diff.FromFile, fromDate, diff.Eol) + wf("--- %s%s%s", diff.ToFile, toDate, diff.Eol) + } } first, last := g[0], g[len(g)-1] - w("***************" + diff.Eol) + ws("***************" + diff.Eol) range1 := formatRangeContext(first.I1, last.I2) - w("*** %s ****%s", range1, diff.Eol) + wf("*** %s ****%s", range1, diff.Eol) for _, c := range g { if c.Tag == 'r' || c.Tag == 'd' { for _, cc := range g { @@ -716,7 +730,7 @@ func WriteContextDiff(writer io.Writer, diff ContextDiff) error { continue } for _, line := range diff.A[cc.I1:cc.I2] { - w(prefix[cc.Tag] + line) + ws(prefix[cc.Tag] + line) } } break @@ -724,7 +738,7 @@ func WriteContextDiff(writer io.Writer, diff ContextDiff) error { } range2 := formatRangeContext(first.J1, last.J2) - w("--- %s ----%s", range2, diff.Eol) + wf("--- %s ----%s", range2, diff.Eol) for _, c := range g { if c.Tag == 'r' || c.Tag == 'i' { for _, cc := range g { @@ -732,7 +746,7 @@ func WriteContextDiff(writer io.Writer, diff ContextDiff) error { continue } for _, line := range diff.B[cc.J1:cc.J2] { - w(prefix[cc.Tag] + line) + ws(prefix[cc.Tag] + line) } } break diff --git a/vendor/github.com/storageos/go-api/BUILD b/vendor/github.com/storageos/go-api/BUILD index 906584ce29d..c052c8e3266 100644 --- a/vendor/github.com/storageos/go-api/BUILD +++ b/vendor/github.com/storageos/go-api/BUILD @@ -4,12 +4,12 @@ go_library( name = "go_default_library", srcs = [ "client.go", - "controller.go", - "event.go", "health.go", "logger.go", "login.go", "namespace.go", + "network_diagnostics.go", + "node.go", "policy.go", "pool.go", "rule.go", @@ -24,7 +24,6 @@ go_library( importpath = "github.com/storageos/go-api", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/gorilla/websocket:go_default_library", "//vendor/github.com/storageos/go-api/netutil:go_default_library", "//vendor/github.com/storageos/go-api/serror:go_default_library", "//vendor/github.com/storageos/go-api/types:go_default_library", diff --git a/vendor/github.com/storageos/go-api/LICENCE b/vendor/github.com/storageos/go-api/LICENCE index ecaf938c256..c577408a6dc 100644 --- a/vendor/github.com/storageos/go-api/LICENCE +++ b/vendor/github.com/storageos/go-api/LICENCE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2015-2017 StorageOS +Copyright (c) 2015-2018 StorageOS Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/vendor/github.com/storageos/go-api/client.go b/vendor/github.com/storageos/go-api/client.go index 5be9924f3dc..4a95516b14b 100644 --- a/vendor/github.com/storageos/go-api/client.go +++ b/vendor/github.com/storageos/go-api/client.go @@ -3,27 +3,32 @@ package storageos import ( "bytes" "context" - "crypto/tls" "encoding/json" "errors" "fmt" - "github.com/storageos/go-api/netutil" - "github.com/storageos/go-api/serror" "io" "io/ioutil" + "math/rand" "net" "net/http" "net/url" "reflect" "strconv" "strings" + "sync" "time" + + "github.com/storageos/go-api/netutil" + "github.com/storageos/go-api/serror" ) const ( - userAgent = "go-storageosclient" + // DefaultUserAgent is the default User-Agent header to include in HTTP requests. + DefaultUserAgent = "go-storageosclient" + // DefaultVersionStr is the string value of the default API version. DefaultVersionStr = "1" - DefaultVersion = 1 + // DefaultVersion is the default API version. + DefaultVersion = 1 ) var ( @@ -36,14 +41,17 @@ var ( // ErrInvalidVersion is returned when a versioned client was requested but no version specified. ErrInvalidVersion = errors.New("invalid version") - // DefaultPort is the default API port + // ErrProxyNotSupported is returned when a client is unable to set a proxy for http requests. + ErrProxyNotSupported = errors.New("client does not support http proxy") + + // DefaultPort is the default API port. DefaultPort = "5705" - // DataplaneHealthPort is the the port used by the dataplane health-check service + // DataplaneHealthPort is the the port used by the dataplane health-check service. DataplaneHealthPort = "5704" - // DefaultHost is the default API host - DefaultHost = "tcp://localhost:" + DefaultPort + // DefaultHost is the default API host. + DefaultHost = "http://localhost:" + DefaultPort ) // APIVersion is an internal representation of a version of the Remote API. @@ -70,16 +78,21 @@ func (version APIVersion) String() string { // Client is the basic type of this package. It provides methods for // interaction with the API. type Client struct { + httpClient *http.Client + + addresses []string + username string + secret string + userAgent string + + configLock *sync.RWMutex // Lock for config changes + addressLock *sync.Mutex // Lock used to copy/update the address slice + + requestedAPIVersion APIVersion + serverAPIVersion APIVersion + expectedAPIVersion APIVersion + SkipServerVersionCheck bool - HTTPClient *http.Client - TLSConfig *tls.Config - username string - secret string - requestedAPIVersion APIVersion - serverAPIVersion APIVersion - expectedAPIVersion APIVersion - nativeHTTPClient *http.Client - useTLS bool } // ClientVersion returns the API version of the client @@ -103,6 +116,7 @@ func NewClient(nodes string) (*Client, error) { return nil, err } client.SkipServerVersionCheck = true + client.userAgent = DefaultUserAgent return client, nil } @@ -110,22 +124,24 @@ func NewClient(nodes string) (*Client, error) { // the given server endpoint, using a specific remote API version. func NewVersionedClient(nodestring string, apiVersionString string) (*Client, error) { nodes := strings.Split(nodestring, ",") - - d, err := netutil.NewMultiDialer(nodes, nil) + addresses, err := netutil.AddressesFromNodes(nodes) if err != nil { return nil, err } - var useTLS bool - if len(nodes) > 0 { - if u, err := url.Parse(nodes[0]); err != nil && u.Scheme == "https" { - useTLS = true - } + if len(addresses) > 1 { + // Shuffle returned addresses in attempt to spread the load + rnd := rand.New(rand.NewSource(time.Now().UnixNano())) + rnd.Shuffle(len(addresses), func(i, j int) { + addresses[i], addresses[j] = addresses[j], addresses[i] + }) } - c := &Client{ - HTTPClient: defaultClient(d), - useTLS: useTLS, + client := &Client{ + httpClient: defaultClient(), + addresses: addresses, + configLock: &sync.RWMutex{}, + addressLock: &sync.Mutex{}, } if apiVersionString != "" { @@ -133,15 +149,24 @@ func NewVersionedClient(nodestring string, apiVersionString string) (*Client, er if err != nil { return nil, err } - c.requestedAPIVersion = APIVersion(version) + client.requestedAPIVersion = APIVersion(version) } - return c, nil + return client, nil +} + +// SetUserAgent sets the client useragent. +func (c *Client) SetUserAgent(useragent string) { + c.configLock.Lock() + defer c.configLock.Unlock() + c.userAgent = useragent } // SetAuth sets the API username and secret to be used for all API requests. // It should not be called concurrently with any other Client methods. func (c *Client) SetAuth(username string, secret string) { + c.configLock.Lock() + defer c.configLock.Unlock() if username != "" { c.username = username } @@ -150,15 +175,31 @@ func (c *Client) SetAuth(username string, secret string) { } } +// SetProxy will set the proxy URL for both the HTTPClient. +// If the transport method does not support usage +// of proxies, an error will be returned. +func (c *Client) SetProxy(proxy *url.URL) error { + c.configLock.Lock() + defer c.configLock.Unlock() + + if client := c.httpClient; client != nil { + transport, supported := client.Transport.(*http.Transport) + if !supported { + return ErrProxyNotSupported + } + transport.Proxy = http.ProxyURL(proxy) + } + return nil +} + // SetTimeout takes a timeout and applies it to both the HTTPClient and // nativeHTTPClient. It should not be called concurrently with any other Client // methods. func (c *Client) SetTimeout(t time.Duration) { - if c.HTTPClient != nil { - c.HTTPClient.Timeout = t - } - if c.nativeHTTPClient != nil { - c.nativeHTTPClient.Timeout = t + c.configLock.Lock() + defer c.configLock.Unlock() + if c.httpClient != nil { + c.httpClient.Timeout = t } } @@ -171,6 +212,8 @@ func (c *Client) checkAPIVersion() error { if err != nil { return err } + c.configLock.Lock() + defer c.configLock.Unlock() if c.requestedAPIVersion == 0 { c.expectedAPIVersion = c.serverAPIVersion } else { @@ -191,8 +234,7 @@ func (c *Client) Ping() error { if resp.StatusCode != http.StatusOK { return newError(resp) } - resp.Body.Close() - return nil + return resp.Body.Close() } func (c *Client) getServerAPIVersionString() (version string, err error) { @@ -204,16 +246,19 @@ func (c *Client) getServerAPIVersionString() (version string, err error) { } type doOptions struct { - data interface{} + context context.Context + data interface{} + + values url.Values + headers map[string]string + fieldSelector string labelSelector string namespace string - forceJSON bool - force bool - values url.Values - headers map[string]string - unversioned bool - context context.Context + + forceJSON bool + force bool + unversioned bool } func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response, error) { @@ -247,76 +292,118 @@ func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response query.Add("force", "1") } - httpClient := c.HTTPClient - u := c.getAPIPath(urlpath, query, doOptions.unversioned) + // Obtain a reader lock to prevent the http client from being + // modified underneath us during a do(). + c.configLock.RLock() + defer c.configLock.RUnlock() // This defer matches both the initial and the above lock - req, err := http.NewRequest(method, u, params) - if err != nil { - return nil, err - } - req.Header.Set("User-Agent", userAgent) - if doOptions.data != nil { - req.Header.Set("Content-Type", "application/json") - } else if method == "POST" { - req.Header.Set("Content-Type", "plain/text") - } - if c.username != "" && c.secret != "" { - req.SetBasicAuth(c.username, c.secret) - } - - for k, v := range doOptions.headers { - req.Header.Set(k, v) - } + httpClient := c.httpClient + endpoint := c.getAPIPath(urlpath, query, doOptions.unversioned) + // The doOptions Context is shared for every attempted request in the do. ctx := doOptions.context if ctx == nil { ctx = context.Background() } - resp, err := httpClient.Do(req.WithContext(ctx)) - if err != nil { - // If it is a custom error, return it. It probably knows more than us - if serror.IsStorageOSError(err) { + var failedAddresses = map[string]struct{}{} + + c.addressLock.Lock() + var addresses = make([]string, len(c.addresses)) + copy(addresses, c.addresses) + c.addressLock.Unlock() + + for _, address := range addresses { + target := address + endpoint + + req, err := http.NewRequest(method, target, params) + if err != nil { + // Probably should not try and continue if we're unable + // to create the request. return nil, err } - - if strings.Contains(err.Error(), "connection refused") { - return nil, ErrConnectionRefused + req.Header.Set("User-Agent", c.userAgent) + if doOptions.data != nil { + req.Header.Set("Content-Type", "application/json") + } else if method == "POST" { + req.Header.Set("Content-Type", "plain/text") + } + if c.username != "" && c.secret != "" { + req.SetBasicAuth(c.username, c.secret) } - return nil, chooseError(ctx, err) - } - if resp.StatusCode < 200 || resp.StatusCode >= 400 { - return nil, newError(resp) - } - return resp, nil -} -// if error in context, return that instead of generic http error -func chooseError(ctx context.Context, err error) error { - select { - case <-ctx.Done(): - return ctx.Err() - default: - return err + for k, v := range doOptions.headers { + req.Header.Set(k, v) + } + + resp, err := httpClient.Do(req.WithContext(ctx)) + if err != nil { + // If it is a custom error, return it. It probably knows more than us + if serror.IsStorageOSError(err) { + switch serror.ErrorKind(err) { + case serror.APIUncontactable: + // If API isn't contactable we should try the next address + failedAddresses[address] = struct{}{} + continue + case serror.InvalidHostConfig: + // If invalid host or unknown error, we should report back + fallthrough + case serror.UnknownError: + return nil, err + } + } + + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + if _, ok := err.(net.Error); ok { + // Be optimistic and try the next endpoint + failedAddresses[address] = struct{}{} + continue + } + return nil, err + } + } + + // If we get to the point of response, we should move any failed + // addresses to the back. + failed := len(failedAddresses) + if failed > 0 { + // Copy addresses we think are okay into the head of the list + newOrder := make([]string, 0, len(addresses)-failed) + + for _, addr := range addresses { + if _, exists := failedAddresses[addr]; !exists { + newOrder = append(newOrder, addr) + } + } + for addr := range failedAddresses { + newOrder = append(newOrder, addr) + } + + c.addressLock.Lock() + // Bring in the new order + c.addresses = newOrder + c.addressLock.Unlock() + } + + if resp.StatusCode < 200 || resp.StatusCode >= 400 { + return nil, newError(resp) // These status codes are likely to be fatal + } + return resp, nil } + + return nil, netutil.ErrAllFailed(addresses) } func (c *Client) getAPIPath(path string, query url.Values, unversioned bool) string { - // The custom dialer contacts the hosts for us, making this hosname irrelevant - var urlStr string - if c.useTLS { - urlStr = "https://storageos-cluster" - } else { - urlStr = "http://storageos-cluster" - } + var apiPath = strings.TrimLeft(path, "/") - var apiPath string - - path = strings.TrimLeft(path, "/") - if unversioned { - apiPath = fmt.Sprintf("%s/%s", urlStr, path) + if !unversioned { + apiPath = fmt.Sprintf("/%s/%s", c.requestedAPIVersion, apiPath) } else { - apiPath = fmt.Sprintf("%s/%s/%s", urlStr, c.requestedAPIVersion, path) + apiPath = fmt.Sprintf("/%s", apiPath) } if len(query) > 0 { @@ -441,23 +528,14 @@ func (e *Error) Error() string { return fmt.Sprintf("API error (%s): %s", http.StatusText(e.Status), e.Message) } -// defaultTransport returns a new http.Transport with the same default values -// as http.DefaultTransport, but with idle connections and keepalives disabled. -func defaultTransport(d Dialer) *http.Transport { - transport := defaultPooledTransport(d) - transport.DisableKeepAlives = true - transport.MaxIdleConnsPerHost = -1 - return transport -} - // defaultPooledTransport returns a new http.Transport with similar default // values to http.DefaultTransport. Do not use this for transient transports as // it can leak file descriptors over time. Only use this for transports that // will be re-used for the same host(s). -func defaultPooledTransport(d Dialer) *http.Transport { +func defaultPooledTransport(dialer Dialer) *http.Transport { transport := &http.Transport{ Proxy: http.ProxyFromEnvironment, - Dial: d.Dial, + Dial: dialer.Dial, TLSHandshakeTimeout: 5 * time.Second, DisableKeepAlives: false, MaxIdleConnsPerHost: 1, @@ -469,15 +547,13 @@ func defaultPooledTransport(d Dialer) *http.Transport { // http.Client, but with a non-shared Transport, idle connections disabled, and // keepalives disabled. // If a custom dialer is not provided, one with sane defaults will be created. -func defaultClient(d Dialer) *http.Client { - if d == nil { - d = &net.Dialer{ - Timeout: 5 * time.Second, - KeepAlive: 5 * time.Second, - } +func defaultClient() *http.Client { + dialer := &net.Dialer{ + Timeout: 5 * time.Second, + KeepAlive: 5 * time.Second, } return &http.Client{ - Transport: defaultTransport(d), + Transport: defaultPooledTransport(dialer), } } diff --git a/vendor/github.com/storageos/go-api/controller.go b/vendor/github.com/storageos/go-api/controller.go deleted file mode 100644 index 1b4f9ea1289..00000000000 --- a/vendor/github.com/storageos/go-api/controller.go +++ /dev/null @@ -1,110 +0,0 @@ -package storageos - -import ( - "encoding/json" - "errors" - "net/http" - "net/url" - - "github.com/storageos/go-api/types" -) - -var ( - - // ControllerAPIPrefix is a partial path to the HTTP endpoint. - ControllerAPIPrefix = "controllers" - - // ErrNoSuchController is the error returned when the controller does not exist. - ErrNoSuchController = errors.New("no such controller") - - // ErrControllerInUse is the error returned when the controller requested to be removed is still in use. - ErrControllerInUse = errors.New("controller in use and cannot be removed") -) - -// ControllerList returns the list of available controllers. -func (c *Client) ControllerList(opts types.ListOptions) ([]*types.Controller, error) { - listOpts := doOptions{ - fieldSelector: opts.FieldSelector, - labelSelector: opts.LabelSelector, - context: opts.Context, - } - - if opts.LabelSelector != "" { - query := url.Values{} - query.Add("labelSelector", opts.LabelSelector) - listOpts.values = query - } - - resp, err := c.do("GET", ControllerAPIPrefix, listOpts) - if err != nil { - return nil, err - } - defer resp.Body.Close() - var controllers []*types.Controller - if err := json.NewDecoder(resp.Body).Decode(&controllers); err != nil { - return nil, err - } - return controllers, nil -} - -// Controller returns a controller by its reference. -func (c *Client) Controller(ref string) (*types.Controller, error) { - - resp, err := c.do("GET", ControllerAPIPrefix+"/"+ref, doOptions{}) - if err != nil { - if e, ok := err.(*Error); ok && e.Status == http.StatusNotFound { - return nil, ErrNoSuchController - } - return nil, err - } - defer resp.Body.Close() - var controller types.Controller - if err := json.NewDecoder(resp.Body).Decode(&controller); err != nil { - return nil, err - } - return &controller, nil -} - -// ControllerUpdate updates a controller on the server. -func (c *Client) ControllerUpdate(opts types.ControllerUpdateOptions) (*types.Controller, error) { - ref := opts.Name - if IsUUID(opts.ID) { - ref = opts.ID - } - resp, err := c.do("PUT", ControllerAPIPrefix+"/"+ref, doOptions{ - data: opts, - context: opts.Context, - }) - if err != nil { - return nil, err - } - defer resp.Body.Close() - var controller types.Controller - if err := json.NewDecoder(resp.Body).Decode(&controller); err != nil { - return nil, err - } - return &controller, nil -} - -// ControllerDelete removes a controller by its reference. -func (c *Client) ControllerDelete(opts types.DeleteOptions) error { - deleteOpts := doOptions{ - namespace: opts.Namespace, - force: opts.Force, - context: opts.Context, - } - resp, err := c.do("DELETE", ControllerAPIPrefix+"/"+opts.Name, deleteOpts) - if err != nil { - if e, ok := err.(*Error); ok { - if e.Status == http.StatusNotFound { - return ErrNoSuchController - } - if e.Status == http.StatusConflict { - return ErrControllerInUse - } - } - return err - } - defer resp.Body.Close() - return nil -} diff --git a/vendor/github.com/storageos/go-api/event.go b/vendor/github.com/storageos/go-api/event.go deleted file mode 100644 index c9d9f002247..00000000000 --- a/vendor/github.com/storageos/go-api/event.go +++ /dev/null @@ -1,189 +0,0 @@ -package storageos - -import ( - "context" - "encoding/json" - "errors" - "log" - "net/http" - "time" - - "github.com/gorilla/websocket" - - "github.com/storageos/go-api/types" -) - -var ( - - // EventAPIPrefix is a partial path to the HTTP endpoint. - EventAPIPrefix = "event" - - // ErrNoSuchEvent is the error returned when the event does not exist. - ErrNoSuchEvent = errors.New("no such event") -) - -// EventList returns the list of available events. -func (c *Client) EventList(opts types.ListOptions) ([]*types.Event, error) { - listOpts := doOptions{ - fieldSelector: opts.FieldSelector, - labelSelector: opts.LabelSelector, - context: opts.Context, - } - resp, err := c.do("GET", EventAPIPrefix, listOpts) - if err != nil { - return nil, err - } - defer resp.Body.Close() - var events []*types.Event - if err := json.NewDecoder(resp.Body).Decode(&events); err != nil { - return nil, err - } - return events, nil -} - -// Events returns a stream of events in the daemon. It's up to the caller to close the stream -// by cancelling the context. Once the stream has been completely read an io.EOF error will -// be sent over the error channel. If an error is sent all processing will be stopped. It's up -// to the caller to reopen the stream in the event of an error by reinvoking this method. -func (c *Client) Events(ctx context.Context, opts types.ListOptions) (<-chan types.Request, <-chan error) { - - // listOpts := doOptions{ - // fieldSelector: opts.FieldSelector, - // labelSelector: opts.LabelSelector, - // context: ctx, - // } - - messages := make(chan types.Request) - errs := make(chan error, 1) - - // started := make(chan struct{}) - ws, _, err := websocket.DefaultDialer.Dial("ws://10.245.103.2:8000/v1/ws/event", nil) - if err != nil { - // close(started) - // errs <- err - log.Fatal(err) - } - // defer ws.Close() - - done := make(chan struct{}) - go func() { - defer ws.Close() - defer close(done) - for { - _, message, err := ws.ReadMessage() - if err != nil { - log.Println("read:", err) - errs <- err - return - } - // log.Printf("recv: %s", message) - var request types.Request - if err := json.Unmarshal(message, &request); err != nil { - log.Printf("decode error: %s", message) - errs <- err - return - } - messages <- request - } - }() - - ticker := time.NewTicker(time.Second) - defer ticker.Stop() - - go func() { - for { - select { - case t := <-ticker.C: - log.Printf("tick: %s\n", t.String()) - err := ws.WriteMessage(websocket.TextMessage, []byte(t.String())) - if err != nil { - log.Println("write:", err) - return - } - case <-ctx.Done(): - log.Println("done") - err := ws.WriteMessage(websocket.CloseMessage, websocket.FormatCloseMessage(websocket.CloseNormalClosure, "")) - if err != nil { - log.Println("write close:", err) - return - } - errs <- ctx.Err() - select { - case <-done: - case <-time.After(time.Second): - } - ws.Close() - return - } - } - }() - - // go func() { - // defer ws.Close() - // defer close(errs) - // - // // query, err := buildEventsQueryParams(cli.version, options) - // // if err != nil { - // // close(started) - // // errs <- err - // // return - // // } - // - // // resp, err := cli.get(ctx, "/events", query, nil) - // - // // decoder := json.NewDecoder(resp.Body) - // - // close(started) - // for { - // select { - // case <-ctx.Done(): - // log.Println("done") - // errs <- ctx.Err() - // return - // default: - // log.Println("default") - // _, message, err := ws.ReadMessage() - // if err != nil { - // log.Println("read:", err) - // return - // } - // log.Printf("recv: %s", message) - // var event types.Event - // if err := json.Unmarshal(message, &event); err != nil { - // log.Printf("decode error: %s", message) - // errs <- err - // return - // } - // log.Printf("sent: %v", event) - // messages <- event - // - // // select { - // // case messages <- event: - // // case <-ctx.Done(): - // // errs <- ctx.Err() - // // return - // // } - // } - // } - // }() - // <-started - log.Println("returning") - return messages, errs -} - -// Event returns a event by its reference. -func (c *Client) Event(ref string) (*types.Event, error) { - resp, err := c.do("GET", EventAPIPrefix+"/"+ref, doOptions{}) - if err != nil { - if e, ok := err.(*Error); ok && e.Status == http.StatusNotFound { - return nil, ErrNoSuchEvent - } - return nil, err - } - defer resp.Body.Close() - var event types.Event - if err := json.NewDecoder(resp.Body).Decode(&event); err != nil { - return nil, err - } - return &event, nil -} diff --git a/vendor/github.com/storageos/go-api/health.go b/vendor/github.com/storageos/go-api/health.go index f4a37807d59..7b441000749 100644 --- a/vendor/github.com/storageos/go-api/health.go +++ b/vendor/github.com/storageos/go-api/health.go @@ -23,12 +23,14 @@ func (c *Client) CPHealth(ctx context.Context, hostname string) (*types.CPHealth return nil, err } - req.Header.Set("User-Agent", userAgent) + req.Header.Set("User-Agent", c.userAgent) if c.username != "" && c.secret != "" { req.SetBasicAuth(c.username, c.secret) } - resp, err := c.HTTPClient.Do(req.WithContext(ctx)) + c.configLock.RLock() + resp, err := c.httpClient.Do(req.WithContext(ctx)) + c.configLock.RUnlock() if err != nil { return nil, err } @@ -51,12 +53,14 @@ func (c *Client) DPHealth(ctx context.Context, hostname string) (*types.DPHealth return nil, err } - req.Header.Set("User-Agent", userAgent) + req.Header.Set("User-Agent", c.userAgent) if c.username != "" && c.secret != "" { req.SetBasicAuth(c.username, c.secret) } - resp, err := c.HTTPClient.Do(req.WithContext(ctx)) + c.configLock.RLock() + resp, err := c.httpClient.Do(req.WithContext(ctx)) + c.configLock.RUnlock() if err != nil { return nil, err } diff --git a/vendor/github.com/storageos/go-api/login.go b/vendor/github.com/storageos/go-api/login.go index 31b0a471f92..371a31ec756 100644 --- a/vendor/github.com/storageos/go-api/login.go +++ b/vendor/github.com/storageos/go-api/login.go @@ -8,7 +8,8 @@ import ( var ( // LoginAPIPrefix is a partial path to the HTTP endpoint. LoginAPIPrefix = "auth/login" - ErrLoginFailed = errors.New("Failed to get token from API endpoint") + // ErrLoginFailed is the error returned on an unsuccessful login. + ErrLoginFailed = errors.New("failed to get token from API endpoint") ) // Login attemps to get a token from the API diff --git a/vendor/github.com/storageos/go-api/netutil/BUILD b/vendor/github.com/storageos/go-api/netutil/BUILD index 4389448cd35..3fec107c645 100644 --- a/vendor/github.com/storageos/go-api/netutil/BUILD +++ b/vendor/github.com/storageos/go-api/netutil/BUILD @@ -4,7 +4,7 @@ go_library( name = "go_default_library", srcs = [ "errors.go", - "multidialer.go", + "netutil.go", "parsers.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/storageos/go-api/netutil", diff --git a/vendor/github.com/storageos/go-api/netutil/errors.go b/vendor/github.com/storageos/go-api/netutil/errors.go index 245001e72c5..f61980d08cb 100644 --- a/vendor/github.com/storageos/go-api/netutil/errors.go +++ b/vendor/github.com/storageos/go-api/netutil/errors.go @@ -3,11 +3,14 @@ package netutil import ( "errors" "fmt" - "github.com/storageos/go-api/serror" "strings" + + "github.com/storageos/go-api/serror" ) -func errAllFailed(addrs []string) error { +// ErrAllFailed produces a typed StorageOS error which should be used to indicate that +// the API is not contactable for all of the supplied node addresses. +func ErrAllFailed(addrs []string) error { msg := fmt.Sprintf("failed to dial all known cluster members, (%s)", strings.Join(addrs, ",")) help := "ensure that the value of $STORAGEOS_HOST (or the -H flag) is correct, and that there are healthy StorageOS nodes in this cluster" @@ -21,6 +24,8 @@ func newInvalidNodeError(err error) error { return serror.NewTypedStorageOSError(serror.InvalidHostConfig, err, msg, help) } -var errNoAddresses = errors.New("the MultiDialer instance has not been initialised with client addresses") -var errUnsupportedScheme = errors.New("unsupported URL scheme") -var errInvalidPortNumber = errors.New("invalid port number") +var ( + errUnsupportedScheme = errors.New("unsupported URL scheme") + errInvalidHostName = errors.New("invalid hostname") + errInvalidPortNumber = errors.New("invalid port number") +) diff --git a/vendor/github.com/storageos/go-api/netutil/multidialer.go b/vendor/github.com/storageos/go-api/netutil/multidialer.go deleted file mode 100644 index 30a8226b137..00000000000 --- a/vendor/github.com/storageos/go-api/netutil/multidialer.go +++ /dev/null @@ -1,109 +0,0 @@ -package netutil - -import ( - "context" - "math/rand" - "net" - "time" -) - -var DefaultDialPort = "5705" - -func init() { - rand.Seed(time.Now().UnixNano()) -} - -// Dialer is an interface that matches *net.Dialer. The intention is to allow either the stdlib -// dialer or a custom implementation to be passed to the MultiDialer constructor. This also makes -// the component easier to test. -type Dialer interface { - DialContext(context.Context, string, string) (net.Conn, error) -} - -// MultiDialer is a custom net Dialer (to be used in a net.Transport field) that attemps to dial -// out to any (potentialy many) of a set of pre-defined addresses. The intended use of this -// function is to extend the functionality of the stdlib http.Client to transparently support -// requests to any member of a given storageos cluster. -type MultiDialer struct { - Addresses []string - Dialer *net.Dialer -} - -// NewMultiDialer returns a new MultiDialer instance, configured to dial out to the given set of -// nodes. Nodes can be provided using a URL format (e.g. http://google.com:80), or a host-port pair -// (e.g. localhost:4567). -// -// If a port number is omitted, the value of DefaultDialPort is used. -// Given hostnames are resolved to IP addresses, and IP addresses are used verbatim. -// -// If called with a non-nil dialer, the MultiDialer instance will use this for internall dial -// requests. If this value is nil, the function will initialise one with sane defaults. -func NewMultiDialer(nodes []string, dialer *net.Dialer) (*MultiDialer, error) { - // If a dialer is not provided, initialise one with sane defaults - if dialer == nil { - dialer = &net.Dialer{ - Timeout: 5 * time.Second, - KeepAlive: 5 * time.Second, - } - } - - addrs, err := addrsFromNodes(nodes) - if err != nil { - return nil, err - } - - return &MultiDialer{ - Addresses: addrs, - Dialer: dialer, - }, nil -} - -// DialContext will dial each of the MultiDialer's internal addresses in a random order until one -// successfully returns a connection, it has run out of addresses (returning ErrAllFailed), or the -// given context has been closed. -// -// Due to the intrinsic behaviour of this function, any address passed to this function will be -// ignored. -func (m *MultiDialer) DialContext(ctx context.Context, network, ignoredAddress string) (net.Conn, error) { - if len(m.Addresses) == 0 { - return nil, newInvalidNodeError(errNoAddresses) - } - - // Shuffle a copy of the addresses (for even load balancing) - addrs := make([]string, len(m.Addresses)) - copy(addrs, m.Addresses) - - // Fisher–Yates shuffle algorithm - for i := len(addrs) - 1; i > 0; i-- { - j := rand.Intn(i + 1) - addrs[i], addrs[j] = addrs[j], addrs[i] - } - - // Try to dial each of these addresses in turn, or return on closed context - for _, addr := range addrs { - select { - case <-ctx.Done(): - return nil, ctx.Err() - - default: - // Create new child context for a single dial - dctx, cancel := context.WithTimeout(ctx, time.Second) - defer cancel() - - conn, err := m.Dialer.DialContext(dctx, network, addr) - if err != nil { - continue - } - - return conn, nil - } - } - - // We failed to dail all of the addresses we have - return nil, errAllFailed(m.Addresses) -} - -// Dial returns the result of a call to m.DialContext passing in the background context -func (m *MultiDialer) Dial(network, addr string) (net.Conn, error) { - return m.DialContext(context.Background(), network, addr) -} diff --git a/vendor/github.com/storageos/go-api/netutil/netutil.go b/vendor/github.com/storageos/go-api/netutil/netutil.go new file mode 100644 index 00000000000..7f9c550c46e --- /dev/null +++ b/vendor/github.com/storageos/go-api/netutil/netutil.go @@ -0,0 +1,5 @@ +// Package netutil provides network related errors and helper functions. +package netutil + +// DefaultDialPort is the default port which the API is contacted on. +const DefaultDialPort = "5705" diff --git a/vendor/github.com/storageos/go-api/netutil/parsers.go b/vendor/github.com/storageos/go-api/netutil/parsers.go index a8a8701ffa0..cb297e83488 100644 --- a/vendor/github.com/storageos/go-api/netutil/parsers.go +++ b/vendor/github.com/storageos/go-api/netutil/parsers.go @@ -1,52 +1,72 @@ package netutil import ( - "net" "net/url" "strconv" "strings" ) -// addrsFromNodes takes a list of node hosts and attempts to return a list of hosts in ip:port +const ( + httpScheme = "http" + httpsScheme = "https" + tcpScheme = "tcp" +) + +// AddressesFromNodes takes a list of node hosts and attempts to return a list of hosts in host:port // format along with any error encountered. // // The function accepts node hosts in URL, ip, ip:port, resolvable-name and resolvable-name:port -// formats and will append the default port value if needed. -func addrsFromNodes(nodes []string) ([]string, error) { - var addrs []string +// formats and will append the default port value if needed. For hosts where the scheme has been omitted, +// the scheme for the first host will be used. If the first host has no scheme, it will default to http. +func AddressesFromNodes(nodes []string) ([]string, error) { + var addresses []string - for _, n := range nodes { - switch { - // Assume that the node is provided as a URL - case strings.Contains(n, "://"): - newAddrs, err := parseURL(n) - if err != nil { - return nil, newInvalidNodeError(err) + var scheme string + + for _, node := range nodes { + address := node + // If no scheme present, set the first scheme + if !strings.Contains(address, "://") { + if scheme == "" { + scheme = httpScheme } - - addrs = append(addrs, newAddrs...) - - // Assume the node is in hostname:port or ip:port format - case strings.Contains(n, ":"): - newAddrs, err := parseHostPort(n) - if err != nil { - return nil, newInvalidNodeError(err) - } - - addrs = append(addrs, newAddrs...) - - // Assume hostname or ip - default: - newAddrs, err := parseHost(n) - if err != nil { - return nil, newInvalidNodeError(err) - } - - addrs = append(addrs, newAddrs...) + address = strings.Join([]string{scheme, address}, "://") } + + url, err := url.Parse(address) + if err != nil { + return nil, newInvalidNodeError(err) + } + + switch url.Scheme { + case tcpScheme: + url.Scheme = httpScheme + fallthrough + case httpScheme, httpsScheme: + if scheme == "" { + scheme = url.Scheme + } + default: + return nil, newInvalidNodeError(errUnsupportedScheme) + } + + host := url.Hostname() + if host == "" { + return nil, newInvalidNodeError(errInvalidHostName) + } + + port := url.Port() + if port == "" { + port = DefaultDialPort + } + if !validPort(port) { + return nil, newInvalidNodeError(errInvalidPortNumber) + } + + addresses = append(addresses, strings.TrimRight(url.String(), "/")) } - return addrs, nil + return addresses, nil } func validPort(port string) bool { @@ -56,87 +76,3 @@ func validPort(port string) bool { (intPort > 0) && (intPort <= 65535) } - -// parseURL takes a valid URL and verifies that it is using a correct scheme, has a resolvable -// address (or is an IP) and has a valid port (or adds the default if the port is omitted). The -// function then returns a list of addresses in ip:port format along with any error encountered. -// -// The function may return multiple addresses depending on the dns answer received when resolving -// the host. -func parseURL(node string) ([]string, error) { - url, err := url.Parse(node) - if err != nil { - return nil, err - } - - // Verify a valid scheme - switch url.Scheme { - case "tcp", "http", "https": - host, port, err := net.SplitHostPort(url.Host) - if err != nil { - // We could be here as there is no port, lets try one last time with default port added - host, port, err = net.SplitHostPort(url.Host + ":" + DefaultDialPort) - if err != nil { - return nil, err - } - } - - if !validPort(port) { - return nil, errInvalidPortNumber - } - - // LookupHost works for IP addr too - addrs, err := net.LookupHost(host) - if err != nil { - return nil, err - } - - for i, a := range addrs { - addrs[i] = a + ":" + port - } - - return addrs, nil - - default: - return nil, errUnsupportedScheme - } -} - -// parseHostPort takes a string in host:port format and checks it has a resolvable address (or is -// an IP) and a valid port (or adds the default if the port is omitted). The function then returns -// a list of addresses in ip:port format along with any error encountered. -// -// The function may return multiple addresses depending on the dns answer received when resolving -// the host. -func parseHostPort(node string) ([]string, error) { - host, port, err := net.SplitHostPort(node) - if err != nil { - return nil, err - } - - if !validPort(port) { - return nil, errInvalidPortNumber - } - - // LookupHost works for IP addr too - addrs, err := net.LookupHost(host) - if err != nil { - return nil, err - } - - for i, a := range addrs { - addrs[i] = a + ":" + port - } - - return addrs, nil -} - -// parseHostPort takes a hostname string and checks it is resolvable to an address (or is already -// an IP) The function then returns a list of addresses in ip:port format (where port is the -// default port) along with any error encountered. -// -// The function may return multiple addresses depending on the dns answer received when resolving -// the host. -func parseHost(node string) ([]string, error) { - return parseHostPort(node + ":" + DefaultDialPort) -} diff --git a/vendor/github.com/storageos/go-api/network_diagnostics.go b/vendor/github.com/storageos/go-api/network_diagnostics.go new file mode 100644 index 00000000000..5d8a0bcc8f4 --- /dev/null +++ b/vendor/github.com/storageos/go-api/network_diagnostics.go @@ -0,0 +1,35 @@ +package storageos + +import ( + "encoding/json" + "net/http" + "path" + + "github.com/storageos/go-api/types" +) + +var ( + // NetworkDiagnosticsAPIPrefix is a partial path to the HTTP endpoint for + // the node connectivity diagnostics report. + NetworkDiagnosticsAPIPrefix = "diagnostics/network" +) + +// NetworkDiagnostics returns a collection of network connectivity reports. If +// a reference to a node is given, it will only check connectivity from that +// node. Otherwise, connectivity between all cluster nodes will be returned. +func (c *Client) NetworkDiagnostics(ref string) (types.ConnectivityResults, error) { + resp, err := c.do("GET", path.Join(NetworkDiagnosticsAPIPrefix, ref), doOptions{}) + if err != nil { + if e, ok := err.(*Error); ok && e.Status == http.StatusNotFound { + return nil, ErrNoSuchNode + } + return nil, err + } + defer resp.Body.Close() + + var results types.ConnectivityResults + if err := json.NewDecoder(resp.Body).Decode(&results); err != nil { + return nil, err + } + return results, nil +} diff --git a/vendor/github.com/storageos/go-api/node.go b/vendor/github.com/storageos/go-api/node.go new file mode 100644 index 00000000000..4188f582a4e --- /dev/null +++ b/vendor/github.com/storageos/go-api/node.go @@ -0,0 +1,110 @@ +package storageos + +import ( + "encoding/json" + "errors" + "net/http" + "net/url" + + "github.com/storageos/go-api/types" +) + +var ( + + // NodeAPIPrefix is a partial path to the HTTP endpoint. + NodeAPIPrefix = "nodes" + + // ErrNoSuchNode is the error returned when the node does not exist. + ErrNoSuchNode = errors.New("no such node") + + // ErrNodeInUse is the error returned when the node requested to be removed is still in use. + ErrNodeInUse = errors.New("node in use and cannot be removed") +) + +// NodeList returns the list of available nodes. +func (c *Client) NodeList(opts types.ListOptions) ([]*types.Node, error) { + listOpts := doOptions{ + fieldSelector: opts.FieldSelector, + labelSelector: opts.LabelSelector, + context: opts.Context, + } + + if opts.LabelSelector != "" { + query := url.Values{} + query.Add("labelSelector", opts.LabelSelector) + listOpts.values = query + } + + resp, err := c.do("GET", NodeAPIPrefix, listOpts) + if err != nil { + return nil, err + } + defer resp.Body.Close() + var nodes []*types.Node + if err := json.NewDecoder(resp.Body).Decode(&nodes); err != nil { + return nil, err + } + return nodes, nil +} + +// Node returns a node by its reference. +func (c *Client) Node(ref string) (*types.Node, error) { + + resp, err := c.do("GET", NodeAPIPrefix+"/"+ref, doOptions{}) + if err != nil { + if e, ok := err.(*Error); ok && e.Status == http.StatusNotFound { + return nil, ErrNoSuchNode + } + return nil, err + } + defer resp.Body.Close() + var node types.Node + if err := json.NewDecoder(resp.Body).Decode(&node); err != nil { + return nil, err + } + return &node, nil +} + +// NodeUpdate updates a node on the server. +func (c *Client) NodeUpdate(opts types.NodeUpdateOptions) (*types.Node, error) { + ref := opts.Name + if IsUUID(opts.ID) { + ref = opts.ID + } + resp, err := c.do("PUT", NodeAPIPrefix+"/"+ref, doOptions{ + data: opts, + context: opts.Context, + }) + if err != nil { + return nil, err + } + defer resp.Body.Close() + var node types.Node + if err := json.NewDecoder(resp.Body).Decode(&node); err != nil { + return nil, err + } + return &node, nil +} + +// NodeDelete removes a node by its reference. +func (c *Client) NodeDelete(opts types.DeleteOptions) error { + deleteOpts := doOptions{ + namespace: opts.Namespace, + force: opts.Force, + context: opts.Context, + } + resp, err := c.do("DELETE", NodeAPIPrefix+"/"+opts.Name, deleteOpts) + if err != nil { + if e, ok := err.(*Error); ok { + if e.Status == http.StatusNotFound { + return ErrNoSuchNode + } + if e.Status == http.StatusConflict { + return ErrNodeInUse + } + } + return err + } + defer resp.Body.Close() + return nil +} diff --git a/vendor/github.com/storageos/go-api/policy.go b/vendor/github.com/storageos/go-api/policy.go index e2539c5b113..9d2f6604fdc 100644 --- a/vendor/github.com/storageos/go-api/policy.go +++ b/vendor/github.com/storageos/go-api/policy.go @@ -5,16 +5,15 @@ import ( "encoding/json" "errors" "fmt" - "github.com/storageos/go-api/types" "net/http" "net/url" + + "github.com/storageos/go-api/types" ) var ( - // PolicyAPIPrefix is a partial path to the HTTP endpoint. PolicyAPIPrefix = "policies" - // ErrNoSuchPolicy is the error returned when the policy does not exist. ErrNoSuchPolicy = errors.New("no such policy") ) diff --git a/vendor/github.com/storageos/go-api/pool.go b/vendor/github.com/storageos/go-api/pool.go index c30adc0c99c..c4629d74f6a 100644 --- a/vendor/github.com/storageos/go-api/pool.go +++ b/vendor/github.com/storageos/go-api/pool.go @@ -41,7 +41,7 @@ func (c *Client) PoolList(opts types.ListOptions) ([]*types.Pool, error) { } // PoolCreate creates a pool on the server and returns the new object. -func (c *Client) PoolCreate(opts types.PoolCreateOptions) (*types.Pool, error) { +func (c *Client) PoolCreate(opts types.PoolOptions) (*types.Pool, error) { resp, err := c.do("POST", PoolAPIPrefix, doOptions{ data: opts, context: opts.Context, @@ -56,6 +56,27 @@ func (c *Client) PoolCreate(opts types.PoolCreateOptions) (*types.Pool, error) { return &pool, nil } +// PoolUpdate - update pool +func (c *Client) PoolUpdate(opts types.PoolOptions) (*types.Pool, error) { + ref := opts.Name + if IsUUID(opts.ID) { + ref = opts.ID + } + + resp, err := c.do("PUT", PoolAPIPrefix+"/"+ref, doOptions{ + data: opts, + context: opts.Context, + }) + if err != nil { + return nil, err + } + var pool types.Pool + if err := json.NewDecoder(resp.Body).Decode(&pool); err != nil { + return nil, err + } + return &pool, nil +} + // Pool returns a pool by its reference. func (c *Client) Pool(ref string) (*types.Pool, error) { resp, err := c.do("GET", PoolAPIPrefix+"/"+ref, doOptions{}) diff --git a/vendor/github.com/storageos/go-api/rule.go b/vendor/github.com/storageos/go-api/rule.go index a187e2569c2..fc92d150229 100644 --- a/vendor/github.com/storageos/go-api/rule.go +++ b/vendor/github.com/storageos/go-api/rule.go @@ -3,7 +3,6 @@ package storageos import ( "encoding/json" "errors" - "fmt" "net/http" "net/url" @@ -98,7 +97,7 @@ func (c *Client) RuleUpdate(opts types.RuleUpdateOptions) (*types.Rule, error) { if IsUUID(opts.ID) { ref = opts.ID } - fmt.Printf("%#v\n", opts) + path, err := namespacedRefPath(opts.Namespace, RuleAPIPrefix, ref) if err != nil { return nil, err diff --git a/vendor/github.com/storageos/go-api/testing_notes.txt b/vendor/github.com/storageos/go-api/testing_notes.txt deleted file mode 100644 index 8014a114266..00000000000 --- a/vendor/github.com/storageos/go-api/testing_notes.txt +++ /dev/null @@ -1,769 +0,0 @@ -docs.storageos.com - API webpage -================================ - -TODO: Openind paragraph of text has multiple typos and grammar errors. Need to fix this. [DONE] -TODO: hard to see the text for the example JSON post messages on the RHS. Possibly a Safari thing?! -TODO: some of the JSON examples on the RHS of the webpage look wrong?! Safari issue? -TODO: docs should use all lowercase for consistency? - -VOLUMES -======= - -List volumes -============ - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - no provisioned volumes. -- No auth username and password supplied. ---> -GET: 172.28.128.3:5705/v1/namespaces/default/volumes -<-- -401 UNAUTHORIZED -Unauthorized --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - no provisioned volumes. -- bad namespace used. ---> -GET: 172.28.128.3:5705/v1/namespaces/defaultxxx/volumes -<-- -404 NOT FOUND -JSON: "message": "Not found" -Unauthorized --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - no provisioned volumes. -- Dropped the {namespace} path parameter. ---> -GET: 172.28.128.3:5705/v1/namespaces/volumes -<-- -404 NOT FOUND -Not found --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - no provisioned volumes. -- One volume has already been created successfully. ---> -GET: 172.28.128.3:5705/v1/namespaces/volumes -<-- -JSON: valid volume/inode state data (note: this time the master data is correctly set i.e. has non-zero data) --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster - single provisioned volumes. ---> -GET: 172.28.128.3:5705/v1/namespaces/volumes -<-- -JSON: valid volume/inode state data. --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster - multiple provisioned volumes. ---> -GET: 172.28.128.3:5705/v1/namespaces/volumes -<-- -JSON: an array of valid volume/inode state data for multiple volumes. --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster - multiple provisioned volumes. -- labelSelector ---> -GET: 172.28.128.3:5705/v1/namespaces/volumes?labelSelector=com.example.some-label -<-- -JSON: an array of valid volume/inode state data for multiple volumes. --FAILED- doesn't appear to filter. -XXX: - -=============================================================================== - -SCENARIO: -- 3 node cluster - multiple provisioned volumes. -- fieldSelector ---> -GET: 172.28.128.3:5705/v1/namespaces/volumes?fieldSelector= -<-- -JSON: an array of valid volume/inode state data for multiple volumes. --UNTESTED- don't know what to put for fieldSelector's value?? -XXX: - -=============================================================================== - - -Create volumes -============== - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - no provisioned volumes. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "name": "redis-vol01", - "size": 1 -} -<-- -JSON: valid volume/inode state data (note: master data is all zerod at this point) --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - with a single volume already provisioned. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "name": "redis-vol02", - "size": 2 -} -<-- -JSON: valid volume/inode state data (note: master data is all zerod at this point) --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - with two volumes already provisioned. -- Now trying to provision a third with bad JSON body -- using CAPITAL first letters for Name and Size. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "Name": "redis-vol03", - "Size": 3 -} -<-- -JSON: valid volume/inode state data (note: master data is all zerod at this point) --EXPECTED- WORKS?! This implies that the JSON keys are non-case sensitive. - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - with two volumes already provisioned. -- Now trying to provision a third with bad JSON body -- using all CAPITALS for NAME and SIZE. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "NAME": "redis-vol03", - "SIZE": 3 -} -<-- -JSON: valid volume/inode state data (note: master data is all zerod at this point) --EXPECTED- WORKS?! This implies that the JSON keys are non-case sensitive. - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - with two volumes already provisioned. -- Now trying to provision a volume with bad JSON body -- missing size parameter. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "name": "redis-vol05", -} -<-- -JSON: valid volume/inode state data (note: master data is all zerod at this point) --EXPECTED- Size defaults to 10 -TODO: update documentation to reflect this. [DONE] - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - with two volumes already provisioned. -- Now trying to provision a volume with bad JSON body -- with size (0) parameter. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "name": "redis-vol05", - "size" 0 -} -<-- -JSON: valid volume/inode state data (note: master data is all zerod at this point) --EXPECTED- Size defaults to 10 -TODO: update documentation to reflect this. [DONE] - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - with two volumes already provisioned. -- Now trying to provision a volume with bad JSON body -- empty JSON object. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ -} -<-- -volume name not valid --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - with two volumes already provisioned. -- Now trying to provision a volume with no JSON body -- empty ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -<-- -JSON: "message": "EOF" --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster. -- Now trying to provision a volume with no JSON name field ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "size": 2 -} -<-- -volume name not valid --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster. -- Now trying to provision a volume with no JSON name field ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "size": 2 -} -<-- -volume name not valid --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster. -- Now trying to provision a volume with same name as one that has already been provisioned. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "name": "myvol1", - "size": 5 -} -<-- -volume with name 'myvol1' already exists --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster. -- Now trying to provision a volume with pool name. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "name": "myvol1", - "size": 5, - "pool": "mypool1" -} -<-- -JSON: valid volume/inode state data with correct pool field. --EXPECTED- - -=============================================================================== - -SCENARIO: -- 3 node cluster. -- Now trying to provision a volume with optional labels. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes -BODY (JSON): -{ - "Name": "vol01", - "Size": 5, - "Labels": { - "com.example.some-label": "some-value", - "com.example.some-other-label": "some-other-value" - } -} -<-- -JSON: valid volume/inode state data with correct labels. --EXPECTED- - -=============================================================================== - - -Get volumes -=========== - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Get by name. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes/redis-vol03 -<-- -JSON: correct volume/inode state data. --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Get by id. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes/270c1fc2-c578-77f8-2d7c-1515e626b6c3 -<-- -JSON: correct volume/inode state data. --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Passing bad name/id. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes/this-volume-does-not-exist -<-- -Not Found --EXPECTED- - -=============================================================================== - - -Update volumes -============== - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Update a volume ---> -PUT: 172.28.128.3:5705/v1/namespaces/default/volumes/redis-vol03 -JSON: -{ - "Description": "string", - "Size": 5, - "Labels": { - "property1": "string", - "property2": "string" - } -} -<-- -200 OK --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Update a volume, trying with bad JSON, missing opening curly brace! ---> -PUT: 172.28.128.3:5705/v1/namespaces/default/volumes/redis-vol03 -JSON: - "Description": "string", - "Size": 5, - "Labels": { - "property1": "string", - "property2": "string" - } -} -<-- -400 BAD REQUEST -Request decode failed: json: cannot unmarshal string into Go value of type types.Volume --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Update a volume, trying with size (0) and same property1 and new property3. ---> -PUT: 172.28.128.3:5705/v1/namespaces/default/volumes/redis-vol03 -JSON: -{ - "Description": "string", - "Size": 0, - "Labels": { - "property1": "string", - "property3": "string3" - } -} -<-- -200 OK --NOT EXPECTED- -The old labels are completely overwritten anew (hence the previous property2 label is not present). I assume this is the desired behaviour?! -TODO: However size is now zero?! Check this is ok! Probably not; since the Create volume API defaults to 10 when 0 is passed or omitted. -XXX: - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Update a volume, trying with omitting size parameter ---> -PUT: 172.28.128.3:5705/v1/namespaces/default/volumes/volxyz -JSON: -{ - "Description": "string", - "Labels": { - "property1": "string", - "property3": "string3" - } -} -<-- -200 OK --NOT EXPECTED- -XXX: size is now zero when not passing size in JSON body of PUT request. - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Update a volume, trying with omitting description parameter ---> -PUT: 172.28.128.3:5705/v1/namespaces/default/volumes/volxyz -JSON: -{ - "Labels": { - "property1": "string", - "property3": "string3" - } -} -<-- -200 OK --NOT EXPECTED- -XXX: description string is empty i.e. "" when not passing description in JSON body of PUT request. -The above implies that the update volume PUT request receiving side interprets missing update parameters as their null-value counterparts. So it's is not possible to update just specific parameters. - -=============================================================================== - - -Delete volumes -============== - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Delete a volume. But not specifying a name in the path. ---> -DELETE: 172.28.128.3:5705/v1/namespaces/default/volumes -<-- -404 NOT FOUND -404 page not found --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Delete a volume by specifying the volume's name. ---> -DELETE: 172.28.128.3:5705/v1/namespaces/default/volumes/redis-vol05 -<-- -200 OK --EXPECTED- -TODO: But when doing a GET ~volumes/redis-vol05 it is still present So DELETE volumes doesn't appear to be working. - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Delete a volume by specifying the volume's id. ---> -DELETE: 172.28.128.3:5705/v1/namespaces/default/volumes/5233930b-b77f-2863-0895-b1eb5d73ec45 -<-- -200 OK --EXPECTED- -TODO: But when doing a GET ~volumes/5233930b-b77f-2863-0895-b1eb5d73ec45 it is still present So DELETE volumes doesn't appear to be working. - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Trying to delete a mounted volume ---> -DELETE: 172.28.128.3:5705/v1/namespaces/default/volumes/volxyz -<-- -412 PRECONDITION FAILED -cannot delete mounted volume --EXPECTED- -TODO: seems correct, this hints that the mount is working which is in conflict with my observation below for MOUNT and UNMOUNT. Q. Is it checking the mount status via the OS, or by some other means i.e. locally cached value? - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Trying to delete a unmounted volume ---> -DELETE: 172.28.128.3:5705/v1/namespaces/default/volumes/volxyz -<-- -200 OK --EXPECTED- - -=============================================================================== - - -Mount volumes -============= - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Mount a volume. But not specifying a name in the path. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes/redis-vol02/mount -JSON: -{ - "client": "storageos-1-68228" -} -<-- -200 OK --EXPECTED- -NOTE: in the JSON response, no_of_mounts does increase correctly by one each time. And mounted is set to true correctly. -TODO: although this worked, the documentation doesn't give the proper JSON request body. -TODO: no_of_mounts is still 0 in /var/lib/storageos/state/inode/178101 (should increase by 1 for every mount.) -BUG^ -TODO: Also not sure if really mounted this volume, since running the storageos cli e.g.: -$ ./storageos volume ls -The MOUNTED BY column is always empty ?? Either cli doesn't show this info, yet. Or the volume isn't mounted. -=============================================================================== - - -Unmount volumes -=============== - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Mount a volume. But not specifying a name in the path. ---> -POST: 172.28.128.3:5705/v1/namespaces/default/volumes/redis-vol02/unmount -JSON: -{ - "can-be-anything": "storageos-1-68228" -} -<-- -200 OK --EXPECTED- -NOTE: in the JSON response, mounted is set back to false correctly. -TODO: although this worked, the documentation doesn't give the proper JSON request body. The - -=============================================================================== - - -POOLS -===== - -List pools -========== - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster. -- No auth username and password supplied. ---> -GET: 172.28.128.3:5705/v1/pools -<-- -401 UNAUTHORIZED -Unauthorized --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster. No pools. ---> -GET: 172.28.128.3:5705/v1/pools -<-- -200 OK -JSON: an array of pools. --EXPECTED- - -=============================================================================== - - -Create pools -============ - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster. ---> -POST: 172.28.128.3:5705/v1/volumes -BODY (JSON): -{ - "name": "mypool1" -} -<-- -201 CREATED -JSON: valid pool data. --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster. -- Trying to create a pool with the same name as another already created. ---> -POST: 172.28.128.3:5705/v1/volumes -BODY (JSON): -{ - "name": "mypool1" -} -<-- -409 CONFLICT -Pool with name 'mypool1' already exists --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster. -- Trying to create a pool with the same name as another already created. ---> -POST: 172.28.128.3:5705/v1/volumes -BODY (JSON): -{ - "name": "mypool2", - "description": "hello world!" -} -<-- -201 CREATED -JSON: valid pool data. --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster. -- Trying to create a pool with the defaultDriver string set. ---> -POST: 172.28.128.3:5705/v1/volumes -BODY (JSON): -{ - "name": "mypool6", - "description": "hello world again!", - "default": true, - "defautDriver": "I'm the default driver :)" -} -<-- -201 CREATED -JSON: Is correct for the most part, but defaultDriver is an empty string?? --NOT EXPECTED- -XXX - -=============================================================================== - - -Get Pools -========= - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Get by name. ---> -POST: 172.28.128.3:5705/v1/pools/mypool1 -<-- -200 OK -JSON: correct pool data. --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Get by id. ---> -POST: 172.28.128.3:5705/v1/pools/ea477d68-8193-1179-d889-aa6ea8797082 -<-- -200 OK -JSON: correct pool data. --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned volumes. -- Get by name. Try passing invalid name. ---> -POST: 172.28.128.3:5705/v1/pools/mypool1xxx -<-- -404 NOT FOUND -Not Found --EXPECTED- - -=============================================================================== - - -Delete Pools -============ - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned pools. -- Trying to delete without specifying name etc. in the path. ---> -POST: 172.28.128.3:5705/v1/pools -<-- -404 NOT FOUND -404 page not found --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned pools. -- Delete by name. ---> -POST: 172.28.128.3:5705/v1/pools/mypool2 -<-- -200 OK --EXPECTED- - -=============================================================================== - -SCENARIO: -- Fresh start - 3 node cluster - N provisioned pools. -- Delete by id. ---> -POST: 172.28.128.3:5705/v1/pools/9a10bbfe-eaaa-af3c-2a9b-d78e0790efb4 -<-- -200 OK --EXPECTED- - -=============================================================================== diff --git a/vendor/github.com/storageos/go-api/types/BUILD b/vendor/github.com/storageos/go-api/types/BUILD index d1a976b89c9..02b1afff3f0 100644 --- a/vendor/github.com/storageos/go-api/types/BUILD +++ b/vendor/github.com/storageos/go-api/types/BUILD @@ -5,21 +5,22 @@ go_library( srcs = [ "auth.go", "capacity_stats.go", - "controller.go", - "controller_update_options.go", + "connectivity.go", "delete_options.go", "deployment.go", "driver_instance.go", "error_response.go", "events.go", + "health.go", "list_options.go", "logger.go", "namespace.go", "node.go", + "node_update_options.go", "operator.go", "policy.go", "pool.go", - "pool_create_options.go", + "pool_options.go", "rule.go", "template.go", "template_create_options.go", @@ -27,6 +28,7 @@ go_library( "version.go", "volume.go", "volume_create_options.go", + "volume_stats.go", "volume_update_options.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/storageos/go-api/types", diff --git a/vendor/github.com/storageos/go-api/types/connectivity.go b/vendor/github.com/storageos/go-api/types/connectivity.go new file mode 100644 index 00000000000..8d3177d1ac1 --- /dev/null +++ b/vendor/github.com/storageos/go-api/types/connectivity.go @@ -0,0 +1,41 @@ +package types + +import "time" + +// ConnectivityResult capture's a node connectivity report to a given target. +type ConnectivityResult struct { + // Label is a human-readable reference for the service being tested. + Label string `json:"label"` + + // Address is the host:port of the service being tested. + Address string `json:"address"` + + // Source is a human-readable reference for the source host where the tests + // were run from. + Source string `json:"source"` + + // LatencyNS is the duration in nanoseconds that the check took to complete. + // Will also be set on unsuccessful attempts. + LatencyNS time.Duration `json:"latency_ns"` + + // Error is set if the test returned an error. + Error string `json:"error"` +} + +// IsOK returns true iff no error +func (r ConnectivityResult) IsOK() bool { + return len(r.Error) == 0 +} + +// ConnectivityResults is a collection of connectivty reports. +type ConnectivityResults []ConnectivityResult + +// IsOK returns true iff no error in any result. +func (r ConnectivityResults) IsOK() bool { + for _, result := range r { + if !result.IsOK() { + return false + } + } + return true +} diff --git a/vendor/github.com/storageos/go-api/types/controller.go b/vendor/github.com/storageos/go-api/types/controller.go deleted file mode 100644 index e32df769072..00000000000 --- a/vendor/github.com/storageos/go-api/types/controller.go +++ /dev/null @@ -1,78 +0,0 @@ -package types - -// Versions and Prefixes used in API and KV URLs -import "time" - -const ( - ControllerAPIPrefix = "controller" - ControllerDefaultPort = "3260" - ControllerScanAPIPrefix = "config/scan" -) - -// ControllerCurrent - current controller -var ControllerCurrent = "" - -// Controller status phases -const ( - ControllerStatusPending = "pending" - ControllerStatusEvaluating = "evaluating" - ControllerStatusDeploying = "deploying" - ControllerStatusActive = "active" - ControllerStatusFailed = "failed" - ControllerStatusDeleting = "deleting" - - ControllerHealthStarting = "starting" - ControllerHealthOK = "healthy" - ControllerHealthDegraded = "degraded" - ControllerHealthOffline = "offline" -) - -// Errors for controller related things -const ( - ErrControllerHostIDAllocation string = "error, could not allocate hostid" - ErrControllerIDNotSet = "error, controller ID not set" - ErrControllerNotFound = "controller not found" -) - -// Controller is used to represent a storage node in a cluster -type Controller struct { - ID string `json:"id,omitempty"` - HostID uint16 `json:"hostID"` - Scheduler bool `json:"scheduler"` - Name string `json:"name"` - Address string `json:"address"` - DeviceDir string `json:"deviceDir"` - APIPort int `json:"apiPort"` - NatsPort int `json:"natsPort"` - NatsClusterPort int `json:"natsClusterPort"` - SerfPort int `json:"serfPort"` - DFSPort int `json:"dfsPort"` - Description string `json:"description"` - ControllerGroups []string `json:"controllerGroups"` - Tags []string `json:"tags"` - Labels map[string]string `json:"labels"` - VolumeStats VolumeStats `json:"volumeStats"` - PoolStats map[string]DriverStats `json:"poolStats"` - - // health is updated by the - Health string `json:"health"` - HealthUpdatedAt time.Time `json:"healthUpdatedAt"` - VersionInfo map[string]VersionInfo `json:"versionInfo"` - Version string `json:"version"` - - // Cordon true if in an unschedulable state - Cordon bool `json:"unschedulable"` - - // high level stats that combine info from all driver instances - CapacityStats CapacityStats `json:"capacityStats"` -} - -// DriverStats is used to report stats for all drivers in a pool. -type DriverStats map[string]CapacityStats - -// VolumeStats - volume stats (volume counts, looking forward to capacity) -type VolumeStats struct { - MasterVolumeCount int `json:"masterVolumeCount"` - ReplicaVolumeCount int `json:"replicaVolumeCount"` - VirtualVolumeCount int `json:"virtualVolumeCount"` -} diff --git a/vendor/github.com/storageos/go-api/types/deployment.go b/vendor/github.com/storageos/go-api/types/deployment.go index 63f63f2a4ef..cdc33e4076f 100644 --- a/vendor/github.com/storageos/go-api/types/deployment.go +++ b/vendor/github.com/storageos/go-api/types/deployment.go @@ -14,13 +14,13 @@ type Deployment struct { // Read Only: true Inode uint32 `json:"inode"` - // Controller ID + // Node ID // Read Only: true - Controller string `json:"controller"` + Node string `json:"node"` - // Controller name + // Node name // Read Only: true - ControllerName string `json:"controllerName"` + NodeName string `json:"nodeName"` // Health // Read Only: true diff --git a/vendor/github.com/storageos/go-api/types/health.go b/vendor/github.com/storageos/go-api/types/health.go new file mode 100644 index 00000000000..d6c6d8eb6ca --- /dev/null +++ b/vendor/github.com/storageos/go-api/types/health.go @@ -0,0 +1,134 @@ +package types + +import "encoding/json" + +type SubModuleStatus struct { + Status string `json:"status"` + UpdatedAt string `json:"updatedAt"` + ChangedAt string `json:"changedAt"` + Message string `json:"message"` +} + +type NamedSubModuleStatus struct { + Name string + SubModuleStatus +} + +type CPHealthStatus struct { + KV SubModuleStatus + KVWrite SubModuleStatus + NATS SubModuleStatus + Scheduler SubModuleStatus +} + +func (c *CPHealthStatus) ToNamedSubmodules() []NamedSubModuleStatus { + return []NamedSubModuleStatus{ + {Name: "nats", SubModuleStatus: c.NATS}, + {Name: "kv", SubModuleStatus: c.KV}, + {Name: "kv_write", SubModuleStatus: c.KVWrite}, + {Name: "scheduler", SubModuleStatus: c.Scheduler}, + } +} + +func (c *CPHealthStatus) UnmarshalJSON(data []byte) error { + unmarsh := struct { + Submodules struct { + KV SubModuleStatus `json:"kv"` + KVWrite SubModuleStatus `json:"kv_write"` + NATS SubModuleStatus `json:"nats"` + Scheduler SubModuleStatus `json:"scheduler"` + } `json:"submodules"` + }{} + + if err := json.Unmarshal(data, &unmarsh); err != nil { + return err + } + + c.KV = unmarsh.Submodules.KV + c.KVWrite = unmarsh.Submodules.KVWrite + c.NATS = unmarsh.Submodules.NATS + c.Scheduler = unmarsh.Submodules.Scheduler + + return nil +} + +type DPHealthStatus struct { + DirectFSClient SubModuleStatus + DirectFSServer SubModuleStatus + Director SubModuleStatus + FSDriver SubModuleStatus + FS SubModuleStatus +} + +func (d *DPHealthStatus) ToNamedSubmodules() []NamedSubModuleStatus { + return []NamedSubModuleStatus{ + {Name: "dfs_client", SubModuleStatus: d.DirectFSClient}, + {Name: "dfs_server", SubModuleStatus: d.DirectFSServer}, + {Name: "director", SubModuleStatus: d.Director}, + {Name: "fs_driver", SubModuleStatus: d.FSDriver}, + {Name: "fs", SubModuleStatus: d.FS}, + } +} + +func (d *DPHealthStatus) UnmarshalJSON(data []byte) error { + unmarsh := struct { + Submodules struct { + DirectFSClient SubModuleStatus `json:"directfs-client"` + DirectFSServer SubModuleStatus `json:"directfs-server"` + Director SubModuleStatus `json:"director"` + FSDriver SubModuleStatus `json:"filesystem-driver"` + FS SubModuleStatus `json:"fs"` + } `json:"submodules"` + }{} + + if err := json.Unmarshal(data, &unmarsh); err != nil { + return err + } + + d.DirectFSClient = unmarsh.Submodules.DirectFSClient + d.DirectFSServer = unmarsh.Submodules.DirectFSServer + d.Director = unmarsh.Submodules.Director + d.FSDriver = unmarsh.Submodules.FSDriver + d.FS = unmarsh.Submodules.FS + + return nil +} + +// HealthStatus is the health status json object. +type HealthStatus struct { + Submodules HealthSubmodules `json:"submodules"` +} + +// HealthSubmodules is the "submodules" attribuet of HealthStatus. +type HealthSubmodules struct { + KV SubModuleStatus `json:"kv,omitempty"` + KVWrite SubModuleStatus `json:"kv_write,omitempty"` + NATS SubModuleStatus `json:"nats,omitempty"` + Scheduler SubModuleStatus `json:"scheduler,omitempty"` + DirectFSClient SubModuleStatus `json:"directfs_initiator,omitempty"` + DirectFSServer SubModuleStatus `json:"directfs_responder,omitempty"` + Director SubModuleStatus `json:"director,omitempty"` + FSDriver SubModuleStatus `json:"rdb,omitempty"` + FS SubModuleStatus `json:"presentation,omitempty"` +} + +// ToCPHealthStatus returns only CPHealthStatus from the HealthStatus. +func (h *HealthStatus) ToCPHealthStatus() *CPHealthStatus { + return &CPHealthStatus{ + KV: h.Submodules.KV, + KVWrite: h.Submodules.KVWrite, + NATS: h.Submodules.KVWrite, + Scheduler: h.Submodules.Scheduler, + } +} + +// ToDPHealthStatus returns only DPHealthStatus from the HealthStatus. +func (h *HealthStatus) ToDPHealthStatus() *DPHealthStatus { + return &DPHealthStatus{ + DirectFSClient: h.Submodules.DirectFSClient, + DirectFSServer: h.Submodules.DirectFSServer, + Director: h.Submodules.Director, + FSDriver: h.Submodules.FSDriver, + FS: h.Submodules.FS, + } +} diff --git a/vendor/github.com/storageos/go-api/types/node.go b/vendor/github.com/storageos/go-api/types/node.go index 52f5da63d39..6d60d86110d 100644 --- a/vendor/github.com/storageos/go-api/types/node.go +++ b/vendor/github.com/storageos/go-api/types/node.go @@ -1,97 +1,104 @@ package types import ( - "encoding/json" + "time" ) -type SubModuleStatus struct { - Status string `json:"status"` - UpdatedAt string `json:"updatedAt"` - ChangedAt string `json:"changedAt"` - Message string `json:"message"` +// Node represents a StorageOS cluster node. +type Node struct { + NodeConfig + + HostID uint32 `json:"hostID"` + Name string `json:"name"` + Description string `json:"description"` + CreatedAt time.Time `json:"createdAt"` + UpdatedAt time.Time `json:"updatedAt"` + + Health string `json:"health"` + HealthUpdatedAt time.Time `json:"healthUpdatedAt"` + + VersionInfo map[string]VersionInfo `json:"versionInfo"` + Version string `json:"version"` + Revision string // the GitCommit this maps to + + Scheduler bool `json:"scheduler"` + + Cordon bool `json:"cordon"` + Drain bool `json:"drain"` + + VolumeStats VolumeStats `json:"volumeStats"` + + // PoolStats map[string]map[string]CapacityStats `json:"poolStats"` + + CapacityStats CapacityStats `json:"capacityStats"` } -type NamedSubModuleStatus struct { - Name string - SubModuleStatus +// NodeConfig is a read-only representation of the node's configuration, set at +// start time by environment variables passed to the container or using defaults. +type NodeConfig struct { + // UUID is the unique identifier of the node. It cannot be changed once set. + ID string `json:"id,omitempty"` + + // Hostname of the node. + Hostname string `json:"hostname"` + + // Address is is used for communication between nodes. + // Nodes will fail to start if the address they first registered with + // changes. This protects against the container being re-scheduled on a + // different host. Nodes will typically use the host server's ip address, + // running the docker container in -net host mode. + Address string `json:"address"` + + // KvAddr is the address of the KV store to use for storing configuration. + // It can include the address or FQDN with optional port. Defaults to + // Address/ADVERTISE_IP. + KvAddr string `json:"kvAddr"` + + // Port allocations + APIPort int `json:"apiPort"` + NatsPort int `json:"natsPort"` + NatsClusterPort int `json:"natsClusterPort"` + SerfPort int `json:"serfPort"` + DFSPort int `json:"dfsPort"` + KVPeerPort int `json:"kvPeerPort"` + KVClientPort int `json:"kvClientPort"` + + Labels map[string]string `json:"labels"` + + LogLevel string `json:"logLevel"` // the level of the logs to outout + LogFormat string `json:"logFormat"` // either text or json + LogFilter string `json:"logFilter"` // used to discard messages based on the message's category + + // BindAddr is used to control the default address StorageOS binds to. This + // should always be set to 0.0.0.0 (all interfaces). + BindAddr string `json:"bindAddr"` + + // DeviceDir is where the volumes are exported. This directory must be + // shared into the container using the rshared volume mount option. + DeviceDir string `json:"deviceDir"` + + // Join existing cluster + Join string `json:"join"` + + // Backend selects the KV backend, either embedded (testing only) or etcd. + Backend string `json:"kvBackend"` + + // EnableDebug is used to enable various debugging features. Used by http + // to enable debug endpoints and as a shortcut to enable debug logging. + EnableDebug bool `json:"debug"` + + // Devices specify all devices that are available on the node. + Devices []Device `json:"devices"` } -type CPHealthStatus struct { - KV SubModuleStatus - KVWrite SubModuleStatus - NATS SubModuleStatus - Scheduler SubModuleStatus -} - -func (c *CPHealthStatus) ToNamedSubmodules() []NamedSubModuleStatus { - return []NamedSubModuleStatus{ - {Name: "nats", SubModuleStatus: c.NATS}, - {Name: "kv", SubModuleStatus: c.KV}, - {Name: "kv_write", SubModuleStatus: c.KVWrite}, - {Name: "scheduler", SubModuleStatus: c.Scheduler}, - } -} - -func (c *CPHealthStatus) UnmarshalJSON(data []byte) error { - unmarsh := struct { - Submodules struct { - KV SubModuleStatus `json:"kv"` - KVWrite SubModuleStatus `json:"kv_write"` - NATS SubModuleStatus `json:"nats"` - Scheduler SubModuleStatus `json:"scheduler"` - } `json:"submodules"` - }{} - - if err := json.Unmarshal(data, &unmarsh); err != nil { - return err - } - - c.KV = unmarsh.Submodules.KV - c.KVWrite = unmarsh.Submodules.KVWrite - c.NATS = unmarsh.Submodules.NATS - c.Scheduler = unmarsh.Submodules.Scheduler - - return nil -} - -type DPHealthStatus struct { - DirectFSClient SubModuleStatus - DirectFSServer SubModuleStatus - Director SubModuleStatus - FSDriver SubModuleStatus - FS SubModuleStatus -} - -func (d *DPHealthStatus) ToNamedSubmodules() []NamedSubModuleStatus { - return []NamedSubModuleStatus{ - {Name: "dfs_client", SubModuleStatus: d.DirectFSClient}, - {Name: "dfs_server", SubModuleStatus: d.DirectFSServer}, - {Name: "director", SubModuleStatus: d.Director}, - {Name: "fs_driver", SubModuleStatus: d.FSDriver}, - {Name: "fs", SubModuleStatus: d.FS}, - } -} - -func (d *DPHealthStatus) UnmarshalJSON(data []byte) error { - unmarsh := struct { - Submodules struct { - DirectFSClient SubModuleStatus `json:"directfs-client"` - DirectFSServer SubModuleStatus `json:"directfs-server"` - Director SubModuleStatus `json:"director"` - FSDriver SubModuleStatus `json:"filesystem-driver"` - FS SubModuleStatus `json:"fs"` - } `json:"submodules"` - }{} - - if err := json.Unmarshal(data, &unmarsh); err != nil { - return err - } - - d.DirectFSClient = unmarsh.Submodules.DirectFSClient - d.DirectFSServer = unmarsh.Submodules.DirectFSServer - d.Director = unmarsh.Submodules.Director - d.FSDriver = unmarsh.Submodules.FSDriver - d.FS = unmarsh.Submodules.FS - - return nil +// Device - device type +type Device struct { + ID string + Labels map[string]string `json:"labels"` + Status string `json:"status"` + Identifier string `json:"identifier"` + Class string `json:"class"` + CapacityStats CapacityStats `json:"capacityStats"` + CreatedAt time.Time `json:"createdAt"` + UpdatedAt time.Time `json:"updatedAt"` } diff --git a/vendor/github.com/storageos/go-api/types/controller_update_options.go b/vendor/github.com/storageos/go-api/types/node_update_options.go similarity index 54% rename from vendor/github.com/storageos/go-api/types/controller_update_options.go rename to vendor/github.com/storageos/go-api/types/node_update_options.go index a55b8160d33..f902567541a 100644 --- a/vendor/github.com/storageos/go-api/types/controller_update_options.go +++ b/vendor/github.com/storageos/go-api/types/node_update_options.go @@ -2,25 +2,26 @@ package types import "context" -// ControllerUpdateOptions are available parameters for updating existing controllers. -type ControllerUpdateOptions struct { +// NodeUpdateOptions are available parameters for updating existing nodes. +type NodeUpdateOptions struct { - // Controller unique ID. + // Node unique ID. // Read Only: true ID string `json:"id"` - // Controller name. + // Node name. // Read Only: true Name string `json:"name"` - // Description of the controller. + // Description of the node. Description string `json:"description"` // Labels are user-defined key/value metadata. Labels map[string]string `json:"labels"` - // Cordon sets the controler into an unschedulable state if true - Cordon bool `json:"unschedulable"` + // Cordon marks the node as unschedulable if true + Cordon bool `json:"cordon"` + Drain bool `json:"drain"` // Context can be set with a timeout or can be used to cancel a request. Context context.Context `json:"-"` diff --git a/vendor/github.com/storageos/go-api/types/pool.go b/vendor/github.com/storageos/go-api/types/pool.go index eaca5c1bcb6..9487d80551d 100644 --- a/vendor/github.com/storageos/go-api/types/pool.go +++ b/vendor/github.com/storageos/go-api/types/pool.go @@ -18,35 +18,19 @@ type Pool struct { // provisioned without a pool specified. There can only be one default pool. Default bool `json:"default"` - // DefaultDriver specifies the storage driver to use by default if there are - // multiple drivers in the pool and no driver was specified in the - // provisioning request or assigned by rules. If no driver was specified and - // no default set, driver weight is used to determine the default. - DefaultDriver string `json:"defaultDriver"` + NodeSelector string `json:"nodeSelector"` - // ControllerNames is a list of controller names that are participating in the - // storage pool. - ControllerNames []string `json:"controllerNames"` + // DeviceSelector - specifies a selector to filter node devices based on their labels. + // Only devices from nodes that are in the 'NodeNames' list can be selected + DeviceSelector string `json:"deviceSelector"` - // DriverNames is a list of backend storage drivers that are available in the - // storage pool. - DriverNames []string `json:"driverNames"` - - // DriverInstances is used to track instances of each driver. Drivers have a - // default configuration, which can then be customised for each pool where - // they are used, which is representated as a DriverInstance. - // Read Only: true - DriverInstances []*DriverInstance `json:"driverInstances"` - - // Flag describing whether the template is active. - // Default: false - Active bool `json:"active"` - - // CapacityStats are used to track aggregate capacity usage information across - // all controllers and driver instances. - // Read Only: true + // Populated by the system. Read-only. CapacityStats CapacityStats `json:"capacityStats"` + // This field is computed based on NodeSelector value + // Populated by the system. Read-only. + Nodes []*Node `json:"nodes"` + // Labels define a list of labels that describe the pool. Labels map[string]string `json:"labels"` } diff --git a/vendor/github.com/storageos/go-api/types/pool_create_options.go b/vendor/github.com/storageos/go-api/types/pool_create_options.go deleted file mode 100644 index 006eab61b21..00000000000 --- a/vendor/github.com/storageos/go-api/types/pool_create_options.go +++ /dev/null @@ -1,42 +0,0 @@ -package types - -import "context" - -// PoolCreateOptions are available parameters for creating new pools. -type PoolCreateOptions struct { - - // Pool name. - // Required: true - Name string `json:"name"` - - // Pool description. - Description string `json:"description"` - - // Default determines whether this pool is the default if a volume is - // provisioned without a pool specified. There can only be one default pool. - Default bool `json:"default"` - - // DefaultDriver specifies the storage driver to use by default if there are - // multiple drivers in the pool and no driver was specified in the - // provisioning request or assigned by rules. If no driver was specified and - // no default set, driver weight is used to determine the default. - DefaultDriver string `json:"defaultDriver"` - - // ControllerNames is a list of controller names that are participating in the - // storage pool. - ControllerNames []string `json:"controllerNames"` - - // DriverNames is a list of backend storage drivers that are available in the - // storage pool. - DriverNames []string `json:"driverNames"` - - // Flag describing whether the template is active. - // Default: false - Active bool `json:"active"` - - // Labels define a list of labels that describe the pool. - Labels map[string]string `json:"labels"` - - // Context can be set with a timeout or can be used to cancel a request. - Context context.Context `json:"-"` -} diff --git a/vendor/github.com/storageos/go-api/types/pool_options.go b/vendor/github.com/storageos/go-api/types/pool_options.go new file mode 100644 index 00000000000..dd08a98c0b6 --- /dev/null +++ b/vendor/github.com/storageos/go-api/types/pool_options.go @@ -0,0 +1,28 @@ +package types + +import "context" + +// PoolOptions are available parameters for creating or updating pools. +type PoolOptions struct { + ID string `json:"id"` + Name string `json:"name"` + + // Pool description. + Description string `json:"description"` + + // Default determines whether this pool is the default if a volume is + // provisioned without a pool specified. There can only be one default pool. + Default bool `json:"default"` + + NodeSelector string `json:"nodeSelector"` + + // DeviceSelector - specifies a selector to filter node devices based on their labels. + // Only devices from nodes that are in the 'NodeNames' list can be selected + DeviceSelector string `json:"deviceSelector"` + + // Labels define a list of labels that describe the pool. + Labels map[string]string `json:"labels"` + + // Context can be set with a timeout or can be used to cancel a request. + Context context.Context `json:"-"` +} diff --git a/vendor/github.com/storageos/go-api/types/volume_stats.go b/vendor/github.com/storageos/go-api/types/volume_stats.go new file mode 100644 index 00000000000..cda4de047f1 --- /dev/null +++ b/vendor/github.com/storageos/go-api/types/volume_stats.go @@ -0,0 +1,8 @@ +package types + +// VolumeStats - volume stats (volume counts, looking forward to capacity) +type VolumeStats struct { + MasterVolumeCount int `json:"masterVolumeCount"` + ReplicaVolumeCount int `json:"replicaVolumeCount"` + VirtualVolumeCount int `json:"virtualVolumeCount"` +} diff --git a/vendor/github.com/storageos/go-api/validation.go b/vendor/github.com/storageos/go-api/validation.go index 85b31792249..f58063044ae 100644 --- a/vendor/github.com/storageos/go-api/validation.go +++ b/vendor/github.com/storageos/go-api/validation.go @@ -22,7 +22,9 @@ var ( // collection of restricted characters. NamePattern = regexp.MustCompile(`^` + NameFormat + `$`) - ErrNoRef = errors.New("no ref provided or incorrect format") + // ErrNoRef is given when the reference given is invalid. + ErrNoRef = errors.New("no ref provided or incorrect format") + // ErrNoNamespace is given when the namespace given is invalid. ErrNoNamespace = errors.New("no namespace provided or incorrect format") ) diff --git a/vendor/golang.org/x/lint/golint/BUILD b/vendor/golang.org/x/lint/golint/BUILD index 28d1384cca3..2f4b66435a0 100644 --- a/vendor/golang.org/x/lint/golint/BUILD +++ b/vendor/golang.org/x/lint/golint/BUILD @@ -16,6 +16,7 @@ go_library( go_binary( name = "golint", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/k8s.io/kube-openapi/cmd/openapi-gen/BUILD b/vendor/k8s.io/kube-openapi/cmd/openapi-gen/BUILD index 89bd7b5b1a2..596ae2dc683 100644 --- a/vendor/k8s.io/kube-openapi/cmd/openapi-gen/BUILD +++ b/vendor/k8s.io/kube-openapi/cmd/openapi-gen/BUILD @@ -17,6 +17,7 @@ go_library( go_binary( name = "openapi-gen", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/k8s.io/kube-openapi/pkg/aggregator/BUILD b/vendor/k8s.io/kube-openapi/pkg/aggregator/BUILD index 9a3f174b288..f4e30b50b30 100644 --- a/vendor/k8s.io/kube-openapi/pkg/aggregator/BUILD +++ b/vendor/k8s.io/kube-openapi/pkg/aggregator/BUILD @@ -2,7 +2,11 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["aggregator.go"], + srcs = [ + "aggregator.go", + "mutating_walker.go", + "walker.go", + ], importmap = "k8s.io/kubernetes/vendor/k8s.io/kube-openapi/pkg/aggregator", importpath = "k8s.io/kube-openapi/pkg/aggregator", visibility = ["//visibility:public"], diff --git a/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go b/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go index cbeb3ef8a57..95f75888716 100644 --- a/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go +++ b/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go @@ -17,7 +17,6 @@ limitations under the License. package aggregator import ( - "encoding/json" "fmt" "reflect" "strings" @@ -27,154 +26,14 @@ import ( "k8s.io/kube-openapi/pkg/util" ) -const ( - definitionPrefix = "#/definitions/" -) - -// Run a walkRefCallback method on all references of an OpenAPI spec -type referenceWalker struct { - // walkRefCallback will be called on each reference and the return value - // will replace that reference. This will allow the callers to change - // all/some references of an spec (e.g. useful in renaming definitions). - walkRefCallback func(ref spec.Ref) spec.Ref - - // The spec to walk through. - root *spec.Swagger - - // Keep track of visited references - alreadyVisited map[string]bool -} - -func walkOnAllReferences(walkRef func(ref spec.Ref) spec.Ref, sp *spec.Swagger) { - walker := &referenceWalker{walkRefCallback: walkRef, root: sp, alreadyVisited: map[string]bool{}} - walker.Start() -} - -func (s *referenceWalker) walkRef(ref spec.Ref) spec.Ref { - refStr := ref.String() - // References that start with #/definitions/ has a definition - // inside the same spec file. If that is the case, walk through - // those definitions too. - // We do not support external references yet. - if !s.alreadyVisited[refStr] && strings.HasPrefix(refStr, definitionPrefix) { - s.alreadyVisited[refStr] = true - k := refStr[len(definitionPrefix):] - def := s.root.Definitions[k] - s.walkSchema(&def) - // Make sure we don't assign to nil map - if s.root.Definitions == nil { - s.root.Definitions = spec.Definitions{} - } - s.root.Definitions[k] = def - } - return s.walkRefCallback(ref) -} - -func (s *referenceWalker) walkSchema(schema *spec.Schema) { - if schema == nil { - return - } - schema.Ref = s.walkRef(schema.Ref) - for k, v := range schema.Definitions { - s.walkSchema(&v) - schema.Definitions[k] = v - } - for k, v := range schema.Properties { - s.walkSchema(&v) - schema.Properties[k] = v - } - for k, v := range schema.PatternProperties { - s.walkSchema(&v) - schema.PatternProperties[k] = v - } - for i := range schema.AllOf { - s.walkSchema(&schema.AllOf[i]) - } - for i := range schema.AnyOf { - s.walkSchema(&schema.AnyOf[i]) - } - for i := range schema.OneOf { - s.walkSchema(&schema.OneOf[i]) - } - if schema.Not != nil { - s.walkSchema(schema.Not) - } - if schema.AdditionalProperties != nil && schema.AdditionalProperties.Schema != nil { - s.walkSchema(schema.AdditionalProperties.Schema) - } - if schema.AdditionalItems != nil && schema.AdditionalItems.Schema != nil { - s.walkSchema(schema.AdditionalItems.Schema) - } - if schema.Items != nil { - if schema.Items.Schema != nil { - s.walkSchema(schema.Items.Schema) - } - for i := range schema.Items.Schemas { - s.walkSchema(&schema.Items.Schemas[i]) - } - } -} - -func (s *referenceWalker) walkParams(params []spec.Parameter) { - if params == nil { - return - } - for _, param := range params { - param.Ref = s.walkRef(param.Ref) - s.walkSchema(param.Schema) - if param.Items != nil { - param.Items.Ref = s.walkRef(param.Items.Ref) - } - } -} - -func (s *referenceWalker) walkResponse(resp *spec.Response) { - if resp == nil { - return - } - resp.Ref = s.walkRef(resp.Ref) - s.walkSchema(resp.Schema) -} - -func (s *referenceWalker) walkOperation(op *spec.Operation) { - if op == nil { - return - } - s.walkParams(op.Parameters) - if op.Responses == nil { - return - } - s.walkResponse(op.Responses.Default) - for _, r := range op.Responses.StatusCodeResponses { - s.walkResponse(&r) - } -} - -func (s *referenceWalker) Start() { - if s.root.Paths == nil { - return - } - for _, pathItem := range s.root.Paths.Paths { - s.walkParams(pathItem.Parameters) - s.walkOperation(pathItem.Delete) - s.walkOperation(pathItem.Get) - s.walkOperation(pathItem.Head) - s.walkOperation(pathItem.Options) - s.walkOperation(pathItem.Patch) - s.walkOperation(pathItem.Post) - s.walkOperation(pathItem.Put) - } -} - // usedDefinitionForSpec returns a map with all used definitions in the provided spec as keys and true as values. -func usedDefinitionForSpec(sp *spec.Swagger) map[string]bool { +func usedDefinitionForSpec(root *spec.Swagger) map[string]bool { usedDefinitions := map[string]bool{} - walkOnAllReferences(func(ref spec.Ref) spec.Ref { + walkOnAllReferences(func(ref *spec.Ref) { if refStr := ref.String(); refStr != "" && strings.HasPrefix(refStr, definitionPrefix) { usedDefinitions[refStr[len(definitionPrefix):]] = true } - return ref - }, sp) + }, root) return usedDefinitions } @@ -182,6 +41,18 @@ func usedDefinitionForSpec(sp *spec.Swagger) map[string]bool { // i.e. if a Path removed by this function, all definitions used by it and not used // anywhere else will also be removed. func FilterSpecByPaths(sp *spec.Swagger, keepPathPrefixes []string) { + *sp = *FilterSpecByPathsWithoutSideEffects(sp, keepPathPrefixes) +} + +// FilterSpecByPathsWithoutSideEffects removes unnecessary paths and definitions used by those paths. +// i.e. if a Path removed by this function, all definitions used by it and not used +// anywhere else will also be removed. +// It does not modify the input, but the output shares data structures with the input. +func FilterSpecByPathsWithoutSideEffects(sp *spec.Swagger, keepPathPrefixes []string) *spec.Swagger { + if sp.Paths == nil { + return sp + } + // Walk all references to find all used definitions. This function // want to only deal with unused definitions resulted from filtering paths. // Thus a definition will be removed only if it has been used before but @@ -190,71 +61,100 @@ func FilterSpecByPaths(sp *spec.Swagger, keepPathPrefixes []string) { // First remove unwanted paths prefixes := util.NewTrie(keepPathPrefixes) - orgPaths := sp.Paths - if orgPaths == nil { - return - } - sp.Paths = &spec.Paths{ - VendorExtensible: orgPaths.VendorExtensible, + ret := *sp + ret.Paths = &spec.Paths{ + VendorExtensible: sp.Paths.VendorExtensible, Paths: map[string]spec.PathItem{}, } - for path, pathItem := range orgPaths.Paths { + for path, pathItem := range sp.Paths.Paths { if !prefixes.HasPrefix(path) { continue } - sp.Paths.Paths[path] = pathItem + ret.Paths.Paths[path] = pathItem } // Walk all references to find all definition references. - usedDefinitions := usedDefinitionForSpec(sp) + usedDefinitions := usedDefinitionForSpec(&ret) // Remove unused definitions - orgDefinitions := sp.Definitions - sp.Definitions = spec.Definitions{} - for k, v := range orgDefinitions { + ret.Definitions = spec.Definitions{} + for k, v := range sp.Definitions { if usedDefinitions[k] || !initialUsedDefinitions[k] { - sp.Definitions[k] = v + ret.Definitions[k] = v } } + + return &ret } -func renameDefinition(s *spec.Swagger, old, new string) { - oldRef := definitionPrefix + old - newRef := definitionPrefix + new - walkOnAllReferences(func(ref spec.Ref) spec.Ref { - if ref.String() == oldRef { - return spec.MustCreateRef(newRef) +type rename struct { + from, to string +} + +// renameDefinition renames references, without mutating the input. +// The output might share data structures with the input. +func renameDefinition(s *spec.Swagger, renames map[string]string) *spec.Swagger { + refRenames := make(map[string]string, len(renames)) + foundOne := false + for k, v := range renames { + refRenames[definitionPrefix+k] = definitionPrefix + v + if _, ok := s.Definitions[k]; ok { + foundOne = true + } + } + + if !foundOne { + return s + } + + ret := &spec.Swagger{} + *ret = *s + + ret = replaceReferences(func(ref *spec.Ref) *spec.Ref { + refName := ref.String() + if newRef, found := refRenames[refName]; found { + ret := spec.MustCreateRef(newRef) + return &ret } return ref - }, s) - // Make sure we don't assign to nil map - if s.Definitions == nil { - s.Definitions = spec.Definitions{} + }, ret) + + renamedDefinitions := make(spec.Definitions, len(ret.Definitions)) + for k, v := range ret.Definitions { + if newRef, found := renames[k]; found { + k = newRef + } + renamedDefinitions[k] = v } - s.Definitions[new] = s.Definitions[old] - delete(s.Definitions, old) + ret.Definitions = renamedDefinitions + + return ret } // MergeSpecsIgnorePathConflict is the same as MergeSpecs except it will ignore any path // conflicts by keeping the paths of destination. It will rename definition conflicts. +// The source is not mutated. func MergeSpecsIgnorePathConflict(dest, source *spec.Swagger) error { return mergeSpecs(dest, source, true, true) } // MergeSpecsFailOnDefinitionConflict is differ from MergeSpecs as it fails if there is // a definition conflict. +// The source is not mutated. func MergeSpecsFailOnDefinitionConflict(dest, source *spec.Swagger) error { return mergeSpecs(dest, source, false, false) } // MergeSpecs copies paths and definitions from source to dest, rename definitions if needed. // dest will be mutated, and source will not be changed. It will fail on path conflicts. +// The source is not mutated. func MergeSpecs(dest, source *spec.Swagger) error { return mergeSpecs(dest, source, true, false) } +// mergeSpecs merged source into dest while resolving conflicts. +// The source is not mutated. func mergeSpecs(dest, source *spec.Swagger, renameModelConflicts, ignorePathConflicts bool) (err error) { - specCloned := false // Paths may be empty, due to [ACL constraints](http://goo.gl/8us55a#securityFiltering). if source.Paths == nil { // When a source spec does not have any path, that means none of the definitions @@ -279,12 +179,7 @@ func mergeSpecs(dest, source *spec.Swagger, renameModelConflicts, ignorePathConf return nil } if hasConflictingPath { - source, err = CloneSpec(source) - if err != nil { - return err - } - specCloned = true - FilterSpecByPaths(source, keepPaths) + source = FilterSpecByPathsWithoutSideEffects(source, keepPaths) } } // Check for model conflicts @@ -301,21 +196,11 @@ func mergeSpecs(dest, source *spec.Swagger, renameModelConflicts, ignorePathConf } if conflicts { - if !specCloned { - source, err = CloneSpec(source) - if err != nil { - return err - } - } - specCloned = true usedNames := map[string]bool{} for k := range dest.Definitions { usedNames[k] = true } - type Rename struct { - from, to string - } - renames := []Rename{} + renames := map[string]string{} OUTERLOOP: for k, v := range source.Definitions { @@ -334,7 +219,7 @@ func mergeSpecs(dest, source *spec.Swagger, renameModelConflicts, ignorePathConf newName = fmt.Sprintf("%s_v%d", k, i) v2, found = dest.Definitions[newName] if found && reflect.DeepEqual(v, v2) { - renames = append(renames, Rename{from: k, to: newName}) + renames[k] = newName continue OUTERLOOP } } @@ -345,13 +230,11 @@ func mergeSpecs(dest, source *spec.Swagger, renameModelConflicts, ignorePathConf newName = fmt.Sprintf("%s_v%d", k, i) _, foundInSource = source.Definitions[newName] } - renames = append(renames, Rename{from: k, to: newName}) + renames[k] = newName usedNames[newName] = true } } - for _, r := range renames { - renameDefinition(source, r.from, r.to) - } + source = renameDefinition(source, renames) } for k, v := range source.Definitions { if _, found := dest.Definitions[k]; !found { @@ -374,18 +257,3 @@ func mergeSpecs(dest, source *spec.Swagger, renameModelConflicts, ignorePathConf } return nil } - -// CloneSpec clones OpenAPI spec -func CloneSpec(source *spec.Swagger) (*spec.Swagger, error) { - // TODO(mehdy): Find a faster way to clone an spec - bytes, err := json.Marshal(source) - if err != nil { - return nil, err - } - var ret spec.Swagger - err = json.Unmarshal(bytes, &ret) - if err != nil { - return nil, err - } - return &ret, nil -} diff --git a/vendor/k8s.io/kube-openapi/pkg/aggregator/mutating_walker.go b/vendor/k8s.io/kube-openapi/pkg/aggregator/mutating_walker.go new file mode 100644 index 00000000000..7c35f26126e --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/aggregator/mutating_walker.go @@ -0,0 +1,498 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package aggregator + +import ( + _ "net/http/pprof" + + "github.com/go-openapi/spec" +) + +// Run a walkRefCallback method on all references of an OpenAPI spec, replacing the values. +type mutatingReferenceWalker struct { + // walkRefCallback will be called on each reference. Do not mutate the input, always create a copy first and return that. + walkRefCallback func(ref *spec.Ref) *spec.Ref +} + +// replaceReferences rewrites the references without mutating the input. +// The output might share data with the input. +func replaceReferences(walkRef func(ref *spec.Ref) *spec.Ref, sp *spec.Swagger) *spec.Swagger { + walker := &mutatingReferenceWalker{walkRefCallback: walkRef} + return walker.Start(sp) +} + +func (w *mutatingReferenceWalker) walkSchema(schema *spec.Schema) *spec.Schema { + if schema == nil { + return nil + } + + orig := schema + clone := func() { + if orig == schema { + schema = &spec.Schema{} + *schema = *orig + } + } + + if r := w.walkRefCallback(&schema.Ref); r != &schema.Ref { + clone() + schema.Ref = *r + } + + definitionsCloned := false + for k, v := range schema.Definitions { + if s := w.walkSchema(&v); s != &v { + if !definitionsCloned { + definitionsCloned = true + clone() + schema.Definitions = make(spec.Definitions, len(orig.Definitions)) + for k2, v2 := range orig.Definitions { + schema.Definitions[k2] = v2 + } + } + schema.Definitions[k] = *s + } + } + + propertiesCloned := false + for k, v := range schema.Properties { + if s := w.walkSchema(&v); s != &v { + if !propertiesCloned { + propertiesCloned = true + clone() + schema.Properties = make(map[string]spec.Schema, len(orig.Properties)) + for k2, v2 := range orig.Properties { + schema.Properties[k2] = v2 + } + } + schema.Properties[k] = *s + } + } + + patternPropertiesCloned := false + for k, v := range schema.PatternProperties { + if s := w.walkSchema(&v); s != &v { + if !patternPropertiesCloned { + patternPropertiesCloned = true + clone() + schema.PatternProperties = make(map[string]spec.Schema, len(orig.PatternProperties)) + for k2, v2 := range orig.PatternProperties { + schema.PatternProperties[k2] = v2 + } + } + schema.PatternProperties[k] = *s + } + } + + allOfCloned := false + for i := range schema.AllOf { + if s := w.walkSchema(&schema.AllOf[i]); s != &schema.AllOf[i] { + if !allOfCloned { + allOfCloned = true + clone() + schema.AllOf = make([]spec.Schema, len(orig.AllOf)) + copy(schema.AllOf, orig.AllOf) + } + schema.AllOf[i] = *s + } + } + + anyOfCloned := false + for i := range schema.AnyOf { + if s := w.walkSchema(&schema.AnyOf[i]); s != &schema.AnyOf[i] { + if !anyOfCloned { + anyOfCloned = true + clone() + schema.AnyOf = make([]spec.Schema, len(orig.AnyOf)) + copy(schema.AnyOf, orig.AnyOf) + } + schema.AnyOf[i] = *s + } + } + + oneOfCloned := false + for i := range schema.OneOf { + if s := w.walkSchema(&schema.OneOf[i]); s != &schema.OneOf[i] { + if !oneOfCloned { + oneOfCloned = true + clone() + schema.OneOf = make([]spec.Schema, len(orig.OneOf)) + copy(schema.OneOf, orig.OneOf) + } + schema.OneOf[i] = *s + } + } + + if schema.Not != nil { + if s := w.walkSchema(schema.Not); s != schema.Not { + clone() + schema.Not = s + } + } + + if schema.AdditionalProperties != nil && schema.AdditionalProperties.Schema != nil { + if s := w.walkSchema(schema.AdditionalProperties.Schema); s != schema.AdditionalProperties.Schema { + clone() + schema.AdditionalProperties = &spec.SchemaOrBool{Schema: s, Allows: schema.AdditionalProperties.Allows} + } + } + + if schema.AdditionalItems != nil && schema.AdditionalItems.Schema != nil { + if s := w.walkSchema(schema.AdditionalItems.Schema); s != schema.AdditionalItems.Schema { + clone() + schema.AdditionalItems = &spec.SchemaOrBool{Schema: s, Allows: schema.AdditionalItems.Allows} + } + } + + if schema.Items != nil { + if schema.Items.Schema != nil { + if s := w.walkSchema(schema.Items.Schema); s != schema.Items.Schema { + clone() + schema.Items = &spec.SchemaOrArray{Schema: s} + } + } else { + itemsCloned := false + for i := range schema.Items.Schemas { + if s := w.walkSchema(&schema.Items.Schemas[i]); s != &schema.Items.Schemas[i] { + if !itemsCloned { + clone() + schema.Items = &spec.SchemaOrArray{ + Schemas: make([]spec.Schema, len(orig.Items.Schemas)), + } + itemsCloned = true + copy(schema.Items.Schemas, orig.Items.Schemas) + } + schema.Items.Schemas[i] = *s + } + } + } + } + + return schema +} + +func (w *mutatingReferenceWalker) walkParameter(param *spec.Parameter) *spec.Parameter { + if param == nil { + return nil + } + + orig := param + cloned := false + clone := func() { + if !cloned { + cloned = true + param = &spec.Parameter{} + *param = *orig + } + } + + if r := w.walkRefCallback(¶m.Ref); r != ¶m.Ref { + clone() + param.Ref = *r + } + if s := w.walkSchema(param.Schema); s != param.Schema { + clone() + param.Schema = s + } + if param.Items != nil { + if r := w.walkRefCallback(¶m.Items.Ref); r != ¶m.Items.Ref { + param.Items.Ref = *r + } + } + + return param +} + +func (w *mutatingReferenceWalker) walkParameters(params []spec.Parameter) ([]spec.Parameter, bool) { + if params == nil { + return nil, false + } + + orig := params + cloned := false + clone := func() { + if !cloned { + cloned = true + params = make([]spec.Parameter, len(params)) + copy(params, orig) + } + } + + for i := range params { + if s := w.walkParameter(¶ms[i]); s != ¶ms[i] { + clone() + params[i] = *s + } + } + + return params, cloned +} + +func (w *mutatingReferenceWalker) walkResponse(resp *spec.Response) *spec.Response { + if resp == nil { + return nil + } + + orig := resp + cloned := false + clone := func() { + if !cloned { + cloned = true + resp = &spec.Response{} + *resp = *orig + } + } + + if r := w.walkRefCallback(&resp.Ref); r != &resp.Ref { + clone() + resp.Ref = *r + } + if s := w.walkSchema(resp.Schema); s != resp.Schema { + clone() + resp.Schema = s + } + + return resp +} + +func (w *mutatingReferenceWalker) walkResponses(resps *spec.Responses) *spec.Responses { + if resps == nil { + return nil + } + + orig := resps + cloned := false + clone := func() { + if !cloned { + cloned = true + resps = &spec.Responses{} + *resps = *orig + } + } + + if r := w.walkResponse(resps.ResponsesProps.Default); r != resps.ResponsesProps.Default { + clone() + resps.Default = r + } + + responsesCloned := false + for k, v := range resps.ResponsesProps.StatusCodeResponses { + if r := w.walkResponse(&v); r != &v { + if !responsesCloned { + responsesCloned = true + clone() + resps.ResponsesProps.StatusCodeResponses = make(map[int]spec.Response, len(orig.StatusCodeResponses)) + for k2, v2 := range orig.StatusCodeResponses { + resps.ResponsesProps.StatusCodeResponses[k2] = v2 + } + } + resps.ResponsesProps.StatusCodeResponses[k] = *r + } + } + + return resps +} + +func (w *mutatingReferenceWalker) walkOperation(op *spec.Operation) *spec.Operation { + if op == nil { + return nil + } + + orig := op + cloned := false + clone := func() { + if !cloned { + cloned = true + op = &spec.Operation{} + *op = *orig + } + } + + parametersCloned := false + for i := range op.Parameters { + if s := w.walkParameter(&op.Parameters[i]); s != &op.Parameters[i] { + if !parametersCloned { + parametersCloned = true + clone() + op.Parameters = make([]spec.Parameter, len(orig.Parameters)) + copy(op.Parameters, orig.Parameters) + } + op.Parameters[i] = *s + } + } + + if r := w.walkResponses(op.Responses); r != op.Responses { + clone() + op.Responses = r + } + + return op +} + +func (w *mutatingReferenceWalker) walkPathItem(pathItem *spec.PathItem) *spec.PathItem { + if pathItem == nil { + return nil + } + + orig := pathItem + cloned := false + clone := func() { + if !cloned { + cloned = true + pathItem = &spec.PathItem{} + *pathItem = *orig + } + } + + if p, changed := w.walkParameters(pathItem.Parameters); changed { + clone() + pathItem.Parameters = p + } + if op := w.walkOperation(pathItem.Get); op != pathItem.Get { + clone() + pathItem.Get = op + } + if op := w.walkOperation(pathItem.Head); op != pathItem.Head { + clone() + pathItem.Head = op + } + if op := w.walkOperation(pathItem.Delete); op != pathItem.Delete { + clone() + pathItem.Delete = op + } + if op := w.walkOperation(pathItem.Options); op != pathItem.Options { + clone() + pathItem.Options = op + } + if op := w.walkOperation(pathItem.Patch); op != pathItem.Patch { + clone() + pathItem.Patch = op + } + if op := w.walkOperation(pathItem.Post); op != pathItem.Post { + clone() + pathItem.Post = op + } + if op := w.walkOperation(pathItem.Put); op != pathItem.Put { + clone() + pathItem.Put = op + } + + return pathItem +} + +func (w *mutatingReferenceWalker) walkPaths(paths *spec.Paths) *spec.Paths { + if paths == nil { + return nil + } + + orig := paths + cloned := false + clone := func() { + if !cloned { + cloned = true + paths = &spec.Paths{} + *paths = *orig + } + } + + pathsCloned := false + for k, v := range paths.Paths { + if p := w.walkPathItem(&v); p != &v { + if !pathsCloned { + pathsCloned = true + clone() + paths.Paths = make(map[string]spec.PathItem, len(orig.Paths)) + for k2, v2 := range orig.Paths { + paths.Paths[k2] = v2 + } + } + paths.Paths[k] = *p + } + } + + return paths +} + +func (w *mutatingReferenceWalker) Start(swagger *spec.Swagger) *spec.Swagger { + if swagger == nil { + return nil + } + + orig := swagger + cloned := false + clone := func() { + if !cloned { + cloned = true + swagger = &spec.Swagger{} + *swagger = *orig + } + } + + parametersCloned := false + for k, v := range swagger.Parameters { + if p := w.walkParameter(&v); p != &v { + if !parametersCloned { + parametersCloned = true + clone() + swagger.Parameters = make(map[string]spec.Parameter, len(orig.Parameters)) + for k2, v2 := range orig.Parameters { + swagger.Parameters[k2] = v2 + } + } + swagger.Parameters[k] = *p + } + } + + responsesCloned := false + for k, v := range swagger.Responses { + if r := w.walkResponse(&v); r != &v { + if !responsesCloned { + responsesCloned = true + clone() + swagger.Responses = make(map[string]spec.Response, len(orig.Responses)) + for k2, v2 := range orig.Responses { + swagger.Responses[k2] = v2 + } + } + swagger.Responses[k] = *r + } + } + + definitionsCloned := false + for k, v := range swagger.Definitions { + if s := w.walkSchema(&v); s != &v { + if !definitionsCloned { + definitionsCloned = true + clone() + swagger.Definitions = make(spec.Definitions, len(orig.Definitions)) + for k2, v2 := range orig.Definitions { + swagger.Definitions[k2] = v2 + } + } + swagger.Definitions[k] = *s + } + } + + if swagger.Paths != nil { + if p := w.walkPaths(swagger.Paths); p != swagger.Paths { + clone() + swagger.Paths = p + } + } + + return swagger +} diff --git a/vendor/k8s.io/kube-openapi/pkg/aggregator/walker.go b/vendor/k8s.io/kube-openapi/pkg/aggregator/walker.go new file mode 100644 index 00000000000..81dc1395e1e --- /dev/null +++ b/vendor/k8s.io/kube-openapi/pkg/aggregator/walker.go @@ -0,0 +1,162 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package aggregator + +import ( + "strings" + + "github.com/go-openapi/spec" +) + +const ( + definitionPrefix = "#/definitions/" +) + +// Run a readonlyReferenceWalker method on all references of an OpenAPI spec +type readonlyReferenceWalker struct { + // walkRefCallback will be called on each reference. The input will never be nil. + walkRefCallback func(ref *spec.Ref) + + // The spec to walk through. + root *spec.Swagger +} + +// walkOnAllReferences recursively walks on all references, while following references into definitions. +// it calls walkRef on each found reference. +func walkOnAllReferences(walkRef func(ref *spec.Ref), root *spec.Swagger) { + alreadyVisited := map[string]bool{} + + walker := &readonlyReferenceWalker{ + root: root, + } + walker.walkRefCallback = func(ref *spec.Ref) { + walkRef(ref) + + refStr := ref.String() + if refStr == "" || !strings.HasPrefix(refStr, definitionPrefix) { + return + } + defName := refStr[len(definitionPrefix):] + + if _, found := root.Definitions[defName]; found && !alreadyVisited[refStr] { + alreadyVisited[refStr] = true + def := root.Definitions[defName] + walker.walkSchema(&def) + } + } + walker.Start() +} + +func (s *readonlyReferenceWalker) walkSchema(schema *spec.Schema) { + if schema == nil { + return + } + s.walkRefCallback(&schema.Ref) + var v *spec.Schema + if len(schema.Definitions)+len(schema.Properties)+len(schema.PatternProperties) > 0 { + v = &spec.Schema{} + } + for k := range schema.Definitions { + *v = schema.Definitions[k] + s.walkSchema(v) + } + for k := range schema.Properties { + *v = schema.Properties[k] + s.walkSchema(v) + } + for k := range schema.PatternProperties { + *v = schema.PatternProperties[k] + s.walkSchema(v) + } + for i := range schema.AllOf { + s.walkSchema(&schema.AllOf[i]) + } + for i := range schema.AnyOf { + s.walkSchema(&schema.AnyOf[i]) + } + for i := range schema.OneOf { + s.walkSchema(&schema.OneOf[i]) + } + if schema.Not != nil { + s.walkSchema(schema.Not) + } + if schema.AdditionalProperties != nil && schema.AdditionalProperties.Schema != nil { + s.walkSchema(schema.AdditionalProperties.Schema) + } + if schema.AdditionalItems != nil && schema.AdditionalItems.Schema != nil { + s.walkSchema(schema.AdditionalItems.Schema) + } + if schema.Items != nil { + if schema.Items.Schema != nil { + s.walkSchema(schema.Items.Schema) + } + for i := range schema.Items.Schemas { + s.walkSchema(&schema.Items.Schemas[i]) + } + } +} + +func (s *readonlyReferenceWalker) walkParams(params []spec.Parameter) { + if params == nil { + return + } + for _, param := range params { + s.walkRefCallback(¶m.Ref) + s.walkSchema(param.Schema) + if param.Items != nil { + s.walkRefCallback(¶m.Items.Ref) + } + } +} + +func (s *readonlyReferenceWalker) walkResponse(resp *spec.Response) { + if resp == nil { + return + } + s.walkRefCallback(&resp.Ref) + s.walkSchema(resp.Schema) +} + +func (s *readonlyReferenceWalker) walkOperation(op *spec.Operation) { + if op == nil { + return + } + s.walkParams(op.Parameters) + if op.Responses == nil { + return + } + s.walkResponse(op.Responses.Default) + for _, r := range op.Responses.StatusCodeResponses { + s.walkResponse(&r) + } +} + +func (s *readonlyReferenceWalker) Start() { + if s.root.Paths == nil { + return + } + for _, pathItem := range s.root.Paths.Paths { + s.walkParams(pathItem.Parameters) + s.walkOperation(pathItem.Delete) + s.walkOperation(pathItem.Get) + s.walkOperation(pathItem.Head) + s.walkOperation(pathItem.Options) + s.walkOperation(pathItem.Patch) + s.walkOperation(pathItem.Post) + s.walkOperation(pathItem.Put) + } +} diff --git a/vendor/k8s.io/kube-openapi/pkg/generators/openapi.go b/vendor/k8s.io/kube-openapi/pkg/generators/openapi.go index 97278fe6f0e..774886a9402 100644 --- a/vendor/k8s.io/kube-openapi/pkg/generators/openapi.go +++ b/vendor/k8s.io/kube-openapi/pkg/generators/openapi.go @@ -171,7 +171,7 @@ func (g *openAPIGen) Init(c *generator.Context, w io.Writer) error { sw.Do("return map[string]$.OpenAPIDefinition|raw${\n", argsFromType(nil)) for _, t := range c.Order { - err := newOpenAPITypeWriter(sw).generateCall(t) + err := newOpenAPITypeWriter(sw, c).generateCall(t) if err != nil { return err } @@ -186,7 +186,7 @@ func (g *openAPIGen) Init(c *generator.Context, w io.Writer) error { func (g *openAPIGen) GenerateType(c *generator.Context, t *types.Type, w io.Writer) error { klog.V(5).Infof("generating for type %v", t) sw := generator.NewSnippetWriter(w, c, "$", "$") - err := newOpenAPITypeWriter(sw).generate(t) + err := newOpenAPITypeWriter(sw, c).generate(t) if err != nil { return err } @@ -221,13 +221,15 @@ func shouldInlineMembers(m *types.Member) bool { type openAPITypeWriter struct { *generator.SnippetWriter + context *generator.Context refTypes map[string]*types.Type GetDefinitionInterface *types.Type } -func newOpenAPITypeWriter(sw *generator.SnippetWriter) openAPITypeWriter { +func newOpenAPITypeWriter(sw *generator.SnippetWriter, c *generator.Context) openAPITypeWriter { return openAPITypeWriter{ SnippetWriter: sw, + context: c, refTypes: map[string]*types.Type{}, } } @@ -337,12 +339,22 @@ func (g openAPITypeWriter) generate(t *types.Type) error { g.Do("return $.OpenAPIDefinition|raw${\nSchema: spec.Schema{\nSchemaProps: spec.SchemaProps{\n", args) g.generateDescription(t.CommentLines) g.Do("Type: []string{\"object\"},\n", nil) - g.Do("Properties: map[string]$.SpecSchemaType|raw${\n", args) - required, err := g.generateMembers(t, []string{}) + + // write members into a temporary buffer, in order to postpone writing out the Properties field. We only do + // that if it is not empty. + propertiesBuf := bytes.Buffer{} + bsw := g + bsw.SnippetWriter = generator.NewSnippetWriter(&propertiesBuf, g.context, "$", "$") + required, err := bsw.generateMembers(t, []string{}) if err != nil { return err } - g.Do("},\n", nil) + if propertiesBuf.Len() > 0 { + g.Do("Properties: map[string]$.SpecSchemaType|raw${\n", args) + g.Do(strings.Replace(propertiesBuf.String(), "$", "$\"$\"$", -1), nil) // escape $ (used as delimiter of the templates) + g.Do("},\n", nil) + } + if len(required) > 0 { g.Do("Required: []string{\"$.$\"},\n", strings.Join(required, "\",\"")) } @@ -351,13 +363,14 @@ func (g openAPITypeWriter) generate(t *types.Type) error { return err } g.Do("},\n", nil) - g.Do("Dependencies: []string{\n", args) + // Map order is undefined, sort them or we may get a different file generated each time. keys := []string{} for k := range g.refTypes { keys = append(keys, k) } sort.Strings(keys) + deps := []string{} for _, k := range keys { v := g.refTypes[k] if t, _ := openapi.GetOpenAPITypeFormat(v.String()); t != "" { @@ -365,9 +378,16 @@ func (g openAPITypeWriter) generate(t *types.Type) error { // Will eliminate special case of time.Time continue } - g.Do("\"$.$\",", k) + deps = append(deps, k) } - g.Do("},\n}\n}\n\n", nil) + if len(deps) > 0 { + g.Do("Dependencies: []string{\n", args) + for _, k := range deps { + g.Do("\"$.$\",", k) + } + g.Do("},\n", nil) + } + g.Do("}\n}\n\n", nil) } return nil } @@ -409,7 +429,7 @@ func (g openAPITypeWriter) emitExtensions(extensions []extension) { for _, extension := range extensions { g.Do("\"$.$\": ", extension.xName) if extension.hasMultipleValues() { - g.Do("[]string{\n", nil) + g.Do("[]interface{}{\n", nil) } for _, value := range extension.values { g.Do("\"$.$\",\n", value) @@ -562,7 +582,7 @@ func (g openAPITypeWriter) generateMapProperty(t *types.Type) error { return fmt.Errorf("map with non-string keys are not supported by OpenAPI in %v", t) } g.Do("Type: []string{\"object\"},\n", nil) - g.Do("AdditionalProperties: &spec.SchemaOrBool{\nSchema: &spec.Schema{\nSchemaProps: spec.SchemaProps{\n", nil) + g.Do("AdditionalProperties: &spec.SchemaOrBool{\nAllows: true,\nSchema: &spec.Schema{\nSchemaProps: spec.SchemaProps{\n", nil) typeString, format := openapi.GetOpenAPITypeFormat(elemType.String()) if typeString != "" { g.generateSimpleProperty(typeString, format) diff --git a/vendor/k8s.io/kube-openapi/pkg/generators/rules/OWNERS b/vendor/k8s.io/kube-openapi/pkg/generators/rules/OWNERS old mode 100755 new mode 100644 diff --git a/vendor/k8s.io/kube-openapi/pkg/handler/BUILD b/vendor/k8s.io/kube-openapi/pkg/handler/BUILD index 18993e30e9a..b2fb7dcce92 100644 --- a/vendor/k8s.io/kube-openapi/pkg/handler/BUILD +++ b/vendor/k8s.io/kube-openapi/pkg/handler/BUILD @@ -13,6 +13,7 @@ go_library( "//vendor/github.com/golang/protobuf/proto:go_default_library", "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library", "//vendor/github.com/googleapis/gnostic/compiler:go_default_library", + "//vendor/github.com/json-iterator/go:go_default_library", "//vendor/github.com/munnerz/goautoneg:go_default_library", "//vendor/gopkg.in/yaml.v2:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/builder:go_default_library", diff --git a/vendor/k8s.io/kube-openapi/pkg/handler/handler.go b/vendor/k8s.io/kube-openapi/pkg/handler/handler.go index f4e64766a67..6b3887e585b 100644 --- a/vendor/k8s.io/kube-openapi/pkg/handler/handler.go +++ b/vendor/k8s.io/kube-openapi/pkg/handler/handler.go @@ -20,7 +20,6 @@ import ( "bytes" "compress/gzip" "crypto/sha512" - "encoding/json" "fmt" "mime" "net/http" @@ -28,15 +27,15 @@ import ( "sync" "time" - yaml "gopkg.in/yaml.v2" - "github.com/NYTimes/gziphandler" restful "github.com/emicklei/go-restful" "github.com/go-openapi/spec" "github.com/golang/protobuf/proto" openapi_v2 "github.com/googleapis/gnostic/OpenAPIv2" "github.com/googleapis/gnostic/compiler" + "github.com/json-iterator/go" "github.com/munnerz/goautoneg" + yaml "gopkg.in/yaml.v2" "k8s.io/kube-openapi/pkg/builder" "k8s.io/kube-openapi/pkg/common" @@ -78,6 +77,15 @@ func computeETag(data []byte) string { return fmt.Sprintf("\"%X\"", sha512.Sum512(data)) } +// NewOpenAPIService builds an OpenAPIService starting with the given spec. +func NewOpenAPIService(spec *spec.Swagger) (*OpenAPIService, error) { + o := &OpenAPIService{} + if err := o.UpdateSpec(spec); err != nil { + return nil, err + } + return o, nil +} + // NOTE: [DEPRECATION] We will announce deprecation for format-separated endpoints for OpenAPI spec, // and switch to a single /openapi/v2 endpoint in Kubernetes 1.10. The design doc and deprecation process // are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU. @@ -89,7 +97,11 @@ func BuildAndRegisterOpenAPIService(servePath string, webServices []*restful.Web if err != nil { return nil, err } - return RegisterOpenAPIService(spec, servePath, handler) + o, err := NewOpenAPIService(spec) + if err != nil { + return nil, err + } + return o, o.RegisterOpenAPIService(servePath, handler) } // NOTE: [DEPRECATION] We will announce deprecation for format-separated endpoints for OpenAPI spec, @@ -99,18 +111,30 @@ func BuildAndRegisterOpenAPIService(servePath string, webServices []*restful.Web // RegisterOpenAPIService registers a handler to provide access to provided swagger spec. // Note: servePath should end with ".json" as the RegisterOpenAPIService assume it is serving a // json file and will also serve .pb and .gz files. -func RegisterOpenAPIService(openapiSpec *spec.Swagger, servePath string, handler common.PathHandler) (*OpenAPIService, error) { +// +// Deprecated: use OpenAPIService.RegisterOpenAPIService instead. +func RegisterOpenAPIService(spec *spec.Swagger, servePath string, handler common.PathHandler) (*OpenAPIService, error) { + o, err := NewOpenAPIService(spec) + if err != nil { + return nil, err + } + return o, o.RegisterOpenAPIService(servePath, handler) +} + +// NOTE: [DEPRECATION] We will announce deprecation for format-separated endpoints for OpenAPI spec, +// and switch to a single /openapi/v2 endpoint in Kubernetes 1.10. The design doc and deprecation process +// are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU. +// +// RegisterOpenAPIService registers a handler to provide access to provided swagger spec. +// Note: servePath should end with ".json" as the RegisterOpenAPIService assume it is serving a +// json file and will also serve .pb and .gz files. +func (o *OpenAPIService) RegisterOpenAPIService(servePath string, handler common.PathHandler) error { if !strings.HasSuffix(servePath, jsonExt) { - return nil, fmt.Errorf("serving path must end with \"%s\"", jsonExt) + return fmt.Errorf("serving path must end with \"%s\"", jsonExt) } servePathBase := strings.TrimSuffix(servePath, jsonExt) - o := OpenAPIService{} - if err := o.UpdateSpec(openapiSpec); err != nil { - return nil, err - } - type fileInfo struct { ext string getDataAndETag func() ([]byte, string, time.Time) @@ -137,7 +161,7 @@ func RegisterOpenAPIService(openapiSpec *spec.Swagger, servePath string, handler )) } - return &o, nil + return nil } func (o *OpenAPIService) getSwaggerBytes() ([]byte, string, time.Time) { @@ -159,11 +183,15 @@ func (o *OpenAPIService) getSwaggerPbGzBytes() ([]byte, string, time.Time) { } func (o *OpenAPIService) UpdateSpec(openapiSpec *spec.Swagger) (err error) { - specBytes, err := json.MarshalIndent(openapiSpec, " ", " ") + specBytes, err := jsoniter.ConfigCompatibleWithStandardLibrary.Marshal(openapiSpec) if err != nil { return err } - specPb, err := toProtoBinary(specBytes) + var json map[string]interface{} + if err := jsoniter.ConfigCompatibleWithStandardLibrary.Unmarshal(specBytes, &json); err != nil { + return err + } + specPb, err := ToProtoBinary(json) if err != nil { return err } @@ -189,13 +217,33 @@ func (o *OpenAPIService) UpdateSpec(openapiSpec *spec.Swagger) (err error) { return nil } -func toProtoBinary(spec []byte) ([]byte, error) { - var info yaml.MapSlice - err := yaml.Unmarshal(spec, &info) - if err != nil { - return nil, err +func jsonToYAML(j map[string]interface{}) yaml.MapSlice { + if j == nil { + return nil } - document, err := openapi_v2.NewDocument(info, compiler.NewContext("$root", nil)) + ret := make(yaml.MapSlice, 0, len(j)) + for k, v := range j { + ret = append(ret, yaml.MapItem{k, jsonToYAMLValue(v)}) + } + return ret +} + +func jsonToYAMLValue(j interface{}) interface{} { + switch j := j.(type) { + case map[string]interface{}: + return jsonToYAML(j) + case []interface{}: + ret := make([]interface{}, len(j)) + for i := range j { + ret[i] = jsonToYAMLValue(j[i]) + } + return ret + } + return j +} + +func ToProtoBinary(json map[string]interface{}) ([]byte, error) { + document, err := openapi_v2.NewDocument(jsonToYAML(json), compiler.NewContext("$root", nil)) if err != nil { return nil, err } @@ -211,12 +259,18 @@ func toGzip(data []byte) []byte { } // RegisterOpenAPIVersionedService registers a handler to provide access to provided swagger spec. -func RegisterOpenAPIVersionedService(openapiSpec *spec.Swagger, servePath string, handler common.PathHandler) (*OpenAPIService, error) { - o := OpenAPIService{} - if err := o.UpdateSpec(openapiSpec); err != nil { +// +// Deprecated: use OpenAPIService.RegisterOpenAPIVersionedService instead. +func RegisterOpenAPIVersionedService(spec *spec.Swagger, servePath string, handler common.PathHandler) (*OpenAPIService, error) { + o, err := NewOpenAPIService(spec) + if err != nil { return nil, err } + return o, o.RegisterOpenAPIVersionedService(servePath, handler) +} +// RegisterOpenAPIVersionedService registers a handler to provide access to provided swagger spec. +func (o *OpenAPIService) RegisterOpenAPIVersionedService(servePath string, handler common.PathHandler) error { accepted := []struct { Type string SubType string @@ -257,7 +311,7 @@ func RegisterOpenAPIVersionedService(openapiSpec *spec.Swagger, servePath string }), )) - return &o, nil + return nil } // BuildAndRegisterOpenAPIVersionedService builds the spec and registers a handler to provide access to it. @@ -267,5 +321,9 @@ func BuildAndRegisterOpenAPIVersionedService(servePath string, webServices []*re if err != nil { return nil, err } - return RegisterOpenAPIVersionedService(spec, servePath, handler) + o, err := NewOpenAPIService(spec) + if err != nil { + return nil, err + } + return o, o.RegisterOpenAPIVersionedService(servePath, handler) } diff --git a/vendor/k8s.io/kube-openapi/pkg/schemaconv/smd.go b/vendor/k8s.io/kube-openapi/pkg/schemaconv/smd.go index a885527c726..df0e22da780 100644 --- a/vendor/k8s.io/kube-openapi/pkg/schemaconv/smd.go +++ b/vendor/k8s.io/kube-openapi/pkg/schemaconv/smd.go @@ -98,6 +98,13 @@ func (c *convert) insertTypeDef(name string, model proto.Schema) { func (c *convert) makeRef(model proto.Schema) schema.TypeRef { var tr schema.TypeRef if r, ok := model.(*proto.Ref); ok { + if r.Reference() == "io.k8s.apimachinery.pkg.runtime.RawExtension" { + return schema.TypeRef{ + Inlined: schema.Atom{ + Untyped: &schema.Untyped{}, + }, + } + } // reference a named type _, n := path.Split(r.Reference()) tr.NamedType = &n diff --git a/vendor/k8s.io/kube-openapi/pkg/util/util.go b/vendor/k8s.io/kube-openapi/pkg/util/util.go index c5c42cd44cd..1eb674eea06 100644 --- a/vendor/k8s.io/kube-openapi/pkg/util/util.go +++ b/vendor/k8s.io/kube-openapi/pkg/util/util.go @@ -21,14 +21,39 @@ import ( "strings" ) -// ToCanonicalName converts Golang package/type name into canonical OpenAPI name. -// Examples: +// [DEPRECATED] ToCanonicalName converts Golang package/type canonical name into REST friendly OpenAPI name. +// This method is deprecated because it has a misleading name. Please use ToRESTFriendlyName +// instead +// +// NOTE: actually the "canonical name" in this method should be named "REST friendly OpenAPI name", +// which is different from "canonical name" defined in GetCanonicalTypeName. The "canonical name" defined +// in GetCanonicalTypeName means Go type names with full package path. +// +// Examples of REST friendly OpenAPI name: // Input: k8s.io/api/core/v1.Pod // Output: io.k8s.api.core.v1.Pod // // Input: k8s.io/api/core/v1 // Output: io.k8s.api.core.v1 +// +// Input: csi.storage.k8s.io/v1alpha1.CSINodeInfo +// Output: io.k8s.storage.csi.v1alpha1.CSINodeInfo func ToCanonicalName(name string) string { + return ToRESTFriendlyName(name) +} + +// ToRESTFriendlyName converts Golang package/type canonical name into REST friendly OpenAPI name. +// +// Examples of REST friendly OpenAPI name: +// Input: k8s.io/api/core/v1.Pod +// Output: io.k8s.api.core.v1.Pod +// +// Input: k8s.io/api/core/v1 +// Output: io.k8s.api.core.v1 +// +// Input: csi.storage.k8s.io/v1alpha1.CSINodeInfo +// Output: io.k8s.storage.csi.v1alpha1.CSINodeInfo +func ToRESTFriendlyName(name string) string { nameParts := strings.Split(name, "/") // Reverse first part. e.g., io.k8s... instead of k8s.io... if len(nameParts) > 0 && strings.Contains(nameParts[0], ".") { @@ -41,9 +66,30 @@ func ToCanonicalName(name string) string { return strings.Join(nameParts, ".") } +// OpenAPICanonicalTypeNamer is an interface for models without Go type to seed model name. +// +// OpenAPI canonical names are Go type names with full package path, for uniquely indentifying +// a model / Go type. If a Go type is vendored from another package, only the path after "/vendor/" +// should be used. For custom resource definition (CRD), the canonical name is expected to be +// group/version.kind +// +// Examples of canonical name: +// Go type: k8s.io/kubernetes/pkg/apis/core.Pod +// CRD: csi.storage.k8s.io/v1alpha1.CSINodeInfo +// +// Example for vendored Go type: +// Original full path: k8s.io/kubernetes/vendor/k8s.io/api/core/v1.Pod +// Canonical name: k8s.io/api/core/v1.Pod +type OpenAPICanonicalTypeNamer interface { + OpenAPICanonicalTypeName() string +} + // GetCanonicalTypeName will find the canonical type name of a sample object, removing // the "vendor" part of the path func GetCanonicalTypeName(model interface{}) string { + if namer, ok := model.(OpenAPICanonicalTypeNamer); ok { + return namer.OpenAPICanonicalTypeName() + } t := reflect.TypeOf(model) if t.Kind() == reflect.Ptr { t = t.Elem() diff --git a/vendor/k8s.io/repo-infra/kazel/BUILD b/vendor/k8s.io/repo-infra/kazel/BUILD index c033f44643f..3b5c1cb21ab 100644 --- a/vendor/k8s.io/repo-infra/kazel/BUILD +++ b/vendor/k8s.io/repo-infra/kazel/BUILD @@ -21,6 +21,7 @@ go_library( go_binary( name = "kazel", embed = [":go_default_library"], + tags = ["manual"], visibility = ["//visibility:public"], ) diff --git a/vendor/sigs.k8s.io/kustomize/LICENSE b/vendor/sigs.k8s.io/kustomize/LICENSE new file mode 100644 index 00000000000..8dada3edaf5 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/sigs.k8s.io/kustomize/pkg/commands/build/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/commands/build/BUILD new file mode 100644 index 00000000000..225b86735e5 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/commands/build/BUILD @@ -0,0 +1,33 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["build.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/commands/build", + importpath = "sigs.k8s.io/kustomize/pkg/commands/build", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/pkg/errors:go_default_library", + "//vendor/github.com/spf13/cobra:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/constants:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/loader:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/target:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/commands/build/build.go b/vendor/sigs.k8s.io/kustomize/pkg/commands/build/build.go new file mode 100644 index 00000000000..43c1a982f04 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/commands/build/build.go @@ -0,0 +1,129 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package build + +import ( + "io" + + "github.com/pkg/errors" + "github.com/spf13/cobra" + "sigs.k8s.io/kustomize/pkg/constants" + "sigs.k8s.io/kustomize/pkg/fs" + "sigs.k8s.io/kustomize/pkg/ifc/transformer" + "sigs.k8s.io/kustomize/pkg/loader" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/target" +) + +// Options contain the options for running a build +type Options struct { + kustomizationPath string + outputPath string +} + +// NewOptions creates a Options object +func NewOptions(p, o string) *Options { + return &Options{ + kustomizationPath: p, + outputPath: o, + } +} + +var examples = ` +Use the file somedir/kustomization.yaml to generate a set of api resources: + build somedir + +Use a url pointing to a remote directory/kustomization.yaml to generate a set of api resources: + build url +The url should follow hashicorp/go-getter URL format described in +https://github.com/hashicorp/go-getter#url-format + +url examples: + sigs.k8s.io/kustomize//examples/multibases?ref=v1.0.6 + github.com/Liujingfang1/mysql + github.com/Liujingfang1/kustomize//examples/helloWorld?ref=repoUrl2 +` + +// NewCmdBuild creates a new build command. +func NewCmdBuild( + out io.Writer, fs fs.FileSystem, + rf *resmap.Factory, + ptf transformer.Factory) *cobra.Command { + var o Options + + cmd := &cobra.Command{ + Use: "build [path]", + Short: "Print current configuration per contents of " + constants.KustomizationFileNames[0], + Example: examples, + SilenceUsage: true, + RunE: func(cmd *cobra.Command, args []string) error { + err := o.Validate(args) + if err != nil { + return err + } + return o.RunBuild(out, fs, rf, ptf) + }, + } + cmd.Flags().StringVarP( + &o.outputPath, + "output", "o", "", + "If specified, write the build output to this path.") + return cmd +} + +// Validate validates build command. +func (o *Options) Validate(args []string) error { + if len(args) > 1 { + return errors.New("specify one path to " + constants.KustomizationFileNames[0]) + } + if len(args) == 0 { + o.kustomizationPath = "./" + } else { + o.kustomizationPath = args[0] + } + + return nil +} + +// RunBuild runs build command. +func (o *Options) RunBuild( + out io.Writer, fSys fs.FileSystem, + rf *resmap.Factory, ptf transformer.Factory) error { + ldr, err := loader.NewLoader(o.kustomizationPath, fSys) + if err != nil { + return err + } + defer ldr.Cleanup() + kt, err := target.NewKustTarget(ldr, fSys, rf, ptf) + if err != nil { + return err + } + allResources, err := kt.MakeCustomizedResMap() + if err != nil { + return err + } + // Output the objects. + res, err := allResources.EncodeAsYaml() + if err != nil { + return err + } + if o.outputPath != "" { + return fSys.WriteFile(o.outputPath, res) + } + _, err = out.Write(res) + return err +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/constants/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/constants/BUILD new file mode 100644 index 00000000000..c18418cef59 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/constants/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["constants.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/constants", + importpath = "sigs.k8s.io/kustomize/pkg/constants", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/constants/constants.go b/vendor/sigs.k8s.io/kustomize/pkg/constants/constants.go new file mode 100644 index 00000000000..dd50230fbd6 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/constants/constants.go @@ -0,0 +1,28 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package constants holds global constants for the kustomize tool. +package constants + +// KustomizationFileNames is a list of filenames that can be recognized and consumbed +// by Kustomize. +// In each directory, Kustomize searches for file with the name in this list. +// Only one match is allowed. +var KustomizationFileNames = []string{ + "kustomization.yaml", + "kustomization.yml", + "Kustomization", +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/expansion/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/expansion/BUILD new file mode 100644 index 00000000000..bc3ecdeabb9 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/expansion/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["expand.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/expansion", + importpath = "sigs.k8s.io/kustomize/pkg/expansion", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/expansion/expand.go b/vendor/sigs.k8s.io/kustomize/pkg/expansion/expand.go new file mode 100644 index 00000000000..c2a81ed6f25 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/expansion/expand.go @@ -0,0 +1,119 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package expansion provides functions find and replace $(FOO) style variables in strings. +package expansion + +import ( + "bytes" +) + +const ( + operator = '$' + referenceOpener = '(' + referenceCloser = ')' +) + +// syntaxWrap returns the input string wrapped by the expansion syntax. +func syntaxWrap(input string) string { + return string(operator) + string(referenceOpener) + input + string(referenceCloser) +} + +// MappingFuncFor returns a mapping function for use with Expand that +// implements the expansion semantics defined in the expansion spec; it +// returns the input string wrapped in the expansion syntax if no mapping +// for the input is found. +func MappingFuncFor(context ...map[string]string) func(string) string { + return func(input string) string { + for _, vars := range context { + val, ok := vars[input] + if ok { + return val + } + } + + return syntaxWrap(input) + } +} + +// Expand replaces variable references in the input string according to +// the expansion spec using the given mapping function to resolve the +// values of variables. +func Expand(input string, mapping func(string) string) string { + var buf bytes.Buffer + checkpoint := 0 + for cursor := 0; cursor < len(input); cursor++ { + if input[cursor] == operator && cursor+1 < len(input) { + // Copy the portion of the input string since the last + // checkpoint into the buffer + buf.WriteString(input[checkpoint:cursor]) + + // Attempt to read the variable name as defined by the + // syntax from the input string + read, isVar, advance := tryReadVariableName(input[cursor+1:]) + + if isVar { + // We were able to read a variable name correctly; + // apply the mapping to the variable name and copy the + // bytes into the buffer + buf.WriteString(mapping(read)) + } else { + // Not a variable name; copy the read bytes into the buffer + buf.WriteString(read) + } + + // Advance the cursor in the input string to account for + // bytes consumed to read the variable name expression + cursor += advance + + // Advance the checkpoint in the input string + checkpoint = cursor + 1 + } + } + + // Return the buffer and any remaining unwritten bytes in the + // input string. + return buf.String() + input[checkpoint:] +} + +// tryReadVariableName attempts to read a variable name from the input +// string and returns the content read from the input, whether that content +// represents a variable name to perform mapping on, and the number of bytes +// consumed in the input string. +// +// The input string is assumed not to contain the initial operator. +func tryReadVariableName(input string) (string, bool, int) { + switch input[0] { + case operator: + // Escaped operator; return it. + return input[0:1], false, 1 + case referenceOpener: + // Scan to expression closer + for i := 1; i < len(input); i++ { + if input[i] == referenceCloser { + return input[1:i], true, i + 1 + } + } + + // Incomplete reference; return it. + return string(operator) + string(referenceOpener), false, 1 + default: + // Not the beginning of an expression, ie, an operator + // that doesn't begin an expression. Return the operator + // and the first rune in the string. + return string(operator) + string(input[0]), false, 1 + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/factory/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/factory/BUILD new file mode 100644 index 00000000000..2a2351e2d32 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/factory/BUILD @@ -0,0 +1,29 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["factory.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/factory", + importpath = "sigs.k8s.io/kustomize/pkg/factory", + visibility = ["//visibility:public"], + deps = [ + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/factory/factory.go b/vendor/sigs.k8s.io/kustomize/pkg/factory/factory.go new file mode 100644 index 00000000000..e71669a8718 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/factory/factory.go @@ -0,0 +1,39 @@ +/* +Copyright 2018 The Kubernetes Authors. + Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Package factory provides factories for kustomize. +package factory + +import ( + "sigs.k8s.io/kustomize/pkg/ifc" + "sigs.k8s.io/kustomize/pkg/ifc/transformer" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/resource" +) + +// KustFactory provides different factories for kustomize +type KustFactory struct { + ResmapF *resmap.Factory + TransformerF transformer.Factory + ValidatorF ifc.Validator + UnstructF ifc.KunstructuredFactory +} + +// NewKustFactory creats a KustFactory instance +func NewKustFactory(u ifc.KunstructuredFactory, v ifc.Validator, t transformer.Factory) *KustFactory { + return &KustFactory{ + ResmapF: resmap.NewFactory(resource.NewFactory(u)), + TransformerF: t, + ValidatorF: v, + UnstructF: u, + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/fs/BUILD new file mode 100644 index 00000000000..04fbbaa4a7f --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/BUILD @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "confirmeddir.go", + "fakefile.go", + "fakefileinfo.go", + "fakefs.go", + "fs.go", + "realfile.go", + "realfs.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/fs", + importpath = "sigs.k8s.io/kustomize/pkg/fs", + visibility = ["//visibility:public"], + deps = ["//vendor/sigs.k8s.io/kustomize/pkg/constants:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/confirmeddir.go b/vendor/sigs.k8s.io/kustomize/pkg/fs/confirmeddir.go new file mode 100644 index 00000000000..6d2f5c30d22 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/confirmeddir.go @@ -0,0 +1,85 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fs + +import ( + "io/ioutil" + "path/filepath" + "strings" +) + +// ConfirmedDir is a clean, absolute, delinkified path +// that was confirmed to point to an existing directory. +type ConfirmedDir string + +// Return a temporary dir, else error. +// The directory is cleaned, no symlinks, etc. so its +// returned as a ConfirmedDir. +func NewTmpConfirmedDir() (ConfirmedDir, error) { + n, err := ioutil.TempDir("", "kustomize-") + if err != nil { + return "", err + } + return ConfirmedDir(n), nil +} + +// HasPrefix returns true if the directory argument +// is a prefix of self (d) from the point of view of +// a file system. +// +// I.e., it's true if the argument equals or contains +// self (d) in a file path sense. +// +// HasPrefix emulates the semantics of strings.HasPrefix +// such that the following are true: +// +// strings.HasPrefix("foobar", "foobar") +// strings.HasPrefix("foobar", "foo") +// strings.HasPrefix("foobar", "") +// +// d := fSys.ConfirmDir("/foo/bar") +// d.HasPrefix("/foo/bar") +// d.HasPrefix("/foo") +// d.HasPrefix("/") +// +// Not contacting a file system here to check for +// actual path existence. +// +// This is tested on linux, but will have trouble +// on other operating systems. +// TODO(monopole) Refactor when #golang/go/18358 closes. +// See also: +// https://github.com/golang/go/issues/18358 +// https://github.com/golang/dep/issues/296 +// https://github.com/golang/dep/blob/master/internal/fs/fs.go#L33 +// https://codereview.appspot.com/5712045 +func (d ConfirmedDir) HasPrefix(path ConfirmedDir) bool { + if path.String() == string(filepath.Separator) || path == d { + return true + } + return strings.HasPrefix( + string(d), + string(path)+string(filepath.Separator)) +} + +func (d ConfirmedDir) Join(path string) string { + return filepath.Join(string(d), path) +} + +func (d ConfirmedDir) String() string { + return string(d) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefile.go b/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefile.go new file mode 100644 index 00000000000..64bc55685f1 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefile.go @@ -0,0 +1,69 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fs + +import ( + "bytes" + "os" +) + +var _ File = &FakeFile{} + +// FakeFile implements File in-memory for tests. +type FakeFile struct { + name string + content []byte + dir bool + open bool +} + +// makeDir makes a fake directory. +func makeDir(name string) *FakeFile { + return &FakeFile{name: name, dir: true} +} + +// Close marks the fake file closed. +func (f *FakeFile) Close() error { + f.open = false + return nil +} + +// Read never fails, and doesn't mutate p. +func (f *FakeFile) Read(p []byte) (n int, err error) { + return len(p), nil +} + +// Write saves the contents of the argument to memory. +func (f *FakeFile) Write(p []byte) (n int, err error) { + f.content = p + return len(p), nil +} + +// ContentMatches returns true if v matches fake file's content. +func (f *FakeFile) ContentMatches(v []byte) bool { + return bytes.Equal(v, f.content) +} + +// GetContent the content of a fake file. +func (f *FakeFile) GetContent() []byte { + return f.content +} + +// Stat returns nil. +func (f *FakeFile) Stat() (os.FileInfo, error) { + return nil, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefileinfo.go b/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefileinfo.go new file mode 100644 index 00000000000..6ccca915091 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefileinfo.go @@ -0,0 +1,47 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fs + +import ( + "os" + "time" +) + +var _ os.FileInfo = &Fakefileinfo{} + +// Fakefileinfo implements Fakefileinfo using a fake in-memory filesystem. +type Fakefileinfo struct { + *FakeFile +} + +// Name returns the name of the file +func (fi *Fakefileinfo) Name() string { return fi.name } + +// Size returns the size of the file +func (fi *Fakefileinfo) Size() int64 { return int64(len(fi.content)) } + +// Mode returns the file mode +func (fi *Fakefileinfo) Mode() os.FileMode { return 0777 } + +// ModTime returns the modification time +func (fi *Fakefileinfo) ModTime() time.Time { return time.Time{} } + +// IsDir returns if it is a directory +func (fi *Fakefileinfo) IsDir() bool { return fi.dir } + +// Sys should return underlying data source, but it now returns nil +func (fi *Fakefileinfo) Sys() interface{} { return nil } diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefs.go b/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefs.go new file mode 100644 index 00000000000..59c0966b214 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/fakefs.go @@ -0,0 +1,185 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fs + +import ( + "fmt" + "path/filepath" + "sort" + "strings" + + "sigs.k8s.io/kustomize/pkg/constants" +) + +var _ FileSystem = &fakeFs{} + +// fakeFs implements FileSystem using a fake in-memory filesystem. +type fakeFs struct { + m map[string]*FakeFile +} + +// MakeFakeFS returns an instance of fakeFs with no files in it. +func MakeFakeFS() *fakeFs { + result := &fakeFs{m: map[string]*FakeFile{}} + result.Mkdir("/") + return result +} + +// kustomizationContent is used in tests. +const kustomizationContent = `apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namePrefix: some-prefix +nameSuffix: some-suffix +# Labels to add to all objects and selectors. +# These labels would also be used to form the selector for apply --prune +# Named differently than “labels” to avoid confusion with metadata for this object +commonLabels: + app: helloworld +commonAnnotations: + note: This is an example annotation +resources: [] +#- service.yaml +#- ../some-dir/ +# There could also be configmaps in Base, which would make these overlays +configMapGenerator: [] +# There could be secrets in Base, if just using a fork/rebase workflow +secretGenerator: [] +` + +// Create assures a fake file appears in the in-memory file system. +func (fs *fakeFs) Create(name string) (File, error) { + f := &FakeFile{} + f.open = true + fs.m[name] = f + return fs.m[name], nil +} + +// Mkdir assures a fake directory appears in the in-memory file system. +func (fs *fakeFs) Mkdir(name string) error { + fs.m[name] = makeDir(name) + return nil +} + +// MkdirAll delegates to Mkdir +func (fs *fakeFs) MkdirAll(name string) error { + return fs.Mkdir(name) +} + +// RemoveAll presumably does rm -r on a path. +// There's no error. +func (fs *fakeFs) RemoveAll(name string) error { + var toRemove []string + for k := range fs.m { + if strings.HasPrefix(k, name) { + toRemove = append(toRemove, k) + } + } + for _, k := range toRemove { + delete(fs.m, k) + } + return nil +} + +// Open returns a fake file in the open state. +func (fs *fakeFs) Open(name string) (File, error) { + if _, found := fs.m[name]; !found { + return nil, fmt.Errorf("file %q cannot be opened", name) + } + return fs.m[name], nil +} + +// CleanedAbs cannot fail. +func (fs *fakeFs) CleanedAbs(path string) (ConfirmedDir, string, error) { + if fs.IsDir(path) { + return ConfirmedDir(path), "", nil + } + d := filepath.Dir(path) + if d == path { + return ConfirmedDir(d), "", nil + } + return ConfirmedDir(d), filepath.Base(path), nil +} + +// Exists returns true if file is known. +func (fs *fakeFs) Exists(name string) bool { + _, found := fs.m[name] + return found +} + +// Glob returns the list of matching files +func (fs *fakeFs) Glob(pattern string) ([]string, error) { + var result []string + for p := range fs.m { + if fs.pathMatch(p, pattern) { + result = append(result, p) + } + } + sort.Strings(result) + return result, nil +} + +// IsDir returns true if the file exists and is a directory. +func (fs *fakeFs) IsDir(name string) bool { + f, found := fs.m[name] + if found && f.dir { + return true + } + if !strings.HasSuffix(name, "/") { + name = name + "/" + } + for k := range fs.m { + if strings.HasPrefix(k, name) { + return true + } + } + return false +} + +// ReadFile always returns an empty bytes and error depending on content of m. +func (fs *fakeFs) ReadFile(name string) ([]byte, error) { + if ff, found := fs.m[name]; found { + return ff.content, nil + } + return nil, fmt.Errorf("cannot read file %q", name) +} + +func (fs *fakeFs) ReadTestKustomization() ([]byte, error) { + return fs.ReadFile(constants.KustomizationFileNames[0]) +} + +// WriteFile always succeeds and does nothing. +func (fs *fakeFs) WriteFile(name string, c []byte) error { + ff := &FakeFile{} + ff.Write(c) + fs.m[name] = ff + return nil +} + +// WriteTestKustomization writes a standard test file. +func (fs *fakeFs) WriteTestKustomization() { + fs.WriteTestKustomizationWith([]byte(kustomizationContent)) +} + +// WriteTestKustomizationWith writes a standard test file. +func (fs *fakeFs) WriteTestKustomizationWith(bytes []byte) { + fs.WriteFile(constants.KustomizationFileNames[0], bytes) +} + +func (fs *fakeFs) pathMatch(path, pattern string) bool { + match, _ := filepath.Match(pattern, path) + return match +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/fs.go b/vendor/sigs.k8s.io/kustomize/pkg/fs/fs.go new file mode 100644 index 00000000000..4b47dba648d --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/fs.go @@ -0,0 +1,44 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package fs provides a file system abstraction layer. +package fs + +import ( + "io" + "os" +) + +// FileSystem groups basic os filesystem methods. +type FileSystem interface { + Create(name string) (File, error) + Mkdir(name string) error + MkdirAll(name string) error + RemoveAll(name string) error + Open(name string) (File, error) + IsDir(name string) bool + CleanedAbs(path string) (ConfirmedDir, string, error) + Exists(name string) bool + Glob(pattern string) ([]string, error) + ReadFile(name string) ([]byte, error) + WriteFile(name string, data []byte) error +} + +// File groups the basic os.File methods. +type File interface { + io.ReadWriteCloser + Stat() (os.FileInfo, error) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/realfile.go b/vendor/sigs.k8s.io/kustomize/pkg/fs/realfile.go new file mode 100644 index 00000000000..5bfec55abee --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/realfile.go @@ -0,0 +1,40 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fs + +import ( + "os" +) + +var _ File = &realFile{} + +// realFile implements File using the local filesystem. +type realFile struct { + file *os.File +} + +// Close closes a file. +func (f *realFile) Close() error { return f.file.Close() } + +// Read reads a file's content. +func (f *realFile) Read(p []byte) (n int, err error) { return f.file.Read(p) } + +// Write writes bytes to a file +func (f *realFile) Write(p []byte) (n int, err error) { return f.file.Write(p) } + +// Stat returns an interface which has all the information regarding the file. +func (f *realFile) Stat() (os.FileInfo, error) { return f.file.Stat() } diff --git a/vendor/sigs.k8s.io/kustomize/pkg/fs/realfs.go b/vendor/sigs.k8s.io/kustomize/pkg/fs/realfs.go new file mode 100644 index 00000000000..11e5813b781 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/fs/realfs.go @@ -0,0 +1,122 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fs + +import ( + "fmt" + "io/ioutil" + "log" + "os" + "path/filepath" +) + +var _ FileSystem = realFS{} + +// realFS implements FileSystem using the local filesystem. +type realFS struct{} + +// MakeRealFS makes an instance of realFS. +func MakeRealFS() FileSystem { + return realFS{} +} + +// Create delegates to os.Create. +func (realFS) Create(name string) (File, error) { return os.Create(name) } + +// Mkdir delegates to os.Mkdir. +func (realFS) Mkdir(name string) error { + return os.Mkdir(name, 0777|os.ModeDir) +} + +// MkdirAll delegates to os.MkdirAll. +func (realFS) MkdirAll(name string) error { + return os.MkdirAll(name, 0777|os.ModeDir) +} + +// RemoveAll delegates to os.RemoveAll. +func (realFS) RemoveAll(name string) error { + return os.RemoveAll(name) +} + +// Open delegates to os.Open. +func (realFS) Open(name string) (File, error) { return os.Open(name) } + +// CleanedAbs returns a cleaned, absolute path +// with no symbolic links split into directory +// and file components. If the entire path is +// a directory, the file component is an empty +// string. +func (x realFS) CleanedAbs( + path string) (ConfirmedDir, string, error) { + absRoot, err := filepath.Abs(path) + if err != nil { + return "", "", fmt.Errorf( + "abs path error on '%s' : %v", path, err) + } + deLinked, err := filepath.EvalSymlinks(absRoot) + if err != nil { + return "", "", fmt.Errorf( + "evalsymlink failure on '%s' : %v", path, err) + } + if x.IsDir(deLinked) { + return ConfirmedDir(deLinked), "", nil + } + d := filepath.Dir(deLinked) + if !x.IsDir(d) { + // Programmer/assumption error. + log.Fatalf("first part of '%s' not a directory", deLinked) + } + if d == deLinked { + // Programmer/assumption error. + log.Fatalf("d '%s' should be a subset of deLinked", d) + } + f := filepath.Base(deLinked) + if filepath.Join(d, f) != deLinked { + // Programmer/assumption error. + log.Fatalf("these should be equal: '%s', '%s'", + filepath.Join(d, f), deLinked) + } + return ConfirmedDir(d), f, nil +} + +// Exists returns true if os.Stat succeeds. +func (realFS) Exists(name string) bool { + _, err := os.Stat(name) + return err == nil +} + +// Glob returns the list of matching files +func (realFS) Glob(pattern string) ([]string, error) { + return filepath.Glob(pattern) +} + +// IsDir delegates to os.Stat and FileInfo.IsDir +func (realFS) IsDir(name string) bool { + info, err := os.Stat(name) + if err != nil { + return false + } + return info.IsDir() +} + +// ReadFile delegates to ioutil.ReadFile. +func (realFS) ReadFile(name string) ([]byte, error) { return ioutil.ReadFile(name) } + +// WriteFile delegates to ioutil.WriteFile with read/write permissions. +func (realFS) WriteFile(name string, c []byte) error { + return ioutil.WriteFile(name, c, 0666) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/git/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/git/BUILD new file mode 100644 index 00000000000..0bc08505792 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/git/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "cloner.go", + "repospec.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/git", + importpath = "sigs.k8s.io/kustomize/pkg/git", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/pkg/errors:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/git/cloner.go b/vendor/sigs.k8s.io/kustomize/pkg/git/cloner.go new file mode 100644 index 00000000000..465fdb1d135 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/git/cloner.go @@ -0,0 +1,75 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package git + +import ( + "bytes" + "os/exec" + + "github.com/pkg/errors" + "sigs.k8s.io/kustomize/pkg/fs" +) + +// Cloner is a function that can clone a git repo. +type Cloner func(repoSpec *RepoSpec) error + +// ClonerUsingGitExec uses a local git install, as opposed +// to say, some remote API, to obtain a local clone of +// a remote repo. +func ClonerUsingGitExec(repoSpec *RepoSpec) error { + gitProgram, err := exec.LookPath("git") + if err != nil { + return errors.Wrap(err, "no 'git' program on path") + } + repoSpec.cloneDir, err = fs.NewTmpConfirmedDir() + if err != nil { + return err + } + cmd := exec.Command( + gitProgram, + "clone", + repoSpec.CloneSpec(), + repoSpec.cloneDir.String()) + var out bytes.Buffer + cmd.Stdout = &out + err = cmd.Run() + if err != nil { + return errors.Wrapf(err, "trouble cloning %s", repoSpec.raw) + } + if repoSpec.ref == "" { + return nil + } + cmd = exec.Command(gitProgram, "checkout", repoSpec.ref) + cmd.Dir = repoSpec.cloneDir.String() + err = cmd.Run() + if err != nil { + return errors.Wrapf( + err, "trouble checking out href %s", repoSpec.ref) + } + return nil +} + +// DoNothingCloner returns a cloner that only sets +// cloneDir field in the repoSpec. It's assumed that +// the cloneDir is associated with some fake filesystem +// used in a test. +func DoNothingCloner(dir fs.ConfirmedDir) Cloner { + return func(rs *RepoSpec) error { + rs.cloneDir = dir + return nil + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/git/repospec.go b/vendor/sigs.k8s.io/kustomize/pkg/git/repospec.go new file mode 100644 index 00000000000..db8b1b908a4 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/git/repospec.go @@ -0,0 +1,207 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package git + +import ( + "fmt" + "path/filepath" + "strings" + + "sigs.k8s.io/kustomize/pkg/fs" +) + +// RepoSpec specifies a git repository and a branch and path therein. +type RepoSpec struct { + // Raw, original spec, used to look for cycles. + // TODO(monopole): Drop raw, use processed fields instead. + raw string + + // Host, e.g. github.com + host string + + // orgRepo name (organization/repoName), + // e.g. kubernetes-sigs/kustomize + orgRepo string + + // ConfirmedDir where the orgRepo is cloned to. + cloneDir fs.ConfirmedDir + + // Relative path in the repository, and in the cloneDir, + // to a Kustomization. + path string + + // Branch or tag reference. + ref string +} + +// CloneSpec returns a string suitable for "git clone {spec}". +func (x *RepoSpec) CloneSpec() string { + if isAzureHost(x.host) || isAWSHost(x.host) { + return x.host + x.orgRepo + } + return x.host + x.orgRepo + gitSuffix +} + +func (x *RepoSpec) CloneDir() fs.ConfirmedDir { + return x.cloneDir +} + +func (x *RepoSpec) Raw() string { + return x.raw +} + +func (x *RepoSpec) AbsPath() string { + return x.cloneDir.Join(x.path) +} + +func (x *RepoSpec) Cleaner(fSys fs.FileSystem) func() error { + return func() error { return fSys.RemoveAll(x.cloneDir.String()) } +} + +// From strings like git@github.com:someOrg/someRepo.git or +// https://github.com/someOrg/someRepo?ref=someHash, extract +// the parts. +func NewRepoSpecFromUrl(n string) (*RepoSpec, error) { + if filepath.IsAbs(n) { + return nil, fmt.Errorf("uri looks like abs path: %s", n) + } + host, orgRepo, path, gitRef := parseGithubUrl(n) + if orgRepo == "" { + return nil, fmt.Errorf("url lacks orgRepo: %s", n) + } + if host == "" { + return nil, fmt.Errorf("url lacks host: %s", n) + } + return &RepoSpec{ + raw: n, host: host, orgRepo: orgRepo, + path: path, ref: gitRef}, nil +} + +const ( + refQuery = "?ref=" + gitSuffix = ".git" +) + +// From strings like git@github.com:someOrg/someRepo.git or +// https://github.com/someOrg/someRepo?ref=someHash, extract +// the parts. +func parseGithubUrl(n string) ( + host string, orgRepo string, path string, gitRef string) { + host, n = parseHostSpec(n) + + if strings.Contains(n, gitSuffix) { + index := strings.Index(n, gitSuffix) + orgRepo = n[0:index] + n = n[index+len(gitSuffix):] + path, gitRef = peelQuery(n) + return + } + + i := strings.Index(n, "/") + if i < 1 { + return "", "", "", "" + } + j := strings.Index(n[i+1:], "/") + if j >= 0 { + j += i + 1 + orgRepo = n[:j] + path, gitRef = peelQuery(n[j+1:]) + } else { + path = "" + orgRepo, gitRef = peelQuery(n) + } + return +} + +func peelQuery(arg string) (string, string) { + j := strings.Index(arg, refQuery) + if j >= 0 { + return arg[:j], arg[j+len(refQuery):] + } + return arg, "" +} + +func parseHostSpec(n string) (string, string) { + var host string + // Start accumulating the host part. + for _, p := range []string{ + // Order matters here. + "git::", "gh:", "ssh://", "https://", "http://", + "git@", "github.com:", "github.com/"} { + if len(p) < len(n) && strings.ToLower(n[:len(p)]) == p { + n = n[len(p):] + host += p + } + } + if host == "git@" { + i := strings.Index(n, "/") + if i > -1 { + host += n[:i+1] + n = n[i+1:] + } else { + i = strings.Index(n, ":") + if i > -1 { + host += n[:i+1] + n = n[i+1:] + } + } + return host, n + } + + // If host is a http(s) or ssh URL, grab the domain part. + for _, p := range []string{ + "ssh://", "https://", "http://"} { + if strings.HasSuffix(host, p) { + i := strings.Index(n, "/") + if i > -1 { + host = host + n[0:i+1] + n = n[i+1:] + } + break + } + } + + return normalizeGitHostSpec(host), n +} + +func normalizeGitHostSpec(host string) string { + s := strings.ToLower(host) + if strings.Contains(s, "github.com") { + if strings.Contains(s, "git@") || strings.Contains(s, "ssh:") { + host = "git@github.com:" + } else { + host = "https://github.com/" + } + } + if strings.HasPrefix(s, "git::") { + host = strings.TrimLeft(s, "git::") + } + return host +} + +// The format of Azure repo URL is documented +// https://docs.microsoft.com/en-us/azure/devops/repos/git/clone?view=vsts&tabs=visual-studio#clone_url +func isAzureHost(host string) bool { + return strings.Contains(host, "dev.azure.com") || + strings.Contains(host, "visualstudio.com") +} + +// The format of AWS repo URL is documented +// https://docs.aws.amazon.com/codecommit/latest/userguide/regions.html +func isAWSHost(host string) bool { + return strings.Contains(host, "amazonaws.com") +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/gvk/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/gvk/BUILD new file mode 100644 index 00000000000..abc3b10ab15 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/gvk/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["gvk.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/gvk", + importpath = "sigs.k8s.io/kustomize/pkg/gvk", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/gvk/gvk.go b/vendor/sigs.k8s.io/kustomize/pkg/gvk/gvk.go new file mode 100644 index 00000000000..00e44f7eaad --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/gvk/gvk.go @@ -0,0 +1,178 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package gvk + +import ( + "strings" +) + +// Gvk identifies a Kubernetes API type. +// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md +type Gvk struct { + Group string `json:"group,omitempty" yaml:"group,omitempty"` + Version string `json:"version,omitempty" yaml:"version,omitempty"` + Kind string `json:"kind,omitempty" yaml:"kind,omitempty"` +} + +// FromKind makes a Gvk with only the kind specified. +func FromKind(k string) Gvk { + return Gvk{ + Kind: k, + } +} + +// Values that are brief but meaningful in logs. +const ( + noGroup = "~G" + noVersion = "~V" + noKind = "~K" + separator = "_" +) + +// String returns a string representation of the GVK. +func (x Gvk) String() string { + g := x.Group + if g == "" { + g = noGroup + } + v := x.Version + if v == "" { + v = noVersion + } + k := x.Kind + if k == "" { + k = noKind + } + return strings.Join([]string{g, v, k}, separator) +} + +// Equals returns true if the Gvk's have equal fields. +func (x Gvk) Equals(o Gvk) bool { + return x.Group == o.Group && x.Version == o.Version && x.Kind == o.Kind +} + +// An attempt to order things to help k8s, e.g. +// a Service should come before things that refer to it. +// Namespace should be first. +// In some cases order just specified to provide determinism. +var order = []string{ + "Namespace", + "StorageClass", + "CustomResourceDefinition", + "ServiceAccount", + "Role", + "ClusterRole", + "RoleBinding", + "ClusterRoleBinding", + "ConfigMap", + "Secret", + "Service", + "Deployment", + "StatefulSet", + "CronJob", + "PodDisruptionBudget", +} +var typeOrders = func() map[string]int { + m := map[string]int{} + for i, n := range order { + m[n] = i + } + return m +}() + +// IsLessThan returns true if self is less than the argument. +func (x Gvk) IsLessThan(o Gvk) bool { + indexI, foundI := typeOrders[x.Kind] + indexJ, foundJ := typeOrders[o.Kind] + if foundI && foundJ { + if indexI != indexJ { + return indexI < indexJ + } + } + if foundI && !foundJ { + return true + } + if !foundI && foundJ { + return false + } + return x.String() < o.String() +} + +// IsSelected returns true if `selector` selects `x`; otherwise, false. +// If `selector` and `x` are the same, return true. +// If `selector` is nil, it is considered a wildcard match, returning true. +// If selector fields are empty, they are considered wildcards matching +// anything in the corresponding fields, e.g. +// +// this item: +// +// +// is selected by +// +// +// but rejected by +// +// +func (x Gvk) IsSelected(selector *Gvk) bool { + if selector == nil { + return true + } + if len(selector.Group) > 0 { + if x.Group != selector.Group { + return false + } + } + if len(selector.Version) > 0 { + if x.Version != selector.Version { + return false + } + } + if len(selector.Kind) > 0 { + if x.Kind != selector.Kind { + return false + } + } + return true +} + +var clusterLevelKinds = []string{ + "APIService", + "ClusterRoleBinding", + "ClusterRole", + "CustomResourceDefinition", + "Namespace", + "PersistentVolume", +} + +// IsClusterKind returns true if x is a cluster-level Gvk +func (x Gvk) IsClusterKind() bool { + for _, k := range clusterLevelKinds { + if k == x.Kind { + return true + } + } + return false +} + +// ClusterLevelGvks returns a slice of cluster-level Gvks +func ClusterLevelGvks() []Gvk { + var result []Gvk + for _, k := range clusterLevelKinds { + result = append(result, Gvk{Kind: k}) + } + return result +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/ifc/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/ifc/BUILD new file mode 100644 index 00000000000..6bca6dcbccf --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/ifc/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["ifc.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/ifc", + importpath = "sigs.k8s.io/kustomize/pkg/ifc", + visibility = ["//visibility:public"], + deps = [ + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/ifc/ifc.go b/vendor/sigs.k8s.io/kustomize/pkg/ifc/ifc.go new file mode 100644 index 00000000000..e6267cae25f --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/ifc/ifc.go @@ -0,0 +1,73 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package ifc holds miscellaneous interfaces used by kustomize. +package ifc + +import ( + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/types" +) + +// Validator provides functions to validate annotations and labels +type Validator interface { + MakeAnnotationValidator() func(map[string]string) error + MakeLabelValidator() func(map[string]string) error + ValidateNamespace(string) []string +} + +// Loader interface exposes methods to read bytes. +type Loader interface { + // Root returns the root location for this Loader. + Root() string + // New returns Loader located at newRoot. + New(newRoot string) (Loader, error) + // Load returns the bytes read from the location or an error. + Load(location string) ([]byte, error) + // Cleanup cleans the loader + Cleanup() error +} + +// Kunstructured allows manipulation of k8s objects +// that do not have Golang structs. +type Kunstructured interface { + Map() map[string]interface{} + SetMap(map[string]interface{}) + Copy() Kunstructured + GetFieldValue(string) (string, error) + MarshalJSON() ([]byte, error) + UnmarshalJSON([]byte) error + GetGvk() gvk.Gvk + GetKind() string + GetName() string + SetName(string) + GetLabels() map[string]string + SetLabels(map[string]string) + GetAnnotations() map[string]string + SetAnnotations(map[string]string) +} + +// KunstructuredFactory makes instances of Kunstructured. +type KunstructuredFactory interface { + SliceFromBytes([]byte) ([]Kunstructured, error) + FromMap(m map[string]interface{}) Kunstructured + MakeConfigMap(args *types.ConfigMapArgs, options *types.GeneratorOptions) (Kunstructured, error) + MakeSecret(args *types.SecretArgs, options *types.GeneratorOptions) (Kunstructured, error) + Set(ldr Loader) +} + +// See core.v1.SecretTypeOpaque +const SecretTypeOpaque = "Opaque" diff --git a/vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer/BUILD new file mode 100644 index 00000000000..624dc8925f6 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer/BUILD @@ -0,0 +1,27 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["factory.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer", + importpath = "sigs.k8s.io/kustomize/pkg/ifc/transformer", + visibility = ["//visibility:public"], + deps = [ + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer/factory.go b/vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer/factory.go new file mode 100644 index 00000000000..0a74c280930 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer/factory.go @@ -0,0 +1,29 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package patch holds miscellaneous interfaces used by kustomize. +package transformer + +import ( + "sigs.k8s.io/kustomize/pkg/resource" + "sigs.k8s.io/kustomize/pkg/transformers" +) + +// Factory makes transformers +type Factory interface { + MakePatchTransformer(slice []*resource.Resource, rf *resource.Factory) (transformers.Transformer, error) + MakeHashTransformer() transformers.Transformer +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/image/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/image/BUILD new file mode 100644 index 00000000000..07207fa49c7 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/image/BUILD @@ -0,0 +1,26 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "deprecatedimage.go", + "image.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/image", + importpath = "sigs.k8s.io/kustomize/pkg/image", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/image/deprecatedimage.go b/vendor/sigs.k8s.io/kustomize/pkg/image/deprecatedimage.go new file mode 100644 index 00000000000..65db4051b36 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/image/deprecatedimage.go @@ -0,0 +1,32 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package image + +// DeprecatedImage contains an image and a new tag, +// which will replace the original tag. +// Deprecated, instead use Image. +type DeprecatedImage struct { + // Name is a tag-less image name. + Name string `json:"name,omitempty" yaml:"name,omitempty"` + + // NewTag is the value to use in replacing the original tag. + NewTag string `json:"newTag,omitempty" yaml:"newTag,omitempty"` + + // Digest is the value used to replace the original image tag. + // If digest is present NewTag value is ignored. + Digest string `json:"digest,omitempty" yaml:"digest,omitempty"` +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/image/image.go b/vendor/sigs.k8s.io/kustomize/pkg/image/image.go new file mode 100644 index 00000000000..dbe3b8b1753 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/image/image.go @@ -0,0 +1,36 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package image provides struct definitions and libraries +// for image overwriting of names, tags and digest. +package image + +// Image contains an image name, a new name, a new tag or digest, +// which will replace the original name and tag. +type Image struct { + // Name is a tag-less image name. + Name string `json:"name,omitempty" yaml:"name,omitempty"` + + // NewName is the value used to replace the original name. + NewName string `json:"newName,omitempty" yaml:"newName,omitempty"` + + // NewTag is the value used to replace the original tag. + NewTag string `json:"newTag,omitempty" yaml:"newTag,omitempty"` + + // Digest is the value used to replace the original image tag. + // If digest is present NewTag value is ignored. + Digest string `json:"digest,omitempty" yaml:"digest,omitempty"` +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/internal/error/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/BUILD new file mode 100644 index 00000000000..f46e6424f6f --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "configmaperror.go", + "kustomizationerror.go", + "patcherror.go", + "resourceerror.go", + "secreterror.go", + "yamlformaterror.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/internal/error", + importpath = "sigs.k8s.io/kustomize/pkg/internal/error", + visibility = ["//vendor/sigs.k8s.io/kustomize/pkg:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/internal/error/configmaperror.go b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/configmaperror.go new file mode 100644 index 00000000000..1d60d78a231 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/configmaperror.go @@ -0,0 +1,30 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package error has contextual error types. +package error + +import "fmt" + +// ConfigmapError represents error with a configmap. +type ConfigmapError struct { + Path string + ErrorMsg string +} + +func (e ConfigmapError) Error() string { + return fmt.Sprintf("Kustomization file [%s] encounters a configmap error: %s\n", e.Path, e.ErrorMsg) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/internal/error/kustomizationerror.go b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/kustomizationerror.go new file mode 100644 index 00000000000..0d53ca9b89e --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/kustomizationerror.go @@ -0,0 +1,61 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package error + +import ( + "fmt" +) + +// KustomizationError represents an error with a kustomization. +type KustomizationError struct { + KustomizationPath string + ErrorMsg string +} + +func (ke KustomizationError) Error() string { + return fmt.Sprintf("Kustomization File [%s]: %s\n", ke.KustomizationPath, ke.ErrorMsg) +} + +// KustomizationErrors collects all errors. +type KustomizationErrors struct { + kErrors []error +} + +func (ke *KustomizationErrors) Error() string { + errormsg := "" + for _, e := range ke.kErrors { + errormsg += e.Error() + "\n" + } + return errormsg +} + +// Append adds error to a collection of errors. +func (ke *KustomizationErrors) Append(e error) { + ke.kErrors = append(ke.kErrors, e) +} + +// Get returns all collected errors. +func (ke *KustomizationErrors) Get() []error { + return ke.kErrors +} + +// BatchAppend adds all errors from another KustomizationErrors +func (ke *KustomizationErrors) BatchAppend(e KustomizationErrors) { + for _, err := range e.Get() { + ke.kErrors = append(ke.kErrors, err) + } +} diff --git a/pkg/kubelet/stats/cri_stats_provider_unsupported.go b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/patcherror.go similarity index 62% rename from pkg/kubelet/stats/cri_stats_provider_unsupported.go rename to vendor/sigs.k8s.io/kustomize/pkg/internal/error/patcherror.go index be08a241ab9..60c9f80e5b5 100644 --- a/pkg/kubelet/stats/cri_stats_provider_unsupported.go +++ b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/patcherror.go @@ -1,5 +1,3 @@ -// +build !windows - /* Copyright 2018 The Kubernetes Authors. @@ -16,14 +14,19 @@ See the License for the specific language governing permissions and limitations under the License. */ -package stats +package error import ( - statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1" + "fmt" ) -// listContainerNetworkStats returns the network stats of all the running containers. -func (p *criStatsProvider) listContainerNetworkStats() (map[string]*statsapi.NetworkStats, error) { - // Always return nil for unsupported platforms. - return nil, nil +// PatchError represents error during Patch. +type PatchError struct { + KustomizationPath string + PatchFilepath string + ErrorMsg string +} + +func (e PatchError) Error() string { + return fmt.Sprintf("Kustomization file [%s] encounters a patch error for [%s]: %s\n", e.KustomizationPath, e.PatchFilepath, e.ErrorMsg) } diff --git a/vendor/sigs.k8s.io/kustomize/pkg/internal/error/resourceerror.go b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/resourceerror.go new file mode 100644 index 00000000000..ef3566dd1f7 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/resourceerror.go @@ -0,0 +1,30 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package error + +import "fmt" + +// ResourceError represents error in a resource. +type ResourceError struct { + KustomizationPath string + ResourceFilepath string + ErrorMsg string +} + +func (e ResourceError) Error() string { + return fmt.Sprintf("Kustomization file [%s] encounters a resource error for [%s]: %s\n", e.KustomizationPath, e.ResourceFilepath, e.ErrorMsg) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/internal/error/secreterror.go b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/secreterror.go new file mode 100644 index 00000000000..cd72759ce6c --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/secreterror.go @@ -0,0 +1,30 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package error + +import "fmt" + +// SecretError represents error with a secret. +type SecretError struct { + KustomizationPath string + // ErrorMsg is an error message + ErrorMsg string +} + +func (e SecretError) Error() string { + return fmt.Sprintf("Kustomization file [%s] encounters a secret error: %s\n", e.KustomizationPath, e.ErrorMsg) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/internal/error/yamlformaterror.go b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/yamlformaterror.go new file mode 100644 index 00000000000..4c27d30d717 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/internal/error/yamlformaterror.go @@ -0,0 +1,48 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package error has contextual error types. +package error + +import ( + "fmt" + "strings" +) + +// YamlFormatError represents error with yaml file name where json/yaml format error happens. +type YamlFormatError struct { + Path string + ErrorMsg string +} + +func (e YamlFormatError) Error() string { + return fmt.Sprintf("YAML file [%s] encounters a format error.\n%s\n", e.Path, e.ErrorMsg) +} + +// Handler handles YamlFormatError +func Handler(e error, path string) error { + if isYAMLSyntaxError(e) { + return YamlFormatError{ + Path: path, + ErrorMsg: e.Error(), + } + } + return e +} + +func isYAMLSyntaxError(e error) bool { + return strings.Contains(e.Error(), "error converting YAML to JSON") || strings.Contains(e.Error(), "error unmarshaling JSON") +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/loader/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/loader/BUILD new file mode 100644 index 00000000000..2bf269f62fd --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/loader/BUILD @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "fileloader.go", + "loader.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/loader", + importpath = "sigs.k8s.io/kustomize/pkg/loader", + visibility = ["//visibility:public"], + deps = [ + "//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/git:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/loader/fileloader.go b/vendor/sigs.k8s.io/kustomize/pkg/loader/fileloader.go new file mode 100644 index 00000000000..4fa5dca67cd --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/loader/fileloader.go @@ -0,0 +1,312 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package loader + +import ( + "fmt" + "log" + "path/filepath" + "strings" + + "sigs.k8s.io/kustomize/pkg/fs" + "sigs.k8s.io/kustomize/pkg/git" + "sigs.k8s.io/kustomize/pkg/ifc" +) + +// fileLoader is a kustomization's interface to files. +// +// The directory in which a kustomization file sits +// is referred to below as the kustomization's root. +// +// An instance of fileLoader has an immutable root, +// and offers a `New` method returning a new loader +// with a new root. +// +// A kustomization file refers to two kinds of files: +// +// * supplemental data paths +// +// `Load` is used to visit these paths. +// +// They must terminate in or below the root. +// +// They hold things like resources, patches, +// data for ConfigMaps, etc. +// +// * bases; other kustomizations +// +// `New` is used to load bases. +// +// A base can be either a remote git repo URL, or +// a directory specified relative to the current +// root. In the former case, the repo is locally +// cloned, and the new loader is rooted on a path +// in that clone. +// +// As loaders create new loaders, a root history +// is established, and used to disallow: +// +// - A base that is a repository that, in turn, +// specifies a base repository seen previously +// in the loading stack (a cycle). +// +// - An overlay depending on a base positioned at +// or above it. I.e. '../foo' is OK, but '.', +// '..', '../..', etc. are disallowed. Allowing +// such a base has no advantages and encourages +// cycles, particularly if some future change +// were to introduce globbing to file +// specifications in the kustomization file. +// +// These restrictions assure that kustomizations +// are self-contained and relocatable, and impose +// some safety when relying on remote kustomizations, +// e.g. a ConfigMap generator specified to read +// from /etc/passwd will fail. +// +type fileLoader struct { + // Loader that spawned this loader. + // Used to avoid cycles. + referrer *fileLoader + // An absolute, cleaned path to a directory. + // The Load function reads from this directory, + // or directories below it. + root fs.ConfirmedDir + // If this is non-nil, the files were + // obtained from the given repository. + repoSpec *git.RepoSpec + // File system utilities. + fSys fs.FileSystem + // Used to clone repositories. + cloner git.Cloner + // Used to clean up, as needed. + cleaner func() error +} + +// NewFileLoaderAtCwd returns a loader that loads from ".". +func NewFileLoaderAtCwd(fSys fs.FileSystem) *fileLoader { + return newLoaderOrDie(fSys, ".") +} + +// NewFileLoaderAtRoot returns a loader that loads from "/". +func NewFileLoaderAtRoot(fSys fs.FileSystem) *fileLoader { + return newLoaderOrDie(fSys, string(filepath.Separator)) +} + +// Root returns the absolute path that is prepended to any +// relative paths used in Load. +func (l *fileLoader) Root() string { + return l.root.String() +} + +func newLoaderOrDie(fSys fs.FileSystem, path string) *fileLoader { + root, err := demandDirectoryRoot(fSys, path) + if err != nil { + log.Fatalf("unable to make loader at '%s'; %v", path, err) + } + return newLoaderAtConfirmedDir( + root, fSys, nil, git.ClonerUsingGitExec) +} + +// newLoaderAtConfirmedDir returns a new fileLoader with given root. +func newLoaderAtConfirmedDir( + root fs.ConfirmedDir, fSys fs.FileSystem, + referrer *fileLoader, cloner git.Cloner) *fileLoader { + return &fileLoader{ + root: root, + referrer: referrer, + fSys: fSys, + cloner: cloner, + cleaner: func() error { return nil }, + } +} + +// Assure that the given path is in fact a directory. +func demandDirectoryRoot( + fSys fs.FileSystem, path string) (fs.ConfirmedDir, error) { + if path == "" { + return "", fmt.Errorf( + "loader root cannot be empty") + } + d, f, err := fSys.CleanedAbs(path) + if err != nil { + return "", fmt.Errorf( + "absolute path error in '%s' : %v", path, err) + } + if f != "" { + return "", fmt.Errorf( + "got file '%s', but '%s' must be a directory to be a root", + f, path) + } + return d, nil +} + +// New returns a new Loader, rooted relative to current loader, +// or rooted in a temp directory holding a git repo clone. +func (l *fileLoader) New(path string) (ifc.Loader, error) { + if path == "" { + return nil, fmt.Errorf("new root cannot be empty") + } + repoSpec, err := git.NewRepoSpecFromUrl(path) + if err == nil { + // Treat this as git repo clone request. + if err := l.errIfRepoCycle(repoSpec); err != nil { + return nil, err + } + return newLoaderAtGitClone(repoSpec, l.fSys, l.referrer, l.cloner) + } + if filepath.IsAbs(path) { + return nil, fmt.Errorf("new root '%s' cannot be absolute", path) + } + root, err := demandDirectoryRoot(l.fSys, l.root.Join(path)) + if err != nil { + return nil, err + } + if err := l.errIfGitContainmentViolation(root); err != nil { + return nil, err + } + if err := l.errIfArgEqualOrHigher(root); err != nil { + return nil, err + } + return newLoaderAtConfirmedDir( + root, l.fSys, l, l.cloner), nil +} + +// newLoaderAtGitClone returns a new Loader pinned to a temporary +// directory holding a cloned git repo. +func newLoaderAtGitClone( + repoSpec *git.RepoSpec, fSys fs.FileSystem, + referrer *fileLoader, cloner git.Cloner) (ifc.Loader, error) { + err := cloner(repoSpec) + if err != nil { + return nil, err + } + root, f, err := fSys.CleanedAbs(repoSpec.AbsPath()) + if err != nil { + return nil, err + } + // We don't know that the path requested in repoSpec + // is a directory until we actually clone it and look + // inside. That just happened, hence the error check + // is here. + if f != "" { + return nil, fmt.Errorf( + "'%s' refers to file '%s'; expecting directory", + repoSpec.AbsPath(), f) + } + return &fileLoader{ + root: root, + referrer: referrer, + repoSpec: repoSpec, + fSys: fSys, + cloner: cloner, + cleaner: repoSpec.Cleaner(fSys), + }, nil +} + +func (l *fileLoader) errIfGitContainmentViolation( + base fs.ConfirmedDir) error { + containingRepo := l.containingRepo() + if containingRepo == nil { + return nil + } + if !base.HasPrefix(containingRepo.CloneDir()) { + return fmt.Errorf( + "security; bases in kustomizations found in "+ + "cloned git repos must be within the repo, "+ + "but base '%s' is outside '%s'", + base, containingRepo.CloneDir()) + } + return nil +} + +// Looks back through referrers for a git repo, returning nil +// if none found. +func (l *fileLoader) containingRepo() *git.RepoSpec { + if l.repoSpec != nil { + return l.repoSpec + } + if l.referrer == nil { + return nil + } + return l.referrer.containingRepo() +} + +// errIfArgEqualOrHigher tests whether the argument, +// is equal to or above the root of any ancestor. +func (l *fileLoader) errIfArgEqualOrHigher( + candidateRoot fs.ConfirmedDir) error { + if l.root.HasPrefix(candidateRoot) { + return fmt.Errorf( + "cycle detected: candidate root '%s' contains visited root '%s'", + candidateRoot, l.root) + } + if l.referrer == nil { + return nil + } + return l.referrer.errIfArgEqualOrHigher(candidateRoot) +} + +// TODO(monopole): Distinguish branches? +// I.e. Allow a distinction between git URI with +// path foo and tag bar and a git URI with the same +// path but a different tag? +func (l *fileLoader) errIfRepoCycle(newRepoSpec *git.RepoSpec) error { + // TODO(monopole): Use parsed data instead of Raw(). + if l.repoSpec != nil && + strings.HasPrefix(l.repoSpec.Raw(), newRepoSpec.Raw()) { + return fmt.Errorf( + "cycle detected: URI '%s' referenced by previous URI '%s'", + newRepoSpec.Raw(), l.repoSpec.Raw()) + } + if l.referrer == nil { + return nil + } + return l.referrer.errIfRepoCycle(newRepoSpec) +} + +// Load returns content of file at the given relative path, +// else an error. The path must refer to a file in or +// below the current root. +func (l *fileLoader) Load(path string) ([]byte, error) { + if filepath.IsAbs(path) { + return nil, l.loadOutOfBounds(path) + } + d, f, err := l.fSys.CleanedAbs(l.root.Join(path)) + if err != nil { + return nil, err + } + if f == "" { + return nil, fmt.Errorf( + "'%s' must be a file (got d='%s')", path, d) + } + if !d.HasPrefix(l.root) { + return nil, l.loadOutOfBounds(path) + } + return l.fSys.ReadFile(d.Join(f)) +} + +func (l *fileLoader) loadOutOfBounds(path string) error { + return fmt.Errorf( + "security; file '%s' is not in or below '%s'", + path, l.root) +} + +// Cleanup runs the cleaner. +func (l *fileLoader) Cleanup() error { + return l.cleaner() +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/loader/loader.go b/vendor/sigs.k8s.io/kustomize/pkg/loader/loader.go new file mode 100644 index 00000000000..53de6553a74 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/loader/loader.go @@ -0,0 +1,39 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package loader has a data loading interface and various implementations. +package loader + +import ( + "sigs.k8s.io/kustomize/pkg/fs" + "sigs.k8s.io/kustomize/pkg/git" + "sigs.k8s.io/kustomize/pkg/ifc" +) + +// NewLoader returns a Loader. +func NewLoader(path string, fSys fs.FileSystem) (ifc.Loader, error) { + repoSpec, err := git.NewRepoSpecFromUrl(path) + if err == nil { + return newLoaderAtGitClone( + repoSpec, fSys, nil, git.ClonerUsingGitExec) + } + root, err := demandDirectoryRoot(fSys, path) + if err != nil { + return nil, err + } + return newLoaderAtConfirmedDir( + root, fSys, nil, git.ClonerUsingGitExec), nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/patch/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/patch/BUILD new file mode 100644 index 00000000000..d0e41faf46c --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/patch/BUILD @@ -0,0 +1,30 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "json6902.go", + "strategicmerge.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/patch", + importpath = "sigs.k8s.io/kustomize/pkg/patch", + visibility = ["//visibility:public"], + deps = ["//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/patch/transformer:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/patch/json6902.go b/vendor/sigs.k8s.io/kustomize/pkg/patch/json6902.go new file mode 100644 index 00000000000..9ddb1faa101 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/patch/json6902.go @@ -0,0 +1,40 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package patch + +import "sigs.k8s.io/kustomize/pkg/gvk" + +// Json6902 represents a json patch for an object +// with format documented https://tools.ietf.org/html/rfc6902. +type Json6902 struct { + // Target refers to a Kubernetes object that the json patch will be + // applied to. It must refer to a Kubernetes resource under the + // purview of this kustomization. Target should use the + // raw name of the object (the name specified in its YAML, + // before addition of a namePrefix and a nameSuffix). + Target *Target `json:"target" yaml:"target"` + + // relative file path for a json patch file inside a kustomization + Path string `json:"path,omitempty" yaml:"path,omitempty"` +} + +// Target represents the kubernetes object that the patch is applied to +type Target struct { + gvk.Gvk `json:",inline,omitempty" yaml:",inline,omitempty"` + Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` + Name string `json:"name" yaml:"name"` +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/patch/strategicmerge.go b/vendor/sigs.k8s.io/kustomize/pkg/patch/strategicmerge.go new file mode 100644 index 00000000000..596cc346de1 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/patch/strategicmerge.go @@ -0,0 +1,40 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package patch + +// StrategicMerge represents a relative path to a +// stategic merge patch with the format +// https://github.com/kubernetes/community/blob/master/contributors/devel/strategic-merge-patch.md +type StrategicMerge string + +// Append appends a slice of patch paths to a StrategicMerge slice +func Append(patches []StrategicMerge, paths ...string) []StrategicMerge { + for _, p := range paths { + patches = append(patches, StrategicMerge(p)) + } + return patches +} + +// Exist determines if a patch path exists in a slice of StrategicMerge +func Exist(patches []StrategicMerge, path string) bool { + for _, p := range patches { + if p == StrategicMerge(path) { + return true + } + } + return false +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/BUILD new file mode 100644 index 00000000000..757567bfa2a --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/BUILD @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "factory.go", + "patchjson6902json.go", + "util.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer", + importpath = "sigs.k8s.io/kustomize/pkg/patch/transformer", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/evanphx/json-patch:go_default_library", + "//vendor/github.com/ghodss/yaml:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/patch:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resid:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/factory.go b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/factory.go new file mode 100644 index 00000000000..b7eb2583911 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/factory.go @@ -0,0 +1,97 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformer + +import ( + "fmt" + "sigs.k8s.io/kustomize/pkg/ifc" + "sigs.k8s.io/kustomize/pkg/resid" + + "github.com/evanphx/json-patch" + "github.com/ghodss/yaml" + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/patch" + "sigs.k8s.io/kustomize/pkg/transformers" +) + +// PatchJson6902Factory makes Json6902 transformers +type PatchJson6902Factory struct { + loader ifc.Loader +} + +// NewPatchJson6902Factory returns a new PatchJson6902Factory. +func NewPatchJson6902Factory(l ifc.Loader) PatchJson6902Factory { + return PatchJson6902Factory{loader: l} +} + +// MakePatchJson6902Transformer returns a transformer for applying Json6902 patch +func (f PatchJson6902Factory) MakePatchJson6902Transformer(patches []patch.Json6902) (transformers.Transformer, error) { + var ts []transformers.Transformer + for _, p := range patches { + t, err := f.makeOnePatchJson6902Transformer(p) + if err != nil { + return nil, err + } + if t != nil { + ts = append(ts, t) + } + } + return transformers.NewMultiTransformerWithConflictCheck(ts), nil +} + +func (f PatchJson6902Factory) makeOnePatchJson6902Transformer(p patch.Json6902) (transformers.Transformer, error) { + if p.Target == nil { + return nil, fmt.Errorf("must specify the target field in patchesJson6902") + } + if p.Path == "" { + return nil, fmt.Errorf("must specify the path for a json patch file") + } + + targetId := resid.NewResIdWithPrefixNamespace( + gvk.Gvk{ + Group: p.Target.Group, + Version: p.Target.Version, + Kind: p.Target.Kind, + }, + p.Target.Name, + "", + p.Target.Namespace, + ) + + rawOp, err := f.loader.Load(p.Path) + if err != nil { + return nil, err + } + + if !isJsonFormat(rawOp) { + // if it isn't JSON, try to parse it as YAML + rawOp, err = yaml.YAMLToJSON(rawOp) + if err != nil { + return nil, err + } + } + + decodedPatch, err := jsonpatch.DecodePatch(rawOp) + if err != nil { + return nil, err + } + return newPatchJson6902JSONTransformer(targetId, decodedPatch) +} + +func isJsonFormat(data []byte) bool { + return data[0] == '[' +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/patchjson6902json.go b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/patchjson6902json.go new file mode 100644 index 00000000000..6737b959c79 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/patchjson6902json.go @@ -0,0 +1,61 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformer + +import ( + "github.com/evanphx/json-patch" + "sigs.k8s.io/kustomize/pkg/resid" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers" +) + +// patchJson6902JSONTransformer applies patches. +type patchJson6902JSONTransformer struct { + target resid.ResId + patch jsonpatch.Patch +} + +var _ transformers.Transformer = &patchJson6902JSONTransformer{} + +// newPatchJson6902JSONTransformer constructs a PatchJson6902 transformer. +func newPatchJson6902JSONTransformer(t resid.ResId, p jsonpatch.Patch) (transformers.Transformer, error) { + if len(p) == 0 { + return transformers.NewNoOpTransformer(), nil + } + return &patchJson6902JSONTransformer{target: t, patch: p}, nil +} + +// Transform apply the json patches on top of the base resources. +func (t *patchJson6902JSONTransformer) Transform(baseResourceMap resmap.ResMap) error { + obj, err := findTargetObj(baseResourceMap, t.target) + if obj == nil { + return err + } + rawObj, err := obj.MarshalJSON() + if err != nil { + return err + } + modifiedObj, err := t.patch.Apply(rawObj) + if err != nil { + return err + } + err = obj.UnmarshalJSON(modifiedObj) + if err != nil { + return err + } + return nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/util.go b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/util.go new file mode 100644 index 00000000000..aaed1e1cc62 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/patch/transformer/util.go @@ -0,0 +1,46 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformer + +import ( + "fmt" + + "sigs.k8s.io/kustomize/pkg/resid" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/resource" +) + +func findTargetObj(m resmap.ResMap, targetId resid.ResId) (*resource.Resource, error) { + matchedIds := m.FindByGVKN(targetId) + if targetId.Namespace() != "" { + var ids []resid.ResId + for _, id := range matchedIds { + if id.Namespace() == targetId.Namespace() { + ids = append(ids, id) + } + } + matchedIds = ids + } + + if len(matchedIds) == 0 { + return nil, fmt.Errorf("couldn't find any object to apply the json patch %v", targetId) + } + if len(matchedIds) > 1 { + return nil, fmt.Errorf("found multiple objects that the patch can apply %v", matchedIds) + } + return m[matchedIds[0]], nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resid/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/resid/BUILD new file mode 100644 index 00000000000..f8f9f627e92 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resid/BUILD @@ -0,0 +1,24 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["resid.go"], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/resid", + importpath = "sigs.k8s.io/kustomize/pkg/resid", + visibility = ["//visibility:public"], + deps = ["//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resid/resid.go b/vendor/sigs.k8s.io/kustomize/pkg/resid/resid.go new file mode 100644 index 00000000000..2af7c02a5a4 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resid/resid.go @@ -0,0 +1,194 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package resid + +import ( + "strings" + + "sigs.k8s.io/kustomize/pkg/gvk" +) + +// ResId conflates GroupVersionKind with a textual name to uniquely identify a kubernetes resource (object). +type ResId struct { + // Gvk of the resource. + gvKind gvk.Gvk + // original name of the resource before transformation. + name string + // namePrefix of the resource + // an untransformed resource has no prefix, fully transformed resource has an arbitrary number of prefixes + // concatenated together. + prefix string + // nameSuffix of the resource + // an untransformed resource has no suffix, fully transformed resource has an arbitrary number of suffixes + // concatenated together. + suffix string + // namespace the resource belongs to + // an untransformed resource has no namespace, fully transformed resource has the namespace from + // the top most overlay + namespace string +} + +// NewResIdWithPrefixSuffixNamespace creates new resource identifier with a prefix, suffix and a namespace +func NewResIdWithPrefixSuffixNamespace(k gvk.Gvk, n, p, s, ns string) ResId { + return ResId{gvKind: k, name: n, prefix: p, suffix: s, namespace: ns} +} + +// NewResIdWithPrefixNamespace creates new resource identifier with a prefix and a namespace +func NewResIdWithPrefixNamespace(k gvk.Gvk, n, p, ns string) ResId { + return ResId{gvKind: k, name: n, prefix: p, namespace: ns} +} + +// NewResIdWithSuffixNamespace creates new resource identifier with a suffix and a namespace +func NewResIdWithSuffixNamespace(k gvk.Gvk, n, s, ns string) ResId { + return ResId{gvKind: k, name: n, suffix: s, namespace: ns} +} + +// NewResIdWithPrefixSuffix creates new resource identifier with a prefix and suffix +func NewResIdWithPrefixSuffix(k gvk.Gvk, n, p, s string) ResId { + return ResId{gvKind: k, name: n, prefix: p, suffix: s} +} + +// NewResId creates new resource identifier +func NewResId(k gvk.Gvk, n string) ResId { + return ResId{gvKind: k, name: n} +} + +// NewResIdKindOnly creates new resource identifier +func NewResIdKindOnly(k string, n string) ResId { + return ResId{gvKind: gvk.FromKind(k), name: n} +} + +const ( + noNamespace = "~X" + noPrefix = "~P" + noName = "~N" + noSuffix = "~S" + separator = "|" +) + +// String of ResId based on GVK, name and prefix +func (n ResId) String() string { + ns := n.namespace + if ns == "" { + ns = noNamespace + } + p := n.prefix + if p == "" { + p = noPrefix + } + nm := n.name + if nm == "" { + nm = noName + } + s := n.suffix + if s == "" { + s = noSuffix + } + + return strings.Join( + []string{n.gvKind.String(), ns, p, nm, s}, separator) +} + +// GvknString of ResId based on GVK and name +func (n ResId) GvknString() string { + return n.gvKind.String() + separator + n.name +} + +// GvknEquals return if two ResId have the same Group/Version/Kind and name +// The comparison excludes prefix and suffix +func (n ResId) GvknEquals(id ResId) bool { + return n.gvKind.Equals(id.gvKind) && n.name == id.name +} + +// Gvk returns Group/Version/Kind of the resource. +func (n ResId) Gvk() gvk.Gvk { + return n.gvKind +} + +// Name returns resource name. +func (n ResId) Name() string { + return n.name +} + +// Namespace returns resource namespace. +func (n ResId) Namespace() string { + return n.namespace +} + +// CopyWithNewPrefixSuffix make a new copy from current ResId +// and append a new prefix and suffix +func (n ResId) CopyWithNewPrefixSuffix(p, s string) ResId { + result := n + if p != "" { + result.prefix = n.concatPrefix(p) + } + if s != "" { + result.suffix = n.concatSuffix(s) + } + return result +} + +// CopyWithNewNamespace make a new copy from current ResId and set a new namespace +func (n ResId) CopyWithNewNamespace(ns string) ResId { + result := n + result.namespace = ns + return result +} + +// HasSameLeftmostPrefix check if two ResIds have the same +// left most prefix. +func (n ResId) HasSameLeftmostPrefix(id ResId) bool { + prefixes1 := n.prefixList() + prefixes2 := id.prefixList() + return prefixes1[0] == prefixes2[0] +} + +// HasSameRightmostSuffix check if two ResIds have the same +// right most suffix. +func (n ResId) HasSameRightmostSuffix(id ResId) bool { + suffixes1 := n.suffixList() + suffixes2 := id.suffixList() + return suffixes1[len(suffixes1)-1] == suffixes2[len(suffixes2)-1] +} + +func (n ResId) concatPrefix(p string) string { + if p == "" { + return n.prefix + } + if n.prefix == "" { + return p + } + return p + ":" + n.prefix +} + +func (n ResId) concatSuffix(s string) string { + if s == "" { + return n.suffix + } + if n.suffix == "" { + return s + } + return n.suffix + ":" + s +} + +func (n ResId) prefixList() []string { + return strings.Split(n.prefix, ":") +} + +func (n ResId) suffixList() []string { + return strings.Split(n.suffix, ":") +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resmap/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/resmap/BUILD new file mode 100644 index 00000000000..dab802ce88f --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resmap/BUILD @@ -0,0 +1,36 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "factory.go", + "idslice.go", + "resmap.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/resmap", + importpath = "sigs.k8s.io/kustomize/pkg/resmap", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/ghodss/yaml:go_default_library", + "//vendor/github.com/pkg/errors:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/internal/error:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resid:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resmap/factory.go b/vendor/sigs.k8s.io/kustomize/pkg/resmap/factory.go new file mode 100644 index 00000000000..9e64dbee426 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resmap/factory.go @@ -0,0 +1,123 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package resmap + +import ( + "fmt" + + "github.com/pkg/errors" + "sigs.k8s.io/kustomize/pkg/ifc" + internal "sigs.k8s.io/kustomize/pkg/internal/error" + "sigs.k8s.io/kustomize/pkg/resource" + "sigs.k8s.io/kustomize/pkg/types" +) + +// Factory makes instances of ResMap. +type Factory struct { + resF *resource.Factory +} + +// NewFactory returns a new resmap.Factory. +func NewFactory(rf *resource.Factory) *Factory { + return &Factory{resF: rf} +} + +// RF returns a resource.Factory. +func (rmF *Factory) RF() *resource.Factory { + return rmF.resF +} + +// FromFiles returns a ResMap given a resource path slice. +func (rmF *Factory) FromFiles( + loader ifc.Loader, paths []string) (ResMap, error) { + var result []ResMap + for _, path := range paths { + content, err := loader.Load(path) + if err != nil { + return nil, errors.Wrap(err, "Load from path "+path+" failed") + } + res, err := rmF.newResMapFromBytes(content) + if err != nil { + return nil, internal.Handler(err, path) + } + result = append(result, res) + } + return MergeWithErrorOnIdCollision(result...) +} + +// newResMapFromBytes decodes a list of objects in byte array format. +func (rmF *Factory) newResMapFromBytes(b []byte) (ResMap, error) { + resources, err := rmF.resF.SliceFromBytes(b) + if err != nil { + return nil, err + } + + result := ResMap{} + for _, res := range resources { + id := res.Id() + if _, found := result[id]; found { + return result, fmt.Errorf("GroupVersionKindName: %#v already exists b the map", id) + } + result[id] = res + } + return result, nil +} + +// NewResMapFromConfigMapArgs returns a Resource slice given +// a configmap metadata slice from kustomization file. +func (rmF *Factory) NewResMapFromConfigMapArgs(argList []types.ConfigMapArgs, options *types.GeneratorOptions) (ResMap, error) { + var resources []*resource.Resource + for _, args := range argList { + res, err := rmF.resF.MakeConfigMap(&args, options) + if err != nil { + return nil, errors.Wrap(err, "NewResMapFromConfigMapArgs") + } + resources = append(resources, res) + } + return newResMapFromResourceSlice(resources) +} + +// NewResMapFromSecretArgs takes a SecretArgs slice, generates +// secrets from each entry, and accumulates them in a ResMap. +func (rmF *Factory) NewResMapFromSecretArgs(argsList []types.SecretArgs, options *types.GeneratorOptions) (ResMap, error) { + var resources []*resource.Resource + for _, args := range argsList { + res, err := rmF.resF.MakeSecret(&args, options) + if err != nil { + return nil, errors.Wrap(err, "NewResMapFromSecretArgs") + } + resources = append(resources, res) + } + return newResMapFromResourceSlice(resources) +} + +// Set sets the loader for the underlying factory +func (rmF *Factory) Set(ldr ifc.Loader) { + rmF.resF.Set(ldr) +} + +func newResMapFromResourceSlice(resources []*resource.Resource) (ResMap, error) { + result := ResMap{} + for _, res := range resources { + id := res.Id() + if _, found := result[id]; found { + return nil, fmt.Errorf("duplicated %#v is not allowed", id) + } + result[id] = res + } + return result, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resmap/idslice.go b/vendor/sigs.k8s.io/kustomize/pkg/resmap/idslice.go new file mode 100644 index 00000000000..cdf759203bd --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resmap/idslice.go @@ -0,0 +1,37 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package resmap + +import ( + "sort" + + "sigs.k8s.io/kustomize/pkg/resid" +) + +// IdSlice implements the sort interface. +type IdSlice []resid.ResId + +var _ sort.Interface = IdSlice{} + +func (a IdSlice) Len() int { return len(a) } +func (a IdSlice) Swap(i, j int) { a[i], a[j] = a[j], a[i] } +func (a IdSlice) Less(i, j int) bool { + if !a[i].Gvk().Equals(a[j].Gvk()) { + return a[i].Gvk().IsLessThan(a[j].Gvk()) + } + return a[i].String() < a[j].String() +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resmap/resmap.go b/vendor/sigs.k8s.io/kustomize/pkg/resmap/resmap.go new file mode 100644 index 00000000000..d6936f6d56c --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resmap/resmap.go @@ -0,0 +1,206 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package resmap implements a map from ResId to Resource that tracks all resources in a kustomization. +package resmap + +import ( + "bytes" + "fmt" + "reflect" + "sort" + + "github.com/ghodss/yaml" + "sigs.k8s.io/kustomize/pkg/resid" + "sigs.k8s.io/kustomize/pkg/resource" + "sigs.k8s.io/kustomize/pkg/types" +) + +// ResMap is a map from ResId to Resource. +type ResMap map[resid.ResId]*resource.Resource + +// FindByGVKN find the matched ResIds by Group/Version/Kind and Name +func (m ResMap) FindByGVKN(inputId resid.ResId) []resid.ResId { + var result []resid.ResId + for id := range m { + if id.GvknEquals(inputId) { + result = append(result, id) + } + } + return result +} + +// DemandOneMatchForId find the matched resource by Group/Version/Kind and Name +func (m ResMap) DemandOneMatchForId(inputId resid.ResId) (*resource.Resource, bool) { + result := m.FindByGVKN(inputId) + if len(result) == 1 { + return m[result[0]], true + } + return nil, false +} + +// EncodeAsYaml encodes a ResMap to YAML; encoded objects separated by `---`. +func (m ResMap) EncodeAsYaml() ([]byte, error) { + var ids []resid.ResId + for id := range m { + ids = append(ids, id) + } + sort.Sort(IdSlice(ids)) + + firstObj := true + var b []byte + buf := bytes.NewBuffer(b) + for _, id := range ids { + obj := m[id] + out, err := yaml.Marshal(obj.Map()) + if err != nil { + return nil, err + } + if firstObj { + firstObj = false + } else { + _, err = buf.WriteString("---\n") + if err != nil { + return nil, err + } + } + _, err = buf.Write(out) + if err != nil { + return nil, err + } + } + return buf.Bytes(), nil +} + +// ErrorIfNotEqual returns error if maps are not equal. +func (m ResMap) ErrorIfNotEqual(m2 ResMap) error { + if len(m) != len(m2) { + var keySet1 []resid.ResId + var keySet2 []resid.ResId + for id := range m { + keySet1 = append(keySet1, id) + } + for id := range m2 { + keySet2 = append(keySet2, id) + } + return fmt.Errorf("maps has different number of entries: %#v doesn't equals %#v", keySet1, keySet2) + } + for id, obj1 := range m { + obj2, found := m2[id] + if !found { + return fmt.Errorf("%#v doesn't exist in %#v", id, m2) + } + if !reflect.DeepEqual(obj1, obj2) { + return fmt.Errorf("%#v doesn't deep equal %#v", obj1, obj2) + } + } + return nil +} + +// DeepCopy clone the resmap into a new one +func (m ResMap) DeepCopy(rf *resource.Factory) ResMap { + mcopy := make(ResMap) + for id, obj := range m { + mcopy[id] = obj.DeepCopy() + } + return mcopy +} + +// FilterBy returns a subset ResMap containing ResIds with +// the same namespace and leftmost name prefix and rightmost name +// as the inputId. If inputId is a cluster level resource, this +// returns the original ResMap. +func (m ResMap) FilterBy(inputId resid.ResId) ResMap { + if inputId.Gvk().IsClusterKind() { + return m + } + result := ResMap{} + for id, res := range m { + if id.Gvk().IsClusterKind() || id.Namespace() == inputId.Namespace() && + id.HasSameLeftmostPrefix(inputId) && + id.HasSameRightmostSuffix(inputId) { + result[id] = res + } + } + return result +} + +// MergeWithErrorOnIdCollision combines multiple ResMap instances, failing on +// key collision and skipping nil maps. +// If all of the maps are nil, an empty ResMap is returned. +func MergeWithErrorOnIdCollision(maps ...ResMap) (ResMap, error) { + result := ResMap{} + for _, m := range maps { + if m == nil { + continue + } + for id, res := range m { + if _, found := result[id]; found { + return nil, fmt.Errorf("id '%q' already used", id) + } + result[id] = res + } + } + return result, nil +} + +// MergeWithOverride combines multiple ResMap instances, allowing and sometimes +// demanding certain collisions and skipping nil maps. +// A collision would be demanded, say, when a generated ConfigMap has the +// "replace" option in its generation instructions, meaning it is supposed +// to replace something from the raw resources list. +// If all of the maps are nil, an empty ResMap is returned. +// When looping over the instances to combine them, if a resource id for +// resource X is found to be already in the combined map, then the behavior +// field for X must be BehaviorMerge or BehaviorReplace. If X is not in the +// map, then it's behavior cannot be merge or replace. +func MergeWithOverride(maps ...ResMap) (ResMap, error) { + result := maps[0] + if result == nil { + result = ResMap{} + } + for _, m := range maps[1:] { + if m == nil { + continue + } + for id, r := range m { + matchedId := result.FindByGVKN(id) + if len(matchedId) == 1 { + id = matchedId[0] + switch r.Behavior() { + case types.BehaviorReplace: + r.Replace(result[id]) + result[id] = r + case types.BehaviorMerge: + r.Merge(result[id]) + result[id] = r + default: + return nil, fmt.Errorf("id %#v exists; must merge or replace", id) + } + } else if len(matchedId) == 0 { + switch r.Behavior() { + case types.BehaviorMerge, types.BehaviorReplace: + return nil, fmt.Errorf("id %#v does not exist; cannot merge or replace", id) + default: + result[id] = r + } + } else { + return nil, fmt.Errorf("merge conflict, found multiple objects %v the Resmap %v can merge into", matchedId, id) + } + } + } + return result, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resource/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/resource/BUILD new file mode 100644 index 00000000000..50eef7e3395 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resource/BUILD @@ -0,0 +1,33 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "factory.go", + "resource.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/resource", + importpath = "sigs.k8s.io/kustomize/pkg/resource", + visibility = ["//visibility:public"], + deps = [ + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/internal/error:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/patch:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resid:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resource/factory.go b/vendor/sigs.k8s.io/kustomize/pkg/resource/factory.go new file mode 100644 index 00000000000..b016678a518 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resource/factory.go @@ -0,0 +1,143 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package resource + +import ( + "encoding/json" + "fmt" + "log" + + "sigs.k8s.io/kustomize/pkg/ifc" + internal "sigs.k8s.io/kustomize/pkg/internal/error" + "sigs.k8s.io/kustomize/pkg/patch" + "sigs.k8s.io/kustomize/pkg/types" +) + +// Factory makes instances of Resource. +type Factory struct { + kf ifc.KunstructuredFactory +} + +// NewFactory makes an instance of Factory. +func NewFactory(kf ifc.KunstructuredFactory) *Factory { + return &Factory{kf: kf} +} + +// FromMap returns a new instance of Resource. +func (rf *Factory) FromMap(m map[string]interface{}) *Resource { + return &Resource{ + Kunstructured: rf.kf.FromMap(m), + options: types.NewGenArgs(nil, nil), + } +} + +// FromMapAndOption returns a new instance of Resource with given options. +func (rf *Factory) FromMapAndOption(m map[string]interface{}, args *types.GeneratorArgs, option *types.GeneratorOptions) *Resource { + return &Resource{ + Kunstructured: rf.kf.FromMap(m), + options: types.NewGenArgs(args, option), + } +} + +// FromKunstructured returns a new instance of Resource. +func (rf *Factory) FromKunstructured( + u ifc.Kunstructured) *Resource { + if u == nil { + log.Fatal("unstruct ifc must not be null") + } + return &Resource{ + Kunstructured: u, + options: types.NewGenArgs(nil, nil), + } +} + +// SliceFromPatches returns a slice of resources given a patch path +// slice from a kustomization file. +func (rf *Factory) SliceFromPatches( + ldr ifc.Loader, paths []patch.StrategicMerge) ([]*Resource, error) { + var result []*Resource + for _, path := range paths { + content, err := ldr.Load(string(path)) + if err != nil { + return nil, err + } + res, err := rf.SliceFromBytes(content) + if err != nil { + return nil, internal.Handler(err, string(path)) + } + result = append(result, res...) + } + return result, nil +} + +// SliceFromBytes unmarshalls bytes into a Resource slice. +func (rf *Factory) SliceFromBytes(in []byte) ([]*Resource, error) { + kunStructs, err := rf.kf.SliceFromBytes(in) + if err != nil { + return nil, err + } + var result []*Resource + for len(kunStructs) > 0 { + u := kunStructs[0] + kunStructs = kunStructs[1:] + if u.GetKind() == "List" { + items := u.Map()["items"] + itemsSlice, ok := items.([]interface{}) + if !ok { + return nil, fmt.Errorf("items in List is type %T, expected array", items) + } + for _, item := range itemsSlice { + itemJSON, err := json.Marshal(item) + if err != nil { + return nil, err + } + innerU, err := rf.kf.SliceFromBytes(itemJSON) + if err != nil { + return nil, err + } + // append innerU to kunStructs so nested Lists can be handled + kunStructs = append(kunStructs, innerU...) + } + } else { + result = append(result, rf.FromKunstructured(u)) + } + } + return result, nil +} + +// Set sets the loader for the underlying factory +func (rf *Factory) Set(ldr ifc.Loader) { + rf.kf.Set(ldr) +} + +// MakeConfigMap makes an instance of Resource for ConfigMap +func (rf *Factory) MakeConfigMap(args *types.ConfigMapArgs, options *types.GeneratorOptions) (*Resource, error) { + u, err := rf.kf.MakeConfigMap(args, options) + if err != nil { + return nil, err + } + return &Resource{Kunstructured: u, options: types.NewGenArgs(&types.GeneratorArgs{Behavior: args.Behavior}, options)}, nil +} + +// MakeSecret makes an instance of Resource for Secret +func (rf *Factory) MakeSecret(args *types.SecretArgs, options *types.GeneratorOptions) (*Resource, error) { + u, err := rf.kf.MakeSecret(args, options) + if err != nil { + return nil, err + } + return &Resource{Kunstructured: u, options: types.NewGenArgs(&types.GeneratorArgs{Behavior: args.Behavior}, options)}, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/resource/resource.go b/vendor/sigs.k8s.io/kustomize/pkg/resource/resource.go new file mode 100644 index 00000000000..7cc87a745ad --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/resource/resource.go @@ -0,0 +1,107 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package resource implements representations of k8s API resources as "unstructured" objects. +package resource + +import ( + "strings" + + "sigs.k8s.io/kustomize/pkg/ifc" + "sigs.k8s.io/kustomize/pkg/resid" + "sigs.k8s.io/kustomize/pkg/types" +) + +// Resource is map representation of a Kubernetes API resource object +// paired with a GenerationBehavior. +type Resource struct { + ifc.Kunstructured + options *types.GenArgs +} + +// String returns resource as JSON. +func (r *Resource) String() string { + bs, err := r.MarshalJSON() + if err != nil { + return "<" + err.Error() + ">" + } + return strings.TrimSpace(string(bs)) +} + +// DeepCopy returns a new copy of resource +func (r *Resource) DeepCopy() *Resource { + return &Resource{ + Kunstructured: r.Kunstructured.Copy(), + options: r.options, + } +} + +// Behavior returns the behavior for the resource. +func (r *Resource) Behavior() types.GenerationBehavior { + return r.options.Behavior() +} + +// NeedAppendHash checks if the resource need a hash suffix +func (r *Resource) NeedHashSuffix() bool { + return r.options != nil && r.options.NeedsHashSuffix() +} + +// Id returns the ResId for the resource. +func (r *Resource) Id() resid.ResId { + namespace, _ := r.GetFieldValue("metadata.namespace") + return resid.NewResIdWithPrefixNamespace(r.GetGvk(), r.GetName(), "", namespace) +} + +// Merge performs merge with other resource. +func (r *Resource) Merge(other *Resource) { + r.Replace(other) + mergeConfigmap(r.Map(), other.Map(), r.Map()) +} + +// Replace performs replace with other resource. +func (r *Resource) Replace(other *Resource) { + r.SetLabels(mergeStringMaps(other.GetLabels(), r.GetLabels())) + r.SetAnnotations( + mergeStringMaps(other.GetAnnotations(), r.GetAnnotations())) + r.SetName(other.GetName()) + r.options = other.options +} + +// TODO: Add BinaryData once we sync to new k8s.io/api +func mergeConfigmap( + mergedTo map[string]interface{}, + maps ...map[string]interface{}) { + mergedMap := map[string]interface{}{} + for _, m := range maps { + datamap, ok := m["data"].(map[string]interface{}) + if ok { + for key, value := range datamap { + mergedMap[key] = value + } + } + } + mergedTo["data"] = mergedMap +} + +func mergeStringMaps(maps ...map[string]string) map[string]string { + result := map[string]string{} + for _, m := range maps { + for key, value := range m { + result[key] = value + } + } + return result +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/target/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/target/BUILD new file mode 100644 index 00000000000..d127e511041 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/target/BUILD @@ -0,0 +1,42 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "kusttarget.go", + "resaccumulator.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/target", + importpath = "sigs.k8s.io/kustomize/pkg/target", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/ghodss/yaml:go_default_library", + "//vendor/github.com/pkg/errors:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/constants:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/fs:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc/transformer:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/internal/error:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/patch/transformer:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resid:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers/config:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/types:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/target/kusttarget.go b/vendor/sigs.k8s.io/kustomize/pkg/target/kusttarget.go new file mode 100644 index 00000000000..94a8b3f00d7 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/target/kusttarget.go @@ -0,0 +1,306 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package target implements state for the set of all resources to customize. +package target + +import ( + "bytes" + "encoding/json" + "fmt" + "strings" + + "github.com/ghodss/yaml" + "github.com/pkg/errors" + "sigs.k8s.io/kustomize/pkg/constants" + "sigs.k8s.io/kustomize/pkg/fs" + "sigs.k8s.io/kustomize/pkg/ifc" + "sigs.k8s.io/kustomize/pkg/ifc/transformer" + interror "sigs.k8s.io/kustomize/pkg/internal/error" + patchtransformer "sigs.k8s.io/kustomize/pkg/patch/transformer" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/resource" + "sigs.k8s.io/kustomize/pkg/transformers" + "sigs.k8s.io/kustomize/pkg/transformers/config" + "sigs.k8s.io/kustomize/pkg/types" +) + +// KustTarget encapsulates the entirety of a kustomization build. +type KustTarget struct { + kustomization *types.Kustomization + ldr ifc.Loader + fSys fs.FileSystem + rFactory *resmap.Factory + tFactory transformer.Factory +} + +// NewKustTarget returns a new instance of KustTarget primed with a Loader. +func NewKustTarget( + ldr ifc.Loader, + fSys fs.FileSystem, + rFactory *resmap.Factory, + tFactory transformer.Factory) (*KustTarget, error) { + content, err := loadKustFile(ldr) + if err != nil { + return nil, err + } + content = types.DealWithDeprecatedFields(content) + var k types.Kustomization + err = unmarshal(content, &k) + if err != nil { + return nil, err + } + errs := k.EnforceFields() + if len(errs) > 0 { + return nil, fmt.Errorf("Failed to read kustomization file under %s:\n"+strings.Join(errs, "\n"), ldr.Root()) + } + return &KustTarget{ + kustomization: &k, + ldr: ldr, + fSys: fSys, + rFactory: rFactory, + tFactory: tFactory, + }, nil +} + +func loadKustFile(ldr ifc.Loader) ([]byte, error) { + var content []byte + match := 0 + for _, kf := range constants.KustomizationFileNames { + c, err := ldr.Load(kf) + if err == nil { + match += 1 + content = c + } + } + switch match { + case 0: + return nil, fmt.Errorf("No kustomization file found in %s. Kustomize supports the following kustomization files: %s", + ldr.Root(), strings.Join(constants.KustomizationFileNames, ", ")) + case 1: + return content, nil + default: + return nil, fmt.Errorf("Found multiple kustomization files under: %s\n", ldr.Root()) + } +} + +func unmarshal(y []byte, o interface{}) error { + j, err := yaml.YAMLToJSON(y) + if err != nil { + return err + } + dec := json.NewDecoder(bytes.NewReader(j)) + dec.DisallowUnknownFields() + return dec.Decode(o) +} + +// MakeCustomizedResMap creates a ResMap per kustomization instructions. +// The Resources in the returned ResMap are fully customized. +func (kt *KustTarget) MakeCustomizedResMap() (resmap.ResMap, error) { + ra, err := kt.accumulateTarget() + if err != nil { + return nil, err + } + err = ra.Transform(kt.tFactory.MakeHashTransformer()) + if err != nil { + return nil, err + } + // Given that names have changed (prefixs/suffixes added), + // fix all the back references to those names. + err = ra.FixBackReferences() + if err != nil { + return nil, err + } + // With all the back references fixed, it's OK to resolve Vars. + err = ra.ResolveVars() + return ra.ResMap(), err +} + +func (kt *KustTarget) shouldAddHashSuffixesToGeneratedResources() bool { + return kt.kustomization.GeneratorOptions == nil || + !kt.kustomization.GeneratorOptions.DisableNameSuffixHash +} + +// accumulateTarget returns a new ResAccumulator, +// holding customized resources and the data/rules used +// to do so. The name back references and vars are +// not yet fixed. +func (kt *KustTarget) accumulateTarget() ( + ra *ResAccumulator, err error) { + // TODO(monopole): Get rid of the KustomizationErrors accumulator. + // It's not consistently used, and complicates tests. + errs := &interror.KustomizationErrors{} + ra, errs = kt.accumulateBases() + resources, err := kt.rFactory.FromFiles( + kt.ldr, kt.kustomization.Resources) + if err != nil { + errs.Append(errors.Wrap(err, "rawResources failed to read Resources")) + } + if len(errs.Get()) > 0 { + return ra, errs + } + err = ra.MergeResourcesWithErrorOnIdCollision(resources) + if err != nil { + errs.Append(errors.Wrap(err, "MergeResourcesWithErrorOnIdCollision")) + } + tConfig, err := config.MakeTransformerConfig( + kt.ldr, kt.kustomization.Configurations) + if err != nil { + return nil, err + } + err = ra.MergeConfig(tConfig) + if err != nil { + errs.Append(errors.Wrap(err, "MergeConfig")) + } + err = ra.MergeVars(kt.kustomization.Vars) + if err != nil { + errs.Append(errors.Wrap(err, "MergeVars")) + } + crdTc, err := config.LoadConfigFromCRDs(kt.ldr, kt.kustomization.Crds) + if err != nil { + errs.Append(errors.Wrap(err, "LoadCRDs")) + } + err = ra.MergeConfig(crdTc) + if err != nil { + errs.Append(errors.Wrap(err, "merge CRDs")) + } + resMap, err := kt.generateConfigMapsAndSecrets(errs) + if err != nil { + errs.Append(errors.Wrap(err, "generateConfigMapsAndSecrets")) + } + err = ra.MergeResourcesWithOverride(resMap) + if err != nil { + return nil, err + } + patches, err := kt.rFactory.RF().SliceFromPatches( + kt.ldr, kt.kustomization.PatchesStrategicMerge) + if err != nil { + errs.Append(errors.Wrap(err, "SliceFromPatches")) + } + if len(errs.Get()) > 0 { + return nil, errs + } + t, err := kt.newTransformer(patches, ra.tConfig) + if err != nil { + return nil, err + } + err = ra.Transform(t) + if err != nil { + return nil, err + } + return ra, nil +} + +func (kt *KustTarget) generateConfigMapsAndSecrets( + errs *interror.KustomizationErrors) (resmap.ResMap, error) { + kt.rFactory.Set(kt.ldr) + cms, err := kt.rFactory.NewResMapFromConfigMapArgs( + kt.kustomization.ConfigMapGenerator, kt.kustomization.GeneratorOptions) + if err != nil { + errs.Append(errors.Wrap(err, "NewResMapFromConfigMapArgs")) + } + secrets, err := kt.rFactory.NewResMapFromSecretArgs( + kt.kustomization.SecretGenerator, kt.kustomization.GeneratorOptions) + if err != nil { + errs.Append(errors.Wrap(err, "NewResMapFromSecretArgs")) + } + return resmap.MergeWithErrorOnIdCollision(cms, secrets) +} + +// accumulateBases returns a new ResAccumulator +// holding customized resources and the data/rules +// used to customized them from only the _bases_ +// of this KustTarget. +func (kt *KustTarget) accumulateBases() ( + ra *ResAccumulator, errs *interror.KustomizationErrors) { + errs = &interror.KustomizationErrors{} + ra = MakeEmptyAccumulator() + + for _, path := range kt.kustomization.Bases { + ldr, err := kt.ldr.New(path) + if err != nil { + errs.Append(errors.Wrap(err, "couldn't make loader for "+path)) + continue + } + subKt, err := NewKustTarget( + ldr, kt.fSys, kt.rFactory, kt.tFactory) + if err != nil { + errs.Append(errors.Wrap(err, "couldn't make target for "+path)) + ldr.Cleanup() + continue + } + subRa, err := subKt.accumulateTarget() + if err != nil { + errs.Append(errors.Wrap(err, "accumulateTarget")) + ldr.Cleanup() + continue + } + err = ra.MergeAccumulator(subRa) + if err != nil { + errs.Append(errors.Wrap(err, path)) + } + ldr.Cleanup() + } + return ra, errs +} + +// newTransformer makes a Transformer that does a collection +// of object transformations. +func (kt *KustTarget) newTransformer( + patches []*resource.Resource, tConfig *config.TransformerConfig) ( + transformers.Transformer, error) { + var r []transformers.Transformer + t, err := kt.tFactory.MakePatchTransformer(patches, kt.rFactory.RF()) + if err != nil { + return nil, err + } + r = append(r, t) + r = append(r, transformers.NewNamespaceTransformer( + string(kt.kustomization.Namespace), tConfig.NameSpace)) + t, err = transformers.NewNamePrefixSuffixTransformer( + string(kt.kustomization.NamePrefix), + string(kt.kustomization.NameSuffix), + tConfig.NamePrefix, + ) + if err != nil { + return nil, err + } + r = append(r, t) + t, err = transformers.NewLabelsMapTransformer( + kt.kustomization.CommonLabels, tConfig.CommonLabels) + if err != nil { + return nil, err + } + r = append(r, t) + t, err = transformers.NewAnnotationsMapTransformer( + kt.kustomization.CommonAnnotations, tConfig.CommonAnnotations) + if err != nil { + return nil, err + } + r = append(r, t) + t, err = patchtransformer.NewPatchJson6902Factory(kt.ldr). + MakePatchJson6902Transformer(kt.kustomization.PatchesJson6902) + if err != nil { + return nil, err + } + r = append(r, t) + t, err = transformers.NewImageTransformer(kt.kustomization.Images) + if err != nil { + return nil, err + } + r = append(r, t) + return transformers.NewMultiTransformer(r), nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/target/resaccumulator.go b/vendor/sigs.k8s.io/kustomize/pkg/target/resaccumulator.go new file mode 100644 index 00000000000..41e448b8d6e --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/target/resaccumulator.go @@ -0,0 +1,134 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package target + +import ( + "fmt" + "log" + "sigs.k8s.io/kustomize/pkg/resid" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers" + "sigs.k8s.io/kustomize/pkg/transformers/config" + "sigs.k8s.io/kustomize/pkg/types" +) + +// ResAccumulator accumulates resources and the rules +// used to customize those resources. +// TODO(monopole): Move to "accumulator" package and make members private. +// This will make a better separation between KustTarget, which should +// be mainly concerned with data loading, and this class, which could +// become the home of all transformation data and logic. +type ResAccumulator struct { + resMap resmap.ResMap + tConfig *config.TransformerConfig + varSet types.VarSet +} + +func MakeEmptyAccumulator() *ResAccumulator { + ra := &ResAccumulator{} + ra.resMap = make(resmap.ResMap) + ra.tConfig = &config.TransformerConfig{} + ra.varSet = types.VarSet{} + return ra +} + +// ResMap returns a copy of the internal resMap. +func (ra *ResAccumulator) ResMap() resmap.ResMap { + result := make(resmap.ResMap) + for k, v := range ra.resMap { + result[k] = v + } + return result +} + +func (ra *ResAccumulator) MergeResourcesWithErrorOnIdCollision( + resources resmap.ResMap) (err error) { + ra.resMap, err = resmap.MergeWithErrorOnIdCollision( + resources, ra.resMap) + return err +} + +func (ra *ResAccumulator) MergeResourcesWithOverride( + resources resmap.ResMap) (err error) { + ra.resMap, err = resmap.MergeWithOverride( + ra.resMap, resources) + return err +} + +func (ra *ResAccumulator) MergeConfig( + tConfig *config.TransformerConfig) (err error) { + ra.tConfig, err = ra.tConfig.Merge(tConfig) + return err +} + +func (ra *ResAccumulator) MergeVars(incoming []types.Var) error { + return ra.varSet.MergeSlice(incoming) +} + +func (ra *ResAccumulator) MergeAccumulator(other *ResAccumulator) (err error) { + err = ra.MergeResourcesWithErrorOnIdCollision(other.resMap) + if err != nil { + return err + } + err = ra.MergeConfig(other.tConfig) + if err != nil { + return err + } + return ra.varSet.MergeSet(&other.varSet) +} + +// makeVarReplacementMap returns a map of Var names to +// their final values. The values are strings intended +// for substitution wherever the $(var.Name) occurs. +func (ra *ResAccumulator) makeVarReplacementMap() (map[string]string, error) { + result := map[string]string{} + for _, v := range ra.varSet.Set() { + id := resid.NewResId(v.ObjRef.GVK(), v.ObjRef.Name) + if r, found := ra.resMap.DemandOneMatchForId(id); found { + s, err := r.GetFieldValue(v.FieldRef.FieldPath) + if err != nil { + return nil, fmt.Errorf("field path err for var: %+v", v) + } + result[v.Name] = s + } else { + // Should this be an error? + log.Printf("var %v defined but not used", v) + } + } + return result, nil +} + +func (ra *ResAccumulator) Transform(t transformers.Transformer) error { + return t.Transform(ra.resMap) +} + +func (ra *ResAccumulator) ResolveVars() error { + replacementMap, err := ra.makeVarReplacementMap() + if err != nil { + return err + } + return ra.Transform(transformers.NewRefVarTransformer( + replacementMap, ra.tConfig.VarReference)) +} + +func (ra *ResAccumulator) FixBackReferences() (err error) { + if ra.tConfig.NameReference == nil { + return nil + } + return ra.Transform(transformers.NewNameReferenceTransformer( + ra.tConfig.NameReference)) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/transformers/BUILD new file mode 100644 index 00000000000..369df843f49 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/BUILD @@ -0,0 +1,45 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "image.go", + "labelsandannotations.go", + "multitransformer.go", + "mutatefield.go", + "namereference.go", + "namespace.go", + "nooptransformer.go", + "prefixsuffixname.go", + "refvars.go", + "transformer.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/transformers", + importpath = "sigs.k8s.io/kustomize/pkg/transformers", + visibility = ["//visibility:public"], + deps = [ + "//vendor/sigs.k8s.io/kustomize/pkg/expansion:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/image:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resmap:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/resource:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers/config:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers/config:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/BUILD new file mode 100644 index 00000000000..6cfe7805260 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/BUILD @@ -0,0 +1,40 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "factory.go", + "factorycrd.go", + "fieldspec.go", + "namebackreferences.go", + "transformerconfig.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/transformers/config", + importpath = "sigs.k8s.io/kustomize/pkg/transformers/config", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/ghodss/yaml:go_default_library", + "//vendor/github.com/go-openapi/spec:go_default_library", + "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/ifc:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/BUILD new file mode 100644 index 00000000000..380e4cd07cb --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/BUILD @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "commonannotations.go", + "commonlabels.go", + "defaultconfig.go", + "nameprefix.go", + "namereference.go", + "namespace.go", + "varreference.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig", + importpath = "sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig", + visibility = ["//visibility:public"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/commonannotations.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/commonannotations.go new file mode 100644 index 00000000000..2754559042d --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/commonannotations.go @@ -0,0 +1,60 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package defaultconfig + +const commonAnnotationFieldSpecs = ` +commonAnnotations: +- path: metadata/annotations + create: true + +- path: spec/template/metadata/annotations + create: true + version: v1 + kind: ReplicationController + +- path: spec/template/metadata/annotations + create: true + kind: Deployment + +- path: spec/template/metadata/annotations + create: true + kind: ReplicaSet + +- path: spec/template/metadata/annotations + create: true + kind: DaemonSet + +- path: spec/template/metadata/annotations + create: true + kind: StatefulSet + +- path: spec/template/metadata/annotations + create: true + group: batch + kind: Job + +- path: spec/jobTemplate/metadata/annotations + create: true + group: batch + kind: CronJob + +- path: spec/jobTemplate/spec/template/metadata/annotations + create: true + group: batch + kind: CronJob + +` diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/commonlabels.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/commonlabels.go new file mode 100644 index 00000000000..66943c1ed00 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/commonlabels.go @@ -0,0 +1,162 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package defaultconfig + +const commonLabelFieldSpecs = ` +commonLabels: +- path: metadata/labels + create: true + +- path: spec/selector + create: true + version: v1 + kind: Service + +- path: spec/selector + create: true + version: v1 + kind: ReplicationController + +- path: spec/template/metadata/labels + create: true + version: v1 + kind: ReplicationController + +- path: spec/selector/matchLabels + create: true + kind: Deployment + +- path: spec/template/metadata/labels + create: true + kind: Deployment + +- path: spec/template/spec/affinity/podAffinity/preferredDuringSchedulingIgnoredDuringExecution/podAffinityTerm/labelSelector/matchLabels + create: false + group: apps + kind: Deployment + +- path: spec/template/spec/affinity/podAffinity/requiredDuringSchedulingIgnoredDuringExecution/labelSelector/matchLabels + create: false + group: apps + kind: Deployment + +- path: spec/template/spec/affinity/podAntiAffinity/preferredDuringSchedulingIgnoredDuringExecution/podAffinityTerm/labelSelector/matchLabels + create: false + group: apps + kind: Deployment + +- path: spec/template/spec/affinity/podAntiAffinity/requiredDuringSchedulingIgnoredDuringExecution/labelSelector/matchLabels + create: false + group: apps + kind: Deployment + +- path: spec/selector/matchLabels + create: true + kind: ReplicaSet + +- path: spec/template/metadata/labels + create: true + kind: ReplicaSet + +- path: spec/selector/matchLabels + create: true + kind: DaemonSet + +- path: spec/template/metadata/labels + create: true + kind: DaemonSet + +- path: spec/selector/matchLabels + create: true + group: apps + kind: StatefulSet + +- path: spec/template/metadata/labels + create: true + group: apps + kind: StatefulSet + +- path: spec/template/spec/affinity/podAffinity/preferredDuringSchedulingIgnoredDuringExecution/podAffinityTerm/labelSelector/matchLabels + create: false + group: apps + kind: StatefulSet + +- path: spec/template/spec/affinity/podAffinity/requiredDuringSchedulingIgnoredDuringExecution/labelSelector/matchLabels + create: false + group: apps + kind: StatefulSet + +- path: spec/template/spec/affinity/podAntiAffinity/preferredDuringSchedulingIgnoredDuringExecution/podAffinityTerm/labelSelector/matchLabels + create: false + group: apps + kind: StatefulSet + +- path: spec/template/spec/affinity/podAntiAffinity/requiredDuringSchedulingIgnoredDuringExecution/labelSelector/matchLabels + create: false + group: apps + kind: StatefulSet + +- path: spec/volumeClaimTemplates/metadata/labels + create: true + group: apps + kind: StatefulSet + +- path: spec/selector/matchLabels + create: false + group: batch + kind: Job + +- path: spec/template/metadata/labels + create: true + group: batch + kind: Job + +- path: spec/jobTemplate/spec/selector/matchLabels + create: false + group: batch + kind: CronJob + +- path: spec/jobTemplate/metadata/labels + create: true + group: batch + kind: CronJob + +- path: spec/jobTemplate/spec/template/metadata/labels + create: true + group: batch + kind: CronJob + +- path: spec/selector/matchLabels + create: false + group: policy + kind: PodDisruptionBudget + +- path: spec/podSelector/matchLabels + create: false + group: networking.k8s.io + kind: NetworkPolicy + +- path: spec/ingress/from/podSelector/matchLabels + create: false + group: networking.k8s.io + kind: NetworkPolicy + +- path: spec/egress/to/podSelector/matchLabels + create: false + group: networking.k8s.io + kind: NetworkPolicy +` diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/defaultconfig.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/defaultconfig.go new file mode 100644 index 00000000000..d96639a8ab0 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/defaultconfig.go @@ -0,0 +1,49 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package defaultconfig provides the default +// transformer configurations +package defaultconfig + +import ( + "bytes" +) + +// GetDefaultFieldSpecs returns default fieldSpecs. +func GetDefaultFieldSpecs() []byte { + configData := [][]byte{ + []byte(namePrefixFieldSpecs), + []byte(commonLabelFieldSpecs), + []byte(commonAnnotationFieldSpecs), + []byte(namespaceFieldSpecs), + []byte(varReferenceFieldSpecs), + []byte(nameReferenceFieldSpecs), + } + return bytes.Join(configData, []byte("\n")) +} + +// GetDefaultFieldSpecsAsMap returns default fieldSpecs +// as a string->string map. +func GetDefaultFieldSpecsAsMap() map[string]string { + result := make(map[string]string) + result["nameprefix"] = namePrefixFieldSpecs + result["commonlabels"] = commonLabelFieldSpecs + result["commonannotations"] = commonAnnotationFieldSpecs + result["namespace"] = namespaceFieldSpecs + result["varreference"] = varReferenceFieldSpecs + result["namereference"] = nameReferenceFieldSpecs + return result +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/nameprefix.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/nameprefix.go new file mode 100644 index 00000000000..94fe07a4859 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/nameprefix.go @@ -0,0 +1,24 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package defaultconfig + +const ( + namePrefixFieldSpecs = ` +namePrefix: +- path: metadata/name +` +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/namereference.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/namereference.go new file mode 100644 index 00000000000..35d4b7de0aa --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/namereference.go @@ -0,0 +1,317 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package defaultconfig + +const ( + nameReferenceFieldSpecs = ` +nameReference: +- kind: Deployment + fieldSpecs: + - path: spec/scaleTargetRef/name + kind: HorizontalPodAutoscaler + +- kind: ReplicationController + fieldSpecs: + - path: spec/scaleTargetRef/name + kind: HorizontalPodAutoscaler + +- kind: ReplicaSet + fieldSpecs: + - path: spec/scaleTargetRef/name + kind: HorizontalPodAutoscaler + +- kind: ConfigMap + version: v1 + fieldSpecs: + - path: spec/volumes/configMap/name + version: v1 + kind: Pod + - path: spec/containers/env/valueFrom/configMapKeyRef/name + version: v1 + kind: Pod + - path: spec/initContainers/env/valueFrom/configMapKeyRef/name + version: v1 + kind: Pod + - path: spec/containers/envFrom/configMapRef/name + version: v1 + kind: Pod + - path: spec/initContainers/envFrom/configMapRef/name + version: v1 + kind: Pod + - path: spec/template/spec/volumes/configMap/name + kind: Deployment + - path: spec/template/spec/containers/env/valueFrom/configMapKeyRef/name + kind: Deployment + - path: spec/template/spec/initContainers/env/valueFrom/configMapKeyRef/name + kind: Deployment + - path: spec/template/spec/containers/envFrom/configMapRef/name + kind: Deployment + - path: spec/template/spec/initContainers/envFrom/configMapRef/name + kind: Deployment + - path: spec/template/spec/volumes/projected/sources/configMap/name + kind: Deployment + - path: spec/template/spec/volumes/configMap/name + kind: ReplicaSet + - path: spec/template/spec/containers/env/valueFrom/configMapKeyRef/name + kind: ReplicaSet + - path: spec/template/spec/initContainers/env/valueFrom/configMapKeyRef/name + kind: ReplicaSet + - path: spec/template/spec/containers/envFrom/configMapRef/name + kind: ReplicaSet + - path: spec/template/spec/initContainers/envFrom/configMapRef/name + kind: ReplicaSet + - path: spec/template/spec/volumes/configMap/name + kind: DaemonSet + - path: spec/template/spec/containers/env/valueFrom/configMapKeyRef/name + kind: DaemonSet + - path: spec/template/spec/initContainers/env/valueFrom/configMapKeyRef/name + kind: DaemonSet + - path: spec/template/spec/containers/envFrom/configMapRef/name + kind: DaemonSet + - path: spec/template/spec/initContainers/envFrom/configMapRef/name + kind: DaemonSet + - path: spec/template/spec/volumes/configMap/name + kind: StatefulSet + - path: spec/template/spec/containers/env/valueFrom/configMapKeyRef/name + kind: StatefulSet + - path: spec/template/spec/initContainers/env/valueFrom/configMapKeyRef/name + kind: StatefulSet + - path: spec/template/spec/containers/envFrom/configMapRef/name + kind: StatefulSet + - path: spec/template/spec/initContainers/envFrom/configMapRef/name + kind: StatefulSet + - path: spec/template/spec/volumes/projected/sources/configMap/name + kind: StatefulSet + - path: spec/template/spec/volumes/configMap/name + kind: Job + - path: spec/template/spec/containers/env/valueFrom/configMapKeyRef/name + kind: Job + - path: spec/template/spec/initContainers/env/valueFrom/configMapKeyRef/name + kind: Job + - path: spec/template/spec/containers/envFrom/configMapRef/name + kind: Job + - path: spec/template/spec/initContainers/envFrom/configMapRef/name + kind: Job + - path: spec/jobTemplate/spec/template/spec/volumes/configMap/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/containers/env/valueFrom/configMapKeyRef/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/initContainers/env/valueFrom/configMapKeyRef/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/containers/envFrom/configMapRef/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/initContainers/envFrom/configmapRef/name + kind: CronJob + +- kind: Secret + version: v1 + fieldSpecs: + - path: spec/volumes/secret/secretName + version: v1 + kind: Pod + - path: spec/containers/env/valueFrom/secretKeyRef/name + version: v1 + kind: Pod + - path: spec/initContainers/env/valueFrom/secretKeyRef/name + version: v1 + kind: Pod + - path: spec/containers/envFrom/secretRef/name + version: v1 + kind: Pod + - path: spec/initContainers/envFrom/secretRef/name + version: v1 + kind: Pod + - path: spec/imagePullSecrets/name + version: v1 + kind: Pod + - path: spec/template/spec/volumes/secret/secretName + kind: Deployment + - path: spec/template/spec/containers/env/valueFrom/secretKeyRef/name + kind: Deployment + - path: spec/template/spec/initContainers/env/valueFrom/secretKeyRef/name + kind: Deployment + - path: spec/template/spec/containers/envFrom/secretRef/name + kind: Deployment + - path: spec/template/spec/initContainers/envFrom/secretRef/name + kind: Deployment + - path: spec/template/spec/imagePullSecrets/name + kind: Deployment + - path: spec/template/spec/volumes/projected/sources/secret/name + kind: Deployment + - path: spec/template/spec/volumes/secret/secretName + kind: ReplicaSet + - path: spec/template/spec/containers/env/valueFrom/secretKeyRef/name + kind: ReplicaSet + - path: spec/template/spec/initContainers/env/valueFrom/secretKeyRef/name + kind: ReplicaSet + - path: spec/template/spec/containers/envFrom/secretRef/name + kind: ReplicaSet + - path: spec/template/spec/initContainers/envFrom/secretRef/name + kind: ReplicaSet + - path: spec/template/spec/imagePullSecrets/name + kind: ReplicaSet + - path: spec/template/spec/volumes/secret/secretName + kind: DaemonSet + - path: spec/template/spec/containers/env/valueFrom/secretKeyRef/name + kind: DaemonSet + - path: spec/template/spec/initContainers/env/valueFrom/secretKeyRef/name + kind: DaemonSet + - path: spec/template/spec/containers/envFrom/secretRef/name + kind: DaemonSet + - path: spec/template/spec/initContainers/envFrom/secretRef/name + kind: DaemonSet + - path: spec/template/spec/imagePullSecrets/name + kind: DaemonSet + - path: spec/template/spec/volumes/secret/secretName + kind: StatefulSet + - path: spec/template/spec/containers/env/valueFrom/secretKeyRef/name + kind: StatefulSet + - path: spec/template/spec/initContainers/env/valueFrom/secretKeyRef/name + kind: StatefulSet + - path: spec/template/spec/containers/envFrom/secretRef/name + kind: StatefulSet + - path: spec/template/spec/initContainers/envFrom/secretRef/name + kind: StatefulSet + - path: spec/template/spec/imagePullSecrets/name + kind: StatefulSet + - path: spec/template/spec/volumes/projected/sources/secret/name + kind: StatefulSet + - path: spec/template/spec/volumes/secret/secretName + kind: Job + - path: spec/template/spec/containers/env/valueFrom/secretKeyRef/name + kind: Job + - path: spec/template/spec/initContainers/env/valueFrom/secretKeyRef/name + kind: Job + - path: spec/template/spec/containers/envFrom/secretRef/name + kind: Job + - path: spec/template/spec/initContainers/envFrom/secretRef/name + kind: Job + - path: spec/template/spec/imagePullSecrets/name + kind: Job + - path: spec/jobTemplate/spec/template/spec/volumes/secret/secretName + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/containers/env/valueFrom/secretKeyRef/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/initContainers/env/valueFrom/secretKeyRef/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/containers/envFrom/secretRef/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/initContainers/envFrom/secretRef/name + kind: CronJob + - path: spec/jobTemplate/spec/template/spec/imagePullSecrets/name + kind: CronJob + - path: spec/tls/secretName + kind: Ingress + - path: metadata/annotations/ingress.kubernetes.io\/auth-secret + kind: Ingress + - path: metadata/annotations/nginx.ingress.kubernetes.io\/auth-secret + kind: Ingress + - path: imagePullSecrets/name + kind: ServiceAccount + - path: parameters/secretName + kind: StorageClass + - path: parameters/adminSecretName + kind: StorageClass + - path: parameters/userSecretName + kind: StorageClass + - path: parameters/secretRef + kind: StorageClass + - path: rules/resourceNames + kind: Role + - path: rules/resourceNames + kind: ClusterRole + +- kind: Service + version: v1 + fieldSpecs: + - path: spec/serviceName + kind: StatefulSet + group: apps + - path: spec/rules/http/paths/backend/serviceName + kind: Ingress + - path: spec/backend/serviceName + kind: Ingress + - path: spec/service/name + kind: APIService + group: apiregistration.k8s.io + +- kind: Role + group: rbac.authorization.k8s.io + fieldSpecs: + - path: roleRef/name + kind: RoleBinding + group: rbac.authorization.k8s.io + +- kind: ClusterRole + group: rbac.authorization.k8s.io + fieldSpecs: + - path: roleRef/name + kind: RoleBinding + group: rbac.authorization.k8s.io + - path: roleRef/name + kind: ClusterRoleBinding + group: rbac.authorization.k8s.io + +- kind: ServiceAccount + version: v1 + fieldSpecs: + - path: subjects/name + kind: RoleBinding + group: rbac.authorization.k8s.io + - path: subjects/name + kind: ClusterRoleBinding + group: rbac.authorization.k8s.io + - path: spec/serviceAccountName + kind: Pod + - path: spec/template/spec/serviceAccountName + kind: StatefulSet + - path: spec/template/spec/serviceAccountName + kind: Deployment + - path: spec/template/spec/serviceAccountName + kind: ReplicationController + - path: spec/jobTemplate/spec/template/spec/serviceAccountName + kind: CronJob + - path: spec/template/spec/serviceAccountName + kind: job + - path: spec/template/spec/serviceAccountName + kind: DaemonSet + +- kind: PersistentVolumeClaim + version: v1 + fieldSpecs: + - path: spec/volumes/persistentVolumeClaim/claimName + kind: Pod + - path: spec/template/spec/volumes/persistentVolumeClaim/claimName + kind: StatefulSet + - path: spec/template/spec/volumes/persistentVolumeClaim/claimName + kind: Deployment + - path: spec/template/spec/volumes/persistentVolumeClaim/claimName + kind: ReplicationController + - path: spec/jobTemplate/spec/template/spec/volumes/persistentVolumeClaim/claimName + kind: CronJob + - path: spec/template/spec/volumes/persistentVolumeClaim/claimName + kind: Job + - path: spec/template/spec/volumes/persistentVolumeClaim/claimName + kind: DaemonSet + +- kind: PersistentVolume + version: v1 + fieldSpecs: + - path: spec/volumeName + kind: PersistentVolumeClaim +` +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/namespace.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/namespace.go new file mode 100644 index 00000000000..431eb07699e --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/namespace.go @@ -0,0 +1,25 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package defaultconfig + +const ( + namespaceFieldSpecs = ` +namespace: +- path: metadata/namespace + create: true +` +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/varreference.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/varreference.go new file mode 100644 index 00000000000..35a92d78e71 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig/varreference.go @@ -0,0 +1,109 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package defaultconfig + +const ( + varReferenceFieldSpecs = ` +varReference: +- path: spec/template/spec/initContainers/command + kind: StatefulSet + +- path: spec/template/spec/containers/command + kind: StatefulSet + +- path: spec/template/spec/initContainers/command + kind: Deployment + +- path: spec/template/spec/containers/command + kind: Deployment + +- path: spec/template/spec/initContainers/command + kind: DaemonSet + +- path: spec/template/spec/containers/command + kind: DaemonSet + +- path: spec/template/spec/containers/command + kind: Job + +- path: spec/jobTemplate/spec/template/spec/containers/command + kind: CronJob + +- path: spec/template/spec/initContainers/args + kind: StatefulSet + +- path: spec/template/spec/containers/args + kind: StatefulSet + +- path: spec/template/spec/initContainers/args + kind: Deployment + +- path: spec/template/spec/containers/args + kind: Deployment + +- path: spec/template/spec/initContainers/args + kind: DaemonSet + +- path: spec/template/spec/containers/args + kind: DaemonSet + +- path: spec/template/spec/containers/args + kind: Job + +- path: spec/jobTemplate/spec/template/spec/containers/args + kind: CronJob + +- path: spec/template/spec/initContainers/env/value + kind: StatefulSet + +- path: spec/template/spec/containers/env/value + kind: StatefulSet + +- path: spec/template/spec/initContainers/env/value + kind: Deployment + +- path: spec/template/spec/containers/env/value + kind: Deployment + +- path: spec/template/spec/initContainers/env/value + kind: DaemonSet + +- path: spec/template/spec/containers/env/value + kind: DaemonSet + +- path: spec/template/spec/containers/env/value + kind: Job + +- path: spec/jobTemplate/spec/template/spec/containers/env/value + kind: CronJob + +- path: spec/containers/command + kind: Pod + +- path: spec/containers/args + kind: Pod + +- path: spec/containers/env/value + kind: Pod + +- path: spec/rules/host + kind: Ingress + +- path: spec/tls/hosts + kind: Ingress +` +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/factory.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/factory.go new file mode 100644 index 00000000000..d0ea0d1dd83 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/factory.go @@ -0,0 +1,87 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +import ( + "log" + + "github.com/ghodss/yaml" + "sigs.k8s.io/kustomize/pkg/ifc" +) + +// Factory makes instances of TransformerConfig. +type Factory struct { + ldr ifc.Loader +} + +// MakeTransformerConfig returns a merger of custom config, +// if any, with default config. +func MakeTransformerConfig( + ldr ifc.Loader, paths []string) (*TransformerConfig, error) { + t1 := MakeDefaultConfig() + if len(paths) == 0 { + return t1, nil + } + t2, err := NewFactory(ldr).FromFiles(paths) + if err != nil { + return nil, err + } + return t1.Merge(t2) +} + +func NewFactory(l ifc.Loader) *Factory { + return &Factory{ldr: l} +} + +func (tf *Factory) loader() ifc.Loader { + if tf.ldr.(ifc.Loader) == nil { + log.Fatal("no loader") + } + return tf.ldr +} + +// FromFiles returns a TranformerConfig object from a list of files +func (tf *Factory) FromFiles( + paths []string) (*TransformerConfig, error) { + result := &TransformerConfig{} + for _, path := range paths { + data, err := tf.loader().Load(path) + if err != nil { + return nil, err + } + t, err := makeTransformerConfigFromBytes(data) + if err != nil { + return nil, err + } + result, err = result.Merge(t) + if err != nil { + return nil, err + } + } + return result, nil +} + +// makeTransformerConfigFromBytes returns a TransformerConfig object from bytes +func makeTransformerConfigFromBytes(data []byte) (*TransformerConfig, error) { + var t TransformerConfig + err := yaml.Unmarshal(data, &t) + if err != nil { + return nil, err + } + t.sortFields() + return &t, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/factorycrd.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/factorycrd.go new file mode 100644 index 00000000000..8aaa8ee6459 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/factorycrd.go @@ -0,0 +1,200 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +import ( + "encoding/json" + "strings" + + "github.com/ghodss/yaml" + "github.com/go-openapi/spec" + "k8s.io/kube-openapi/pkg/common" + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/ifc" +) + +type myProperties map[string]spec.Schema +type nameToApiMap map[string]common.OpenAPIDefinition + +// LoadConfigFromCRDs parse CRD schemas from paths into a TransformerConfig +func LoadConfigFromCRDs( + ldr ifc.Loader, paths []string) (*TransformerConfig, error) { + tc := MakeEmptyConfig() + for _, path := range paths { + content, err := ldr.Load(path) + if err != nil { + return nil, err + } + m, err := makeNameToApiMap(content) + if err != nil { + return nil, err + } + otherTc, err := makeConfigFromApiMap(m) + if err != nil { + return nil, err + } + tc, err = tc.Merge(otherTc) + if err != nil { + return nil, err + } + } + return tc, nil +} + +func makeNameToApiMap(content []byte) (result nameToApiMap, err error) { + if content[0] == '{' { + err = json.Unmarshal(content, &result) + } else { + err = yaml.Unmarshal(content, &result) + } + return +} + +func makeConfigFromApiMap(m nameToApiMap) (*TransformerConfig, error) { + result := MakeEmptyConfig() + for name, api := range m { + if !looksLikeAk8sType(api.Schema.SchemaProps.Properties) { + continue + } + tc := MakeEmptyConfig() + err := loadCrdIntoConfig( + tc, makeGvkFromTypeName(name), m, name, []string{}) + if err != nil { + return result, err + } + result, err = result.Merge(tc) + if err != nil { + return result, err + } + } + return result, nil +} + +// TODO: Get Group and Version for CRD from the +// openAPI definition once +// "x-kubernetes-group-version-kind" is available in CRD +func makeGvkFromTypeName(n string) gvk.Gvk { + names := strings.Split(n, ".") + kind := names[len(names)-1] + return gvk.Gvk{Kind: kind} +} + +func looksLikeAk8sType(properties myProperties) bool { + _, ok := properties["kind"] + if !ok { + return false + } + _, ok = properties["apiVersion"] + if !ok { + return false + } + _, ok = properties["metadata"] + if !ok { + return false + } + return true +} + +const ( + // "x-kubernetes-annotation": "" + xAnnotation = "x-kubernetes-annotation" + + // "x-kubernetes-label-selector": "" + xLabelSelector = "x-kubernetes-label-selector" + + // "x-kubernetes-identity": "" + xIdentity = "x-kubernetes-identity" + + // "x-kubernetes-object-ref-api-version": + xVersion = "x-kubernetes-object-ref-api-version" + + // "x-kubernetes-object-ref-kind": + xKind = "x-kubernetes-object-ref-kind" + + // "x-kubernetes-object-ref-name-key": "name" + // default is "name" + xNameKey = "x-kubernetes-object-ref-name-key" +) + +// loadCrdIntoConfig loads a CRD spec into a TransformerConfig +func loadCrdIntoConfig( + theConfig *TransformerConfig, theGvk gvk.Gvk, theMap nameToApiMap, + typeName string, path []string) (err error) { + api, ok := theMap[typeName] + if !ok { + return nil + } + for propName, property := range api.Schema.SchemaProps.Properties { + _, annotate := property.Extensions.GetString(xAnnotation) + if annotate { + err = theConfig.AddAnnotationFieldSpec( + makeFs(theGvk, append(path, propName))) + if err != nil { + return + } + } + _, label := property.Extensions.GetString(xLabelSelector) + if label { + err = theConfig.AddLabelFieldSpec( + makeFs(theGvk, append(path, propName))) + if err != nil { + return + } + } + _, identity := property.Extensions.GetString(xIdentity) + if identity { + err = theConfig.AddPrefixFieldSpec( + makeFs(theGvk, append(path, propName))) + if err != nil { + return + } + } + version, ok := property.Extensions.GetString(xVersion) + if ok { + kind, ok := property.Extensions.GetString(xKind) + if ok { + nameKey, ok := property.Extensions.GetString(xNameKey) + if !ok { + nameKey = "name" + } + err = theConfig.AddNamereferenceFieldSpec( + NameBackReferences{ + Gvk: gvk.Gvk{Kind: kind, Version: version}, + FieldSpecs: []FieldSpec{ + makeFs(theGvk, append(path, propName, nameKey))}, + }) + if err != nil { + return + } + } + } + if property.Ref.GetURL() != nil { + loadCrdIntoConfig( + theConfig, theGvk, theMap, + property.Ref.String(), append(path, propName)) + } + } + return nil +} + +func makeFs(in gvk.Gvk, path []string) FieldSpec { + return FieldSpec{ + CreateIfNotPresent: false, + Gvk: in, + Path: strings.Join(path, "/"), + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/fieldspec.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/fieldspec.go new file mode 100644 index 00000000000..5b0f6ee33a0 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/fieldspec.go @@ -0,0 +1,139 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +import ( + "fmt" + "strings" + + "sigs.k8s.io/kustomize/pkg/gvk" +) + +// FieldSpec completely specifies a kustomizable field in +// an unstructured representation of a k8s API object. +// It helps define the operands of transformations. +// +// For example, a directive to add a common label to objects +// will need to know that a 'Deployment' object (in API group +// 'apps', any version) can have labels at field path +// 'spec/template/metadata/labels', and further that it is OK +// (or not OK) to add that field path to the object if the +// field path doesn't exist already. +// +// This would look like +// { +// group: apps +// kind: Deployment +// path: spec/template/metadata/labels +// create: true +// } +type FieldSpec struct { + gvk.Gvk `json:",inline,omitempty" yaml:",inline,omitempty"` + Path string `json:"path,omitempty" yaml:"path,omitempty"` + CreateIfNotPresent bool `json:"create,omitempty" yaml:"create,omitempty"` +} + +const ( + escapedForwardSlash = "\\/" + tempSlashReplacement = "???" +) + +func (fs FieldSpec) String() string { + return fmt.Sprintf( + "%s:%v:%s", fs.Gvk.String(), fs.CreateIfNotPresent, fs.Path) +} + +// If true, the primary key is the same, but other fields might not be. +func (fs FieldSpec) effectivelyEquals(other FieldSpec) bool { + return fs.IsSelected(&other.Gvk) && fs.Path == other.Path +} + +// PathSlice converts the path string to a slice of strings, +// separated by a '/'. Forward slash can be contained in a +// fieldname. such as ingress.kubernetes.io/auth-secret in +// Ingress annotations. To deal with this special case, the +// path to this field should be formatted as +// +// metadata/annotations/ingress.kubernetes.io\/auth-secret +// +// Then PathSlice will return +// +// []string{ +// "metadata", +// "annotations", +// "ingress.auth-secretkubernetes.io/auth-secret" +// } +func (fs FieldSpec) PathSlice() []string { + if !strings.Contains(fs.Path, escapedForwardSlash) { + return strings.Split(fs.Path, "/") + } + s := strings.Replace(fs.Path, escapedForwardSlash, tempSlashReplacement, -1) + paths := strings.Split(s, "/") + var result []string + for _, path := range paths { + result = append(result, strings.Replace(path, tempSlashReplacement, "/", -1)) + } + return result +} + +type fsSlice []FieldSpec + +func (s fsSlice) Len() int { return len(s) } +func (s fsSlice) Swap(i, j int) { s[i], s[j] = s[j], s[i] } +func (s fsSlice) Less(i, j int) bool { + return s[i].Gvk.IsLessThan(s[j].Gvk) +} + +// mergeAll merges the argument into this, returning the result. +// Items already present are ignored. +// Items that conflict (primary key matches, but remain data differs) +// result in an error. +func (s fsSlice) mergeAll(incoming fsSlice) (result fsSlice, err error) { + result = s + for _, x := range incoming { + result, err = result.mergeOne(x) + if err != nil { + return nil, err + } + } + return result, nil +} + +// mergeOne merges the argument into this, returning the result. +// If the item's primary key is already present, and there are no +// conflicts, it is ignored (we don't want duplicates). +// If there is a conflict, the merge fails. +func (s fsSlice) mergeOne(x FieldSpec) (fsSlice, error) { + i := s.index(x) + if i > -1 { + // It's already there. + if s[i].CreateIfNotPresent != x.CreateIfNotPresent { + return nil, fmt.Errorf("conflicting fieldspecs") + } + return s, nil + } + return append(s, x), nil +} + +func (s fsSlice) index(fs FieldSpec) int { + for i, x := range s { + if x.effectivelyEquals(fs) { + return i + } + } + return -1 +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/namebackreferences.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/namebackreferences.go new file mode 100644 index 00000000000..172e4b3ca53 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/namebackreferences.go @@ -0,0 +1,105 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +import ( + "strings" + + "sigs.k8s.io/kustomize/pkg/gvk" +) + +// NameBackReferences is an association between a gvk.GVK and a list +// of FieldSpec instances that could refer to it. +// +// It is used to handle name changes, and can be thought of as a +// a contact list. If you change your own contact info (name, +// phone number, etc.), you must tell your contacts or they won't +// know about the change. +// +// For example, ConfigMaps can be used by Pods and everything that +// contains a Pod; Deployment, Job, StatefulSet, etc. To change +// the name of a ConfigMap instance from 'alice' to 'bob', one +// must visit all objects that could refer to the ConfigMap, see if +// they mention 'alice', and if so, change the reference to 'bob'. +// +// The NameBackReferences instance to aid in this could look like +// { +// kind: ConfigMap +// version: v1 +// FieldSpecs: +// - kind: Pod +// version: v1 +// path: spec/volumes/configMap/name +// - kind: Deployment +// path: spec/template/spec/volumes/configMap/name +// - kind: Job +// path: spec/template/spec/volumes/configMap/name +// (etc.) +// } +type NameBackReferences struct { + gvk.Gvk `json:",inline,omitempty" yaml:",inline,omitempty"` + FieldSpecs fsSlice `json:"FieldSpecs,omitempty" yaml:"FieldSpecs,omitempty"` +} + +func (n NameBackReferences) String() string { + var r []string + for _, f := range n.FieldSpecs { + r = append(r, f.String()) + } + return n.Gvk.String() + ": (\n" + + strings.Join(r, "\n") + "\n)" +} + +type nbrSlice []NameBackReferences + +func (s nbrSlice) Len() int { return len(s) } +func (s nbrSlice) Swap(i, j int) { s[i], s[j] = s[j], s[i] } +func (s nbrSlice) Less(i, j int) bool { + return s[i].Gvk.IsLessThan(s[j].Gvk) +} + +func (s nbrSlice) mergeAll(o nbrSlice) (result nbrSlice, err error) { + result = s + for _, r := range o { + result, err = result.mergeOne(r) + if err != nil { + return nil, err + } + } + return result, nil +} + +func (s nbrSlice) mergeOne(other NameBackReferences) (nbrSlice, error) { + var result nbrSlice + var err error + found := false + for _, c := range s { + if c.Gvk.Equals(other.Gvk) { + c.FieldSpecs, err = c.FieldSpecs.mergeAll(other.FieldSpecs) + if err != nil { + return nil, err + } + found = true + } + result = append(result, c) + } + + if !found { + result = append(result, other) + } + return result, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/transformerconfig.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/transformerconfig.go new file mode 100644 index 00000000000..556f0b814c5 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/config/transformerconfig.go @@ -0,0 +1,134 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package config provides the functions to load default or user provided configurations +// for different transformers +package config + +import ( + "log" + "sort" + + "sigs.k8s.io/kustomize/pkg/transformers/config/defaultconfig" +) + +// TransformerConfig holds the data needed to perform transformations. +type TransformerConfig struct { + NamePrefix fsSlice `json:"namePrefix,omitempty" yaml:"namePrefix,omitempty"` + NameSuffix fsSlice `json:"nameSuffix,omitempty" yaml:"nameSuffix,omitempty"` + NameSpace fsSlice `json:"namespace,omitempty" yaml:"namespace,omitempty"` + CommonLabels fsSlice `json:"commonLabels,omitempty" yaml:"commonLabels,omitempty"` + CommonAnnotations fsSlice `json:"commonAnnotations,omitempty" yaml:"commonAnnotations,omitempty"` + NameReference nbrSlice `json:"nameReference,omitempty" yaml:"nameReference,omitempty"` + VarReference fsSlice `json:"varReference,omitempty" yaml:"varReference,omitempty"` +} + +// MakeEmptyConfig returns an empty TransformerConfig object +func MakeEmptyConfig() *TransformerConfig { + return &TransformerConfig{} +} + +// MakeDefaultConfig returns a default TransformerConfig. +func MakeDefaultConfig() *TransformerConfig { + c, err := makeTransformerConfigFromBytes( + defaultconfig.GetDefaultFieldSpecs()) + if err != nil { + log.Fatalf("Unable to make default transformconfig: %v", err) + } + return c +} + +// sortFields provides determinism in logging, tests, etc. +func (t *TransformerConfig) sortFields() { + sort.Sort(t.NamePrefix) + sort.Sort(t.NameSpace) + sort.Sort(t.CommonLabels) + sort.Sort(t.CommonAnnotations) + sort.Sort(t.NameReference) + sort.Sort(t.VarReference) +} + +// AddPrefixFieldSpec adds a FieldSpec to NamePrefix +func (t *TransformerConfig) AddPrefixFieldSpec(fs FieldSpec) (err error) { + t.NamePrefix, err = t.NamePrefix.mergeOne(fs) + return err +} + +// AddSuffixFieldSpec adds a FieldSpec to NameSuffix +func (t *TransformerConfig) AddSuffixFieldSpec(fs FieldSpec) (err error) { + t.NameSuffix, err = t.NameSuffix.mergeOne(fs) + return err +} + +// AddLabelFieldSpec adds a FieldSpec to CommonLabels +func (t *TransformerConfig) AddLabelFieldSpec(fs FieldSpec) (err error) { + t.CommonLabels, err = t.CommonLabels.mergeOne(fs) + return err +} + +// AddAnnotationFieldSpec adds a FieldSpec to CommonAnnotations +func (t *TransformerConfig) AddAnnotationFieldSpec(fs FieldSpec) (err error) { + t.CommonAnnotations, err = t.CommonAnnotations.mergeOne(fs) + return err +} + +// AddNamereferenceFieldSpec adds a NameBackReferences to NameReference +func (t *TransformerConfig) AddNamereferenceFieldSpec( + nbrs NameBackReferences) (err error) { + t.NameReference, err = t.NameReference.mergeOne(nbrs) + return err +} + +// Merge merges two TransformerConfigs objects into +// a new TransformerConfig object +func (t *TransformerConfig) Merge(input *TransformerConfig) ( + merged *TransformerConfig, err error) { + if input == nil { + return t, nil + } + merged = &TransformerConfig{} + merged.NamePrefix, err = t.NamePrefix.mergeAll(input.NamePrefix) + if err != nil { + return nil, err + } + merged.NameSuffix, err = t.NameSuffix.mergeAll(input.NameSuffix) + if err != nil { + return nil, err + } + merged.NameSpace, err = t.NameSpace.mergeAll(input.NameSpace) + if err != nil { + return nil, err + } + merged.CommonAnnotations, err = t.CommonAnnotations.mergeAll( + input.CommonAnnotations) + if err != nil { + return nil, err + } + merged.CommonLabels, err = t.CommonLabels.mergeAll(input.CommonLabels) + if err != nil { + return nil, err + } + merged.VarReference, err = t.VarReference.mergeAll(input.VarReference) + if err != nil { + return nil, err + } + merged.NameReference, err = t.NameReference.mergeAll(input.NameReference) + if err != nil { + return nil, err + } + merged.sortFields() + return merged, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/image.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/image.go new file mode 100644 index 00000000000..f6f999d1ef5 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/image.go @@ -0,0 +1,155 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import ( + "regexp" + "strings" + + "sigs.k8s.io/kustomize/pkg/image" + "sigs.k8s.io/kustomize/pkg/resmap" +) + +// imageTransformer replace image names and tags +type imageTransformer struct { + images []image.Image +} + +var _ Transformer = &imageTransformer{} + +// NewImageTransformer constructs an imageTransformer. +func NewImageTransformer(slice []image.Image) (Transformer, error) { + return &imageTransformer{slice}, nil +} + +// Transform finds the matching images and replaces name, tag and/or digest +func (pt *imageTransformer) Transform(resources resmap.ResMap) error { + if len(pt.images) == 0 { + return nil + } + for _, res := range resources { + err := pt.findAndReplaceImage(res.Map()) + if err != nil { + return err + } + } + return nil +} + +/* + findAndReplaceImage replaces the image name and tags inside one object + It searches the object for container session + then loops though all images inside containers session, + finds matched ones and update the image name and tag name +*/ +func (pt *imageTransformer) findAndReplaceImage(obj map[string]interface{}) error { + paths := []string{"containers", "initContainers"} + found := false + for _, path := range paths { + _, found = obj[path] + if found { + err := pt.updateContainers(obj, path) + if err != nil { + return err + } + } + } + if !found { + return pt.findContainers(obj) + } + return nil +} + +func (pt *imageTransformer) updateContainers(obj map[string]interface{}, path string) error { + containers := obj[path].([]interface{}) + for i := range containers { + container := containers[i].(map[string]interface{}) + containerImage, found := container["image"] + if !found { + continue + } + + imageName := containerImage.(string) + for _, img := range pt.images { + if isImageMatched(imageName, img.Name) { + name, tag := split(imageName) + if img.NewName != "" { + name = img.NewName + } + if img.NewTag != "" { + tag = ":" + img.NewTag + } + if img.Digest != "" { + tag = "@" + img.Digest + } + container["image"] = name + tag + break + } + } + } + return nil +} + +func (pt *imageTransformer) findContainers(obj map[string]interface{}) error { + for key := range obj { + switch typedV := obj[key].(type) { + case map[string]interface{}: + err := pt.findAndReplaceImage(typedV) + if err != nil { + return err + } + case []interface{}: + for i := range typedV { + item := typedV[i] + typedItem, ok := item.(map[string]interface{}) + if ok { + err := pt.findAndReplaceImage(typedItem) + if err != nil { + return err + } + } + } + } + } + return nil +} + +func isImageMatched(s, t string) bool { + // Tag values are limited to [a-zA-Z0-9_.-]. + pattern, _ := regexp.Compile("^" + t + "(:[a-zA-Z0-9_.-]*)?$") + return pattern.MatchString(s) +} + +// split separates and returns the name and tag parts +// from the image string using either colon `:` or at `@` separators. +// Note that the returned tag keeps its separator. +func split(imageName string) (name string, tag string) { + ic := strings.LastIndex(imageName, ":") + ia := strings.LastIndex(imageName, "@") + if ic < 0 && ia < 0 { + return imageName, "" + } + + i := ic + if ic < 0 { + i = ia + } + + name = imageName[:i] + tag = imageName[i:] + return +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/labelsandannotations.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/labelsandannotations.go new file mode 100644 index 00000000000..836abcaa488 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/labelsandannotations.go @@ -0,0 +1,86 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import ( + "errors" + "fmt" + + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers/config" +) + +// mapTransformer applies a string->string map to fieldSpecs. +type mapTransformer struct { + m map[string]string + fieldSpecs []config.FieldSpec +} + +var _ Transformer = &mapTransformer{} + +// NewLabelsMapTransformer constructs a mapTransformer. +func NewLabelsMapTransformer( + m map[string]string, fs []config.FieldSpec) (Transformer, error) { + return NewMapTransformer(fs, m) +} + +// NewAnnotationsMapTransformer construct a mapTransformer. +func NewAnnotationsMapTransformer( + m map[string]string, fs []config.FieldSpec) (Transformer, error) { + return NewMapTransformer(fs, m) +} + +// NewMapTransformer construct a mapTransformer. +func NewMapTransformer( + pc []config.FieldSpec, m map[string]string) (Transformer, error) { + if m == nil { + return NewNoOpTransformer(), nil + } + if pc == nil { + return nil, errors.New("fieldSpecs is not expected to be nil") + } + return &mapTransformer{fieldSpecs: pc, m: m}, nil +} + +// Transform apply each pair in the mapTransformer to the +// fields specified in mapTransformer. +func (o *mapTransformer) Transform(m resmap.ResMap) error { + for id := range m { + objMap := m[id].Map() + for _, path := range o.fieldSpecs { + if !id.Gvk().IsSelected(&path.Gvk) { + continue + } + err := mutateField(objMap, path.PathSlice(), path.CreateIfNotPresent, o.addMap) + if err != nil { + return err + } + } + } + return nil +} + +func (o *mapTransformer) addMap(in interface{}) (interface{}, error) { + m, ok := in.(map[string]interface{}) + if !ok { + return nil, fmt.Errorf("%#v is expected to be %T", in, m) + } + for k, v := range o.m { + m[k] = v + } + return m, nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/multitransformer.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/multitransformer.go new file mode 100644 index 00000000000..d5921d1a92e --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/multitransformer.go @@ -0,0 +1,95 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import ( + "fmt" + "sigs.k8s.io/kustomize/pkg/resource" + + "sigs.k8s.io/kustomize/pkg/resmap" +) + +// multiTransformer contains a list of transformers. +type multiTransformer struct { + transformers []Transformer + checkConflictEnabled bool + rf *resource.Factory +} + +var _ Transformer = &multiTransformer{} + +// NewMultiTransformer constructs a multiTransformer. +func NewMultiTransformer(t []Transformer) Transformer { + r := &multiTransformer{ + transformers: make([]Transformer, len(t)), + checkConflictEnabled: false} + copy(r.transformers, t) + return r +} + +// NewMultiTransformerWithConflictCheck constructs a multiTransformer with checking of conflicts. +func NewMultiTransformerWithConflictCheck(t []Transformer) Transformer { + r := &multiTransformer{ + transformers: make([]Transformer, len(t)), + checkConflictEnabled: true} + copy(r.transformers, t) + return r +} + +// Transform prepends the name prefix. +func (o *multiTransformer) Transform(m resmap.ResMap) error { + if o.checkConflictEnabled { + return o.transformWithCheckConflict(m) + } + return o.transform(m) +} +func (o *multiTransformer) transform(m resmap.ResMap) error { + for _, t := range o.transformers { + err := t.Transform(m) + if err != nil { + return err + } + } + return nil +} + +// Of the len(o.transformers)! possible transformer orderings, compare to a reversed order. +// A spot check to perform when the transformations are supposed to be commutative. +// Fail if there's a difference in the result. +func (o *multiTransformer) transformWithCheckConflict(m resmap.ResMap) error { + mcopy := m.DeepCopy(o.rf) + err := o.transform(m) + if err != nil { + return err + } + o.reverseTransformers() + err = o.transform(mcopy) + if err != nil { + return err + } + err = m.ErrorIfNotEqual(mcopy) + if err != nil { + return fmt.Errorf("found conflict between different patches\n%v", err) + } + return nil +} + +func (o *multiTransformer) reverseTransformers() { + for i, j := 0, len(o.transformers)-1; i < j; i, j = i+1, j-1 { + o.transformers[i], o.transformers[j] = o.transformers[j], o.transformers[i] + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/mutatefield.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/mutatefield.go new file mode 100644 index 00000000000..eddfeee20bc --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/mutatefield.go @@ -0,0 +1,81 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import ( + "fmt" + "log" + "strings" +) + +type mutateFunc func(interface{}) (interface{}, error) + +func mutateField( + m map[string]interface{}, + pathToField []string, + createIfNotPresent bool, + fns ...mutateFunc) error { + if len(pathToField) == 0 { + return nil + } + + _, found := m[pathToField[0]] + if !found { + if !createIfNotPresent { + return nil + } + m[pathToField[0]] = map[string]interface{}{} + } + + if len(pathToField) == 1 { + var err error + for _, fn := range fns { + m[pathToField[0]], err = fn(m[pathToField[0]]) + if err != nil { + return err + } + } + return nil + } + + v := m[pathToField[0]] + newPathToField := pathToField[1:] + switch typedV := v.(type) { + case nil: + log.Printf( + "nil value at `%s` ignored in mutation attempt", + strings.Join(pathToField, ".")) + return nil + case map[string]interface{}: + return mutateField(typedV, newPathToField, createIfNotPresent, fns...) + case []interface{}: + for i := range typedV { + item := typedV[i] + typedItem, ok := item.(map[string]interface{}) + if !ok { + return fmt.Errorf("%#v is expected to be %T", item, typedItem) + } + err := mutateField(typedItem, newPathToField, createIfNotPresent, fns...) + if err != nil { + return err + } + } + return nil + default: + return fmt.Errorf("%#v is not expected to be a primitive type", typedV) + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/namereference.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/namereference.go new file mode 100644 index 00000000000..899813776a5 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/namereference.go @@ -0,0 +1,144 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import ( + "fmt" + "log" + + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers/config" +) + +type nameReferenceTransformer struct { + backRefs []config.NameBackReferences +} + +var _ Transformer = &nameReferenceTransformer{} + +// NewNameReferenceTransformer constructs a nameReferenceTransformer +// with a given slice of NameBackReferences. +func NewNameReferenceTransformer(br []config.NameBackReferences) Transformer { + if br == nil { + log.Fatal("backrefs not expected to be nil") + } + return &nameReferenceTransformer{backRefs: br} +} + +// Transform updates name references in resource A that refer to resource B, +// given that B's name may have changed. +// +// For example, a HorizontalPodAutoscaler (HPA) necessarily refers to a +// Deployment (the thing that the HPA scales). The Deployment name might change +// (e.g. prefix added), and the reference in the HPA has to be fixed. +// +// In the outer loop below, we encounter an HPA. In scanning backrefs, we +// find that HPA refers to a Deployment. So we find all resources in the same +// namespace as the HPA (and with the same prefix and suffix), and look through +// them to find all the Deployments with a resId that has a Name matching the +// field in HPA. For each match, we overwrite the HPA name field with the value +// found in the Deployment's name field (the name in the raw object - the +// modified name - not the unmodified name in the resId). +// +// This assumes that the name stored in a ResId (the ResMap key) isn't modified +// by name transformers. Name transformers should only modify the name in the +// body of the resource object (the value in the ResMap). +func (o *nameReferenceTransformer) Transform(m resmap.ResMap) error { + // TODO: Too much looping. + // Even more hidden loops in FilterBy, + // updateNameReference and FindByGVKN. + for id := range m { + for _, backRef := range o.backRefs { + for _, fSpec := range backRef.FieldSpecs { + if id.Gvk().IsSelected(&fSpec.Gvk) { + err := mutateField( + m[id].Map(), fSpec.PathSlice(), + fSpec.CreateIfNotPresent, + o.updateNameReference( + backRef.Gvk, m.FilterBy(id))) + if err != nil { + return err + } + } + } + } + } + return nil +} + +func (o *nameReferenceTransformer) updateNameReference( + backRef gvk.Gvk, m resmap.ResMap) func(in interface{}) (interface{}, error) { + return func(in interface{}) (interface{}, error) { + switch in.(type) { + case string: + s, _ := in.(string) + for id, res := range m { + if id.Gvk().IsSelected(&backRef) && id.Name() == s { + matchedIds := m.FindByGVKN(id) + // If there's more than one match, there's no way + // to know which one to pick, so emit error. + if len(matchedIds) > 1 { + return nil, fmt.Errorf( + "Multiple matches for name %s:\n %v", id, matchedIds) + } + // Return transformed name of the object, + // complete with prefixes, hashes, etc. + return res.GetName(), nil + } + } + return in, nil + case []interface{}: + l, _ := in.([]interface{}) + var names []string + for _, item := range l { + name, ok := item.(string) + if !ok { + return nil, fmt.Errorf("%#v is expected to be %T", item, name) + } + names = append(names, name) + } + for id, res := range m { + indexes := indexOf(id.Name(), names) + if id.Gvk().IsSelected(&backRef) && len(indexes) > 0 { + matchedIds := m.FindByGVKN(id) + if len(matchedIds) > 1 { + return nil, fmt.Errorf( + "Multiple matches for name %s:\n %v", id, matchedIds) + } + for _, index := range indexes { + l[index] = res.GetName() + } + return l, nil + } + } + return in, nil + default: + return nil, fmt.Errorf("%#v is expected to be either a string or a []interface{}", in) + } + } +} + +func indexOf(s string, slice []string) []int { + var index []int + for i, item := range slice { + if item == s { + index = append(index, i) + } + } + return index +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/namespace.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/namespace.go new file mode 100644 index 00000000000..5f0c0648207 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/namespace.go @@ -0,0 +1,121 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import ( + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers/config" +) + +type namespaceTransformer struct { + namespace string + fieldSpecsToUse []config.FieldSpec + fieldSpecsToSkip []config.FieldSpec +} + +var _ Transformer = &namespaceTransformer{} + +// NewNamespaceTransformer construct a namespaceTransformer. +func NewNamespaceTransformer(ns string, cf []config.FieldSpec) Transformer { + if len(ns) == 0 { + return NewNoOpTransformer() + } + var skip []config.FieldSpec + for _, g := range gvk.ClusterLevelGvks() { + skip = append(skip, config.FieldSpec{Gvk: g}) + } + return &namespaceTransformer{ + namespace: ns, + fieldSpecsToUse: cf, + fieldSpecsToSkip: skip, + } +} + +// Transform adds the namespace. +func (o *namespaceTransformer) Transform(m resmap.ResMap) error { + mf := resmap.ResMap{} + + for id := range m { + found := false + for _, path := range o.fieldSpecsToSkip { + if id.Gvk().IsSelected(&path.Gvk) { + found = true + break + } + } + if !found { + mf[id] = m[id] + delete(m, id) + } + } + + for id := range mf { + objMap := mf[id].Map() + for _, path := range o.fieldSpecsToUse { + if !id.Gvk().IsSelected(&path.Gvk) { + continue + } + + err := mutateField(objMap, path.PathSlice(), path.CreateIfNotPresent, func(_ interface{}) (interface{}, error) { + return o.namespace, nil + }) + if err != nil { + return err + } + newid := id.CopyWithNewNamespace(o.namespace) + m[newid] = mf[id] + } + + } + o.updateClusterRoleBinding(m) + return nil +} + +func (o *namespaceTransformer) updateClusterRoleBinding(m resmap.ResMap) { + saMap := map[string]bool{} + for id := range m { + if id.Gvk().Equals(gvk.Gvk{Version: "v1", Kind: "ServiceAccount"}) { + saMap[id.Name()] = true + } + } + + for id := range m { + if id.Gvk().Kind != "ClusterRoleBinding" && id.Gvk().Kind != "RoleBinding" { + continue + } + objMap := m[id].Map() + subjects := objMap["subjects"].([]interface{}) + for i := range subjects { + subject := subjects[i].(map[string]interface{}) + kind, foundk := subject["kind"] + name, foundn := subject["name"] + if !foundk || !foundn || kind.(string) != "ServiceAccount" { + continue + } + // a ServiceAccount named “default” exists in every active namespace + if name.(string) == "default" || saMap[name.(string)] { + subject := subjects[i].(map[string]interface{}) + mutateField(subject, []string{"namespace"}, true, func(_ interface{}) (interface{}, error) { + return o.namespace, nil + }) + subjects[i] = subject + } + } + objMap["subjects"] = subjects + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/nooptransformer.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/nooptransformer.go new file mode 100644 index 00000000000..c07389b31d5 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/nooptransformer.go @@ -0,0 +1,34 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import "sigs.k8s.io/kustomize/pkg/resmap" + +// noOpTransformer contains a no-op transformer. +type noOpTransformer struct{} + +var _ Transformer = &noOpTransformer{} + +// NewNoOpTransformer constructs a noOpTransformer. +func NewNoOpTransformer() Transformer { + return &noOpTransformer{} +} + +// Transform does nothing. +func (o *noOpTransformer) Transform(_ resmap.ResMap) error { + return nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/prefixsuffixname.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/prefixsuffixname.go new file mode 100644 index 00000000000..c4ca85f53aa --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/prefixsuffixname.go @@ -0,0 +1,109 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package transformers + +import ( + "errors" + "fmt" + + "sigs.k8s.io/kustomize/pkg/gvk" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers/config" +) + +// namePrefixSuffixTransformer contains the prefix, suffix, and the FieldSpecs +// for each field needing a name prefix and suffix. +type namePrefixSuffixTransformer struct { + prefix string + suffix string + fieldSpecsToUse []config.FieldSpec + fieldSpecsToSkip []config.FieldSpec +} + +var _ Transformer = &namePrefixSuffixTransformer{} + +var prefixSuffixFieldSpecsToSkip = []config.FieldSpec{ + { + Gvk: gvk.Gvk{Kind: "CustomResourceDefinition"}, + }, +} + +// NewNamePrefixSuffixTransformer makes a namePrefixSuffixTransformer. +func NewNamePrefixSuffixTransformer( + np, ns string, fieldSpecs []config.FieldSpec) (Transformer, error) { + if len(np) == 0 && len(ns) == 0 { + return NewNoOpTransformer(), nil + } + if fieldSpecs == nil { + return nil, errors.New("fieldSpecs is not expected to be nil") + } + return &namePrefixSuffixTransformer{ + prefix: np, + suffix: ns, + fieldSpecsToUse: fieldSpecs, + fieldSpecsToSkip: prefixSuffixFieldSpecsToSkip}, nil +} + +// Transform prepends the name prefix and appends the name suffix. +func (o *namePrefixSuffixTransformer) Transform(m resmap.ResMap) error { + // Fill map "mf" with entries subject to name modification, and + // delete these entries from "m", so that for now m retains only + // the entries whose names will not be modified. + mf := resmap.ResMap{} + for id := range m { + found := false + for _, path := range o.fieldSpecsToSkip { + if id.Gvk().IsSelected(&path.Gvk) { + found = true + break + } + } + if !found { + mf[id] = m[id] + delete(m, id) + } + } + + for id := range mf { + objMap := mf[id].Map() + for _, path := range o.fieldSpecsToUse { + if !id.Gvk().IsSelected(&path.Gvk) { + continue + } + err := mutateField( + objMap, + path.PathSlice(), + path.CreateIfNotPresent, + o.addPrefixSuffix) + if err != nil { + return err + } + newId := id.CopyWithNewPrefixSuffix(o.prefix, o.suffix) + m[newId] = mf[id] + } + } + return nil +} + +func (o *namePrefixSuffixTransformer) addPrefixSuffix( + in interface{}) (interface{}, error) { + s, ok := in.(string) + if !ok { + return nil, fmt.Errorf("%#v is expected to be %T", in, s) + } + return fmt.Sprintf("%s%s%s", o.prefix, s, o.suffix), nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/refvars.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/refvars.go new file mode 100644 index 00000000000..1d35c9602a3 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/refvars.go @@ -0,0 +1,69 @@ +package transformers + +import ( + "fmt" + + "sigs.k8s.io/kustomize/pkg/expansion" + "sigs.k8s.io/kustomize/pkg/resmap" + "sigs.k8s.io/kustomize/pkg/transformers/config" +) + +type refvarTransformer struct { + fieldSpecs []config.FieldSpec + mappingFunc func(string) string +} + +// NewRefVarTransformer returns a Transformer that replaces $(VAR) style +// variables with values. +// The fieldSpecs are the places to look for occurrences of $(VAR). +func NewRefVarTransformer( + varMap map[string]string, fs []config.FieldSpec) Transformer { + if len(varMap) == 0 { + return NewNoOpTransformer() + } + return &refvarTransformer{ + fieldSpecs: fs, + mappingFunc: expansion.MappingFuncFor(varMap), + } +} + +// replaceVars accepts as 'in' a string, or string array, which can have +// embedded instances of $VAR style variables, e.g. a container command string. +// The function returns the string with the variables expanded to their final +// values. +func (rv *refvarTransformer) replaceVars(in interface{}) (interface{}, error) { + switch vt := in.(type) { + case []interface{}: + var xs []string + for _, a := range in.([]interface{}) { + xs = append(xs, expansion.Expand(a.(string), rv.mappingFunc)) + } + return xs, nil + case interface{}: + s, ok := in.(string) + if !ok { + return nil, fmt.Errorf("%#v is expected to be %T", in, s) + } + return expansion.Expand(s, rv.mappingFunc), nil + case nil: + return nil, nil + default: + return "", fmt.Errorf("invalid type encountered %T", vt) + } +} + +// Transform replaces $(VAR) style variables with values. +func (rv *refvarTransformer) Transform(m resmap.ResMap) error { + for id, res := range m { + for _, fieldSpec := range rv.fieldSpecs { + if id.Gvk().IsSelected(&fieldSpec.Gvk) { + if err := mutateField( + res.Map(), fieldSpec.PathSlice(), + false, rv.replaceVars); err != nil { + return err + } + } + } + } + return nil +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/transformers/transformer.go b/vendor/sigs.k8s.io/kustomize/pkg/transformers/transformer.go new file mode 100644 index 00000000000..dc6f8807c3b --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/transformers/transformer.go @@ -0,0 +1,26 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package transformers has implementations of resmap.ResMap transformers. +package transformers + +import "sigs.k8s.io/kustomize/pkg/resmap" + +// A Transformer modifies an instance of resmap.ResMap. +type Transformer interface { + // Transform modifies data in the argument, e.g. adding labels to resources that can be labelled. + Transform(m resmap.ResMap) error +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/types/BUILD b/vendor/sigs.k8s.io/kustomize/pkg/types/BUILD new file mode 100644 index 00000000000..bff01419e4d --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/types/BUILD @@ -0,0 +1,33 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "genargs.go", + "generationbehavior.go", + "kustomization.go", + "var.go", + ], + importmap = "k8s.io/kubernetes/vendor/sigs.k8s.io/kustomize/pkg/types", + importpath = "sigs.k8s.io/kustomize/pkg/types", + visibility = ["//visibility:public"], + deps = [ + "//vendor/sigs.k8s.io/kustomize/pkg/gvk:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/image:go_default_library", + "//vendor/sigs.k8s.io/kustomize/pkg/patch:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/sigs.k8s.io/kustomize/pkg/types/genargs.go b/vendor/sigs.k8s.io/kustomize/pkg/types/genargs.go new file mode 100644 index 00000000000..a74a48d2222 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/types/genargs.go @@ -0,0 +1,47 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package types + +// GenArgs contains both generator args and options +type GenArgs struct { + args *GeneratorArgs + opts *GeneratorOptions +} + +// NewGenArgs returns a new object of GenArgs +func NewGenArgs(args *GeneratorArgs, opts *GeneratorOptions) *GenArgs { + return &GenArgs{ + args: args, + opts: opts, + } +} + +// NeedHashSuffix returns true if the hash suffix is needed. +// It is needed when the two conditions are both met +// 1) GenArgs is not nil +// 2) DisableNameSuffixHash in GeneratorOptions is not set to true +func (g *GenArgs) NeedsHashSuffix() bool { + return g.args != nil && (g.opts == nil || g.opts.DisableNameSuffixHash == false) +} + +// Behavior returns Behavior field of GeneratorArgs +func (g *GenArgs) Behavior() GenerationBehavior { + if g.args == nil { + return BehaviorUnspecified + } + return NewGenerationBehavior(g.args.Behavior) +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/types/generationbehavior.go b/vendor/sigs.k8s.io/kustomize/pkg/types/generationbehavior.go new file mode 100644 index 00000000000..67ba8a0b568 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/types/generationbehavior.go @@ -0,0 +1,59 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package types + +// GenerationBehavior specifies generation behavior of configmaps, secrets and maybe other resources. +type GenerationBehavior int + +const ( + // BehaviorUnspecified is an Unspecified behavior; typically treated as a Create. + BehaviorUnspecified GenerationBehavior = iota + // BehaviorCreate makes a new resource. + BehaviorCreate + // BehaviorReplace replaces a resource. + BehaviorReplace + // BehaviorMerge attempts to merge a new resource with an existing resource. + BehaviorMerge +) + +// String converts a GenerationBehavior to a string. +func (b GenerationBehavior) String() string { + switch b { + case BehaviorReplace: + return "replace" + case BehaviorMerge: + return "merge" + case BehaviorCreate: + return "create" + default: + return "unspecified" + } +} + +// NewGenerationBehavior converts a string to a GenerationBehavior. +func NewGenerationBehavior(s string) GenerationBehavior { + switch s { + case "replace": + return BehaviorReplace + case "merge": + return BehaviorMerge + case "create": + return BehaviorCreate + default: + return BehaviorUnspecified + } +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/types/kustomization.go b/vendor/sigs.k8s.io/kustomize/pkg/types/kustomization.go new file mode 100644 index 00000000000..12d09820f03 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/types/kustomization.go @@ -0,0 +1,250 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package types holds struct definitions that should find a better home. +package types + +import ( + "regexp" + + "sigs.k8s.io/kustomize/pkg/image" + "sigs.k8s.io/kustomize/pkg/patch" +) + +const ( + KustomizationVersion = "kustomize.config.k8s.io/v1beta1" + KustomizationKind = "Kustomization" +) + +// TypeMeta copies apimachinery/pkg/apis/meta/v1.TypeMeta +type TypeMeta struct { + // Kind copies apimachinery/pkg/apis/meta/v1.Typemeta.Kind + Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"` + + // APIVersion copies apimachinery/pkg/apis/meta/v1.Typemeta.APIVersion + APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=apiVersion"` +} + +// Kustomization holds the information needed to generate customized k8s api resources. +type Kustomization struct { + TypeMeta `json:",inline" yaml:",inline"` + + // + // Operators - what kustomize can do. + // + + // NamePrefix will prefix the names of all resources mentioned in the kustomization + // file including generated configmaps and secrets. + NamePrefix string `json:"namePrefix,omitempty" yaml:"namePrefix,omitempty"` + + // NameSuffix will suffix the names of all resources mentioned in the kustomization + // file including generated configmaps and secrets. + NameSuffix string `json:"nameSuffix,omitempty" yaml:"nameSuffix,omitempty"` + + // Namespace to add to all objects. + Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` + + // CommonLabels to add to all objects and selectors. + CommonLabels map[string]string `json:"commonLabels,omitempty" yaml:"commonLabels,omitempty"` + + // CommonAnnotations to add to all objects. + CommonAnnotations map[string]string `json:"commonAnnotations,omitempty" yaml:"commonAnnotations,omitempty"` + + // PatchesStrategicMerge specifies the relative path to a file + // containing a strategic merge patch. Format documented at + // https://github.com/kubernetes/community/blob/master/contributors/devel/strategic-merge-patch.md + // URLs and globs are not supported. + PatchesStrategicMerge []patch.StrategicMerge `json:"patchesStrategicMerge,omitempty" yaml:"patchesStrategicMerge,omitempty"` + + // JSONPatches is a list of JSONPatch for applying JSON patch. + // Format documented at https://tools.ietf.org/html/rfc6902 + // and http://jsonpatch.com + PatchesJson6902 []patch.Json6902 `json:"patchesJson6902,omitempty" yaml:"patchesJson6902,omitempty"` + + // Images is a list of (image name, new name, new tag or digest) + // for changing image names, tags or digests. This can also be achieved with a + // patch, but this operator is simpler to specify. + Images []image.Image `json:"images,omitempty" yaml:"images,omitempty"` + + // Vars allow things modified by kustomize to be injected into a + // container specification. A var is a name (e.g. FOO) associated + // with a field in a specific resource instance. The field must + // contain a value of type string, and defaults to the name field + // of the instance. Any appearance of "$(FOO)" in the container + // spec will be replaced at kustomize build time, after the final + // value of the specified field has been determined. + Vars []Var `json:"vars,omitempty" yaml:"vars,omitempty"` + + // + // Operands - what kustomize operates on. + // + + // Resources specifies relative paths to files holding YAML representations + // of kubernetes API objects. URLs and globs not supported. + Resources []string `json:"resources,omitempty" yaml:"resources,omitempty"` + + // Crds specifies relative paths to Custom Resource Definition files. + // This allows custom resources to be recognized as operands, making + // it possible to add them to the Resources list. + // CRDs themselves are not modified. + Crds []string `json:"crds,omitempty" yaml:"crds,omitempty"` + + // Bases are relative paths or github repository URLs specifying a + // directory containing a kustomization.yaml file. + // URL format: https://github.com/hashicorp/go-getter#url-format + Bases []string `json:"bases,omitempty" yaml:"bases,omitempty"` + + // + // Generators (operators that create operands) + // + + // ConfigMapGenerator is a list of configmaps to generate from + // local data (one configMap per list item). + // The resulting resource is a normal operand, subject to + // name prefixing, patching, etc. By default, the name of + // the map will have a suffix hash generated from its contents. + ConfigMapGenerator []ConfigMapArgs `json:"configMapGenerator,omitempty" yaml:"configMapGenerator,omitempty"` + + // SecretGenerator is a list of secrets to generate from + // local data (one secret per list item). + // The resulting resource is a normal operand, subject to + // name prefixing, patching, etc. By default, the name of + // the map will have a suffix hash generated from its contents. + SecretGenerator []SecretArgs `json:"secretGenerator,omitempty" yaml:"secretGenerator,omitempty"` + + // GeneratorOptions modify behavior of all ConfigMap and Secret generators. + GeneratorOptions *GeneratorOptions `json:"generatorOptions,omitempty" yaml:"generatorOptions,omitempty"` + + // Configurations is a list of transformer configuration files + Configurations []string `json:"configurations,omitempty" yaml:"configurations,omitempty"` +} + +// DealWithMissingFields fills the missing fields +func (k *Kustomization) DealWithMissingFields() []string { + var msgs []string + if k.APIVersion == "" { + k.APIVersion = KustomizationVersion + msgs = append(msgs, "Fixed the missing field by adding apiVersion: "+KustomizationVersion) + } + if k.Kind == "" { + k.Kind = KustomizationKind + msgs = append(msgs, "Fixed the missing field by adding kind: "+KustomizationKind) + } + return msgs +} + +func (k *Kustomization) EnforceFields() []string { + var errs []string + if k.APIVersion != "" && k.APIVersion != KustomizationVersion { + errs = append(errs, "apiVersion should be "+KustomizationVersion) + } + if k.Kind != "" && k.Kind != KustomizationKind { + errs = append(errs, "kind should be "+KustomizationKind) + } + return errs +} + +// DealWithDeprecatedFields should be called immediately after +// loading from storage. +func DealWithDeprecatedFields(data []byte) []byte { + deprecateFieldsMap := map[string]string{ + "patches:": "patchesStrategicMerge:", + "imageTags:": "images:", + } + for oldname, newname := range deprecateFieldsMap { + pattern := regexp.MustCompile(oldname) + data = pattern.ReplaceAll(data, []byte(newname)) + } + return data +} + +// GeneratorArgs contains arguments common to generators. +type GeneratorArgs struct { + // Namespace for the configmap, optional + Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` + + // Name - actually the partial name - of the generated resource. + // The full name ends up being something like + // NamePrefix + this.Name + hash(content of generated resource). + Name string `json:"name,omitempty" yaml:"name,omitempty"` + + // Behavior of generated resource, must be one of: + // 'create': create a new one + // 'replace': replace the existing one + // 'merge': merge with the existing one + Behavior string `json:"behavior,omitempty" yaml:"behavior,omitempty"` + + // DataSources for the generator. + DataSources `json:",inline,omitempty" yaml:",inline,omitempty"` +} + +// ConfigMapArgs contains the metadata of how to generate a configmap. +type ConfigMapArgs struct { + // GeneratorArgs for the configmap. + GeneratorArgs `json:",inline,omitempty" yaml:",inline,omitempty"` +} + +// SecretArgs contains the metadata of how to generate a secret. +type SecretArgs struct { + // GeneratorArgs for the secret. + GeneratorArgs `json:",inline,omitempty" yaml:",inline,omitempty"` + + // Type of the secret. + // + // This is the same field as the secret type field in v1/Secret: + // It can be "Opaque" (default), or "kubernetes.io/tls". + // + // If type is "kubernetes.io/tls", then "literals" or "files" must have exactly two + // keys: "tls.key" and "tls.crt" + Type string `json:"type,omitempty" yaml:"type,omitempty"` +} + +// DataSources contains some generic sources for configmaps. +type DataSources struct { + // LiteralSources is a list of literal sources. + // Each literal source should be a key and literal value, + // e.g. `somekey=somevalue` + // It will be similar to kubectl create configmap|secret --from-literal + LiteralSources []string `json:"literals,omitempty" yaml:"literals,omitempty"` + + // FileSources is a list of file sources. + // Each file source can be specified using its file path, in which case file + // basename will be used as configmap key, or optionally with a key and file + // path, in which case the given key will be used. + // Specifying a directory will iterate each named file in the directory + // whose basename is a valid configmap key. + // It will be similar to kubectl create configmap|secret --from-file + FileSources []string `json:"files,omitempty" yaml:"files,omitempty"` + + // EnvSource format should be a path to a file to read lines of key=val + // pairs to create a configmap. + // i.e. a Docker .env file or a .ini file. + EnvSource string `json:"env,omitempty" yaml:"env,omitempty"` +} + +// GeneratorOptions modify behavior of all ConfigMap and Secret generators. +type GeneratorOptions struct { + // Labels to add to all generated resources. + Labels map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"` + + // Annotations to add to all generated resources. + Annotations map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"` + + // DisableNameSuffixHash if true disables the default behavior of adding a + // suffix to the names of generated resources that is a hash of the + // resource contents. + DisableNameSuffixHash bool `json:"disableNameSuffixHash,omitempty" yaml:"disableNameSuffixHash,omitempty"` +} diff --git a/vendor/sigs.k8s.io/kustomize/pkg/types/var.go b/vendor/sigs.k8s.io/kustomize/pkg/types/var.go new file mode 100644 index 00000000000..4be30078b9c --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/pkg/types/var.go @@ -0,0 +1,143 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package types + +import ( + "fmt" + "sort" + "strings" + + "sigs.k8s.io/kustomize/pkg/gvk" +) + +const defaultFieldPath = "metadata.name" + +// Var represents a variable whose value will be sourced +// from a field in a Kubernetes object. +type Var struct { + // Value of identifier name e.g. FOO used in container args, annotations + // Appears in pod template as $(FOO) + Name string `json:"name" yaml:"name"` + + // ObjRef must refer to a Kubernetes resource under the + // purview of this kustomization. ObjRef should use the + // raw name of the object (the name specified in its YAML, + // before addition of a namePrefix and a nameSuffix). + ObjRef Target `json:"objref" yaml:"objref"` + + // FieldRef refers to the field of the object referred to by + // ObjRef whose value will be extracted for use in + // replacing $(FOO). + // If unspecified, this defaults to fieldPath: $defaultFieldPath + FieldRef FieldSelector `json:"fieldref,omitempty" yaml:"fieldref,omitempty"` +} + +// Target refers to a kubernetes object by Group, Version, Kind and Name +// gvk.Gvk contains Group, Version and Kind +// APIVersion is added to keep the backward compatibility of using ObjectReference +// for Var.ObjRef +type Target struct { + APIVersion string `json:"apiVersion,omitempty" yaml:"apiVersion,omitempty"` + gvk.Gvk `json:",inline,omitempty" yaml:",inline,omitempty"` + Name string `json:"name" yaml:"name"` +} + +// FieldSelector contains the fieldPath to an object field. +// This struct is added to keep the backward compatibility of using ObjectFieldSelector +// for Var.FieldRef +type FieldSelector struct { + FieldPath string `json:"fieldPath,omitempty" yaml:"fieldPath,omitempty"` +} + +// defaulting sets reference to field used by default. +func (v *Var) defaulting() { + if v.FieldRef.FieldPath == "" { + v.FieldRef.FieldPath = defaultFieldPath + } +} + +// VarSet is a slice of Vars where no var.Name is repeated. +type VarSet struct { + set []Var +} + +// Set returns the var set. +func (vs *VarSet) Set() []Var { + return vs.set +} + +// MergeSet absorbs other vars with error on name collision. +func (vs *VarSet) MergeSet(incoming *VarSet) error { + return vs.MergeSlice(incoming.set) +} + +// MergeSlice absorbs other vars with error on name collision. +// Empty fields in incoming vars are defaulted. +func (vs *VarSet) MergeSlice(incoming []Var) error { + for _, v := range incoming { + if vs.Contains(v) { + return fmt.Errorf( + "var %s already encountered", v.Name) + } + v.defaulting() + vs.insert(v) + } + return nil +} + +func (vs *VarSet) insert(v Var) { + index := sort.Search( + len(vs.set), + func(i int) bool { return vs.set[i].Name > v.Name }) + // make room + vs.set = append(vs.set, Var{}) + // shift right at index. + // copy will not increase size of destination. + copy(vs.set[index+1:], vs.set[index:]) + vs.set[index] = v +} + +// Contains is true if the set has the other var. +func (vs *VarSet) Contains(other Var) bool { + return vs.Get(other.Name) != nil +} + +// Get returns the var with the given name, else nil. +func (vs *VarSet) Get(name string) *Var { + for _, v := range vs.set { + if v.Name == name { + return &v + } + } + return nil +} + +// GVK returns the Gvk object in Target +func (t *Target) GVK() gvk.Gvk { + if t.APIVersion == "" { + return t.Gvk + } + versions := strings.Split(t.APIVersion, "/") + if len(versions) == 2 { + t.Group = versions[0] + t.Version = versions[1] + } + if len(versions) == 1 { + t.Version = versions[0] + } + return t.Gvk +}